computer slow

View previous topic View next topic Go down

Re: computer slow

Post by shannonmac8 on 12th March 2010, 1:31 am

[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_01
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_01
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_01
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_05
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_05
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_05
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_06
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_06
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_06
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_07
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_07
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_07
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_08
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_08
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_08
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_09
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_09
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_09
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_10
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_10
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_10
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_11
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_11
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_11
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_12
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_12
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_12
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_13
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_13
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_13
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_14
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_14
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_14
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_15
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_15
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_15
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_16
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_16
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_16
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_17
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_17
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_17
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_18
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_18
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_18
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_19
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_19
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_19
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_20
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_20
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_20
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_21
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_21
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_21
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_22
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_22
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_22
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_23
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_23
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_23
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_24
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_24
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_24
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_25
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_25
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_25
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_26
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_26
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_26
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_27
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_27
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_27
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_28
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_28
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28432
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on 12th March 2010, 1:32 am

[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_28
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_29
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_29
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_29
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_30
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_30
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0_30
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.5.0
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_01
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_01
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_01
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_03
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_04
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_05
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_05
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_05
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_06
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_06
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_06
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_07
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_07
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_07
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_08
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_08
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_08
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_09
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_09
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_09
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_10
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_10
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_10
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_11
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_11
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_11
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_12
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_12
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_12
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_13
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_13
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_13
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_14
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_14
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_14
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_15
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_15
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_15
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_16
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_16
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_16
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_17
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_17
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_17
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_18
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_18
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0_18
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.6.0
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}
[.] Found hidden value:
[REG_SZ] (Standard)
Java Plug-in 1.3.0_02
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}\InprocServer32
[.] Found hidden value:
[REG_SZ] (Standard)
C:\Program Files\Java\jre6\bin\jp2iexp.dll
[.] Found hidden value:
[REG_SZ] ThreadingModel
Apartment
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\Interface
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\JavaPlugin.160_18
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\JavaPlugin.160_18\CLSID
[.] Found hidden value:
[REG_SZ] (Standard)
{5852F5ED-8BF4-11D4-A245-0080C6F74284}
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\Network
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\Software
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\Software\Microsoft
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\Software\Microsoft\MediaPlayer
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\Software\Microsoft\MediaPlayer\Preferences
[.] Found hidden value:
[REG_DWORD] AcceptedPrivacyStatement
00000001
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\Software\Microsoft\Windows NT
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\Software\Microsoft\Windows NT\CurrentVersion
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\Software\Microsoft\Windows NT\CurrentVersion\Network
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\Software\Microsoft\Windows NT\CurrentVersion\Network\Persistent Connections
[*] Found hidden key: HKEY_USERS\S-1-5-21-1801674531-362288127-682003330-1003_Classes\TypeLib
DONE.
-------------------------------------------------------------------------------

--------------------[HKEY_USERS\S-1-5-18 ]-------------------
WARNING: Dumping the registry can take quite some time! Be assured
that the app doesn't hang while dumping!
Dumping...OK.
Scanning...[-] Unable to open key: HKEY_USERS\S-1-5-18\Software\Microsoft\Protected Storage System Provider\S-1-5-18: Access is denied.

DONE.
-------------------------------------------------------------------------------

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28432
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on 12th March 2010, 1:33 am

1:12:42 - Performing check: "Hidden processes":
(01) PID: 0 [00000000] (Idle)
(53) PID: 4 [84AD6B98] (System)
(191) PID: 108 [848695F8] (SchedulerSvc.exe)
(175) PID: 412 [83972768] (svchost.exe)
(175) PID: 448 [84755020] (agrsmsvc.exe)
(191) PID: 460 [8475F020] (Agentsvc.exe)
(191) PID: 496 [8486A8B8] (jqs.exe)
(175) PID: 528 [849F3020] (LSSrvc.exe)
(07) PID: 564 [848B6DA0] (smss.exe)
(191) PID: 620 [83952768] (BackupSvc.exe)
(191) PID: 632 [847CDDA0] (csrss.exe)
(191) PID: 656 [84913C38] (winlogon.exe)
(191) PID: 700 [8479ADA0] (services.exe)
(191) PID: 712 [847B1DA0] (lsass.exe)
(191) PID: 776 [847C5258] (nvsvc32.exe)
(191) PID: 840 [848F6BE0] (RichVideo.exe)
(191) PID: 868 [84765618] (svchost.exe)
(191) PID: 928 [8479D520] (svchost.exe)
(191) PID: 1024 [847B6A88] (svchost.exe)
(175) PID: 1072 [847D6A88] (svchost.exe)
(175) PID: 1128 [847C6618] (svchost.exe)
(191) PID: 1268 [836A24B8] (iexplore.exe)
(191) PID: 1468 [84937618] (explorer.exe)
(191) PID: 1496 [8358D4D0] (iTunesHelper.exe)
(191) PID: 1552 [849E3618] (spoolsv.exe)
(191) PID: 1584 [8354F2E0] (alg.exe)
(191) PID: 1652 [834DE638] (iPodService.exe)
(191) PID: 1700 [84873B78] (RTHDCPL.exe)
(175) PID: 1732 [83974768] (jusched.exe)
(175) PID: 1764 [839CD768] (ctfmon.exe)
(175) PID: 2572 [849A4440] (wuauclt.exe)
(191) PID: 3044 [835B6330] (AppleMobileDeviceService.exe)
(187) PID: 3196 [8346ED38] (radixgui.exe)
(191) PID: 3924 [83380B80] (mDNSResponder.exe)
1:12:45 - Performing check: "Selftest":
Doing a short selftest...
-> Checking IAT

PID 3196 - C:\Documents and Settings\Janet Duross\Desktop\radix_installer\radixgui.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
comdlg32.dll (763B0000 - 763F9000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
COMCTL32.dll (5D090000 - 5D12A000)
SHELL32.dll (7C9C0000 - 7D1D7000)
msvcrt.dll (77C10000 - 77C68000)
SHLWAPI.dll (77F60000 - 77FD6000)
ole32.dll (774E0000 - 7761D000)
VERSION.dll (77C00000 - 77C08000)
dbghelp.dll (59A60000 - 59B01000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
wintrust.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)
NTMARTA.DLL (77690000 - 776B1000)
SAMLIB.dll (71BF0000 - 71C03000)
WLDAP32.dll (76F60000 - 76F8C000)
uxtheme.dll (5AD70000 - 5ADA8000)
MSCTF.dll (74720000 - 7476C000)
msctfime.ime (755C0000 - 755EE000)
OLEAUT32.DLL (77120000 - 771AB000)
Selftest complete.

1:12:47 - Performing check: "MBR":
Partition Table:
+----+-----+------Start------+--------End------+----------+----------+----+
| Nr | Act | Head Sect Track | Head Sect Track | Offset | Length | OS |
+----+-----+-----------------+-----------------+----------+----------+----+
| 1 | N | 001 01 0000 | 254 63 0255 | 0000003F | 01384C3B | 12 |
| 2 | Y | 254 63 0255 | 254 63 0255 | 01384C7A | 08ACE664 | 07 |
| 3 | N | 254 63 0255 | 254 63 0255 | 09E532DE | 08BC57E3 | 07 |
| 4 | N | 000 00 0000 | 000 00 0000 | 00000000 | 00000000 | 00 |
+----+-----+-----------------+-----------------+----------+----------+----+
MBR seems to be OK.
1:12:47 - Performing check: "IRP hooks":
00 \Driver\Beep 84878458 Beep.SYS
01 \Driver\NDIS 8499F470 NDIS.sys
02 \Driver\KSecDD 849BDF38 KSecDD.sys
03 \Driver\Mouclass 8485DF38 mouclass.sys
04 \Driver\Raspti 84876830 raspti.sys
05 \Driver\Fips 84868180 Fips.SYS
06 \Driver\Kbdclass 84A422E0 kbdclass.sys
07 \Driver\IntcAzAudAddService 848CB780 RtkHDAud.sys
08 \Driver\VgaSave 84873880 vga.sys
09 \Driver\NDProxy 8487E700 NDProxy.SYS
10 \Driver\wdmaud 83B5C730 wdmaud.sys
11 \Driver\Ptilink 848634C0 ptilink.sys
12 \Driver\MountMgr 84A8D840 MountMgr.sys
13 \Driver\Processor 849F5030 processr.sys
14 \Driver\isapnp 84AAA068 isapnp.sys
15 \Driver\redbook 84A652A8 redbook.sys
15 >\Driver\NTIDrvr 84925D08 NTIDrvr.sys
16 >\Driver\GEARAspiWDM 848C83F8 GEARAspiWDM.sys
18 \Driver\atapi 84A52A38 atapi.sys
18 >\Driver\ACPIi 84AF2E00 ACPI.sys
19 >\Driver\Imapi 849D6C68 imapi.sys
20 >\Driver\UBHelper 84A52E40 UBHelper.sys
21 >\Driver\Cdromper 84926D30 cdrom.sys
22 >\Driver\redbookr 84A652A8 redbook.sys
15 >\Driver\NTIDrvrr 84925D08 NTIDrvr.sys
16 >\Driver\GEARAspiWDM 848C83F8 GEARAspiWDM.sys
23 \Driver\USBSTOR 84868030 USBSTOR.SYS
23 >\Driver\DiskTOR 84A0D2D8 disk.sys
24 >\Driver\PartMgr 84A52F38 PartMgr.sys
26 \Driver\IpNat 84904F38 ipnat.sys
27 \Driver\RasAcd 849FA3C8 rasacd.sys
28 \Driver\PSched 84899F38 psched.sys
29 \Driver\SDTHelper 834D6A48 sdthlpr.sys
30 \Driver\Win32k 83B54730 win32k.sys
31 \Driver\mouhid 84868DA0 mouhid.sys
31 >\Driver\Mouclass 8485DF38 mouclass.sys
32 \Driver\NVENETFD 84905858 NVENETFD.sys
33 \Driver\audstub 848CCD28 audstub.sys
34 \Driver\usbohci 84A40208 usbohci.sys
34 >\Driver\usbhubi 849D7F38 usbhub.sys
35 \Driver\usbhub 849D7F38 usbhub.sys
35 >\Driver\USBSTOR 84868030 USBSTOR.SYS
36 \Driver\swenum 8485CDA0 swenum.sys
36 >\Driver\sysaudio 83B59730 sysaudio.sys
38 \Driver\HTTP 84A875E0 HTTP.sys
39 \Driver\RDPCDD 849F94C0 RDPCDD.sys
40 \Driver\Update 8485BF38 update.sys
41 \Driver\RasPppoe 84A4F030 raspppoe.sys
37 \Driver\sysaudio 83B59730 sysaudio.sys
42 \Driver\TermDD 84862658 termdd.sys
42 >\Driver\Mouclass 8485DF38 mouclass.sys
43 \Driver\Modem 848AD6B0 Modem.SYS
44 \Driver\Ftdisk 84A8D5A0 ftdisk.sys
44 >\Driver\VolSnap 84A52D48 VolSnap.sys
46 \Driver\WmiAcpi 84A5ADA0 wmiacpi.sys
47 \Driver\Rasl2tp 848CD258 rasl2tp.sys
48 \Driver\nvnetbus 8492D300 nvnetbus.sys
48 >\Driver\NVENETFD 84905858 NVENETFD.sys
49 \Driver\PptpMiniport 84A36128 raspptp.sys
50 \Driver\WMIxWDM 84AF51A8 ntkrnlpa.exe
51 \Driver\ACPI_HAL 84AC0158 hal.dll
51 >\Driver\ACPI_HAL 84AF2E00 ACPI.sys
52 \Driver\NetBT 849043C8 netbt.sys
22 \Driver\Cdrom 84926D30 cdrom.sys
22 >\Driver\redbook 84A652A8 redbook.sys
15 >\Driver\NTIDrvr 84925D08 NTIDrvr.sys
16 >\Driver\GEARAspiWDM 848C83F8 GEARAspiWDM.sys
53 \Driver\mssmbios 8485ADA0 mssmbios.sys
54 \Driver\PCIIde 84A8F2B0 pciide.sys
54 >\Driver\ACPIde 84AF2E00 ACPI.sys
19 >\Driver\atapie 84A52A38 atapi.sys
55 \Driver\AgereSoftModem 848AF3B8 AGRSM.sys
55 >\Driver\ModemSoftModem 848AD6B0 Modem.SYS
56 \Driver\Wanarp 84904CA8 wanarp.sys
57 \Driver\Tcpip 849FAF38 tcpip.sys
58 \Driver\mnmdd 849F9750 mnmdd.SYS
45 \Driver\VolSnap 84A52D48 VolSnap.sys
59 \Driver\nv 849CFBB0 nv4_mini.sys
60 \Driver\TDTCP 84955D60 TDTCP.SYS
20 \Driver\Imapi 849D6C68 imapi.sys
20 >\Driver\UBHelper 84A52E40 UBHelper.sys
21 >\Driver\Cdromper 84926D30 cdrom.sys
22 >\Driver\redbookr 84A652A8 redbook.sys
15 >\Driver\NTIDrvrr 84925D08 NTIDrvr.sys
16 >\Driver\GEARAspiWDM 848C83F8 GEARAspiWDM.sys
61 \Driver\RDPWD 84A168E0 RDPWD.SYS
62 \Driver\Null 848BAAC8 Null.SYS
21 \Driver\UBHelper 84A52E40 UBHelper.sys
21 >\Driver\Cdromper 84926D30 cdrom.sys
22 >\Driver\redbookr 84A652A8 redbook.sys
15 >\Driver\NTIDrvrr 84925D08 NTIDrvr.sys
16 >\Driver\GEARAspiWDM 848C83F8 GEARAspiWDM.sys
63 \Driver\usbehci 849FE558 usbehci.sys
63 >\Driver\usbhubi 849D7F38 usbhub.sys
24 \Driver\Disk 84A0D2D8 disk.sys
64 \Driver\IPSec 849F9030 ipsec.sys
17 \Driver\GEARAspiWDM 848C83F8 GEARAspiWDM.sys F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28432
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on 12th March 2010, 1:34 am

F792772CThe code of the following module at F792772C (0) got patched. Here is the diff:
Address New-Original
F792772C: 8B - 00
F792772D: FF - 51
F792772E: 55 - EB
F792772F: 8B - F1
F7927730: EC - 80
F7927731: 51 - 7D
F7927732: 51 - FF
F7927733: 8B - 00
F7927734: 45 - 74
F7927735: 08 - 05
F7927736: 53 - 39
F7927737: 56 - 4F
F7927738: 57 - 54
F7927739: 8B - 75
F792773A: 78 - CF
F792773B: 28 - 53
F792773C: 81 - 57
F792773D: 3F - E8
F792773E: 47 - 5E
F792773F: 45 - 0B
F7927740: 41 - 00
F7927741: 52 - 00
F7927742: C6 - E9
F7927743: 45 - E3
F7927744: FF - 00
F7927746: 89 - 00
F7927747: 7D - 81
F7927748: F8 - 7E
F7927749: 75 - 0C
F792774A: 04 - 00
F792774B: C6 - 48
F7928A08 probably by C:\WINDOWS\System32\Drivers\GEARAspiWDM.sysThe code of the following module at F7928A08 (0) got patched. Here is the diff:
Address New-Original
F7928A08: C2 - FB
F7928A09: 04 - FF
F7928A0A: 00 - FF
F7928A0B: CC - 0A
F7928A0C: CC - 00
F7928A0D: CC - 00
F7928A0E: CC - 00
F7928A0F: CC - E9
F7928A10: 8B - 7E
F7928A11: FF - 02
F7928A12: 55 - 00
F7928A13: 8B - 00
F7928A14: EC - 8B
F7928A15: 83 - 01
F7928A16: EC - 83
F7928A17: 10 - C1
F7928A18: 56 - 04
F7928A19: 57 - 89
F7928A1A: 33 - 8D
F7928A1B: FF - E4
F7928A1C: 57 - FB
F7928A1D: 57 - FF
F7928A1E: 8D - FF
F7928A1F: 45 - 85
F7928A20: F0 - C0
F7928A21: 50 - 74
F7928A22: FF - 6F
F7928A23: 15 - 8B
F7928A24: 00 - 70
F7928A25: 85 - 04
F7928A26: 92 - 85
F7928A27: F7 - F6
--> JMP DWORD PTR DS:[F7928500]
-------------------------------------------------------------------------------
Information for module GEARAspiWDM.sys:
-------------------------------------------------------------------------------
Index: 39
Base address: F7927000
Size: 00003000
Flags: 09104000
Load count: 1
Imagename: \SystemRoot\System32\Drivers\GEARAspiWDM.sys
Name: CD DVD Filter
Version: 2.02.00.01
Company: GEAR Software Inc.
File Version: 2.02.00.01
Description: CD DVD Filter
Possible path: C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys
Signed: YES



65 \Driver\PCI 84A0DB98 pci.sys
65 >\Driver\AgereSoftModem 848AF3B8 AGRSM.sys
55 >\Driver\ModemSoftModem 848AD6B0 Modem.SYS
25 \Driver\PartMgr 84A52F38 PartMgr.sys
66 \Driver\NdisTapi 848CC8F8 ndistapi.sys
67 \Driver\NdisWan 848AF598 ndiswan.sys
16 \Driver\NTIDrvr 84925D08 NTIDrvr.sys
16 >\Driver\GEARAspiWDM 848C83F8 GEARAspiWDM.sys
68 \Driver\Gpc 848C4890 msgpc.sys
69 \Driver\HDAudBus 849A1C20 HDAudBus.sys
69 >\Driver\IntcAzAudAddService 848CB780 RtkHDAud.sys
19 \Driver\ACPI 84AF2E00 ACPI.sys
19 >\Driver\Imapi 849D6C68 imapi.sys
20 >\Driver\UBHelper 84A52E40 UBHelper.sys
21 >\Driver\Cdromper 84926D30 cdrom.sys
22 >\Driver\redbookr 84A652A8 redbook.sys
15 >\Driver\NTIDrvrr 84925D08 NTIDrvr.sys
16 >\Driver\GEARAspiWDM 848C83F8 GEARAspiWDM.sys
70 \Driver\PnpManager 84AC23E0 ntkrnlpa.exe
70 >\Driver\mssmbioser 8485ADA0 mssmbios.sys
71 \Driver\Ndisuio 84913260 ndisuio.sys
72 \Driver\AFD 84904838 afd.sys
73 \Driver\HidUsb 84A59360 hidusb.sys
73 >\Driver\mouhid 84868DA0 mouhid.sys
31 >\Driver\Mouclass 8485DF38 mouclass.sys
74 \Driver\i8042prt 84A5AB10 i8042prt.sys
74 >\Driver\Kbdclass 84A422E0 kbdclass.sys
75 \FileSystem\Ntfs 849C0168 Ntfs.sys
75 >\FileSystem\FltMgr 849C1280 fltMgr.sys
76 >\FileSystem\srtMgr 84A3AA50 sr.sys
78 \FileSystem\Fastfat 83582F38 Fastfat.SYS
78 >\FileSystem\FltMgrt 849C1280 fltMgr.sys
79 \FileSystem\NetBIOS 84868930 netbios.sys
77 \FileSystem\sr 84A3AA50 sr.sys
80 \FileSystem\Rdbss 848686A0 rdbss.sys
81 \FileSystem\Msfs 849F9BC0 Msfs.SYS
82 \FileSystem\MRxSmb 84868410 mrxsmb.sys
83 \FileSystem\Srv 84A63D60 srv.sys
84 \FileSystem\Mup 84A8D030 Mup.sys
85 \FileSystem\RAW 84AF31D8 ntkrnlpa.exe
86 \FileSystem\Npfs 849FA658 Npfs.SYS
87 \FileSystem\Fs_Rec 848CB918 Fs_Rec.SYS
88 \FileSystem\Cdfs 848B1AC8 Cdfs.SYS
88 >\FileSystem\FltMgr 849C1280 fltMgr.sys
76 \FileSystem\FltMgr 849C1280 fltMgr.sys
89 \FileSystem\MRxDAV 84A02A58 mrxdav.sys
89 >\FileSystem\FltMgr 849C1280 fltMgr.sys
1:13:36 - Performing check: "Patched modules":
Module information:

Idx Base Size Module Service Pre Sig Patched
000 804D7000 0020D000 ntkrnlpa.exe YES YES
001 806E4000 00020D00 hal.dll YES YES
002 F7987000 00002000 KDCOM.DLL YES YES
003 F7897000 00003000 BOOTVID.dll YES YES
004 F7358000 0002E000 ACPI.sys ACPI YES YES
005 F7989000 00002000 WMILIB.SYS YES YES
006 F7347000 00011000 pci.sys PCI YES YES
007 F7487000 0000A000 isapnp.sys isapnp YES YES
008 F7A4F000 00001000 pciide.sys PCIIde YES YES
009 F7707000 00007000 PCIIDEX.SYS YES YES
010 F7497000 0000B000 MountMgr.sys MountMgr YES YES
011 F7328000 0001F000 ftdisk.sys Ftdisk YES YES
012 F770F000 00005000 PartMgr.sys PartMgr YES YES
013 F798B000 00002000 UBHelper.sys UBHelper YES YES
014 F74A7000 0000D000 VolSnap.sys VolSnap YES YES
015 F7310000 00018000 atapi.sys atapi YES YES
016 F74B7000 00009000 disk.sys Disk YES YES
017 F74C7000 0000D000 CLASSPNP.SYS YES YES
018 F72F0000 00020000 fltMgr.sys FltMgr YES YES
019 F72DE000 00012000 sr.sys sr YES YES
020 F72C7000 00017000 KSecDD.sys KSecDD YES YES
021 F723A000 0008D000 Ntfs.sys Ntfs YES YES
022 F720D000 0002D000 NDIS.sys NDIS YES YES
023 F71F3000 0001A000 Mup.sys Mup YES YES
024 F7617000 00009000 processr.sys Processor YES YES
025 F791F000 00003000 wmiacpi.sys WmiAcpi YES YES
026 F7627000 0000D000 i8042prt.sys i8042prt YES YES
027 F7787000 00006000 kbdclass.sys Kbdclass YES YES
028 F778F000 00005000 usbohci.sys usbohci YES YES
029 F6B35000 00024000 USBPORT.SYS YES YES
030 F7797000 00008000 usbehci.sys usbehci YES YES
031 F6B0D000 00028000 HDAudBus.sys HDAudBus YES YES
032 F7637000 0000A000 nvnetbus.sys nvnetbus YES YES
033 F6A25000 000E8000 NVNRM.SYS YES YES
034 F7647000 0000B000 imapi.sys Imapi YES YES
035 F7657000 00010000 cdrom.sys Cdrom YES YES
036 F7667000 0000F000 redbook.sys redbook YES YES
037 F6A02000 00023000 ks.sys YES YES
038 F7995000 00002000 NTIDrvr.sys NTIDrvr YES YES
039 F7927000 00003000 GEARAspiWDM.sys GEARAspiWDM YES YES
040 F689F000 00126000 AGRSM.sys AgereSoftModem YES YES
041 F7997000 00002000 USBD.SYS YES YES
042 F779F000 00008000 Modem.SYS Modem YES YES
043 F6212000 0068D000 nv4_mini.sys nv YES YES
044 F61FE000 00014000 VIDEOPRT.SYS YES YES
045 F7ABC000 00001000 audstub.sys audstub YES YES
046 F7677000 0000D000 rasl2tp.sys Rasl2tp YES YES
047 F793B000 00003000 ndistapi.sys NdisTapi YES YES
048 F61E7000 00017000 ndiswan.sys NdisWan YES YES
049 F7687000 0000B000 raspppoe.sys RasPppoe YES YES
050 F7697000 0000C000 raspptp.sys PptpMiniport YES YES
051 F77A7000 00005000 TDI.SYS YES YES
052 F61D6000 00011000 psched.sys PSched YES YES
053 F76A7000 00009000 msgpc.sys Gpc YES YES
054 F77AF000 00005000 ptilink.sys Ptilink YES YES
055 F77B7000 00005000 raspti.sys Raspti YES YES
056 F76B7000 0000A000 termdd.sys TermDD YES YES
057 F77BF000 00006000 mouclass.sys Mouclass YES YES
058 F7999000 00002000 swenum.sys swenum YES YES
059 F6159000 0005E000 update.sys Update YES YES
060 F794B000 00004000 mssmbios.sys mssmbios YES YES
061 F76D7000 0000A000 NDProxy.SYS NDProxy YES YES
062 F76E7000 0000F000 usbhub.sys usbhub YES YES
063 F74F7000 0000E000 NVENETFD.sys NVENETFD YES YES
064 F294F000 004BD000 RtkHDAud.sys IntcAzAudAddService YES YES
065 F292B000 00024000 portcls.sys YES YES
066 F7507000 0000F000 drmk.sys YES YES
067 F79B3000 00002000 Fs_Rec.SYS Fs_Rec YES YES
068 F7AAE000 00001000 Null.SYS Null YES YES
069 F79B5000 00002000 Beep.SYS Beep YES YES
070 F7817000 00006000 vga.sys VgaSave YES YES
071 F79B7000 00002000 mnmdd.SYS mnmdd YES YES
072 F79B9000 00002000 RDPCDD.sys RDPCDD YES YES
073 F781F000 00005000 Msfs.SYS Msfs YES YES
074 F7827000 00008000 Npfs.SYS Npfs YES YES
075 F6B65000 00003000 rasacd.sys RasAcd YES YES
076 F2876000 00013000 ipsec.sys IPSec YES YES
077 F281D000 00059000 tcpip.sys Tcpip YES YES
078 F27F5000 00028000 netbt.sys NetBT YES YES
079 F27D3000 00022000 afd.sys AFD YES YES
080 F7547000 00009000 netbios.sys NetBIOS YES YES
081 F27A8000 0002B000 rdbss.sys Rdbss YES YES
082 F2738000 00070000 mrxsmb.sys MRxSmb YES YES
083 F7557000 0000B000 Fips.SYS Fips YES YES
084 F2712000 00026000 ipnat.sys IpNat YES YES
085 F7567000 00009000 wanarp.sys Wanarp YES YES
086 F6141000 00003000 hidusb.sys HidUsb YES YES
087 F7587000 00009000 HIDCLASS.SYS YES YES
088 F782F000 00007000 HIDPARSE.SYS YES YES
089 F7597000 00010000 Cdfs.SYS Cdfs YES YES
090 F7837000 00007000 USBSTOR.SYS USBSTOR YES YES
091 F6135000 00003000 mouhid.sys mouhid YES YES
092 F2632000 00018000 dump_atapi.sys NO NO
093 F79C9000 00002000 dump_WMILIB.SYS NO NO
094 BF800000 001C4000 win32k.sys YES YES
095 F28ED000 00003000 Dxapi.sys YES YES
096 F7847000 00005000 watchdog.sys YES YES
097 BF9C4000 00012000 dxg.sys YES YES
098 F7B61000 00001000 dxgthk.sys YES YES
099 BF9D6000 00585000 nv4_disp.dll YES YES
100 BFFA0000 00046000 ATMFD.DLL YES YES
101 BAEFC000 00004000 ndisuio.sys Ndisuio YES YES
102 BABB3000 00015000 wdmaud.sys wdmaud YES YES
103 F7607000 0000F000 sysaudio.sys sysaudio YES YES
104 BA956000 0002D000 mrxdav.sys MRxDAV YES YES
105 BA8D7000 00057000 srv.sys Srv YES YES
106 BA4AE000 00041000 HTTP.sys HTTP YES YES
107 F7867000 00006000 TDTCP.SYS TDTCP YES YES
108 BA3C3000 00023000 RDPWD.SYS RDPWD YES YES
109 B9212000 00024000 Fastfat.SYS Fastfat YES YES
110 BA803000 00004000 sdthlpr.sys SDTHelper YES NO
111 7C900000 000B2000 ntdll.dll YES YES

Number of Module Table entries patched = 0
1:14:4 - Performing check: "SDT hooks":
Found KiServiceTable @ 8055C700

0 ZwAcceptConnectPort 805A4614
1 ZwAccessCheck 805F0AEA
2 ZwAccessCheckAndAuditAlarm 805F4320
3 ZwAccessCheckByType 805F0B1C
4 ZwAccessCheckByTypeAndAuditAlarm 805F435A
5 ZwAccessCheckByTypeResultList 805F0B52
6 ZwAccessCheckByTypeResultListAndAuditAlarm 805F439E
7 ZwAccessCheckByTypeResultListAndAuditAlarmByHandle 805F43E2
8 ZwAddAtom 806153D2
9 ZwAddBootEntry 80616114
10 ZwAdjustGroupsToken 805EBEE8
11 ZwAdjustPrivilegesToken 805EBB40
12 ZwAlertResumeThread 805D4B48
13 ZwAlertThread 805D4AF8
14 ZwAllocateLocallyUniqueId 806159F8
15 ZwAllocateUserPhysicalPages 805B5F80
16 ZwAllocateUuids 80615014
17 ZwAllocateVirtualMemory 805A8A9E
18 ZwAreMappedFilesTheSame 805B0594
19 ZwAssignProcessToJobObject 805D660C
20 ZwCallbackReturn 8050189C
21 ZwCancelDeviceWakeupRequest 80616106
22 ZwCancelIoFile 80576AE6
23 ZwCancelTimer 80538BEE
24 ZwClearEvent 8060E5E2
25 ZwClose 805BC4FA
26 ZwCloseObjectAuditAlarm 805F485A
27 ZwCompactKeys 80623386
28 ZwCompareTokens 805F8D6E
29 ZwCompleteConnectPort 805A4D02
30 ZwCompressKey 806235DA
31 ZwConnectPort 805A45B4
32 ZwContinue 80544EA4
33 ZwCreateDebugObject 80641EAC
34 ZwCreateDirectoryObject 805BE4AA
35 ZwCreateEvent 8060E632
36 ZwCreateEventPair 8061698A
37 ZwCreateFile 80579084
38 ZwCreateIoCompletion 80578A62
39 ZwCreateJobObject 805D55D0
40 ZwCreateJobSet 805D5308
41 ZwCreateKey 806237B6
42 ZwCreateMailslotFile 80579192
43 ZwCreateMutant 80616D82
44 ZwCreateNamedPipeFile 805790BE
45 ZwCreatePagingFile 805AB9D2
46 ZwCreatePort 805A50D0
47 ZwCreateProcess 805D11FA
48 ZwCreateProcessEx 805D1144
49 ZwCreateProfile 806171A2
50 ZwCreateSection 805AB3AC
51 ZwCreateSemaphore 80614732
52 ZwCreateSymbolicLinkObject 805C39C4
53 ZwCreateThread 805D0FE2
54 ZwCreateTimer 80616652
55 ZwCreateToken 805F9116
56 ZwCreateWaitablePort 805A50F4
57 ZwDebugActiveProcess 80642F88
58 ZwDebugContinue 806430D8
59 ZwDelayExecution 80616056
60 ZwDeleteAtom 80615888
61 ZwDeleteBootEntry 80616106
62 ZwDeleteFile 80576C2C
63 ZwDeleteKey 80623C46
64 ZwDeleteObjectAuditAlarm 805F4966
65 ZwDeleteValueKey 80623E16
66 ZwDeviceIoControlFile 8057924A
67 ZwDisplayString 806126B0
68 ZwDuplicateObject 805BDFD2
69 ZwDuplicateToken 805ECD96
70 ZwEnumerateBootEntries 80616114
71 ZwEnumerateKey 80623FF6
72 ZwEnumerateSystemEnvironmentValuesEx 806160F8
73 ZwEnumerateValueKey 80624260
74 ZwExtendSection 805B3CA0
75 ZwFilterToken 805ECF42
76 ZwFindAtom 8061563C
77 ZwFlushBuffersFile 80576CF8
78 ZwFlushInstructionCache 805B6814
79 ZwFlushKey 806244CA
80 ZwFlushVirtualMemory 805AC6E6
81 ZwFlushWriteBuffer 805B67B6
82 ZwFreeUserPhysicalPages 805B6322
83 ZwFreeVirtualMemory 805B2F7C
84 ZwFsControlFile 8057927E
85 ZwGetContextThread 805D14F4
86 ZwGetDevicePowerState 805C864E
87 ZwGetPlugPlayEvent 80599116
88 ZwGetWriteWatch 80521196
89 ZwImpersonateAnonymousToken 805F8A62
90 ZwImpersonateClientOfPort 805A515E
91 ZwImpersonateThread 805D77CC
92 ZwInitializeRegistry 8062190C
93 ZwInitiatePowerAction 805C8434
94 ZwIsProcessInJob 805D51CC
95 ZwIsSystemResumeAutomatic 805C863A
96 ZwListenPort 805A536A
97 ZwLoadDriver 8058413A
98 ZwLoadKey 806259B2
99 ZwLoadKey2 806255BE
100 ZwLockFile 805792B2
101 ZwLockProductActivationKeys 80612CA2
102 ZwLockRegistryKey 80623686
103 ZwLockVirtualMemory 805B691C
104 ZwMakePermanentObject 805BE2A0
105 ZwMakeTemporaryObject 805BC59E
106 ZwMapUserPhysicalPages 805B53E0
107 ZwMapUserPhysicalPagesScatter 805B5930
108 ZwMapViewOfSection 805B2004
109 ZwModifyBootEntry 80616106
110 ZwNotifyChangeDirectoryFile 80579ECA
111 ZwNotifyChangeKey 8062597C
112 ZwNotifyChangeMultipleKeys 806245CC
113 ZwOpenDirectoryObject 805BE57C
114 ZwOpenEvent 8060E732
115 ZwOpenEventPair 80616A62
116 ZwOpenFile 8057A182
117 ZwOpenIoCompletion 80578B3A
118 ZwOpenJobObject 805D5756
119 ZwOpenKey 80624B88
120 ZwOpenMutant 80616E5A
121 ZwOpenObjectAuditAlarm 805F4428
122 ZwOpenProcess 805CB40A
123 ZwOpenProcessToken 805ED730
124 ZwOpenProcessTokenEx 805ED394
125 ZwOpenSection 805AA3D0
126 ZwOpenSemaphore 8061482C
127 ZwOpenSymbolicLinkObject 805C3BAA
128 ZwOpenThread 805CB696
129 ZwOpenThreadToken 805ED74E
130 ZwOpenThreadTokenEx 805ED504
131 ZwOpenTimer 80616774
132 ZwPlugPlayControl 8064517A
133 ZwPowerInformation 805C94BC
134 ZwPrivilegeCheck 805F7B14
135 ZwPrivilegeObjectAuditAlarm 805F373A
136 ZwPrivilegedServiceAuditAlarm 805F3926
137 ZwProtectVirtualMemory 805B83E8
138 ZwPulseEvent 8060E7EA
139 ZwQueryAttributesFile 80576ED6
140 ZwQueryBootEntryOrder 80616114
141 ZwQueryBootOptions 80616114
142 ZwQueryDebugFilterState 8053FBD6
143 ZwQueryDefaultLocale 806103DC
144 ZwQueryDefaultUILanguage 8061103C
145 ZwQueryDirectoryFile 80579E64
146 ZwQueryDirectoryObject 805BE61C
147 ZwQueryEaFile 8057A1B2
148 ZwQueryEvent 8060E8B2
149 ZwQueryFullAttributesFile 8057702A
150 ZwQueryInformationAtom 806158B0
151 ZwQueryInformationFile 8057AA1E
152 ZwQueryInformationJobObject 805D5C28
153 ZwQueryInformationPort 805A53C8
154 ZwQueryInformationProcess 805CCF5E
155 ZwQueryInformationThread 805CBB8C
156 ZwQueryInformationToken 805ED82E
157 ZwQueryInstallUILanguage 806107DA
158 ZwQueryIntervalProfile 80617624
159 ZwQueryIoCompletion 80578BE2
160 ZwQueryKey 80624EAE
161 ZwQueryMultipleValueKey 80622904
162 ZwQueryMutant 80616F02
163 ZwQueryObject 805C5296
164 ZwQueryOpenSubKeys 80622FB0
165 ZwQueryPerformanceCounter 806176B2
166 ZwQueryQuotaInformationFile 8057B800
167 ZwQuerySection 805B85AA
168 ZwQuerySecurityObject 805C0064
169 ZwQuerySemaphore 806148E4
170 ZwQuerySymbolicLinkObject 805C3C4A
171 ZwQuerySystemEnvironmentValue 80616130
172 ZwQuerySystemEnvironmentValueEx 806160EA
173 ZwQuerySystemInformation 806110BC
174 ZwQuerySystemTime 8061287C
175 ZwQueryTimer 8061682C
176 ZwQueryTimerResolution 8061290E
177 ZwQueryValueKey 806219EE
178 ZwQueryVirtualMemory 805B8C38
179 ZwQueryVolumeInformationFile 8057BCEA
180 ZwQueueApcThread 805D1240
181 ZwRaiseException 80544EEC
182 ZwRaiseHardError 80614556
183 ZwReadFile 8057C48A
184 ZwReadFileScatter 8057C9F4
185 ZwReadRequestData 805A5E50
186 ZwReadVirtualMemory 805B428C
187 ZwRegisterThreadTerminatePort 805D2762
188 ZwReleaseMutant 8061703A
189 ZwReleaseSemaphore 80614A14
190 ZwRemoveIoCompletion 80578EDA
191 ZwRemoveProcessDebug 80643058
192 ZwRenameKey 806231D8
193 ZwReplaceKey 80625862
194 ZwReplyPort 805A54D0
195 ZwReplyWaitReceivePort 805A6498
196 ZwReplyWaitReceivePortEx 805A5EA0
197 ZwReplyWaitReplyPort 805A57BA
198 ZwRequestDeviceWakeup 805C85CC
199 ZwRequestPort 805A2A2E
200 ZwRequestWaitReplyPort 805A2D5A
201 ZwRequestWakeupLatency 805C83DA
202 ZwResetEvent 8060E9C4
203 ZwResetWriteWatch 8052167E
204 ZwRestoreKey 8062516E
205 ZwResumeProcess 805D4AA2
206 ZwResumeThread 805D4984
207 ZwSaveKey 8062526A
208 ZwSaveKeyEx 80625350
209 ZwSaveMergedKeys 80625478
210 ZwSecureConnectPort 805A3D48
211 ZwSetBootEntryOrder 80616114
212 ZwSetBootOptions 80616114
213 ZwSetContextThread 805D1704
214 ZwSetDebugFilterState 80645D10
215 ZwSetDefaultHardErrorPort 80614400
216 ZwSetDefaultLocale 8061052C
217 ZwSetDefaultUILanguage 80610D9E
218 ZwSetEaFile 8057A6C6
219 ZwSetEvent 8060EA84
220 ZwSetEventBoostPriority 8060EB4E
221 ZwSetHighEventPair 80616D1E
222 ZwSetHighWaitLowEventPair 80616C4E
223 ZwSetInformationDebugObject 80642A22
224 ZwSetInformationFile 8057B010
225 ZwSetInformationJobObject 805D6936
226 ZwSetInformationKey 806224D0
227 ZwSetInformationObject 805C480C
228 ZwSetInformationProcess 805CDE54
229 ZwSetInformationThread 805CC0D8
230 ZwSetInformationToken 805F9E90
231 ZwSetIntervalProfile 80617186
232 ZwSetIoCompletion 80578E78
233 ZwSetLdtEntries 805D38CE
234 ZwSetLowEventPair 80616CBA
235 ZwSetLowWaitHighEventPair 80616BE2
236 ZwSetQuotaInformationFile 8057B7DE
237 ZwSetSecurityObject 805C05F8
238 ZwSetSystemEnvironmentValue 806163B4
239 ZwSetSystemEnvironmentValueEx 806160EA
240 ZwSetSystemInformation 8060F3EA
241 ZwSetSystemPowerState 80652E18
242 ZwSetSystemTime 80613B84
243 ZwSetThreadExecutionState 805C82EE
244 ZwSetTimer 80538D7E
245 ZwSetTimerResolution 80613056
246 ZwSetUuidSeed 80614ECA
247 ZwSetValueKey 80621D3C
248 ZwSetVolumeInformationFile 8057C0F4
249 ZwShutdownSystem 80612674
250 ZwSignalAndWaitForSingleObject 80526774
251 ZwStartProfile 806173D0
252 ZwStopProfile 8061757A
253 ZwSuspendProcess 805D4A4C
254 ZwSuspendThread 805D48BE
255 ZwSystemDebugControl 8061779E
256 ZwTerminateJobObject 805D74CA
257 ZwTerminateProcess 805D29AC
258 ZwTerminateThread 805D2BA6
259 ZwTestAlert 805D4C0C
260 ZwTraceEvent 80535114
261 ZwTranslateFilePath 80616122
262 ZwUnloadDriver 805842CE
263 ZwUnloadKey 80622066
264 ZwUnloadKeyEx 80622280
265 ZwUnlockFile 80579656
266 ZwUnlockVirtualMemory 805B6EAA
267 ZwUnmapViewOfSection 805B2E12
268 ZwVdmControl 805FB248
269 ZwWaitForDebugEvent 8064278A
270 ZwWaitForMultipleObjects 805C07AE
271 ZwWaitForSingleObject 805C06C4
272 ZwWaitHighEventPair 80616B7E
273 ZwWaitLowEventPair 80616B1A
274 ZwWriteFile 8057CEF2
275 ZwWriteFileGather 8057D4D6
276 ZwWriteRequestData 805A5E78
277 ZwWriteVirtualMemory 805B4396
278 ZwYieldExecution 80504AF4
279 ZwCreateKeyedEvent 80617BF6
280 ZwOpenKeyedEvent 80617CE0
281 ZwReleaseKeyedEvent 80617D92
282 ZwWaitForKeyedEvent 80617FEE
283 ZwQueryPortInformationProcess 805CB90C

Number of Service Table entries hooked = 0
Number of Service Table entries patched = 0
1:14:10 - Performing check: "IDT hooks":
IDT offset in kernel: 0x0653AF54
IDT address: 0x8003F400 (phys.: 0x02A5F400)

INT# SegType DPL ISR
000(00) IntG32 00 0008:805421C0
001(01) IntG32 00 0008:8054233C
002(02) TaskG32 00 0058:805528A6
003(03) IntG32 03 0008:80542750
004(04) IntG32 03 0008:805428D0
005(05) IntG32 00 0008:80542A30
006(06) IntG32 00 0008:80542BA4
007(07) IntG32 00 0008:8054321C
008(08) TaskG32 00 0050:80552898
009(09) IntG32 00 0008:80543620
010(0A) IntG32 00 0008:80543740
011(0B) IntG32 00 0008:80543880
012(0C) IntG32 00 0008:80543AE0
013(0D) IntG32 00 0008:80543DCC
014(0E) IntG32 00 0008:805444E0
015(0F) IntG32 00 0008:80544818
016(10) IntG32 00 0008:80544938
017(11) IntG32 00 0008:80544A74
018(12) TaskG32 00 00A0:050138C0 (hooked)
019(13) IntG32 00 0008:80544BDC
020(14) IntG32 00 0008:80544818
021(15) IntG32 00 0008:80544818
022(16) IntG32 00 0008:80544818
023(17) IntG32 00 0008:80544818
024(18) IntG32 00 0008:80544818
025(19) IntG32 00 0008:80544818
026(1A) IntG32 00 0008:80544818
027(1B) IntG32 00 0008:80544818
028(1C) IntG32 00 0008:80544818
029(1D) IntG32 00 0008:80544818
030(1E) IntG32 00 0008:80544818
031(1F) IntG32 00 0008:806E610C
032(20) Not present
033(21) Not present
034(22) Not present
035(23) Not present
036(24) Not present
037(25) Not present
038(26) Not present
039(27) Not present
040(28) Not present
041(29) Not present
042(2A) IntG32 03 0008:805419EE
043(2B) IntG32 03 0008:80541AF0
044(2C) IntG32 03 0008:80541CA0
045(2D) IntG32 03 0008:8054262C
046(2E) IntG32 03 0008:80541471
047(2F) IntG32 00 0008:80544818
048(30) IntG32 00 0008:80540B30
049(31) IntG32 00 0008:80540B3A
050(32) IntG32 00 0008:80540B44
051(33) IntG32 00 0008:80540B4E
052(34) IntG32 00 0008:80540B58
053(35) IntG32 00 0008:80540B62
054(36) IntG32 00 0008:80540B6C
055(37) IntG32 00 0008:806E5864
056(38) IntG32 00 0008:80540B80
057(39) IntG32 00 0008:80540B8A
058(3A) IntG32 00 0008:80540B94
059(3B) IntG32 00 0008:80540B9E
060(3C) IntG32 00 0008:80540BA8
061(3D) IntG32 00 0008:806E6E2C
062(3E) IntG32 00 0008:80540BBC
063(3F) IntG32 00 0008:80540BC6
064(40) IntG32 00 0008:80540BD0
065(41) IntG32 00 0008:806E6C88
066(42) IntG32 00 0008:80540BE4
067(43) IntG32 00 0008:80540BEE
068(44) IntG32 00 0008:80540BF8
069(45) IntG32 00 0008:80540C02
070(46) IntG32 00 0008:80540C0C
071(47) IntG32 00 0008:80540C16
072(48) IntG32 00 0008:80540C20
073(49) IntG32 00 0008:80540C2A
074(4A) IntG32 00 0008:80540C34
075(4B) IntG32 00 0008:80540C3E
076(4C) IntG32 00 0008:80540C48
077(4D) IntG32 00 0008:80540C52
078(4E) IntG32 00 0008:80540C5C
079(4F) IntG32 00 0008:80540C66
080(50) IntG32 00 0008:806E593C
081(51) IntG32 00 0008:80540C7A
082(52) IntG32 00 0008:80540C84
083(53) IntG32 00 0008:80540C8E
084(54) IntG32 00 0008:80540C98
085(55) IntG32 00 0008:80540CA2
086(56) IntG32 00 0008:80540CAC
087(57) IntG32 00 0008:80540CB6
088(58) IntG32 00 0008:80540CC0
089(59) IntG32 00 0008:80540CCA
090(5A) IntG32 00 0008:80540CD4
091(5B) IntG32 00 0008:80540CDE
092(5C) IntG32 00 0008:80540CE8
093(5D) IntG32 00 0008:80540CF2
094(5E) IntG32 00 0008:80540CFC
095(5F) IntG32 00 0008:80540D06
096(60) IntG32 00 0008:80540D10
097(61) IntG32 00 0008:80540D1A
098(62) IntG32 00 0008:80540D24
099(63) IntG32 00 0008:848E24A4 (hooked)
100(64) IntG32 00 0008:80540D38
101(65) IntG32 00 0008:80540D42
102(66) IntG32 00 0008:80540D4C
103(67) IntG32 00 0008:80540D56
104(68) IntG32 00 0008:80540D60
105(69) IntG32 00 0008:80540D6A
106(6A) IntG32 00 0008:80540D74
107(6B) IntG32 00 0008:80540D7E
108(6C) IntG32 00 0008:80540D88
109(6D) IntG32 00 0008:80540D92
110(6E) IntG32 00 0008:80540D9C
111(6F) IntG32 00 0008:80540DA6
112(70) IntG32 00 0008:80540DB0
113(71) IntG32 00 0008:80540DBA
114(72) IntG32 00 0008:80540DC4
115(73) IntG32 00 0008:84887A0C (hooked)
116(74) IntG32 00 0008:80540DD8
117(75) IntG32 00 0008:80540DE2
118(76) IntG32 00 0008:80540DEC
119(77) IntG32 00 0008:80540DF6
120(78) IntG32 00 0008:80540E00
121(79) IntG32 00 0008:80540E0A
122(7A) IntG32 00 0008:80540E14
123(7B) IntG32 00 0008:80540E1E
124(7C) IntG32 00 0008:80540E28
125(7D) IntG32 00 0008:80540E32
126(7E) IntG32 00 0008:80540E3C
127(7F) IntG32 00 0008:80540E46
128(80) IntG32 00 0008:80540E50
129(81) IntG32 00 0008:80540E5A
130(82) IntG32 00 0008:80540E64
131(83) IntG32 00 0008:84A2DB3C (hooked)
132(84) IntG32 00 0008:80540E78
133(85) IntG32 00 0008:80540E82
134(86) IntG32 00 0008:80540E8C
135(87) IntG32 00 0008:80540E96
136(88) IntG32 00 0008:80540EA0
137(89) IntG32 00 0008:80540EAA
138(8A) IntG32 00 0008:80540EB4
139(8B) IntG32 00 0008:80540EBE
140(8C) IntG32 00 0008:80540EC8
141(8D) IntG32 00 0008:80540ED2
142(8E) IntG32 00 0008:80540EDC
143(8F) IntG32 00 0008:80540EE6
144(90) IntG32 00 0008:80540EF0
145(91) IntG32 00 0008:80540EFA
146(92) IntG32 00 0008:80540F04
147(93) IntG32 00 0008:848E29FC (hooked)
148(94) IntG32 00 0008:80540F18
149(95) IntG32 00 0008:80540F22
150(96) IntG32 00 0008:80540F2C
151(97) IntG32 00 0008:80540F36
152(98) IntG32 00 0008:80540F40
153(99) IntG32 00 0008:80540F4A
154(9A) IntG32 00 0008:80540F54
155(9B) IntG32 00 0008:80540F5E
156(9C) IntG32 00 0008:80540F68
157(9D) IntG32 00 0008:80540F72
158(9E) IntG32 00 0008:80540F7C
159(9F) IntG32 00 0008:80540F86
160(A0) IntG32 00 0008:80540F90
161(A1) IntG32 00 0008:80540F9A
162(A2) IntG32 00 0008:80540FA4
163(A3) IntG32 00 0008:80540FAE
164(A4) IntG32 00 0008:848CEBEC (hooked)
165(A5) IntG32 00 0008:80540FC2
166(A6) IntG32 00 0008:80540FCC
167(A7) IntG32 00 0008:80540FD6
168(A8) IntG32 00 0008:80540FE0
169(A9) IntG32 00 0008:80540FEA
170(AA) IntG32 00 0008:80540FF4
171(AB) IntG32 00 0008:80540FFE
172(AC) IntG32 00 0008:80541008
173(AD) IntG32 00 0008:80541012
174(AE) IntG32 00 0008:8054101C
175(AF) IntG32 00 0008:80541026
176(B0) IntG32 00 0008:80541030
177(B1) IntG32 00 0008:84A92D44 (hooked)
178(B2) IntG32 00 0008:80541044
179(B3) IntG32 00 0008:8054104E
180(B4) IntG32 00 0008:846E253C (hooked)
181(B5) IntG32 00 0008:80541062
182(B6) IntG32 00 0008:8054106C
183(B7) IntG32 00 0008:80541076
184(B8) IntG32 00 0008:80541080
185(B9) IntG32 00 0008:8054108A
186(BA) IntG32 00 0008:80541094
187(BB) IntG32 00 0008:8054109E
188(BC) IntG32 00 0008:805410A8
189(BD) IntG32 00 0008:805410B2
190(BE) IntG32 00 0008:805410BC
191(BF) IntG32 00 0008:805410C6
192(C0) IntG32 00 0008:805410D0
193(C1) IntG32 00 0008:806E5AC0
194(C2) IntG32 00 0008:805410E4
195(C3) IntG32 00 0008:805410EE
196(C4) IntG32 00 0008:805410F8
197(C5) IntG32 00 0008:80541102
198(C6) IntG32 00 0008:8054110C
199(C7) IntG32 00 0008:80541116
200(C8) IntG32 00 0008:80541120
201(C9) IntG32 00 0008:8054112A
202(CA) IntG32 00 0008:80541134
203(CB) IntG32 00 0008:8054113E
204(CC) IntG32 00 0008:80541148
205(CD) IntG32 00 0008:80541152
206(CE) IntG32 00 0008:8054115C
207(CF) IntG32 00 0008:80541166
208(D0) IntG32 00 0008:80541170
209(D1) IntG32 00 0008:806E4E54
210(D2) IntG32 00 0008:80541184
211(D3) IntG32 00 0008:8054118E
212(D4) IntG32 00 0008:80541198
213(D5) IntG32 00 0008:805411A2
214(D6) IntG32 00 0008:805411AC
215(D7) IntG32 00 0008:805411B6
216(D8) IntG32 00 0008:805411C0
217(D9) IntG32 00 0008:805411CA
218(DA) IntG32 00 0008:805411D4
219(DB) IntG32 00 0008:805411DE
220(DC) IntG32 00 0008:805411E8
221(DD) IntG32 00 0008:805411F2
222(DE) IntG32 00 0008:805411FC
223(DF) IntG32 00 0008:80541206
224(E0) IntG32 00 0008:80541210
225(E1) IntG32 00 0008:806E6048
226(E2) IntG32 00 0008:80541224
227(E3) IntG32 00 0008:806E5DAC
228(E4) IntG32 00 0008:80541238
229(E5) IntG32 00 0008:80541242
230(E6) IntG32 00 0008:8054124C
231(E7) IntG32 00 0008:80541256
232(E8) IntG32 00 0008:80541260
233(E9) IntG32 00 0008:8054126A
234(EA) IntG32 00 0008:80541274
235(EB) IntG32 00 0008:8054127E
236(EC) IntG32 00 0008:80541288
237(ED) IntG32 00 0008:80541292
238(EE) IntG32 00 0008:80541299
239(EF) IntG32 00 0008:805412A0
240(F0) IntG32 00 0008:805412A7
241(F1) IntG32 00 0008:805412AE
242(F2) IntG32 00 0008:805412B5
243(F3) IntG32 00 0008:805412BC
244(F4) IntG32 00 0008:805412C3
245(F5) IntG32 00 0008:805412CA
246(F6) IntG32 00 0008:805412D1
247(F7) IntG32 00 0008:805412D8
248(F8) IntG32 00 0008:805412DF
249(F9) IntG32 00 0008:805412E6
250(FA) IntG32 00 0008:805412ED
251(FB) IntG32 00 0008:805412F4
252(FC) IntG32 00 0008:805412FB
253(FD) IntG32 00 0008:806E65A8
254(FE) IntG32 00 0008:806E6748
255(FF) IntG32 00 0008:80541310
1:14:29 - Performing check: "SYSENTER hook":
SYSENTER offset in kernel: 0x0046A540 (=0x80541540)
SYSENTER EIP: 0008:80541540 [OK]
1:14:29 - Performing check: "IAT hooks":

PID 564 - C:\WINDOWS\System32\smss.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)

PID 632 - C:\WINDOWS\system32\csrss.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
CSRSRV.dll (75B40000 - 75B4B000)
basesrv.dll (75B50000 - 75B60000)
winsrv.dll (75B60000 - 75BAB000)
GDI32.dll (77F10000 - 77F59000)
KERNEL32.dll (7C800000 - 7C8F6000)
USER32.dll (7E410000 - 7E4A1000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
sxs.dll (7E720000 - 7E7D0000)
Apphelp.dll (77B40000 - 77B62000)
VERSION.dll (77C00000 - 77C08000)

PID 656 - C:\WINDOWS\system32\winlogon.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
AUTHZ.dll (776C0000 - 776D2000)
msvcrt.dll (77C10000 - 77C68000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
NDdeApi.dll (75940000 - 75948000)
PROFMAP.dll (75930000 - 7593A000)
NETAPI32.dll (5B860000 - 5B8B5000)
USERENV.dll (769C0000 - 76A74000)
PSAPI.DLL (76BF0000 - 76BFB000)
REGAPI.dll (76BC0000 - 76BCF000)
SETUPAPI.dll (77920000 - 77A13000)
VERSION.dll (77C00000 - 77C08000)
WINSTA.dll (76360000 - 76370000)
WINTRUST.dll (76C30000 - 76C5E000)
IMAGEHLP.dll (76C90000 - 76CB8000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
MSGINA.dll (75970000 - 75A68000)
COMCTL32.dll (5D090000 - 5D12A000)
ODBC32.dll (74320000 - 7435D000)
comdlg32.dll (763B0000 - 763F9000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
comctl32.dll (773D0000 - 774D3000)
odbcint.dll (00940000 - 00957000)
SHSVCS.dll (776E0000 - 77703000)
sfc.dll (76BB0000 - 76BB5000)
sfc_os.dll (76C60000 - 76C8A000)
ole32.dll (774E0000 - 7761D000)
Apphelp.dll (77B40000 - 77B62000)
msctfime.ime (755C0000 - 755EE000)
WINSCARD.DLL (723D0000 - 723EC000)
WTSAPI32.dll (76F50000 - 76F58000)
sxs.dll (7E720000 - 7E7D0000)
uxtheme.dll (5AD70000 - 5ADA8000)
WINMM.dll (76B40000 - 76B6D000)
cscdll.dll (76600000 - 7661D000)
dimsntfy.dll (47020000 - 47028000)
WlNotify.dll (75950000 - 7596A000)
MPR.dll (71B20000 - 71B32000)
WINSPOOL.DRV (73000000 - 73026000)
rsaenh.dll (68000000 - 68036000)
SAMLIB.dll (71BF0000 - 71C03000)
xpsp2res.dll (014A0000 - 01765000)
msv1_0.dll (77C70000 - 77C95000)
cryptdll.dll (76790000 - 7679C000)
iphlpapi.dll (76D60000 - 76D79000)
cscui.dll (77A20000 - 77A74000)
NTMARTA.DLL (77690000 - 776B1000)
WLDAP32.dll (76F60000 - 76F8C000)
wdmaud.drv (72D20000 - 72D29000)
msacm32.drv (72D10000 - 72D18000)
MSACM32.dll (77BE0000 - 77BF5000)
midimap.dll (77BD0000 - 77BD7000)
COMRes.dll (77050000 - 77115000)
OLEAUT32.dll (77120000 - 771AB000)
CLBCATQ.DLL (76FD0000 - 7704F000)

PID 700 - C:\WINDOWS\system32\services.exe
-------------------------------------------------------------------------------

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28432
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on 12th March 2010, 1:34 am

ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
msvcrt.dll (77C10000 - 77C68000)
NCObjAPI.DLL (5F770000 - 5F77C000)
MSVCP60.dll (76080000 - 760E5000)
SCESRV.dll (7DBD0000 - 7DC21000)
AUTHZ.dll (776C0000 - 776D2000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
USERENV.dll (769C0000 - 76A74000)
umpnpmgr.dll (7DBA0000 - 7DBC1000)
WINSTA.dll (76360000 - 76370000)
NETAPI32.dll (5B860000 - 5B8B5000)
ShimEng.dll (5CB70000 - 5CB96000)
AcAdProc.dll (47260000 - 4726F000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
Apphelp.dll (77B40000 - 77B62000)
VERSION.dll (77C00000 - 77C08000)
eventlog.dll (77B70000 - 77B81000)
PSAPI.DLL (76BF0000 - 76BFB000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
wtsapi32.dll (76F50000 - 76F58000)
WINTRUST.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)
xpsp2res.dll (01220000 - 014E5000)
rsaenh.dll (68000000 - 68036000)
uxtheme.dll (5AD70000 - 5ADA8000)
Cabinet.dll (75150000 - 75163000)
ole32.dll (774E0000 - 7761D000)

PID 712 - C:\WINDOWS\system32\lsass.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
LSASRV.dll (75730000 - 757E5000)
MPR.dll (71B20000 - 71B32000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
MSASN1.dll (77B20000 - 77B32000)
msvcrt.dll (77C10000 - 77C68000)
NETAPI32.dll (5B860000 - 5B8B5000)
NTDSAPI.dll (767A0000 - 767B3000)
DNSAPI.dll (76F20000 - 76F47000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
WLDAP32.dll (76F60000 - 76F8C000)
SAMLIB.dll (71BF0000 - 71C03000)
SAMSRV.dll (74440000 - 744AA000)
cryptdll.dll (76790000 - 7679C000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
WINMM.dll (76B40000 - 76B6D000)
ole32.dll (774E0000 - 7761D000)
OLEAUT32.dll (77120000 - 771AB000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
msprivs.dll (4D200000 - 4D20E000)
kerberos.dll (71CF0000 - 71D3C000)
msv1_0.dll (77C70000 - 77C95000)
iphlpapi.dll (76D60000 - 76D79000)
netlogon.dll (744B0000 - 74515000)
w32time.dll (767C0000 - 767EC000)
MSVCP60.dll (76080000 - 760E5000)
schannel.dll (767F0000 - 76818000)
CRYPT32.dll (77A80000 - 77B15000)
wdigest.dll (7DFC0000 - 7DFD1000)
rsaenh.dll (68000000 - 68036000)
scecli.dll (74410000 - 7443F000)
SETUPAPI.dll (77920000 - 77A13000)
ipsecsvc.dll (743E0000 - 7440F000)
AUTHZ.dll (776C0000 - 776D2000)
oakley.DLL (75D90000 - 75E60000)
WINIPSEC.DLL (74370000 - 7437B000)
mswsock.dll (71A50000 - 71A8F000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)
pstorsvc.dll (743A0000 - 743AB000)
psbase.dll (743C0000 - 743DB000)
dssenh.dll (68100000 - 68126000)

PID 868 - C:\WINDOWS\system32\svchost.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
WINMM.dll (76B40000 - 76B6D000)
ole32.dll (774E0000 - 7761D000)
msvcrt.dll (77C10000 - 77C68000)
OLEAUT32.dll (77120000 - 771AB000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
NTMARTA.DLL (77690000 - 776B1000)
SAMLIB.dll (71BF0000 - 71C03000)
WLDAP32.dll (76F60000 - 76F8C000)
rpcss.dll (76A80000 - 76AE4000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
xpsp2res.dll (006E0000 - 009A5000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
termsrv.dll (760F0000 - 76143000)
ICAAPI.dll (74F70000 - 74F76000)
SETUPAPI.dll (77920000 - 77A13000)
WINTRUST.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)
AUTHZ.dll (776C0000 - 776D2000)
mstlsapi.dll (75110000 - 7512F000)
ACTIVEDS.dll (77CC0000 - 77CF2000)
adsldpc.dll (76E10000 - 76E35000)
NETAPI32.dll (5B860000 - 5B8B5000)
ATL.DLL (76B20000 - 76B31000)
REGAPI.dll (76BC0000 - 76BCF000)
rsaenh.dll (68000000 - 68036000)
rdpwsx.dll (72460000 - 72478000)
WINSPOOL.DRV (73000000 - 73026000)
Apphelp.dll (77B40000 - 77B62000)
WTSAPI32.dll (76F50000 - 76F58000)
WINSTA.dll (76360000 - 76370000)
msv1_0.dll (77C70000 - 77C95000)
cryptdll.dll (76790000 - 7679C000)
iphlpapi.dll (76D60000 - 76D79000)

PID 928 - C:\WINDOWS\system32\svchost.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
WINMM.dll (76B40000 - 76B6D000)
ole32.dll (774E0000 - 7761D000)
msvcrt.dll (77C10000 - 77C68000)
OLEAUT32.dll (77120000 - 771AB000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
rpcss.dll (76A80000 - 76AE4000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
xpsp2res.dll (006E0000 - 009A5000)
rsaenh.dll (68000000 - 68036000)
mswsock.dll (71A50000 - 71A8F000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)
DNSAPI.dll (76F20000 - 76F47000)
iphlpapi.dll (76D60000 - 76D79000)
winrnr.dll (76FB0000 - 76FB8000)
WLDAP32.dll (76F60000 - 76F8C000)
rasadhlp.dll (76FC0000 - 76FC6000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)

PID 1024 - C:\WINDOWS\System32\svchost.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
WINMM.dll (76B40000 - 76B6D000)
ole32.dll (774E0000 - 7761D000)
msvcrt.dll (77C10000 - 77C68000)
OLEAUT32.dll (77120000 - 771AB000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
NTMARTA.DLL (77690000 - 776B1000)
SAMLIB.dll (71BF0000 - 71C03000)
WLDAP32.dll (76F60000 - 76F8C000)
xpsp2res.dll (006E0000 - 009A5000)
shsvcs.dll (776E0000 - 77703000)
WINSTA.dll (76360000 - 76370000)
NETAPI32.dll (5B860000 - 5B8B5000)
dhcpcsvc.dll (7D4B0000 - 7D4D2000)
DNSAPI.dll (76F20000 - 76F47000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
iphlpapi.dll (76D60000 - 76D79000)
rsaenh.dll (68000000 - 68036000)
wzcsvc.dll (7DB10000 - 7DB9C000)
rtutils.dll (76E80000 - 76E8E000)
WMI.dll (76D30000 - 76D34000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
EapolQec.dll (72810000 - 7281B000)
ATL.DLL (76B20000 - 76B31000)
QUtil.dll (726C0000 - 726D6000)
MSVCP60.dll (76080000 - 760E5000)
dot3api.dll (478C0000 - 478CA000)
WTSAPI32.dll (76F50000 - 76F58000)
ESENT.dll (606B0000 - 607BD000)
mswsock.dll (71A50000 - 71A8F000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)
SETUPAPI.DLL (77920000 - 77A13000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
rastls.dll (76B70000 - 76B97000)
CRYPTUI.dll (754D0000 - 75550000)
WININET.dll (3D930000 - 3DA01000)
Normaliz.dll (014E0000 - 014E9000)
iertutil.dll (3DFD0000 - 3E015000)
WINTRUST.dll (76C30000 - 76C5E000)
IMAGEHLP.dll (76C90000 - 76CB8000)
MPRAPI.dll (76D40000 - 76D58000)
ACTIVEDS.dll (77CC0000 - 77CF2000)
adsldpc.dll (76E10000 - 76E35000)
RASAPI32.dll (76EE0000 - 76F1C000)
rasman.dll (76E90000 - 76EA2000)
TAPI32.dll (76EB0000 - 76EDF000)
SCHANNEL.dll (767F0000 - 76818000)
WinSCard.dll (723D0000 - 723EC000)
PSAPI.DLL (76BF0000 - 76BFB000)
raschap.dll (76BD0000 - 76BE6000)
msv1_0.dll (77C70000 - 77C95000)
cryptdll.dll (76790000 - 7679C000)
schedsvc.dll (77300000 - 77333000)
NTDSAPI.dll (767A0000 - 767B3000)
MSIDLE.DLL (74F50000 - 74F55000)
audiosrv.dll (708B0000 - 708BD000)
wkssvc.dll (76E40000 - 76E63000)
cryptsvc.dll (76CE0000 - 76CF2000)
certcli.dll (77B90000 - 77BC2000)
ersvc.dll (74F80000 - 74F89000)
es.dll (77710000 - 77754000)
pchsvc.dll (74F40000 - 74F4C000)
srvsvc.dll (75090000 - 750AA000)
netman.dll (77D00000 - 77D33000)
netshell.dll (76400000 - 765A5000)
credui.dll (76C00000 - 76C2E000)
dot3dlg.dll (736D0000 - 736D6000)
OneX.DLL (5DCA0000 - 5DCC8000)
eappcfg.dll (745B0000 - 745D2000)
eappprxy.dll (5DCD0000 - 5DCDE000)
WZCSAPI.DLL (73030000 - 73040000)
seclogon.dll (73D20000 - 73D28000)
sens.dll (722D0000 - 722DD000)
srsvc.dll (751A0000 - 751CE000)
POWRPROF.dll (74AD0000 - 74AD8000)
tapisrv.dll (733E0000 - 73420000)
trkwks.dll (75070000 - 75089000)
w32time.dll (767C0000 - 767EC000)
wmisvc.dll (59490000 - 594B8000)
VSSAPI.DLL (753E0000 - 7544D000)
wuauserv.dll (50000000 - 50005000)
wuaueng.dll (50040000 - 50219000)
WINSPOOL.DRV (73000000 - 73026000)
WINHTTP.dll (4D4F0000 - 4D549000)
Cabinet.dll (75150000 - 75163000)
mspatcha.dll (600A0000 - 600AB000)
browser.dll (76DA0000 - 76DB6000)
SXS.DLL (7E720000 - 7E7D0000)
wscsvc.dll (4C0A0000 - 4C0B7000)
msi.dll (7D1E0000 - 7D49C000)
wbemcomn.dll (75290000 - 752C7000)
wbemcore.dll (762C0000 - 76345000)
esscli.dll (75310000 - 7534F000)
FastProx.dll (75690000 - 75706000)
sfc.dll (76BB0000 - 76BB5000)
sfc_os.dll (76C60000 - 76C8A000)
wmiutils.dll (75020000 - 7503B000)
repdrvfs.dll (75200000 - 7522F000)
comsvcs.dll (76620000 - 7675C000)
colbact.DLL (75130000 - 75144000)
MTXCLU.DLL (750F0000 - 75103000)
WSOCK32.dll (71AD0000 - 71AD9000)
CLUSAPI.DLL (76D10000 - 76D22000)
RESUTILS.DLL (750B0000 - 750C2000)
wmiprvsd.dll (3F1E0000 - 3F252000)
NCObjAPI.DLL (5F770000 - 5F77C000)
wbemess.dll (75390000 - 753D6000)
Apphelp.dll (77B40000 - 77B62000)
ncprov.dll (5F740000 - 5F74E000)
ipnathlp.dll (66460000 - 664B5000)
AUTHZ.dll (776C0000 - 776D2000)
upnp.dll (76DE0000 - 76E04000)
SSDPAPI.dll (74F00000 - 74F0C000)
netcfgx.dll (755F0000 - 7568A000)
rasmans.dll (7DF30000 - 7DF62000)
WINIPSEC.DLL (74370000 - 7437B000)
wups2.dll (50F00000 - 50F0D000)
rastapi.dll (75880000 - 75891000)
rasadhlp.dll (76FC0000 - 76FC6000)
unimdm.tsp (57CC0000 - 57CF6000)
uniplat.dll (72000000 - 72007000)
unimdmat.dll (5B070000 - 5B084000)
modemui.dll (61650000 - 61678000)
kmddsp.tsp (57D40000 - 57D4B000)
ndptsp.tsp (57D20000 - 57D30000)
ipconf.tsp (57D50000 - 57D58000)
h323.tsp (57D70000 - 57DB6000)
hidphone.tsp (57D60000 - 57D6A000)
HID.DLL (688F0000 - 688F9000)
rasppp.dll (72240000 - 72277000)
ntlsapi.dll (724B0000 - 724B6000)
kerberos.dll (71CF0000 - 71D3C000)
RASQEC.DLL (72AE0000 - 72AF3000)
RASDLG.dll (768D0000 - 76974000)
catsrvut.dll (6FB10000 - 6FBAE000)
catsrv.dll (6FBD0000 - 6FC0D000)
MfcSubs.dll (61990000 - 61999000)
MPR.dll (71B20000 - 71B32000)
urlmon.dll (78130000 - 78258000)
msxml3.dll (74980000 - 74AA3000)
winrnr.dll (76FB0000 - 76FB8000)
mdnsNSP.dll (16080000 - 160A5000)
dssenh.dll (68100000 - 68126000)
advpack.dll (42EC0000 - 42EEE000)

PID 1072 - C:\WINDOWS\system32\svchost.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
WINMM.dll (76B40000 - 76B6D000)
ole32.dll (774E0000 - 7761D000)
msvcrt.dll (77C10000 - 77C68000)
OLEAUT32.dll (77120000 - 771AB000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
dnsrslvr.dll (76770000 - 7677D000)
DNSAPI.dll (76F20000 - 76F47000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
iphlpapi.dll (76D60000 - 76D79000)
rsaenh.dll (68000000 - 68036000)
mswsock.dll (71A50000 - 71A8F000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)

PID 1128 - C:\WINDOWS\system32\svchost.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
WINMM.dll (76B40000 - 76B6D000)
ole32.dll (774E0000 - 7761D000)
msvcrt.dll (77C10000 - 77C68000)
OLEAUT32.dll (77120000 - 771AB000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
NTMARTA.DLL (77690000 - 776B1000)
SAMLIB.dll (71BF0000 - 71C03000)
WLDAP32.dll (76F60000 - 76F8C000)
xpsp2res.dll (006E0000 - 009A5000)
lmhsvc.dll (74C40000 - 74C46000)
iphlpapi.dll (76D60000 - 76D79000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
ssdpsrv.dll (765E0000 - 765F4000)
hnetcfg.dll (662B0000 - 66308000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
mswsock.dll (71A50000 - 71A8F000)
wshtcpip.dll (71A90000 - 71A98000)

PID 1468 - C:\WINDOWS\Explorer.EXE
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
Explorer.EXE:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\ShimEng.dll:
Base address: 5CB70000
Size: 00026000
Flags: 8000400C
Load count: 1
Name: Microsoft® Windows® Operating System
Prod. Version: 5.1.2600.5512
Company: Microsoft Corporation
File Version: 5.1.2600.5512 (xpsp.080413-2105)
Description: Shim Engine DLL
Location: C:\WINDOWS\system32\ShimEng.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
ADVAPI32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\ShimEng.dll:
Base address: 5CB70000
Size: 00026000
Flags: 8000400C
Load count: 1
Name: Microsoft® Windows® Operating System
Prod. Version: 5.1.2600.5512
Company: Microsoft Corporation
File Version: 5.1.2600.5512 (xpsp.080413-2105)
Description: Shim Engine DLL
Location: C:\WINDOWS\system32\ShimEng.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
RPCRT4.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
Secur32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
BROWSEUI.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
GDI32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
USER32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
msvcrt.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ole32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
SHLWAPI.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
OLEAUT32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
SHDOCVW.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
CRYPT32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MSASN1.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
CRYPTUI.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
NETAPI32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
VERSION.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WININET.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
iertutil.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WINTRUST.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
IMAGEHLP.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WLDAP32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
SHELL32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
UxTheme.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WINMM.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MSACM32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
USERENV.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
IMM32.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
USP10.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
comctl32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
comctl32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
msctfime.ime:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
appHelp.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
CLBCATQ.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
cscui.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
CSCDLL.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
themeui.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
actxprxy.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
LINKINFO.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ntshrui.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ATL.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
msi.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
SETUPAPI.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ieframe.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
PSAPI.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
urlmon.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
NETSHELL.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
credui.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WTSAPI32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
eappcfg.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
iphlpapi.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WS2_32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WS2HELP.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MSCTF.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
webcheck.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
stobject.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
BatMeter.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
wdmaud.drv :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
fxsst.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WINSPOOL.DRV:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
FXSAPI.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
NTMARTA.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MPR.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ntlanman.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
NETUI0.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
davclnt.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
SXS.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
gdiplus.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
DUSER.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
rsaenh.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MLANG.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MSGINA.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ODBC32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
comdlg32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
mydocs.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MSVCR80.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
mbamext.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
BROWSEUI.dll (75F80000 - 7607D000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
msvcrt.dll (77C10000 - 77C68000)
ole32.dll (774E0000 - 7761D000)
SHLWAPI.dll (77F60000 - 77FD6000)
OLEAUT32.dll (77120000 - 771AB000)
SHDOCVW.dll (7E290000 - 7E401000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
CRYPTUI.dll (754D0000 - 75550000)
NETAPI32.dll (5B860000 - 5B8B5000)
VERSION.dll (77C00000 - 77C08000)
WININET.dll (3D930000 - 3DA01000)
Normaliz.dll (00400000 - 00409000)
iertutil.dll (3DFD0000 - 3E015000)
WINTRUST.dll (76C30000 - 76C5E000)
IMAGEHLP.dll (76C90000 - 76CB8000)
WLDAP32.dll (76F60000 - 76F8C000)
SHELL32.dll (7C9C0000 - 7D1D7000)
UxTheme.dll (5AD70000 - 5ADA8000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
WINMM.dll (76B40000 - 76B6D000)
MSACM32.dll (77BE0000 - 77BF5000)
USERENV.dll (769C0000 - 76A74000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
msctfime.ime (755C0000 - 755EE000)
appHelp.dll (77B40000 - 77B62000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
cscui.dll (77A20000 - 77A74000)
CSCDLL.dll (76600000 - 7661D000)
themeui.dll (5BA60000 - 5BAD1000)
MSIMG32.dll (76380000 - 76385000)
xpsp2res.dll (01480000 - 01745000)
actxprxy.dll (71D40000 - 71D5B000)
SAMLIB.dll (71BF0000 - 71C03000)
LINKINFO.dll (76980000 - 76988000)
ntshrui.dll (76990000 - 769B5000)
ATL.DLL (76B20000 - 76B31000)
msi.dll (7D1E0000 - 7D49C000)
SETUPAPI.dll (77920000 - 77A13000)
ieframe.dll (3E1C0000 - 3E78D000)
PSAPI.DLL (76BF0000 - 76BFB000)
urlmon.dll (78130000 - 78258000)
NETSHELL.dll (76400000 - 765A5000)
credui.dll (76C00000 - 76C2E000)
dot3api.dll (478C0000 - 478CA000)
rtutils.dll (76E80000 - 76E8E000)
dot3dlg.dll (736D0000 - 736D6000)
OneX.DLL (5DCA0000 - 5DCC8000)
WTSAPI32.dll (76F50000 - 76F58000)
WINSTA.dll (76360000 - 76370000)
eappcfg.dll (745B0000 - 745D2000)
MSVCP60.dll (76080000 - 760E5000)
eappprxy.dll (5DCD0000 - 5DCDE000)
iphlpapi.dll (76D60000 - 76D79000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
MSCTF.dll (74720000 - 7476C000)
webcheck.dll (42E40000 - 42E7C000)
stobject.dll (76280000 - 762A1000)
BatMeter.dll (74AF0000 - 74AFA000)
POWRPROF.dll (74AD0000 - 74AD8000)
wdmaud.drv (72D20000 - 72D29000)
msacm32.drv (72D10000 - 72D18000)
midimap.dll (77BD0000 - 77BD7000)
fxsst.dll (68DF0000 - 68E7D000)
WINSPOOL.DRV (73000000 - 73026000)
FXSAPI.dll (5A980000 - 5A9F2000)
NTMARTA.DLL (77690000 - 776B1000)
MPR.dll (71B20000 - 71B32000)
drprov.dll (75F60000 - 75F67000)
ntlanman.dll (71C10000 - 71C1E000)
NETUI0.dll (71CD0000 - 71CE7000)
NETUI1.dll (71C90000 - 71CD0000)
NETRAP.dll (71C80000 - 71C87000)
davclnt.dll (75F70000 - 75F7A000)
SXS.DLL (7E720000 - 7E7D0000)
browselc.dll (71600000 - 71612000)
gdiplus.dll (4EC50000 - 4EDFB000)
DUSER.dll (6C1B0000 - 6C1FD000)
rsaenh.dll (68000000 - 68036000)
MLANG.dll (75CF0000 - 75D81000)
MSGINA.dll (75970000 - 75A68000)
ODBC32.dll (74320000 - 7435D000)
comdlg32.dll (763B0000 - 763F9000)
odbcint.dll (01410000 - 01427000)
mydocs.dll (72410000 - 7242A000)
PDFShell.dll (10000000 - 1005B000)
MSVCR80.dll (01100000 - 0119B000)
mbamext.dll (00CE0000 - 00CF8000)

PID 1552 - C:\WINDOWS\system32\spoolsv.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
msvcrt.dll (77C10000 - 77C68000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
WINMM.dll (76B40000 - 76B6D000)
ole32.dll (774E0000 - 7761D000)
OLEAUT32.dll (77120000 - 771AB000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
SPOOLSS.DLL (742E0000 - 742F5000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
DNSAPI.dll (76F20000 - 76F47000)
rasadhlp.dll (76FC0000 - 76FC6000)
localspl.dll (75BB0000 - 75C07000)
sfc_os.dll (76C60000 - 76C8A000)
WINTRUST.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)
winspool.drv (73000000 - 73026000)
netapi32.dll (5B860000 - 5B8B5000)
cnbjmon.dll (742A0000 - 742AE000)
FXSMON.DLL (68F00000 - 68F09000)
FXSEVENT.dll (68F20000 - 68F31000)
pjlmon.dll (74280000 - 74287000)
msonpmon.dll (009A0000 - 009A9000)
MSVCR80.dll (78130000 - 781CB000)
msi.dll (7D1E0000 - 7D49C000)
tcpmon.dll (72400000 - 7240E000)
usbmon.dll (723F0000 - 723F7000)
filterpipelineprintproc.dll(3F420000 - 3F43B000)
msonpppr.dll (00D20000 - 00D29000)
mswsock.dll (71A50000 - 71A8F000)
winrnr.dll (76FB0000 - 76FB8000)
WLDAP32.dll (76F60000 - 76F8C000)
win32spl.dll (75C10000 - 75C34000)
NETRAP.dll (71C80000 - 71C87000)
NTDSAPI.dll (767A0000 - 767B3000)
inetpp.dll (74300000 - 74315000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
xpsp2res.dll (01010000 - 012D5000)

PID 1700 - C:\WINDOWS\RTHDCPL.EXE
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
DSOUND.DLL (73F10000 - 73F6C000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
msvcrt.dll (77C10000 - 77C68000)
ole32.dll (774E0000 - 7761D000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
VERSION.dll (77C00000 - 77C08000)
WINMM.dll (76B40000 - 76B6D000)
HHCTRL.OCX (7E4B0000 - 7E539000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
COMCTL32.dll (5D090000 - 5D12A000)
OLEAUT32.dll (77120000 - 771AB000)
SETUPAPI.DLL (77920000 - 77A13000)
MPR.DLL (71B20000 - 71B32000)
WINSPOOL.DRV (73000000 - 73026000)
COMDLG32.DLL (763B0000 - 763F9000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
[i] Unable to load module C:\WINDOWS\RTHDCPL.EXE for checking.
uxtheme.dll (5AD70000 - 5ADA8000)
msctfime.ime (755C0000 - 755EE000)
WINTRUST.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)
wdmaud.drv (72D20000 - 72D29000)
msacm32.drv (72D10000 - 72D18000)
MSACM32.dll (77BE0000 - 77BF5000)
midimap.dll (77BD0000 - 77BD7000)
MSCTF.dll (74720000 - 7476C000)
KsUser.dll (73EE0000 - 73EE4000)

PID 1732 - C:\Program Files\Common Files\Java\Java Update\jusched.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
WININET.dll (3D930000 - 3DA01000)
msvcrt.dll (77C10000 - 77C68000)
SHLWAPI.dll (77F60000 - 77FD6000)
Normaliz.dll (00340000 - 00349000)
iertutil.dll (3DFD0000 - 3E015000)
ole32.dll (774E0000 - 7761D000)
SHELL32.dll (7C9C0000 - 7D1D7000)
OLEAUT32.dll (77120000 - 771AB000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
uxtheme.dll (5AD70000 - 5ADA8000)

PID 1764 - C:\WINDOWS\system32\ctfmon.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
msvcrt.dll (77C10000 - 77C68000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
MSCTF.dll (74720000 - 7476C000)
MSUTB.dll (5FC10000 - 5FC43000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
WINMM.dll (76B40000 - 76B6D000)
ole32.dll (774E0000 - 7761D000)
OLEAUT32.dll (77120000 - 771AB000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
msctfime.ime (755C0000 - 755EE000)

PID 412 - C:\WINDOWS\system32\svchost.exe
-------------------------------------------------------------------------------

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28432
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on 12th March 2010, 1:35 am

ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
WINMM.dll (76B40000 - 76B6D000)
ole32.dll (774E0000 - 7761D000)
msvcrt.dll (77C10000 - 77C68000)
OLEAUT32.dll (77120000 - 771AB000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
NTMARTA.DLL (77690000 - 776B1000)
SAMLIB.dll (71BF0000 - 71C03000)
WLDAP32.dll (76F60000 - 76F8C000)
xpsp2res.dll (006E0000 - 009A5000)
webclnt.dll (5A6E0000 - 5A6F5000)
WININET.dll (3D930000 - 3DA01000)
Normaliz.dll (00670000 - 00679000)
iertutil.dll (3DFD0000 - 3E015000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
rsaenh.dll (68000000 - 68036000)

PID 448 - C:\WINDOWS\system32\agrsmsvc.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
msvcrt.dll (77C10000 - 77C68000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
WINMM.dll (76B40000 - 76B6D000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)

PID 460 - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
ACE.dll (10000000 - 100FA000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
WS2_32.dll (71AB0000 - 71AC7000)
msvcrt.dll (77C10000 - 77C68000)
WS2HELP.dll (71AA0000 - 71AA8000)
MSWSOCK.dll (71A50000 - 71A8F000)
NETAPI32.dll (5B860000 - 5B8B5000)
MSVCP71.dll (7C3A0000 - 7C41B000)
MSVCR71.dll (7C340000 - 7C396000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
locator.dll (00800000 - 00807000)
DNSAPI.dll (76F20000 - 76F47000)
winrnr.dll (76FB0000 - 76FB8000)
WLDAP32.dll (76F60000 - 76F8C000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)
listor.dll (00920000 - 00935000)
ACEXML.dll (00940000 - 00958000)
ACEXML_Parser.dll (00960000 - 0096F000)
MPR.dll (71B20000 - 71B32000)

PID 496 - C:\Program Files\Java\jre6\bin\jqs.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
WS2_32.dll (71AB0000 - 71AC7000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
msvcrt.dll (77C10000 - 77C68000)
WS2HELP.dll (71AA0000 - 71AA8000)
ole32.dll (774E0000 - 7761D000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
MSVCR71.dll (7C340000 - 7C396000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
psapi.dll (76BF0000 - 76BFB000)
pdh.dll (74000000 - 74056000)
comdlg32.dll (763B0000 - 763F9000)
COMCTL32.dll (5D090000 - 5D12A000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
ODBC32.dll (74320000 - 7435D000)
odbcbcp.dll (711A0000 - 711A6000)
VERSION.dll (77C00000 - 77C08000)
OLEAUT32.dll (77120000 - 771AB000)
comctl32.dll (773D0000 - 774D3000)
odbcint.dll (006B0000 - 006C7000)
mswsock.dll (71A50000 - 71A8F000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)
perfos.dll (5E760000 - 5E76A000)
perfdisk.dll (5E790000 - 5E799000)

PID 528 - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
LSSProxy.dll (67000000 - 67014000)
SHLWAPI.dll (77F60000 - 77FD6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
msvcrt.dll (77C10000 - 77C68000)
PSAPI.DLL (76BF0000 - 76BFB000)
SHELL32.dll (7C9C0000 - 7D1D7000)
LSLog.dll (68000000 - 6800B000)
MSVCR80.dll (78130000 - 781CB000)
MSVCP80.dll (7C420000 - 7C4A7000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)

PID 620 - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
WSOCK32.dll (71AD0000 - 71AD9000)
WS2_32.dll (71AB0000 - 71AC7000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
msvcrt.dll (77C10000 - 77C68000)
WS2HELP.dll (71AA0000 - 71AA8000)
MSVCP71.dll (7C3A0000 - 7C41B000)
MSVCR71.dll (7C340000 - 7C396000)
MFC71U.DLL (00510000 - 00612000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
SHLWAPI.dll (77F60000 - 77FD6000)
ole32.dll (774E0000 - 7761D000)
OLEAUT32.dll (77120000 - 771AB000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
uxtheme.dll (5AD70000 - 5ADA8000)
BKaux.dll (10000000 - 1005E000)
Data32.dll (00C80000 - 00CAB000)
Cdrw32.dll (00CB0000 - 00CF0000)
WINMM.dll (76B40000 - 76B6D000)
CdrMmc32.dll (00CF0000 - 00D12000)
COMCTL32.dll (5D090000 - 5D12A000)
OLEACC.dll (74C80000 - 74CAC000)
MSVCP60.dll (76080000 - 760E5000)
WINSPOOL.DRV (73000000 - 73026000)
comdlg32.dll (763B0000 - 763F9000)
SHELL32.dll (7C9C0000 - 7D1D7000)
CdrwEx32.dll (00D20000 - 00D33000)
ImagFile.dll (003F0000 - 003F9000)
MPR.dll (71B20000 - 71B32000)
PSAPI.DLL (76BF0000 - 76BFB000)
comctl32.dll (773D0000 - 774D3000)
BKauxLOC.dll (00DA0000 - 00DA9000)
BKImage.dll (00E00000 - 00E51000)
Hddrw32.dll (00DB0000 - 00DC3000)
Scd32.dll (00DD0000 - 00DE2000)
BKImageLOC.dll (00E80000 - 00E89000)
mswsock.dll (71A50000 - 71A8F000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)

PID 108 - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
MSVCP71.dll (7C3A0000 - 7C41B000)
MSVCR71.dll (7C340000 - 7C396000)
MFC71U.DLL (00420000 - 00522000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
SHLWAPI.dll (77F60000 - 77FD6000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
msvcrt.dll (77C10000 - 77C68000)
SHELL32.dll (7C9C0000 - 7D1D7000)
ole32.dll (774E0000 - 7761D000)
OLEAUT32.dll (77120000 - 771AB000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
SchedulerSvcLOC.dll (10000000 - 10005000)
mswsock.dll (71A50000 - 71A8F000)
DNSAPI.dll (76F20000 - 76F47000)
winrnr.dll (76FB0000 - 76FB8000)
WLDAP32.dll (76F60000 - 76F8C000)
rasadhlp.dll (76FC0000 - 76FC6000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)

PID 776 - C:\WINDOWS\system32\nvsvc32.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
USERENV.dll (769C0000 - 76A74000)
msvcrt.dll (77C10000 - 77C68000)
POWRPROF.dll (74AD0000 - 74AD8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
wtsapi32.dll (76F50000 - 76F58000)
WINSTA.dll (76360000 - 76370000)
NETAPI32.dll (5B860000 - 5B8B5000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
ole32.dll (774E0000 - 7761D000)
COMCTL32.dll (5D090000 - 5D12A000)
OLEAUT32.dll (77120000 - 771AB000)
comctl32.dll (773D0000 - 774D3000)
nvapi.dll (00800000 - 0085B000)
SETUPAPI.dll (77920000 - 77A13000)
uxtheme.dll (5AD70000 - 5ADA8000)
msctfime.ime (755C0000 - 755EE000)
WINTRUST.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)
msv1_0.dll (77C70000 - 77C95000)
cryptdll.dll (76790000 - 7679C000)
iphlpapi.dll (76D60000 - 76D79000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
Apphelp.dll (77B40000 - 77B62000)
VERSION.dll (77C00000 - 77C08000)
NTMARTA.DLL (77690000 - 776B1000)
SAMLIB.dll (71BF0000 - 71C03000)
WLDAP32.dll (76F60000 - 76F8C000)

PID 840 - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
MSVCRT.dll (77C10000 - 77C68000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
ole32.dll (774E0000 - 7761D000)
OLEAUT32.dll (77120000 - 771AB000)
WINMM.dll (76B40000 - 76B6D000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
uxtheme.dll (5AD70000 - 5ADA8000)
xpsp2res.dll (00B00000 - 00DC5000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
VERSION.dll (77C00000 - 77C08000)

PID 1584 - C:\WINDOWS\System32\alg.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
msvcrt.dll (77C10000 - 77C68000)
ATL.DLL (76B20000 - 76B31000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
ole32.dll (774E0000 - 7761D000)
OLEAUT32.dll (77120000 - 771AB000)
WSOCK32.dll (71AD0000 - 71AD9000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
MSWSOCK.DLL (71A50000 - 71A8F000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
WINMM.dll (76B40000 - 76B6D000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
xpsp2res.dll (006E0000 - 009A5000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)

PID 2572 - C:\WINDOWS\system32\wuauclt.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
msvcrt.dll (77C10000 - 77C68000)
ole32.dll (774E0000 - 7761D000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
OLEAUT32.dll (77120000 - 771AB000)
SHLWAPI.dll (77F60000 - 77FD6000)
ShimEng.dll (5CB70000 - 5CB96000)
AcGenral.DLL (6F880000 - 6FA4A000)
WINMM.dll (76B40000 - 76B6D000)
MSACM32.dll (77BE0000 - 77BF5000)
VERSION.dll (77C00000 - 77C08000)
SHELL32.dll (7C9C0000 - 7D1D7000)
USERENV.dll (769C0000 - 76A74000)
UxTheme.dll (5AD70000 - 5ADA8000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
wucltui.dll (507E0000 - 50832000)
MSIMG32.dll (76380000 - 76385000)
Cabinet.dll (75150000 - 75163000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
WINTRUST.dll (76C30000 - 76C5E000)
IMAGEHLP.dll (76C90000 - 76CB8000)
MSCTF.dll (74720000 - 7476C000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
xpsp2res.dll (00A80000 - 00D45000)
wups2.dll (50F00000 - 50F0D000)

PID 3044 - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
WSOCK32.dll (71AD0000 - 71AD9000)
WS2_32.dll (71AB0000 - 71AC7000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
msvcrt.dll (77C10000 - 77C68000)
WS2HELP.dll (71AA0000 - 71AA8000)
SETUPAPI.dll (77920000 - 77A13000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
WTSAPI32.dll (76F50000 - 76F58000)
WINSTA.dll (76360000 - 76370000)
NETAPI32.dll (5B860000 - 5B8B5000)
USERENV.dll (769C0000 - 76A74000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
NTMARTA.DLL (77690000 - 776B1000)
ole32.dll (774E0000 - 7761D000)
SAMLIB.dll (71BF0000 - 71C03000)
WLDAP32.dll (76F60000 - 76F8C000)
mswsock.dll (71A50000 - 71A8F000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)
WINTRUST.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)

PID 3924 - C:\Program Files\Bonjour\mDNSResponder.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
WS2_32.dll (71AB0000 - 71AC7000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
msvcrt.dll (77C10000 - 77C68000)
WS2HELP.dll (71AA0000 - 71AA8000)
IPHLPAPI.DLL (76D60000 - 76D79000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
ole32.dll (774E0000 - 7761D000)
OLEAUT32.dll (77120000 - 771AB000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
rsaenh.dll (68000000 - 68036000)
SHELL32.dll (7C9C0000 - 7D1D7000)
SHLWAPI.dll (77F60000 - 77FD6000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
mswsock.dll (71A50000 - 71A8F000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)
MPRAPI.dll (76D40000 - 76D58000)
ACTIVEDS.dll (77CC0000 - 77CF2000)
adsldpc.dll (76E10000 - 76E35000)
NETAPI32.dll (5B860000 - 5B8B5000)
WLDAP32.dll (76F60000 - 76F8C000)
ATL.DLL (76B20000 - 76B31000)
rtutils.dll (76E80000 - 76E8E000)
SAMLIB.dll (71BF0000 - 71C03000)
SETUPAPI.dll (77920000 - 77A13000)
uxtheme.dll (5AD70000 - 5ADA8000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
VERSION.dll (77C00000 - 77C08000)

PID 1652 - C:\Program Files\iPod\bin\iPodService.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
CFGMGR32.dll (74AE0000 - 74AE7000)
setupapi.dll (77920000 - 77A13000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
msvcrt.dll (77C10000 - 77C68000)
VERSION.dll (77C00000 - 77C08000)
ole32.dll (774E0000 - 7761D000)
OLEAUT32.dll (77120000 - 771AB000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
iPodServiceLocalized.DLL(10000000 - 1000E000)
iPodService.DLL (008B0000 - 008BE000)
xpsp2res.dll (00CE0000 - 00FA5000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
uxtheme.dll (5AD70000 - 5ADA8000)
Wtsapi32.dll (76F50000 - 76F58000)
WINSTA.dll (76360000 - 76370000)
NETAPI32.dll (5B860000 - 5B8B5000)
WINTRUST.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)
SXS.DLL (7E720000 - 7E7D0000)
rsaenh.dll (68000000 - 68036000)
userenv.dll (769C0000 - 76A74000)
Cabinet.dll (75150000 - 75163000)
SHLWAPI.dll (77F60000 - 77FD6000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)

PID 1496 - C:\Program Files\iTunes\iTunesHelper.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
COMCTL32.dll (5D090000 - 5D12A000)
SHLWAPI.dll (77F60000 - 77FD6000)
msvcrt.dll (77C10000 - 77C68000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
iTunesHelper.dll (10000000 - 10037000)
ole32.dll (774E0000 - 7761D000)
OLEAUT32.dll (77120000 - 771AB000)
CoreFoundation.dll (00910000 - 009DA000)
SHELL32.dll (7C9C0000 - 7D1D7000)
MSVCR80.dll (78130000 - 781CB000)
WS2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
pthreadVC2.dll (003D0000 - 003E0000)
WSOCK32.dll (71AD0000 - 71AD9000)
objc.dll (003E0000 - 003FC000)
MSVCP80.dll (7C420000 - 7C4A7000)
icuin40.dll (009F0000 - 00AED000)
icuuc40.dll (00B00000 - 00BE1000)
icudt40.dll (4AD00000 - 4BA5B000)
ASL.dll (00C00000 - 00C0D000)
VERSION.dll (77C00000 - 77C08000)
SETUPAPI.dll (77920000 - 77A13000)
WININET.dll (3D930000 - 3DA01000)
Normaliz.dll (00C20000 - 00C29000)
iertutil.dll (3DFD0000 - 3E015000)
comctl32.dll (773D0000 - 774D3000)
uxtheme.dll (5AD70000 - 5ADA8000)
MSCTF.dll (74720000 - 7476C000)
iTunesHelperLocalized.DLL(01280000 - 0128E000)
iTunesHelper.DLL (012B0000 - 012BE000)
msctfime.ime (755C0000 - 755EE000)
WINTRUST.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)
QuickTime.qts (66800000 - 673AB000)
QTCF.dll (68A40000 - 68A6E000)
WINMM.dll (76B40000 - 76B6D000)
comdlg32.dll (763B0000 - 763F9000)
gdiplus.dll (4EC50000 - 4EDFB000)
DSOUND.dll (73F10000 - 73F6C000)
CFNetwork.DLL (01820000 - 018B3000)
SQLite3.dll (018C0000 - 01923000)
zlib1.dll (01940000 - 01953000)
iphlpapi.dll (76D60000 - 76D79000)
ddraw.dll (73760000 - 737AB000)
DCIMAN32.dll (73BC0000 - 73BC6000)
iTunesMobileDevice.dll(01B80000 - 01CCF000)
mswsock.dll (71A50000 - 71A8F000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)
Wtsapi32.dll (76F50000 - 76F58000)
WINSTA.dll (76360000 - 76370000)
NETAPI32.dll (5B860000 - 5B8B5000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
xpsp2res.dll (02000000 - 022C5000)
SXS.DLL (7E720000 - 7E7D0000)

PID 1268 - C:\Program Files\internet explorer\iexplore.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
iexplore.exe:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\AppPatch\AcLayers.DLL:
Base address: 71590000
Size: 00079000
Flags: 80084004
Load count: 1
Name: Microsoft® Windows® Operating System
Prod. Version: 5.1.2600.5906
Company: Microsoft Corporation
File Version: 5.1.2600.5906 (xpsp_sp3_gdr.091120-1307)
Description: Windows Compatibility DLL
Location: C:\WINDOWS\AppPatch\AcLayers.DLL
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
iexplore.exe:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\AppPatch\AcLayers.DLL:
Base address: 71590000
Size: 00079000
Flags: 80084004
Load count: 1
Name: Microsoft® Windows® Operating System
Prod. Version: 5.1.2600.5906
Company: Microsoft Corporation
File Version: 5.1.2600.5906 (xpsp_sp3_gdr.091120-1307)
Description: Windows Compatibility DLL
Location: C:\WINDOWS\AppPatch\AcLayers.DLL
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
iexplore.exe:LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\AppPatch\AcLayers.DLL:
Base address: 71590000
Size: 00079000
Flags: 80084004
Load count: 1
Name: Microsoft® Windows® Operating System
Prod. Version: 5.1.2600.5906
Company: Microsoft Corporation
File Version: 5.1.2600.5906 (xpsp_sp3_gdr.091120-1307)
Description: Windows Compatibility DLL
Location: C:\WINDOWS\AppPatch\AcLayers.DLL
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
iexplore.exe:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\ShimEng.dll:
Base address: 5CB70000
Size: 00026000
Flags: 8000400C
Load count: 1
Name: Microsoft® Windows® Operating System
Prod. Version: 5.1.2600.5512
Company: Microsoft Corporation
File Version: 5.1.2600.5512 (xpsp.080413-2105)
Description: Shim Engine DLL
Location: C:\WINDOWS\system32\ShimEng.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
ADVAPI32.dll:LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\AppPatch\AcLayers.DLL:
Base address: 71590000
Size: 00079000
Flags: 80084004
Load count: 1
Name: Microsoft® Windows® Operating System
Prod. Version: 5.1.2600.5906
Company: Microsoft Corporation
File Version: 5.1.2600.5906 (xpsp_sp3_gdr.091120-1307)
Description: Windows Compatibility DLL
Location: C:\WINDOWS\AppPatch\AcLayers.DLL
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
ADVAPI32.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\AppPatch\AcLayers.DLL:
Base address: 71590000
Size: 00079000
Flags: 80084004
Load count: 1
Name: Microsoft® Windows® Operating System
Prod. Version: 5.1.2600.5906
Company: Microsoft Corporation
File Version: 5.1.2600.5906 (xpsp_sp3_gdr.091120-1307)
Description: Windows Compatibility DLL
Location: C:\WINDOWS\AppPatch\AcLayers.DLL
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
ADVAPI32.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\AppPatch\AcLayers.DLL:
Base address: 71590000
Size: 00079000
Flags: 80084004
Load count: 1
Name: Microsoft® Windows® Operating System
Prod. Version: 5.1.2600.5906
Company: Microsoft Corporation
File Version: 5.1.2600.5906 (xpsp_sp3_gdr.091120-1307)
Description: Windows Compatibility DLL
Location: C:\WINDOWS\AppPatch\AcLayers.DLL
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
ADVAPI32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\ShimEng.dll:
Base address: 5CB70000
Size: 00026000
Flags: 8000400C
Load count: 1
Name: Microsoft® Windows® Operating System
Prod. Version: 5.1.2600.5512
Company: Microsoft Corporation
File Version: 5.1.2600.5512 (xpsp.080413-2105)
Description: Shim Engine DLL
Location: C:\WINDOWS\system32\ShimEng.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
RPCRT4.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
RPCRT4.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
RPCRT4.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
Secur32.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
Secur32.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
Secur32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
GDI32.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
GDI32.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
GDI32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
GDI32.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
USER32.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
USER32.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
USER32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
USER32.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
msvcrt.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
msvcrt.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
SHLWAPI.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
SHLWAPI.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
SHLWAPI.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
SHLWAPI.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
SHLWAPI.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
SHELL32.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
SHELL32.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
SHELL32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
SHELL32.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
SHELL32.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
ole32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ole32.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
ole32.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
ole32.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
ole32.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
urlmon.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
urlmon.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
urlmon.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
urlmon.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
urlmon.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
OLEAUT32.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
OLEAUT32.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
OLEAUT32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
iertutil.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
iertutil.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
iertutil.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
VERSION.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
VERSION.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
VERSION.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
USERENV.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
USERENV.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
USERENV.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
USERENV.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
WINSPOOL.DRV:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WINSPOOL.DRV:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
WINSPOOL.DRV:LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
WINSPOOL.DRV:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
IMM32.DLL :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
IMM32.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
USP10.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
USP10.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
comctl32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
comctl32.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
comctl32.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
comctl32.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
comctl32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
comctl32.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
IEFRAME.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
IEFRAME.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
IEFRAME.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
IEFRAME.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
PSAPI.DLL :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
PSAPI.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
UxTheme.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
UxTheme.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
UxTheme.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
MSCTF.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
MSCTF.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
MSCTF.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MSCTF.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
apphelp.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
apphelp.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
apphelp.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
msctfime.ime:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
msctfime.ime:LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
msctfime.ime:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
msctfime.ime:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
IEUI.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
IEUI.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
gdiplus.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
gdiplus.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
gdiplus.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
CLBCATQ.DLL :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
CLBCATQ.DLL :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
CLBCATQ.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
msimtf.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
msimtf.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
cscui.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
cscui.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
cscui.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
CSCDLL.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
CSCDLL.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
CSCDLL.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
SETUPAPI.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
SETUPAPI.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
SETUPAPI.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
msohevi.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
msohevi.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
msohevi.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
MSVCR80.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MSVCR80.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
MSVCR80.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
SXS.DLL :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
SXS.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
SXS.DLL :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
SXS.DLL :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
WININET.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
WININET.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
WININET.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WININET.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
MLANG.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
MLANG.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MLANG.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
ws2_32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ws2_32.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
WS2HELP.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
WS2HELP.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
AcroIEHelperSLoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
AcroIEHelperSGetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
AcroIEHelperSLoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
AcroIEHelper.LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
AcroIEHelper.LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
AcroIEHelper.GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
jp2ssv.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
jp2ssv.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
jp2ssv.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
MSVCR71.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MSVCR71.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
jqs_plugin.dlLoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
jqs_plugin.dlLoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
jqs_plugin.dlGetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
mswsock.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
mswsock.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
mswsock.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
hnetcfg.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
hnetcfg.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
hnetcfg.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
hnetcfg.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
RASAPI32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
RASAPI32.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
RASAPI32.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
rasman.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
rasman.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
rasman.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
NETAPI32.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
NETAPI32.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
NETAPI32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
TAPI32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
TAPI32.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
rtutils.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
rtutils.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
WINMM.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
WINMM.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
WINMM.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WINMM.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
msv1_0.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
msv1_0.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
msv1_0.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
iphlpapi.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
iphlpapi.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
actxprxy.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
actxprxy.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
rasadhlp.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
rasadhlp.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
DNSAPI.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
DNSAPI.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
DNSAPI.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
WLDAP32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WLDAP32.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
mdnsNSP.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
mdnsNSP.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
mshtml.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
mshtml.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
mshtml.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
mshtml.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
mshtml.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
ieapfltr.dll:LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
ieapfltr.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ieapfltr.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
ieapfltr.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
WINTRUST.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WINTRUST.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
WINTRUST.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
CRYPT32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
CRYPT32.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
CRYPT32.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
CRYPT32.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
MSASN1.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
MSASN1.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
IMAGEHLP.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
IMAGEHLP.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
NTMARTA.DLL :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
NTMARTA.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
jscript.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
jscript.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
jscript.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
mshtmled.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
mshtmled.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
mshtmled.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
mshtmled.dll:LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
Flash10e.ocx:LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
Flash10e.ocx:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
Flash10e.ocx:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
COMDLG32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
COMDLG32.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
COMDLG32.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
mscms.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
mscms.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
wdmaud.drv :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
wdmaud.drv :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
MSACM32.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
vbscript.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
vbscript.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
vbscript.dll:LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
vbscript.dll:LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
schannel.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
schannel.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
schannel.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
ddrawex.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
ddrawex.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
DDRAW.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
DDRAW.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
DCIMAN32.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
iepeers.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
iepeers.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
iepeers.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
iepeers.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
iepeers.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
rsaenh.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
rsaenh.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
rsaenh.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
dssenh.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
dssenh.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
dssenh.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
cryptnet.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
cryptnet.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
cryptnet.dll:LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
cryptnet.dll:LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
WINHTTP.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
WINHTTP.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
WINHTTP.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
msxml3.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
msxml3.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
msxml3.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
msxml3.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
Dxtrans.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
Dxtrans.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
ATL.DLL :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
ATL.DLL :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
ATL.DLL :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
ATL.DLL :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
Dxtmsft.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MSRATING.dll:LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
MSRATING.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
MSRATING.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
MSRATING.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
ntshrui.dll :LoadLibraryExA --[HOOKED]-- @715B9F5D by C:\WINDOWS\AppPatch\AcLayers.DLL
ntshrui.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
ntshrui.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
LINKINFO.dll:GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
LINKINFO.dll:LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
LINKINFO.dll:LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
wuapi.dll :LoadLibraryW --[HOOKED]-- @715BA067 by C:\WINDOWS\AppPatch\AcLayers.DLL
wuapi.dll :GetProcAddress --[HOOKED]-- @5CB77774 by C:\WINDOWS\system32\ShimEng.dll
wuapi.dll :LoadLibraryExW --[HOOKED]-- @715BA16B by C:\WINDOWS\AppPatch\AcLayers.DLL
wuapi.dll :LoadLibraryA --[HOOKED]-- @715B9E59 by C:\WINDOWS\AppPatch\AcLayers.DLL
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
GDI32.dll (77F10000 - 77F59000)
USER32.dll (7E410000 - 7E4A1000)
The code of DialogBoxIndirectParamA at 7E456D7D (0) got patched. Here is the diff:
Address New-Original
7E456D7D: E9 - 8B
7E456D7F: B2 - 55
7E456D80: EF - 8B
7E456D81: BF - EC
--> JMP DWORD PTR DS:[3E352081]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28432
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on 12th March 2010, 1:35 am

Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The code of DialogBoxIndirectParamW at 7E432072 (0) got patched. Here is the diff:
Address New-Original
7E432072: E9 - 8B
7E432073: CF - FF
7E432074: FF - 55
7E432075: F1 - 8B
7E432076: BF - EC
--> JMP DWORD PTR DS:[3E352046]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The code of DialogBoxParamA at 7E43B144 (0) got patched. Here is the diff:
Address New-Original
7E43B144: E9 - 8B
7E43B145: C2 - FF
7E43B146: 6E - 55
7E43B147: F1 - 8B
7E43B148: BF - EC
--> JMP DWORD PTR DS:[3E35200B]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The code of DialogBoxParamW at 7E4247AB (0) got patched. Here is the diff:
Address New-Original
7E4247AB: E9 - 8B
7E4247AC: 09 - FF
7E4247AD: AD - 55
7E4247AE: DB - 8B
7E4247AF: BF - EC
--> JMP DWORD PTR DS:[3E1DF4B9]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The code of MessageBoxExA at 7E45085C (0) got patched. Here is the diff:
Address New-Original
7E45085C: E9 - 8B
7E45085D: 2C - FF
7E45085E: 17 - 55
7E45085F: F0 - 8B
7E450860: BF - EC
--> JMP DWORD PTR DS:[3E351F8D]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The code of MessageBoxExW at 7E450838 (0) got patched. Here is the diff:
Address New-Original
7E450838: E9 - 8B
7E450839: 16 - FF
7E45083A: 17 - 55
7E45083B: F0 - 8B
7E45083C: BF - EC
--> JMP DWORD PTR DS:[3E351F53]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The code of MessageBoxIndirectA at 7E43A082 (0) got patched. Here is the diff:
Address New-Original
7E43A082: E9 - 8B
7E43A083: 40 - FF
7E43A084: 7F - 55
7E43A085: F1 - 8B
7E43A086: BF - EC
--> JMP DWORD PTR DS:[3E351FC7]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The code of MessageBoxIndirectW at 7E4664D5 (0) got patched. Here is the diff:
Address New-Original
7E4664D5: E9 - 8B
7E4664D6: 10 - FF
7E4664D7: B3 - 55
7E4664D8: D9 - 8B
7E4664D9: BF - EC
--> JMP DWORD PTR DS:[3E2017EA]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
msvcrt.dll (77C10000 - 77C68000)
SHLWAPI.dll (77F60000 - 77FD6000)
SHELL32.dll (7C9C0000 - 7D1D7000)
ole32.dll (774E0000 - 7761D000)
The code of OleLoadFromStream at 77529C85 (0) got patched. Here is the diff:
Address New-Original
77529C85: E9 - 8B
77529C86: B9 - FF
77529C87: 85 - 55
77529C88: E2 - 8B
77529C89: C6 - EC
--> JMP DWORD PTR DS:[3E352243]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
urlmon.dll (78130000 - 78258000)
OLEAUT32.dll (77120000 - 771AB000)
The code of SysAllocStringByteLen at 77124C35 (0) got patched. Here is the diff:
Address New-Original
77124C35: E9 - 8B
77124C36: 5C - FF
77124C37: D8 - 55
77124C38: 22 - 8B
77124C39: C7 - EC
--> JMP DWORD PTR DS:[3E352496]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The code of SysFreeString at 77124880 (0) got patched. Here is the diff:
Address New-Original
77124880: E9 - 8B
77124881: 26 - FF
77124882: DA - 55
77124883: 22 - 8B
77124884: C7 - EC
--> JMP DWORD PTR DS:[3E3522AB]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The code of VariantChangeType at 77126BBB (0) got patched. Here is the diff:
Address New-Original
77126BBB: E9 - 8B
77126BBC: 21 - FF
77126BBD: B9 - 55
77126BBE: 22 - 8B
77126BBF: C7 - EC
--> JMP DWORD PTR DS:[3E3524E1]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
The code of VariantClear at 771248F0 (0) got patched. Here is the diff:
Address New-Original
771248F0: E9 - 8B
771248F1: 3B - FF
771248F2: DC - 55
771248F3: 22 - 8B
771248F4: C7 - EC
--> JMP DWORD PTR DS:[3E352530]
Patched by C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Information about C:\WINDOWS\system32\IEFRAME.dll!URLQualifyW+0xC1C700B0:
Base address: 3E1C0000
Size: 005CD000
Flags: 800C4004
Load count: 6
Name: Windows® Internet Explorer
Prod. Version: 7.00.6000.16981
Company: Microsoft Corporation
File Version: 7.00.6000.16981 (vista_gdr.091215-2244)
Description: Internet Explorer
Location: C:\WINDOWS\system32\IEFRAME.dll
Signed: YES
:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
iertutil.dll (3DFD0000 - 3E015000)
VERSION.dll (77C00000 - 77C08000)
ShimEng.dll (5CB70000 - 5CB96000)
AcLayers.DLL (71590000 - 71609000)
USERENV.dll (769C0000 - 76A74000)
WINSPOOL.DRV (73000000 - 73026000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
comctl32.dll (5D090000 - 5D12A000)
IEFRAME.dll (3E1C0000 - 3E78D000)
PSAPI.DLL (76BF0000 - 76BFB000)
UxTheme.dll (5AD70000 - 5ADA8000)
MSCTF.dll (74720000 - 7476C000)
xpsp2res.dll (00C80000 - 00F45000)
apphelp.dll (77B40000 - 77B62000)
msctfime.ime (755C0000 - 755EE000)
IEUI.dll (5DFF0000 - 5E01F000)
MSIMG32.dll (76380000 - 76385000)
gdiplus.dll (4EC50000 - 4EDFB000)
xmllite.dll (47060000 - 47081000)
CLBCATQ.DLL (76FD0000 - 7704F000)
COMRes.dll (77050000 - 77115000)
msimtf.dll (746F0000 - 7471A000)
cscui.dll (77A20000 - 77A74000)
CSCDLL.dll (76600000 - 7661D000)
SETUPAPI.dll (77920000 - 77A13000)
msohevi.dll (6BD10000 - 6BD20000)
MSVCR80.dll (01750000 - 017EB000)
ieproxy.dll (61930000 - 6197A000)
SXS.DLL (7E720000 - 7E7D0000)
WININET.dll (3D930000 - 3DA01000)
Normaliz.dll (01950000 - 01959000)
MLANG.dll (75CF0000 - 75D81000)
ws2_32.dll (71AB0000 - 71AC7000)
WS2HELP.dll (71AA0000 - 71AA8000)
AcroIEHelperShim.dll(10000000 - 10011000)
MSVCP80.dll (7C420000 - 7C4A7000)
AcroIEHelper.dll (022A0000 - 022B0000)
jp2ssv.dll (6D440000 - 6D44C000)
MSVCR71.dll (7C340000 - 7C396000)
jqs_plugin.dll (6DAF0000 - 6DB02000)
mswsock.dll (71A50000 - 71A8F000)
hnetcfg.dll (662B0000 - 66308000)
wshtcpip.dll (71A90000 - 71A98000)
RASAPI32.dll (76EE0000 - 76F1C000)
rasman.dll (76E90000 - 76EA2000)
NETAPI32.dll (5B860000 - 5B8B5000)
TAPI32.dll (76EB0000 - 76EDF000)
rtutils.dll (76E80000 - 76E8E000)
WINMM.dll (76B40000 - 76B6D000)
msv1_0.dll (77C70000 - 77C95000)
cryptdll.dll (76790000 - 7679C000)
iphlpapi.dll (76D60000 - 76D79000)
sensapi.dll (722B0000 - 722B5000)
actxprxy.dll (71D40000 - 71D5B000)
rasadhlp.dll (76FC0000 - 76FC6000)
DNSAPI.dll (76F20000 - 76F47000)
winrnr.dll (76FB0000 - 76FB8000)
WLDAP32.dll (76F60000 - 76F8C000)
mdnsNSP.dll (16080000 - 160A5000)
mshtml.dll (3DA20000 - 3DD95000)
msls31.dll (746C0000 - 746E9000)
ieapfltr.dll (42F90000 - 42FF0000)
WINTRUST.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)
NTMARTA.DLL (77690000 - 776B1000)
SAMLIB.dll (71BF0000 - 71C03000)
jscript.dll (75C50000 - 75CCD000)
ImgUtil.dll (1B000000 - 1B00C000)
pngfilt.dll (41E30000 - 41E3E000)
mshtmled.dll (42B90000 - 42C07000)
Flash10e.ocx (05500000 - 059A4000)
COMDLG32.dll (763B0000 - 763F9000)
mscms.dll (73B30000 - 73B45000)
wdmaud.drv (72D20000 - 72D29000)
msacm32.drv (72D10000 - 72D18000)
MSACM32.dll (77BE0000 - 77BF5000)
midimap.dll (77BD0000 - 77BD7000)
vbscript.dll (73300000 - 73369000)
schannel.dll (767F0000 - 76818000)
ddrawex.dll (6D430000 - 6D43A000)
DDRAW.dll (73760000 - 737AB000)
DCIMAN32.dll (73BC0000 - 73BC6000)
iepeers.dll (42070000 - 420A2000)
rsaenh.dll (68000000 - 68036000)
dssenh.dll (68100000 - 68126000)
cryptnet.dll (75E60000 - 75E73000)
WINHTTP.dll (4D4F0000 - 4D549000)
msxml3.dll (74980000 - 74AA3000)
Dxtrans.dll (420C0000 - 420F9000)
ATL.DLL (76B20000 - 76B31000)
Dxtmsft.dll (42010000 - 42067000)
MSRATING.dll (42B40000 - 42B73000)
ntshrui.dll (76990000 - 769B5000)
LINKINFO.dll (76980000 - 76988000)
wuapi.dll (506A0000 - 5072E000)
Cabinet.dll (75150000 - 75163000)

PID 3196 - C:\Documents and Settings\Janet Duross\Desktop\radix_installer\radixgui.exe
-------------------------------------------------------------------------------
ntdll.dll (7C900000 - 7C9B2000)
kernel32.dll (7C800000 - 7C8F6000)
USER32.dll (7E410000 - 7E4A1000)
GDI32.dll (77F10000 - 77F59000)
comdlg32.dll (763B0000 - 763F9000)
ADVAPI32.dll (77DD0000 - 77E6B000)
RPCRT4.dll (77E70000 - 77F02000)
Secur32.dll (77FE0000 - 77FF1000)
COMCTL32.dll (5D090000 - 5D12A000)
SHELL32.dll (7C9C0000 - 7D1D7000)
msvcrt.dll (77C10000 - 77C68000)
SHLWAPI.dll (77F60000 - 77FD6000)
ole32.dll (774E0000 - 7761D000)
VERSION.dll (77C00000 - 77C08000)
dbghelp.dll (59A60000 - 59B01000)
IMM32.DLL (76390000 - 763AD000)
LPK.DLL (629C0000 - 629C9000)
USP10.dll (74D90000 - 74DFB000)
comctl32.dll (773D0000 - 774D3000)
wintrust.dll (76C30000 - 76C5E000)
CRYPT32.dll (77A80000 - 77B15000)
MSASN1.dll (77B20000 - 77B32000)
IMAGEHLP.dll (76C90000 - 76CB8000)
NTMARTA.DLL (77690000 - 776B1000)
SAMLIB.dll (71BF0000 - 71C03000)
WLDAP32.dll (76F60000 - 76F8C000)
uxtheme.dll (5AD70000 - 5ADA8000)
MSCTF.dll (74720000 - 7476C000)
msctfime.ime (755C0000 - 755EE000)
OLEAUT32.DLL (77120000 - 771AB000)
xpsp2res.dll (02250000 - 02515000)
rsaenh.dll (68000000 - 68036000)
userenv.dll (769C0000 - 76A74000)
netapi32.dll (5B860000 - 5B8B5000)
cryptnet.dll (75E60000 - 75E73000)
PSAPI.DLL (76BF0000 - 76BFB000)
SensApi.dll (722B0000 - 722B5000)
WINHTTP.dll (4D4F0000 - 4D549000)
Cabinet.dll (75150000 - 75163000)
---- Check ended at 12.3.2010 1:16:16 ----

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28432
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by Dr Jay on 12th March 2010, 2:47 pm

Download [You must be registered and logged in to see this link.] to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    /md5start
    GEARAspiWDM.sys
    smss.exe
    atapi.sys
    iastor.sys
    iastorv.sys
    ntdll.dll
    csrss.exe
    Explorer.EXE
    RTHDCPL.EXE
    netlogon.dll
    userinit.exe
    kernel32.dll
    ntfs.sys
    termsrv.dll
    /md5stop


  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.

    • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time



Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14307
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302944
# Likes # Likes : 10

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on 12th March 2010, 6:23 pm

OTL logfile created on: 3/12/2010 1:19:18 PM - Run 2
OTL by OldTimer - Version 3.1.37.0 Folder = C:\Documents and Settings\Janet Duross\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

894.00 Mb Total Physical Memory | 578.00 Mb Available Physical Memory | 65.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 89.00% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 69.40 Gb Total Space | 54.48 Gb Free Space | 78.50% Space Free | Partition Type: NTFS
Drive D: | 69.89 Gb Total Space | 69.75 Gb Free Space | 99.81% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MOMMOM
Current User Name: Janet Duross
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010/03/12 13:15:25 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Janet Duross\Desktop\OTL.exe
PRC - [2008/04/14 17:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/07 01:42:24 | 000,050,424 | ---- | M] (NewTech InfoSystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
PRC - [2008/04/04 06:03:14 | 000,131,072 | ---- | M] () -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
PRC - [2008/03/03 16:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
PRC - [2007/12/10 23:15:04 | 000,012,800 | ---- | M] (Agere Systems) -- C:\WINDOWS\system32\agrsmsvc.exe


========== Modules (SafeList) ==========

MOD - [2010/03/12 13:15:25 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Janet Duross\Desktop\OTL.exe


========== Win32 Services (SafeList) ==========

SRV - [2008/05/05 17:25:46 | 000,165,416 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\eMachines Games\eMachines Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2008/04/07 01:42:24 | 000,050,424 | ---- | M] (NewTech InfoSystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe -- (NTIBackupSvc)
SRV - [2008/04/04 06:03:14 | 000,131,072 | ---- | M] () [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe -- (NTISchedulerSvc)
SRV - [2008/03/03 16:11:14 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe -- (BUNAgentSvc)
SRV - [2007/12/10 23:15:04 | 000,012,800 | ---- | M] (Agere Systems) [Auto | Running] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local



O1 HOSTS File: ([2010/03/09 23:30:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} [You must be registered and logged in to see this link.] (MJLauncherCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_18)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 93.188.161.105 93.188.166.105 1.2.3.4
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\Acer.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/10/28 19:52:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 14 Days ==========

[2010/03/12 13:15:23 | 000,555,520 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Janet Duross\Desktop\OTL.exe
[2010/03/11 20:08:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Janet Duross\Desktop\radix_installer
[2010/03/11 00:24:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Janet Duross\Application Data\Apple Computer
[2010/03/11 00:24:00 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2010/03/11 00:23:55 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2010/03/11 00:23:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2010/03/11 00:23:38 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2010/03/11 00:23:14 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2010/03/11 00:23:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2010/03/11 00:23:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Janet Duross\Local Settings\Application Data\Apple
[2010/03/11 00:23:01 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2010/03/11 00:22:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2010/03/11 00:22:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Apple
[2010/03/11 00:21:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Janet Duross\Local Settings\Application Data\Apple Computer
[2010/03/09 23:35:48 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2010/03/09 23:29:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2010/03/09 23:22:09 | 000,000,000 | ---D | C] -- C:\Qoobox
[2010/03/09 14:33:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Janet Duross\Desktop\SpiderKill
[2010/03/06 15:52:53 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2010/03/06 15:52:09 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2010/03/06 15:52:09 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2010/03/06 15:52:09 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2010/03/06 15:52:09 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2010/03/06 15:52:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2010/03/06 01:07:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2010/03/06 01:07:44 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2010/03/06 01:02:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Sun
[2010/03/06 01:02:12 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2009/08/21 02:49:33 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2009/08/21 02:49:33 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2009/08/21 02:49:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2009/08/21 02:49:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 14 Days ==========

[2010/03/12 13:15:25 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Janet Duross\Desktop\OTL.exe
[2010/03/12 02:37:28 | 000,524,016 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010/03/12 02:37:28 | 000,442,466 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/03/12 02:37:28 | 000,071,732 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/03/12 02:33:14 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010/03/12 02:33:12 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/03/12 02:33:10 | 937,938,944 | -HS- | M] () -- C:\hiberfil.sys
[2010/03/11 20:07:56 | 000,216,498 | ---- | M] () -- C:\Documents and Settings\Janet Duross\Desktop\radix_installer.zip
[2010/03/11 00:24:43 | 000,001,804 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/03/11 00:23:26 | 000,001,606 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/03/11 00:23:05 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/03/09 23:30:36 | 000,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2010/03/09 23:30:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2010/03/09 23:29:53 | 002,359,296 | ---- | M] () -- C:\Documents and Settings\Janet Duross\ntuser.dat
[2010/03/09 23:29:42 | 006,408,544 | -H-- | M] () -- C:\Documents and Settings\Janet Duross\Local Settings\Application Data\IconCache.db
[2010/03/09 23:20:11 | 003,885,152 | R--- | M] () -- C:\Documents and Settings\Janet Duross\Desktop\ComboFix.exe
[2010/03/09 14:32:19 | 000,039,521 | ---- | M] () -- C:\Documents and Settings\Janet Duross\Desktop\SpiderKill.zip
[2010/03/09 00:52:41 | 000,077,312 | ---- | M] () -- C:\Documents and Settings\Janet Duross\Desktop\mbr.exe
[2010/03/06 15:52:57 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2010/03/06 01:07:56 | 000,001,731 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/03/11 20:07:55 | 000,216,498 | ---- | C] () -- C:\Documents and Settings\Janet Duross\Desktop\radix_installer.zip
[2010/03/11 00:24:43 | 000,001,804 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2010/03/11 00:23:26 | 000,001,606 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2010/03/11 00:23:04 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/03/09 23:20:10 | 003,885,152 | R--- | C] () -- C:\Documents and Settings\Janet Duross\Desktop\ComboFix.exe
[2010/03/09 14:32:19 | 000,039,521 | ---- | C] () -- C:\Documents and Settings\Janet Duross\Desktop\SpiderKill.zip
[2010/03/09 01:16:34 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2010/03/09 00:52:41 | 000,077,312 | ---- | C] () -- C:\Documents and Settings\Janet Duross\Desktop\mbr.exe
[2010/03/06 15:52:56 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2010/03/06 15:52:53 | 000,260,272 | ---- | C] () -- C:\cmldr
[2010/03/06 15:52:09 | 000,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2010/03/06 15:52:09 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2010/03/06 15:52:09 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2010/03/06 15:52:09 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2010/03/06 01:07:56 | 000,001,731 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2009/08/21 02:55:47 | 000,000,030 | ---- | C] () -- C:\WINDOWS\1440X900.INI
[2008/10/29 10:55:34 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/10/28 20:10:54 | 000,000,109 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
[2008/10/28 20:10:36 | 000,000,105 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
[2008/10/28 20:05:12 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIOFM4.dll
[2008/10/28 20:05:12 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN5.dll
[2008/10/28 20:04:30 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2008/10/28 20:04:30 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2008/08/25 03:17:58 | 000,023,634 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008/04/14 17:00:00 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2008/02/25 00:29:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/02/25 00:29:00 | 001,482,752 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/02/25 00:29:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/02/25 00:29:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/02/25 00:29:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005/03/28 02:45:26 | 000,000,097 | ---- | C] () -- C:\WINDOWS\ALaunch.ini
[2001/12/26 19:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/04 02:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/07/30 19:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/24 01:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll

========== LOP Check ==========

[2009/11/03 14:14:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MumboJumbo
[2009/12/18 02:23:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NtiDvdCopy
[2009/08/21 04:23:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[2010/03/11 00:24:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

========== Purity Check ==========



========== Custom Scans ==========



< MD5 for: ATAPI.SYS >
[2008/04/14 17:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\I386\sp3.cab:atapi.sys
[2008/04/14 17:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 17:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
[2008/04/14 17:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

< MD5 for: CSRSS.EXE >
[2008/04/14 17:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\system32\csrss.exe
[2008/04/14 17:00:00 | 000,006,144 | ---- | M] (Microsoft Corporation) MD5=44F275C64738EA2056E3D9580C23B60F -- C:\WINDOWS\system32\dllcache\csrss.exe

< MD5 for: EXPLORER.EXE >
[2008/04/14 17:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\ERDNT\cache\explorer.exe
[2008/04/14 17:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\explorer.exe
[2008/04/14 17:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) MD5=12896823FB95BFB3DC9B46BCAEDC9923 -- C:\WINDOWS\system32\dllcache\explorer.exe

< MD5 for: GEARASPIWDM.SYS >
[2009/05/18 14:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) MD5=8182FF89C65E4D38B2DE4BB0FB18564E -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}\x86\x86\GEARAspiWDM.sys
[2009/05/18 14:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) MD5=8182FF89C65E4D38B2DE4BB0FB18564E -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
[2009/05/18 14:17:00 | 000,026,600 | ---- | M] (GEAR Software Inc.) MD5=8182FF89C65E4D38B2DE4BB0FB18564E -- C:\WINDOWS\system32\DRVSTORE\GEARAspiWD_3B7AACF0636A2C042EB7AD2AFF76D37B27BDD28C\x86\GEARAspiWDM.sys
[2008/04/17 12:12:54 | 000,015,464 | ---- | M] (GEAR Software Inc.) MD5=AB8A6A87D9D7255C3884D5B9541A6E80 -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}\x86\x86\GEARAspiWDM.sys
[2008/04/17 12:12:54 | 000,015,464 | ---- | M] (GEAR Software Inc.) MD5=AB8A6A87D9D7255C3884D5B9541A6E80 -- C:\WINDOWS\system32\DRVSTORE\GEARAspiWD_D213663B6381F01E45A131159A9DEFE018321CB3\x86\GEARAspiWDM.sys
[2008/04/17 12:12:54 | 000,019,304 | ---- | M] (GEAR Software Inc.) MD5=CB121F1009623E83EBCC2C4DCEF6D3FE -- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}\x64\x64\GEARAspiWDM.sys

< MD5 for: KERNEL32.DLL >
[2009/03/21 09:06:58 | 000,989,696 | ---- | M] (Microsoft Corporation) MD5=B921FB870C9AC0D509B2CCABBBBE95F3 -- C:\WINDOWS\ERDNT\cache\kernel32.dll
[2009/03/21 09:06:58 | 000,989,696 | ---- | M] (Microsoft Corporation) MD5=B921FB870C9AC0D509B2CCABBBBE95F3 -- C:\WINDOWS\system32\dllcache\kernel32.dll
[2009/03/21 09:06:58 | 000,989,696 | ---- | M] (Microsoft Corporation) MD5=B921FB870C9AC0D509B2CCABBBBE95F3 -- C:\WINDOWS\system32\kernel32.dll
[2008/04/14 17:00:00 | 000,989,696 | ---- | M] (Microsoft Corporation) MD5=C24B983D211C34DA8FCC1AC38477971D -- C:\WINDOWS\$NtUninstallKB959426$\kernel32.dll
[2009/03/21 08:59:23 | 000,991,744 | ---- | M] (Microsoft Corporation) MD5=DA11D9D6ECBDF0F93436A4B7C13F7BEC -- C:\WINDOWS\$hf_mig$\KB959426\SP3QFE\kernel32.dll

< MD5 for: NETLOGON.DLL >
[2008/04/14 17:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
[2008/04/14 17:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2008/04/14 17:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll

< MD5 for: NTDLL.DLL >
[2008/04/14 17:00:00 | 000,706,048 | ---- | M] (Microsoft Corporation) MD5=27D9ED8CB8B62D1E0A8E5ACE6CF52E2F -- C:\I386\NTDLL.DLL
[2008/04/14 17:00:00 | 000,706,048 | ---- | M] (Microsoft Corporation) MD5=27D9ED8CB8B62D1E0A8E5ACE6CF52E2F -- C:\I386\SYSTEM32\NTDLL.DLL
[2008/04/14 17:00:00 | 000,706,048 | ---- | M] (Microsoft Corporation) MD5=27D9ED8CB8B62D1E0A8E5ACE6CF52E2F -- C:\WINDOWS\$NtUninstallKB956572$\ntdll.dll
[2009/02/09 07:10:48 | 000,714,752 | ---- | M] (Microsoft Corporation) MD5=911DDF2E16761643A47225F654D811E5 -- C:\WINDOWS\system32\dllcache\ntdll.dll
[2009/02/09 07:10:48 | 000,714,752 | ---- | M] (Microsoft Corporation) MD5=911DDF2E16761643A47225F654D811E5 -- C:\WINDOWS\system32\ntdll.dll
[2009/02/09 05:56:35 | 000,715,264 | ---- | M] (Microsoft Corporation) MD5=B0913005EE3FC15D7F72472D0B8A30EB -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\ntdll.dll
[2004/08/04 00:56:38 | 000,708,096 | ---- | M] (Microsoft Corporation) MD5=BB5CBFFC096497506167BCE1D9690EF2 -- C:\cmdcons\SYSTEM32\NTDLL.DLL

< MD5 for: NTFS.SYS >
[2008/04/14 17:00:00 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\I386\NTFS.SYS
[2008/04/14 17:00:00 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\ERDNT\cache\ntfs.sys
[2008/04/14 17:00:00 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\dllcache\ntfs.sys
[2008/04/14 17:00:00 | 000,574,976 | ---- | M] (Microsoft Corporation) MD5=78A08DD6A8D65E697C18E1DB01C5CDCA -- C:\WINDOWS\system32\drivers\ntfs.sys
[2004/08/03 23:15:10 | 000,574,592 | ---- | M] (Microsoft Corporation) MD5=B78BE402C3F63DD55521F73876951CDD -- C:\cmdcons\NTFS.SYS

< MD5 for: RTHDCPL.EXE >
[2008/05/16 02:39:00 | 016,862,720 | ---- | M] (Realtek Semiconductor Corp.) MD5=013A269E7AF8B01FF20B384FEEBFFDA5 -- C:\Program Files\Realtek\Audio\InstallShield\RTHDCPL.exe
[2008/05/16 02:39:00 | 016,862,720 | ---- | M] (Realtek Semiconductor Corp.) MD5=013A269E7AF8B01FF20B384FEEBFFDA5 -- C:\WINDOWS\RTHDCPL.exe

< MD5 for: SMSS.EXE >
[2008/04/14 17:00:00 | 000,470,016 | ---- | M] (Microsoft Corporation) MD5=3C3393C92A73A3006C7B706DAC54A812 -- C:\I386\SYSTEM32\SMSS.EXE
[2008/04/14 17:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\dllcache\smss.exe
[2008/04/14 17:00:00 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=5F816C1F539266D2D4C78694239DA0B5 -- C:\WINDOWS\system32\smss.exe
[2004/08/04 00:56:58 | 000,152,576 | ---- | M] (Microsoft Corporation) MD5=DA5CF1C368B33D75602FD6B3A7F5E0C6 -- C:\cmdcons\SYSTEM32\SMSS.EXE

< MD5 for: TERMSRV.DLL >
[2008/04/14 17:00:00 | 000,295,424 | ---- | M] (Microsoft Corporation) MD5=FF3477C03BE7201C294C35F684B3479F -- C:\WINDOWS\ERDNT\cache\termsrv.dll
[2008/04/14 17:00:00 | 000,295,424 | ---- | M] (Microsoft Corporation) MD5=FF3477C03BE7201C294C35F684B3479F -- C:\WINDOWS\system32\dllcache\termsrv.dll
[2008/04/14 17:00:00 | 000,295,424 | ---- | M] (Microsoft Corporation) MD5=FF3477C03BE7201C294C35F684B3479F -- C:\WINDOWS\system32\termsrv.dll

< MD5 for: USERINIT.EXE >
[2008/04/14 17:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\ERDNT\cache\userinit.exe
[2008/04/14 17:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\dllcache\userinit.exe
[2008/04/14 17:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=A93AEE1928A9D7CE3E16D24EC7380F89 -- C:\WINDOWS\system32\userinit.exe
< End of report >

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28432
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on 12th March 2010, 6:29 pm

there is no extra.txt on my desktop where i saved OTL

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28432
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by Dr Jay on 12th March 2010, 8:46 pm

Now to get you off to a good start we will clean your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your restore points, but this is my method:
  • Select Start > All Programs > Accessories > System tools > System Restore.
  • On the dialogue box that appears select Create a Restore Point
  • Click NEXT
  • Enter a name e.g. Clean
  • Click CREATE

You now have a clean restore point, to get rid of the bad ones:
  • Select Start > All Programs > Accessories > System tools > Disk Cleanup.
  • In the Drop down box that appears select your main drive e.g. C
  • Click OK
  • The System will do some calculation and the display a dialogue box with TABS
  • Select the More Options Tab.
  • At the bottom will be a system restore box with a CLEANUP button click this
  • Accept the Warning and select OK again, the program will close and you are done


To remove all of the tools we used and the files and folders they created, please do the following:
Please download [You must be registered and logged in to see this link.] by OldTimer:

  • Save it to your Desktop.
  • Double click OTC.exe.
  • Click the CleanUp! button.
  • If you are prompted to Reboot during the cleanup, select Yes.
  • The tool will delete itself once it finishes.

Note: If any tool, file or folder (belonging to the program we have used) hasn't been deleted, please delete it manually.

==

Please download [You must be registered and logged in to see this link.] to your desktop
  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start
    button to begin the process. Depending on how often you clean temp
    files, execution time should be anywhere from a few seconds to a minute
    or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.


==

Download Security Check by screen317 from [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.].
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14307
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302944
# Likes # Likes : 10

View user profile

Back to top Go down

Re: computer slow

Post by shannonmac8 on 13th March 2010, 3:59 am

Results of screen317's Security Check version 0.99.1
Windows XP Service Pack 3
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Enabled!
``````````````````````````````
Anti-malware/Other Utilities Check:

Java(TM) 6 Update 18
Java Auto Updater
Out of date Java installed!
Adobe Flash Player 10
Adobe Reader 9.3
``````````````````````````````
Process Check:
objlist.exe by Laurent

``````````````````````````````
DNS Vulnerability Check:

POOR! (Vulnerable to DNS cache poisoning!!-- Consider OPENDNS)

`````````End of Log```````````

shannonmac8
Intermediate
Intermediate

Posts Posts : 76
Joined Joined : 2009-06-01
OS OS : xp
Points Points : 28432
# Likes # Likes : 0

View user profile

Back to top Go down

Re: computer slow

Post by Dr Jay on 13th March 2010, 6:47 pm

Please read the following information that I have provided, which will help you prevent malicious software in the future. Please keep in mind, malware is a continuous danger on the Internet. It is highly important to stay safe while browsing, to prevent re-infection.

Software recommendations

Antivirus/Antispyware

  • [You must be registered and logged in to see this link.]: this is Microsoft's free antivirus/antispyware program. It equips you with protection against viruses, spyware, trojans, rootkits, and worms. It is also light on the computer's performance. Note: when installing this, you have both an antivirus and antispyware. Make sure you also get a firewall.
  • [You must be registered and logged in to see this link.]: this is one of the most powerful, and easiest to use security software. The free version equips you with protection against viruses, spyware, trojans, rootkits, worms, and rogue software. Note: when installing this, you have both an antivirus and antispyware. Make sure you also get a firewall.


Firewall

  • [You must be registered and logged in to see this link.]: the free version is just as good as the premium. I have linked you to the free version.
  • [You must be registered and logged in to see this link.]: the free version is just as good as the premium. I have linked you to the free version. The optional security suite enhances the firewall by 40% increase. If you would like to install the suite that includes antivirus, then remove your old antivirus first.
  • [You must be registered and logged in to see this link.]: free and excellent firewall.


Note: Please keep ALL of these programs up-to-date and run them whenever you suspect a problem to prevent malware problems.

Resident Protection help
A number of programs have resident protection and it is a good idea to run the resident protection of one of each type of program to maintain protection. However, it is important to run only one resident program of each type since they can conflict and become less effective. That means only one antivirus, firewall, and scanning anti-spyware program at a time. Passive protectors such as SpywareBlaster can be run with any of them.

Rogue programs help
There are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you can find out if it is a rogue here:
[You must be registered and logged in to see this link.]

Securing your computer

  • [You must be registered and logged in to see this link.] - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.
  • [You must be registered and logged in to see this link.] replaces your current HOSTS file with one containing well known ad sites and other bad sites. This prevents your computer from connecting to those sites by redirecting them to 127.0.0.1, which is your local computer's loopback address, meaning it will be difficult to infect your computer in the future.


Please consider using an alternate browser
Mozilla's Firefox browser is a very good alternative. In addition to being generally more secure than Internet Explorer, it has a very good built-in popup blocker and add-ons, like NoScript, can make it even more secure. Opera is another good option.

If you are interested:


See [You must be registered and logged in to see this link.] for more info about malware and prevention.

Thank you for choosing GeekPolice. Please see [You must be registered and logged in to see this link.] if you would like to leave feedback or contribute to our site. Do you have any more questions?


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14307
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302944
# Likes # Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum