HIJACK THIS: userinit.exe problems

Page 2 of 2 Previous  1, 2

View previous topic View next topic Go down

HIJACK THIS: userinit.exe problems

Post by larrybro on Sat 04 Dec 2010, 9:52 am

First topic message reminder :

I am running Windows XP and have to get into the system using my Task Manager...I believe this to be the userinit.exe virus. Here are the OTL results (the second part follows in the next post):

OTL logfile created on: 12/3/2010 5:52:42 PM - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Larry\Desktop
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

255.00 Mb Total Physical Memory | 36.00 Mb Available Physical Memory | 14.00% Memory free
619.00 Mb Paging File | 354.00 Mb Available in Paging File | 57.00% Paging File free
Paging file location(s): C:\pagefile.sys 384 768 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.24 Gb Total Space | 15.38 Gb Free Space | 41.32% Space Free | Partition Type: NTFS
Drive F: | 1.86 Gb Total Space | 1.86 Gb Free Space | 99.73% Space Free | Partition Type: FAT

Computer Name: LARRYANDSARLENO | User Name: Larry | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010/12/03 16:21:39 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Larry\Desktop\OTL.com
PRC - [2010/12/03 16:11:26 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2007/09/01 05:58:00 | 000,152,832 | ---- | M] (Avanquest Software USA, Inc.) -- C:\Program Files\Avanquest\Fix-It\mxtask.exe
PRC - [2007/02/12 18:56:38 | 000,537,520 | ---- | M] ( ) -- C:\WINDOWS\system32\lxdccoms.exe
PRC - [2006/01/04 17:09:34 | 000,094,208 | ---- | M] () -- C:\Program Files\Network Monitor\netmon.exe
PRC - [2005/08/02 15:58:38 | 000,293,888 | RHS- | M] () -- C:\WINDOWS\TGFycnkgVy4gQnJvd24\command.exe
PRC - [2004/10/13 05:28:15 | 000,040,960 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\fswsclds.exe
PRC - [2004/04/07 11:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
PRC - [2004/02/02 11:20:12 | 000,155,702 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\FWES\program\fsdfwd.exe
PRC - [2003/10/01 12:16:26 | 000,065,589 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\Common\fch32.exe
PRC - [2003/10/01 12:15:00 | 000,270,391 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\Common\FAMEH32.exe
PRC - [2003/10/01 12:11:28 | 000,061,494 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\Common\FSMA32.exe
PRC - [2003/10/01 12:06:12 | 000,180,278 | ---- | M] (F-Secure Corporation) -- C:\Program Files\F-Secure Internet Security\Common\FSMB32.exe
PRC - [2001/08/17 17:36:42 | 000,024,064 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\devldr32.exe


========== Modules (SafeList) ==========

MOD - [2010/12/03 16:21:39 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Larry\Desktop\OTL.com
MOD - [2008/08/01 08:06:08 | 000,111,104 | ---- | M] () -- C:\WINDOWS\system32\aydekt.dll
MOD - [2007/08/31 12:57:42 | 000,028,672 | ---- | M] (Avanquest Software USA, Inc.) -- C:\Program Files\Avanquest\Fix-It\WinHook.dll
MOD - [2006/08/25 10:45:55 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
MOD - [2006/05/19 07:59:41 | 000,094,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2005/08/02 15:46:54 | 000,187,904 | RHS- | M] () -- C:\WINDOWS\TGFycnkgVy4gQnJvd24\asappsrv.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- C:\WINDOWS\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2008/07/11 18:55:03 | 000,023,048 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\444.470 -- (MsSecurity1.209.4)
SRV - [2007/09/01 05:58:00 | 000,152,832 | ---- | M] (Avanquest Software USA, Inc.) [Auto | Running] -- C:\Program Files\Avanquest\Fix-It\mxtask.exe -- (Fix-It Task Manager)
SRV - [2007/08/09 19:48:26 | 001,838,592 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager)
SRV - [2007/02/12 18:56:38 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\System32\lxdccoms.exe -- (lxdc_device)
SRV - [2006/01/04 17:09:34 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\Network Monitor\netmon.exe -- (Network Monitor)
SRV - [2005/08/02 15:58:38 | 000,293,888 | RHS- | M] () [Auto | Running] -- C:\WINDOWS\TGFycnkgVy4gQnJvd24\command.exe -- (cmdService)
SRV - [2004/10/13 05:28:15 | 000,040,960 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\F-Secure Internet Security\fswsclds.exe -- (Fswsclds)
SRV - [2004/04/07 11:07:32 | 001,135,728 | ---- | M] (America Online, Inc.) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe -- (AOL ACS)
SRV - [2004/02/02 11:20:12 | 000,155,702 | ---- | M] (F-Secure Corporation) [On_Demand | Running] -- C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe -- (FSDFWD)
SRV - [2003/10/01 12:11:28 | 000,061,494 | ---- | M] (F-Secure Corporation) [Auto | Running] -- C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE -- (FSMA)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\ipsecw2k.sys -- (IPSECSHM)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\F-Secure Internet Security\Anti-Virus\Win2K\FSrec.sys -- (F-Secure Recognizer)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\F-Secure Internet Security\Anti-Virus\Win2K\FSgk.sys -- (F-Secure Gatekeeper)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\F-Secure Internet Security\Anti-Virus\Win2K\FSfilter.sys -- (F-Secure Filter)
DRV - [2008/07/11 18:55:10 | 000,086,144 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rootmdmm.sys -- (rootmdmm)
DRV - [2008/07/11 18:55:04 | 000,099,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\Larry\Local Settings\Temp\tni19D.tmp -- (TnIDriver)
DRV - [2007/11/29 17:30:24 | 000,009,464 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdralw2k.sys -- (Cdralw2k)
DRV - [2007/11/29 17:30:24 | 000,009,336 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\cdr4_xp.sys -- (Cdr4_xp)
DRV - [2007/09/01 05:58:00 | 000,020,496 | ---- | M] (Avanquest Software USA, Inc.) [Kernel | On_Demand | Running] -- C:\Program Files\Avanquest\Fix-It\MailScan.sys -- (MailScan)
DRV - [2007/08/31 12:36:12 | 000,199,440 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Avanquest\Fix-It\tmxpflt.sys -- (tmxpflt)
DRV - [2007/08/31 12:36:12 | 000,032,528 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Avanquest\Fix-It\tmpreflt.sys -- (tmpreflt)
DRV - [2007/08/31 12:36:10 | 001,052,472 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Program Files\Avanquest\Fix-It\Vsapint.sys -- (Vsapint)
DRV - [2004/10/07 20:16:04 | 000,035,840 | ---- | M] (Oak Technology Inc.) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\AFS2K.SYS -- (AFS2K)
DRV - [2004/08/04 01:29:26 | 000,327,040 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtaa.sys -- (ati2mtaa)
DRV - [2004/08/04 01:08:21 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/06/09 18:42:38 | 000,015,429 | R--- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Sacm2A.sys -- (USBCM)
DRV - [2004/02/02 11:20:56 | 000,082,336 | ---- | M] (F-Secure Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\fsdfw.sys -- (FSFW)
DRV - [2004/01/02 15:24:51 | 000,008,413 | ---- | M] (RealNetworks, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\mcstrm.sys -- (MCSTRM)
DRV - [2003/01/27 21:03:08 | 000,028,164 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2002/10/15 14:32:16 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/07/09 17:14:00 | 001,172,416 | R--- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2002/07/09 17:13:00 | 000,594,832 | R--- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2002/07/09 17:13:00 | 000,167,155 | R--- | M] (Conexant Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)
DRV - [2002/04/10 17:01:12 | 000,024,554 | ---- | M] (Roxio) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\Dvd_2k.sys -- (dvd_2K)
DRV - [2002/04/10 17:01:00 | 000,029,638 | ---- | M] (Roxio) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\Mmc_2k.sys -- (mmc_2K)
DRV - [2002/04/10 17:00:44 | 000,117,898 | ---- | M] (Roxio) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\pwd_2K.sys -- (pwd_2k)
DRV - [2002/04/10 16:48:04 | 000,236,032 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\cdudf_xp.sys -- (cdudf_xp)
DRV - [2002/04/10 16:45:16 | 000,206,336 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\udfreadr_xp.sys -- (UdfReadr_xp)
DRV - [2001/10/16 16:47:04 | 000,017,648 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pcx2nd5.sys -- (pcx2nd5) Toshiba PCX2000 USB Cable Modem networking driver (NDIS)
DRV - [2001/10/16 16:46:58 | 000,069,456 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pcx2unic.sys -- (pcx2unic)
DRV - [2001/08/23 14:00:00 | 000,022,400 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SbcpHid.sys -- (SbcpHid)
DRV - [2001/08/22 08:42:58 | 000,013,632 | ---- | M] (Dell Computer Corporation) [Kernel | System | Running] -- C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS -- (OMCI)
DRV - [2001/08/17 08:28:12 | 000,488,383 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_V124.sys -- (V124)
DRV - [2001/08/17 08:28:12 | 000,050,751 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_TONE.sys -- (Tones)
DRV - [2001/08/17 08:28:10 | 000,542,879 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_MSFT.sys -- (hsf_msft)
DRV - [2001/08/17 08:28:10 | 000,073,279 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_SPKP.sys -- (SpeakerPhone)
DRV - [2001/08/17 08:28:10 | 000,057,471 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_SAMP.sys -- (Rksample)
DRV - [2001/08/17 08:28:08 | 000,391,199 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_K56K.sys -- (K56)
DRV - [2001/08/17 08:28:06 | 000,289,887 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FALL.sys -- (Fallback)
DRV - [2001/08/17 08:28:06 | 000,199,711 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FAXX.sys -- (SoftFax)
DRV - [2001/08/17 08:28:06 | 000,115,807 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\HSF_FSKS.sys -- (Fsks)
DRV - [2001/08/17 08:28:04 | 000,067,167 | ---- | M] (Conexant) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_BSC2.sys -- (basic2)
DRV - [2001/08/17 07:48:52 | 000,281,856 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ati2mpaa.sys -- (ati2mpaa)
DRV - [2001/08/17 07:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001/08/17 07:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1) Creative Interface Manager Driver (WDM)
DRV - [2001/08/17 07:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k) Creative SB Live! (WDM)
DRV - [2001/08/17 07:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)
DRV - [2000/03/29 16:11:20 | 000,008,096 | ---- | M] (MicroStaff Co.,Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\MASPINT.SYS -- (MASPINT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = [You must be registered and logged in to see this link.]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = [You must be registered and logged in to see this link.]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;*.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://www.google.com/reader/view/?hl=en&tab=wy#overview-page"
FF - prefs.js..extensions.enabledItems: {fce36c1e-58d8-498a-b2a5-66ad1cedebbb}:0.72
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.0.4
FF - prefs.js..extensions.enabledItems: {5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}:1.8.33

FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/03 16:11:44 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/03 16:11:44 | 000,000,000 | ---D | M]

[2008/06/29 21:13:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Mozilla\Extensions
[2005/09/01 19:00:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\3dw496cy.Larry\extensions
[2005/09/01 19:00:47 | 000,000,000 | ---D | M] (Firefox (default)) -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\3dw496cy.Larry\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2010/12/03 00:09:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hlcckdqo.default\extensions
[2008/06/20 20:51:39 | 000,000,000 | ---D | M] (FlashGot) -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hlcckdqo.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2006/06/06 13:55:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hlcckdqo.default\extensions\{2A10B180-05EF-11D9-8C50-444553540001}
[2005/12/18 16:42:41 | 000,000,000 | ---D | M] (Crystal Dream) -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hlcckdqo.default\extensions\{3143B27B-F7DE-49d8-BF08-C2E4DEA71DBB}
[2008/06/04 08:18:01 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hlcckdqo.default\extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}
[2007/07/30 21:47:02 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hlcckdqo.default\extensions\{9f08cb5a-76b1-4bcf-aff9-90e1a5d60b1e}
[2008/04/26 20:56:28 | 000,000,000 | ---D | M] (CustomizeGoogle) -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hlcckdqo.default\extensions\{fce36c1e-58d8-498a-b2a5-66ad1cedebbb}
[2008/06/20 18:44:24 | 000,000,908 | ---- | M] () -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hlcckdqo.default\searchplugins\IMDB.xml
[2008/06/20 18:44:24 | 000,001,108 | ---- | M] () -- C:\Documents and Settings\Larry\Application Data\Mozilla\Firefox\Profiles\hlcckdqo.default\searchplugins\wikipedia.xml
[2010/12/03 00:09:03 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2006/09/01 14:10:19 | 000,114,688 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npmozax.dll

O1 HOSTS File: ([2002/06/25 16:38:30 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {2673f941-a63e-4f1c-9355-5e2eb68c891d} - C:\WINDOWS\system32\aydekt.dll ()
O2 - BHO: (gooochi browser optimizer) - {67f1f031-3888-b1c3-2852-0a47dd8d8f44} - C:\WINDOWS\system32\wpuzhltehabgctt.dll ( )
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {7768234D-E494-424D-96E6-4819A1E16325} - C:\WINDOWS\system32\hgGxUOhe.dll ()
O2 - BHO: (MySidesearch Search Assistant) - {9506910A-0F94-4ea1-B567-7070428B8B2B} - C:\WINDOWS\system32\mysidesearch_sidebar.dll ()
O2 - BHO: (no name) - {C848797B-12BC-4983-A8D9-2BCC34D07FB2} - C:\WINDOWS\system32\efcYqnml.dll ()
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.0311.0\msneshellx.dll (Microsoft Corp.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [{64ed5f2c-60f4-5163-4e5e-db973fc7094e}] C:\WINDOWS\system32\wpuzhltehabgctt.DLL ( )
O4 - HKLM..\Run: [{DC-CF-F3-39-DW}] C:\WINDOWS\System32\rrwnw64p.exe ()
O4 - HKLM..\Run: [4c0dcf96] C:\WINDOWS\System32\jsiptlme.DLL ()
O4 - HKLM..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe (America Online, Inc)
O4 - HKLM..\Run: [BM4f3efc0a] C:\WINDOWS\System32\kovhjwxm.DLL ()
O4 - HKLM..\Run: [ExploreUpdSched] C:\WINDOWS\System32\ocntqtdm.exe ()
O4 - HKLM..\Run: [F-Secure Manager] C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE (F-Secure Corporation)
O4 - HKLM..\Run: [F-Secure TNB] C:\Program Files\F-Secure Internet Security\TNB\TNBUtil.exe (F-Secure Corporation)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1171212340\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe (MUSICMATCH, Inc.)
O4 - HKLM..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE (FUJI PHOTO FILM CO., LTD.)
O4 - HKLM..\Run: [runner1] C:\WINDOWS\mrofinu1188.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [VirusScannerPro] C:\Program Files\Avanquest\Fix-It\MemCheck.exe (Avanquest Software USA, Inc.)
O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - HKCU..\Run: [GetModule20] C:\Program Files\GetModule\GetModule20.exe ()
O4 - HKCU..\Run: [GetPack20] C:\Program Files\GetPack\GetPack20.exe ()
O4 - HKCU..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe File not found
O4 - HKCU..\Run: [mjc] C:\Program Files\mjc\mjc.exe ()
O4 - HKCU..\Run: [Sakora] C:\Program Files\Sakora\Sakora.exe ()
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\System32\Macromed\Flash\NPSWF32_FlashUtil.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Documents and Settings\Larry\Start Menu\Programs\Startup\Deewoo.lnk = C:\WINDOWS\system32\ocntqtdm.exe ()
O4 - Startup: C:\Documents and Settings\Larry\Start Menu\Programs\Startup\DW_Start.lnk = C:\WINDOWS\system32\rrwnw64p.exe ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: + &Download Express: download this file - C:\Program Files\Download Express\add_url.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\npjpi160_05.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra Button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {33564D57-9980-0010-8000-00AA00389B71} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_05)
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0_04)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0_09)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_05)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [You must be registered and logged in to see this link.] (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java [You must be registered and logged in to see this link.] (Reg Error: Key error.)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - AppInit_DLLs: (aydekt.dll) - C:\WINDOWS\System32\aydekt.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\hgGxUOhe: DllName - hgGxUOhe.dll - C:\WINDOWS\System32\hgGxUOhe.dll ()
O24 - Desktop WallPaper: C:\Documents and Settings\Larry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Larry\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {7768234D-E494-424D-96E6-4819A1E16325} - C:\WINDOWS\system32\hgGxUOhe.dll ()
O30 - LSA: Authentication Packages - (C:\WINDOWS\system32\efcYqnml) - C:\WINDOWS\System32\efcYqnml.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003/01/27 19:42:17 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: HidServ - C:\WINDOWS\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found

MsConfig - Services: "MCVSRte"
MsConfig - Services: "mcupdmgr.exe"
MsConfig - Services: "McShield"
MsConfig - Services: "AOL ACS"
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online Tray Icon.lnk - C:\PROGRA~1\AMERIC~3.0\aoltray.exe - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Office.lnk - C:\PROGRA~1\MICROS~4\Office10\OSA.EXE - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Microsoft Works Calendar Reminders.lnk - C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe - (Microsoft® Corporation)
MsConfig - StartUpFolder: C:^Documents and Settings^Larry^Start Menu^Programs^Startup^PowerReg SchedulerV2.exe - C:\Documents and Settings\Larry\Start Menu\Programs\Startup\PowerReg SchedulerV2.exe - File not found
MsConfig - StartUpReg: AdaptecDirectCD - hkey= - key= - C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe (Roxio)
MsConfig - StartUpReg: EPSON Stylus C62 Series - hkey= - key= - File not found
MsConfig - StartUpReg: MCAgentExe - hkey= - key= - c:\PROGRA~1\mcafee.com\agent\mcagent.exe File not found
MsConfig - StartUpReg: MCUpdateExe - hkey= - key= - C:\PROGRA~1\mcafee.com\agent\mcupdate.exe File not found
MsConfig - StartUpReg: Microsoft Works Portfolio - hkey= - key= - C:\Program Files\Microsoft Works\WksSb.exe (Microsoft® Corporation)
MsConfig - StartUpReg: Microsoft Works Update Detection - hkey= - key= - C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)
MsConfig - StartUpReg: MoneyAgent - hkey= - key= - C:\Program Files\Microsoft Money\System\Money Express.exe (Microsoft Corporation)
MsConfig - StartUpReg: MoneyStartUp10.0 - hkey= - key= - C:\Program Files\Microsoft Money\System\Activation.exe (Microsoft Corporation)
MsConfig - StartUpReg: MSMSGS - hkey= - key= - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
MsConfig - StartUpReg: RealTray - hkey= - key= - C:\Program Files\Real\RealPlayer\RealPlay.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: Share-to-Web Namespace Daemon - hkey= - key= - C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe (Hewlett-Packard)
MsConfig - StartUpReg: VirusScan Online - hkey= - key= - c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe File not found
MsConfig - StartUpReg: VSOCheckTask - hkey= - key= - c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe File not found
MsConfig - StartUpReg: WorksFUD - hkey= - key= - C:\Program Files\Microsoft Works\wkfud.exe (Microsoft® Corporation)
MsConfig - State: "system.ini" - 1
MsConfig - State: "win.ini" - 1
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 1

SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: SYMTDI - Service
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {057997dd-71e4-43cc-b161-3f8180691a9e} - Q824145
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 8.0
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {2298d453-bcae-4519-bf33-1cbf3faf1524} - Q867801
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 8.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2cc9d512-6db6-4f1c-8979-9a41fae88de0} - Q837009
ActiveX: {2D5974C5-5185-4f5b-80B6-28015ACDD74C} - q319182
ActiveX: {2eac6a2d-57a8-44d4-96f7-e32bab40ca5f} - Windows Update
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5f3c70b3-ac2f-432c-8f9c-1624df61f54f} - Microsoft Data Access Components KB870669
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8D1D0E9A-C799-4D28-9E29-0061D1E66E43} - Microsoft .NET Framework 1.1 Hotfix (KB928366)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {eddbec60-89cb-44ef-8291-0850fd28ff6a} - Q832894
ActiveX: {f5173cf0-1dfb-4978-8e50-a90169ee7ca9} - Q823353
ActiveX: {F5776D81-AE53-4935-8E84-B0B283D8BCEF} - Q330994
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: aux - C:\WINDOWS\System32\ctwdm32.dll (Creative Technology Ltd.)
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: VIDC.WMV3 - C:\WINDOWS\System32\wmv9vcm.dll (Microsoft Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: wave1 - C:\WINDOWS\System32\serwvdrv.dll (Microsoft Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (14931784517025792)

========== Files/Folders - Created Within 30 Days ==========

[2010/12/03 16:21:39 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Larry\Desktop\OTL.com
[2010/12/03 16:13:09 | 008,567,280 | ---- | C] (Mozilla) -- C:\Documents and Settings\Larry\Desktop\Firefox Setup 3.6.12.exe
[2010/12/03 15:51:37 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010/12/03 00:01:08 | 007,622,112 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Larry\Desktop\mbam-setup-1.50.0.0.exe
[2008/07/02 08:48:08 | 000,158,208 | ---- | C] ( ) -- C:\WINDOWS\System32\wpuzhltehabgctt.dll
[2008/02/21 19:16:02 | 000,015,429 | R--- | C] ( ) -- C:\WINDOWS\System32\drivers\Sacm2A.sys
[2007/01/10 19:02:06 | 000,643,072 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdcpmui.dll
[2007/01/10 19:00:42 | 001,232,896 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdcserv.dll
[2007/01/10 18:54:42 | 000,425,984 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdccomm.dll
[2007/01/10 18:53:10 | 000,585,728 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdclmpm.dll
[2007/01/10 18:51:52 | 000,397,312 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdciesc.dll
[2007/01/10 18:49:44 | 000,094,208 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdcpplc.dll
[2007/01/10 18:49:00 | 000,684,032 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdccomc.dll
[2007/01/10 18:48:30 | 000,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdcprox.dll
[2007/01/10 18:42:24 | 000,413,696 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdcinpa.dll
[2007/01/10 18:41:44 | 000,999,424 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdcusb1.dll
[2007/01/10 18:37:42 | 000,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxdchbn3.dll
[2005/01/03 17:39:51 | 000,090,112 | R--- | C] ( ) -- C:\WINDOWS\System32\SCCD3X02.DLL
[2004/01/25 15:03:49 | 003,468,688 | ---- | C] (Xceed Software Inc. 1-450-442-2626 [You must be registered and logged in to see this link.] [You must be registered and logged in to see this link.] -- C:\Program Files\R41231.EXE
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[7 C:\Documents and Settings\Larry\My Documents\*.tmp files -> C:\Documents and Settings\Larry\My Documents\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Larry\Desktop\*.tmp files -> C:\Documents and Settings\Larry\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010/12/03 17:47:38 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/12/03 17:46:53 | 000,000,033 | RHS- | M] () -- C:\WINDOWS\muotr.so
[2010/12/03 17:46:01 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/12/03 17:45:56 | 267,460,608 | -HS- | M] () -- C:\hiberfil.sys
[2010/12/03 16:21:39 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Larry\Desktop\OTL.com
[2010/12/03 16:21:15 | 000,054,156 | -H-- | M] () -- C:\WINDOWS\QTFont.qfn
[2010/12/03 16:21:15 | 000,001,409 | ---- | M] () -- C:\WINDOWS\QTFont.for
[2010/12/03 16:19:05 | 141,627,611 | ---- | M] () -- C:\Documents and Settings\Larry\Desktop\java_ee_sdk-6u1-jdk-windows.exe
[2010/12/03 16:13:30 | 008,567,280 | ---- | M] (Mozilla) -- C:\Documents and Settings\Larry\Desktop\Firefox Setup 3.6.12.exe
[2010/12/03 15:52:25 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/12/03 00:01:09 | 007,622,112 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Larry\Desktop\mbam-setup-1.50.0.0.exe
[2010/12/02 19:02:20 | 000,383,254 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/12/02 19:02:20 | 000,053,608 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[7 C:\Documents and Settings\Larry\My Documents\*.tmp files -> C:\Documents and Settings\Larry\My Documents\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Documents and Settings\Larry\Desktop\*.tmp files -> C:\Documents and Settings\Larry\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010/12/03 16:21:15 | 000,054,156 | -H-- | C] () -- C:\WINDOWS\QTFont.qfn
[2010/12/03 16:21:15 | 000,001,409 | ---- | C] () -- C:\WINDOWS\QTFont.for
[2010/12/03 16:17:42 | 141,627,611 | ---- | C] () -- C:\Documents and Settings\Larry\Desktop\java_ee_sdk-6u1-jdk-windows.exe
[2010/12/03 15:52:25 | 000,000,284 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2008/08/01 08:09:00 | 001,487,632 | -HS- | C] () -- C:\WINDOWS\System32\emltpisj.ini
[2008/08/01 08:08:43 | 000,083,456 | ---- | C] () -- C:\WINDOWS\System32\jsiptlme.dll
[2008/08/01 08:06:13 | 000,111,104 | ---- | C] () -- C:\WINDOWS\System32\aydekt.dll
[2008/08/01 08:06:07 | 000,111,104 | ---- | C] () -- C:\WINDOWS\System32\cabsvmwl.dll
[2008/08/01 08:02:56 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\kovhjwxm.dll
[2008/08/01 07:57:51 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\rvxwqody.dll
[2008/07/15 11:52:02 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\gpvmfg.dll
[2008/07/15 11:52:00 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\lmfgsvng.dll
[2008/07/15 11:49:18 | 001,843,043 | -HS- | C] () -- C:\WINDOWS\System32\ggsgdykn.ini
[2008/07/15 11:49:15 | 000,081,408 | ---- | C] () -- C:\WINDOWS\System32\nkydgsgg.dll
[2008/07/15 11:47:33 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\ilgyoubn.dll
[2008/07/15 08:44:40 | 001,843,087 | -HS- | C] () -- C:\WINDOWS\System32\eqbjgcdi.ini
[2008/07/15 08:36:23 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\pnzdtv.dll
[2008/07/15 08:35:04 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\ansryyoo.dll
[2008/07/15 08:23:00 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\pbjnqtxp.dll
[2008/07/13 17:33:31 | 001,842,631 | -HS- | C] () -- C:\WINDOWS\System32\yvoukkqm.ini
[2008/07/13 17:30:47 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\uajago.dll
[2008/07/13 17:30:45 | 000,101,376 | ---- | C] () -- C:\WINDOWS\System32\xseqfutd.dll
[2008/07/13 17:30:03 | 000,092,160 | ---- | C] () -- C:\WINDOWS\System32\wtyomvdv.dll
[2008/07/12 08:28:29 | 001,879,293 | -HS- | C] () -- C:\WINDOWS\System32\vccmrdrl.ini
[2008/07/12 08:25:31 | 000,101,888 | ---- | C] () -- C:\WINDOWS\System32\swscmr.dll
[2008/07/12 08:25:27 | 000,101,888 | ---- | C] () -- C:\WINDOWS\System32\qkcuhjww.dll
[2008/07/12 08:23:49 | 000,000,022 | ---- | C] () -- C:\WINDOWS\pskt.ini
[2008/07/12 08:23:35 | 000,091,648 | ---- | C] () -- C:\WINDOWS\System32\ubaocbbd.dll
[2008/07/11 23:15:03 | 000,000,587 | ---- | C] () -- C:\WINDOWS\cookies.ini
[2008/07/11 19:01:48 | 001,878,770 | -HS- | C] () -- C:\WINDOWS\System32\ygndlejj.ini
[2008/07/11 19:00:09 | 000,722,035 | -HS- | C] () -- C:\WINDOWS\System32\lmnqYcfe.ini2
[2008/07/11 19:00:09 | 000,722,035 | -HS- | C] () -- C:\WINDOWS\System32\lmnqYcfe.ini
[2008/07/11 18:59:58 | 000,281,600 | ---- | C] () -- C:\WINDOWS\System32\efcYqnml.dll
[2008/07/11 18:56:59 | 000,000,861 | ---- | C] () -- C:\WINDOWS\System32\winpfz33.sys
[2008/07/11 18:56:10 | 000,687,592 | ---- | C] () -- C:\WINDOWS\System32\atmtd.dll._
[2008/07/11 18:56:09 | 000,687,592 | ---- | C] () -- C:\WINDOWS\System32\atmtd.dll
[2008/07/11 18:55:10 | 000,086,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\rootmdmm.sys
[2008/07/11 18:54:45 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\wvUkHXoo.dll
[2008/07/11 18:54:45 | 000,031,232 | ---- | C] () -- C:\WINDOWS\System32\hgGxUOhe.dll
[2008/05/30 12:22:22 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2008/05/30 12:18:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2008/03/27 10:35:26 | 000,333,824 | ---- | C] () -- C:\WINDOWS\System32\mysidesearch_sidebar.dll
[2008/02/25 10:30:01 | 000,344,064 | R--- | C] () -- C:\WINDOWS\System32\lxdccoin.dll
[2008/02/21 19:16:02 | 000,053,693 | R--- | C] () -- C:\WINDOWS\UNDPX2A.sys
[2007/02/12 05:46:04 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\lxdcgrd.dll
[2006/07/09 23:33:11 | 000,104,960 | ---- | C] () -- C:\Documents and Settings\Larry\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006/06/08 19:22:20 | 000,000,128 | ---- | C] () -- C:\Documents and Settings\Larry\Local Settings\Application Data\fusioncache.dat
[2006/05/18 09:47:12 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxdcvs.dll
[2005/12/22 20:20:55 | 000,000,052 | ---- | C] () -- C:\WINDOWS\hpqwrap.INI
[2005/12/11 13:44:30 | 000,004,612 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2005/01/03 17:39:51 | 000,131,072 | R--- | C] () -- C:\WINDOWS\System32\SCCD3X01.DLL
[2004/08/26 19:23:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\netscape.INI
[2004/06/01 21:04:52 | 000,000,049 | ---- | C] () -- C:\WINDOWS\upth.ini
[2004/06/01 21:04:52 | 000,000,024 | ---- | C] () -- C:\WINDOWS\atid.ini
[2004/05/24 20:49:14 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\WNASPI32.DLL
[2004/05/24 20:49:14 | 000,000,291 | ---- | C] () -- C:\WINDOWS\msfsetup.ini
[2004/04/11 17:44:53 | 000,000,022 | ---- | C] () -- C:\WINDOWS\System32\msegcompid.dll
[2004/04/07 23:17:29 | 000,000,008 | ---- | C] () -- C:\WINDOWS\System32\mseggrpid.dll
[2004/01/22 11:00:28 | 000,012,635 | ---- | C] () -- C:\WINDOWS\System32\DAntivirus.ini
[2003/11/16 01:06:47 | 000,000,012 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2003/11/16 01:03:59 | 000,000,010 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2003/09/01 11:46:26 | 000,000,026 | ---- | C] () -- C:\WINDOWS\UP9ASP.INI
[2003/08/05 09:44:47 | 000,000,022 | ---- | C] () -- C:\WINDOWS\kodakpcd.Sarleno.ini
[2003/07/19 10:48:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2003/03/27 14:28:44 | 000,004,955 | ---- | C] () -- C:\WINDOWS\System32\DProg.ini
[2003/01/30 21:53:38 | 000,000,278 | ---- | C] () -- C:\WINDOWS\hpqcopy.INI
[2003/01/28 18:37:30 | 000,005,094 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2003/01/27 21:50:30 | 000,000,045 | ---- | C] () -- C:\WINDOWS\EPSC62.ini
[2003/01/27 21:30:37 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2003/01/27 14:31:59 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/08/23 14:00:00 | 000,022,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\SbcpHid.sys

========== Custom Scans ==========


< %systemroot%\Fonts\*.com >

< %systemroot%\Fonts\*.dll >

< %systemroot%\Fonts\*.ini >
[2003/01/27 19:41:46 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini

< %systemroot%\Fonts\*.ini2 >

< %systemroot%\Fonts\*.exe >

< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2007/01/18 13:18:54 | 000,103,936 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxdcdrpp.dll
[2003/06/18 16:31:48 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll

< %systemroot%\REPAIR\*.bak1 >

< %systemroot%\REPAIR\*.ini >

< %systemroot%\system32\*.jpg >

< %systemroot%\*.jpg >

< %systemroot%\*.png >

< %systemroot%\*.scr >
[2001/05/07 17:14:22 | 000,303,104 | ---- | M] () -- C:\WINDOWS\Film Factory.scr
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

< %systemroot%\*._sy >

< %APPDATA%\Adobe\Update\*.* >

< %ALLUSERSPROFILE%\Favorites\*.* >

< %APPDATA%\Microsoft\*.* >
[2007/10/29 19:09:38 | 000,001,554 | -H-- | M] () -- C:\Documents and Settings\Larry\Application Data\Microsoft\LastFlashConfig.WFC

< %PROGRAMFILES%\*.* >
[2004/01/25 15:03:49 | 003,468,688 | ---- | M] (Xceed Software Inc. 1-450-442-2626 [You must be registered and logged in to see this link.] [You must be registered and logged in to see this link.] -- C:\Program Files\R41231.EXE

< %APPDATA%\Update\*.* >

< %PROGRAMFILES%\bak. /s >

< %systemroot%\system32\bak. /s >

< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2004/09/23 19:40:52 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %systemroot%\*.config >

< %systemroot%\system32\*.db >

< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2006/10/25 14:23:49 | 000,000,177 | -HS- | M] () -- C:\Documents and Settings\Larry\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2003/01/27 19:55:05 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Larry\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf

< %USERPROFILE%\Desktop\*.exe >
[2008/07/10 23:43:54 | 020,388,328 | ---- | M] (DivX, Inc.) -- C:\Documents and Settings\Larry\Desktop\DivXInstaller.exe
[2010/12/03 16:13:30 | 008,567,280 | ---- | M] (Mozilla) -- C:\Documents and Settings\Larry\Desktop\Firefox Setup 3.6.12.exe
[2008/03/28 12:30:27 | 001,491,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Documents and Settings\Larry\Desktop\install_flash_player.exe
[2010/12/03 16:19:05 | 141,627,611 | ---- | M] () -- C:\Documents and Settings\Larry\Desktop\java_ee_sdk-6u1-jdk-windows.exe
[2010/12/03 00:01:09 | 007,622,112 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Larry\Desktop\mbam-setup-1.50.0.0.exe
[1 C:\Documents and Settings\Larry\Desktop\*.tmp files -> C:\Documents and Settings\Larry\Desktop\*.tmp -> ]

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\*.src >

< %systemroot%\install\*.* >

< %systemroot%\system32\DLL\*.* >

< %systemroot%\system32\HelpFiles\*.* >

< %systemroot%\system32\rundll\*.* >

< %systemroot%\winn32\*.* >

< %systemroot%\Java\*.* >

< %systemroot%\system32\test\*.* >

< %systemroot%\system32\Rundll32\*.* >

< %systemroot%\AppPatch\Custom\*.* >

< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >

< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >

< %PROGRAMFILES%\Internet Explorer\*.tmp >

< %PROGRAMFILES%\Internet Explorer\*.dat >

< %USERPROFILE%\My Documents\*.exe >
[2006/05/29 10:59:07 | 000,953,008 | ---- | M] () -- C:\Documents and Settings\Larry\My Documents\install_flash_player.exe
[7 C:\Documents and Settings\Larry\My Documents\*.tmp files -> C:\Documents and Settings\Larry\My Documents\*.tmp -> ]

< %USERPROFILE%\*.exe >

< %systemroot%\ADDINS\*.* >

< %systemroot%\assembly\*.bak2 >

< %systemroot%\Config\*.* >

< %systemroot%\REPAIR\*.bak2 >

< %systemroot%\SECURITY\Database\*.sdb /x >

< %systemroot%\SYSTEM\*.bak2 >

< %systemroot%\Web\*.bak2 >

< %systemroot%\Driver Cache\*.* >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2010/12/03 16:11:25 | 000,185,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2010/12/03 16:11:26 | 000,307,672 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2010/12/03 16:11:37 | 000,242,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\Microsoft Common\*.* >

< %ProgramFiles%\TinyProxy. >

< %USERPROFILE%\Favorites\*.url /x >
[2004/09/23 21:28:55 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Larry\Favorites\Desktop.ini
[2007/09/07 18:40:55 | 000,008,704 | -HS- | M] () -- C:\Documents and Settings\Larry\Favorites\Thumbs.db

< %systemroot%\system32\*.bk >

< %systemroot%\*.te >

< %systemroot%\system32\system32\*.* >

< %ALLUSERSPROFILE%\*.dat /x >
[2005/01/29 13:47:19 | 000,000,253 | -H-- | M] () -- C:\Documents and Settings\All Users\hpothb07.tif

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/07/15 08:35:11 | 000,101,376 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\ansryyoo.dll
[2008/07/15 11:52:00 | 000,101,376 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\gpvmfg.dll
[2008/07/11 18:54:45 | 000,031,232 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\hgGxUOhe.dll
[2008/07/15 11:47:34 | 000,092,672 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\ilgyoubn.dll
[2008/07/15 11:52:00 | 000,101,376 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\lmfgsvng.dll
[2008/07/15 08:23:01 | 000,092,672 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\pbjnqtxp.dll
[2008/07/15 08:35:11 | 000,101,376 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\pnzdtv.dll
[2008/07/12 08:25:27 | 000,101,888 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\qkcuhjww.dll
[2008/07/12 08:25:27 | 000,101,888 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\swscmr.dll
[9 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\*.exe /lockedfiles >
[9 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\Tasks\*.job /lockedfiles >

< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008/07/11 18:55:10 | 000,086,144 | ---- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\rootmdmm.sys

< %systemroot%\System32\config\*.sav >
[2003/01/27 14:30:10 | 000,090,112 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2003/01/27 14:30:10 | 000,606,208 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2003/01/27 14:30:09 | 000,393,216 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav

< %systemroot%\system32\*.sys >
[2002/06/25 16:36:17 | 000,009,029 | ---- | M] () -- C:\WINDOWS\system32\ansi.sys
[2001/09/13 16:12:44 | 000,004,557 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\atiicdxx.sys
[2002/06/25 16:37:06 | 000,027,097 | ---- | M] () -- C:\WINDOWS\system32\country.sys
[2004/06/09 07:29:56 | 000,006,977 | ---- | M] (Gteko Ltd.) -- C:\WINDOWS\system32\DDMI2.sys
[2004/06/09 13:31:10 | 000,006,144 | ---- | M] (Gteko Ltd.) -- C:\WINDOWS\system32\DLPT.sys
[2002/06/25 16:38:27 | 000,004,768 | ---- | M] () -- C:\WINDOWS\system32\himem.sys
[2002/06/25 16:39:20 | 000,042,809 | ---- | M] () -- C:\WINDOWS\system32\key01.sys
[2004/08/04 00:46:54 | 000,042,537 | ---- | M] () -- C:\WINDOWS\system32\keyboard.sys
[2002/06/25 16:43:29 | 000,027,866 | ---- | M] () -- C:\WINDOWS\system32\ntdos.sys
[2002/06/25 16:43:29 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos404.sys
[2002/06/25 16:43:30 | 000,029,370 | ---- | M] () -- C:\WINDOWS\system32\ntdos411.sys
[2002/06/25 16:43:30 | 000,029,274 | ---- | M] () -- C:\WINDOWS\system32\ntdos412.sys
[2002/06/25 16:43:30 | 000,029,146 | ---- | M] () -- C:\WINDOWS\system32\ntdos804.sys
[2004/08/04 00:45:08 | 000,033,840 | ---- | M] () -- C:\WINDOWS\system32\ntio.sys
[2004/08/04 00:45:14 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio404.sys
[2004/08/04 00:45:10 | 000,035,648 | ---- | M] () -- C:\WINDOWS\system32\ntio411.sys
[2004/08/04 00:45:15 | 000,035,424 | ---- | M] () -- C:\WINDOWS\system32\ntio412.sys
[2004/08/04 00:45:12 | 000,034,560 | ---- | M] () -- C:\WINDOWS\system32\ntio804.sys
[2004/08/04 01:07:32 | 000,017,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\watchdog.sys
[2008/03/19 04:47:00 | 001,845,248 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32k.sys
[2008/07/11 18:57:46 | 000,000,861 | ---- | M] () -- C:\WINDOWS\system32\winpfz33.sys
[9 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< %systemroot%\system32\drivers\*.dll >
[2004/08/04 02:56:41 | 000,004,255 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv01nt5.dll
[2004/08/04 02:56:41 | 000,003,967 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv02nt5.dll
[2004/08/04 02:56:41 | 000,003,615 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv05nt5.dll
[2004/08/04 02:56:41 | 000,003,647 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv07nt5.dll
[2004/08/04 02:56:41 | 000,003,135 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv08nt5.dll
[2004/08/04 02:56:41 | 000,003,711 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv09nt5.dll
[2004/08/04 02:56:41 | 000,003,775 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\adv11nt5.dll
[2004/08/04 02:56:41 | 000,021,183 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv01nt5.dll
[2004/08/04 02:56:41 | 000,011,359 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv02nt5.dll
[2004/08/04 02:56:41 | 000,025,471 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv04nt5.dll
[2004/08/04 02:56:41 | 000,014,143 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv06nt5.dll
[2004/08/04 02:56:41 | 000,017,279 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\atv10nt5.dll
[2004/08/04 02:56:41 | 000,015,423 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
[2004/08/04 02:56:45 | 000,003,901 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\siint5.dll
[2004/08/04 02:56:46 | 000,011,325 | ---- | M] (Intel(R) Corporation) -- C:\WINDOWS\system32\drivers\vchnt5.dll

< %systemroot%\system32\drivers\*.ini >

< %systemroot%\system32\drivers\*.exe >



Last edited by larrybro on Sat 04 Dec 2010, 9:53 am; edited 1 time in total

larrybro

Newbie Surfer
Newbie Surfer

Posts : 33
Joined : 2010-01-14
Operating System : windows xp

View user profile

Back to top Go down


Re: HIJACK THIS: userinit.exe problems

Post by larrybro on Sun 12 Dec 2010, 2:15 pm

Module information for 'svchost.exe'(908)
MODULE BASE SIZE PATH
svchost.exe 1000000 24576 C:\WINDOWS\system32\svchost.exe 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Generic Host Process for Win32 Services
ntdll.dll 7c900000 729088 C:\WINDOWS\system32\ntdll.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) NT Layer DLL
kernel32.dll 7c800000 1003520 C:\WINDOWS\system32\kernel32.dll 5.1.2600.3541 (xpsp_sp2_gdr.090321-1320) Windows NT BASE API Client DLL
ADVAPI32.dll 77dd0000 634880 C:\WINDOWS\system32\ADVAPI32.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) Advanced Windows 32 Base API
RPCRT4.dll 77e70000 593920 C:\WINDOWS\system32\RPCRT4.dll 5.1.2600.3555 (xpsp_sp2_qfe.090415-1244) Remote Procedure Call Runtime
ShimEng.dll 5cb70000 155648 C:\WINDOWS\system32\ShimEng.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Shim Engine DLL
AcGenral.DLL 6f880000 1875968 C:\WINDOWS\AppPatch\AcGenral.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Compatibility DLL
USER32.dll 7e410000 589824 C:\WINDOWS\system32\USER32.dll 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222) Windows XP USER API Client DLL
GDI32.dll 77f10000 294912 C:\WINDOWS\system32\GDI32.dll 5.1.2600.3466 (xpsp_sp2_gdr.081022-1254) GDI Client DLL
WINMM.dll 76b40000 184320 C:\WINDOWS\system32\WINMM.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) MCI API DLL
ole32.dll 774e0000 1298432 C:\WINDOWS\system32\ole32.dll 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) Microsoft OLE for Windows
msvcrt.dll 77c10000 360448 C:\WINDOWS\system32\msvcrt.dll 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT CRT DLL
OLEAUT32.dll 77120000 569344 C:\WINDOWS\system32\OLEAUT32.dll 5.1.2600.3266 5.1.2600.3266
MSACM32.dll 77be0000 86016 C:\WINDOWS\system32\MSACM32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft ACM Audio Filter
VERSION.dll 77c00000 32768 C:\WINDOWS\system32\VERSION.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Version Checking and File Installation Libraries
SHELL32.dll 7c9c0000 8482816 C:\WINDOWS\system32\SHELL32.dll 6.00.2900.3402 (xpsp_sp2_qfe.080702-1240) Windows Shell Common Dll
SHLWAPI.dll 77f60000 483328 C:\WINDOWS\system32\SHLWAPI.dll 6.00.2900.3653 (xpsp_sp2_qfe.091207-1502) Shell Light-weight Utility Library
USERENV.dll 769c0000 733184 C:\WINDOWS\system32\USERENV.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Userenv
UxTheme.dll 5ad70000 229376 C:\WINDOWS\system32\UxTheme.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Microsoft UxTheme Library
IMM32.DLL 76390000 118784 C:\WINDOWS\system32\IMM32.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows XP IMM32 API Client DLL
serwvdrv.dll 5cd70000 28672 C:\WINDOWS\system32\serwvdrv.dll 5.1.2600.0 (xpclient.010817-1148) Unimodem Serial Wave driver
umdmxfrm.dll 5b0a0000 28672 C:\WINDOWS\system32\umdmxfrm.dll 5.1.2600.0 (xpclient.010817-1148) Unimodem Tranform Module
comctl32.dll 773d0000 1060864 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 6.0 (xpsp.060825-0040) User Experience Controls Library
comctl32.dll 5d090000 630784 C:\WINDOWS\system32\comctl32.dll 5.82 (xpsp.060825-0040) Common Controls Library
NTMARTA.DLL 77690000 135168 C:\WINDOWS\system32\NTMARTA.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT MARTA provider
WLDAP32.dll 76f60000 180224 C:\WINDOWS\system32\WLDAP32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Win32 LDAP API DLL
SAMLIB.dll 71bf0000 77824 C:\WINDOWS\system32\SAMLIB.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) SAM Library DLL
rpcss.dll 76a80000 409600 c:\windows\system32\rpcss.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) Distributed COM Services
Secur32.dll 77fe0000 69632 c:\windows\system32\Secur32.dll 5.1.2600.3592 (xpsp_sp2_gdr.090622-1453) Security Support Provider Interface
WS2_32.dll 71ab0000 94208 c:\windows\system32\WS2_32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 32-Bit DLL
WS2HELP.dll 71aa0000 32768 c:\windows\system32\WS2HELP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 Helper for Windows NT
xpsp2res.dll 20000000 2904064 C:\WINDOWS\system32\xpsp2res.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Service Pack 2 Messages
CLBCATQ.DLL 76fd0000 520192 C:\WINDOWS\system32\CLBCATQ.DLL 2001.12.4414.308 2001.12.4414.308
COMRes.dll 77050000 806912 C:\WINDOWS\system32\COMRes.dll 2001.12.4414.258 2001.12.4414.258
termsrv.dll 760f0000 339968 c:\windows\system32\termsrv.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Terminal Server Service
ICAAPI.dll 74f70000 24576 c:\windows\system32\ICAAPI.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DLL Interface to TermDD Device Driver
SETUPAPI.dll 77920000 995328 c:\windows\system32\SETUPAPI.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Setup API
WINTRUST.dll 76c30000 188416 C:\WINDOWS\system32\WINTRUST.dll 5.131.2600.3661 (xpsp_sp2_gdr.091223-1722) Microsoft Trust Verification APIs
CRYPT32.dll 77a80000 606208 C:\WINDOWS\system32\CRYPT32.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Crypto API32
MSASN1.dll 77b20000 73728 C:\WINDOWS\system32\MSASN1.dll 5.1.2600.3624 (xpsp_sp2_gdr.090904-1413) ASN.1 Runtime APIs
IMAGEHLP.dll 76c90000 163840 C:\WINDOWS\system32\IMAGEHLP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT Image Helper
AUTHZ.dll 776c0000 69632 c:\windows\system32\AUTHZ.dll 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519) Authorization Framework
mstlsapi.dll 75110000 126976 c:\windows\system32\mstlsapi.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft® Terminal Server Licensing
ACTIVEDS.dll 77cc0000 204800 c:\windows\system32\ACTIVEDS.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ADs Router Layer DLL
adsldpc.dll 76e10000 151552 c:\windows\system32\adsldpc.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ADs LDAP Provider C DLL
NETAPI32.dll 5b860000 344064 C:\WINDOWS\system32\NETAPI32.dll 5.1.2600.3462 (xpsp_sp2_gdr.081015-1244) Net Win32 API DLL
ATL.DLL 76b20000 69632 c:\windows\system32\ATL.DLL 3.05.2284 ATL Module for Windows XP (Unicode)
REGAPI.dll 76bc0000 61440 C:\WINDOWS\system32\REGAPI.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Registry Configuration APIs
rsaenh.dll ffd0000 163840 C:\WINDOWS\system32\rsaenh.dll 5.1.2600.2161 (xpsp.040706-1629) Microsoft Enhanced Cryptographic Provider
Apphelp.dll 77b40000 139264 C:\WINDOWS\system32\Apphelp.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Application Compatibility Client Library
WTSAPI32.dll 76f50000 32768 C:\WINDOWS\system32\WTSAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Terminal Server SDK APIs
WINSTA.dll 76360000 65536 C:\WINDOWS\system32\WINSTA.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Winstation Library
msv1_0.dll 77c70000 147456 C:\WINDOWS\system32\msv1_0.dll 5.1.2600.3625 (xpsp_sp2_gdr.090909-1233) Microsoft Authentication Package v1.0
cryptdll.dll 76790000 49152 C:\WINDOWS\system32\cryptdll.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Cryptography Manager
iphlpapi.dll 76d60000 102400 C:\WINDOWS\system32\iphlpapi.dll 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003) IP Helper API
Module information for 'svchost.exe'(956)
MODULE BASE SIZE PATH
svchost.exe 1000000 24576 C:\WINDOWS\system32\svchost.exe 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Generic Host Process for Win32 Services
ntdll.dll 7c900000 729088 C:\WINDOWS\system32\ntdll.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) NT Layer DLL
kernel32.dll 7c800000 1003520 C:\WINDOWS\system32\kernel32.dll 5.1.2600.3541 (xpsp_sp2_gdr.090321-1320) Windows NT BASE API Client DLL
ADVAPI32.dll 77dd0000 634880 C:\WINDOWS\system32\ADVAPI32.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) Advanced Windows 32 Base API
RPCRT4.dll 77e70000 593920 C:\WINDOWS\system32\RPCRT4.dll 5.1.2600.3555 (xpsp_sp2_qfe.090415-1244) Remote Procedure Call Runtime
ShimEng.dll 5cb70000 155648 C:\WINDOWS\system32\ShimEng.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Shim Engine DLL
AcGenral.DLL 6f880000 1875968 C:\WINDOWS\AppPatch\AcGenral.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Compatibility DLL
USER32.dll 7e410000 589824 C:\WINDOWS\system32\USER32.dll 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222) Windows XP USER API Client DLL
GDI32.dll 77f10000 294912 C:\WINDOWS\system32\GDI32.dll 5.1.2600.3466 (xpsp_sp2_gdr.081022-1254) GDI Client DLL
WINMM.dll 76b40000 184320 C:\WINDOWS\system32\WINMM.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) MCI API DLL
ole32.dll 774e0000 1298432 C:\WINDOWS\system32\ole32.dll 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) Microsoft OLE for Windows
msvcrt.dll 77c10000 360448 C:\WINDOWS\system32\msvcrt.dll 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT CRT DLL
OLEAUT32.dll 77120000 569344 C:\WINDOWS\system32\OLEAUT32.dll 5.1.2600.3266 5.1.2600.3266
MSACM32.dll 77be0000 86016 C:\WINDOWS\system32\MSACM32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft ACM Audio Filter
VERSION.dll 77c00000 32768 C:\WINDOWS\system32\VERSION.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Version Checking and File Installation Libraries
SHELL32.dll 7c9c0000 8482816 C:\WINDOWS\system32\SHELL32.dll 6.00.2900.3402 (xpsp_sp2_qfe.080702-1240) Windows Shell Common Dll
SHLWAPI.dll 77f60000 483328 C:\WINDOWS\system32\SHLWAPI.dll 6.00.2900.3653 (xpsp_sp2_qfe.091207-1502) Shell Light-weight Utility Library
USERENV.dll 769c0000 733184 C:\WINDOWS\system32\USERENV.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Userenv
UxTheme.dll 5ad70000 229376 C:\WINDOWS\system32\UxTheme.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Microsoft UxTheme Library
IMM32.DLL 76390000 118784 C:\WINDOWS\system32\IMM32.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows XP IMM32 API Client DLL
serwvdrv.dll 5cd70000 28672 C:\WINDOWS\system32\serwvdrv.dll 5.1.2600.0 (xpclient.010817-1148) Unimodem Serial Wave driver
umdmxfrm.dll 5b0a0000 28672 C:\WINDOWS\system32\umdmxfrm.dll 5.1.2600.0 (xpclient.010817-1148) Unimodem Tranform Module
comctl32.dll 773d0000 1060864 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 6.0 (xpsp.060825-0040) User Experience Controls Library
comctl32.dll 5d090000 630784 C:\WINDOWS\system32\comctl32.dll 5.82 (xpsp.060825-0040) Common Controls Library
rpcss.dll 76a80000 409600 c:\windows\system32\rpcss.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) Distributed COM Services
Secur32.dll 77fe0000 69632 c:\windows\system32\Secur32.dll 5.1.2600.3592 (xpsp_sp2_gdr.090622-1453) Security Support Provider Interface
WS2_32.dll 71ab0000 94208 c:\windows\system32\WS2_32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 32-Bit DLL
WS2HELP.dll 71aa0000 32768 c:\windows\system32\WS2HELP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 Helper for Windows NT
xpsp2res.dll 20000000 2904064 C:\WINDOWS\system32\xpsp2res.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Service Pack 2 Messages
rsaenh.dll ffd0000 163840 C:\WINDOWS\system32\rsaenh.dll 5.1.2600.2161 (xpsp.040706-1629) Microsoft Enhanced Cryptographic Provider
mswsock.dll 71a50000 258048 C:\WINDOWS\system32\mswsock.dll 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) Microsoft Windows Sockets 2.0 Service Provider
hnetcfg.dll 662b0000 360448 C:\WINDOWS\system32\hnetcfg.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Home Networking Configuration Manager
wshtcpip.dll 71a90000 32768 C:\WINDOWS\System32\wshtcpip.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Sockets Helper DLL
DNSAPI.dll 76f20000 159744 C:\WINDOWS\system32\DNSAPI.dll 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) DNS Client API DLL
iphlpapi.dll 76d60000 102400 C:\WINDOWS\system32\iphlpapi.dll 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003) IP Helper API
winrnr.dll 76fb0000 32768 C:\WINDOWS\System32\winrnr.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) LDAP RnR Provider DLL
WLDAP32.dll 76f60000 180224 C:\WINDOWS\system32\WLDAP32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Win32 LDAP API DLL
mdnsNSP.dll 16080000 151552 C:\Program Files\Bonjour\mdnsNSP.dll 1,0,4,12 Bonjour Namespace Provider
rasadhlp.dll 76fc0000 24576 C:\WINDOWS\system32\rasadhlp.dll 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020) Remote Access AutoDial Helper
CLBCATQ.DLL 76fd0000 520192 C:\WINDOWS\system32\CLBCATQ.DLL 2001.12.4414.308 2001.12.4414.308
COMRes.dll 77050000 806912 C:\WINDOWS\system32\COMRes.dll 2001.12.4414.258 2001.12.4414.258
Module information for 'svchost.exe'(1040)
MODULE BASE SIZE PATH
svchost.exe 1000000 24576 C:\WINDOWS\System32\svchost.exe 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Generic Host Process for Win32 Services
ntdll.dll 7c900000 729088 C:\WINDOWS\system32\ntdll.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) NT Layer DLL
kernel32.dll 7c800000 1003520 C:\WINDOWS\system32\kernel32.dll 5.1.2600.3541 (xpsp_sp2_gdr.090321-1320) Windows NT BASE API Client DLL
ADVAPI32.dll 77dd0000 634880 C:\WINDOWS\system32\ADVAPI32.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) Advanced Windows 32 Base API
RPCRT4.dll 77e70000 593920 C:\WINDOWS\system32\RPCRT4.dll 5.1.2600.3555 (xpsp_sp2_qfe.090415-1244) Remote Procedure Call Runtime
ShimEng.dll 5cb70000 155648 C:\WINDOWS\System32\ShimEng.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Shim Engine DLL
AcGenral.DLL 6f880000 1875968 C:\WINDOWS\AppPatch\AcGenral.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Compatibility DLL
USER32.dll 7e410000 589824 C:\WINDOWS\system32\USER32.dll 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222) Windows XP USER API Client DLL
GDI32.dll 77f10000 294912 C:\WINDOWS\system32\GDI32.dll 5.1.2600.3466 (xpsp_sp2_gdr.081022-1254) GDI Client DLL
WINMM.dll 76b40000 184320 C:\WINDOWS\System32\WINMM.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) MCI API DLL
ole32.dll 774e0000 1298432 C:\WINDOWS\system32\ole32.dll 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) Microsoft OLE for Windows
msvcrt.dll 77c10000 360448 C:\WINDOWS\system32\msvcrt.dll 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT CRT DLL
OLEAUT32.dll 77120000 569344 C:\WINDOWS\system32\OLEAUT32.dll 5.1.2600.3266 5.1.2600.3266
MSACM32.dll 77be0000 86016 C:\WINDOWS\System32\MSACM32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft ACM Audio Filter
VERSION.dll 77c00000 32768 C:\WINDOWS\system32\VERSION.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Version Checking and File Installation Libraries
SHELL32.dll 7c9c0000 8482816 C:\WINDOWS\system32\SHELL32.dll 6.00.2900.3402 (xpsp_sp2_qfe.080702-1240) Windows Shell Common Dll
SHLWAPI.dll 77f60000 483328 C:\WINDOWS\system32\SHLWAPI.dll 6.00.2900.3653 (xpsp_sp2_qfe.091207-1502) Shell Light-weight Utility Library
USERENV.dll 769c0000 733184 C:\WINDOWS\system32\USERENV.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Userenv
UxTheme.dll 5ad70000 229376 C:\WINDOWS\System32\UxTheme.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Microsoft UxTheme Library
IMM32.DLL 76390000 118784 C:\WINDOWS\system32\IMM32.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows XP IMM32 API Client DLL
serwvdrv.dll 5cd70000 28672 C:\WINDOWS\System32\serwvdrv.dll 5.1.2600.0 (xpclient.010817-1148) Unimodem Serial Wave driver
umdmxfrm.dll 5b0a0000 28672 C:\WINDOWS\System32\umdmxfrm.dll 5.1.2600.0 (xpclient.010817-1148) Unimodem Tranform Module
comctl32.dll 773d0000 1060864 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 6.0 (xpsp.060825-0040) User Experience Controls Library
comctl32.dll 5d090000 630784 C:\WINDOWS\system32\comctl32.dll 5.82 (xpsp.060825-0040) Common Controls Library
NTMARTA.DLL 77690000 135168 C:\WINDOWS\System32\NTMARTA.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT MARTA provider
WLDAP32.dll 76f60000 180224 C:\WINDOWS\system32\WLDAP32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Win32 LDAP API DLL
SAMLIB.dll 71bf0000 77824 C:\WINDOWS\System32\SAMLIB.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) SAM Library DLL
xpsp2res.dll 20000000 2904064 C:\WINDOWS\System32\xpsp2res.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Service Pack 2 Messages
shsvcs.dll 776e0000 143360 c:\windows\system32\shsvcs.dll 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316) Windows Shell Services Dll
WINSTA.dll 76360000 65536 C:\WINDOWS\System32\WINSTA.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Winstation Library
NETAPI32.dll 5b860000 344064 C:\WINDOWS\system32\NETAPI32.dll 5.1.2600.3462 (xpsp_sp2_gdr.081015-1244) Net Win32 API DLL
dhcpcsvc.dll 76d80000 122880 c:\windows\system32\dhcpcsvc.dll 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003) DHCP Client Service
DNSAPI.dll 76f20000 159744 c:\windows\system32\DNSAPI.dll 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) DNS Client API DLL
WS2_32.dll 71ab0000 94208 c:\windows\system32\WS2_32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 32-Bit DLL
WS2HELP.dll 71aa0000 32768 c:\windows\system32\WS2HELP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 Helper for Windows NT
iphlpapi.dll 76d60000 102400 c:\windows\system32\iphlpapi.dll 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003) IP Helper API
Secur32.dll 77fe0000 69632 c:\windows\system32\Secur32.dll 5.1.2600.3592 (xpsp_sp2_gdr.090622-1453) Security Support Provider Interface
rsaenh.dll ffd0000 163840 C:\WINDOWS\System32\rsaenh.dll 5.1.2600.2161 (xpsp.040706-1629) Microsoft Enhanced Cryptographic Provider
wzcsvc.dll 77620000 450560 c:\windows\system32\wzcsvc.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Wireless Zero Configuration Service
rtutils.dll 76e80000 57344 c:\windows\system32\rtutils.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Routing Utilities
WMI.dll 76d30000 16384 c:\windows\system32\WMI.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) WMI DC and DP functionality
CRYPT32.dll 77a80000 606208 C:\WINDOWS\system32\CRYPT32.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Crypto API32
MSASN1.dll 77b20000 73728 C:\WINDOWS\system32\MSASN1.dll 5.1.2600.3624 (xpsp_sp2_gdr.090904-1413) ASN.1 Runtime APIs
WTSAPI32.dll 76f50000 32768 c:\windows\system32\WTSAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Terminal Server SDK APIs
ESENT.dll 606b0000 1101824 c:\windows\system32\ESENT.dll 5.1.2600.2780 (xpsp_sp2_gdr.051019-1518) Server Database Storage Engine
ATL.DLL 76b20000 69632 c:\windows\system32\ATL.DLL 3.05.2284 ATL Module for Windows XP (Unicode)
rastls.dll 76b70000 126976 C:\WINDOWS\System32\rastls.dll 5.1.2600.3632 (xpsp_sp2_gdr.091012-1238) Remote Access PPP EAP-TLS
CRYPTUI.dll 754d0000 524288 C:\WINDOWS\system32\CRYPTUI.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Trust UI Provider
WINTRUST.dll 76c30000 188416 C:\WINDOWS\system32\WINTRUST.dll 5.131.2600.3661 (xpsp_sp2_gdr.091223-1722) Microsoft Trust Verification APIs
IMAGEHLP.dll 76c90000 163840 C:\WINDOWS\system32\IMAGEHLP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT Image Helper
WININET.dll 3d930000 856064 C:\WINDOWS\system32\WININET.dll 7.00.6000.17055 (vista_gdr.100414-0533) Internet Extensions for Win32
Normaliz.dll b50000 36864 C:\WINDOWS\system32\Normaliz.dll 6.0.5441.0 (winmain(wmbla).060628-1735) Unicode Normalization DLL
iertutil.dll 3dfd0000 282624 C:\WINDOWS\system32\iertutil.dll 7.00.6000.17055 (vista_gdr.100414-0533) Run time utility for Internet Explorer
MPRAPI.dll 76d40000 98304 C:\WINDOWS\System32\MPRAPI.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT MP Router Administration DLL
ACTIVEDS.dll 77cc0000 204800 C:\WINDOWS\System32\ACTIVEDS.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ADs Router Layer DLL
adsldpc.dll 76e10000 151552 C:\WINDOWS\System32\adsldpc.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ADs LDAP Provider C DLL
SETUPAPI.dll 77920000 995328 C:\WINDOWS\System32\SETUPAPI.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Setup API
RASAPI32.dll 76ee0000 245760 C:\WINDOWS\System32\RASAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Remote Access API
rasman.dll 76e90000 73728 C:\WINDOWS\System32\rasman.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Remote Access Connection Manager
TAPI32.dll 76eb0000 192512 C:\WINDOWS\System32\TAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft® Windows(TM) Telephony API Client DLL
SCHANNEL.dll 767f0000 184320 C:\WINDOWS\System32\SCHANNEL.dll 5.1.2600.3592 (xpsp_sp2_gdr.090622-1453) TLS / SSL Security Provider
WinSCard.dll 723d0000 114688 C:\WINDOWS\System32\WinSCard.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Smart Card API
raschap.dll 76bd0000 81920 C:\WINDOWS\System32\raschap.dll 5.1.2600.3632 (xpsp_sp2_gdr.091012-1238) Remote Access PPP CHAP
msv1_0.dll 77c70000 147456 C:\WINDOWS\system32\msv1_0.dll 5.1.2600.3625 (xpsp_sp2_gdr.090909-1233) Microsoft Authentication Package v1.0
cryptdll.dll 76790000 49152 C:\WINDOWS\System32\cryptdll.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Cryptography Manager
CLBCATQ.DLL 76fd0000 520192 C:\WINDOWS\System32\CLBCATQ.DLL 2001.12.4414.308 2001.12.4414.308
COMRes.dll 77050000 806912 C:\WINDOWS\System32\COMRes.dll 2001.12.4414.258 2001.12.4414.258
schedsvc.dll 77300000 204800 c:\windows\system32\schedsvc.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Task Scheduler Engine
NTDSAPI.dll 767a0000 77824 c:\windows\system32\NTDSAPI.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) NT5DS
MSIDLE.DLL 74f50000 20480 C:\WINDOWS\System32\MSIDLE.DLL 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) User Idle Monitor
audiosrv.dll 708b0000 53248 c:\windows\system32\audiosrv.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Audio Service
wkssvc.dll 76e40000 143360 c:\windows\system32\wkssvc.dll 5.1.2600.3584 (xpsp_sp2_gdr.090609-1426) Workstation Service DLL
cryptsvc.dll 76ce0000 73728 c:\windows\system32\cryptsvc.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Cryptographic Services
certcli.dll 77b90000 204800 c:\windows\system32\certcli.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft® Certificate Services Client
ersvc.dll 74f80000 36864 c:\windows\system32\ersvc.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Error Reporting Service
es.dll 77710000 278528 c:\windows\system32\es.dll 2001.12.4414.320 2001.12.4414.320
pchsvc.dll 74f40000 49152 c:\windows\pchealth\helpctr\binaries\pchsvc.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft PCHealth Service Holder
srvsvc.dll 75090000 106496 c:\windows\system32\srvsvc.dll 5.1.2600.2577 (xpsp_sp2_gdr.041130-1729) Server Service DLL
HNETCFG.DLL 662b0000 360448 C:\WINDOWS\System32\HNETCFG.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Home Networking Configuration Manager
netman.dll 77d00000 208896 c:\windows\system32\netman.dll 5.1.2600.2743 (xpsp_sp2_gdr.050819-1525) Network Connections Manager
netshell.dll 76400000 1728512 c:\windows\system32\netshell.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Network Connections Shell
credui.dll 76c00000 188416 c:\windows\system32\credui.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Credential Manager User Interface
WZCSAPI.DLL 73030000 65536 c:\windows\system32\WZCSAPI.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Wireless Zero Configuration service API
seclogon.dll 73d20000 32768 c:\windows\system32\seclogon.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Secondary Logon Service DLL
sens.dll 722d0000 53248 c:\windows\system32\sens.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) System Event Notification Service (SENS)
winspool.drv 73000000 155648 C:\WINDOWS\System32\winspool.drv 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Spooler Driver
trkwks.dll 75070000 102400 c:\windows\system32\trkwks.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Distributed Link Tracking Client
srsvc.dll 751a0000 188416 c:\windows\system32\srsvc.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) System Restore Service
POWRPROF.dll 74ad0000 32768 c:\windows\system32\POWRPROF.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Power Profile Helper DLL
w32time.dll 767c0000 180224 c:\windows\system32\w32time.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Time Service
MSVCP60.dll 76080000 413696 c:\windows\system32\MSVCP60.dll 6.02.3104.0 Microsoft (R) C++ Runtime Library
mswsock.dll 71a50000 258048 C:\WINDOWS\system32\mswsock.dll 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) Microsoft Windows Sockets 2.0 Service Provider
wshtcpip.dll 71a90000 32768 C:\WINDOWS\System32\wshtcpip.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Sockets Helper DLL
wmisvc.dll 59490000 163840 c:\windows\system32\wbem\wmisvc.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) WMI
VSSAPI.DLL 753e0000 446464 C:\WINDOWS\system32\VSSAPI.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft® Volume Shadow Copy Requestor/Writer Services API DLL
wuauserv.dll 50000000 20480 c:\windows\system32\wuauserv.dll 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158) Windows Update AutoUpdate Service
wuaueng.dll 50040000 1937408 C:\WINDOWS\system32\wuaueng.dll 7.4.7600.226 (winmain_wtr_wsus3sp2(wmbla).090806-1834) Windows Update Agent
WINHTTP.dll 4d4f0000 364544 C:\WINDOWS\System32\WINHTTP.dll 5.1.2600.3619 (xpsp_sp2_gdr.090824-1329) Windows HTTP Services
Cabinet.dll 75150000 81920 C:\WINDOWS\System32\Cabinet.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft® Cabinet File API
mspatcha.dll 600a0000 45056 C:\WINDOWS\System32\mspatcha.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft(R) Patch Engine
wscsvc.dll 4c0a0000 94208 c:\windows\system32\wscsvc.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Security Center Service
msi.dll 7d1e0000 2875392 c:\windows\system32\msi.dll 3.1.4000.4039 Windows Installer
ipnathlp.dll 66460000 348160 c:\windows\system32\ipnathlp.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft NAT Helper Components
AUTHZ.dll 776c0000 69632 c:\windows\system32\AUTHZ.dll 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519) Authorization Framework
wbemcomn.dll 75290000 225280 C:\WINDOWS\System32\wbem\wbemcomn.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) WMI
wbemcore.dll 762c0000 544768 C:\WINDOWS\system32\wbem\wbemcore.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) WMI
esscli.dll 75310000 258048 C:\WINDOWS\system32\wbem\esscli.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) WMI
FastProx.dll 75690000 483328 C:\WINDOWS\system32\wbem\FastProx.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) WMI
wbemsvc.dll 74ed0000 57344 C:\WINDOWS\System32\wbem\wbemsvc.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) WMI
SXS.DLL 75e90000 720896 C:\WINDOWS\System32\SXS.DLL 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414) Fusion 2.5
wmiutils.dll 75020000 110592 C:\WINDOWS\System32\wbem\wmiutils.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) WMI
comsvcs.dll 76620000 1294336 C:\WINDOWS\system32\comsvcs.dll 2001.12.4414.308 2001.12.4414.308
colbact.DLL 75130000 81920 C:\WINDOWS\system32\colbact.DLL 2001.12.4414.308 2001.12.4414.308
MTXCLU.DLL 750f0000 77824 C:\WINDOWS\system32\MTXCLU.DLL 2001.12.4414.320 MS DTC amd MTS clustering support DLL
WSOCK32.dll 71ad0000 36864 C:\WINDOWS\system32\WSOCK32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 32-Bit DLL
CLUSAPI.DLL 76d10000 69632 C:\WINDOWS\System32\CLUSAPI.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Cluster API Library
RESUTILS.DLL 750b0000 73728 C:\WINDOWS\System32\RESUTILS.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Cluster Resource Utility DLL
repdrvfs.dll 75200000 188416 C:\WINDOWS\system32\wbem\repdrvfs.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) WMI
wmiprvsd.dll 418a0000 466944 C:\WINDOWS\System32\wbem\wmiprvsd.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) WMI
NCObjAPI.DLL 5f770000 49152 C:\WINDOWS\system32\NCObjAPI.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
wbemess.dll 75390000 286720 C:\WINDOWS\System32\wbem\wbemess.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) WMI
ncprov.dll 5f740000 57344 C:\WINDOWS\System32\wbem\ncprov.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Non-COM WMI Event Provision APIs
sfc.dll 76bb0000 20480 C:\WINDOWS\System32\sfc.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows File Protection
sfc_os.dll 76c60000 172032 C:\WINDOWS\System32\sfc_os.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows File Protection
browser.dll 76da0000 86016 c:\windows\system32\browser.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Computer Browser Service DLL
Apphelp.dll 77b40000 139264 C:\WINDOWS\system32\Apphelp.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Application Compatibility Client Library
wups2.dll 50f00000 53248 C:\WINDOWS\system32\wups2.dll 7.4.7600.226 (winmain_wtr_wsus3sp2(wmbla).090806-1834) Windows Update client proxy stub 2
rasadhlp.dll 76fc0000 24576 C:\WINDOWS\System32\rasadhlp.dll 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020) Remote Access AutoDial Helper
netcfgx.dll 755f0000 630784 C:\WINDOWS\System32\netcfgx.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Network Configuration Objects
rasmans.dll 7df30000 200704 C:\WINDOWS\System32\rasmans.dll 5.1.2600.2908 (xpsp_sp2_gdr.060513-0343) Remote Access Connection Manager
WINIPSEC.DLL 74370000 45056 C:\WINDOWS\System32\WINIPSEC.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows IPSec SPD Client DLL
tapisrv.dll 733e0000 262144 c:\windows\system32\tapisrv.dll 5.1.2600.2716 (xpsp_sp2_gdr.050707-1657) Microsoft® Windows(TM) Telephony Server
PSAPI.DLL 76bf0000 45056 c:\windows\system32\PSAPI.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Process Status Helper
rastapi.dll 75880000 69632 C:\WINDOWS\System32\rastapi.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Remote Access TAPI Compliance Layer
unimdm.tsp 57cc0000 221184 C:\WINDOWS\System32\unimdm.tsp 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Unimodem 5 Service Provider
uniplat.dll 72000000 28672 C:\WINDOWS\System32\uniplat.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Unimodem AT Mini Driver Platform Driver for Windows NT
unimdmat.dll 5b070000 81920 C:\WINDOWS\System32\unimdmat.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Unimodem Service Provider AT Mini Driver
modemui.dll 61650000 163840 C:\WINDOWS\system32\modemui.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Modem Properties
kmddsp.tsp 57d40000 45056 C:\WINDOWS\System32\kmddsp.tsp 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) TAPI Kernel-Mode Service Provider
ndptsp.tsp 57d20000 65536 C:\WINDOWS\System32\ndptsp.tsp 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) NDIS Proxy TAPI Service Provider
ipconf.tsp 57d50000 32768 C:\WINDOWS\System32\ipconf.tsp 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Multicast Conference TAPI Service Provider
h323.tsp 57d70000 286720 C:\WINDOWS\System32\h323.tsp 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft H.323 Telephony Service Provider
hidphone.tsp 57d60000 40960 C:\WINDOWS\System32\hidphone.tsp 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft HID Phone TSP
HID.DLL 688f0000 36864 C:\WINDOWS\System32\HID.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Hid User Library
rasppp.dll 72240000 217088 C:\WINDOWS\System32\rasppp.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Remote Access PPP
ntlsapi.dll 724b0000 24576 C:\WINDOWS\System32\ntlsapi.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft® License Server Interface DLL
kerberos.dll 71cf0000 307200 C:\WINDOWS\system32\kerberos.dll 5.1.2600.3592 (xpsp_sp2_gdr.090622-1453) Kerberos Security Package
advpack.dll 42ec0000 188416 C:\WINDOWS\system32\advpack.dll 7.00.6000.17055 (vista_gdr.100414-0533) ADVPACK
upnp.dll 76de0000 143360 C:\WINDOWS\System32\upnp.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Universal Plug and Play API
SSDPAPI.dll 74f00000 49152 C:\WINDOWS\System32\SSDPAPI.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) SSDP Client API DLL
RASDLG.dll 768d0000 671744 C:\WINDOWS\System32\RASDLG.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Remote Access Common Dialog API
msxml3.dll 74980000 1191936 C:\WINDOWS\System32\msxml3.dll 8.100.1050.0 MSXML 3.0 SP10

larrybro

Newbie Surfer
Newbie Surfer

Posts : 33
Joined : 2010-01-14
Operating System : windows xp

View user profile

Back to top Go down

Re: HIJACK THIS: userinit.exe problems

Post by larrybro on Sun 12 Dec 2010, 2:15 pm

urlmon.dll 78130000 1212416 C:\WINDOWS\system32\urlmon.dll 7.00.6000.17055 (vista_gdr.100414-0533) OLE32 Extensions for Win32
qmgr.dll 5b9f0000 409600 c:\windows\system32\qmgr.dll 6.6.2600.2180 (xpsp_sp2_rtm.040803-2158) Background Intelligent Transfer Service
MPR.dll 71b20000 73728 C:\WINDOWS\system32\MPR.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Multiple Provider Router DLL
SHFOLDER.dll 76780000 36864 c:\windows\system32\SHFOLDER.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Shell Folder Service
winrnr.dll 76fb0000 32768 C:\WINDOWS\System32\winrnr.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) LDAP RnR Provider DLL
mdnsNSP.dll 16080000 151552 C:\Program Files\Bonjour\mdnsNSP.dll 1,0,4,12 Bonjour Namespace Provider
dssenh.dll 68100000 147456 C:\WINDOWS\System32\dssenh.dll 5.1.2600.2133 (xpsp.040514-1639) Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider
catsrvut.dll 6fb10000 647168 C:\WINDOWS\System32\catsrvut.dll 2001.12.4414.308 2001.12.4414.308
catsrv.dll 6fbd0000 249856 C:\WINDOWS\System32\catsrv.dll 2001.12.4414.308 2001.12.4414.308
MfcSubs.dll 61990000 36864 C:\WINDOWS\System32\MfcSubs.dll 2001.12.4414.258 2001.12.4414.258
wuapi.dll 506a0000 581632 C:\WINDOWS\system32\wuapi.dll 7.4.7600.226 (winmain_wtr_wsus3sp2(wmbla).090806-1834) Windows Update Client API
Module information for 'svchost.exe'(1096)
MODULE BASE SIZE PATH
svchost.exe 1000000 24576 C:\WINDOWS\System32\svchost.exe 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Generic Host Process for Win32 Services
ntdll.dll 7c900000 729088 C:\WINDOWS\system32\ntdll.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) NT Layer DLL
kernel32.dll 7c800000 1003520 C:\WINDOWS\system32\kernel32.dll 5.1.2600.3541 (xpsp_sp2_gdr.090321-1320) Windows NT BASE API Client DLL
ADVAPI32.dll 77dd0000 634880 C:\WINDOWS\system32\ADVAPI32.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) Advanced Windows 32 Base API
RPCRT4.dll 77e70000 593920 C:\WINDOWS\system32\RPCRT4.dll 5.1.2600.3555 (xpsp_sp2_qfe.090415-1244) Remote Procedure Call Runtime
ShimEng.dll 5cb70000 155648 C:\WINDOWS\System32\ShimEng.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Shim Engine DLL
AcGenral.DLL 6f880000 1875968 C:\WINDOWS\AppPatch\AcGenral.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Compatibility DLL
USER32.dll 7e410000 589824 C:\WINDOWS\system32\USER32.dll 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222) Windows XP USER API Client DLL
GDI32.dll 77f10000 294912 C:\WINDOWS\system32\GDI32.dll 5.1.2600.3466 (xpsp_sp2_gdr.081022-1254) GDI Client DLL
WINMM.dll 76b40000 184320 C:\WINDOWS\System32\WINMM.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) MCI API DLL
ole32.dll 774e0000 1298432 C:\WINDOWS\system32\ole32.dll 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) Microsoft OLE for Windows
msvcrt.dll 77c10000 360448 C:\WINDOWS\system32\msvcrt.dll 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT CRT DLL
OLEAUT32.dll 77120000 569344 C:\WINDOWS\system32\OLEAUT32.dll 5.1.2600.3266 5.1.2600.3266
MSACM32.dll 77be0000 86016 C:\WINDOWS\System32\MSACM32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft ACM Audio Filter
VERSION.dll 77c00000 32768 C:\WINDOWS\system32\VERSION.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Version Checking and File Installation Libraries
SHELL32.dll 7c9c0000 8482816 C:\WINDOWS\system32\SHELL32.dll 6.00.2900.3402 (xpsp_sp2_qfe.080702-1240) Windows Shell Common Dll
SHLWAPI.dll 77f60000 483328 C:\WINDOWS\system32\SHLWAPI.dll 6.00.2900.3653 (xpsp_sp2_qfe.091207-1502) Shell Light-weight Utility Library
USERENV.dll 769c0000 733184 C:\WINDOWS\system32\USERENV.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Userenv
UxTheme.dll 5ad70000 229376 C:\WINDOWS\System32\UxTheme.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Microsoft UxTheme Library
IMM32.DLL 76390000 118784 C:\WINDOWS\system32\IMM32.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows XP IMM32 API Client DLL
serwvdrv.dll 5cd70000 28672 C:\WINDOWS\System32\serwvdrv.dll 5.1.2600.0 (xpclient.010817-1148) Unimodem Serial Wave driver
umdmxfrm.dll 5b0a0000 28672 C:\WINDOWS\System32\umdmxfrm.dll 5.1.2600.0 (xpclient.010817-1148) Unimodem Tranform Module
comctl32.dll 773d0000 1060864 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 6.0 (xpsp.060825-0040) User Experience Controls Library
comctl32.dll 5d090000 630784 C:\WINDOWS\system32\comctl32.dll 5.82 (xpsp.060825-0040) Common Controls Library
dnsrslvr.dll 76770000 53248 c:\windows\system32\dnsrslvr.dll 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316) DNS Caching Resolver Service
DNSAPI.dll 76f20000 159744 c:\windows\system32\DNSAPI.dll 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) DNS Client API DLL
WS2_32.dll 71ab0000 94208 c:\windows\system32\WS2_32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 32-Bit DLL
WS2HELP.dll 71aa0000 32768 c:\windows\system32\WS2HELP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 Helper for Windows NT
iphlpapi.dll 76d60000 102400 c:\windows\system32\iphlpapi.dll 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003) IP Helper API
rsaenh.dll ffd0000 163840 C:\WINDOWS\System32\rsaenh.dll 5.1.2600.2161 (xpsp.040706-1629) Microsoft Enhanced Cryptographic Provider
mswsock.dll 71a50000 258048 C:\WINDOWS\system32\mswsock.dll 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) Microsoft Windows Sockets 2.0 Service Provider
hnetcfg.dll 662b0000 360448 C:\WINDOWS\System32\hnetcfg.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Home Networking Configuration Manager
wshtcpip.dll 71a90000 32768 C:\WINDOWS\System32\wshtcpip.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Sockets Helper DLL
Module information for 'svchost.exe'(1228)
MODULE BASE SIZE PATH
svchost.exe 1000000 24576 C:\WINDOWS\system32\svchost.exe 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Generic Host Process for Win32 Services
ntdll.dll 7c900000 729088 C:\WINDOWS\system32\ntdll.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) NT Layer DLL
kernel32.dll 7c800000 1003520 C:\WINDOWS\system32\kernel32.dll 5.1.2600.3541 (xpsp_sp2_gdr.090321-1320) Windows NT BASE API Client DLL
ADVAPI32.dll 77dd0000 634880 C:\WINDOWS\system32\ADVAPI32.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) Advanced Windows 32 Base API
RPCRT4.dll 77e70000 593920 C:\WINDOWS\system32\RPCRT4.dll 5.1.2600.3555 (xpsp_sp2_qfe.090415-1244) Remote Procedure Call Runtime
ShimEng.dll 5cb70000 155648 C:\WINDOWS\system32\ShimEng.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Shim Engine DLL
AcGenral.DLL 6f880000 1875968 C:\WINDOWS\AppPatch\AcGenral.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Compatibility DLL
USER32.dll 7e410000 589824 C:\WINDOWS\system32\USER32.dll 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222) Windows XP USER API Client DLL
GDI32.dll 77f10000 294912 C:\WINDOWS\system32\GDI32.dll 5.1.2600.3466 (xpsp_sp2_gdr.081022-1254) GDI Client DLL
WINMM.dll 76b40000 184320 C:\WINDOWS\system32\WINMM.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) MCI API DLL
ole32.dll 774e0000 1298432 C:\WINDOWS\system32\ole32.dll 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) Microsoft OLE for Windows
msvcrt.dll 77c10000 360448 C:\WINDOWS\system32\msvcrt.dll 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT CRT DLL
OLEAUT32.dll 77120000 569344 C:\WINDOWS\system32\OLEAUT32.dll 5.1.2600.3266 5.1.2600.3266
MSACM32.dll 77be0000 86016 C:\WINDOWS\system32\MSACM32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft ACM Audio Filter
VERSION.dll 77c00000 32768 C:\WINDOWS\system32\VERSION.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Version Checking and File Installation Libraries
SHELL32.dll 7c9c0000 8482816 C:\WINDOWS\system32\SHELL32.dll 6.00.2900.3402 (xpsp_sp2_qfe.080702-1240) Windows Shell Common Dll
SHLWAPI.dll 77f60000 483328 C:\WINDOWS\system32\SHLWAPI.dll 6.00.2900.3653 (xpsp_sp2_qfe.091207-1502) Shell Light-weight Utility Library
USERENV.dll 769c0000 733184 C:\WINDOWS\system32\USERENV.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Userenv
UxTheme.dll 5ad70000 229376 C:\WINDOWS\system32\UxTheme.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Microsoft UxTheme Library
IMM32.DLL 76390000 118784 C:\WINDOWS\system32\IMM32.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows XP IMM32 API Client DLL
serwvdrv.dll 5cd70000 28672 C:\WINDOWS\system32\serwvdrv.dll 5.1.2600.0 (xpclient.010817-1148) Unimodem Serial Wave driver
umdmxfrm.dll 5b0a0000 28672 C:\WINDOWS\system32\umdmxfrm.dll 5.1.2600.0 (xpclient.010817-1148) Unimodem Tranform Module
comctl32.dll 773d0000 1060864 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 6.0 (xpsp.060825-0040) User Experience Controls Library
comctl32.dll 5d090000 630784 C:\WINDOWS\system32\comctl32.dll 5.82 (xpsp.060825-0040) Common Controls Library
NTMARTA.DLL 77690000 135168 C:\WINDOWS\system32\NTMARTA.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT MARTA provider
WLDAP32.dll 76f60000 180224 C:\WINDOWS\system32\WLDAP32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Win32 LDAP API DLL
SAMLIB.dll 71bf0000 77824 C:\WINDOWS\system32\SAMLIB.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) SAM Library DLL
xpsp2res.dll 20000000 2904064 C:\WINDOWS\system32\xpsp2res.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Service Pack 2 Messages
lmhsvc.dll 74c40000 24576 c:\windows\system32\lmhsvc.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) TCPIP NetBios Transport Services DLL
iphlpapi.dll 76d60000 102400 c:\windows\system32\iphlpapi.dll 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003) IP Helper API
WS2_32.dll 71ab0000 94208 c:\windows\system32\WS2_32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 32-Bit DLL
WS2HELP.dll 71aa0000 32768 c:\windows\system32\WS2HELP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 Helper for Windows NT
ssdpsrv.dll 765e0000 81920 c:\windows\system32\ssdpsrv.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) SSDP Service DLL
hnetcfg.dll 662b0000 360448 C:\WINDOWS\system32\hnetcfg.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Home Networking Configuration Manager
CLBCATQ.DLL 76fd0000 520192 C:\WINDOWS\system32\CLBCATQ.DLL 2001.12.4414.308 2001.12.4414.308
COMRes.dll 77050000 806912 C:\WINDOWS\system32\COMRes.dll 2001.12.4414.258 2001.12.4414.258
mswsock.dll 71a50000 258048 C:\WINDOWS\system32\mswsock.dll 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245) Microsoft Windows Sockets 2.0 Service Provider
wshtcpip.dll 71a90000 32768 C:\WINDOWS\System32\wshtcpip.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Sockets Helper DLL
secur32.dll 77fe0000 69632 C:\WINDOWS\system32\secur32.dll 5.1.2600.3592 (xpsp_sp2_gdr.090622-1453) Security Support Provider Interface
rsaenh.dll ffd0000 163840 C:\WINDOWS\system32\rsaenh.dll 5.1.2600.2161 (xpsp.040706-1629) Microsoft Enhanced Cryptographic Provider
httpapi.dll 67570000 40960 C:\WINDOWS\system32\httpapi.dll 5.1.2600.3637 (xpsp_sp2_gdr.091020-1757) HTTP Protocol Stack API
WINHTTP.dll 4d4f0000 364544 C:\WINDOWS\system32\WINHTTP.dll 5.1.2600.3619 (xpsp_sp2_gdr.090824-1329) Windows HTTP Services
upnphost.dll 62bf0000 200704 c:\windows\system32\upnphost.dll 5.1.2600.3077 (xpsp_sp2_gdr.070204-2255) UPnP Device Host
SSDPAPI.dll 74f00000 49152 c:\windows\system32\SSDPAPI.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) SSDP Client API DLL
netapi32.dll 5b860000 344064 C:\WINDOWS\system32\netapi32.dll 5.1.2600.3462 (xpsp_sp2_gdr.081015-1244) Net Win32 API DLL
msi.dll 7d1e0000 2875392 C:\WINDOWS\system32\msi.dll 3.1.4000.4039 Windows Installer
msxml3.dll 74980000 1191936 C:\WINDOWS\System32\msxml3.dll 8.100.1050.0 MSXML 3.0 SP10
urlmon.dll 78130000 1212416 C:\WINDOWS\system32\urlmon.dll 7.00.6000.17055 (vista_gdr.100414-0533) OLE32 Extensions for Win32
iertutil.dll 3dfd0000 282624 C:\WINDOWS\system32\iertutil.dll 7.00.6000.17055 (vista_gdr.100414-0533) Run time utility for Internet Explorer
WININET.dll 3d930000 856064 C:\WINDOWS\system32\WININET.dll 7.00.6000.17055 (vista_gdr.100414-0533) Internet Extensions for Win32
Normaliz.dll f40000 36864 C:\WINDOWS\system32\Normaliz.dll 6.0.5441.0 (winmain(wmbla).060628-1735) Unicode Normalization DLL
Module information for 'svchost.exe'(1488)
MODULE BASE SIZE PATH
svchost.exe 1000000 24576 C:\WINDOWS\System32\svchost.exe 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Generic Host Process for Win32 Services
ntdll.dll 7c900000 729088 C:\WINDOWS\system32\ntdll.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) NT Layer DLL
kernel32.dll 7c800000 1003520 C:\WINDOWS\system32\kernel32.dll 5.1.2600.3541 (xpsp_sp2_gdr.090321-1320) Windows NT BASE API Client DLL
ADVAPI32.dll 77dd0000 634880 C:\WINDOWS\system32\ADVAPI32.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) Advanced Windows 32 Base API
RPCRT4.dll 77e70000 593920 C:\WINDOWS\system32\RPCRT4.dll 5.1.2600.3555 (xpsp_sp2_qfe.090415-1244) Remote Procedure Call Runtime
ShimEng.dll 5cb70000 155648 C:\WINDOWS\System32\ShimEng.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Shim Engine DLL
AcGenral.DLL 6f880000 1875968 C:\WINDOWS\AppPatch\AcGenral.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Compatibility DLL
USER32.dll 7e410000 589824 C:\WINDOWS\system32\USER32.dll 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222) Windows XP USER API Client DLL
GDI32.dll 77f10000 294912 C:\WINDOWS\system32\GDI32.dll 5.1.2600.3466 (xpsp_sp2_gdr.081022-1254) GDI Client DLL
WINMM.dll 76b40000 184320 C:\WINDOWS\System32\WINMM.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) MCI API DLL
ole32.dll 774e0000 1298432 C:\WINDOWS\system32\ole32.dll 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) Microsoft OLE for Windows
msvcrt.dll 77c10000 360448 C:\WINDOWS\system32\msvcrt.dll 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT CRT DLL
OLEAUT32.dll 77120000 569344 C:\WINDOWS\system32\OLEAUT32.dll 5.1.2600.3266 5.1.2600.3266
MSACM32.dll 77be0000 86016 C:\WINDOWS\System32\MSACM32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft ACM Audio Filter
VERSION.dll 77c00000 32768 C:\WINDOWS\system32\VERSION.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Version Checking and File Installation Libraries
SHELL32.dll 7c9c0000 8482816 C:\WINDOWS\system32\SHELL32.dll 6.00.2900.3402 (xpsp_sp2_qfe.080702-1240) Windows Shell Common Dll
SHLWAPI.dll 77f60000 483328 C:\WINDOWS\system32\SHLWAPI.dll 6.00.2900.3653 (xpsp_sp2_qfe.091207-1502) Shell Light-weight Utility Library
USERENV.dll 769c0000 733184 C:\WINDOWS\system32\USERENV.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Userenv
UxTheme.dll 5ad70000 229376 C:\WINDOWS\System32\UxTheme.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Microsoft UxTheme Library
IMM32.DLL 76390000 118784 C:\WINDOWS\system32\IMM32.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows XP IMM32 API Client DLL
serwvdrv.dll 5cd70000 28672 C:\WINDOWS\System32\serwvdrv.dll 5.1.2600.0 (xpclient.010817-1148) Unimodem Serial Wave driver
umdmxfrm.dll 5b0a0000 28672 C:\WINDOWS\System32\umdmxfrm.dll 5.1.2600.0 (xpclient.010817-1148) Unimodem Tranform Module
comctl32.dll 773d0000 1060864 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 6.0 (xpsp.060825-0040) User Experience Controls Library
comctl32.dll 5d090000 630784 C:\WINDOWS\system32\comctl32.dll 5.82 (xpsp.060825-0040) Common Controls Library
NTMARTA.DLL 77690000 135168 C:\WINDOWS\System32\NTMARTA.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT MARTA provider
WLDAP32.dll 76f60000 180224 C:\WINDOWS\system32\WLDAP32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Win32 LDAP API DLL
SAMLIB.dll 71bf0000 77824 C:\WINDOWS\System32\SAMLIB.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) SAM Library DLL
xpsp2res.dll 20000000 2904064 C:\WINDOWS\System32\xpsp2res.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Service Pack 2 Messages
webclnt.dll 5a6e0000 86016 c:\windows\system32\webclnt.dll 5.1.2600.2821 (xpsp_sp2_gdr.060103-1536) Web DAV Service DLL
WININET.dll 3d930000 856064 C:\WINDOWS\system32\WININET.dll 7.00.6000.17055 (vista_gdr.100414-0533) Internet Extensions for Win32
Normaliz.dll 660000 36864 C:\WINDOWS\system32\Normaliz.dll 6.0.5441.0 (winmain(wmbla).060628-1735) Unicode Normalization DLL
iertutil.dll 3dfd0000 282624 C:\WINDOWS\system32\iertutil.dll 7.00.6000.17055 (vista_gdr.100414-0533) Run time utility for Internet Explorer
WS2_32.dll 71ab0000 94208 c:\windows\system32\WS2_32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 32-Bit DLL
WS2HELP.dll 71aa0000 32768 c:\windows\system32\WS2HELP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 Helper for Windows NT
Secur32.dll 77fe0000 69632 C:\WINDOWS\System32\Secur32.dll 5.1.2600.3592 (xpsp_sp2_gdr.090622-1453) Security Support Provider Interface
Module information for 'svchost.exe'(1892)
MODULE BASE SIZE PATH
svchost.exe 1000000 24576 C:\WINDOWS\System32\svchost.exe 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Generic Host Process for Win32 Services
ntdll.dll 7c900000 729088 C:\WINDOWS\system32\ntdll.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) NT Layer DLL
kernel32.dll 7c800000 1003520 C:\WINDOWS\system32\kernel32.dll 5.1.2600.3541 (xpsp_sp2_gdr.090321-1320) Windows NT BASE API Client DLL
ADVAPI32.dll 77dd0000 634880 C:\WINDOWS\system32\ADVAPI32.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) Advanced Windows 32 Base API
RPCRT4.dll 77e70000 593920 C:\WINDOWS\system32\RPCRT4.dll 5.1.2600.3555 (xpsp_sp2_qfe.090415-1244) Remote Procedure Call Runtime
ShimEng.dll 5cb70000 155648 C:\WINDOWS\System32\ShimEng.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Shim Engine DLL
AcGenral.DLL 6f880000 1875968 C:\WINDOWS\AppPatch\AcGenral.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Compatibility DLL
USER32.dll 7e410000 589824 C:\WINDOWS\system32\USER32.dll 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222) Windows XP USER API Client DLL
GDI32.dll 77f10000 294912 C:\WINDOWS\system32\GDI32.dll 5.1.2600.3466 (xpsp_sp2_gdr.081022-1254) GDI Client DLL
WINMM.dll 76b40000 184320 C:\WINDOWS\System32\WINMM.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) MCI API DLL
ole32.dll 774e0000 1298432 C:\WINDOWS\system32\ole32.dll 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) Microsoft OLE for Windows
msvcrt.dll 77c10000 360448 C:\WINDOWS\system32\msvcrt.dll 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT CRT DLL
OLEAUT32.dll 77120000 569344 C:\WINDOWS\system32\OLEAUT32.dll 5.1.2600.3266 5.1.2600.3266
MSACM32.dll 77be0000 86016 C:\WINDOWS\System32\MSACM32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft ACM Audio Filter
VERSION.dll 77c00000 32768 C:\WINDOWS\system32\VERSION.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Version Checking and File Installation Libraries
SHELL32.dll 7c9c0000 8482816 C:\WINDOWS\system32\SHELL32.dll 6.00.2900.3402 (xpsp_sp2_qfe.080702-1240) Windows Shell Common Dll
SHLWAPI.dll 77f60000 483328 C:\WINDOWS\system32\SHLWAPI.dll 6.00.2900.3653 (xpsp_sp2_qfe.091207-1502) Shell Light-weight Utility Library
USERENV.dll 769c0000 733184 C:\WINDOWS\system32\USERENV.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Userenv
UxTheme.dll 5ad70000 229376 C:\WINDOWS\System32\UxTheme.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Microsoft UxTheme Library
IMM32.DLL 76390000 118784 C:\WINDOWS\system32\IMM32.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows XP IMM32 API Client DLL
serwvdrv.dll 5cd70000 28672 C:\WINDOWS\System32\serwvdrv.dll 5.1.2600.0 (xpclient.010817-1148) Unimodem Serial Wave driver
umdmxfrm.dll 5b0a0000 28672 C:\WINDOWS\System32\umdmxfrm.dll 5.1.2600.0 (xpclient.010817-1148) Unimodem Tranform Module
comctl32.dll 773d0000 1060864 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 6.0 (xpsp.060825-0040) User Experience Controls Library
comctl32.dll 5d090000 630784 C:\WINDOWS\system32\comctl32.dll 5.82 (xpsp.060825-0040) Common Controls Library
wiaservc.dll 75aa0000 348160 c:\windows\system32\wiaservc.dll 5.1.2600.3051 (xpsp_sp2_gdr.061219-0316) Still Image Devices Service
CFGMGR32.dll 74ae0000 28672 c:\windows\system32\CFGMGR32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Configuration Manager Forwarder DLL
setupapi.dll 77920000 995328 C:\WINDOWS\System32\setupapi.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Setup API
mscms.dll 73b30000 86016 c:\windows\system32\mscms.dll 5.1.2600.3396 (xpsp_sp2_gdr.080624-1253) Microsoft Color Matching System DLL
WINSPOOL.DRV 73000000 155648 c:\windows\system32\WINSPOOL.DRV 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Spooler Driver
WINSTA.dll 76360000 65536 c:\windows\system32\WINSTA.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Winstation Library
NETAPI32.dll 5b860000 344064 C:\WINDOWS\system32\NETAPI32.dll 5.1.2600.3462 (xpsp_sp2_gdr.081015-1244) Net Win32 API DLL
xpsp2res.dll 20000000 2904064 C:\WINDOWS\System32\xpsp2res.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Service Pack 2 Messages
CLBCATQ.DLL 76fd0000 520192 C:\WINDOWS\System32\CLBCATQ.DLL 2001.12.4414.308 2001.12.4414.308
COMRes.dll 77050000 806912 C:\WINDOWS\System32\COMRes.dll 2001.12.4414.258 2001.12.4414.258
WINTRUST.dll 76c30000 188416 C:\WINDOWS\system32\WINTRUST.dll 5.131.2600.3661 (xpsp_sp2_gdr.091223-1722) Microsoft Trust Verification APIs
CRYPT32.dll 77a80000 606208 C:\WINDOWS\system32\CRYPT32.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Crypto API32
MSASN1.dll 77b20000 73728 C:\WINDOWS\system32\MSASN1.dll 5.1.2600.3624 (xpsp_sp2_gdr.090904-1413) ASN.1 Runtime APIs
IMAGEHLP.dll 76c90000 163840 C:\WINDOWS\system32\IMAGEHLP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT Image Helper
actxprxy.dll 71d40000 114688 C:\WINDOWS\system32\actxprxy.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ActiveX Interface Marshaling Library
sti.dll 73ba0000 77824 C:\WINDOWS\System32\sti.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Still Image Devices client DLL
Module information for 'svchost.exe'(2792)
MODULE BASE SIZE PATH
svchost.exe 1000000 24576 C:\WINDOWS\System32\svchost.exe 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Generic Host Process for Win32 Services
ntdll.dll 7c900000 729088 C:\WINDOWS\system32\ntdll.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) NT Layer DLL
kernel32.dll 7c800000 1003520 C:\WINDOWS\system32\kernel32.dll 5.1.2600.3541 (xpsp_sp2_gdr.090321-1320) Windows NT BASE API Client DLL
ADVAPI32.dll 77dd0000 634880 C:\WINDOWS\system32\ADVAPI32.dll 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233) Advanced Windows 32 Base API
RPCRT4.dll 77e70000 593920 C:\WINDOWS\system32\RPCRT4.dll 5.1.2600.3555 (xpsp_sp2_qfe.090415-1244) Remote Procedure Call Runtime
ShimEng.dll 5cb70000 155648 C:\WINDOWS\System32\ShimEng.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Shim Engine DLL
AcGenral.DLL 6f880000 1875968 C:\WINDOWS\AppPatch\AcGenral.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Compatibility DLL
USER32.dll 7e410000 589824 C:\WINDOWS\system32\USER32.dll 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222) Windows XP USER API Client DLL
GDI32.dll 77f10000 294912 C:\WINDOWS\system32\GDI32.dll 5.1.2600.3466 (xpsp_sp2_gdr.081022-1254) GDI Client DLL
WINMM.dll 76b40000 184320 C:\WINDOWS\System32\WINMM.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) MCI API DLL
ole32.dll 774e0000 1298432 C:\WINDOWS\system32\ole32.dll 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528) Microsoft OLE for Windows
msvcrt.dll 77c10000 360448 C:\WINDOWS\system32\msvcrt.dll 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT CRT DLL
OLEAUT32.dll 77120000 569344 C:\WINDOWS\system32\OLEAUT32.dll 5.1.2600.3266 5.1.2600.3266
MSACM32.dll 77be0000 86016 C:\WINDOWS\System32\MSACM32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft ACM Audio Filter
VERSION.dll 77c00000 32768 C:\WINDOWS\system32\VERSION.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Version Checking and File Installation Libraries
SHELL32.dll 7c9c0000 8482816 C:\WINDOWS\system32\SHELL32.dll 6.00.2900.3402 (xpsp_sp2_qfe.080702-1240) Windows Shell Common Dll
SHLWAPI.dll 77f60000 483328 C:\WINDOWS\system32\SHLWAPI.dll 6.00.2900.3653 (xpsp_sp2_qfe.091207-1502) Shell Light-weight Utility Library
USERENV.dll 769c0000 733184 C:\WINDOWS\system32\USERENV.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Userenv
UxTheme.dll 5ad70000 229376 C:\WINDOWS\System32\UxTheme.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Microsoft UxTheme Library
IMM32.DLL 76390000 118784 C:\WINDOWS\system32\IMM32.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows XP IMM32 API Client DLL
serwvdrv.dll 5cd70000 28672 C:\WINDOWS\System32\serwvdrv.dll 5.1.2600.0 (xpclient.010817-1148) Unimodem Serial Wave driver
umdmxfrm.dll 5b0a0000 28672 C:\WINDOWS\System32\umdmxfrm.dll 5.1.2600.0 (xpclient.010817-1148) Unimodem Tranform Module
comctl32.dll 773d0000 1060864 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 6.0 (xpsp.060825-0040) User Experience Controls Library
comctl32.dll 5d090000 630784 C:\WINDOWS\system32\comctl32.dll 5.82 (xpsp.060825-0040) Common Controls Library
NTMARTA.DLL 77690000 135168 C:\WINDOWS\System32\NTMARTA.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT MARTA provider
WLDAP32.dll 76f60000 180224 C:\WINDOWS\system32\WLDAP32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Win32 LDAP API DLL
SAMLIB.dll 71bf0000 77824 C:\WINDOWS\System32\SAMLIB.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) SAM Library DLL
xpsp2res.dll 20000000 2904064 C:\WINDOWS\System32\xpsp2res.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Service Pack 2 Messages
w3ssl.dll 5aa90000 28672 c:\windows\system32\w3ssl.dll 6.0.2600.2180 (xpsp_sp2_rtm.040803-2158) SSL service for HTTP
strmfilt.dll 6f290000 90112 C:\WINDOWS\System32\strmfilt.dll 6.0.2600.3637 (xpsp_sp2_gdr.091020-1757) Stream Filter Library
Secur32.dll 77fe0000 69632 C:\WINDOWS\System32\Secur32.dll 5.1.2600.3592 (xpsp_sp2_gdr.090622-1453) Security Support Provider Interface
CRYPT32.dll 77a80000 606208 C:\WINDOWS\system32\CRYPT32.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Crypto API32
MSASN1.dll 77b20000 73728 C:\WINDOWS\system32\MSASN1.dll 5.1.2600.3624 (xpsp_sp2_gdr.090904-1413) ASN.1 Runtime APIs
HTTPAPI.dll 67570000 40960 C:\WINDOWS\System32\HTTPAPI.dll 5.1.2600.3637 (xpsp_sp2_gdr.091020-1757) HTTP Protocol Stack API
WS2_32.dll 71ab0000 94208 C:\WINDOWS\System32\WS2_32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 32-Bit DLL
WS2HELP.dll 71aa0000 32768 C:\WINDOWS\System32\WS2HELP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 Helper for Windows NT



******************************************
EOF

larrybro

Newbie Surfer
Newbie Surfer

Posts : 33
Joined : 2010-01-14
Operating System : windows xp

View user profile

Back to top Go down

Re: HIJACK THIS: userinit.exe problems

Post by Belahzur on Tue 14 Dec 2010, 11:13 am

Please delete your version of TDSSKiller and re-download it, then run a new scan.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: HIJACK THIS: userinit.exe problems

Post by larrybro on Tue 14 Dec 2010, 4:46 pm

2010/12/13 22:22:02.0671 TDSS rootkit removing tool 2.4.11.0 Dec 8 2010 14:46:40
2010/12/13 22:22:02.0671 ================================================================================
2010/12/13 22:22:02.0671 SystemInfo:
2010/12/13 22:22:02.0671
2010/12/13 22:22:02.0671 OS Version: 5.1.2600 ServicePack: 2.0
2010/12/13 22:22:02.0671 Product type: Workstation
2010/12/13 22:22:02.0671 ComputerName: LARRYANDSARLENO
2010/12/13 22:22:02.0702 UserName: Larry
2010/12/13 22:22:02.0702 Windows directory: C:\WINDOWS
2010/12/13 22:22:02.0702 System windows directory: C:\WINDOWS
2010/12/13 22:22:02.0702 Processor architecture: Intel x86
2010/12/13 22:22:02.0702 Number of processors: 1
2010/12/13 22:22:02.0702 Page size: 0x1000
2010/12/13 22:22:02.0702 Boot type: Normal boot
2010/12/13 22:22:02.0702 ================================================================================
2010/12/13 22:22:04.0077 Initialize success
2010/12/13 22:22:05.0796 ================================================================================
2010/12/13 22:22:05.0796 Scan started
2010/12/13 22:22:05.0796 Mode: Manual;
2010/12/13 22:22:05.0796 ================================================================================
2010/12/13 22:22:08.0702 ACPI (a10c7534f7223f4a73a948967d00e69b) C:\WINDOWS\system32\DRIVERS\ACPI.sys
2010/12/13 22:22:08.0874 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
2010/12/13 22:22:09.0155 aec (1ee7b434ba961ef845de136224c30fec) C:\WINDOWS\system32\drivers\aec.sys
2010/12/13 22:22:09.0296 AFD (55e6e1c51b6d30e54335750955453702) C:\WINDOWS\System32\drivers\afd.sys
2010/12/13 22:22:09.0499 AFS2K (0ebb674888cbdefd5773341c16dd6a07) C:\WINDOWS\system32\drivers\AFS2K.sys
2010/12/13 22:22:09.0702 agp440 (2c428fa0c3e3a01ed93c9b2a27d8d4bb) C:\WINDOWS\system32\DRIVERS\agp440.sys
2010/12/13 22:22:11.0249 AsyncMac (02000abf34af4c218c35d257024807d6) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
2010/12/13 22:22:11.0421 atapi (cdfe4411a69c224bd1d11b2da92dac51) C:\WINDOWS\system32\DRIVERS\atapi.sys
2010/12/13 22:22:11.0968 ati2mpaa (9027ae586ef5f0e6a40175e92917b44c) C:\WINDOWS\system32\DRIVERS\ati2mpaa.sys
2010/12/13 22:22:12.0186 ati2mtaa (2d030c2f6b036ca0bc243e1b16d924d1) C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys
2010/12/13 22:22:12.0452 Atmarpc (ec88da854ab7d7752ec8be11a741bb7f) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
2010/12/13 22:22:12.0655 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
2010/12/13 22:22:12.0889 basic2 (1b9c81ab9a456eabd9f8335f04b5f495) C:\WINDOWS\system32\DRIVERS\HSF_BSC2.sys
2010/12/13 22:22:13.0139 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
2010/12/13 22:22:13.0639 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
2010/12/13 22:22:13.0999 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
2010/12/13 22:22:14.0249 Cdfs (cd7d5152df32b47f4e36f710b35aae02) C:\WINDOWS\system32\drivers\Cdfs.sys
2010/12/13 22:22:14.0499 Cdr4_xp (837eef65af62d4e8a37c41d3879f7274) C:\WINDOWS\system32\drivers\Cdr4_xp.sys
2010/12/13 22:22:14.0702 Cdralw2k (579da2f9f5401f55dae2cf8779d61dfc) C:\WINDOWS\system32\drivers\Cdralw2k.sys
2010/12/13 22:22:14.0905 Cdrom (af9c19b3100fe010496b1a27181fbf72) C:\WINDOWS\system32\DRIVERS\cdrom.sys
2010/12/13 22:22:15.0639 ctljystk (71007bd2e1e26927fe3e4eb00c0beedf) C:\WINDOWS\system32\DRIVERS\ctljystk.sys
2010/12/13 22:22:16.0171 Disk (00ca44e4534865f8a3b64f7c0984bff0) C:\WINDOWS\system32\DRIVERS\disk.sys
2010/12/13 22:22:16.0389 dmboot (c0fbb516e06e243f0cf31f597e7ebf7d) C:\WINDOWS\system32\drivers\dmboot.sys
2010/12/13 22:22:16.0608 dmio (f5e7b358a732d09f4bcf2824b88b9e28) C:\WINDOWS\system32\drivers\dmio.sys
2010/12/13 22:22:16.0764 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
2010/12/13 22:22:16.0905 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys
2010/12/13 22:22:17.0171 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys
2010/12/13 22:22:17.0311 E100B (56ab585a307909c4447d5900a10c6bc7) C:\WINDOWS\system32\DRIVERS\e100b325.sys
2010/12/13 22:22:17.0468 emu10k (01f83e1b5dce05f5cb7d99113ca9e890) C:\WINDOWS\system32\drivers\emu10k1m.sys
2010/12/13 22:22:17.0608 emu10k1 (7ffa171cce6a8bfc774862a578ba39a2) C:\WINDOWS\system32\drivers\ctlfacem.sys
2010/12/13 22:22:18.0233 Fallback (c823debe2548656549f84a875d65237b) C:\WINDOWS\system32\DRIVERS\HSF_FALL.sys
2010/12/13 22:22:18.0436 Fastfat (3117f595e9615e04f05a54fc15a03b20) C:\WINDOWS\system32\drivers\Fastfat.sys
2010/12/13 22:22:18.0624 Fdc (ced2e8396a8838e59d8fd529c680e02c) C:\WINDOWS\system32\DRIVERS\fdc.sys
2010/12/13 22:22:18.0858 Fips (e153ab8a11de5452bcf5ac7652dbf3ed) C:\WINDOWS\system32\drivers\Fips.sys
2010/12/13 22:22:19.0077 Flpydisk (0dd1de43115b93f4d85e889d7a86f548) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
2010/12/13 22:22:19.0343 FltMgr (3d234fb6d6ee875eb009864a299bea29) C:\WINDOWS\system32\drivers\fltmgr.sys
2010/12/13 22:22:19.0577 FSFW (2a402d0a241bbc97fec7275cd5449101) C:\WINDOWS\system32\drivers\fsdfw.sys
2010/12/13 22:22:19.0796 Fsks (6483414841d4cab6c3b4db2ac6edd70b) C:\WINDOWS\system32\DRIVERS\HSF_FSKS.sys
2010/12/13 22:22:19.0999 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
2010/12/13 22:22:20.0202 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
2010/12/13 22:22:20.0374 gameenum (5f92fd09e5610a5995da7d775eadcd12) C:\WINDOWS\system32\DRIVERS\gameenum.sys
2010/12/13 22:22:20.0593 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
2010/12/13 22:22:20.0827 Gpc (c0f1d4a21de5a415df8170616703debf) C:\WINDOWS\system32\DRIVERS\msgpc.sys
2010/12/13 22:22:21.0389 HSFHWBS2 (95b894b508db03507b61fe213ef6fe19) C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
2010/12/13 22:22:21.0671 HSF_DP (f66402179ca2b2ae68493103db5fa48c) C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
2010/12/13 22:22:21.0905 hsf_msft (74e379857d4c0dfb56de2d19b8f4c434) C:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys
2010/12/13 22:22:22.0108 HTTP (9f8b0f4276f618964fd118be4289b7cd) C:\WINDOWS\system32\Drivers\HTTP.sys
2010/12/13 22:22:22.0499 i8042prt (5502b58eef7486ee6f93f3f164dcb808) C:\WINDOWS\system32\DRIVERS\i8042prt.sys
2010/12/13 22:22:22.0686 Imapi (f8aa320c6a0409c0380e5d8a99d76ec6) C:\WINDOWS\system32\DRIVERS\imapi.sys
2010/12/13 22:22:23.0108 intelppm (279fb78702454dff2bb445f238c048d2) C:\WINDOWS\system32\DRIVERS\intelppm.sys
2010/12/13 22:22:23.0264 ip6fw (4448006b6bc60e6c027932cfc38d6855) C:\WINDOWS\system32\drivers\ip6fw.sys
2010/12/13 22:22:23.0436 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
2010/12/13 22:22:23.0577 IpInIp (e1ec7f5da720b640cd8fb8424f1b14bb) C:\WINDOWS\system32\DRIVERS\ipinip.sys
2010/12/13 22:22:23.0702 IpNat (e2168cbc7098ffe963c6f23f472a3593) C:\WINDOWS\system32\DRIVERS\ipnat.sys
2010/12/13 22:22:23.0889 IPSec (64537aa5c003a6afeee1df819062d0d1) C:\WINDOWS\system32\DRIVERS\ipsec.sys
2010/12/13 22:22:24.0186 IRENUM (50708daa1b1cbb7d6ac1cf8f56a24410) C:\WINDOWS\system32\DRIVERS\irenum.sys
2010/12/13 22:22:24.0311 isapnp (e504f706ccb699c2596e9a3da1596e87) C:\WINDOWS\system32\DRIVERS\isapnp.sys
2010/12/13 22:22:24.0468 K56 (9c5e3fdbfcc30cf71a49ca178b9ad442) C:\WINDOWS\system32\DRIVERS\HSF_K56K.sys
2010/12/13 22:22:24.0639 Kbdclass (ebdee8a2ee5393890a1acee971c4c246) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
2010/12/13 22:22:24.0780 kmixer (ba5deda4d934e6288c2f66caf58d2562) C:\WINDOWS\system32\drivers\kmixer.sys
2010/12/13 22:22:24.0921 KSecDD (674d3e5a593475915dc6643317192403) C:\WINDOWS\system32\drivers\KSecDD.sys
2010/12/13 22:22:25.0218 MailScan (06b6a9e4cb6942c2d326870e2f57ee68) C:\PROGRA~1\AVANQU~1\Fix-It\MailScan.sys
2010/12/13 22:22:25.0389 MASPINT (a2ae666cee860babe7fa6f1662b71737) C:\WINDOWS\system32\drivers\MASPINT.sys
2010/12/13 22:22:25.0546 MBAMSwissArmy (e74dc2f3f9675a6025a4aa020edd4341) C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010/12/13 22:22:25.0764 MCSTRM (08b9943468f32d9d144880d3ec634b5f) C:\WINDOWS\system32\drivers\MCSTRM.sys
2010/12/13 22:22:25.0968 mdmxsdk (a1e9d936eac07ee9386e87bac1377fad) C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
2010/12/13 22:22:26.0202 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
2010/12/13 22:22:26.0436 Modem (6fc6f9d7acc36dca9b914565a3aeda05) C:\WINDOWS\system32\drivers\Modem.sys
2010/12/13 22:22:26.0639 MODEMCSA (1992e0d143b09653ab0f9c5e04b0fd65) C:\WINDOWS\system32\drivers\MODEMCSA.sys
2010/12/13 22:22:26.0858 Mouclass (34e1f0031153e491910e12551400192c) C:\WINDOWS\system32\DRIVERS\mouclass.sys
2010/12/13 22:22:27.0061 MountMgr (65653f3b4477f3c63e68a9659f85ee2e) C:\WINDOWS\system32\drivers\MountMgr.sys
2010/12/13 22:22:27.0389 MRxDAV (29414447eb5bde2f8397dc965dbb3156) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
2010/12/13 22:22:27.0624 MRxSmb (fb6c89bb3ce282b08bdb1e3c179e1c39) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
2010/12/13 22:22:27.0874 Msfs (561b3a4333ca2dbdba28b5b956822519) C:\WINDOWS\system32\drivers\Msfs.sys
2010/12/13 22:22:28.0124 MSKSSRV (ae431a8dd3c1d0d0610cdbac16057ad0) C:\WINDOWS\system32\drivers\MSKSSRV.sys
2010/12/13 22:22:28.0343 MSPCLOCK (13e75fef9dfeb08eeded9d0246e1f448) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2010/12/13 22:22:28.0546 MSPQM (1988a33ff19242576c3d0ef9ce785da7) C:\WINDOWS\system32\drivers\MSPQM.sys
2010/12/13 22:22:28.0733 mssmbios (469541f8bfd2b32659d5d463a6714bce) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
2010/12/13 22:22:28.0905 Mup (82035e0f41c2dd05ae41d27fe6cf7de1) C:\WINDOWS\system32\drivers\Mup.sys
2010/12/13 22:22:29.0124 MxlW2k (19dd5c581eef70134ccef87d626f4417) C:\WINDOWS\system32\drivers\MxlW2k.sys
2010/12/13 22:22:29.0358 NDIS (558635d3af1c7546d26067d5d9b6959e) C:\WINDOWS\system32\drivers\NDIS.sys
2010/12/13 22:22:29.0561 NdisTapi (08d43bbdacdf23f34d79e44ed35c1b4c) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
2010/12/13 22:22:29.0780 Ndisuio (34d6cd56409da9a7ed573e1c90a308bf) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
2010/12/13 22:22:29.0983 NdisWan (0b90e255a9490166ab368cd55a529893) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
2010/12/13 22:22:30.0186 NDProxy (59fc3fb44d2669bc144fd87826bb571f) C:\WINDOWS\system32\drivers\NDProxy.sys
2010/12/13 22:22:30.0374 NetBIOS (3a2aca8fc1d7786902ca434998d7ceb4) C:\WINDOWS\system32\DRIVERS\netbios.sys
2010/12/13 22:22:30.0561 NetBT (0c80e410cd2f47134407ee7dd19cc86b) C:\WINDOWS\system32\DRIVERS\netbt.sys
2010/12/13 22:22:30.0858 Npfs (4f601bcb8f64ea3ac0994f98fed03f8e) C:\WINDOWS\system32\drivers\Npfs.sys
2010/12/13 22:22:31.0093 Ntfs (19a811ef5f1ed5c926a028ce107ff1af) C:\WINDOWS\system32\drivers\Ntfs.sys
2010/12/13 22:22:31.0296 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
2010/12/13 22:22:31.0452 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
2010/12/13 22:22:31.0593 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
2010/12/13 22:22:31.0780 OMCI (cec7e2c6c1fa00c7ab2f5434f848ae51) C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS
2010/12/13 22:22:32.0030 Parport (29744eb4ce659dfe3b4122deb45bc478) C:\WINDOWS\system32\DRIVERS\parport.sys
2010/12/13 22:22:32.0186 PartMgr (3334430c29dc338092f79c38ef7b4cd0) C:\WINDOWS\system32\drivers\PartMgr.sys
2010/12/13 22:22:32.0343 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
2010/12/13 22:22:32.0483 PCI (8086d9979234b603ad5bc2f5d890b234) C:\WINDOWS\system32\DRIVERS\pci.sys
2010/12/13 22:22:32.0796 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys
2010/12/13 22:22:32.0936 Pcmcia (82a087207decec8456fbe8537947d579) C:\WINDOWS\system32\drivers\Pcmcia.sys
2010/12/13 22:22:33.0124 pcx2nd5 (fa06f0f3eb2abb0652aeec176f573c88) C:\WINDOWS\system32\DRIVERS\pcx2nd5.sys
2010/12/13 22:22:33.0280 pcx2unic (952449aadc01200b6db7713e8731ba6b) C:\WINDOWS\system32\DRIVERS\pcx2unic.sys
2010/12/13 22:22:34.0139 PptpMiniport (1c5cc65aac0783c344f16353e60b72ac) C:\WINDOWS\system32\DRIVERS\raspptp.sys
2010/12/13 22:22:34.0264 Processor (0d97d88720a4087ec93af7dbb303b30a) C:\WINDOWS\system32\DRIVERS\processr.sys
2010/12/13 22:22:34.0421 PSched (48671f327553dcf1d27f6197f622a668) C:\WINDOWS\system32\DRIVERS\psched.sys
2010/12/13 22:22:34.0561 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
2010/12/13 22:22:34.0686 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\DRIVERS\PxHelp20.sys
2010/12/13 22:22:35.0358 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
2010/12/13 22:22:35.0499 Rasl2tp (98faeb4a4dcf812ba1c6fca4aa3e115c) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
2010/12/13 22:22:35.0624 RasPppoe (7306eeed8895454cbed4669be9f79faa) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
2010/12/13 22:22:35.0796 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
2010/12/13 22:22:35.0952 Rdbss (03b965b1ca47f6ef60eb5e51cb50e0af) C:\WINDOWS\system32\DRIVERS\rdbss.sys
2010/12/13 22:22:36.0093 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
2010/12/13 22:22:36.0280 RDPWD (b54cd38a9ebfbf2b3561426e3fe26f62) C:\WINDOWS\system32\drivers\RDPWD.sys
2010/12/13 22:22:36.0436 redbook (b31b4588e4086d8d84adbf9845c2402b) C:\WINDOWS\system32\DRIVERS\redbook.sys
2010/12/13 22:22:36.0577 Rksample (bb7549bd94d1aac3599c7606c50c48a0) C:\WINDOWS\system32\DRIVERS\HSF_SAMP.sys
2010/12/13 22:22:36.0780 SbcpHid (30d94039a729571146eb9d736ec1aadd) C:\WINDOWS\system32\Drivers\SbcpHid.sys
2010/12/13 22:22:36.0968 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
2010/12/13 22:22:37.0171 serenum (a2d868aeeff612e70e213c451a70cafb) C:\WINDOWS\system32\DRIVERS\serenum.sys
2010/12/13 22:22:37.0311 Serial (cd9404d115a00d249f70a371b46d5a26) C:\WINDOWS\system32\DRIVERS\serial.sys
2010/12/13 22:22:37.0452 Sfloppy (0d13b6df6e9e101013a7afb0ce629fe0) C:\WINDOWS\system32\drivers\Sfloppy.sys
2010/12/13 22:22:37.0561 sfman (0b1a5e9cacb5cdd54a2815107bd7c772) C:\WINDOWS\system32\drivers\sfmanm.sys
2010/12/13 22:22:37.0780 SoftFax (d9e8e0ce154a2f6430d9efabdf730867) C:\WINDOWS\system32\DRIVERS\HSF_FAXX.sys
2010/12/13 22:22:38.0014 SpeakerPhone (6c843c43fd7f0b42cfe477ce88d0f9b3) C:\WINDOWS\system32\DRIVERS\HSF_SPKP.sys
2010/12/13 22:22:38.0155 splitter (0ce218578fff5f4f7e4201539c45c78f) C:\WINDOWS\system32\drivers\splitter.sys
2010/12/13 22:22:38.0358 sr (e41b6d037d6cd08461470af04500dc24) C:\WINDOWS\system32\DRIVERS\sr.sys
2010/12/13 22:22:38.0530 Srv (7a4f147cc6b133f905f6e65e2f8669fb) C:\WINDOWS\system32\DRIVERS\srv.sys
2010/12/13 22:22:38.0936 swenum (03c1bae4766e2450219d20b993d6e046) C:\WINDOWS\system32\DRIVERS\swenum.sys
2010/12/13 22:22:39.0327 swmidi (94abc808fc4b6d7d2bbf42b85e25bb4d) C:\WINDOWS\system32\drivers\swmidi.sys
2010/12/13 22:22:40.0843 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys
2010/12/13 22:22:41.0171 Tcpip (2a5554fc5b1e04e131230e3ce035c3f9) C:\WINDOWS\system32\DRIVERS\tcpip.sys
2010/12/13 22:22:41.0577 TDPIPE (38d437cf2d98965f239b0abcd66dcb0f) C:\WINDOWS\system32\drivers\TDPIPE.sys
2010/12/13 22:22:41.0905 TDTCP (ed0580af02502d00ad8c4c066b156be9) C:\WINDOWS\system32\drivers\TDTCP.sys
2010/12/13 22:22:42.0264 TermDD (a540a99c281d933f3d69d55e48727f47) C:\WINDOWS\system32\DRIVERS\termdd.sys
2010/12/13 22:22:42.0608 tmpreflt (e4d1bfeee3a2526d9a986c314a4a4d52) C:\PROGRA~1\AVANQU~1\Fix-It\tmpreflt.sys
2010/12/13 22:22:42.0843 tmxpflt (d975ce5ab8d80f785938fe2fcc374b0a) C:\PROGRA~1\AVANQU~1\Fix-It\tmxpflt.sys
2010/12/13 22:22:43.0171 Tones (8021a499db46b2961c285168671cb9af) C:\WINDOWS\system32\DRIVERS\HSF_TONE.sys
2010/12/13 22:22:43.0827 Udfs (12f70256f140cd7d52c58c7048fde657) C:\WINDOWS\system32\drivers\Udfs.sys
2010/12/13 22:22:44.0499 Update (ced744117e91bdc0beb810f7d8608183) C:\WINDOWS\system32\DRIVERS\update.sys
2010/12/13 22:22:44.0968 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\WINDOWS\system32\Drivers\usbaapl.sys
2010/12/13 22:22:45.0280 USBCM (d21cde1c635bcc5053463579eee453cf) C:\WINDOWS\system32\DRIVERS\Sacm2A.sys
2010/12/13 22:22:45.0624 usbehci (15e993ba2f6946b2bfbbfcd30398621e) C:\WINDOWS\system32\DRIVERS\usbehci.sys
2010/12/13 22:22:45.0999 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys
2010/12/13 22:22:46.0343 usbprint (a42369b7cd8886cd7c70f33da6fcbcf5) C:\WINDOWS\system32\DRIVERS\usbprint.sys
2010/12/13 22:22:46.0671 usbscan (a6bc71402f4f7dd5b77fd7f4a8ddba85) C:\WINDOWS\system32\DRIVERS\usbscan.sys
2010/12/13 22:22:47.0108 USBSTOR (6cd7b22193718f1d17a47a1cd6d37e75) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
2010/12/13 22:22:47.0530 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
2010/12/13 22:22:48.0014 V124 (269c0ade94b90029b12497747be408cb) C:\WINDOWS\system32\DRIVERS\HSF_V124.sys
2010/12/13 22:22:48.0593 VgaSave (8a60edd72b4ea5aea8202daf0e427925) C:\WINDOWS\System32\drivers\vga.sys
2010/12/13 22:22:49.0124 VolSnap (ee4660083deba849ff6c485d944b379b) C:\WINDOWS\system32\drivers\VolSnap.sys
2010/12/13 22:22:49.0764 Vsapint (4e1ea031d3ab080b7007f13fd6f1f291) C:\PROGRA~1\AVANQU~1\Fix-It\Vsapint.sys
2010/12/13 22:22:50.0905 Wanarp (984ef0b9788abf89974cfed4bfbaacbc) C:\WINDOWS\system32\DRIVERS\wanarp.sys
2010/12/13 22:22:51.0202 wanatw (0a716c08cb13c3a8f4f51e882dbf7416) C:\WINDOWS\system32\DRIVERS\wanatw4.sys
2010/12/13 22:22:51.0733 wdmaud (efd235ca22b57c81118c1aeb4798f1c1) C:\WINDOWS\system32\drivers\wdmaud.sys
2010/12/13 22:22:52.0171 winachsf (fe71b3857bed54600e02288b212e7b7c) C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
2010/12/13 22:22:52.0702 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
2010/12/13 22:22:52.0983 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
2010/12/13 22:22:54.0905 ================================================================================
2010/12/13 22:22:54.0905 Scan finished
2010/12/13 22:22:54.0905 ================================================================================

larrybro

Newbie Surfer
Newbie Surfer

Posts : 33
Joined : 2010-01-14
Operating System : windows xp

View user profile

Back to top Go down

Re: HIJACK THIS: userinit.exe problems

Post by Belahzur on Wed 15 Dec 2010, 9:58 am

Hello.
How is the machine running? any re-directs or anything?


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: HIJACK THIS: userinit.exe problems

Post by larrybro on Wed 15 Dec 2010, 11:35 am

Everything seems to be running smoothly; no re-directs that I have seen or any of the other problems associated with userinit...the anti-virus program I had installed some time ago pops up a lot still (when it is enabled) but otherwise it seems ok.

larrybro

Newbie Surfer
Newbie Surfer

Posts : 33
Joined : 2010-01-14
Operating System : windows xp

View user profile

Back to top Go down

Re: HIJACK THIS: userinit.exe problems

Post by Belahzur on Thu 16 Dec 2010, 10:49 am

Can you explain what you mean by "pop-ups?"


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: HIJACK THIS: userinit.exe problems

Post by larrybro on Fri 17 Dec 2010, 3:37 am

The anti-virus program sends messages pretty frequently, not necessarily for virus warnings, but notices, etc. Since I temp deactivated the anti virus scan in order to run the last few scans on here, I have not had the virus warnings.

larrybro

Newbie Surfer
Newbie Surfer

Posts : 33
Joined : 2010-01-14
Operating System : windows xp

View user profile

Back to top Go down

Re: HIJACK THIS: userinit.exe problems

Post by Belahzur on Fri 17 Dec 2010, 10:11 am

Okay.
Reactivate the real time protection and take a screenshot next time you get any warning and paste them here so I can see what it's complaining about.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Re: HIJACK THIS: userinit.exe problems

Post by larrybro on Fri 17 Dec 2010, 3:24 pm

I have had the real time protection reactivated and have not received any warnings, but if I do I will paste it. Otherwise, everything else seems to be working smoothly.

larrybro

Newbie Surfer
Newbie Surfer

Posts : 33
Joined : 2010-01-14
Operating System : windows xp

View user profile

Back to top Go down

Re: HIJACK THIS: userinit.exe problems

Post by Sponsored content Today at 6:04 am


Sponsored content


Back to top Go down

Page 2 of 2 Previous  1, 2

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum