computer slow

View previous topic View next topic Go down

computer slow

Post by shannonmac8 on Sat Mar 06, 2010 5:41 am

there was a virus on my computer. i got it off with malware antibytes, but my computer is acting slow now. Want to make sure I got all of it off. The virus wouldn't let me open up internet explorer, but now I can it just takes longer than usual.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:12:03 AM, on 3/6/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16981)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - S-1-5-18 Startup: IMVU.lnk = C:\Documents and Settings\Janet Duross\Application Data\IMVUClient\IMVUQualityAgent.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: IMVU.lnk = C:\Documents and Settings\Janet Duross\Application Data\IMVUClient\IMVUQualityAgent.exe (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Documents and Settings\Janet Duross\Application Data\IMVUClient\IMVUQualityAgent.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Janet Duross\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - [You must be registered and logged in to see this link.]
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - [You must be registered and logged in to see this link.]
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - [You must be registered and logged in to see this link.]
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

--
End of file - 6710 bytes

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by Dr Jay on Sat Mar 06, 2010 8:27 am

Please visit this webpage for a tutorial on downloading and running ComboFix:

[You must be registered and logged in to see this link.]

See the area: Using ComboFix, and when done, post the log back here.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13716
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302112
# Likes # Likes : 10

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Sat Mar 06, 2010 9:45 pm

ComboFix 10-03-06.01 - Janet Duross 03/06/2010 16:11:52.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.894.509 [GMT -5:00]
Running from: c:\documents and settings\Janet Duross\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2010-02-06 to 2010-03-06 )))))))))))))))))))))))))))))))
.

2010-03-06 06:11 . 2010-03-06 06:11 -------- d-----w- c:\program files\Trend Micro
2010-03-06 06:07 . 2010-03-06 06:07 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-06 06:02 . 2010-03-06 06:02 61440 ----a-w- c:\documents and settings\Janet Duross\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-69e74856-n\decora-sse.dll
2010-03-06 06:02 . 2010-03-06 06:02 503808 ----a-w- c:\documents and settings\Janet Duross\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-55f08ee6-n\msvcp71.dll
2010-03-06 06:02 . 2010-03-06 06:02 499712 ----a-w- c:\documents and settings\Janet Duross\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-55f08ee6-n\jmc.dll
2010-03-06 06:02 . 2010-03-06 06:02 348160 ----a-w- c:\documents and settings\Janet Duross\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-55f08ee6-n\msvcr71.dll
2010-03-06 06:02 . 2010-03-06 06:02 12800 ----a-w- c:\documents and settings\Janet Duross\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-69e74856-n\decora-d3d.dll
2010-03-06 06:02 . 2010-03-06 06:02 -------- d-----w- c:\program files\Java
2010-03-02 18:39 . 2010-03-02 18:39 -------- d-----w- c:\documents and settings\Janet Duross\Local Settings\Application Data\Symantec
2010-03-01 05:18 . 2010-03-06 04:28 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton
2010-03-01 05:18 . 2010-03-06 04:18 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller
2010-02-10 00:32 . 2010-02-10 00:32 -------- d-----w- c:\windows\system32\wbem\Repository
2010-02-09 23:03 . 2010-02-09 23:03 60664 ----a-w- c:\documents and settings\Administrator.MOMMOM\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-09 23:01 . 2010-02-09 23:01 -------- d-----w- c:\documents and settings\Administrator.MOMMOM\Application Data\Malwarebytes
2010-02-09 22:59 . 2010-02-10 00:29 -------- d-s---w- c:\documents and settings\Administrator.MOMMOM
2010-02-09 22:59 . 2010-02-10 00:29 -------- d-----w- c:\documents and settings\Administrator.MOMMOM\Local Settings\Application Data\Microsoft
2010-02-09 22:59 . 2010-02-10 00:29 -------- d-----w- c:\documents and settings\Administrator.MOMMOM\Local Settings\Application Data\ApplicationHistory
2010-02-09 22:59 . 2009-08-21 07:49 -------- d-----w- c:\documents and settings\Administrator.MOMMOM\Local Settings\Application Data\Adobe
2010-02-09 22:55 . 2010-02-10 00:29 -------- d-----w- c:\windows\system32\autorun
2010-02-09 22:42 . 2010-02-10 00:29 -------- dc----w- c:\windows\ie8

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-06 20:57 . 2009-08-21 09:02 -------- d-----w- c:\documents and settings\Janet Duross\Application Data\Symantec
2010-03-06 06:02 . 2008-10-29 01:22 -------- d-----w- c:\program files\Common Files\Java
2010-03-06 06:02 . 2009-08-21 17:27 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-10 00:30 . 2009-09-16 16:45 -------- d-----w- c:\documents and settings\Janet Duross\Application Data\Move Networks
2010-02-09 22:57 . 2008-10-29 01:37 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-05 10:00 . 2007-08-14 02:54 832512 ------w- c:\windows\system32\wininet.dll
2010-01-05 10:00 . 2008-04-14 22:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 10:00 . 2008-04-14 22:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-31 16:50 . 2008-04-14 22:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-18 07:24 . 2008-10-29 01:04 1024 ---h--r- c:\windows\system32\NTIMP3.dll
2009-12-16 18:43 . 2008-04-14 22:00 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:08 . 2008-04-14 22:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-08 19:26 . 2008-04-14 22:00 2145280 ------w- c:\windows\system32\ntoskrnl.exe
2009-12-08 18:43 . 2008-04-14 22:00 2023936 ------w- c:\windows\system32\ntkrnlpa.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-16 16862720]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-25 8491008]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\Client\\Agentsvc.exe"=
"c:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\BackupSvc.exe"=
"c:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\SchedulerSvc.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
"2479:TCP"= 2479:TCP:Services
"5394:TCP"= 5394:TCP:Services
"3389:TCP"= 3389:TCP:Remote Desktop
"9083:TCP"= 9083:TCP:Services

R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [3/3/2008 4:11 PM 16384]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [4/7/2008 1:42 AM 50424]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [4/4/2008 6:03 AM 131072]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - JAVAQUICKSTARTERSERVICE
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
uInternet Connection Wizard,ShellNext = iexplore
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Janet Duross\Start Menu\Programs\IMVU\Run IMVU.lnk
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-03-06 16:16
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, [You must be registered and logged in to see this link.]

device: opened successfully
user: MBR read successfully
called modules: ntkrnlpa.exe catchme.sys CLASSPNP.SYS disk.sys >>UNKNOWN [0x8445F710]<<
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\Disk -> CLASSPNP.SYS @ 0xf74cbf28
\Driver\ACPI -> 0x8445f710
\Driver\atapi -> atapi.sys @ 0xf7316852
IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
\Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8
NDIS: NVIDIA nForce 10/100/1000 Mbps Networking Controller -> SendCompleteHandler -> 0x83da8330
PacketIndicateHandler -> NDIS.sys @ 0xf722fa21
SendHandler -> NDIS.sys @ 0xf720d87b
Warning: possible MBR rootkit infection !
copy of MBR has been found in sector 0x012A18AC1
malicious code @ sector 0x012A18AC4 !
PE file found in sector at 0x012A18ADA !
MBR rootkit infection detected ! Use: "mbr.exe -f" to fix.

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(4024)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
.
Completion time: 2010-03-06 16:20:04
ComboFix-quarantined-files.txt 2010-03-06 21:20
ComboFix2.txt 2010-03-06 21:06

Pre-Run: 56,679,165,952 bytes free
Post-Run: 56,660,242,432 bytes free

- - End Of File - - 2704D250D4F41F81AC8632104F7B5553

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by Dr Jay on Sun Mar 07, 2010 2:45 am

Hello! We need to do some diagnostics.

1. Please download [You must be registered and logged in to see this link.] by noahdfear.
  • Save it to your desktop.
  • Double-click profiles.exe and post its log when you reply


2. Download [You must be registered and logged in to see this link.] by ad13 and save it to your Desktop.
  • Double-click Win32kDiag.exe to run Win32kDiag and let it finish.
  • When it states "Finished! Press any key to exit...", press any key on your keyboard to close the program.
  • Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as a reply to this topic.


3. Please download [You must be registered and logged in to see this link.] by me, and save to your Desktop.
  • Double-click on Cheetah-Anti-Rogue.zip, and extract the file to your Desktop.
  • Double-click on Cheetah-Anti-Rogue.cmd to start.
  • It will finish quickly and launch a log.
  • Post the contents of it in your next reply.


4. In your next reply, please post the following logs for my review:
  • Profiles log (1)
  • Win32kDiag log (2)
  • Cheetah log (3)


Thanks! Smile


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13716
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302112
# Likes # Likes : 10

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Sun Mar 07, 2010 4:32 am

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
DefaultUserProfile REG_SZ Default User
AllUsersProfile REG_SZ All Users

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
ProfileImagePath REG_EXPAND_SZ %systemroot%\system32\config\systemprofile

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\LocalService

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\NetworkService

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-867160560-287344726-2688387772-1005
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\HelpAssistant.MOMMOM

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-867160560-287344726-2688387772-1006
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\Janet Duross

SystemRoot REG_SZ C:\WINDOWS


Running from: C:\Documents and Settings\Janet Duross\Desktop\Win32kDiag.exe

Log file at : C:\Documents and Settings\Janet Duross\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...





Finished!


Cheetah-Anti-Rogue v1.3.23
by DragonMaster Jay

Microsoft Windows XP [Version 5.1.2600]
Date: 03/06/2010 - Time: 23:31:27 - Arch.: x86


-- Malware removal tools check --
Trend Micro HijackThis 2.0.2
Malwarebytes' Anti-Malware


-- Known infection --



Extra message: Detection only.


EOF

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by Dr Jay on Sun Mar 07, 2010 10:24 am

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-867160560-287344726-2688387772-1005
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\HelpAssistant.MOMMOM

You have a pretty bad infection there. Let's destroy it. Big Grin

Please download Stealth MBR Rootkit Detector by GMER from [You must be registered and logged in to see this link.], and save to your Desktop.
  • Double-click mbr.exe to start the program.
  • When done scanning, it will save a log on the Desktop called mbr.log.
  • Please post the contents of that log in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13716
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302112
# Likes # Likes : 10

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Sun Mar 07, 2010 9:18 pm

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, [You must be registered and logged in to see this link.]

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\ACPI -> 0x83e95710
NDIS: NVIDIA nForce 10/100/1000 Mbps Networking Controller -> SendCompleteHandler -> 0x837bd330
Warning: possible MBR rootkit infection !
copy of MBR has been found in sector 0x012A18AC1
malicious code @ sector 0x012A18AC4 !
PE file found in sector at 0x012A18ADA !
MBR rootkit infection detected ! Use: "mbr.exe -f" to fix.

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by Dr Jay on Mon Mar 08, 2010 4:20 am

Please download and save [You must be registered and logged in to see this link.]
[list][*]Double click to run the tool.
[*]When complete, run mbr -f then reboot.
[*]After reboot, provide a fresh log and a new mbr log.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13716
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302112
# Likes # Likes : 10

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Mon Mar 08, 2010 5:48 pm

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, [You must be registered and logged in to see this link.]

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
detected MBR rootkit hooks:
\Driver\ACPI -> 0x837f40a0
NDIS: NVIDIA nForce 10/100/1000 Mbps Networking Controller -> SendCompleteHandler -> 0x837bf330
Warning: possible MBR rootkit infection !
user & kernel MBR OK
copy of MBR has been found in sector 0x012A18AC1
malicious code @ sector 0x012A18AC4 !
PE file found in sector at 0x012A18ADA !
Use "Recovery Console" command "fixmbr" to clear infection !

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by Dr Jay on Mon Mar 08, 2010 8:09 pm

Please reboot your computer, then when the first or second screen pops up, select the Microsoft Windows Recovery Console from the menu.

Once in the Recovery Console, type the following and press enter:

fixmbr

=======

If the computer does not reboot after it finishes the fix, please do so, by typing in exit

====

After you get back to Windows XP, please re-scan with the Stealth MBR Rootkit Detector.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13716
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302112
# Likes # Likes : 10

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Tue Mar 09, 2010 1:52 am

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, [You must be registered and logged in to see this link.]

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
copy of MBR has been found in sector 0x012A18AC1
malicious code @ sector 0x012A18AC4 !
PE file found in sector at 0x012A18ADA !

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by Dr Jay on Tue Mar 09, 2010 3:31 am

Go here, and download SWReg:

[You must be registered and logged in to see this link.]

When installed, go to Start | Run and type the following. You may want to copy/paste, just to make sure:

swreg add HKLM\SYSTEM\CurrentControlSet\Services\TermService\Parameters /v ServiceDLL /t REG_EXPAND_SZ /d %systemroot%\System32\termsrv.dll /f

============

Then, do the HelpAsst fix there again.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13716
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302112
# Likes # Likes : 10

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Tue Mar 09, 2010 4:53 am

it says HelpAssistant account does not exist when i run that but mbr still says this

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, [You must be registered and logged in to see this link.]

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
copy of MBR has been found in sector 0x012A18AC1
malicious code @ sector 0x012A18AC4 !
PE file found in sector at 0x012A18ADA !

heres profile again

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList
DefaultUserProfile REG_SZ Default User
AllUsersProfile REG_SZ All Users

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-18
ProfileImagePath REG_EXPAND_SZ %systemroot%\system32\config\systemprofile

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\LocalService

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\NetworkService

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-867160560-287344726-2688387772-1006
ProfileImagePath REG_EXPAND_SZ %SystemDrive%\Documents and Settings\Janet Duross

SystemRoot REG_SZ C:\WINDOWS

win32 again
Running from: C:\Documents and Settings\Janet Duross\Desktop\Win32kDiag.exe

Log file at : C:\Documents and Settings\Janet Duross\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...





Finished!

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Tue Mar 09, 2010 6:24 am

combofix again

ComboFix 10-03-08.01 - Janet Duross 03/09/2010 1:17.5.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.894.546 [GMT -5:00]
Running from: c:\documents and settings\Janet Duross\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2010-02-09 to 2010-03-09 )))))))))))))))))))))))))))))))
.

2010-03-07 04:39 . 2010-03-07 04:39 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-03-06 06:07 . 2010-03-06 06:07 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-06 06:02 . 2010-03-06 06:02 61440 ----a-w- c:\documents and settings\Janet Duross\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-69e74856-n\decora-sse.dll
2010-03-06 06:02 . 2010-03-06 06:02 503808 ----a-w- c:\documents and settings\Janet Duross\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-55f08ee6-n\msvcp71.dll
2010-03-06 06:02 . 2010-03-06 06:02 499712 ----a-w- c:\documents and settings\Janet Duross\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-55f08ee6-n\jmc.dll
2010-03-06 06:02 . 2010-03-06 06:02 348160 ----a-w- c:\documents and settings\Janet Duross\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-55f08ee6-n\msvcr71.dll
2010-03-06 06:02 . 2010-03-06 06:02 12800 ----a-w- c:\documents and settings\Janet Duross\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-69e74856-n\decora-d3d.dll
2010-03-06 06:02 . 2010-03-06 06:02 -------- d-----w- c:\program files\Java
2010-02-10 00:32 . 2010-02-10 00:32 -------- d-----w- c:\windows\system32\wbem\Repository
2010-02-09 22:55 . 2010-02-10 00:29 -------- d-----w- c:\windows\system32\autorun
2010-02-09 22:42 . 2010-02-10 00:29 -------- dc----w- c:\windows\ie8

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-08 17:28 . 2009-11-03 17:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-06 06:02 . 2008-10-29 01:22 -------- d-----w- c:\program files\Common Files\Java
2010-03-06 06:02 . 2009-08-21 17:27 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-09 22:57 . 2008-10-29 01:37 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-07 21:07 . 2009-11-03 17:08 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 21:07 . 2009-11-03 17:08 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-05 10:00 . 2007-08-14 02:54 832512 ------w- c:\windows\system32\wininet.dll
2010-01-05 10:00 . 2008-04-14 22:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 10:00 . 2008-04-14 22:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-31 16:50 . 2008-04-14 22:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-18 07:24 . 2008-10-29 01:04 1024 ---h--r- c:\windows\system32\NTIMP3.dll
2009-12-16 18:43 . 2008-04-14 22:00 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:08 . 2008-04-14 22:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-16 16862720]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-25 8491008]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\Client\\Agentsvc.exe"=
"c:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\BackupSvc.exe"=
"c:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\SchedulerSvc.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
"2479:TCP"= 2479:TCP:Services
"5394:TCP"= 5394:TCP:Services
"3389:TCP"= 3389:TCP:Remote Desktop
"9083:TCP"= 9083:TCP:Services
"3246:TCP"= 3246:TCP:Services
"5318:TCP"= 5318:TCP:Services

R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [3/3/2008 4:11 PM 16384]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [4/7/2008 1:42 AM 50424]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [4/4/2008 6:03 AM 131072]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
uInternet Connection Wizard,ShellNext = iexplore
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-03-09 01:19
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(128)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
.
Completion time: 2010-03-09 01:20:34
ComboFix-quarantined-files.txt 2010-03-09 06:20
ComboFix2.txt 2010-03-09 06:05
ComboFix3.txt 2010-03-07 21:33

Pre-Run: 60,029,521,920 bytes free
Post-Run: 60,050,149,376 bytes free

- - End Of File - - C5D756CEA4CAC3EA6C2A50F5DB5B9E4F

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by Dr Jay on Tue Mar 09, 2010 6:44 pm

Ok. We've got to do a rare check here:

Please download [You must be registered and logged in to see this link.] by DragonMaster Jay and save it to your Desktop.
  • Right-click on SpiderKill.zip and click Extract All. Follow the prompts and read carefully, to save it to your Desktop.
  • Double-click on the SpiderKill folder, and then double-click on SpiderKill.bat and follow all the prompts in the program.
  • Within a minute, it will save its log titled SpiderKill.txt. Please post that in your next reply. You may have to use two or three posts to be able to fit the information in.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13716
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302112
# Likes # Likes : 10

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Tue Mar 09, 2010 7:34 pm

SpiderKill by DragonMaster Jay ( Oct 2009 )


Microsoft Windows XP [Version 5.1.2600]

********************Drivers list********************


Volume in drive C is OS
Volume Serial Number is B4D3-70DC

Directory of C:\Windows\System32\Drivers

03/09/2010 01:18 AM .
03/09/2010 01:18 AM ..
04/14/2008 05:00 PM 187,776 acpi.sys
04/14/2008 05:00 PM 11,648 acpiec.sys
04/14/2008 01:09 AM 142,592 aec.sys
08/14/2008 05:04 AM 138,496 afd.sys
01/07/2008 04:54 AM 1,202,560 AGRSM.sys
04/14/2008 05:00 PM 37,376 amdk6.sys
04/14/2008 05:00 PM 37,760 amdk7.sys
04/14/2008 05:00 PM 60,800 arp1394.sys
04/14/2008 05:00 PM 14,336 asyncmac.sys
04/14/2008 05:00 PM 96,512 atapi.sys
04/14/2008 05:00 PM 59,904 atmarpc.sys
04/14/2008 05:00 PM 31,360 atmepvc.sys
04/14/2008 05:00 PM 55,808 atmlane.sys
04/14/2008 05:00 PM 352,256 atmuni.sys
08/17/2001 08:59 AM 3,072 audstub.sys
04/14/2008 05:00 PM 4,224 beep.sys
04/14/2008 05:00 PM 71,552 bridge.sys
06/13/2008 06:05 AM 272,128 bthport.sys
04/14/2008 05:00 PM 13,952 cbidf2k.sys
04/14/2008 05:00 PM 18,688 cdaudio.sys
04/14/2008 05:00 PM 63,744 cdfs.sys
04/14/2008 05:00 PM 62,976 cdrom.sys
04/14/2008 05:00 PM 262,528 cinemst2.sys
04/14/2008 05:00 PM 49,536 classpnp.sys
04/14/2008 05:00 PM 11,776 cpqdap01.sys
04/14/2008 05:00 PM 36,736 crusoe.sys
10/28/2008 11:43 AM disdn
04/14/2008 05:00 PM 36,352 disk.sys
04/14/2008 05:00 PM 14,208 diskdump.sys
04/14/2008 05:00 PM 799,744 dmboot.sys
04/14/2008 05:00 PM 153,344 dmio.sys
04/14/2008 05:00 PM 5,888 dmload.sys
04/14/2008 03:15 AM 52,864 DMusic.sys
04/14/2008 03:15 AM 60,160 drmk.sys
04/14/2008 03:15 AM 2,944 drmkaud.sys
04/14/2008 05:00 PM 10,496 dxapi.sys
04/14/2008 05:00 PM 71,168 dxg.sys
04/14/2008 05:00 PM 3,328 dxgthk.sys
09/02/2008 04:04 AM 23 EMACHINES_EL1200_XPH.MRK
08/21/2009 02:55 AM etc
04/14/2008 05:00 PM 143,744 fastfat.sys
04/14/2008 05:00 PM 27,392 fdc.sys
04/14/2008 05:00 PM 44,544 fips.sys
04/14/2008 05:00 PM 20,480 flpydisk.sys
04/14/2008 05:00 PM 129,792 fltMgr.sys
04/14/2008 05:00 PM 12,160 fsvga.sys
04/14/2008 05:00 PM 7,936 fs_rec.sys
04/14/2008 05:00 PM 125,056 ftdisk.sys
04/17/2008 12:12 PM 15,464 GEARAspiWDM.sys
04/14/2008 05:00 PM 3,440,660 gm.dls
04/14/2008 05:00 PM 646 gmreadme.txt
04/14/2008 05:00 PM 144,384 hdaudbus.sys
04/14/2008 05:00 PM 36,864 hidclass.sys
04/14/2008 05:00 PM 24,960 hidparse.sys
04/14/2008 05:00 PM 10,368 hidusb.sys
10/20/2009 11:20 AM 265,728 http.sys
04/14/2008 05:00 PM 52,480 i8042prt.sys
04/14/2008 05:00 PM 42,112 imapi.sys
04/14/2008 05:00 PM 36,352 intelppm.sys
04/14/2008 05:00 PM 36,608 ip6fw.sys
04/14/2008 05:00 PM 32,896 ipfltdrv.sys
04/14/2008 05:00 PM 20,864 ipinip.sys
04/14/2008 05:00 PM 152,832 ipnat.sys
04/14/2008 05:00 PM 75,264 ipsec.sys
04/14/2008 05:00 PM 11,264 irenum.sys
04/14/2008 05:00 PM 37,248 isapnp.sys
04/14/2008 05:00 PM 24,576 kbdclass.sys
04/14/2008 03:15 AM 172,416 kmixer.sys
04/14/2008 03:46 AM 141,056 ks.sys
06/24/2009 06:18 AM 92,928 ksecdd.sys
01/07/2010 04:07 PM 19,160 mbam.sys
01/07/2010 04:07 PM 38,224 mbamswissarmy.sys
04/14/2008 05:00 PM 7,680 mcd.sys
04/14/2008 05:00 PM 63,744 mf.sys
04/14/2008 05:00 PM 4,224 mnmdd.sys
04/14/2008 05:00 PM 30,080 modem.sys
04/14/2008 05:00 PM 23,040 mouclass.sys
08/17/2001 12:48 PM 12,160 mouhid.sys
04/14/2008 05:00 PM 42,368 mountmgr.sys
04/14/2008 05:00 PM 180,608 mrxdav.sys
12/04/2009 01:22 PM 455,424 mrxsmb.sys
04/14/2008 05:00 PM 19,072 msfs.sys
04/14/2008 05:00 PM 35,072 msgpc.sys
04/14/2008 03:09 AM 7,552 MSKSSRV.sys
04/14/2008 03:09 AM 5,376 MSPCLOCK.sys
04/14/2008 03:09 AM 4,992 MSPQM.sys
04/14/2008 05:00 PM 15,488 mssmbios.sys
04/14/2008 05:00 PM 105,344 mup.sys
04/14/2008 05:00 PM 182,656 ndis.sys
04/14/2008 05:00 PM 10,112 ndistapi.sys
04/14/2008 05:00 PM 14,592 ndisuio.sys
04/14/2008 05:00 PM 91,520 ndiswan.sys
04/14/2008 05:00 PM 40,576 ndproxy.sys
04/14/2008 05:00 PM 34,688 netbios.sys
04/14/2008 05:00 PM 162,816 netbt.sys
04/14/2008 05:00 PM 61,824 nic1394.sys
04/14/2008 05:00 PM 12,032 nikedrv.sys
04/14/2008 05:00 PM 40,320 nmnt.sys
04/14/2008 05:00 PM 30,848 npfs.sys
04/14/2008 05:00 PM 574,976 ntfs.sys
01/30/2008 05:59 AM 13,952 NTIDrvr.sys
04/14/2008 05:00 PM 2,944 null.sys
02/25/2008 12:29 AM 6,867,360 nv4_mini.sys
01/29/2008 12:37 AM 54,016 NVENETFD.sys
01/29/2008 12:37 AM 22,016 nvnetbus.sys
01/29/2008 12:37 AM 950,272 nvnrm.sys
01/16/2008 06:17 PM 3,948 nvphy.bin
04/14/2008 05:00 PM 12,416 nwlnkflt.sys
04/14/2008 05:00 PM 32,512 nwlnkfwd.sys
04/14/2008 05:00 PM 88,320 nwlnkipx.sys
04/14/2008 05:00 PM 63,232 nwlnknb.sys
04/14/2008 05:00 PM 55,936 nwlnkspx.sys
04/14/2008 05:00 PM 3,456 oprghdlr.sys
04/14/2008 05:00 PM 42,752 p3.sys
04/14/2008 05:00 PM 80,128 parport.sys
04/14/2008 05:00 PM 19,712 partmgr.sys
04/14/2008 05:00 PM 6,784 parvdm.sys
04/14/2008 05:00 PM 68,224 pci.sys
04/14/2008 05:00 PM 3,328 pciide.sys
04/14/2008 05:00 PM 24,960 pciidex.sys
04/14/2008 05:00 PM 120,192 pcmcia.sys
04/14/2008 03:49 AM 146,048 portcls.sys
04/14/2008 05:00 PM 35,840 processr.sys
04/14/2008 05:00 PM 69,120 psched.sys
04/14/2008 05:00 PM 17,792 ptilink.sys
04/14/2008 05:00 PM 8,832 rasacd.sys
04/14/2008 05:00 PM 51,328 rasl2tp.sys
04/14/2008 05:00 PM 41,472 raspppoe.sys
04/14/2008 05:00 PM 48,384 raspptp.sys
04/14/2008 05:00 PM 16,512 raspti.sys
04/14/2008 05:00 PM 34,432 rawwan.sys
04/14/2008 05:00 PM 175,744 rdbss.sys
04/14/2008 05:00 PM 4,224 rdpcdd.sys
04/14/2008 03:02 AM 196,224 rdpdr.sys
04/14/2008 05:00 PM 139,656 rdpwd.sys
04/13/2008 07:10 PM 57,600 redbook.sys
04/14/2008 05:00 PM 12,032 rio8drv.sys
04/14/2008 05:00 PM 12,032 riodrv.sys
05/08/2008 09:02 AM 203,136 rmcast.sys
04/14/2008 05:00 PM 30,592 rndismp.sys
04/14/2008 05:00 PM 5,888 rootmdm.sys
05/20/2008 05:53 AM 4,800,000 RtkHDAud.sys
04/14/2008 05:00 PM 96,384 scsiport.sys
04/14/2008 05:00 PM 79,232 sdbus.sys
04/14/2008 05:00 PM 20,480 secdrv.sys
04/14/2008 05:00 PM 15,744 serenum.sys
04/14/2008 05:00 PM 64,512 serial.sys
04/14/2008 05:00 PM 11,904 sffdisk.sys
04/14/2008 05:00 PM 10,240 sffp_mmc.sys
04/14/2008 05:00 PM 11,008 sffp_sd.sys
04/14/2008 05:00 PM 11,392 sfloppy.sys
04/14/2008 05:00 PM 14,592 smclib.sys
04/14/2008 05:00 PM 25,344 sonydcam.sys
04/14/2008 03:15 AM 6,272 splitter.sys
04/14/2008 05:00 PM 73,472 sr.sys
12/31/2009 11:50 AM 353,792 srv.sys
04/14/2008 03:15 AM 49,408 stream.sys
04/14/2008 05:00 PM 4,352 swenum.sys
04/14/2008 03:15 AM 56,576 swmidi.sys
04/14/2008 03:45 AM 60,800 sysaudio.sys
04/14/2008 05:00 PM 14,976 tape.sys
06/20/2008 06:51 AM 361,600 tcpip.sys
06/20/2008 06:08 AM 225,856 tcpip6.sys
04/14/2008 05:00 PM 19,072 tdi.sys
04/14/2008 05:00 PM 12,040 tdpipe.sys
04/14/2008 05:00 PM 21,896 tdtcp.sys
04/14/2008 08:43 AM 40,840 termdd.sys
04/14/2008 05:00 PM 51,712 tosdvd.sys
04/14/2008 05:00 PM 21,376 tsbvcap.sys
04/14/2008 05:00 PM 12,288 tunmp.sys
01/30/2008 10:56 AM 12,288 UBHelper.sys
04/14/2008 05:00 PM 66,048 udfs.sys
04/14/2008 05:00 PM 384,768 update.sys
04/14/2008 05:00 PM 12,800 usb8023.sys
04/14/2008 05:00 PM 25,600 usbcamd.sys
04/14/2008 05:00 PM 25,728 usbcamd2.sys
04/14/2008 05:00 PM 4,736 usbd.sys
04/14/2008 05:00 PM 30,208 usbehci.sys
04/14/2008 05:00 PM 59,520 usbhub.sys
04/14/2008 05:00 PM 15,872 usbintel.sys
04/14/2008 05:00 PM 17,152 usbohci.sys
04/14/2008 05:00 PM 143,872 usbport.sys
04/14/2008 05:00 PM 26,368 USBSTOR.SYS
04/14/2008 05:00 PM 58,112 vdmindvd.sys
04/14/2008 05:00 PM 20,992 vga.sys
04/14/2008 05:00 PM 81,664 videoprt.sys
04/14/2008 05:00 PM 52,352 volsnap.sys
04/14/2008 05:00 PM 34,560 wanarp.sys
04/14/2008 03:47 AM 83,072 wdmaud.sys
04/13/2008 07:06 PM 8,832 wmiacpi.sys
04/14/2008 05:00 PM 4,352 wmilib.sys
04/14/2008 05:00 PM 12,032 ws2ifsl.sys
190 File(s) 29,787,693 bytes

Directory of C:\Windows\System32\Drivers\disdn

10/28/2008 11:43 AM .
10/28/2008 11:43 AM ..
0 File(s) 0 bytes

Directory of C:\Windows\System32\Drivers\etc

08/21/2009 02:55 AM .
08/21/2009 02:55 AM ..
04/14/2008 05:00 PM 734 hosts
04/14/2008 05:00 PM 3,683 lmhosts.sam
04/14/2008 05:00 PM 407 networks
04/14/2008 05:00 PM 799 protocol
04/14/2008 05:00 PM 7,116 services
5 File(s) 12,739 bytes

Total Files Listed:
195 File(s) 29,800,432 bytes
8 Dir(s) 60,081,852,416 bytes free


***********************Hidden Drivers********************
Volume in drive C is OS
Volume Serial Number is B4D3-70DC

Directory of C:\Windows\System32\Drivers



*********************Processes*******************


PROCESS PID PRIO PATH
smss.exe 564 Normal C:\WINDOWS\System32\smss.exe
csrss.exe 632 Normal C:\WINDOWS\system32\csrss.exe
winlogon.exe 656 High C:\WINDOWS\system32\winlogon.exe
services.exe 700 Normal C:\WINDOWS\system32\services.exe
lsass.exe 712 Normal C:\WINDOWS\system32\lsass.exe
svchost.exe 868 Normal C:\WINDOWS\system32\svchost.exe
svchost.exe 928 Normal C:\WINDOWS\system32\svchost.exe
svchost.exe 1020 Normal C:\WINDOWS\System32\svchost.exe
svchost.exe 1072 Normal C:\WINDOWS\system32\svchost.exe
svchost.exe 1116 Normal C:\WINDOWS\system32\svchost.exe
spoolsv.exe 1496 Normal C:\WINDOWS\system32\spoolsv.exe
RTHDCPL.EXE 1672 Normal C:\WINDOWS\RTHDCPL.EXE
jusched.exe 1692 Normal C:\Program Files\Common Files\Java\Java Update\jusched.exe
ctfmon.exe 1732 Normal C:\WINDOWS\system32\ctfmon.exe
svchost.exe 1396 Normal C:\WINDOWS\system32\svchost.exe
agrsmsvc.exe 1784 Normal C:\WINDOWS\system32\agrsmsvc.exe
Agentsvc.exe 1372 Normal C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
jqs.exe 1860 Idle C:\Program Files\Java\jre6\bin\jqs.exe
LSSrvc.exe 1888 Normal C:\Program Files\Common Files\LightScribe\LSSrvc.exe
BackupSvc.exe 1932 Normal C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
SchedulerSvc.exe 1964 Normal C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
nvsvc32.exe 1992 Normal C:\WINDOWS\system32\nvsvc32.exe
RichVideo.exe 2024 Normal C:\Program Files\CyberLink\Shared Files\RichVideo.exe
explorer.exe 1348 Normal C:\WINDOWS\explorer.exe
alg.exe 988 Normal C:\WINDOWS\System32\alg.exe
wuauclt.exe 3972 Normal C:\WINDOWS\system32\wuauclt.exe
wmiprvse.exe 3128 Normal C:\WINDOWS\system32\wbem\wmiprvse.exe
IEXPLORE.EXE 3408 Normal C:\Program Files\Internet Explorer\IEXPLORE.EXE
cmd.exe 832 Normal C:\WINDOWS\system32\cmd.exe
processes.exe 1424 Normal C:\Documents and Settings\Janet Duross\Desktop\SpiderKill\processes.exe


Module information for 'explorer.exe'(1348)
MODULE BASE SIZE PATH
explorer.exe 1000000 1044480 C:\WINDOWS\explorer.exe 6.00.2900.5512 (xpsp.080413-2105) Windows Explorer
ntdll.dll 7c900000 729088 C:\WINDOWS\system32\ntdll.dll 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234) NT Layer DLL
kernel32.dll 7c800000 1007616 C:\WINDOWS\system32\kernel32.dll 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317) Windows NT BASE API Client DLL
ADVAPI32.dll 77dd0000 634880 C:\WINDOWS\system32\ADVAPI32.dll 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234) Advanced Windows 32 Base API
RPCRT4.dll 77e70000 598016 C:\WINDOWS\system32\RPCRT4.dll 5.1.2600.5795 (xpsp_sp3_gdr.090415-1241) Remote Procedure Call Runtime
Secur32.dll 77fe0000 69632 C:\WINDOWS\system32\Secur32.dll 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305) Security Support Provider Interface
BROWSEUI.dll 75f80000 1036288 C:\WINDOWS\system32\BROWSEUI.dll 6.00.2900.5512 (xpsp.080413-2105) Shell Browser UI Library
GDI32.dll 77f10000 299008 C:\WINDOWS\system32\GDI32.dll 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932) GDI Client DLL
USER32.dll 7e410000 593920 C:\WINDOWS\system32\USER32.dll 5.1.2600.5512 (xpsp.080413-2105) Windows XP USER API Client DLL
msvcrt.dll 77c10000 360448 C:\WINDOWS\system32\msvcrt.dll 7.0.2600.5512 (xpsp.080413-2111) Windows NT CRT DLL
ole32.dll 774e0000 1298432 C:\WINDOWS\system32\ole32.dll 5.1.2600.5512 (xpsp.080413-2108) Microsoft OLE for Windows
SHLWAPI.dll 77f60000 483328 C:\WINDOWS\system32\SHLWAPI.dll 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454) Shell Light-weight Utility Library
OLEAUT32.dll 77120000 569344 C:\WINDOWS\system32\OLEAUT32.dll 5.1.2600.5512 5.1.2600.5512
SHDOCVW.dll 7e290000 1511424 C:\WINDOWS\system32\SHDOCVW.dll 6.00.2900.5512 (xpsp.080413-2105) Shell Doc Object and Control Library
CRYPT32.dll 77a80000 610304 C:\WINDOWS\system32\CRYPT32.dll 5.131.2600.5512 (xpsp.080413-2113) Crypto API32
MSASN1.dll 77b20000 73728 C:\WINDOWS\system32\MSASN1.dll 5.1.2600.5875 (xpsp_sp3_gdr.090904-1413) ASN.1 Runtime APIs
CRYPTUI.dll 754d0000 524288 C:\WINDOWS\system32\CRYPTUI.dll 5.131.2600.5512 (xpsp.080413-2113) Microsoft Trust UI Provider
NETAPI32.dll 5b860000 348160 C:\WINDOWS\system32\NETAPI32.dll 5.1.2600.5694 (xpsp_sp3_gdr.081015-1312) Net Win32 API DLL
VERSION.dll 77c00000 32768 C:\WINDOWS\system32\VERSION.dll 5.1.2600.5512 (xpsp.080413-2105) Version Checking and File Installation Libraries
WININET.dll 3d930000 856064 C:\WINDOWS\system32\WININET.dll 7.00.6000.16981 (vista_gdr.091215-2244) Internet Extensions for Win32
Normaliz.dll 400000 36864 C:\WINDOWS\system32\Normaliz.dll 6.0.5441.0 (winmain(wmbla).060628-1735) Unicode Normalization DLL
iertutil.dll 3dfd0000 282624 C:\WINDOWS\system32\iertutil.dll 7.00.6000.16981 (vista_gdr.091215-2244) Run time utility for Internet Explorer
WINTRUST.dll 76c30000 188416 C:\WINDOWS\system32\WINTRUST.dll 5.131.2600.5512 (xpsp.080413-2113) Microsoft Trust Verification APIs
IMAGEHLP.dll 76c90000 163840 C:\WINDOWS\system32\IMAGEHLP.dll 5.1.2600.5512 (xpsp.080413-2105) Windows NT Image Helper
WLDAP32.dll 76f60000 180224 C:\WINDOWS\system32\WLDAP32.dll 5.1.2600.5512 (xpsp.080413-2113) Win32 LDAP API DLL
SHELL32.dll 7c9c0000 8482816 C:\WINDOWS\system32\SHELL32.dll 6.00.2900.5622 (xpsp_sp3_gdr.080617-1319) Windows Shell Common Dll
UxTheme.dll 5ad70000 229376 C:\WINDOWS\system32\UxTheme.dll 6.00.2900.5512 (xpsp.080413-2105) Microsoft UxTheme Library
ShimEng.dll 5cb70000 155648 C:\WINDOWS\system32\ShimEng.dll 5.1.2600.5512 (xpsp.080413-2105) Shim Engine DLL
AcGenral.DLL 6f880000 1875968 C:\WINDOWS\AppPatch\AcGenral.DLL 5.1.2600.5512 (xpsp.080413-2105) Windows Compatibility DLL
WINMM.dll 76b40000 184320 C:\WINDOWS\system32\WINMM.dll 5.1.2600.5512 (xpsp.080413-0845) MCI API DLL
MSACM32.dll 77be0000 86016 C:\WINDOWS\system32\MSACM32.dll 5.1.2600.5512 (xpsp.080413-0845) Microsoft ACM Audio Filter
USERENV.dll 769c0000 737280 C:\WINDOWS\system32\USERENV.dll 5.1.2600.5512 (xpsp.080413-2113) Userenv
IMM32.DLL 76390000 118784 C:\WINDOWS\system32\IMM32.DLL 5.1.2600.5512 (xpsp.080413-2105) Windows XP IMM32 API Client DLL
LPK.DLL 629c0000 36864 C:\WINDOWS\system32\LPK.DLL 5.1.2600.5512 (xpsp.080413-2105) Language Pack
USP10.dll 74d90000 438272 C:\WINDOWS\system32\USP10.dll 1.0420.2600.5512 (xpsp.080413-2105) Uniscribe Unicode script processor
comctl32.dll 773d0000 1060864 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll 6.0 (xpsp.080413-2105) User Experience Controls Library
comctl32.dll 5d090000 630784 C:\WINDOWS\system32\comctl32.dll 5.82 (xpsp.080413-2105) Common Controls Library
MSCTF.dll 74720000 311296 C:\WINDOWS\system32\MSCTF.dll 5.1.2600.5512 (xpsp.080413-2105) MSCTF Server DLL
msctfime.ime 755c0000 188416 C:\WINDOWS\system32\msctfime.ime 5.1.2600.5512 (xpsp.080413-2105) Microsoft Text Frame Work Service IME
appHelp.dll 77b40000 139264 C:\WINDOWS\system32\appHelp.dll 5.1.2600.5512 (xpsp.080413-2105) Application Compatibility Client Library
CLBCATQ.DLL 76fd0000 520192 C:\WINDOWS\system32\CLBCATQ.DLL 2001.12.4414.700 2001.12.4414.700
COMRes.dll 77050000 806912 C:\WINDOWS\system32\COMRes.dll 2001.12.4414.700 2001.12.4414.700
cscui.dll 77a20000 344064 C:\WINDOWS\System32\cscui.dll 5.1.2600.5512 (xpsp.080413-2105) Client Side Caching UI
CSCDLL.dll 76600000 118784 C:\WINDOWS\System32\CSCDLL.dll 5.1.2600.5512 (xpsp.080413-2111) Offline Network Agent
themeui.dll 5ba60000 462848 C:\WINDOWS\system32\themeui.dll 6.00.2900.5512 (xpsp.080413-2105) Windows Theme API
MSIMG32.dll 76380000 20480 C:\WINDOWS\system32\MSIMG32.dll 5.1.2600.5512 (xpsp.080413-2105) GDIEXT Client DLL
xpsp2res.dll 1480000 2904064 C:\WINDOWS\system32\xpsp2res.dll 5.1.2600.5512 (xpsp.080413-2113) Service Pack 2 Messages
actxprxy.dll 71d40000 110592 C:\WINDOWS\system32\actxprxy.dll 6.00.2900.5512 (xpsp.080413-2113) ActiveX Interface Marshaling Library
msi.dll 7d1e0000 2867200 C:\WINDOWS\system32\msi.dll 3.1.4001.5512 Windows Installer
SAMLIB.dll 71bf0000 77824 C:\WINDOWS\system32\SAMLIB.dll 5.1.2600.5512 (xpsp.080413-2113) SAM Library DLL
SETUPAPI.dll 77920000 995328 C:\WINDOWS\system32\SETUPAPI.dll 5.1.2600.5512 (xpsp.080413-2111) Windows Setup API
ieframe.dll 3e1c0000 6082560 C:\WINDOWS\system32\ieframe.dll 7.00.6000.16981 (vista_gdr.091215-2244) Internet Explorer
PSAPI.DLL 76bf0000 45056 C:\WINDOWS\system32\PSAPI.DLL 5.1.2600.5512 (xpsp.080413-2105) Process Status Helper
NETSHELL.dll 76400000 1724416 C:\WINDOWS\system32\NETSHELL.dll 5.1.2600.5512 (xpsp.080413-0852) Network Connections Shell
ATL.DLL 76b20000 69632 C:\WINDOWS\system32\ATL.DLL 3.05.2284 ATL Module for Windows XP (Unicode)
credui.dll 76c00000 188416 C:\WINDOWS\system32\credui.dll 5.1.2600.5512 (xpsp.080413-2113) Credential Manager User Interface
dot3api.dll 478c0000 40960 C:\WINDOWS\system32\dot3api.dll 5.1.2600.5512 (xpsp.080413-0852) 802.3 Autoconfiguration API
rtutils.dll 76e80000 57344 C:\WINDOWS\system32\rtutils.dll 5.1.2600.5512 (xpsp.080413-0852) Routing Utilities
dot3dlg.dll 736d0000 24576 C:\WINDOWS\system32\dot3dlg.dll 5.1.2600.5512 (xpsp.080413-0852) 802.3 UI Helper
OneX.DLL 5dca0000 163840 C:\WINDOWS\system32\OneX.DLL 5.1.2600.5512 (xpsp.080413-0852) IEEE 802.1X supplicant library
WTSAPI32.dll 76f50000 32768 C:\WINDOWS\system32\WTSAPI32.dll 5.1.2600.5512 (xpsp.080413-2111) Windows Terminal Server SDK APIs
WINSTA.dll 76360000 65536 C:\WINDOWS\system32\WINSTA.dll 5.1.2600.5512 (xpsp.080413-2111) Winstation Library
eappcfg.dll 745b0000 139264 C:\WINDOWS\system32\eappcfg.dll 5.1.2600.5512 (xpsp.080413-0852) Eap Peer Config
MSVCP60.dll 76080000 413696 C:\WINDOWS\system32\MSVCP60.dll 6.02.3104.0 Microsoft (R) C++ Runtime Library
eappprxy.dll 5dcd0000 57344 C:\WINDOWS\system32\eappprxy.dll 5.1.2600.5512 (xpsp.080413-0852) Microsoft EAPHost Peer Client DLL
iphlpapi.dll 76d60000 102400 C:\WINDOWS\system32\iphlpapi.dll 5.1.2600.5512 (xpsp.080413-0852) IP Helper API
WS2_32.dll 71ab0000 94208 C:\WINDOWS\system32\WS2_32.dll 5.1.2600.5512 (xpsp.080413-0852) Windows Socket 2.0 32-Bit DLL
WS2HELP.dll 71aa0000 32768 C:\WINDOWS\system32\WS2HELP.dll 5.1.2600.5512 (xpsp.080413-0852) Windows Socket 2.0 Helper for Windows NT
webcheck.dll 42e40000 245760 C:\WINDOWS\system32\webcheck.dll 7.00.6000.16981 (vista_gdr.091215-2244) Web Site Monitor
stobject.dll 76280000 135168 C:\WINDOWS\system32\stobject.dll 5.1.2600.5512 (xpsp.080413-2105) Systray shell service object
BatMeter.dll 74af0000 40960 C:\WINDOWS\system32\BatMeter.dll 6.00.2900.5512 (xpsp.080413-2105) Battery Meter Helper DLL
POWRPROF.dll 74ad0000 32768 C:\WINDOWS\system32\POWRPROF.dll 6.00.2900.5512 (xpsp.080413-2105) Power Profile Helper DLL
wdmaud.drv 72d20000 36864 C:\WINDOWS\system32\wdmaud.drv 5.1.2600.5512 (xpsp.080413-2108) WDM Audio driver mapper
msacm32.drv 72d10000 32768 C:\WINDOWS\system32\msacm32.drv 5.1.2600.0 (xpclient.010817-1148) Microsoft Sound Mapper
midimap.dll 77bd0000 28672 C:\WINDOWS\system32\midimap.dll 5.1.2600.5512 (xpsp.080413-0845) Microsoft MIDI Mapper
WZCSAPI.DLL 73030000 65536 C:\WINDOWS\system32\WZCSAPI.DLL 5.1.2600.5512 (xpsp.080413-0852) Wireless Zero Configuration service API
LINKINFO.dll 76980000 32768 C:\WINDOWS\system32\LINKINFO.dll 5.1.2600.5512 (xpsp.080413-2105) Windows Volume Tracking
ntshrui.dll 76990000 151552 C:\WINDOWS\system32\ntshrui.dll 5.1.2600.5512 (xpsp.080413-2105) Shell extensions for sharing
browselc.dll 71600000 73728 C:\WINDOWS\system32\browselc.dll 6.00.2900.5512 (xpsp.080413-2105) Shell Browser UI Library
urlmon.dll 78130000 1212416 C:\WINDOWS\system32\urlmon.dll 7.00.6000.16981 (vista_gdr.091215-2244) OLE32 Extensions for Win32
DUSER.dll 6c1b0000 315392 C:\WINDOWS\system32\DUSER.dll 5.1.2600.5512 (xpsp.080413-2105) Windows DirectUser Engine
MLANG.dll 75cf0000 593920 C:\WINDOWS\system32\MLANG.dll 6.00.2900.5512 (xpsp.080413-2105) Multi Language Support DLL
RASDLG.dll 768d0000 671744 C:\WINDOWS\system32\RASDLG.dll 5.1.2600.5512 (xpsp.080413-0852) Remote Access Common Dialog API
MPRAPI.dll 76d40000 98304 C:\WINDOWS\system32\MPRAPI.dll 5.1.2600.5512 (xpsp.080413-0852) Windows NT MP Router Administration DLL
ACTIVEDS.dll 77cc0000 204800 C:\WINDOWS\system32\ACTIVEDS.dll 5.1.2600.5512 (xpsp.080413-2113) ADs Router Layer DLL
adsldpc.dll 76e10000 151552 C:\WINDOWS\system32\adsldpc.dll 5.1.2600.5512 (xpsp.080413-2113) ADs LDAP Provider C DLL
RASAPI32.dll 76ee0000 245760 C:\WINDOWS\system32\RASAPI32.dll 5.1.2600.5512 (xpsp.080413-0852) Remote Access API
rasman.dll 76e90000 73728 C:\WINDOWS\system32\rasman.dll 5.1.2600.5512 (xpsp.080413-0852) Remote Access Connection Manager
TAPI32.dll 76eb0000 192512 C:\WINDOWS\system32\TAPI32.dll 5.1.2600.5512 (xpsp.080413-0852) Microsoft® Windows(TM) Telephony API Client DLL
netman.dll 77d00000 208896 C:\WINDOWS\system32\netman.dll 5.1.2600.5512 (xpsp.080413-0852) Network Connections Manager
WZCSvc.DLL 7db10000 573440 C:\WINDOWS\system32\WZCSvc.DLL 5.1.2600.5512 (xpsp.080413-0852) Wireless Zero Configuration Service
WMI.dll 76d30000 16384 C:\WINDOWS\system32\WMI.dll 5.1.2600.5512 (xpsp.080413-2113) WMI DC and DP functionality
DHCPCSVC.DLL 7d4b0000 139264 C:\WINDOWS\system32\DHCPCSVC.DLL 5.1.2600.5512 (xpsp.080413-0852) DHCP Client Service
DNSAPI.dll 76f20000 159744 C:\WINDOWS\system32\DNSAPI.dll 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249) DNS Client API DLL
EapolQec.dll 72810000 45056 C:\WINDOWS\system32\EapolQec.dll 5.1.2600.5512 (xpsp.080413-0852) Microsoft EAPOL NAP Enforcement Client
QUtil.dll 726c0000 90112 C:\WINDOWS\system32\QUtil.dll 5.1.2600.5512 (xpsp.080413-0852) Quarantine Utilities
ESENT.dll 606b0000 1101824 C:\WINDOWS\system32\ESENT.dll 5.1.2600.5512 (xpsp.080413-2113) Server Database Storage Engine
hnetcfg.dll 662b0000 360448 C:\WINDOWS\system32\hnetcfg.dll 5.1.2600.5512 (xpsp.080413-0852) Home Networking Configuration Manager
wbemprox.dll 74ef0000 32768 C:\WINDOWS\system32\wbem\wbemprox.dll 5.1.2600.5512 (xpsp.080413-2108) WMI
wbemcomn.dll 75290000 225280 C:\WINDOWS\system32\wbem\wbemcomn.dll 5.1.2600.5512 (xpsp.080413-2108) WMI
wbemsvc.dll 74ed0000 57344 C:\WINDOWS\system32\wbem\wbemsvc.dll 5.1.2600.5512 (xpsp.080413-2108) WMI
fastprox.dll 75690000 483328 C:\WINDOWS\system32\wbem\fastprox.dll 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234) WMI
NTDSAPI.dll 767a0000 77824 C:\WINDOWS\system32\NTDSAPI.dll 5.1.2600.5512 (xpsp.080413-2113) NT5DS
netcfgx.dll 755f0000 630784 C:\WINDOWS\system32\netcfgx.dll 5.1.2600.5512 (xpsp.080413-0852) Network Configuration Objects
CLUSAPI.dll 76d10000 73728 C:\WINDOWS\system32\CLUSAPI.dll 5.1.2600.5512 (xpsp.080413-2111) Cluster API Library
fxsst.dll 68df0000 577536 C:\WINDOWS\system32\fxsst.dll 5.2.2600.5512 (xpsp.080413-0852) Fax Service
WINSPOOL.DRV 73000000 155648 C:\WINDOWS\system32\WINSPOOL.DRV 5.1.2600.5512 (xpsp.080413-0852) Windows Spooler Driver
FXSAPI.dll 5a980000 466944 C:\WINDOWS\system32\FXSAPI.dll 5.2.2600.5512 (xpsp.080413-0852) Microsoft Fax API Support DLL
NTMARTA.DLL 77690000 135168 C:\WINDOWS\system32\NTMARTA.DLL 5.1.2600.5512 (xpsp.080413-2113) Windows NT MARTA provider
wzcdlg.dll 5df10000 393216 C:\WINDOWS\system32\wzcdlg.dll 5.1.2600.5512 (xpsp.080413-0852) Wireless Zero Configuration Service UI
WINHTTP.dll 4d4f0000 364544 C:\WINDOWS\system32\WINHTTP.dll 5.1.2600.5868 (xpsp_sp3_gdr.090824-1328) Windows HTTP Services
SXS.DLL 7e720000 720896 C:\WINDOWS\system32\SXS.DLL 5.1.2600.5512 (xpsp.080413-2111) Fusion 2.5
MPR.dll 71b20000 73728 C:\WINDOWS\system32\MPR.dll 5.1.2600.5512 (xpsp.080413-0852) Multiple Provider Router DLL
drprov.dll 75f60000 28672 C:\WINDOWS\System32\drprov.dll 5.1.2600.5512 (xpsp.080413-2111) Microsoft Terminal Server Network Provider
ntlanman.dll 71c10000 57344 C:\WINDOWS\System32\ntlanman.dll 5.1.2600.5512 (xpsp.080413-2108) Microsoft® Lan Manager
NETUI0.dll 71cd0000 94208 C:\WINDOWS\System32\NETUI0.dll 5.1.2600.5512 (xpsp.080413-2108) NT LM UI Common Code - GUI Classes
NETUI1.dll 71c90000 262144 C:\WINDOWS\System32\NETUI1.dll 5.1.2600.5512 (xpsp.080413-2108) NT LM UI Common Code - Networking classes
NETRAP.dll 71c80000 28672 C:\WINDOWS\System32\NETRAP.dll 5.1.2600.5512 (xpsp.080413-2113) Net Remote Admin Protocol DLL
davclnt.dll 75f70000 40960 C:\WINDOWS\System32\davclnt.dll 5.1.2600.5512 (xpsp.080413-2111) Web DAV Client DLL
rsaenh.dll 68000000 221184 C:\WINDOWS\system32\rsaenh.dll 5.1.2600.5507 (xpsp.080318-1711) Microsoft Enhanced Cryptographic Provider
mbamext.dll 10000000 98304 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll 1, 3, 0, 0 Malwarebytes' Anti-Malware
zipfldr.dll 73380000 356352 C:\WINDOWS\system32\zipfldr.dll 6.00.2900.5512 (xpsp.080413-2105) Compressed (zipped) Folders
PDFShell.dll 13a0000 372736 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll 9.3.0.148 PDF Shell Extension
MSVCR80.dll 3020000 634880 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll 8.00.50727.3053 Microsoft® C Runtime Library
xpsp1res.dll 1370000 192512 C:\WINDOWS\system32\xpsp1res.dll 5.1.2600.5512 (xpsp.080413-2113) Service Pack 1 Messages
MSISIP.DLL 605f0000 28672 C:\WINDOWS\system32\MSISIP.DLL 3.1.4001.5512 MSI Signature SIP Provider
wshext.dll 7dfa0000 90112 C:\WINDOWS\system32\wshext.dll 5.7.0.18066 Microsoft (R) Shell Extension for Windows script Host



******************************************
EOF

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by Dr Jay on Tue Mar 09, 2010 8:11 pm

Re-running ComboFix:

  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  • Open notepad and copy/paste the text in the quotebox below into it:
    killall::
    rootkit::
    ads::
  • Save this as CFScript.txt, in the same location as ComboFix.exe



  • Referring to the picture above, drag CFScript into ComboFix.exe
  • When finished, it shall produce a log for you at C:\ComboFix.txt
  • Please post the contents of the log in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13716
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302112
# Likes # Likes : 10

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Wed Mar 10, 2010 4:35 am

ComboFix 10-03-09.05 - Janet Duross 03/09/2010 23:25:50.6.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.894.577 [GMT -5:00]
Running from: c:\documents and settings\Janet Duross\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Janet Duross\Desktop\CFScript.txt
.

((((((((((((((((((((((((( Files Created from 2010-02-10 to 2010-03-10 )))))))))))))))))))))))))))))))
.

2010-03-07 04:39 . 2010-03-07 04:39 5115824 ----a-w- c:\documents and settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\mbam-setup.exe
2010-03-06 06:07 . 2010-03-06 06:07 -------- d-----w- c:\program files\Common Files\Adobe
2010-03-06 06:02 . 2010-03-06 06:02 61440 ----a-w- c:\documents and settings\Janet Duross\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-69e74856-n\decora-sse.dll
2010-03-06 06:02 . 2010-03-06 06:02 503808 ----a-w- c:\documents and settings\Janet Duross\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-55f08ee6-n\msvcp71.dll
2010-03-06 06:02 . 2010-03-06 06:02 499712 ----a-w- c:\documents and settings\Janet Duross\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-55f08ee6-n\jmc.dll
2010-03-06 06:02 . 2010-03-06 06:02 348160 ----a-w- c:\documents and settings\Janet Duross\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-55f08ee6-n\msvcr71.dll
2010-03-06 06:02 . 2010-03-06 06:02 12800 ----a-w- c:\documents and settings\Janet Duross\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-69e74856-n\decora-d3d.dll
2010-03-06 06:02 . 2010-03-06 06:02 -------- d-----w- c:\program files\Java
2010-02-10 00:32 . 2010-02-10 00:32 -------- d-----w- c:\windows\system32\wbem\Repository
2010-02-09 22:55 . 2010-02-10 00:29 -------- d-----w- c:\windows\system32\autorun
2010-02-09 22:42 . 2010-02-10 00:29 -------- dc----w- c:\windows\ie8

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-08 17:28 . 2009-11-03 17:08 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-03-06 06:02 . 2008-10-29 01:22 -------- d-----w- c:\program files\Common Files\Java
2010-03-06 06:02 . 2009-08-21 17:27 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-02-09 22:57 . 2008-10-29 01:37 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-01-07 21:07 . 2009-11-03 17:08 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-01-07 21:07 . 2009-11-03 17:08 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-01-05 10:00 . 2007-08-14 02:54 832512 ------w- c:\windows\system32\wininet.dll
2010-01-05 10:00 . 2008-04-14 22:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2010-01-05 10:00 . 2008-04-14 22:00 17408 ----a-w- c:\windows\system32\corpol.dll
2009-12-31 16:50 . 2008-04-14 22:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-18 07:24 . 2008-10-29 01:04 1024 ---h--r- c:\windows\system32\NTIMP3.dll
2009-12-16 18:43 . 2008-04-14 22:00 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:08 . 2008-04-14 22:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-16 16862720]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-02-25 8491008]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-12-11 948672]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\Client\\Agentsvc.exe"=
"c:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\BackupSvc.exe"=
"c:\\Program Files\\NewTech Infosystems\\NTI Backup Now 5\\SchedulerSvc.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"65533:TCP"= 65533:TCP:Services
"52344:TCP"= 52344:TCP:Services
"2479:TCP"= 2479:TCP:Services
"5394:TCP"= 5394:TCP:Services
"3389:TCP"= 3389:TCP:Remote Desktop
"9083:TCP"= 9083:TCP:Services
"3246:TCP"= 3246:TCP:Services
"5318:TCP"= 5318:TCP:Services

R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [3/3/2008 4:11 PM 16384]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [4/7/2008 1:42 AM 50424]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [4/4/2008 6:03 AM 131072]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
mStart Page = [You must be registered and logged in to see this link.]
uInternet Connection Wizard,ShellNext = iexplore
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2010-03-09 23:31
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(2632)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\agrsmsvc.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\windows\RTHDCPL.EXE
c:\windows\system32\nvsvc32.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
.
**************************************************************************
.
Completion time: 2010-03-09 23:33:07 - machine was rebooted
ComboFix-quarantined-files.txt 2010-03-10 04:32

Pre-Run: 60,121,698,304 bytes free
Post-Run: 60,123,447,296 bytes free

- - End Of File - - CF2A3A5D33F22F2FF398A3C31D136C9F

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by Dr Jay on Wed Mar 10, 2010 9:16 pm

Please run the Stealth MBR Rootkit Detector again and post a log.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13716
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302112
# Likes # Likes : 10

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Thu Mar 11, 2010 12:46 am

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, [You must be registered and logged in to see this link.]

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK
copy of MBR has been found in sector 0x012A18AC1
malicious code @ sector 0x012A18AC4 !
PE file found in sector at 0x012A18ADA !

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by Dr Jay on Thu Mar 11, 2010 9:02 pm

Please download [You must be registered and logged in to see this link.] rootkit detector, and save to your Desktop.
  • Unzip the file by right-clicking on it and select Extract all... save to your Desktop.
  • Find the radix_installer folder on your Desktop. Double-click on it.
  • Double-click on radixgui.exe and read the agreement and click on Yes.
  • When the program opens, make sure all the checkboxes on the left.
  • Then, click the Check button. Do not click Fix Checked.
  • Note: if you get a warning about deleting data from the Registry...Are you sure you want to scan...click Yes.
  • When it appears to be done scanning, click the Save log... button at the bottom right. Pick a file name and location and click Save.
  • Find the log, double-click on the file. Post the contents in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13716
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302112
# Likes # Likes : 10

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Fri Mar 12, 2010 1:26 am

its going to take a lot of posts!

USEC Radix V1, 0, 0, 11 [2010/03/12] at your service.
---- Check started at 12.3.2010 1:8:54 ----
Running on: Microsoft Windows NT 5.1 Build 2600 Service Pack 3
Number of Processors: 1, Active Processor Mask: 00000001
Processor: Intel Level 15 Revision 7F02
Allocation granularity: 00010000, Page granularity: 00001000
Application space: 00010000-7FFEFFFF
Kernel Membase: 80000000
[X] Filter common false alarms.
1:8:54 - Performing check: "Hidden files":
This check can take some time depending on your harddisk size. You can interrupt it with the ESC key.
1:9:3 - Performing check: "Alternate Data Streams":
This check can take some time depending on your harddisk size. You can interrupt it with the ESC key.
[*] C:\Documents and Settings\All Users\Documents\My Pictures\Sample Pictures\Thumbs.db:encryptable:$DATA
[*] C:\Documents and Settings\Janet Duross\My Documents\My Pictures\Thumbs.db:encryptable:$DATA
[-] Error scanning file C:\hiberfil.sys: 0x05::0x06: The process cannot access the file because it is being used by another process.

[-] Error scanning file C:\pagefile.sys: 0x05::0x06: The process cannot access the file because it is being used by another process.

[*] C:\VALUEADD\Thumbs.db:encryptable:$DATA

3 streams found.
1:10:16 - Performing check: "Hidden Registry entries":
--------------------[HKEY_LOCAL_MACHINE\HARDWARE ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_LOCAL_MACHINE\SAM ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...[-] Unable to open key: HKEY_LOCAL_MACHINE\SAM\SAM: Access is denied.

DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_LOCAL_MACHINE\SECURITY ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...[-] Unable to open key: HKEY_LOCAL_MACHINE\SECURITY: Access is denied.

DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_LOCAL_MACHINE\SOFTWARE ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...[-] Unable to open key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Remote Desktop\Pending Help Session: Access is denied.

DONE.
-------------------------------------------------------------------------------


--------------------[HKEY_LOCAL_MACHINE\SYSTEM ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{54505F9E-EE66-4F1D-A63B-B853A1759385}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{59F44B03-CCD2-460B-ACD8-53CBF375D174}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{674CDDB0-FA08-4CEE-BF3E-D975DD19672D}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{67F2A318-C8F7-4087-9F88-C4B434D41719}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{7E0006EA-81A8-4780-B0C8-474E2DBF4D63}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\MRxDAV\EncryptedDirectories: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{54505F9E-EE66-4F1D-A63B-B853A1759385}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{59F44B03-CCD2-460B-ACD8-53CBF375D174}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{674CDDB0-FA08-4CEE-BF3E-D975DD19672D}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{67F2A318-C8F7-4087-9F88-C4B434D41719}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Control\Class\{7E0006EA-81A8-4780-B0C8-474E2DBF4D63}\Properties: Access is denied.

[-] Unable to open key: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\MRxDAV\EncryptedDirectories: Access is denied.

DONE.
-------------------------------------------------------------------------------
--------------------[HKEY_USERS\.DEFAULT ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...[-] Unable to open key: HKEY_USERS\.DEFAULT\Software\Microsoft\Protected Storage System Provider\S-1-5-18: Access is denied.

DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_USERS\S-1-5-19 ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_USERS\S-1-5-19_Classes ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_USERS\S-1-5-20 ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_USERS\S-1-5-20_Classes ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_USERS\S-1-5-21-867160560-287344726-2688387772-1006]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...[-] Unable to open key: HKEY_USERS\S-1-5-21-867160560-287344726-2688387772-1006\Software\Microsoft\Protected Storage System Provider\S-1-5-21-867160560-287344726-2688387772-1006: Access is denied.

DONE.
-------------------------------------------------------------------------------

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Fri Mar 12, 2010 1:27 am

--------------------[HKEY_USERS\S-1-5-21-867160560-287344726-2688387772-1006_Classes]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\AppID
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_18
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.0_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.0_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.0_05
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_01
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_01
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_05
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_05
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_06
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_06
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_07
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_07
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_08
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_08
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_09
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_09
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_10
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_10
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_11
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_11
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_12
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_12
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_13
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_13
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_14
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_14
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_15
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_15
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_16
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_16
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_17
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_17
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_18
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_18
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_19
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_19
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_20
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Fri Mar 12, 2010 1:28 am

[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_20
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_21
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_21
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_22
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_22
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_23
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_23
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_24
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_24
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_25
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_25
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_26
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_26
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_27
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_27
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_28
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_28
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_29
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_29
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_30
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.1_30
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.0
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.0
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.0_01
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.0_01
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.0_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.0_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.0_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.0_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.0_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.0_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.1
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.1
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.1_01
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.1_01
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.1_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.1_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.1_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.1_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.1_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.1_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.1_05
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.1_05
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.1_06
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.1_06
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Fri Mar 12, 2010 1:30 am

[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.1_07
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.1_07
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_01
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_01
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_05
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_05
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_06
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_06
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_07
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_07
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_08
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_08
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_09
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_09
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_10
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_10
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_11
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_11
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_12
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_12
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_13
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_13
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_14
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_14
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_15
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_15
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_16
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_16
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_17
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_17
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_18
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_18
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_19
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_19
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_20
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_20
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_21
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_21
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_22
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_22
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_23
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_23
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_24
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_24
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_25
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_25
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_26
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_26
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_27
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_27
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_28
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_28
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_29
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_29
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_30
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2_30
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.4.2
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Fri Mar 12, 2010 1:31 am

[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_01
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_01
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_01
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_05
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_05
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_05
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_06
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_06
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_06
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_07
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_07
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_07
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_08
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_08
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_08
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_09
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_09
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_09
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_10
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_10
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_10
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_11
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_11
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_11
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_12
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_12
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_12
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_13
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_13
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_13
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_14
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_14
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_14
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_15
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_15
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_15
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_16
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_16
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_16
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_17
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_17
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_17
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_18
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_18
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_18
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_19
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_19
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_19
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_20
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_20
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_20
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_21
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_21
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_21
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_22
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_22
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_22
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_23
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_23
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_23
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_24
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_24
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_24
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_25
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_25
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_25
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_26
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_26
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_26
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_27
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_27
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_27
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_28
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_28
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Fri Mar 12, 2010 1:32 am

[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_28
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_29
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_29
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_29
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_30
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_30
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_30
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_01
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_01
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_01
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_05
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_05
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_05
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_06
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_06
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_06
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_07
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_07
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_07
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_08
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_08
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_08
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_09
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_09
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_09
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_10
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_10
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_10
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_11
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_11
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_11
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_12
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_12
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_12
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_13
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_13
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_13
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_14
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_14
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_14
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_15
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_15
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_15
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_16
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_16
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_16
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_17
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_17
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_17
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_18
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_18
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_18
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.0_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\Interface
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\JavaPlugin.160_18
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\JavaPlugin.160_18\CLSID
[.] Found hidden value:
[REG_SZ] (Standard)
{5852F5ED-8BF4-11D4-A245-0080C6F74284}
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\Network
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\Software
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\Software\Microsoft
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\Software\Microsoft\MediaPlayer
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\Software\Microsoft\MediaPlayer\Preferences
[.] Found hidden value:
[REG_DWORD] AcceptedPrivacyStatement
00000001
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\Software\Microsoft\Windows NT
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\Software\Microsoft\Windows NT\CurrentVersion
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\Software\Microsoft\Windows NT\CurrentVersion\Network
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\Software\Microsoft\Windows NT\CurrentVersion\Network\Persistent Connections
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\TypeLib
DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_USERS\S-1-5-18 ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...[-] Unable to open key: HKEY_USERS\S-1-5-18\Software\Microsoft\Protected Storage System Provider\S-1-5-18: Access is denied.

DONE.
-------------------------------------------------------------------------------

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Fri Mar 12, 2010 1:33 am

1:12:42 - Performing check: "Hidden processes":
(01) PID: 0 [00000000] (Idle)
(53) PID: 4 [84AD6B98] (System)
(191) PID: 108 [848695F8] (SchedulerSvc.exe)
(175) PID: 412 [83972768] (svchost.exe)
(175) PID: 448 [84755020] (agrsmsvc.exe)
(191) PID: 460 [8475F020] (Agentsvc.exe)
(191) PID: 496 [8486A8B8] (jqs.exe)
(175) PID: 528 [849F3020] (LSSrvc.exe)
(07) PID: 564 [848B6DA0] (smss.exe)
(191) PID: 620 [83952768] (BackupSvc.exe)
(191) PID: 632 [847CDDA0] (csrss.exe)
(191) PID: 656 [84913C38] (winlogon.exe)
(191) PID: 700 [8479ADA0] (services.exe)
(191) PID: 712 [847B1DA0] (lsass.exe)
(191) PID: 776 [847C5258] (nvsvc32.exe)
(191) PID: 840 [848F6BE0] (RichVideo.exe)
(191) PID: 868 [84765618] (svchost.exe)
(191) PID: 928 [8479D520] (svchost.exe)
(191) PID: 1024 [847B6A88] (svchost.exe)
(175) PID: 1072 [847D6A88] (svchost.exe)
(175) PID: 1128 [847C6618] (svchost.exe)
(191) PID: 1268 [836A24B8] (iexplore.exe)
(191) PID: 1468 [84937618] (explorer.exe)
(191) PID: 1496 [8358D4D0] (iTunesHelper.exe)
(191) PID: 1552 [849E3618] (spoolsv.exe)
(191) PID: 1584 [8354F2E0] (alg.exe)
(191) PID: 1652 [834DE638] (iPodService.exe)
(191) PID: 1700 [84873B78] (RTHDCPL.exe)
(175) PID: 1732 [83974768] (jusched.exe)
(175) PID: 1764 [839CD768] (ctfmon.exe)
(175) PID: 2572 [849A4440] (wuauclt.exe)
(191) PID: 3044 [835B6330] (AppleMobileDeviceService.exe)
(187) PID: 3196 [8346ED38] (radixgui.exe)
(191) PID: 3924 [83380B80] (mDNSResponder.exe)
1:12:45 - Performing check: "Selftest":
Doing a short selftest...
-> Checking IAT

PID 3196 - C:\Documents and Settings\Janet Duross\Desktop\radix_installer\radixgui.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
comdlg32.dll (763B0000 - 763F9000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
COMCTL32.dll (5D090000 - 5D12A000)
SHELL32.dll (7C9C0000 - 7D1D7000)
msvcrt.dll (77C10000 - 77C68000)
SHLWAPI.dll (77F60000 - 77FD6000)
ole32.dll (774E0000 - 7761D000)
VERSION.dll (77C00000 - 77C08000)
dbghelp.dll (59A60000 - 59B01000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
wintrust.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)
NTMARTA.DLL (77690000 - 776B1000)
SAMLIB.dll (71BF0000 - 71C03000)
WLDAP32.dll (76F60000 - 76F8C000)
uxtheme.dll (5AD70000 - 5ADA8000)
MSCTF.dll (74720000 - 7476C000)
msctfime.ime (755C0000 - 755EE000)
OLEAUT32.DLL (77120000 - 771AB000)
Selftest complete.

1:12:47 - Performing check: "MBR":
Partition Table:
+----+-----+------Start------+--------End------+----------+----------+----+
| Nr | Act | Head Sect Track | Head Sect Track | Offset | Length | OS |
+----+-----+-----------------+-----------------+----------+----------+----+
| 1 | N | 001 01 0000 | 254 63 0255 | 0000003F | 01384C3B | 12 |
| 2 | Y | 254 63 0255 | 254 63 0255 | 01384C7A | 08ACE664 | 07 |
| 3 | N | 254 63 0255 | 254 63 0255 | 09E532DE | 08BC57E3 | 07 |
| 4 | N | 000 00 0000 | 000 00 0000 | 00000000 | 00000000 | 00 |
+----+-----+-----------------+-----------------+----------+----------+----+
MBR seems to be OK.
1:12:47 - Performing check: "IRP hooks":
00 \Driver\Beep 84878458 Beep.SYS
01 \Driver\NDIS 8499F470 NDIS.sys
02 \Driver\KSecDD 849BDF38 KSecDD.sys
03 \Driver\Mouclass 8485DF38 mouclass.sys
04 \Driver\Raspti 84876830 raspti.sys
05 \Driver\Fips 84868180 Fips.SYS
06 \Driver\Kbdclass 84A422E0 kbdclass.sys
07 \Driver\IntcAzAudAddService 848CB780 RtkHDAud.sys
08 \Driver\VgaSave 84873880 vga.sys
09 \Driver\NDProxy 8487E700 NDProxy.SYS
10 \Driver\wdmaud 83B5C730 wdmaud.sys
11 \Driver\Ptilink 848634C0 ptilink.sys
12 \Driver\MountMgr 84A8D840 MountMgr.sys
13 \Driver\Processor 849F5030 processr.sys
14 \Driver\isapnp 84AAA068 isapnp.sys
15 \Driver\redbook 84A652A8 redbook.sys
15 >\Driver\NTIDrvr 84925D08 NTIDrvr.sys
16 >\Driver\GEARAspiWDM 848C83F8 GEARAspiWDM.sys
18 \Driver\atapi 84A52A38 atapi.sys
18 >\Driver\ACPIi 84AF2E00 ACPI.sys
19 >\Driver\Imapi 849D6C68 imapi.sys
20 >\Driver\UBHelper 84A52E40 UBHelper.sys
21 >\Driver\Cdromper 84926D30 cdrom.sys
22 >\Driver\redbookr 84A652A8 redbook.sys
15 >\Driver\NTIDrvrr 84925D08 NTIDrvr.sys
16 >\Driver\GEARAspiWDM 848C83F8 GEARAspiWDM.sys
23 \Driver\USBSTOR 84868030 USBSTOR.SYS
23 >\Driver\DiskTOR 84A0D2D8 disk.sys
24 >\Driver\PartMgr 84A52F38 PartMgr.sys
26 \Driver\IpNat 84904F38 ipnat.sys
27 \Driver\RasAcd 849FA3C8 rasacd.sys
28 \Driver\PSched 84899F38 psched.sys
29 \Driver\SDTHelper 834D6A48 sdthlpr.sys
30 \Driver\Win32k 83B54730 win32k.sys
31 \Driver\mouhid 84868DA0 mouhid.sys
31 >\Driver\Mouclass 8485DF38 mouclass.sys
32 \Driver\NVENETFD 84905858 NVENETFD.sys
33 \Driver\audstub 848CCD28 audstub.sys
34 \Driver\usbohci 84A40208 usbohci.sys
34 >\Driver\usbhubi 849D7F38 usbhub.sys
35 \Driver\usbhub 849D7F38 usbhub.sys
35 >\Driver\USBSTOR 84868030 USBSTOR.SYS
36 \Driver\swenum 8485CDA0 swenum.sys
36 >\Driver\sysaudio 83B59730 sysaudio.sys
38 \Driver\HTTP 84A875E0 HTTP.sys
39 \Driver\RDPCDD 849F94C0 RDPCDD.sys
40 \Driver\Update 8485BF38 update.sys
41 \Driver\RasPppoe 84A4F030 raspppoe.sys
37 \Driver\sysaudio 83B59730 sysaudio.sys
42 \Driver\TermDD 84862658 termdd.sys
42 >\Driver\Mouclass 8485DF38 mouclass.sys
43 \Driver\Modem 848AD6B0 Modem.SYS
44 \Driver\Ftdisk 84A8D5A0 ftdisk.sys
44 >\Driver\VolSnap 84A52D48 VolSnap.sys
46 \Driver\WmiAcpi 84A5ADA0 wmiacpi.sys
47 \Driver\Rasl2tp 848CD258 rasl2tp.sys
48 \Driver\nvnetbus 8492D300 nvnetbus.sys
48 >\Driver\NVENETFD 84905858 NVENETFD.sys
49 \Driver\PptpMiniport 84A36128 raspptp.sys
50 \Driver\WMIxWDM 84AF51A8 ntkrnlpa.exe
51 \Driver\ACPI_HAL 84AC0158 hal.dll
51 >\Driver\ACPI_HAL 84AF2E00 ACPI.sys
52 \Driver\NetBT 849043C8 netbt.sys
22 \Driver\Cdrom 84926D30 cdrom.sys
22 >\Driver\redbook 84A652A8 redbook.sys
15 >\Driver\NTIDrvr 84925D08 NTIDrvr.sys
16 >\Driver\GEARAspiWDM 848C83F8 GEARAspiWDM.sys
53 \Driver\mssmbios 8485ADA0 mssmbios.sys
54 \Driver\PCIIde 84A8F2B0 pciide.sys
54 >\Driver\ACPIde 84AF2E00 ACPI.sys
19 >\Driver\atapie 84A52A38 atapi.sys
55 \Driver\AgereSoftModem 848AF3B8 AGRSM.sys
55 >\Driver\ModemSoftModem 848AD6B0 Modem.SYS
56 \Driver\Wanarp 84904CA8 wanarp.sys
57 \Driver\Tcpip 849FAF38 tcpip.sys
58 \Driver\mnmdd 849F9750 mnmdd.SYS
45 \Driver\VolSnap 84A52D48 VolSnap.sys
59 \Driver\nv 849CFBB0 nv4_mini.sys
60 \Driver\TDTCP 84955D60 TDTCP.SYS
20 \Driver\Imapi 849D6C68 imapi.sys
20 >\Driver\UBHelper 84A52E40 UBHelper.sys
21 >\Driver\Cdromper 84926D30 cdrom.sys
22 >\Driver\redbookr 84A652A8 redbook.sys
15 >\Driver\NTIDrvrr 84925D08 NTIDrvr.sys
16 >\Driver\GEARAspiWDM 848C83F8 GEARAspiWDM.sys
61 \Driver\RDPWD 84A168E0 RDPWD.SYS
62 \Driver\Null 848BAAC8 Null.SYS
21 \Driver\UBHelper 84A52E40 UBHelper.sys
21 >\Driver\Cdromper 84926D30 cdrom.sys
22 >\Driver\redbookr 84A652A8 redbook.sys
15 >\Driver\NTIDrvrr 84925D08 NTIDrvr.sys
16 >\Driver\GEARAspiWDM 848C83F8 GEARAspiWDM.sys
63 \Driver\usbehci 849FE558 usbehci.sys
63 >\Driver\usbhubi 849D7F38 usbhub.sys
24 \Driver\Disk 84A0D2D8 disk.sys
64 \Driver\IPSec 849F9030 ipsec.sys
17 \Driver\GEARAspiWDM 848C83F8 GEARAspiWDM.sys F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Fri Mar 12, 2010 1:34 am

F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F7928A08 probably by C:\WINDOWS\System32\Drivers\GEARAspiWDM.sysThe code of the following module at F7928A08 (0) got patched. Here is the diff:
Address New-Original
F7928A08: C2 - FB
F7928A09: 04 - FF
F7928A0A: 00 - FF
F7928A0B: CC - 0A
F7928A0C: CC - 00
F7928A0D: CC - 00
F7928A0E: CC - 00
F7928A0F: CC - E9
F7928A10: 8B - 7E
F7928A11: FF - 02
F7928A12: 55 - 00
F7928A13: 8B - 00
F7928A14: EC - 8B
F7928A15: 83 - 01
F7928A16: EC - 83
F7928A17: 10 - C1
F7928A18: 56 - 04
F7928A19: 57 - 89
F7928A1A: 33 - 8D
F7928A1B: FF - E4
F7928A1C: 57 - FB
F7928A1D: 57 - FF
F7928A1E: 8D - FF
F7928A1F: 45 - 85
F7928A20: F0 - C0
F7928A21: 50 - 74
F7928A22: FF - 6F
F7928A23: 15 - 8B
F7928A24: 00 - 70
F7928A25: 85 - 04
F7928A26: 92 - 85
F7928A27: F7 - F6
--> JMP DWORD PTR DS:[F7928500]
-------------------------------------------------------------------------------
Information for module GEARAspiWDM.sys:
-------------------------------------------------------------------------------
Index: 39
Base address: F7927000
Size: 00003000
Flags: 09104000
Load count: 1
Imagename: \SystemRoot\System32\Drivers\GEARAspiWDM.sys
Name: CD DVD Filter
Version: 2.02.00.01
Company: GEAR Software Inc.
File Version: 2.02.00.01
Description: CD DVD Filter
Possible path: C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys
Signed: YES



65 \Driver\PCI 84A0DB98 pci.sys
65 >\Driver\AgereSoftModem 848AF3B8 AGRSM.sys
55 >\Driver\ModemSoftModem 848AD6B0 Modem.SYS
25 \Driver\PartMgr 84A52F38 PartMgr.sys
66 \Driver\NdisTapi 848CC8F8 ndistapi.sys
67 \Driver\NdisWan 848AF598 ndiswan.sys
16 \Driver\NTIDrvr 84925D08 NTIDrvr.sys
16 >\Driver\GEARAspiWDM 848C83F8 GEARAspiWDM.sys
68 \Driver\Gpc 848C4890 msgpc.sys
69 \Driver\HDAudBus 849A1C20 HDAudBus.sys
69 >\Driver\IntcAzAudAddService 848CB780 RtkHDAud.sys
19 \Driver\ACPI 84AF2E00 ACPI.sys
19 >\Driver\Imapi 849D6C68 imapi.sys
20 >\Driver\UBHelper 84A52E40 UBHelper.sys
21 >\Driver\Cdromper 84926D30 cdrom.sys
22 >\Driver\redbookr 84A652A8 redbook.sys
15 >\Driver\NTIDrvrr 84925D08 NTIDrvr.sys
16 >\Driver\GEARAspiWDM 848C83F8 GEARAspiWDM.sys
70 \Driver\PnpManager 84AC23E0 ntkrnlpa.exe
70 >\Driver\mssmbioser 8485ADA0 mssmbios.sys
71 \Driver\Ndisuio 84913260 ndisuio.sys
72 \Driver\AFD 84904838 afd.sys
73 \Driver\HidUsb 84A59360 hidusb.sys
73 >\Driver\mouhid 84868DA0 mouhid.sys
31 >\Driver\Mouclass 8485DF38 mouclass.sys
74 \Driver\i8042prt 84A5AB10 i8042prt.sys
74 >\Driver\Kbdclass 84A422E0 kbdclass.sys
75 \FileSystem\Ntfs 849C0168 Ntfs.sys
75 >\FileSystem\FltMgr 849C1280 fltMgr.sys
76 >\FileSystem\srtMgr 84A3AA50 sr.sys
78 \FileSystem\Fastfat 83582F38 Fastfat.SYS
78 >\FileSystem\FltMgrt 849C1280 fltMgr.sys
79 \FileSystem\NetBIOS 84868930 netbios.sys
77 \FileSystem\sr 84A3AA50 sr.sys
80 \FileSystem\Rdbss 848686A0 rdbss.sys
81 \FileSystem\Msfs 849F9BC0 Msfs.SYS
82 \FileSystem\MRxSmb 84868410 mrxsmb.sys
83 \FileSystem\Srv 84A63D60 srv.sys
84 \FileSystem\Mup 84A8D030 Mup.sys
85 \FileSystem\RAW 84AF31D8 ntkrnlpa.exe
86 \FileSystem\Npfs 849FA658 Npfs.SYS
87 \FileSystem\Fs_Rec 848CB918 Fs_Rec.SYS
88 \FileSystem\Cdfs 848B1AC8 Cdfs.SYS
88 >\FileSystem\FltMgr 849C1280 fltMgr.sys
76 \FileSystem\FltMgr 849C1280 fltMgr.sys
89 \FileSystem\MRxDAV 84A02A58 mrxdav.sys
89 >\FileSystem\FltMgr 849C1280 fltMgr.sys
1:13:36 - Performing check: "Patched modules":
Module information:

Idx Base Size Module Service Pre Sig Patched
000 804D7000 0020D000 ntkrnlpa.exe YES YES
001 806E4000 00020D00 hal.dll YES YES
002 F7987000 00002000 KDCOM.DLL YES YES
003 F7897000 00003000 BOOTVID.dll YES YES
004 F7358000 0002E000 ACPI.sys ACPI YES YES
005 F7989000 00002000 WMILIB.SYS YES YES
006 F7347000 00011000 pci.sys PCI YES YES
007 F7487000 0000A000 isapnp.sys isapnp YES YES
008 F7A4F000 00001000 pciide.sys PCIIde YES YES
009 F7707000 00007000 PCIIDEX.SYS YES YES
010 F7497000 0000B000 MountMgr.sys MountMgr YES YES
011 F7328000 0001F000 ftdisk.sys Ftdisk YES YES
012 F770F000 00005000 PartMgr.sys PartMgr YES YES
013 F798B000 00002000 UBHelper.sys UBHelper YES YES
014 F74A7000 0000D000 VolSnap.sys VolSnap YES YES
015 F7310000 00018000 atapi.sys atapi YES YES
016 F74B7000 00009000 disk.sys Disk YES YES
017 F74C7000 0000D000 CLASSPNP.SYS YES YES
018 F72F0000 00020000 fltMgr.sys FltMgr YES YES
019 F72DE000 00012000 sr.sys sr YES YES
020 F72C7000 00017000 KSecDD.sys KSecDD YES YES
021 F723A000 0008D000 Ntfs.sys Ntfs YES YES
022 F720D000 0002D000 NDIS.sys NDIS YES YES
023 F71F3000 0001A000 Mup.sys Mup YES YES
024 F7617000 00009000 processr.sys Processor YES YES
025 F791F000 00003000 wmiacpi.sys WmiAcpi YES YES
026 F7627000 0000D000 i8042prt.sys i8042prt YES YES
027 F7787000 00006000 kbdclass.sys Kbdclass YES YES
028 F778F000 00005000 usbohci.sys usbohci YES YES
029 F6B35000 00024000 USBPORT.SYS YES YES
030 F7797000 00008000 usbehci.sys usbehci YES YES
031 F6B0D000 00028000 HDAudBus.sys HDAudBus YES YES
032 F7637000 0000A000 nvnetbus.sys nvnetbus YES YES
033 F6A25000 000E8000 NVNRM.SYS YES YES
034 F7647000 0000B000 imapi.sys Imapi YES YES
035 F7657000 00010000 cdrom.sys Cdrom YES YES
036 F7667000 0000F000 redbook.sys redbook YES YES
037 F6A02000 00023000 ks.sys YES YES
038 F7995000 00002000 NTIDrvr.sys NTIDrvr YES YES
039 F7927000 00003000 GEARAspiWDM.sys GEARAspiWDM YES YES
040 F689F000 00126000 AGRSM.sys AgereSoftModem YES YES
041 F7997000 00002000 USBD.SYS YES YES
042 F779F000 00008000 Modem.SYS Modem YES YES
043 F6212000 0068D000 nv4_mini.sys nv YES YES
044 F61FE000 00014000 VIDEOPRT.SYS YES YES
045 F7ABC000 00001000 audstub.sys audstub YES YES
046 F7677000 0000D000 rasl2tp.sys Rasl2tp YES YES
047 F793B000 00003000 ndistapi.sys NdisTapi YES YES
048 F61E7000 00017000 ndiswan.sys NdisWan YES YES
049 F7687000 0000B000 raspppoe.sys RasPppoe YES YES
050 F7697000 0000C000 raspptp.sys PptpMiniport YES YES
051 F77A7000 00005000 TDI.SYS YES YES
052 F61D6000 00011000 psched.sys PSched YES YES
053 F76A7000 00009000 msgpc.sys Gpc YES YES
054 F77AF000 00005000 ptilink.sys Ptilink YES YES
055 F77B7000 00005000 raspti.sys Raspti YES YES
056 F76B7000 0000A000 termdd.sys TermDD YES YES
057 F77BF000 00006000 mouclass.sys Mouclass YES YES
058 F7999000 00002000 swenum.sys swenum YES YES
059 F6159000 0005E000 update.sys Update YES YES
060 F794B000 00004000 mssmbios.sys mssmbios YES YES
061 F76D7000 0000A000 NDProxy.SYS NDProxy YES YES
062 F76E7000 0000F000 usbhub.sys usbhub YES YES
063 F74F7000 0000E000 NVENETFD.sys NVENETFD YES YES
064 F294F000 004BD000 RtkHDAud.sys IntcAzAudAddService YES YES
065 F292B000 00024000 portcls.sys YES YES
066 F7507000 0000F000 drmk.sys YES YES
067 F79B3000 00002000 Fs_Rec.SYS Fs_Rec YES YES
068 F7AAE000 00001000 Null.SYS Null YES YES
069 F79B5000 00002000 Beep.SYS Beep YES YES
070 F7817000 00006000 vga.sys VgaSave YES YES
071 F79B7000 00002000 mnmdd.SYS mnmdd YES YES
072 F79B9000 00002000 RDPCDD.sys RDPCDD YES YES
073 F781F000 00005000 Msfs.SYS Msfs YES YES
074 F7827000 00008000 Npfs.SYS Npfs YES YES
075 F6B65000 00003000 rasacd.sys RasAcd YES YES
076 F2876000 00013000 ipsec.sys IPSec YES YES
077 F281D000 00059000 tcpip.sys Tcpip YES YES
078 F27F5000 00028000 netbt.sys NetBT YES YES
079 F27D3000 00022000 afd.sys AFD YES YES
080 F7547000 00009000 netbios.sys NetBIOS YES YES
081 F27A8000 0002B000 rdbss.sys Rdbss YES YES
082 F2738000 00070000 mrxsmb.sys MRxSmb YES YES
083 F7557000 0000B000 Fips.SYS Fips YES YES
084 F2712000 00026000 ipnat.sys IpNat YES YES
085 F7567000 00009000 wanarp.sys Wanarp YES YES
086 F6141000 00003000 hidusb.sys HidUsb YES YES
087 F7587000 00009000 HIDCLASS.SYS YES YES
088 F782F000 00007000 HIDPARSE.SYS YES YES
089 F7597000 00010000 Cdfs.SYS Cdfs YES YES
090 F7837000 00007000 USBSTOR.SYS USBSTOR YES YES
091 F6135000 00003000 mouhid.sys mouhid YES YES
092 F2632000 00018000 dump_atapi.sys NO NO
093 F79C9000 00002000 dump_WMILIB.SYS NO NO
094 BF800000 001C4000 win32k.sys YES YES
095 F28ED000 00003000 Dxapi.sys YES YES
096 F7847000 00005000 watchdog.sys YES YES
097 BF9C4000 00012000 dxg.sys YES YES
098 F7B61000 00001000 dxgthk.sys YES YES
099 BF9D6000 00585000 nv4_disp.dll YES YES
100 BFFA0000 00046000 ATMFD.DLL YES YES
101 BAEFC000 00004000 ndisuio.sys Ndisuio YES YES
102 BABB3000 00015000 wdmaud.sys wdmaud YES YES
103 F7607000 0000F000 sysaudio.sys sysaudio YES YES
104 BA956000 0002D000 mrxdav.sys MRxDAV YES YES
105 BA8D7000 00057000 srv.sys Srv YES YES
106 BA4AE000 00041000 HTTP.sys HTTP YES YES
107 F7867000 00006000 TDTCP.SYS TDTCP YES YES
108 BA3C3000 00023000 RDPWD.SYS RDPWD YES YES
109 B9212000 00024000 Fastfat.SYS Fastfat YES YES
110 BA803000 00004000 sdthlpr.sys SDTHelper YES NO
111 7C900000 000B2000 ntdll.dll YES YES

Number of Module Table entries patched = 0
1:14:4 - Performing check: "SDT hooks":
Found KiServiceTable @ 8055C700

0 ZwAcceptConnectPort 805A4614
1 ZwAccessCheck 805F0AEA
2 ZwAccessCheckAndAuditAlarm 805F4320
3 ZwAccessCheckByType 805F0B1C
4 ZwAccessCheckByTypeAndAuditAlarm 805F435A
5 ZwAccessCheckByTypeResultList 805F0B52
6 ZwAccessCheckByTypeResultListAndAuditAlarm 805F439E
7 ZwAccessCheckByTypeResultListAndAuditAlarmByHandle 805F43E2
8 ZwAddAtom 806153D2
9 ZwAddBootEntry 80616114
10 ZwAdjustGroupsToken 805EBEE8
11 ZwAdjustPrivilegesToken 805EBB40
12 ZwAlertResumeThread 805D4B48
13 ZwAlertThread 805D4AF8
14 ZwAllocateLocallyUniqueId 806159F8
15 ZwAllocateUserPhysicalPages 805B5F80
16 ZwAllocateUuids 80615014
17 ZwAllocateVirtualMemory 805A8A9E
18 ZwAreMappedFilesTheSame 805B0594
19 ZwAssignProcessToJobObject 805D660C
20 ZwCallbackReturn 8050189C
21 ZwCancelDeviceWakeupRequest 80616106
22 ZwCancelIoFile 80576AE6
23 ZwCancelTimer 80538BEE
24 ZwClearEvent 8060E5E2
25 ZwClose 805BC4FA
26 ZwCloseObjectAuditAlarm 805F485A
27 ZwCompactKeys 80623386
28 ZwCompareTokens 805F8D6E
29 ZwCompleteConnectPort 805A4D02
30 ZwCompressKey 806235DA
31 ZwConnectPort 805A45B4
32 ZwContinue 80544EA4
33 ZwCreateDebugObject 80641EAC
34 ZwCreateDirectoryObject 805BE4AA
35 ZwCreateEvent 8060E632
36 ZwCreateEventPair 8061698A
37 ZwCreateFile 80579084
38 ZwCreateIoCompletion 80578A62
39 ZwCreateJobObject 805D55D0
40 ZwCreateJobSet 805D5308
41 ZwCreateKey 806237B6
42 ZwCreateMailslotFile 80579192
43 ZwCreateMutant 80616D82
44 ZwCreateNamedPipeFile 805790BE
45 ZwCreatePagingFile 805AB9D2
46 ZwCreatePort 805A50D0
47 ZwCreateProcess 805D11FA
48 ZwCreateProcessEx 805D1144
49 ZwCreateProfile 806171A2
50 ZwCreateSection 805AB3AC
51 ZwCreateSemaphore 80614732
52 ZwCreateSymbolicLinkObject 805C39C4
53 ZwCreateThread 805D0FE2
54 ZwCreateTimer 80616652
55 ZwCreateToken 805F9116
56 ZwCreateWaitablePort 805A50F4
57 ZwDebugActiveProcess 80642F88
58 ZwDebugContinue 806430D8
59 ZwDelayExecution 80616056
60 ZwDeleteAtom 80615888
61 ZwDeleteBootEntry 80616106
62 ZwDeleteFile 80576C2C
63 ZwDeleteKey 80623C46
64 ZwDeleteObjectAuditAlarm 805F4966
65 ZwDeleteValueKey 80623E16
66 ZwDeviceIoControlFile 8057924A
67 ZwDisplayString 806126B0
68 ZwDuplicateObject 805BDFD2
69 ZwDuplicateToken 805ECD96
70 ZwEnumerateBootEntries 80616114
71 ZwEnumerateKey 80623FF6
72 ZwEnumerateSystemEnvironmentValuesEx 806160F8
73 ZwEnumerateValueKey 80624260
74 ZwExtendSection 805B3CA0
75 ZwFilterToken 805ECF42
76 ZwFindAtom 8061563C
77 ZwFlushBuffersFile 80576CF8
78 ZwFlushInstructionCache 805B6814
79 ZwFlushKey 806244CA
80 ZwFlushVirtualMemory 805AC6E6
81 ZwFlushWriteBuffer 805B67B6
82 ZwFreeUserPhysicalPages 805B6322
83 ZwFreeVirtualMemory 805B2F7C
84 ZwFsControlFile 8057927E
85 ZwGetContextThread 805D14F4
86 ZwGetDevicePowerState 805C864E
87 ZwGetPlugPlayEvent 80599116
88 ZwGetWriteWatch 80521196
89 ZwImpersonateAnonymousToken 805F8A62
90 ZwImpersonateClientOfPort 805A515E
91 ZwImpersonateThread 805D77CC
92 ZwInitializeRegistry 8062190C
93 ZwInitiatePowerAction 805C8434
94 ZwIsProcessInJob 805D51CC
95 ZwIsSystemResumeAutomatic 805C863A
96 ZwListenPort 805A536A
97 ZwLoadDriver 8058413A
98 ZwLoadKey 806259B2
99 ZwLoadKey2 806255BE
100 ZwLockFile 805792B2
101 ZwLockProductActivationKeys 80612CA2
102 ZwLockRegistryKey 80623686
103 ZwLockVirtualMemory 805B691C
104 ZwMakePermanentObject 805BE2A0
105 ZwMakeTemporaryObject 805BC59E
106 ZwMapUserPhysicalPages 805B53E0
107 ZwMapUserPhysicalPagesScatter 805B5930
108 ZwMapViewOfSection 805B2004
109 ZwModifyBootEntry 80616106
110 ZwNotifyChangeDirectoryFile 80579ECA
111 ZwNotifyChangeKey 8062597C
112 ZwNotifyChangeMultipleKeys 806245CC
113 ZwOpenDirectoryObject 805BE57C
114 ZwOpenEvent 8060E732
115 ZwOpenEventPair 80616A62
116 ZwOpenFile 8057A182
117 ZwOpenIoCompletion 80578B3A
118 ZwOpenJobObject 805D5756
119 ZwOpenKey 80624B88
120 ZwOpenMutant 80616E5A
121 ZwOpenObjectAuditAlarm 805F4428
122 ZwOpenProcess 805CB40A
123 ZwOpenProcessToken 805ED730
124 ZwOpenProcessTokenEx 805ED394
125 ZwOpenSection 805AA3D0
126 ZwOpenSemaphore 8061482C
127 ZwOpenSymbolicLinkObject 805C3BAA
128 ZwOpenThread 805CB696
129 ZwOpenThreadToken 805ED74E
130 ZwOpenThreadTokenEx 805ED504
131 ZwOpenTimer 80616774
132 ZwPlugPlayControl 8064517A
133 ZwPowerInformation 805C94BC
134 ZwPrivilegeCheck 805F7B14
135 ZwPrivilegeObjectAuditAlarm 805F373A
136 ZwPrivilegedServiceAuditAlarm 805F3926
137 ZwProtectVirtualMemory 805B83E8
138 ZwPulseEvent 8060E7EA
139 ZwQueryAttributesFile 80576ED6
140 ZwQueryBootEntryOrder 80616114
141 ZwQueryBootOptions 80616114
142 ZwQueryDebugFilterState 8053FBD6
143 ZwQueryDefaultLocale 806103DC
144 ZwQueryDefaultUILanguage 8061103C
145 ZwQueryDirectoryFile 80579E64
146 ZwQueryDirectoryObject 805BE61C
147 ZwQueryEaFile 8057A1B2
148 ZwQueryEvent 8060E8B2
149 ZwQueryFullAttributesFile 8057702A
150 ZwQueryInformationAtom 806158B0
151 ZwQueryInformationFile 8057AA1E
152 ZwQueryInformationJobObject 805D5C28
153 ZwQueryInformationPort 805A53C8
154 ZwQueryInformationProcess 805CCF5E
155 ZwQueryInformationThread 805CBB8C
156 ZwQueryInformationToken 805ED82E
157 ZwQueryInstallUILanguage 806107DA
158 ZwQueryIntervalProfile 80617624
159 ZwQueryIoCompletion 80578BE2
160 ZwQueryKey 80624EAE
161 ZwQueryMultipleValueKey 80622904
162 ZwQueryMutant 80616F02
163 ZwQueryObject 805C5296
164 ZwQueryOpenSubKeys 80622FB0
165 ZwQueryPerformanceCounter 806176B2
166 ZwQueryQuotaInformationFile 8057B800
167 ZwQuerySection 805B85AA
168 ZwQuerySecurityObject 805C0064
169 ZwQuerySemaphore 806148E4
170 ZwQuerySymbolicLinkObject 805C3C4A
171 ZwQuerySystemEnvironmentValue 80616130
172 ZwQuerySystemEnvironmentValueEx 806160EA
173 ZwQuerySystemInformation 806110BC
174 ZwQuerySystemTime 8061287C
175 ZwQueryTimer 8061682C
176 ZwQueryTimerResolution 8061290E
177 ZwQueryValueKey 806219EE
178 ZwQueryVirtualMemory 805B8C38
179 ZwQueryVolumeInformationFile 8057BCEA
180 ZwQueueApcThread 805D1240
181 ZwRaiseException 80544EEC
182 ZwRaiseHardError 80614556
183 ZwReadFile 8057C48A
184 ZwReadFileScatter 8057C9F4
185 ZwReadRequestData 805A5E50
186 ZwReadVirtualMemory 805B428C
187 ZwRegisterThreadTerminatePort 805D2762
188 ZwReleaseMutant 8061703A
189 ZwReleaseSemaphore 80614A14
190 ZwRemoveIoCompletion 80578EDA
191 ZwRemoveProcessDebug 80643058
192 ZwRenameKey 806231D8
193 ZwReplaceKey 80625862
194 ZwReplyPort 805A54D0
195 ZwReplyWaitReceivePort 805A6498
196 ZwReplyWaitReceivePortEx 805A5EA0
197 ZwReplyWaitReplyPort 805A57BA
198 ZwRequestDeviceWakeup 805C85CC
199 ZwRequestPort 805A2A2E
200 ZwRequestWaitReplyPort 805A2D5A
201 ZwRequestWakeupLatency 805C83DA
202 ZwResetEvent 8060E9C4
203 ZwResetWriteWatch 8052167E
204 ZwRestoreKey 8062516E
205 ZwResumeProcess 805D4AA2
206 ZwResumeThread 805D4984
207 ZwSaveKey 8062526A
208 ZwSaveKeyEx 80625350
209 ZwSaveMergedKeys 80625478
210 ZwSecureConnectPort 805A3D48
211 ZwSetBootEntryOrder 80616114
212 ZwSetBootOptions 80616114
213 ZwSetContextThread 805D1704
214 ZwSetDebugFilterState 80645D10
215 ZwSetDefaultHardErrorPort 80614400
216 ZwSetDefaultLocale 8061052C
217 ZwSetDefaultUILanguage 80610D9E
218 ZwSetEaFile 8057A6C6
219 ZwSetEvent 8060EA84
220 ZwSetEventBoostPriority 8060EB4E
221 ZwSetHighEventPair 80616D1E
222 ZwSetHighWaitLowEventPair 80616C4E
223 ZwSetInformationDebugObject 80642A22
224 ZwSetInformationFile 8057B010
225 ZwSetInformationJobObject 805D6936
226 ZwSetInformationKey 806224D0
227 ZwSetInformationObject 805C480C
228 ZwSetInformationProcess 805CDE54
229 ZwSetInformationThread 805CC0D8
230 ZwSetInformationToken 805F9E90
231 ZwSetIntervalProfile 80617186
232 ZwSetIoCompletion 80578E78
233 ZwSetLdtEntries 805D38CE
234 ZwSetLowEventPair 80616CBA
235 ZwSetLowWaitHighEventPair 80616BE2
236 ZwSetQuotaInformationFile 8057B7DE
237 ZwSetSecurityObject 805C05F8
238 ZwSetSystemEnvironmentValue 806163B4
239 ZwSetSystemEnvironmentValueEx 806160EA
240 ZwSetSystemInformation 8060F3EA
241 ZwSetSystemPowerState 80652E18
242 ZwSetSystemTime 80613B84
243 ZwSetThreadExecutionState 805C82EE
244 ZwSetTimer 80538D7E
245 ZwSetTimerResolution 80613056
246 ZwSetUuidSeed 80614ECA
247 ZwSetValueKey 80621D3C
248 ZwSetVolumeInformationFile 8057C0F4
249 ZwShutdownSystem 80612674
250 ZwSignalAndWaitForSingleObject 80526774
251 ZwStartProfile 806173D0
252 ZwStopProfile 8061757A
253 ZwSuspendProcess 805D4A4C
254 ZwSuspendThread 805D48BE
255 ZwSystemDebugControl 8061779E
256 ZwTerminateJobObject 805D74CA
257 ZwTerminateProcess 805D29AC
258 ZwTerminateThread 805D2BA6
259 ZwTestAlert 805D4C0C
260 ZwTraceEvent 80535114
261 ZwTranslateFilePath 80616122
262 ZwUnloadDriver 805842CE
263 ZwUnloadKey 80622066
264 ZwUnloadKeyEx 80622280
265 ZwUnlockFile 80579656
266 ZwUnlockVirtualMemory 805B6EAA
267 ZwUnmapViewOfSection 805B2E12
268 ZwVdmControl 805FB248
269 ZwWaitForDebugEvent 8064278A
270 ZwWaitForMultipleObjects 805C07AE
271 ZwWaitForSingleObject 805C06C4
272 ZwWaitHighEventPair 80616B7E
273 ZwWaitLowEventPair 80616B1A
274 ZwWriteFile 8057CEF2
275 ZwWriteFileGather 8057D4D6
276 ZwWriteRequestData 805A5E78
277 ZwWriteVirtualMemory 805B4396
278 ZwYieldExecution 80504AF4
279 ZwCreateKeyedEvent 80617BF6
280 ZwOpenKeyedEvent 80617CE0
281 ZwReleaseKeyedEvent 80617D92
282 ZwWaitForKeyedEvent 80617FEE
283 ZwQueryPortInformationProcess 805CB90C

Number of Service Table entries hooked = 0
Number of Service Table entries patched = 0
1:14:10 - Performing check: "IDT hooks":
IDT offset in kernel: 0x0653AF54
IDT address: 0x8003F400 (phys.: 0x02A5F400)

INT# SegType DPL ISR
000(00) IntG32 00 0008:805421C0
001(01) IntG32 00 0008:8054233C
002(02) TaskG32 00 0058:805528A6
003(03) IntG32 03 0008:80542750
004(04) IntG32 03 0008:805428D0
005(05) IntG32 00 0008:80542A30
006(06) IntG32 00 0008:80542BA4
007(07) IntG32 00 0008:8054321C
008(08) TaskG32 00 0050:80552898
009(09) IntG32 00 0008:80543620
010(0A) IntG32 00 0008:80543740
011(0B) IntG32 00 0008:80543880
012(0C) IntG32 00 0008:80543AE0
013(0D) IntG32 00 0008:80543DCC
014(0E) IntG32 00 0008:805444E0
015(0F) IntG32 00 0008:80544818
016(10) IntG32 00 0008:80544938
017(11) IntG32 00 0008:80544A74
018(12) TaskG32 00 00A0:050138C0 (hooked)
019(13) IntG32 00 0008:80544BDC
020(14) IntG32 00 0008:80544818
021(15) IntG32 00 0008:80544818
022(16) IntG32 00 0008:80544818
023(17) IntG32 00 0008:80544818
024(18) IntG32 00 0008:80544818
025(19) IntG32 00 0008:80544818
026(1A) IntG32 00 0008:80544818
027(1B) IntG32 00 0008:80544818
028(1C) IntG32 00 0008:80544818
029(1D) IntG32 00 0008:80544818
030(1E) IntG32 00 0008:80544818
031(1F) IntG32 00 0008:806E610C
032(20) Not present
033(21) Not present
034(22) Not present
035(23) Not present
036(24) Not present
037(25) Not present
038(26) Not present
039(27) Not present
040(28) Not present
041(29) Not present
042(2A) IntG32 03 0008:805419EE
043(2B) IntG32 03 0008:80541AF0
044(2C) IntG32 03 0008:80541CA0
045(2D) IntG32 03 0008:8054262C
046(2E) IntG32 03 0008:80541471
047(2F) IntG32 00 0008:80544818
048(30) IntG32 00 0008:80540B30
049(31) IntG32 00 0008:80540B3A
050(32) IntG32 00 0008:80540B44
051(33) IntG32 00 0008:80540B4E
052(34) IntG32 00 0008:80540B58
053(35) IntG32 00 0008:80540B62
054(36) IntG32 00 0008:80540B6C
055(37) IntG32 00 0008:806E5864
056(38) IntG32 00 0008:80540B80
057(39) IntG32 00 0008:80540B8A
058(3A) IntG32 00 0008:80540B94
059(3B) IntG32 00 0008:80540B9E
060(3C) IntG32 00 0008:80540BA8
061(3D) IntG32 00 0008:806E6E2C
062(3E) IntG32 00 0008:80540BBC
063(3F) IntG32 00 0008:80540BC6
064(40) IntG32 00 0008:80540BD0
065(41) IntG32 00 0008:806E6C88
066(42) IntG32 00 0008:80540BE4
067(43) IntG32 00 0008:80540BEE
068(44) IntG32 00 0008:80540BF8
069(45) IntG32 00 0008:80540C02
070(46) IntG32 00 0008:80540C0C
071(47) IntG32 00 0008:80540C16
072(48) IntG32 00 0008:80540C20
073(49) IntG32 00 0008:80540C2A
074(4A) IntG32 00 0008:80540C34
075(4B) IntG32 00 0008:80540C3E
076(4C) IntG32 00 0008:80540C48
077(4D) IntG32 00 0008:80540C52
078(4E) IntG32 00 0008:80540C5C
079(4F) IntG32 00 0008:80540C66
080(50) IntG32 00 0008:806E593C
081(51) IntG32 00 0008:80540C7A
082(52) IntG32 00 0008:80540C84
083(53) IntG32 00 0008:80540C8E
084(54) IntG32 00 0008:80540C98
085(55) IntG32 00 0008:80540CA2
086(56) IntG32 00 0008:80540CAC
087(57) IntG32 00 0008:80540CB6
088(58) IntG32 00 0008:80540CC0
089(59) IntG32 00 0008:80540CCA
090(5A) IntG32 00 0008:80540CD4
091(5B) IntG32 00 0008:80540CDE
092(5C) IntG32 00 0008:80540CE8
093(5D) IntG32 00 0008:80540CF2
094(5E) IntG32 00 0008:80540CFC
095(5F) IntG32 00 0008:80540D06
096(60) IntG32 00 0008:80540D10
097(61) IntG32 00 0008:80540D1A
098(62) IntG32 00 0008:80540D24
099(63) IntG32 00 0008:848E24A4 (hooked)
100(64) IntG32 00 0008:80540D38
101(65) IntG32 00 0008:80540D42
102(66) IntG32 00 0008:80540D4C
103(67) IntG32 00 0008:80540D56
104(68) IntG32 00 0008:80540D60
105(69) IntG32 00 0008:80540D6A
106(6A) IntG32 00 0008:80540D74
107(6B) IntG32 00 0008:80540D7E
108(6C) IntG32 00 0008:80540D88
109(6D) IntG32 00 0008:80540D92
110(6E) IntG32 00 0008:80540D9C
111(6F) IntG32 00 0008:80540DA6
112(70) IntG32 00 0008:80540DB0
113(71) IntG32 00 0008:80540DBA
114(72) IntG32 00 0008:80540DC4
115(73) IntG32 00 0008:84887A0C (hooked)
116(74) IntG32 00 0008:80540DD8
117(75) IntG32 00 0008:80540DE2
118(76) IntG32 00 0008:80540DEC
119(77) IntG32 00 0008:80540DF6
120(78) IntG32 00 0008:80540E00
121(79) IntG32 00 0008:80540E0A
122(7A) IntG32 00 0008:80540E14
123(7B) IntG32 00 0008:80540E1E
124(7C) IntG32 00 0008:80540E28
125(7D) IntG32 00 0008:80540E32
126(7E) IntG32 00 0008:80540E3C
127(7F) IntG32 00 0008:80540E46
128(80) IntG32 00 0008:80540E50
129(81) IntG32 00 0008:80540E5A
130(82) IntG32 00 0008:80540E64
131(83) IntG32 00 0008:84A2DB3C (hooked)
132(84) IntG32 00 0008:80540E78
133(85) IntG32 00 0008:80540E82
134(86) IntG32 00 0008:80540E8C
135(87) IntG32 00 0008:80540E96
136(88) IntG32 00 0008:80540EA0
137(89) IntG32 00 0008:80540EAA
138(8A) IntG32 00 0008:80540EB4
139(8B) IntG32 00 0008:80540EBE
140(8C) IntG32 00 0008:80540EC8
141(8D) IntG32 00 0008:80540ED2
142(8E) IntG32 00 0008:80540EDC
143(8F) IntG32 00 0008:80540EE6
144(90) IntG32 00 0008:80540EF0
145(91) IntG32 00 0008:80540EFA
146(92) IntG32 00 0008:80540F04
147(93) IntG32 00 0008:848E29FC (hooked)
148(94) IntG32 00 0008:80540F18
149(95) IntG32 00 0008:80540F22
150(96) IntG32 00 0008:80540F2C
151(97) IntG32 00 0008:80540F36
152(98) IntG32 00 0008:80540F40
153(99) IntG32 00 0008:80540F4A
154(9A) IntG32 00 0008:80540F54
155(9B) IntG32 00 0008:80540F5E
156(9C) IntG32 00 0008:80540F68
157(9D) IntG32 00 0008:80540F72
158(9E) IntG32 00 0008:80540F7C
159(9F) IntG32 00 0008:80540F86
160(A0) IntG32 00 0008:80540F90
161(A1) IntG32 00 0008:80540F9A
162(A2) IntG32 00 0008:80540FA4
163(A3) IntG32 00 0008:80540FAE
164(A4) IntG32 00 0008:848CEBEC (hooked)
165(A5) IntG32 00 0008:80540FC2
166(A6) IntG32 00 0008:80540FCC
167(A7) IntG32 00 0008:80540FD6
168(A8) IntG32 00 0008:80540FE0
169(A9) IntG32 00 0008:80540FEA
170(AA) IntG32 00 0008:80540FF4
171(AB) IntG32 00 0008:80540FFE
172(AC) IntG32 00 0008:80541008
173(AD) IntG32 00 0008:80541012
174(AE) IntG32 00 0008:8054101C
175(AF) IntG32 00 0008:80541026
176(B0) IntG32 00 0008:80541030
177(B1) IntG32 00 0008:84A92D44 (hooked)
178(B2) IntG32 00 0008:80541044
179(B3) IntG32 00 0008:8054104E
180(B4) IntG32 00 0008:846E253C (hooked)
181(B5) IntG32 00 0008:80541062
182(B6) IntG32 00 0008:8054106C
183(B7) IntG32 00 0008:80541076
184(B8) IntG32 00 0008:80541080
185(B9) IntG32 00 0008:8054108A
186(BA) IntG32 00 0008:80541094
187(BB) IntG32 00 0008:8054109E
188(BC) IntG32 00 0008:805410A8
189(BD) IntG32 00 0008:805410B2
190(BE) IntG32 00 0008:805410BC
191(BF) IntG32 00 0008:805410C6
192(C0) IntG32 00 0008:805410D0
193(C1) IntG32 00 0008:806E5AC0
194(C2) IntG32 00 0008:805410E4
195(C3) IntG32 00 0008:805410EE
196(C4) IntG32 00 0008:805410F8
197(C5) IntG32 00 0008:80541102
198(C6) IntG32 00 0008:8054110C
199(C7) IntG32 00 0008:80541116
200(C8) IntG32 00 0008:80541120
201(C9) IntG32 00 0008:8054112A
202(CA) IntG32 00 0008:80541134
203(CB) IntG32 00 0008:8054113E
204(CC) IntG32 00 0008:80541148
205(CD) IntG32 00 0008:80541152
206(CE) IntG32 00 0008:8054115C
207(CF) IntG32 00 0008:80541166
208(D0) IntG32 00 0008:80541170
209(D1) IntG32 00 0008:806E4E54
210(D2) IntG32 00 0008:80541184
211(D3) IntG32 00 0008:8054118E
212(D4) IntG32 00 0008:80541198
213(D5) IntG32 00 0008:805411A2
214(D6) IntG32 00 0008:805411AC
215(D7) IntG32 00 0008:805411B6
216(D8) IntG32 00 0008:805411C0
217(D9) IntG32 00 0008:805411CA
218(DA) IntG32 00 0008:805411D4
219(DB) IntG32 00 0008:805411DE
220(DC) IntG32 00 0008:805411E8
221(DD) IntG32 00 0008:805411F2
222(DE) IntG32 00 0008:805411FC
223(DF) IntG32 00 0008:80541206
224(E0) IntG32 00 0008:80541210
225(E1) IntG32 00 0008:806E6048
226(E2) IntG32 00 0008:80541224
227(E3) IntG32 00 0008:806E5DAC
228(E4) IntG32 00 0008:80541238
229(E5) IntG32 00 0008:80541242
230(E6) IntG32 00 0008:8054124C
231(E7) IntG32 00 0008:80541256
232(E8) IntG32 00 0008:80541260
233(E9) IntG32 00 0008:8054126A
234(EA) IntG32 00 0008:80541274
235(EB) IntG32 00 0008:8054127E
236(EC) IntG32 00 0008:80541288
237(ED) IntG32 00 0008:80541292
238(EE) IntG32 00 0008:80541299
239(EF) IntG32 00 0008:805412A0
240(F0) IntG32 00 0008:805412A7
241(F1) IntG32 00 0008:805412AE
242(F2) IntG32 00 0008:805412B5
243(F3) IntG32 00 0008:805412BC
244(F4) IntG32 00 0008:805412C3
245(F5) IntG32 00 0008:805412CA
246(F6) IntG32 00 0008:805412D1
247(F7) IntG32 00 0008:805412D8
248(F8) IntG32 00 0008:805412DF
249(F9) IntG32 00 0008:805412E6
250(FA) IntG32 00 0008:805412ED
251(FB) IntG32 00 0008:805412F4
252(FC) IntG32 00 0008:805412FB
253(FD) IntG32 00 0008:806E65A8
254(FE) IntG32 00 0008:806E6748
255(FF) IntG32 00 0008:80541310
1:14:29 - Performing check: "SYSENTER hook":
SYSENTER offset in kernel: 0x0046A540 (=0x80541540)
SYSENTER EIP: 0008:80541540 [OK]
1:14:29 - Performing check: "IAT hooks":

PID 564 - C:\WINDOWS\System32\smss.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)

PID 632 - C:\WINDOWS\system32\csrss.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
CSRSRV.dll (75B40000 - 75B4B000)
basesrv.dll (75B50000 - 75B60000)
winsrv.dll (75B60000 - 75BAB000)
GDI32.dll (77F10000 - 77F59000)
KERNEL32.dll (7C800000 - 7C8F6000)
USER32.dll (7E410000 - 7E4A1000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
sxs.dll (7E720000 - 7E7D0000)
Apphelp.dll (77B40000 - 77B62000)
VERSION.dll (77C00000 - 77C08000)

PID 656 - C:\WINDOWS\system32\winlogon.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
AUTHZ.dll (776C0000 - 776D2000)
msvcrt.dll (77C10000 - 77C68000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
NDdeApi.dll (75940000 - 75948000)
PROFMAP.dll (75930000 - 7593A000)
NETAPI32.dll (5B860000 - 5B8B5000)
USERENV.dll (769C0000 - 76A74000)
PSAPI.DLL (76BF0000 - 76BFB000)
REGAPI.dll (76BC0000 - 76BCF000)
SETUPAPI.dll (77920000 - 77A13000)
VERSION.dll (77C00000 - 77C08000)
WINSTA.dll (76360000 - 76370000)
WINTRUST.dll (76C30000 - 76C5E000)
IMAGEHLP.dll (76C90000 - 76CB8000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
MSGINA.dll (75970000 - 75A68000)
COMCTL32.dll (5D090000 - 5D12A000)
ODBC32.dll (74320000 - 7435D000)
comdlg32.dll (763B0000 - 763F9000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
comctl32.dll (773D0000 - 774D3000)
odbcint.dll (00940000 - 00957000)
SHSVCS.dll (776E0000 - 77703000)
sfc.dll (76BB0000 - 76BB5000)
sfc_os.dll (76C60000 - 76C8A000)
ole32.dll (774E0000 - 7761D000)
Apphelp.dll (77B40000 - 77B62000)
msctfime.ime (755C0000 - 755EE000)
WINSCARD.DLL (723D0000 - 723EC000)
WTSAPI32.dll (76F50000 - 76F58000)
sxs.dll (7E720000 - 7E7D0000)
uxtheme.dll (5AD70000 - 5ADA8000)
WINMM.dll (76B40000 - 76B6D000)
cscdll.dll (76600000 - 7661D000)
dimsntfy.dll (47020000 - 47028000)
WlNotify.dll (75950000 - 7596A000)
MPR.dll (71B20000 - 71B32000)
WINSPOOL.DRV (73000000 - 73026000)
rsaenh.dll (68000000 - 68036000)
SAMLIB.dll (71BF0000 - 71C03000)
xpsp2res.dll (014A0000 - 01765000)
msv1_0.dll (77C70000 - 77C95000)
cryptdll.dll (76790000 - 7679C000)
iphlpapi.dll (76D60000 - 76D79000)
cscui.dll (77A20000 - 77A74000)
NTMARTA.DLL (77690000 - 776B1000)
WLDAP32.dll (76F60000 - 76F8C000)
wdmaud.drv (72D20000 - 72D29000)
msacm32.drv (72D10000 - 72D18000)
MSACM32.dll (77BE0000 - 77BF5000)
midimap.dll (77BD0000 - 77BD7000)
COMRes.dll (77050000 - 77115000)
OLEAUT32.dll (77120000 - 771AB000)
CLBCATQ.DLL (76FD0000 - 7704F000)

PID 700 - C:\WINDOWS\system32\services.exe
-------------------------------------------------------------------------------

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Fri Mar 12, 2010 1:34 am

ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
msvcrt.dll (77C10000 - 77C68000)
NCObjAPI.DLL (5F770000 - 5F77C000)
MSVCP60.dll (76080000 - 760E5000)
SCESRV.dll (7DBD0000 - 7DC21000)
AUTHZ.dll (776C0000 - 776D2000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
USERENV.dll (769C0000 - 76A74000)
umpnpmgr.dll (7DBA0000 - 7DBC1000)
WINSTA.dll (76360000 - 76370000)
NETAPI32.dll (5B860000 - 5B8B5000)
ShimEng.dll (5CB70000 - 5CB96000)
AcAdProc.dll (47260000 - 4726F000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
Apphelp.dll (77B40000 - 77B62000)
VERSION.dll (77C00000 - 77C08000)
eventlog.dll (77B70000 - 77B81000)
PSAPI.DLL (76BF0000 - 76BFB000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
wtsapi32.dll (76F50000 - 76F58000)
WINTRUST.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)
xpsp2res.dll (01220000 - 014E5000)
rsaenh.dll (68000000 - 68036000)
uxtheme.dll (5AD70000 - 5ADA8000)
Cabinet.dll (75150000 - 75163000)
ole32.dll (774E0000 - 7761D000)

PID 712 - C:\WINDOWS\system32\lsass.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
LSASRV.dll (75730000 - 757E5000)
MPR.dll (71B20000 - 71B32000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
MSASN1.dll (77B20000 - 77B32000)
msvcrt.dll (77C10000 - 77C68000)
NETAPI32.dll (5B860000 - 5B8B5000)
NTDSAPI.dll (767A0000 - 767B3000)
DNSAPI.dll (76F20000 - 76F47000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
WLDAP32.dll (76F60000 - 76F8C000)
SAMLIB.dll (71BF0000 - 71C03000)
SAMSRV.dll (74440000 - 744AA000)
cryptdll.dll (76790000 - 7679C000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
WINMM.dll (76B40000 - 76B6D000)
ole32.dll (774E0000 - 7761D000)
OLEAUT32.dll (77120000 - 771AB000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
msprivs.dll (4D200000 - 4D20E000)
kerberos.dll (71CF0000 - 71D3C000)
msv1_0.dll (77C70000 - 77C95000)
iphlpapi.dll (76D60000 - 76D79000)
netlogon.dll (744B0000 - 74515000)
w32time.dll (767C0000 - 767EC000)
MSVCP60.dll (76080000 - 760E5000)
schannel.dll (767F0000 - 76818000)
CRYPT32.dll (77A80000 - 77B15000)
wdigest.dll (7DFC0000 - 7DFD1000)
rsaenh.dll (68000000 - 68036000)
scecli.dll (74410000 - 7443F000)
SETUPAPI.dll (77920000 - 77A13000)
ipsecsvc.dll (743E0000 - 7440F000)
AUTHZ.dll (776C0000 - 776D2000)
oakley.DLL (75D90000 - 75E60000)
WINIPSEC.DLL (74370000 - 7437B000)
mswsock.dll (71A50000 - 71A8F000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)
pstorsvc.dll (743A0000 - 743AB000)
psbase.dll (743C0000 - 743DB000)
dssenh.dll (68100000 - 68126000)

PID 868 - C:\WINDOWS\system32\svchost.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
WINMM.dll (76B40000 - 76B6D000)
ole32.dll (774E0000 - 7761D000)
msvcrt.dll (77C10000 - 77C68000)
OLEAUT32.dll (77120000 - 771AB000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
NTMARTA.DLL (77690000 - 776B1000)
SAMLIB.dll (71BF0000 - 71C03000)
WLDAP32.dll (76F60000 - 76F8C000)
rpcss.dll (76A80000 - 76AE4000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
xpsp2res.dll (006E0000 - 009A5000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
termsrv.dll (760F0000 - 76143000)
ICAAPI.dll (74F70000 - 74F76000)
SETUPAPI.dll (77920000 - 77A13000)
WINTRUST.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)
AUTHZ.dll (776C0000 - 776D2000)
mstlsapi.dll (75110000 - 7512F000)
ACTIVEDS.dll (77CC0000 - 77CF2000)
adsldpc.dll (76E10000 - 76E35000)
NETAPI32.dll (5B860000 - 5B8B5000)
ATL.DLL (76B20000 - 76B31000)
REGAPI.dll (76BC0000 - 76BCF000)
rsaenh.dll (68000000 - 68036000)
rdpwsx.dll (72460000 - 72478000)
WINSPOOL.DRV (73000000 - 73026000)
Apphelp.dll (77B40000 - 77B62000)
WTSAPI32.dll (76F50000 - 76F58000)
WINSTA.dll (76360000 - 76370000)
msv1_0.dll (77C70000 - 77C95000)
cryptdll.dll (76790000 - 7679C000)
iphlpapi.dll (76D60000 - 76D79000)

PID 928 - C:\WINDOWS\system32\svchost.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
WINMM.dll (76B40000 - 76B6D000)
ole32.dll (774E0000 - 7761D000)
msvcrt.dll (77C10000 - 77C68000)
OLEAUT32.dll (77120000 - 771AB000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
rpcss.dll (76A80000 - 76AE4000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
xpsp2res.dll (006E0000 - 009A5000)
rsaenh.dll (68000000 - 68036000)
mswsock.dll (71A50000 - 71A8F000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)
DNSAPI.dll (76F20000 - 76F47000)
iphlpapi.dll (76D60000 - 76D79000)
winrnr.dll (76FB0000 - 76FB8000)
WLDAP32.dll (76F60000 - 76F8C000)
rasadhlp.dll (76FC0000 - 76FC6000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)

PID 1024 - C:\WINDOWS\System32\svchost.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
WINMM.dll (76B40000 - 76B6D000)
ole32.dll (774E0000 - 7761D000)
msvcrt.dll (77C10000 - 77C68000)
OLEAUT32.dll (77120000 - 771AB000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
NTMARTA.DLL (77690000 - 776B1000)
SAMLIB.dll (71BF0000 - 71C03000)
WLDAP32.dll (76F60000 - 76F8C000)
xpsp2res.dll (006E0000 - 009A5000)
shsvcs.dll (776E0000 - 77703000)
WINSTA.dll (76360000 - 76370000)
NETAPI32.dll (5B860000 - 5B8B5000)
dhcpcsvc.dll (7D4B0000 - 7D4D2000)
DNSAPI.dll (76F20000 - 76F47000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
iphlpapi.dll (76D60000 - 76D79000)
rsaenh.dll (68000000 - 68036000)
wzcsvc.dll (7DB10000 - 7DB9C000)
rtutils.dll (76E80000 - 76E8E000)
WMI.dll (76D30000 - 76D34000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
EapolQec.dll (72810000 - 7281B000)
ATL.DLL (76B20000 - 76B31000)
QUtil.dll (726C0000 - 726D6000)
MSVCP60.dll (76080000 - 760E5000)
dot3api.dll (478C0000 - 478CA000)
WTSAPI32.dll (76F50000 - 76F58000)
ESENT.dll (606B0000 - 607BD000)
mswsock.dll (71A50000 - 71A8F000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)
SETUPAPI.DLL (77920000 - 77A13000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
rastls.dll (76B70000 - 76B97000)
CRYPTUI.dll (754D0000 - 75550000)
WININET.dll (3D930000 - 3DA01000)
Normaliz.dll (014E0000 - 014E9000)
iertutil.dll (3DFD0000 - 3E015000)
WINTRUST.dll (76C30000 - 76C5E000)
IMAGEHLP.dll (76C90000 - 76CB8000)
MPRAPI.dll (76D40000 - 76D58000)
ACTIVEDS.dll (77CC0000 - 77CF2000)
adsldpc.dll (76E10000 - 76E35000)
RASAPI32.dll (76EE0000 - 76F1C000)
rasman.dll (76E90000 - 76EA2000)
TAPI32.dll (76EB0000 - 76EDF000)
SCHANNEL.dll (767F0000 - 76818000)
WinSCard.dll (723D0000 - 723EC000)
PSAPI.DLL (76BF0000 - 76BFB000)
raschap.dll (76BD0000 - 76BE6000)
msv1_0.dll (77C70000 - 77C95000)
cryptdll.dll (76790000 - 7679C000)
schedsvc.dll (77300000 - 77333000)
NTDSAPI.dll (767A0000 - 767B3000)
MSIDLE.DLL (74F50000 - 74F55000)
audiosrv.dll (708B0000 - 708BD000)
wkssvc.dll (76E40000 - 76E63000)
cryptsvc.dll (76CE0000 - 76CF2000)
certcli.dll (77B90000 - 77BC2000)
ersvc.dll (74F80000 - 74F89000)
es.dll (77710000 - 77754000)
pchsvc.dll (74F40000 - 74F4C000)
srvsvc.dll (75090000 - 750AA000)
netman.dll (77D00000 - 77D33000)
netshell.dll (76400000 - 765A5000)
credui.dll (76C00000 - 76C2E000)
dot3dlg.dll (736D0000 - 736D6000)
OneX.DLL (5DCA0000 - 5DCC8000)
eappcfg.dll (745B0000 - 745D2000)
eappprxy.dll (5DCD0000 - 5DCDE000)
WZCSAPI.DLL (73030000 - 73040000)
seclogon.dll (73D20000 - 73D28000)
sens.dll (722D0000 - 722DD000)
srsvc.dll (751A0000 - 751CE000)
POWRPROF.dll (74AD0000 - 74AD8000)
tapisrv.dll (733E0000 - 73420000)
trkwks.dll (75070000 - 75089000)
w32time.dll (767C0000 - 767EC000)
wmisvc.dll (59490000 - 594B8000)
VSSAPI.DLL (753E0000 - 7544D000)
wuauserv.dll (50000000 - 50005000)
wuaueng.dll (50040000 - 50219000)
WINSPOOL.DRV (73000000 - 73026000)
WINHTTP.dll (4D4F0000 - 4D549000)
Cabinet.dll (75150000 - 75163000)
mspatcha.dll (600A0000 - 600AB000)
browser.dll (76DA0000 - 76DB6000)
SXS.DLL (7E720000 - 7E7D0000)
wscsvc.dll (4C0A0000 - 4C0B7000)
msi.dll (7D1E0000 - 7D49C000)
wbemcomn.dll (75290000 - 752C7000)
wbemcore.dll (762C0000 - 76345000)
esscli.dll (75310000 - 7534F000)
FastProx.dll (75690000 - 75706000)
sfc.dll (76BB0000 - 76BB5000)
sfc_os.dll (76C60000 - 76C8A000)
wmiutils.dll (75020000 - 7503B000)
repdrvfs.dll (75200000 - 7522F000)
comsvcs.dll (76620000 - 7675C000)
colbact.DLL (75130000 - 75144000)
MTXCLU.DLL (750F0000 - 75103000)
WSOCK32.dll (71AD0000 - 71AD9000)
CLUSAPI.DLL (76D10000 - 76D22000)
RESUTILS.DLL (750B0000 - 750C2000)
wmiprvsd.dll (3F1E0000 - 3F252000)
NCObjAPI.DLL (5F770000 - 5F77C000)
wbemess.dll (75390000 - 753D6000)
Apphelp.dll (77B40000 - 77B62000)
ncprov.dll (5F740000 - 5F74E000)
ipnathlp.dll (66460000 - 664B5000)
AUTHZ.dll (776C0000 - 776D2000)
upnp.dll (76DE0000 - 76E04000)
SSDPAPI.dll (74F00000 - 74F0C000)
netcfgx.dll (755F0000 - 7568A000)
rasmans.dll (7DF30000 - 7DF62000)
WINIPSEC.DLL (74370000 - 7437B000)
wups2.dll (50F00000 - 50F0D000)
rastapi.dll (75880000 - 75891000)
rasadhlp.dll (76FC0000 - 76FC6000)
unimdm.tsp (57CC0000 - 57CF6000)
uniplat.dll (72000000 - 72007000)
unimdmat.dll (5B070000 - 5B084000)
modemui.dll (61650000 - 61678000)
kmddsp.tsp (57D40000 - 57D4B000)
ndptsp.tsp (57D20000 - 57D30000)
ipconf.tsp (57D50000 - 57D58000)
h323.tsp (57D70000 - 57DB6000)
hidphone.tsp (57D60000 - 57D6A000)
HID.DLL (688F0000 - 688F9000)
rasppp.dll (72240000 - 72277000)
ntlsapi.dll (724B0000 - 724B6000)
kerberos.dll (71CF0000 - 71D3C000)
RASQEC.DLL (72AE0000 - 72AF3000)
RASDLG.dll (768D0000 - 76974000)
catsrvut.dll (6FB10000 - 6FBAE000)
catsrv.dll (6FBD0000 - 6FC0D000)
MfcSubs.dll (61990000 - 61999000)
MPR.dll (71B20000 - 71B32000)
urlmon.dll (78130000 - 78258000)
msxml3.dll (74980000 - 74AA3000)
winrnr.dll (76FB0000 - 76FB8000)
mdnsNSP.dll (16080000 - 160A5000)
dssenh.dll (68100000 - 68126000)
advpack.dll (42EC0000 - 42EEE000)

PID 1072 - C:\WINDOWS\system32\svchost.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
WINMM.dll (76B40000 - 76B6D000)
ole32.dll (774E0000 - 7761D000)
msvcrt.dll (77C10000 - 77C68000)
OLEAUT32.dll (77120000 - 771AB000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
dnsrslvr.dll (76770000 - 7677D000)
DNSAPI.dll (76F20000 - 76F47000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
iphlpapi.dll (76D60000 - 76D79000)
rsaenh.dll (68000000 - 68036000)
mswsock.dll (71A50000 - 71A8F000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)

PID 1128 - C:\WINDOWS\system32\svchost.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
WINMM.dll (76B40000 - 76B6D000)
ole32.dll (774E0000 - 7761D000)
msvcrt.dll (77C10000 - 77C68000)
OLEAUT32.dll (77120000 - 771AB000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
NTMARTA.DLL (77690000 - 776B1000)
SAMLIB.dll (71BF0000 - 71C03000)
WLDAP32.dll (76F60000 - 76F8C000)
xpsp2res.dll (006E0000 - 009A5000)
lmhsvc.dll (74C40000 - 74C46000)
iphlpapi.dll (76D60000 - 76D79000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
ssdpsrv.dll (765E0000 - 765F4000)
hnetcfg.dll (662B0000 - 66308000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
mswsock.dll (71A50000 - 71A8F000)
wshtcpip.dll (71A90000 - 71A98000)

PID 1468 - C:\WINDOWS\Explorer.EXE
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
Explorer.EXE:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\ShimEng.dll:
Base address: 5CB70000
Size: 00026000
Flags: 8000400C
Load count: 1
Name: Microsoft® Windows® Operating System
Prod. Version: 5.1.2600.5512
Company: Microsoft Corporation
File Version: 5.1.2600.5512 (xpsp.080413-2105)
Description: Shim Engine DLL
Location: C:\WINDOWS\system32\ShimEng.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
ADVAPI32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\ShimEng.dll:
Base address: 5CB70000
Size: 00026000
Flags: 8000400C
Load count: 1
Name: Microsoft® Windows® Operating System
Prod. Version: 5.1.2600.5512
Company: Microsoft Corporation
File Version: 5.1.2600.5512 (xpsp.080413-2105)
Description: Shim Engine DLL
Location: C:\WINDOWS\system32\ShimEng.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
RPCRT4.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
Secur32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
BROWSEUI.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
GDI32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
USER32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
msvcrt.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ole32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
SHLWAPI.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
OLEAUT32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
SHDOCVW.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
CRYPT32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MSASN1.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
CRYPTUI.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
NETAPI32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
VERSION.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WININET.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
iertutil.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WINTRUST.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
IMAGEHLP.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WLDAP32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
SHELL32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
UxTheme.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WINMM.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MSACM32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
USERENV.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
IMM32.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
USP10.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
comctl32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
comctl32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
msctfime.ime:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
appHelp.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
CLBCATQ.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
cscui.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
CSCDLL.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
themeui.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
actxprxy.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
LINKINFO.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ntshrui.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ATL.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
msi.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
SETUPAPI.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ieframe.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
PSAPI.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
urlmon.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
NETSHELL.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
credui.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WTSAPI32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
eappcfg.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
iphlpapi.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WS2_32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WS2HELP.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MSCTF.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
webcheck.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
stobject.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
BatMeter.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
wdmaud.drv :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
fxsst.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WINSPOOL.DRV:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
FXSAPI.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
NTMARTA.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MPR.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ntlanman.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
NETUI0.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
davclnt.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
SXS.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
gdiplus.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
DUSER.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
rsaenh.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MLANG.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MSGINA.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ODBC32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
comdlg32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
mydocs.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MSVCR80.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
mbamext.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
BROWSEUI.dll (75F80000 - 7607D000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
msvcrt.dll (77C10000 - 77C68000)
ole32.dll (774E0000 - 7761D000)
SHLWAPI.dll (77F60000 - 77FD6000)
OLEAUT32.dll (77120000 - 771AB000)
SHDOCVW.dll (7E290000 - 7E401000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
CRYPTUI.dll (754D0000 - 75550000)
NETAPI32.dll (5B860000 - 5B8B5000)
VERSION.dll (77C00000 - 77C08000)
WININET.dll (3D930000 - 3DA01000)
Normaliz.dll (00400000 - 00409000)
iertutil.dll (3DFD0000 - 3E015000)
WINTRUST.dll (76C30000 - 76C5E000)
IMAGEHLP.dll (76C90000 - 76CB8000)
WLDAP32.dll (76F60000 - 76F8C000)
SHELL32.dll (7C9C0000 - 7D1D7000)
UxTheme.dll (5AD70000 - 5ADA8000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
WINMM.dll (76B40000 - 76B6D000)
MSACM32.dll (77BE0000 - 77BF5000)
USERENV.dll (769C0000 - 76A74000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
msctfime.ime (755C0000 - 755EE000)
appHelp.dll (77B40000 - 77B62000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
cscui.dll (77A20000 - 77A74000)
CSCDLL.dll (76600000 - 7661D000)
themeui.dll (5BA60000 - 5BAD1000)
MSIMG32.dll (76380000 - 76385000)
xpsp2res.dll (01480000 - 01745000)
actxprxy.dll (71D40000 - 71D5B000)
SAMLIB.dll (71BF0000 - 71C03000)
LINKINFO.dll (76980000 - 76988000)
ntshrui.dll (76990000 - 769B5000)
ATL.DLL (76B20000 - 76B31000)
msi.dll (7D1E0000 - 7D49C000)
SETUPAPI.dll (77920000 - 77A13000)
ieframe.dll (3E1C0000 - 3E78D000)
PSAPI.DLL (76BF0000 - 76BFB000)
urlmon.dll (78130000 - 78258000)
NETSHELL.dll (76400000 - 765A5000)
credui.dll (76C00000 - 76C2E000)
dot3api.dll (478C0000 - 478CA000)
rtutils.dll (76E80000 - 76E8E000)
dot3dlg.dll (736D0000 - 736D6000)
OneX.DLL (5DCA0000 - 5DCC8000)
WTSAPI32.dll (76F50000 - 76F58000)
WINSTA.dll (76360000 - 76370000)
eappcfg.dll (745B0000 - 745D2000)
MSVCP60.dll (76080000 - 760E5000)
eappprxy.dll (5DCD0000 - 5DCDE000)
iphlpapi.dll (76D60000 - 76D79000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
MSCTF.dll (74720000 - 7476C000)
webcheck.dll (42E40000 - 42E7C000)
stobject.dll (76280000 - 762A1000)
BatMeter.dll (74AF0000 - 74AFA000)
POWRPROF.dll (74AD0000 - 74AD8000)
wdmaud.drv (72D20000 - 72D29000)
msacm32.drv (72D10000 - 72D18000)
midimap.dll (77BD0000 - 77BD7000)
fxsst.dll (68DF0000 - 68E7D000)
WINSPOOL.DRV (73000000 - 73026000)
FXSAPI.dll (5A980000 - 5A9F2000)
NTMARTA.DLL (77690000 - 776B1000)
MPR.dll (71B20000 - 71B32000)
drprov.dll (75F60000 - 75F67000)
ntlanman.dll (71C10000 - 71C1E000)
NETUI0.dll (71CD0000 - 71CE7000)
NETUI1.dll (71C90000 - 71CD0000)
NETRAP.dll (71C80000 - 71C87000)
davclnt.dll (75F70000 - 75F7A000)
SXS.DLL (7E720000 - 7E7D0000)
browselc.dll (71600000 - 71612000)
gdiplus.dll (4EC50000 - 4EDFB000)
DUSER.dll (6C1B0000 - 6C1FD000)
rsaenh.dll (68000000 - 68036000)
MLANG.dll (75CF0000 - 75D81000)
MSGINA.dll (75970000 - 75A68000)
ODBC32.dll (74320000 - 7435D000)
comdlg32.dll (763B0000 - 763F9000)
odbcint.dll (01410000 - 01427000)
mydocs.dll (72410000 - 7242A000)
PDFShell.dll (10000000 - 1005B000)
MSVCR80.dll (01100000 - 0119B000)
mbamext.dll (00CE0000 - 00CF8000)

PID 1552 - C:\WINDOWS\system32\spoolsv.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
msvcrt.dll (77C10000 - 77C68000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
WINMM.dll (76B40000 - 76B6D000)
ole32.dll (774E0000 - 7761D000)
OLEAUT32.dll (77120000 - 771AB000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
SPOOLSS.DLL (742E0000 - 742F5000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
DNSAPI.dll (76F20000 - 76F47000)
rasadhlp.dll (76FC0000 - 76FC6000)
localspl.dll (75BB0000 - 75C07000)
sfc_os.dll (76C60000 - 76C8A000)
WINTRUST.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)
winspool.drv (73000000 - 73026000)
netapi32.dll (5B860000 - 5B8B5000)
cnbjmon.dll (742A0000 - 742AE000)
FXSMON.DLL (68F00000 - 68F09000)
FXSEVENT.dll (68F20000 - 68F31000)
pjlmon.dll (74280000 - 74287000)
msonpmon.dll (009A0000 - 009A9000)
MSVCR80.dll (78130000 - 781CB000)
msi.dll (7D1E0000 - 7D49C000)
tcpmon.dll (72400000 - 7240E000)
usbmon.dll (723F0000 - 723F7000)
filterpipelineprintproc.dll(3F420000 - 3F43B000)
msonpppr.dll (00D20000 - 00D29000)
mswsock.dll (71A50000 - 71A8F000)
winrnr.dll (76FB0000 - 76FB8000)
WLDAP32.dll (76F60000 - 76F8C000)
win32spl.dll (75C10000 - 75C34000)
NETRAP.dll (71C80000 - 71C87000)
NTDSAPI.dll (767A0000 - 767B3000)
inetpp.dll (74300000 - 74315000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
xpsp2res.dll (01010000 - 012D5000)

PID 1700 - C:\WINDOWS\RTHDCPL.EXE
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
DSOUND.DLL (73F10000 - 73F6C000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
msvcrt.dll (77C10000 - 77C68000)
ole32.dll (774E0000 - 7761D000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
VERSION.dll (77C00000 - 77C08000)
WINMM.dll (76B40000 - 76B6D000)
HHCTRL.OCX (7E4B0000 - 7E539000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
COMCTL32.dll (5D090000 - 5D12A000)
OLEAUT32.dll (77120000 - 771AB000)
SETUPAPI.DLL (77920000 - 77A13000)
MPR.DLL (71B20000 - 71B32000)
WINSPOOL.DRV (73000000 - 73026000)
COMDLG32.DLL (763B0000 - 763F9000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
uxtheme.dll (5AD70000 - 5ADA8000)
msctfime.ime (755C0000 - 755EE000)
WINTRUST.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)
wdmaud.drv (72D20000 - 72D29000)
msacm32.drv (72D10000 - 72D18000)
MSACM32.dll (77BE0000 - 77BF5000)
midimap.dll (77BD0000 - 77BD7000)
MSCTF.dll (74720000 - 7476C000)
KsUser.dll (73EE0000 - 73EE4000)

PID 1732 - C:\Program Files\Common Files\Java\Java Update\jusched.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
WININET.dll (3D930000 - 3DA01000)
msvcrt.dll (77C10000 - 77C68000)
SHLWAPI.dll (77F60000 - 77FD6000)
Normaliz.dll (00340000 - 00349000)
iertutil.dll (3DFD0000 - 3E015000)
ole32.dll (774E0000 - 7761D000)
SHELL32.dll (7C9C0000 - 7D1D7000)
OLEAUT32.dll (77120000 - 771AB000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
uxtheme.dll (5AD70000 - 5ADA8000)

PID 1764 - C:\WINDOWS\system32\ctfmon.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
msvcrt.dll (77C10000 - 77C68000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
MSCTF.dll (74720000 - 7476C000)
MSUTB.dll (5FC10000 - 5FC43000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
WINMM.dll (76B40000 - 76B6D000)
ole32.dll (774E0000 - 7761D000)
OLEAUT32.dll (77120000 - 771AB000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
msctfime.ime (755C0000 - 755EE000)

PID 412 - C:\WINDOWS\system32\svchost.exe
-------------------------------------------------------------------------------

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Fri Mar 12, 2010 1:35 am

ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
WINMM.dll (76B40000 - 76B6D000)
ole32.dll (774E0000 - 7761D000)
msvcrt.dll (77C10000 - 77C68000)
OLEAUT32.dll (77120000 - 771AB000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
NTMARTA.DLL (77690000 - 776B1000)
SAMLIB.dll (71BF0000 - 71C03000)
WLDAP32.dll (76F60000 - 76F8C000)
xpsp2res.dll (006E0000 - 009A5000)
webclnt.dll (5A6E0000 - 5A6F5000)
WININET.dll (3D930000 - 3DA01000)
Normaliz.dll (00670000 - 00679000)
iertutil.dll (3DFD0000 - 3E015000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
rsaenh.dll (68000000 - 68036000)

PID 448 - C:\WINDOWS\system32\agrsmsvc.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
msvcrt.dll (77C10000 - 77C68000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
WINMM.dll (76B40000 - 76B6D000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)

PID 460 - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
ACE.dll (10000000 - 100FA000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
WS2_32.dll (71AB0000 - 71AC7000)
msvcrt.dll (77C10000 - 77C68000)
WS2HELP.dll (71AA0000 - 71AA8000)
MSWSOCK.dll (71A50000 - 71A8F000)
NETAPI32.dll (5B860000 - 5B8B5000)
MSVCP71.dll (7C3A0000 - 7C41B000)
MSVCR71.dll (7C340000 - 7C396000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
locator.dll (00800000 - 00807000)
DNSAPI.dll (76F20000 - 76F47000)
winrnr.dll (76FB0000 - 76FB8000)
WLDAP32.dll (76F60000 - 76F8C000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)
listor.dll (00920000 - 00935000)
ACEXML.dll (00940000 - 00958000)
ACEXML_Parser.dll (00960000 - 0096F000)
MPR.dll (71B20000 - 71B32000)

PID 496 - C:\Program Files\Java\jre6\bin\jqs.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
WS2_32.dll (71AB0000 - 71AC7000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
msvcrt.dll (77C10000 - 77C68000)
WS2HELP.dll (71AA0000 - 71AA8000)
ole32.dll (774E0000 - 7761D000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
MSVCR71.dll (7C340000 - 7C396000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
psapi.dll (76BF0000 - 76BFB000)
pdh.dll (74000000 - 74056000)
comdlg32.dll (763B0000 - 763F9000)
COMCTL32.dll (5D090000 - 5D12A000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
ODBC32.dll (74320000 - 7435D000)
odbcbcp.dll (711A0000 - 711A6000)
VERSION.dll (77C00000 - 77C08000)
OLEAUT32.dll (77120000 - 771AB000)
comctl32.dll (773D0000 - 774D3000)
odbcint.dll (006B0000 - 006C7000)
mswsock.dll (71A50000 - 71A8F000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)
perfos.dll (5E760000 - 5E76A000)
perfdisk.dll (5E790000 - 5E799000)

PID 528 - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
LSSProxy.dll (67000000 - 67014000)
SHLWAPI.dll (77F60000 - 77FD6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
msvcrt.dll (77C10000 - 77C68000)
PSAPI.DLL (76BF0000 - 76BFB000)
SHELL32.dll (7C9C0000 - 7D1D7000)
LSLog.dll (68000000 - 6800B000)
MSVCR80.dll (78130000 - 781CB000)
MSVCP80.dll (7C420000 - 7C4A7000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)

PID 620 - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
WSOCK32.dll (71AD0000 - 71AD9000)
WS2_32.dll (71AB0000 - 71AC7000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
msvcrt.dll (77C10000 - 77C68000)
WS2HELP.dll (71AA0000 - 71AA8000)
MSVCP71.dll (7C3A0000 - 7C41B000)
MSVCR71.dll (7C340000 - 7C396000)
MFC71U.DLL (00510000 - 00612000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
SHLWAPI.dll (77F60000 - 77FD6000)
ole32.dll (774E0000 - 7761D000)
OLEAUT32.dll (77120000 - 771AB000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
uxtheme.dll (5AD70000 - 5ADA8000)
BKaux.dll (10000000 - 1005E000)
Data32.dll (00C80000 - 00CAB000)
Cdrw32.dll (00CB0000 - 00CF0000)
WINMM.dll (76B40000 - 76B6D000)
CdrMmc32.dll (00CF0000 - 00D12000)
COMCTL32.dll (5D090000 - 5D12A000)
OLEACC.dll (74C80000 - 74CAC000)
MSVCP60.dll (76080000 - 760E5000)
WINSPOOL.DRV (73000000 - 73026000)
comdlg32.dll (763B0000 - 763F9000)
SHELL32.dll (7C9C0000 - 7D1D7000)
CdrwEx32.dll (00D20000 - 00D33000)
ImagFile.dll (003F0000 - 003F9000)
MPR.dll (71B20000 - 71B32000)
PSAPI.DLL (76BF0000 - 76BFB000)
comctl32.dll (773D0000 - 774D3000)
BKauxLOC.dll (00DA0000 - 00DA9000)
BKImage.dll (00E00000 - 00E51000)
Hddrw32.dll (00DB0000 - 00DC3000)
Scd32.dll (00DD0000 - 00DE2000)
BKImageLOC.dll (00E80000 - 00E89000)
mswsock.dll (71A50000 - 71A8F000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)

PID 108 - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
MSVCP71.dll (7C3A0000 - 7C41B000)
MSVCR71.dll (7C340000 - 7C396000)
MFC71U.DLL (00420000 - 00522000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
SHLWAPI.dll (77F60000 - 77FD6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
msvcrt.dll (77C10000 - 77C68000)
SHELL32.dll (7C9C0000 - 7D1D7000)
ole32.dll (774E0000 - 7761D000)
OLEAUT32.dll (77120000 - 771AB000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
SchedulerSvcLOC.dll (10000000 - 10005000)
mswsock.dll (71A50000 - 71A8F000)
DNSAPI.dll (76F20000 - 76F47000)
winrnr.dll (76FB0000 - 76FB8000)
WLDAP32.dll (76F60000 - 76F8C000)
rasadhlp.dll (76FC0000 - 76FC6000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)

PID 776 - C:\WINDOWS\system32\nvsvc32.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
USERENV.dll (769C0000 - 76A74000)
msvcrt.dll (77C10000 - 77C68000)
POWRPROF.dll (74AD0000 - 74AD8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
wtsapi32.dll (76F50000 - 76F58000)
WINSTA.dll (76360000 - 76370000)
NETAPI32.dll (5B860000 - 5B8B5000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
ole32.dll (774E0000 - 7761D000)
COMCTL32.dll (5D090000 - 5D12A000)
OLEAUT32.dll (77120000 - 771AB000)
comctl32.dll (773D0000 - 774D3000)
nvapi.dll (00800000 - 0085B000)
SETUPAPI.dll (77920000 - 77A13000)
uxtheme.dll (5AD70000 - 5ADA8000)
msctfime.ime (755C0000 - 755EE000)
WINTRUST.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)
msv1_0.dll (77C70000 - 77C95000)
cryptdll.dll (76790000 - 7679C000)
iphlpapi.dll (76D60000 - 76D79000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
Apphelp.dll (77B40000 - 77B62000)
VERSION.dll (77C00000 - 77C08000)
NTMARTA.DLL (77690000 - 776B1000)
SAMLIB.dll (71BF0000 - 71C03000)
WLDAP32.dll (76F60000 - 76F8C000)

PID 840 - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
MSVCRT.dll (77C10000 - 77C68000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
ole32.dll (774E0000 - 7761D000)
OLEAUT32.dll (77120000 - 771AB000)
WINMM.dll (76B40000 - 76B6D000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
uxtheme.dll (5AD70000 - 5ADA8000)
xpsp2res.dll (00B00000 - 00DC5000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
VERSION.dll (77C00000 - 77C08000)

PID 1584 - C:\WINDOWS\System32\alg.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
msvcrt.dll (77C10000 - 77C68000)
ATL.DLL (76B20000 - 76B31000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
ole32.dll (774E0000 - 7761D000)
OLEAUT32.dll (77120000 - 771AB000)
WSOCK32.dll (71AD0000 - 71AD9000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
MSWSOCK.DLL (71A50000 - 71A8F000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
WINMM.dll (76B40000 - 76B6D000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
xpsp2res.dll (006E0000 - 009A5000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)

PID 2572 - C:\WINDOWS\system32\wuauclt.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
msvcrt.dll (77C10000 - 77C68000)
ole32.dll (774E0000 - 7761D000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
OLEAUT32.dll (77120000 - 771AB000)
SHLWAPI.dll (77F60000 - 77FD6000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
WINMM.dll (76B40000 - 76B6D000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
wucltui.dll (507E0000 - 50832000)
MSIMG32.dll (76380000 - 76385000)
Cabinet.dll (75150000 - 75163000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
WINTRUST.dll (76C30000 - 76C5E000)
IMAGEHLP.dll (76C90000 - 76CB8000)
MSCTF.dll (74720000 - 7476C000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
xpsp2res.dll (00A80000 - 00D45000)
wups2.dll (50F00000 - 50F0D000)

PID 3044 - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
WSOCK32.dll (71AD0000 - 71AD9000)
WS2_32.dll (71AB0000 - 71AC7000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
msvcrt.dll (77C10000 - 77C68000)
WS2HELP.dll (71AA0000 - 71AA8000)
SETUPAPI.dll (77920000 - 77A13000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
WTSAPI32.dll (76F50000 - 76F58000)
WINSTA.dll (76360000 - 76370000)
NETAPI32.dll (5B860000 - 5B8B5000)
USERENV.dll (769C0000 - 76A74000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
NTMARTA.DLL (77690000 - 776B1000)
ole32.dll (774E0000 - 7761D000)
SAMLIB.dll (71BF0000 - 71C03000)
WLDAP32.dll (76F60000 - 76F8C000)
mswsock.dll (71A50000 - 71A8F000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)
WINTRUST.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)

PID 3924 - C:\Program Files\Bonjour\mDNSResponder.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
WS2_32.dll (71AB0000 - 71AC7000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
msvcrt.dll (77C10000 - 77C68000)
WS2HELP.dll (71AA0000 - 71AA8000)
IPHLPAPI.DLL (76D60000 - 76D79000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
ole32.dll (774E0000 - 7761D000)
OLEAUT32.dll (77120000 - 771AB000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
rsaenh.dll (68000000 - 68036000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
mswsock.dll (71A50000 - 71A8F000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)
MPRAPI.dll (76D40000 - 76D58000)
ACTIVEDS.dll (77CC0000 - 77CF2000)
adsldpc.dll (76E10000 - 76E35000)
NETAPI32.dll (5B860000 - 5B8B5000)
WLDAP32.dll (76F60000 - 76F8C000)
ATL.DLL (76B20000 - 76B31000)
rtutils.dll (76E80000 - 76E8E000)
SAMLIB.dll (71BF0000 - 71C03000)
SETUPAPI.dll (77920000 - 77A13000)
uxtheme.dll (5AD70000 - 5ADA8000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
VERSION.dll (77C00000 - 77C08000)

PID 1652 - C:\Program Files\iPod\bin\iPodService.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
CFGMGR32.dll (74AE0000 - 74AE7000)
setupapi.dll (77920000 - 77A13000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
msvcrt.dll (77C10000 - 77C68000)
VERSION.dll (77C00000 - 77C08000)
ole32.dll (774E0000 - 7761D000)
OLEAUT32.dll (77120000 - 771AB000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
iPodServiceLocalized.DLL(10000000 - 1000E000)
iPodService.DLL (008B0000 - 008BE000)
xpsp2res.dll (00CE0000 - 00FA5000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
uxtheme.dll (5AD70000 - 5ADA8000)
Wtsapi32.dll (76F50000 - 76F58000)
WINSTA.dll (76360000 - 76370000)
NETAPI32.dll (5B860000 - 5B8B5000)
WINTRUST.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)
SXS.DLL (7E720000 - 7E7D0000)
rsaenh.dll (68000000 - 68036000)
userenv.dll (769C0000 - 76A74000)
Cabinet.dll (75150000 - 75163000)
SHLWAPI.dll (77F60000 - 77FD6000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)

PID 1496 - C:\Program Files\iTunes\iTunesHelper.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
COMCTL32.dll (5D090000 - 5D12A000)
SHLWAPI.dll (77F60000 - 77FD6000)
msvcrt.dll (77C10000 - 77C68000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
iTunesHelper.dll (10000000 - 10037000)
ole32.dll (774E0000 - 7761D000)
OLEAUT32.dll (77120000 - 771AB000)
CoreFoundation.dll (00910000 - 009DA000)
SHELL32.dll (7C9C0000 - 7D1D7000)
MSVCR80.dll (78130000 - 781CB000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
pthreadVC2.dll (003D0000 - 003E0000)
WSOCK32.dll (71AD0000 - 71AD9000)
objc.dll (003E0000 - 003FC000)
MSVCP80.dll (7C420000 - 7C4A7000)
icuin40.dll (009F0000 - 00AED000)
icuuc40.dll (00B00000 - 00BE1000)
icudt40.dll (4AD00000 - 4BA5B000)
ASL.dll (00C00000 - 00C0D000)
VERSION.dll (77C00000 - 77C08000)
SETUPAPI.dll (77920000 - 77A13000)
WININET.dll (3D930000 - 3DA01000)
Normaliz.dll (00C20000 - 00C29000)
iertutil.dll (3DFD0000 - 3E015000)
comctl32.dll (773D0000 - 774D3000)
uxtheme.dll (5AD70000 - 5ADA8000)
MSCTF.dll (74720000 - 7476C000)
iTunesHelperLocalized.DLL(01280000 - 0128E000)
iTunesHelper.DLL (012B0000 - 012BE000)
msctfime.ime (755C0000 - 755EE000)
WINTRUST.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)
QuickTime.qts (66800000 - 673AB000)
QTCF.dll (68A40000 - 68A6E000)
WINMM.dll (76B40000 - 76B6D000)
comdlg32.dll (763B0000 - 763F9000)
gdiplus.dll (4EC50000 - 4EDFB000)
DSOUND.dll (73F10000 - 73F6C000)
CFNetwork.DLL (01820000 - 018B3000)
SQLite3.dll (018C0000 - 01923000)
zlib1.dll (01940000 - 01953000)
iphlpapi.dll (76D60000 - 76D79000)
ddraw.dll (73760000 - 737AB000)
DCIMAN32.dll (73BC0000 - 73BC6000)
iTunesMobileDevice.dll(01B80000 - 01CCF000)
mswsock.dll (71A50000 - 71A8F000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)
Wtsapi32.dll (76F50000 - 76F58000)
WINSTA.dll (76360000 - 76370000)
NETAPI32.dll (5B860000 - 5B8B5000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
xpsp2res.dll (02000000 - 022C5000)
SXS.DLL (7E720000 - 7E7D0000)

PID 1268 - C:\Program Files\internet explorer\iexplore.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
iexplore.exe:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\AppPatch\AcLayers.DLL:
Base address: 71590000
Size: 00079000
Flags: 80084004
Load count: 1
Name: Microsoft® Windows® Operating System
Prod. Version: 5.1.2600.5906
Company: Microsoft Corporation
File Version: 5.1.2600.5906 (xpsp_sp3_gdr.091120-1307)
Description: Windows Compatibility DLL
Location: C:\WINDOWS\AppPatch\AcLayers.DLL
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
iexplore.exe:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\AppPatch\AcLayers.DLL:
Base address: 71590000
Size: 00079000
Flags: 80084004
Load count: 1
Name: Microsoft® Windows® Operating System
Prod. Version: 5.1.2600.5906
Company: Microsoft Corporation
File Version: 5.1.2600.5906 (xpsp_sp3_gdr.091120-1307)
Description: Windows Compatibility DLL
Location: C:\WINDOWS\AppPatch\AcLayers.DLL
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
iexplore.exe:LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\AppPatch\AcLayers.DLL:
Base address: 71590000
Size: 00079000
Flags: 80084004
Load count: 1
Name: Microsoft® Windows® Operating System
Prod. Version: 5.1.2600.5906
Company: Microsoft Corporation
File Version: 5.1.2600.5906 (xpsp_sp3_gdr.091120-1307)
Description: Windows Compatibility DLL
Location: C:\WINDOWS\AppPatch\AcLayers.DLL
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
iexplore.exe:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\ShimEng.dll:
Base address: 5CB70000
Size: 00026000
Flags: 8000400C
Load count: 1
Name: Microsoft® Windows® Operating System
Prod. Version: 5.1.2600.5512
Company: Microsoft Corporation
File Version: 5.1.2600.5512 (xpsp.080413-2105)
Description: Shim Engine DLL
Location: C:\WINDOWS\system32\ShimEng.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
ADVAPI32.dll:LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\AppPatch\AcLayers.DLL:
Base address: 71590000
Size: 00079000
Flags: 80084004
Load count: 1
Name: Microsoft® Windows® Operating System
Prod. Version: 5.1.2600.5906
Company: Microsoft Corporation
File Version: 5.1.2600.5906 (xpsp_sp3_gdr.091120-1307)
Description: Windows Compatibility DLL
Location: C:\WINDOWS\AppPatch\AcLayers.DLL
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
ADVAPI32.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\AppPatch\AcLayers.DLL:
Base address: 71590000
Size: 00079000
Flags: 80084004
Load count: 1
Name: Microsoft® Windows® Operating System
Prod. Version: 5.1.2600.5906
Company: Microsoft Corporation
File Version: 5.1.2600.5906 (xpsp_sp3_gdr.091120-1307)
Description: Windows Compatibility DLL
Location: C:\WINDOWS\AppPatch\AcLayers.DLL
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
ADVAPI32.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\AppPatch\AcLayers.DLL:
Base address: 71590000
Size: 00079000
Flags: 80084004
Load count: 1
Name: Microsoft® Windows® Operating System
Prod. Version: 5.1.2600.5906
Company: Microsoft Corporation
File Version: 5.1.2600.5906 (xpsp_sp3_gdr.091120-1307)
Description: Windows Compatibility DLL
Location: C:\WINDOWS\AppPatch\AcLayers.DLL
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
ADVAPI32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\ShimEng.dll:
Base address: 5CB70000
Size: 00026000
Flags: 8000400C
Load count: 1
Name: Microsoft® Windows® Operating System
Prod. Version: 5.1.2600.5512
Company: Microsoft Corporation
File Version: 5.1.2600.5512 (xpsp.080413-2105)
Description: Shim Engine DLL
Location: C:\WINDOWS\system32\ShimEng.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
RPCRT4.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
RPCRT4.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
RPCRT4.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
Secur32.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
Secur32.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
Secur32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
GDI32.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
GDI32.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
GDI32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
GDI32.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
USER32.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
USER32.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
USER32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
USER32.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
msvcrt.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
msvcrt.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
SHLWAPI.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
SHLWAPI.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
SHLWAPI.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
SHLWAPI.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
SHLWAPI.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
SHELL32.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
SHELL32.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
SHELL32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
SHELL32.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
SHELL32.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
ole32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ole32.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
ole32.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
ole32.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
ole32.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
urlmon.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
urlmon.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
urlmon.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
urlmon.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
urlmon.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
OLEAUT32.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
OLEAUT32.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
OLEAUT32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
iertutil.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
iertutil.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
iertutil.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
VERSION.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
VERSION.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
VERSION.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
USERENV.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
USERENV.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
USERENV.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
USERENV.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
WINSPOOL.DRV:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WINSPOOL.DRV:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
WINSPOOL.DRV:LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
WINSPOOL.DRV:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
IMM32.DLL :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
IMM32.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
USP10.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
USP10.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
comctl32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
comctl32.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
comctl32.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
comctl32.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
comctl32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
comctl32.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
IEFRAME.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
IEFRAME.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
IEFRAME.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
IEFRAME.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
PSAPI.DLL :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
PSAPI.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
UxTheme.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
UxTheme.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
UxTheme.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
MSCTF.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
MSCTF.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
MSCTF.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MSCTF.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
apphelp.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
apphelp.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
apphelp.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
msctfime.ime:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
msctfime.ime:LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
msctfime.ime:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
msctfime.ime:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
IEUI.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
IEUI.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
gdiplus.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
gdiplus.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
gdiplus.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
CLBCATQ.DLL :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
CLBCATQ.DLL :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
CLBCATQ.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
msimtf.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
msimtf.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
cscui.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
cscui.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
cscui.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
CSCDLL.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
CSCDLL.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
CSCDLL.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
SETUPAPI.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
SETUPAPI.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
SETUPAPI.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
msohevi.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
msohevi.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
msohevi.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
MSVCR80.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MSVCR80.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
MSVCR80.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
SXS.DLL :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
SXS.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
SXS.DLL :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
SXS.DLL :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
WININET.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
WININET.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
WININET.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WININET.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
MLANG.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
MLANG.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MLANG.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
ws2_32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ws2_32.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
WS2HELP.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
WS2HELP.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
AcroIEHelperSLoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
AcroIEHelperSGetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
AcroIEHelperSLoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
AcroIEHelper.LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
AcroIEHelper.LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
AcroIEHelper.GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
jp2ssv.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
jp2ssv.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
jp2ssv.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
MSVCR71.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MSVCR71.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
jqs_plugin.dlLoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
jqs_plugin.dlLoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
jqs_plugin.dlGetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
mswsock.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
mswsock.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
mswsock.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
hnetcfg.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
hnetcfg.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
hnetcfg.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
hnetcfg.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
RASAPI32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
RASAPI32.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
RASAPI32.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
rasman.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
rasman.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
rasman.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
NETAPI32.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
NETAPI32.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
NETAPI32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
TAPI32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
TAPI32.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
rtutils.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
rtutils.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
WINMM.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
WINMM.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
WINMM.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WINMM.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
msv1_0.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
msv1_0.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
msv1_0.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
iphlpapi.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
iphlpapi.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
actxprxy.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
actxprxy.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
rasadhlp.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
rasadhlp.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
DNSAPI.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
DNSAPI.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
DNSAPI.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
WLDAP32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WLDAP32.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
mdnsNSP.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
mdnsNSP.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
mshtml.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
mshtml.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
mshtml.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
mshtml.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
mshtml.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
ieapfltr.dll:LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
ieapfltr.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ieapfltr.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
ieapfltr.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
WINTRUST.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WINTRUST.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
WINTRUST.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
CRYPT32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
CRYPT32.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
CRYPT32.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
CRYPT32.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
MSASN1.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
MSASN1.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
IMAGEHLP.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
IMAGEHLP.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
NTMARTA.DLL :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
NTMARTA.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
jscript.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
jscript.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
jscript.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
mshtmled.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
mshtmled.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
mshtmled.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
mshtmled.dll:LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
Flash10e.ocx:LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
Flash10e.ocx:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
Flash10e.ocx:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
COMDLG32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
COMDLG32.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
COMDLG32.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
mscms.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
mscms.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
wdmaud.drv :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
wdmaud.drv :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
MSACM32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
vbscript.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
vbscript.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
vbscript.dll:LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
vbscript.dll:LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
schannel.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
schannel.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
schannel.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
ddrawex.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
ddrawex.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
DDRAW.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
DDRAW.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
DCIMAN32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
iepeers.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
iepeers.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
iepeers.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
iepeers.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
iepeers.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
rsaenh.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
rsaenh.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
rsaenh.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
dssenh.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
dssenh.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
dssenh.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
cryptnet.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
cryptnet.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
cryptnet.dll:LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
cryptnet.dll:LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
WINHTTP.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
WINHTTP.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WINHTTP.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
msxml3.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
msxml3.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
msxml3.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
msxml3.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
Dxtrans.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
Dxtrans.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
ATL.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ATL.DLL :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
ATL.DLL :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
ATL.DLL :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
Dxtmsft.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MSRATING.dll:LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
MSRATING.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
MSRATING.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MSRATING.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
ntshrui.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
ntshrui.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
ntshrui.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
LINKINFO.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
LINKINFO.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
LINKINFO.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
wuapi.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
wuapi.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
wuapi.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
wuapi.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
The code of DialogBoxIndirectParamA at 7E456D7D (0) got patched. Here is the diff:
Address New-Original
7E456D7D: E9 - 8B
7E456D7F: B2 - 55
7E456D80: EF - 8B
7E456D81: BF - EC
--> JMP DWORD PTR DS:[3E352081]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Fri Mar 12, 2010 1:35 am

Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The code of DialogBoxIndirectParamW at 7E432072 (0) got patched. Here is the diff:
Address New-Original
7E432072: E9 - 8B
7E432073: CF - FF
7E432074: FF - 55
7E432075: F1 - 8B
7E432076: BF - EC
--> JMP DWORD PTR DS:[3E352046]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The code of DialogBoxParamA at 7E43B144 (0) got patched. Here is the diff:
Address New-Original
7E43B144: E9 - 8B
7E43B145: C2 - FF
7E43B146: 6E - 55
7E43B147: F1 - 8B
7E43B148: BF - EC
--> JMP DWORD PTR DS:[3E35200B]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The code of DialogBoxParamW at 7E4247AB (0) got patched. Here is the diff:
Address New-Original
7E4247AB: E9 - 8B
7E4247AC: 09 - FF
7E4247AD: AD - 55
7E4247AE: DB - 8B
7E4247AF: BF - EC
--> JMP DWORD PTR DS:[3E1DF4B9]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The code of MessageBoxExA at 7E45085C (0) got patched. Here is the diff:
Address New-Original
7E45085C: E9 - 8B
7E45085D: 2C - FF
7E45085E: 17 - 55
7E45085F: F0 - 8B
7E450860: BF - EC
--> JMP DWORD PTR DS:[3E351F8D]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The code of MessageBoxExW at 7E450838 (0) got patched. Here is the diff:
Address New-Original
7E450838: E9 - 8B
7E450839: 16 - FF
7E45083A: 17 - 55
7E45083B: F0 - 8B
7E45083C: BF - EC
--> JMP DWORD PTR DS:[3E351F53]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The code of MessageBoxIndirectA at 7E43A082 (0) got patched. Here is the diff:
Address New-Original
7E43A082: E9 - 8B
7E43A083: 40 - FF
7E43A084: 7F - 55
7E43A085: F1 - 8B
7E43A086: BF - EC
--> JMP DWORD PTR DS:[3E351FC7]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The code of MessageBoxIndirectW at 7E4664D5 (0) got patched. Here is the diff:
Address New-Original
7E4664D5: E9 - 8B
7E4664D6: 10 - FF
7E4664D7: B3 - 55
7E4664D8: D9 - 8B
7E4664D9: BF - EC
--> JMP DWORD PTR DS:[3E2017EA]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
msvcrt.dll (77C10000 - 77C68000)
SHLWAPI.dll (77F60000 - 77FD6000)
SHELL32.dll (7C9C0000 - 7D1D7000)
ole32.dll (774E0000 - 7761D000)
The code of OleLoadFromStream at 77529C85 (0) got patched. Here is the diff:
Address New-Original
77529C85: E9 - 8B
77529C86: B9 - FF
77529C87: 85 - 55
77529C88: E2 - 8B
77529C89: C6 - EC
--> JMP DWORD PTR DS:[3E352243]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
urlmon.dll (78130000 - 78258000)
OLEAUT32.dll (77120000 - 771AB000)
The code of SysAllocStringByteLen at 77124C35 (0) got patched. Here is the diff:
Address New-Original
77124C35: E9 - 8B
77124C36: 5C - FF
77124C37: D8 - 55
77124C38: 22 - 8B
77124C39: C7 - EC
--> JMP DWORD PTR DS:[3E352496]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The code of SysFreeString at 77124880 (0) got patched. Here is the diff:
Address New-Original
77124880: E9 - 8B
77124881: 26 - FF
77124882: DA - 55
77124883: 22 - 8B
77124884: C7 - EC
--> JMP DWORD PTR DS:[3E3522AB]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The code of VariantChangeType at 77126BBB (0) got patched. Here is the diff:
Address New-Original
77126BBB: E9 - 8B
77126BBC: 21 - FF
77126BBD: B9 - 55
77126BBE: 22 - 8B
77126BBF: C7 - EC
--> JMP DWORD PTR DS:[3E3524E1]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The code of VariantClear at 771248F0 (0) got patched. Here is the diff:
Address New-Original
771248F0: E9 - 8B
771248F1: 3B - FF
771248F2: DC - 55
771248F3: 22 - 8B
771248F4: C7 - EC
--> JMP DWORD PTR DS:[3E352530]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
iertutil.dll (3DFD0000 - 3E015000)
VERSION.dll (77C00000 - 77C08000)
ShimEng.dll (5CB70000 - 5CB96000)
AcLayers.DLL (71590000 - 71609000)
USERENV.dll (769C0000 - 76A74000)
WINSPOOL.DRV (73000000 - 73026000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
IEFRAME.dll (3E1C0000 - 3E78D000)
PSAPI.DLL (76BF0000 - 76BFB000)
UxTheme.dll (5AD70000 - 5ADA8000)
MSCTF.dll (74720000 - 7476C000)
xpsp2res.dll (00C80000 - 00F45000)
apphelp.dll (77B40000 - 77B62000)
msctfime.ime (755C0000 - 755EE000)
IEUI.dll (5DFF0000 - 5E01F000)
MSIMG32.dll (76380000 - 76385000)
gdiplus.dll (4EC50000 - 4EDFB000)
xmllite.dll (47060000 - 47081000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
msimtf.dll (746F0000 - 7471A000)
cscui.dll (77A20000 - 77A74000)
CSCDLL.dll (76600000 - 7661D000)
SETUPAPI.dll (77920000 - 77A13000)
msohevi.dll (6BD10000 - 6BD20000)
MSVCR80.dll (01750000 - 017EB000)
ieproxy.dll (61930000 - 6197A000)
SXS.DLL (7E720000 - 7E7D0000)
WININET.dll (3D930000 - 3DA01000)
Normaliz.dll (01950000 - 01959000)
MLANG.dll (75CF0000 - 75D81000)
ws2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
AcroIEHelperShim.dll(10000000 - 10011000)
MSVCP80.dll (7C420000 - 7C4A7000)
AcroIEHelper.dll (022A0000 - 022B0000)
jp2ssv.dll (6D440000 - 6D44C000)
MSVCR71.dll (7C340000 - 7C396000)
jqs_plugin.dll (6DAF0000 - 6DB02000)
mswsock.dll (71A50000 - 71A8F000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)
RASAPI32.dll (76EE0000 - 76F1C000)
rasman.dll (76E90000 - 76EA2000)
NETAPI32.dll (5B860000 - 5B8B5000)
TAPI32.dll (76EB0000 - 76EDF000)
rtutils.dll (76E80000 - 76E8E000)
WINMM.dll (76B40000 - 76B6D000)
msv1_0.dll (77C70000 - 77C95000)
cryptdll.dll (76790000 - 7679C000)
iphlpapi.dll (76D60000 - 76D79000)
sensapi.dll (722B0000 - 722B5000)
actxprxy.dll (71D40000 - 71D5B000)
rasadhlp.dll (76FC0000 - 76FC6000)
DNSAPI.dll (76F20000 - 76F47000)
winrnr.dll (76FB0000 - 76FB8000)
WLDAP32.dll (76F60000 - 76F8C000)
mdnsNSP.dll (16080000 - 160A5000)
mshtml.dll (3DA20000 - 3DD95000)
msls31.dll (746C0000 - 746E9000)
ieapfltr.dll (42F90000 - 42FF0000)
WINTRUST.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)
NTMARTA.DLL (77690000 - 776B1000)
SAMLIB.dll (71BF0000 - 71C03000)
jscript.dll (75C50000 - 75CCD000)
ImgUtil.dll (1B000000 - 1B00C000)
pngfilt.dll (41E30000 - 41E3E000)
mshtmled.dll (42B90000 - 42C07000)
Flash10e.ocx (05500000 - 059A4000)
COMDLG32.dll (763B0000 - 763F9000)
mscms.dll (73B30000 - 73B45000)
wdmaud.drv (72D20000 - 72D29000)
msacm32.drv (72D10000 - 72D18000)
MSACM32.dll (77BE0000 - 77BF5000)
midimap.dll (77BD0000 - 77BD7000)
vbscript.dll (73300000 - 73369000)
schannel.dll (767F0000 - 76818000)
ddrawex.dll (6D430000 - 6D43A000)
DDRAW.dll (73760000 - 737AB000)
DCIMAN32.dll (73BC0000 - 73BC6000)
iepeers.dll (42070000 - 420A2000)
rsaenh.dll (68000000 - 68036000)
dssenh.dll (68100000 - 68126000)
cryptnet.dll (75E60000 - 75E73000)
WINHTTP.dll (4D4F0000 - 4D549000)
msxml3.dll (74980000 - 74AA3000)
Dxtrans.dll (420C0000 - 420F9000)
ATL.DLL (76B20000 - 76B31000)
Dxtmsft.dll (42010000 - 42067000)
MSRATING.dll (42B40000 - 42B73000)
ntshrui.dll (76990000 - 769B5000)
LINKINFO.dll (76980000 - 76988000)
wuapi.dll (506A0000 - 5072E000)
Cabinet.dll (75150000 - 75163000)

PID 3196 - C:\Documents and Settings\Janet Duross\Desktop\radix_installer\radixgui.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
comdlg32.dll (763B0000 - 763F9000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
COMCTL32.dll (5D090000 - 5D12A000)
SHELL32.dll (7C9C0000 - 7D1D7000)
msvcrt.dll (77C10000 - 77C68000)
SHLWAPI.dll (77F60000 - 77FD6000)
ole32.dll (774E0000 - 7761D000)
VERSION.dll (77C00000 - 77C08000)
dbghelp.dll (59A60000 - 59B01000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
wintrust.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)
NTMARTA.DLL (77690000 - 776B1000)
SAMLIB.dll (71BF0000 - 71C03000)
WLDAP32.dll (76F60000 - 76F8C000)
uxtheme.dll (5AD70000 - 5ADA8000)
MSCTF.dll (74720000 - 7476C000)
msctfime.ime (755C0000 - 755EE000)
OLEAUT32.DLL (77120000 - 771AB000)
xpsp2res.dll (02250000 - 02515000)
rsaenh.dll (68000000 - 68036000)
userenv.dll (769C0000 - 76A74000)
netapi32.dll (5B860000 - 5B8B5000)
cryptnet.dll (75E60000 - 75E73000)
PSAPI.DLL (76BF0000 - 76BFB000)
SensApi.dll (722B0000 - 722B5000)
WINHTTP.dll (4D4F0000 - 4D549000)
Cabinet.dll (75150000 - 75163000)
---- Check ended at 12.3.2010 1:16:16 ----

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by Dr Jay on Fri Mar 12, 2010 2:47 pm

Download [You must be registered and logged in to see this link.] to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    /md5start
    GEARAspiWDM.sys
    smss.exe
    atapi.sys
    iastor.sys
    iastorv.sys
    ntdll.dll
    csrss.exe
    Explorer.EXE
    RTHDCPL.EXE
    netlogon.dll
    userinit.exe
    kernel32.dll
    ntfs.sys
    termsrv.dll
    /md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time



Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13716
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302112
# Likes # Likes : 10

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Fri Mar 12, 2010 6:23 pm

OTL logfile created on: 3/12/2010 1:19:18 PM - Run 2
OTL by OldTimer - Version 3.1.37.0 Folder = C:\Documents and Settings\Janet Duross\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

894.00 Mb Total Physical Memory | 578.00 Mb Available Physical Memory | 65.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.40 Gb Total Space | 54.48 Gb Free Space | 78.50% Space Free | Partition Type: NTFS
Drive D: | 69.89 Gb Total Space | 69.75 Gb Free Space | 99.81% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MOMMOM
Current User Name: Janet Duross
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/03/12 13:15:25 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Janet Duross\Desktop\OTL.exe
PRC - [2008/04/14 17:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/07 01:42:24 | 000,050,424 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
PRC - [2008/04/04 06:03:14 | 000,131,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PRC - [2008/03/03 16:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
PRC - [2007/12/10 23:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe


========== Modules (SafeList) ==========

MOD - [2010/03/12 13:15:25 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Janet Duross\Desktop\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - [2008/05/05 17:25:46 | 000,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/04/07 01:42:24 | 000,050,424 | ---- | M] (NewTech InfoSystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
SRV - [2008/04/04 06:03:14 | 000,131,072 | ---- | M] () [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2008/03/03 16:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc)
SRV - [2007/12/10 23:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



O1 HOSTS File: ([2010/03/09 23:30:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} [You must be registered and logged in to see this link.] (MJLauncherCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 93.188.161.105 93.188.166.105 1.2.3.4
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Acer.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/28 19:52:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010/03/12 13:15:23 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Janet Duross\Desktop\OTL.exe
[2010/03/11 20:08:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Janet Duross\Desktop\radix_installer
[2010/03/11 00:24:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Janet Duross\Application Data\Apple Computer
[2010/03/11 00:24:00 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/03/11 00:23:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/03/11 00:23:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/03/11 00:23:38 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/03/11 00:23:14 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/03/11 00:23:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/03/11 00:23:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Janet Duross\Local Settings\Application Data\Apple
[2010/03/11 00:23:01 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/03/11 00:22:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/03/11 00:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/03/11 00:21:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Janet Duross\Local Settings\Application Data\Apple Computer
[2010/03/09 23:35:48 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/03/09 23:29:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/03/09 23:22:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/03/09 14:33:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Janet Duross\Desktop\SpiderKill
[2010/03/06 15:52:53 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/03/06 15:52:09 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/03/06 15:52:09 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/03/06 15:52:09 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/03/06 15:52:09 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/03/06 15:52:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/03/06 01:07:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/03/06 01:07:44 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/03/06 01:02:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/03/06 01:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2009/08/21 02:49:33 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/08/21 02:49:33 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/08/21 02:49:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/08/21 02:49:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/03/12 13:15:25 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Janet Duross\Desktop\OTL.exe
[2010/03/12 02:37:28 | 000,524,016 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/12 02:37:28 | 000,442,466 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/12 02:37:28 | 000,071,732 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/12 02:33:14 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/12 02:33:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/12 02:33:10 | 937,938,944 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/11 20:07:56 | 000,216,498 | ---- | M] () -- C:\Documents and Settings\Janet Duross\Desktop\radix_installer.zip
[2010/03/11 00:24:43 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/03/11 00:23:26 | 000,001,606 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/03/11 00:23:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/03/09 23:30:36 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/03/09 23:30:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/03/09 23:29:53 | 002,359,296 | ---- | M] () -- C:\Documents and Settings\Janet Duross\ntuser.dat
[2010/03/09 23:29:42 | 006,408,544 | -H-- | M] () -- C:\Documents and Settings\Janet Duross\Local Settings\Application Data\IconCache.db
[2010/03/09 23:20:11 | 003,885,152 | R--- | M] () -- C:\Documents and Settings\Janet Duross\Desktop\ComboFix.exe
[2010/03/09 14:32:19 | 000,039,521 | ---- | M] () -- C:\Documents and Settings\Janet Duross\Desktop\SpiderKill.zip
[2010/03/09 00:52:41 | 000,077,312 | ---- | M] () -- C:\Documents and Settings\Janet Duross\Desktop\mbr.exe
[2010/03/06 15:52:57 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/03/06 01:07:56 | 000,001,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/11 20:07:55 | 000,216,498 | ---- | C] () -- C:\Documents and Settings\Janet Duross\Desktop\radix_installer.zip
[2010/03/11 00:24:43 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/03/11 00:23:26 | 000,001,606 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/03/11 00:23:04 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/03/09 23:20:10 | 003,885,152 | R--- | C] () -- C:\Documents and Settings\Janet Duross\Desktop\ComboFix.exe
[2010/03/09 14:32:19 | 000,039,521 | ---- | C] () -- C:\Documents and Settings\Janet Duross\Desktop\SpiderKill.zip
[2010/03/09 01:16:34 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/03/09 00:52:41 | 000,077,312 | ---- | C] () -- C:\Documents and Settings\Janet Duross\Desktop\mbr.exe
[2010/03/06 15:52:56 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/03/06 15:52:53 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/03/06 15:52:09 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/03/06 15:52:09 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/03/06 15:52:09 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/03/06 15:52:09 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/03/06 01:07:56 | 000,001,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/08/21 02:55:47 | 000,000,030 | ---- | C] () -- C:\WINDOWS\1440X900.INI
[2008/10/29 10:55:34 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/10/28 20:10:54 | 000,000,109 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2008/10/28 20:10:36 | 000,000,105 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2008/10/28 20:05:12 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIOFM4.dll
[2008/10/28 20:05:12 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN5.dll
[2008/10/28 20:04:30 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2008/10/28 20:04:30 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2008/08/25 03:17:58 | 000,023,634 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008/04/14 17:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/02/25 00:29:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/02/25 00:29:00 | 001,482,752 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/02/25 00:29:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/02/25 00:29:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/02/25 00:29:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/03/28 02:45:26 | 000,000,097 | ---- | C] () -- C:\WINDOWS\ALaunch.ini
[2001/12/26 19:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/04 02:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 19:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/24 01:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2009/11/03 14:14:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2009/12/18 02:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NtiDvdCopy
[2009/08/21 04:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010/03/11 00:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: ATAPI.SYS >
[2008/04/14 17:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\I386\sp3.cab:atapi.sys
[2008/04/14 17:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 17:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/14 17:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CSRSS.EXE >
[2008/04/14 17:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\system32\csrss.exe
[2008/04/14 17:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\system32\dllcache\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008/04/14 17:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/14 17:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 17:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: GEARASPIWDM.SYS >
[2009/05/18 14:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) MD5=8182FF89C65E4D38B2DE4BB0FB18564E -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}\x86\x86\GEARAspiWDM.sys
[2009/05/18 14:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) MD5=8182FF89C65E4D38B2DE4BB0FB18564E -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
[2009/05/18 14:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) MD5=8182FF89C65E4D38B2DE4BB0FB18564E -- C:\WINDOWS\system32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspiWDM.sys
[2008/04/17 12:12:54 | 000,015,464 | ---- | M] (GEAR Software Inc.) MD5=AB8A6A87D9D7255C3884D5B9541A6E80 -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}\x86\x86\GEARAspiWDM.sys
[2008/04/17 12:12:54 | 000,015,464 | ---- | M] (GEAR Software Inc.) MD5=AB8A6A87D9D7255C3884D5B9541A6E80 -- C:\WINDOWS\system32\DRVSTORE\GEARAspiWD_D213663B6381F01E45A131159A9DEFE018321CB3\x86\GEARAspiWDM.sys
[2008/04/17 12:12:54 | 000,019,304 | ---- | M] (GEAR Software Inc.) MD5=CB121F1009623E83EBCC2C4DCEF6D3FE -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}\x64\x64\GEARAspiWDM.sys

< MD5 for: KERNEL32.DLL >
[2009/03/21 09:06:58 | 000,989,696 | ---- | M] (Microsoft Corporation) MD5=B921FB870C9AC0D509B2CCABBBBE95F3 -- C:\WINDOWS\ERDNT\cache\kernel32.dll
[2009/03/21 09:06:58 | 000,989,696 | ---- | M] (Microsoft Corporation) MD5=B921FB870C9AC0D509B2CCABBBBE95F3 -- C:\WINDOWS\system32\dllcache\kernel32.dll
[2009/03/21 09:06:58 | 000,989,696 | ---- | M] (Microsoft Corporation) MD5=B921FB870C9AC0D509B2CCABBBBE95F3 -- C:\WINDOWS\system32\kernel32.dll
[2008/04/14 17:00:00 | 000,989,696 | ---- | M] (Microsoft Corporation) MD5=C24B983D211C34DA8FCC1AC38477971D -- C:\WINDOWS\$NtUninstallKB959426$\kernel32.dll
[2009/03/21 08:59:23 | 000,991,744 | ---- | M] (Microsoft Corporation) MD5=DA11D9D6ECBDF0F93436A4B7C13F7BEC -- C:\WINDOWS\$hf_mig$\KB959426\SP3QFE\kernel32.dll

< MD5 for: NETLOGON.DLL >
[2008/04/14 17:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/14 17:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 17:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NTDLL.DLL >
[2008/04/14 17:00:00 | 000,706,048 | ---- | M] (Microsoft Corporation) MD5=27D9ED8CB8B62D1E0A8E5ACE6CF52E2F -- C:\I386\NTDLL.DLL
[2008/04/14 17:00:00 | 000,706,048 | ---- | M] (Microsoft Corporation) MD5=27D9ED8CB8B62D1E0A8E5ACE6CF52E2F -- C:\I386\SYSTEM32\NTDLL.DLL
[2008/04/14 17:00:00 | 000,706,048 | ---- | M] (Microsoft Corporation) MD5=27D9ED8CB8B62D1E0A8E5ACE6CF52E2F -- C:\WINDOWS\$NtUninstallKB956572$\ntdll.dll
[2009/02/09 07:10:48 | 000,714,752 | ---- | M] (Microsoft Corporation) MD5=911DDF2E16761643A47225F654D811E5 -- C:\WINDOWS\system32\dllcache\ntdll.dll
[2009/02/09 07:10:48 | 000,714,752 | ---- | M] (Microsoft Corporation) MD5=911DDF2E16761643A47225F654D811E5 -- C:\WINDOWS\system32\ntdll.dll
[2009/02/09 05:56:35 | 000,715,264 | ---- | M] (Microsoft Corporation) MD5=B0913005EE3FC15D7F72472D0B8A30EB -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntdll.dll
[2004/08/04 00:56:38 | 000,708,096 | ---- | M] (Microsoft Corporation) MD5=BB5CBFFC096497506167BCE1D9690EF2 -- C:\cmdcons\SYSTEM32\NTDLL.DLL

< MD5 for: NTFS.SYS >
[2008/04/14 17:00:00 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\I386\NTFS.SYS
[2008/04/14 17:00:00 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ERDNT\cache\ntfs.sys
[2008/04/14 17:00:00 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\dllcache\ntfs.sys
[2008/04/14 17:00:00 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004/08/03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\NTFS.SYS

< MD5 for: RTHDCPL.EXE >
[2008/05/16 02:39:00 | 016,862,720 | ---- | M] (Realtek Semiconductor Corp.) MD5=013A269E7AF8B01FF20B384FEEBFFDA5 -- C:\Program Files\Realtek\Audio\InstallShield\RTHDCPL.exe
[2008/05/16 02:39:00 | 016,862,720 | ---- | M] (Realtek Semiconductor Corp.) MD5=013A269E7AF8B01FF20B384FEEBFFDA5 -- C:\WINDOWS\RTHDCPL.exe

< MD5 for: SMSS.EXE >
[2008/04/14 17:00:00 | 000,470,016 | ---- | M] (Microsoft Corporation) MD5=3C3393C92A73A3006C7B706DAC54A812 -- C:\I386\SYSTEM32\SMSS.EXE
[2008/04/14 17:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008/04/14 17:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2004/08/04 00:56:58 | 000,152,576 | ---- | M] (Microsoft Corporation) MD5=DA5CF1C368B33D75602FD6B3A7F5E0C6 -- C:\cmdcons\SYSTEM32\SMSS.EXE

< MD5 for: TERMSRV.DLL >
[2008/04/14 17:00:00 | 000,295,424 | ---- | M] (Microsoft Corporation) MD5=FF3477C03BE7201C294C35F684B3479F -- C:\WINDOWS\ERDNT\cache\termsrv.dll
[2008/04/14 17:00:00 | 000,295,424 | ---- | M] (Microsoft Corporation) MD5=FF3477C03BE7201C294C35F684B3479F -- C:\WINDOWS\system32\dllcache\termsrv.dll
[2008/04/14 17:00:00 | 000,295,424 | ---- | M] (Microsoft Corporation) MD5=FF3477C03BE7201C294C35F684B3479F -- C:\WINDOWS\system32\termsrv.dll

< MD5 for: USERINIT.EXE >
[2008/04/14 17:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/14 17:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 17:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< End of report >

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Fri Mar 12, 2010 6:29 pm

there is no extra.txt on my desktop where i saved OTL

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by Dr Jay on Fri Mar 12, 2010 8:46 pm

Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:
  • Select Start > All Programs > Accessories > System tools > System Restore.
  • On the dialogue box that appears select Create a Restore Point
  • Click NEXT
  • Enter a name e.g. Clean
  • Click CREATE

You now have a clean restore point, to get rid of the bad ones:
  • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  • In the Drop down box that appears select your main drive e.g. C
  • Click OK
  • The System will do some calculation and the display a dialogue box with TABS
  • Select the More Options Tab.
  • At the bottom will be a system restore box with a CLEANUP button click this
  • Accept the Warning and select OK again, the program will close and you are done


To remove all of the tools we used and the files and folders they created, please do the following:
Please download [You must be registered and logged in to see this link.] by OldTimer:

  • Save it to your Desktop.
  • Double click OTC.exe.
  • Click the CleanUp! button.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

==

Please download [You must be registered and logged in to see this link.] to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start
    button to begin the process. Depending on how often you clean temp
    files, execution time should be anywhere from a few seconds to a minute
    or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.


==

Download Security Check by screen317 from [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.].
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13716
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302112
# Likes # Likes : 10

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on Sat Mar 13, 2010 3:59 am

Results of screen317's Security Check version 0.99.1
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
``````````````````````````````
Anti-malware/Other Utilities Check:

Java(TM) 6 Update 18
Java Auto Updater
Out of date Java installed!
Adobe Flash Player 10
Adobe Reader 9.3
``````````````````````````````
Process Check:
objlist.exe by Laurent

``````````````````````````````
DNS Vulnerability Check:

POOR! (Vulnerable to DNS cache poisoning!!-- Consider OPENDNS)

`````````End of Log```````````

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28402
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by Dr Jay on Sat Mar 13, 2010 6:47 pm

Please read the following information that I have provided, which will help you prevent malicious software in the future. Please keep in mind, malware is a continuous danger on the Internet. It is highly important to stay safe while browsing, to prevent re-infection.

Software recommendations

Antivirus/Antispyware

  • [You must be registered and logged in to see this link.]: this is Microsoft's free antivirus/antispyware program. It equips you with protection against viruses, spyware, trojans, rootkits, and worms. It is also light on the computer's performance. Note: when installing this, you have both an antivirus and antispyware. Make sure you also get a firewall.
  • [You must be registered and logged in to see this link.]: this is one of the most powerful, and easiest to use security software. The free version equips you with protection against viruses, spyware, trojans, rootkits, worms, and rogue software. Note: when installing this, you have both an antivirus and antispyware. Make sure you also get a firewall.


Firewall

  • [You must be registered and logged in to see this link.]: the free version is just as good as the premium. I have linked you to the free version.
  • [You must be registered and logged in to see this link.]: the free version is just as good as the premium. I have linked you to the free version. The optional security suite enhances the firewall by 40% increase. If you would like to install the suite that includes antivirus, then remove your old antivirus first.
  • [You must be registered and logged in to see this link.]: free and excellent firewall.


Note: Please keep ALL of these programs up-to-date and run them whenever you suspect a problem to prevent malware problems.

Resident Protection help
A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall, and scanning anti-spyware program at a time. Passive protectors such as SpywareBlaster can be run with any of them.

Rogue programs help
There are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:
[You must be registered and logged in to see this link.]

Securing your computer

  • [You must be registered and logged in to see this link.] - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  • [You must be registered and logged in to see this link.] replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is your local computer's loopback address, meaning it will be difficult to infect your computer in the future.


Please consider using an alternate browser
Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScript, can make it even more secure. Opera is another good option.

If you are interested:


See [You must be registered and logged in to see this link.] for more info about malware and prevention.

Thank you for choosing GeekPolice. Please see [You must be registered and logged in to see this link.] if you would like to leave feedback or contribute to our site. Do you have any more questions?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 13716
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Protection Protection : Bitdefender Total Security
Points Points : 302112
# Likes # Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum