Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

WORM.WIN32.NETSKY [Solved] [Closed]

Started by daic , Dec 30 2009 05:35 AM

  • This topic is locked This topic is locked

#1
daic
Posted 30 December 2009 - 05:35 AM

daic

    Member

  • Member
  • PipPip
  • 28 posts
Hello, recently i got an attack. At startup computer states im infected with worm.win32.netsky.

Computer Specs: Windows XP Media Center Edition 2005. XFX Radeon HD 4890 1gb GDDR5. 4GB RAM (Reads at 3.5gb)
AMD Athlon 64 X2 Dual Core 3800+, 2.00GHz

Symptoms so far are some random popups and redirected page clicks, have to copy+paste most site addresses in to be able to enter. Much lost others cases, my diskcleanup will not run, i was able to re-enable system restore but that wasnt much help.

Please let me know if you need any hijack report, etc.

~daic
  • 0

Advertisements

#2
hammerman
Posted 30 December 2009 - 04:54 PM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hello daic and welcome to GeeksToGo :)
I'm hammerman and I'm going to help you fix your problem.

Before we begin, here are some guidelines which will help us both in fixing your problem.
  • Malware removal is not instantaneous and will take a number of steps to complete. Please continue to carry out the steps requested until I let you know that your computer appears clean.
  • Please do no attach logs or post them in Quote/Code boxes unless requested.
  • I suggest you print or save any instructions I give you for easy reference. We may be using Safe mode and you will not always be able to access this thread. You can copy and paste these instructions into Notepad and then save the text file to your Desktop. If you need any help with this or further clarification, please let me know.
  • When posting logs, please ensure Word Wrap is turned off in Notepad. Open Notepad, select Format on the menu bar and make sure that Word Wrap is unchecked.
  • Please follow the steps exactly in the same order posted. If you can't perform a certain step, or you're unsure on what to do, please stop and let me know.
  • If in doubt about anything, please ask.

Please follow these steps.

-- Step 1 --

  • Download OTL to your desktop.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • Under the Custom Scan box paste this in

    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %ALLUSERSPROFILE%\Application Data\*.
    %ALLUSERSPROFILE%\Application Data\*.exe /s
    %APPDATA%\*.
    %APPDATA%\*.exe /s
    %SYSTEMDRIVE%\*.exe
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    iaStor.sys
    nvstor.sys
    nvstor32.sys
    atapi.sys
    IdeChnDr.sys
    viasraid.sys
    AGP440.sys
    vaxscsi.sys
    nvatabus.sys
    viamraid.sys
    nvata.sys
    nvgts.sys
    iastorv.sys
    ViPrt.sys
    eNetHook.dll
    ahcix86.sys
    KR10N.sys
    ahcix86s.sys
    nvrd32.sys
    /md5stop
    %systemroot%\*. /mp /s
    c:\$recycle.bin\*.* /s
    %systemroot%\system32\*.dll /lockedfiles
    CREATERESTOREPOINT

  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them all in.
-- Step 2 --

Download the GMER Rootkit Scanner. Unzip it to your Desktop.

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised!

If possible rootkit activity is found, you will be asked if you would like to perform a full scan.
  • Click NO
  • In the right panel, you will see a bunch of boxes that have been checked. UNCHECK the following boxes
    • Sections
    • IAT/EAT
    • Drives/Partition other than System drive (typically C:\)
    • Show all (important)
  • Now click the Scan button.
    Once the scan is complete, you may receive another notice about rootkit activity.
  • Click OK.
  • GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
  • Save it where you can easily find it, such as your desktop.
Post the contents of GMER.txt in your next reply.
  • 0

#3
daic
Posted 31 December 2009 - 02:55 AM

daic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Thanks for the welcome and the help :)

I wanted to let you know that i have since used my recovery partition and restored my computer. The internet had gotten so i could not load and so i decided that was easiest (at first attempt i got a BSOD), i had dont some cleaning, must have helped.

Furthermore, here are the test scan logs you requested, perhaps there is some left over from the attach.

=== OTL.TXT ===
OTL logfile created on: 12/30/2009 11:01:16 PM - Run 1
OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\HP_Administrator\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 87.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 88.74 Gb Total Space | 34.71 Gb Free Space | 39.11% Space Free | Partition Type: NTFS
Drive D: | 88.72 Gb Total Space | 2.37 Gb Free Space | 2.67% Space Free | Partition Type: NTFS
Drive E: | 8.83 Gb Total Space | 0.55 Gb Free Space | 6.19% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HP_DESKTOP
Current User Name: HP_Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Processes (SafeList) ==========

PRC - [2009/12/30 22:58:58 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
PRC - [2009/12/16 18:01:08 | 00,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009/11/24 19:09:04 | 00,602,112 | ---- | M] (ATI Technologies Inc.) -- C:\WINDOWS\system32\ati2evxx.exe
PRC - [2008/04/13 16:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/08/17 15:49:11 | 00,036,903 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
PRC - [2006/06/21 03:08:48 | 00,049,152 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2006/04/13 08:05:00 | 00,090,112 | ---- | M] (Sonic Solutions) -- C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
PRC - [2006/04/07 00:51:18 | 01,073,152 | ---- | M] (Digital Interactive Systems Corporation) -- C:\Program Files\DISC\DISCover.exe
PRC - [2006/04/07 00:50:22 | 00,065,536 | ---- | M] (Digital Interactive Systems Corporation, Inc.) -- C:\Program Files\DISC\DISCUpdMgr.exe
PRC - [2006/04/07 00:50:22 | 00,057,344 | ---- | M] (Digital Interactive Systems Corporation, Inc.) -- C:\Program Files\DISC\DiscStreamHub.exe
PRC - [2005/08/02 22:19:16 | 00,058,880 | ---- | M] (Microsoft) -- C:\WINDOWS\arservice.exe
PRC - [2005/02/17 05:11:42 | 00,049,152 | ---- | M] (Hewlett-Packard Co.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
PRC - [2005/02/02 15:44:24 | 00,061,440 | ---- | M] (Hewlett-Packard Company) -- C:\hp\KBD\kbd.exe
PRC - [1998/05/07 08:04:38 | 00,052,736 | ---- | M] (Hewlett-Packard Company) -- c:\WINDOWS\system\hpsysdrv.exe


========== Modules (SafeList) ==========

MOD - [2009/12/30 22:58:58 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
MOD - [2006/08/17 15:49:08 | 00,024,613 | ---- | M] (BackWeb) -- C:\Documents and Settings\HP_Administrator\Local Settings\Temp\IadHide5.dll


========== Win32 Services (SafeList) ==========

SRV - [2009/11/24 19:09:04 | 00,602,112 | ---- | M] (ATI Technologies Inc.) [Auto | Running] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2006/06/21 03:08:48 | 00,049,152 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2006/05/09 14:50:00 | 00,131,139 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2005/08/02 22:19:16 | 00,058,880 | ---- | M] (Microsoft) [Auto | Running] -- C:\WINDOWS\arservice.exe -- (ARSVC)
SRV - [2004/10/22 09:24:18 | 00,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/07/15 07:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state)


========== Driver Services (SafeList) ==========

DRV - [2009/11/24 19:50:16 | 04,463,104 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/04/13 08:36:05 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/11/13 02:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2006/06/14 10:04:12 | 04,299,264 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/05/09 14:50:00 | 03,535,680 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/03/09 10:00:00 | 00,046,080 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20)
DRV - [2006/03/03 14:31:04 | 00,013,056 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2006/03/03 14:31:02 | 00,034,176 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005/12/12 16:27:00 | 00,019,072 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [2005/12/06 10:20:50 | 00,241,664 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSXHWBS2.sys -- (HSXHWBS2)
DRV - [2005/12/06 10:20:42 | 00,670,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSX_CNXT.sys -- (winachsx)
DRV - [2005/12/06 10:20:40 | 00,936,448 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSX_DP.sys -- (HSX_DP)
DRV - [2005/10/05 14:57:08 | 00,012,544 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2005/06/29 16:03:18 | 00,175,104 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\ftsata2.sys -- (ftsata2)
DRV - [2005/03/09 13:53:00 | 00,036,352 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004/08/09 20:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2004/08/03 13:31:34 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) Realtek RTL8139(A/B/C)
DRV - [2003/11/05 06:45:12 | 00,017,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\bb-run.sys -- (bb-run)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.redirect.h...a...&pf=desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...a...&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.h...a...&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.h...a...&pf=desktop
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...a...&pf=desktop
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Yahoo"


[2009/12/30 18:56:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Extensions
[2009/12/30 21:49:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\3zao5b5t.default\extensions
[2009/12/27 04:10:07 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2007/04/16 09:07:12 | 00,180,293 | ---- | M] () -- C:\Program Files\Mozilla Firefox\plugins\npViewpoint.dll

O1 HOSTS File: (734 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (hpWebHelper Class) - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll (Hewlett-Packard)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AlwaysReady Power Message APP] C:\WINDOWS\arpwrmsg.exe (Microsoft)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [DMAScheduler] c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe (Sonic Solutions)
O4 - HKLM..\Run: [ftutil2] C:\WINDOWS\System32\ftutil2.dll (Promise Technology, Inc.)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\hpwuSchd2.exe (Hewlett-Packard Co.)
O4 - HKLM..\Run: [HPBootOp] C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PCDrProfiler] File not found
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [Reminder] C:\Windows\Creator\Remind_XP.exe (SoftThinks)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\NPJPI150_06.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm File not found
O9 - Extra 'Tools' menuitem : Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm File not found
O15 - HKLM\..Trusted Domains: trymedia.com ([]http in Trusted sites)
O15 - HKLM\..Trusted Domains: trymedia.com ([]https in Trusted sites)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.micros...b?1262231476187 (WUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/08/17 15:44:23 | 00,000,100 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 08:07:38 | 00,000,000 | -HS- | M] () - E:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 00:01:14 | 00,000,053 | -HS- | M] () - E:\Autorun.inf -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - comfile [open] -- "%1" %*
O35 - exefile [open] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2005/11/14 18:13:14 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {1a3e09be-1e45-494b-9174-d7385b45bbf5} - Reg Error: Value error.
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {DAA94A2A-2A8D-4D3B-9DB8-56FBECED082D} - Microsoft .NET Framework 1.1 Security Update (KB953297)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295)
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3
ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: KB910393 - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivXNetworks, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.LEAD - LCODCCMP.DLL File not found

CREATERESTOREPOINT
Restore point Set: OTL Restore Point (16892003295952896)

========== Files/Folders - Created Within 30 Days ==========

[2009/12/30 22:58:57 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
[2009/12/30 22:54:39 | 31,123,861 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\HP_Administrator\Desktop\WDM_R240.exe
[2009/12/30 22:53:19 | 01,941,232 | ---- | C] (Hewlett-Packard Development Company, L.P. ) -- C:\Documents and Settings\HP_Administrator\Desktop\sp37394.exe
[2009/12/30 21:51:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Downloads
[2009/12/30 21:30:01 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msv1_0.dll
[2009/12/30 21:25:04 | 00,000,000 | ---D | C] -- C:\4bfbffaa2c52c982b18a0fd5
[2009/12/30 21:11:32 | 13,533,184 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atioglxx.dll
[2009/12/30 21:11:32 | 03,612,672 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticaldd.dll
[2009/12/30 21:11:32 | 00,602,112 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2evxx.exe
[2009/12/30 21:11:32 | 00,565,248 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atikvmag.dll
[2009/12/30 21:11:32 | 00,446,464 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\ATIDEMGX.dll
[2009/12/30 21:11:32 | 00,397,312 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiok3x2.dll
[2009/12/30 21:11:32 | 00,311,296 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atiiiexx.dll
[2009/12/30 21:11:32 | 00,208,896 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\atipdlxx.dll
[2009/12/30 21:11:32 | 00,176,128 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atiadlxx.dll
[2009/12/30 21:11:32 | 00,155,648 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Oemdspif.dll
[2009/12/30 21:11:32 | 00,155,648 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2evxx.dll
[2009/12/30 21:11:32 | 00,118,784 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\atibtmon.exe
[2009/12/30 21:11:32 | 00,065,024 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\atimpc32.dll
[2009/12/30 21:11:32 | 00,065,024 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\amdpcom32.dll
[2009/12/30 21:11:32 | 00,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2erec.dll
[2009/12/30 21:11:32 | 00,053,248 | ---- | C] ( ATI Technologies Inc.) -- C:\WINDOWS\System32\ATIDDC.DLL
[2009/12/30 21:11:32 | 00,045,056 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticalrt.dll
[2009/12/30 21:11:32 | 00,045,056 | ---- | C] (Advanced Micro Devices Inc.) -- C:\WINDOWS\System32\aticalcl.dll
[2009/12/30 21:11:32 | 00,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ati2edxx.dll
[2009/12/30 21:11:32 | 00,026,112 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\Ati2mdxx.exe
[2009/12/30 21:11:32 | 00,024,064 | ---- | C] (ATI Technologies, Inc.) -- C:\WINDOWS\System32\ativcoxx.dll
[2009/12/30 21:11:32 | 00,017,408 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\atitvo32.dll
[2009/12/30 21:11:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\DRVSTORE
[2009/12/30 21:06:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2009/12/30 20:58:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\scripting
[2009/12/30 20:58:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en
[2009/12/30 20:58:57 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2009/12/30 20:52:14 | 00,276,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wmphoto.dll
[2009/12/30 20:52:13 | 00,712,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecs.dll
[2009/12/30 20:52:13 | 00,346,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\windowscodecsext.dll
[2009/12/30 20:52:13 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll
[2009/12/30 20:52:12 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2009/12/30 20:52:12 | 00,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2009/12/30 20:52:12 | 00,022,271 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2009/12/30 20:52:12 | 00,011,935 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2009/12/30 20:52:12 | 00,011,871 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2009/12/30 20:52:12 | 00,011,807 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2009/12/30 20:52:12 | 00,011,325 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2009/12/30 20:52:12 | 00,011,295 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2009/12/30 20:52:11 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll
[2009/12/30 20:52:11 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023x.sys
[2009/12/30 20:52:09 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdwxp.exe
[2009/12/30 20:52:09 | 00,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spdwnwxp.exe
[2009/12/30 20:52:08 | 00,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2009/12/30 20:52:08 | 00,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2009/12/30 20:52:08 | 00,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2009/12/30 20:52:08 | 00,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2009/12/30 20:52:08 | 00,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2009/12/30 20:52:08 | 00,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2009/12/30 20:52:08 | 00,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2009/12/30 20:52:08 | 00,040,960 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisagp.sys
[2009/12/30 20:52:08 | 00,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2009/12/30 20:52:08 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe
[2009/12/30 20:52:08 | 00,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2009/12/30 20:52:08 | 00,005,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smbali.sys
[2009/12/30 20:52:08 | 00,003,901 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2009/12/30 20:52:07 | 00,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2009/12/30 20:52:07 | 00,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2009/12/30 20:52:07 | 00,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2009/12/30 20:52:06 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll
[2009/12/30 20:52:06 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll
[2009/12/30 20:52:06 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll
[2009/12/30 20:52:06 | 00,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2009/12/30 20:52:05 | 00,412,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\photometadatahandler.dll
[2009/12/30 20:52:05 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll
[2009/12/30 20:52:05 | 00,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll
[2009/12/30 20:52:05 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll
[2009/12/30 20:52:03 | 00,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2009/12/30 20:52:02 | 01,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2009/12/30 20:52:02 | 01,372,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2009/12/30 20:52:02 | 01,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2009/12/30 20:52:02 | 00,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2009/12/30 20:52:02 | 00,193,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll
[2009/12/30 20:52:02 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe
[2009/12/30 20:52:02 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll
[2009/12/30 20:52:02 | 00,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2009/12/30 20:52:02 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll
[2009/12/30 20:52:02 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll
[2009/12/30 20:52:02 | 00,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2009/12/30 20:51:59 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll
[2009/12/30 20:51:59 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll
[2009/12/30 20:51:59 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll
[2009/12/30 20:51:59 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe
[2009/12/30 20:51:58 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll
[2009/12/30 20:51:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll
[2009/12/30 20:51:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll
[2009/12/30 20:51:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll
[2009/12/30 20:51:58 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll
[2009/12/30 20:51:56 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll
[2009/12/30 20:51:56 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll
[2009/12/30 20:51:55 | 01,041,536 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfdpsp2.sys
[2009/12/30 20:51:55 | 00,685,056 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfcxts2.sys
[2009/12/30 20:51:55 | 00,220,032 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\drivers\hsfbs2s2.sys
[2009/12/30 20:51:55 | 00,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2009/12/30 20:51:55 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\comsdupd.exe
[2009/12/30 20:51:53 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll
[2009/12/30 20:51:53 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll
[2009/12/30 20:51:53 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll
[2009/12/30 20:51:53 | 00,094,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll
[2009/12/30 20:51:53 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll
[2009/12/30 20:51:53 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll
[2009/12/30 20:51:53 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll
[2009/12/30 20:51:53 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\faxpatch.exe
[2009/12/30 20:51:52 | 00,650,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll
[2009/12/30 20:51:52 | 00,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll
[2009/12/30 20:51:52 | 00,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll
[2009/12/30 20:51:52 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll
[2009/12/30 20:51:52 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll
[2009/12/30 20:51:52 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll
[2009/12/30 20:51:52 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll
[2009/12/30 20:51:52 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll
[2009/12/30 20:51:50 | 00,036,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\bthprint.sys
[2009/12/30 20:51:50 | 00,015,423 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2009/12/30 20:51:50 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll
[2009/12/30 20:51:49 | 04,463,104 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2009/12/30 20:51:49 | 04,463,104 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2mtag.sys
[2009/12/30 20:51:49 | 03,538,496 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\dllcache\ati3duag.dll
[2009/12/30 20:51:49 | 03,538,496 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2009/12/30 20:51:49 | 02,142,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\dllcache\ativvaxx.dll
[2009/12/30 20:51:49 | 02,142,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2009/12/30 20:51:49 | 00,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2009/12/30 20:51:49 | 00,638,976 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2cqag.dll
[2009/12/30 20:51:49 | 00,638,976 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2009/12/30 20:51:49 | 00,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2009/12/30 20:51:49 | 00,327,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2009/12/30 20:51:49 | 00,300,032 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\dllcache\ati2dvag.dll
[2009/12/30 20:51:49 | 00,300,032 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2009/12/30 20:51:49 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll
[2009/12/30 20:51:49 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll
[2009/12/30 20:51:49 | 00,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2009/12/30 20:51:49 | 00,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2009/12/30 20:51:49 | 00,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2009/12/30 20:51:49 | 00,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2009/12/30 20:51:49 | 00,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2009/12/30 20:51:49 | 00,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2009/12/30 20:51:49 | 00,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2009/12/30 20:51:49 | 00,043,008 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\WINDOWS\System32\drivers\amdagp.sys
[2009/12/30 20:51:49 | 00,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2009/12/30 20:51:49 | 00,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2009/12/30 20:51:49 | 00,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2009/12/30 20:51:49 | 00,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2009/12/30 20:51:49 | 00,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2009/12/30 20:51:49 | 00,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2009/12/30 20:51:49 | 00,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2009/12/30 20:51:49 | 00,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2009/12/30 20:51:49 | 00,025,471 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2009/12/30 20:51:49 | 00,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2009/12/30 20:51:49 | 00,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2009/12/30 20:51:49 | 00,021,183 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2009/12/30 20:51:49 | 00,017,279 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2009/12/30 20:51:49 | 00,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2009/12/30 20:51:49 | 00,014,143 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2009/12/30 20:51:49 | 00,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2009/12/30 20:51:49 | 00,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2009/12/30 20:51:49 | 00,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2009/12/30 20:51:49 | 00,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2009/12/30 20:51:49 | 00,011,359 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2009/12/30 20:51:49 | 00,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2009/12/30 20:51:49 | 00,004,255 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2009/12/30 20:51:49 | 00,003,967 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2009/12/30 20:51:49 | 00,003,775 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2009/12/30 20:51:49 | 00,003,711 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2009/12/30 20:51:49 | 00,003,647 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2009/12/30 20:51:49 | 00,003,615 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2009/12/30 20:51:49 | 00,003,135 | ---- | C] (Intel® Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2009/12/30 20:46:33 | 02,959,376 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\HP_Administrator\Desktop\dotnetfx35setup.exe
[2009/12/30 20:45:26 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\HP_Administrator\PrivacIE
[2009/12/30 20:43:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Media Player Classic
[2009/12/30 20:40:01 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\WinBatch
[2009/12/30 20:31:28 | 11,069,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2009/12/30 20:31:28 | 01,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2009/12/30 20:31:28 | 00,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2009/12/30 20:31:28 | 00,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2009/12/30 20:30:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\en-US
[2009/12/30 20:16:23 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/12/30 20:15:04 | 00,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2009/12/30 20:12:49 | 00,515,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_5.dll
[2009/12/30 20:12:47 | 01,974,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_42.dll
[2009/12/30 20:12:47 | 00,238,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_5.dll
[2009/12/30 20:12:46 | 05,501,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dcsx_42.dll
[2009/12/30 20:12:46 | 00,235,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx11_42.dll
[2009/12/30 20:12:45 | 01,892,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_42.dll
[2009/12/30 20:12:45 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_42.dll
[2009/12/30 20:12:44 | 04,178,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_41.dll
[2009/12/30 20:12:44 | 01,846,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_41.dll
[2009/12/30 20:12:44 | 00,453,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_41.dll
[2009/12/30 20:12:44 | 00,069,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_3.dll
[2009/12/30 20:12:43 | 00,517,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_4.dll
[2009/12/30 20:12:43 | 00,235,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_4.dll
[2009/12/30 20:12:43 | 00,022,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_6.dll
[2009/12/30 20:12:42 | 02,036,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_40.dll
[2009/12/30 20:12:42 | 00,452,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_40.dll
[2009/12/30 20:12:41 | 04,379,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_40.dll
[2009/12/30 20:12:40 | 00,514,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_3.dll
[2009/12/30 20:12:40 | 00,070,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_2.dll
[2009/12/30 20:12:39 | 00,235,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_3.dll
[2009/12/30 20:12:39 | 00,023,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_5.dll
[2009/12/30 20:12:38 | 00,509,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_2.dll
[2009/12/30 20:12:38 | 00,068,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_1.dll
[2009/12/30 20:12:37 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_2.dll
[2009/12/30 20:12:36 | 03,851,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_39.dll
[2009/12/30 20:12:36 | 01,493,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_39.dll
[2009/12/30 20:12:36 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_39.dll
[2009/12/30 20:12:35 | 00,507,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_1.dll
[2009/12/30 20:12:35 | 00,065,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAPOFX1_0.dll
[2009/12/30 20:12:34 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_1.dll
[2009/12/30 20:12:34 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_4.dll
[2009/12/30 20:12:33 | 01,491,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_38.dll
[2009/12/30 20:12:33 | 00,467,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_38.dll
[2009/12/30 20:12:32 | 03,850,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_38.dll
[2009/12/30 20:12:30 | 00,479,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\XAudio2_0.dll
[2009/12/30 20:12:30 | 00,238,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine3_0.dll
[2009/12/30 20:12:29 | 00,025,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_3.dll
[2009/12/30 20:12:28 | 03,786,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DX9_37.dll
[2009/12/30 20:12:28 | 01,420,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_37.dll
[2009/12/30 20:12:28 | 00,462,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_37.dll
[2009/12/30 20:12:27 | 00,267,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_10.dll
[2009/12/30 20:12:26 | 03,734,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_36.dll
[2009/12/30 20:12:26 | 01,374,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_36.dll
[2009/12/30 20:12:26 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_36.dll
[2009/12/30 20:12:25 | 00,267,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_9.dll
[2009/12/30 20:12:24 | 03,727,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_35.dll
[2009/12/30 20:12:24 | 01,358,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_35.dll
[2009/12/30 20:12:24 | 00,444,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_35.dll
[2009/12/30 20:12:23 | 00,266,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_8.dll
[2009/12/30 20:12:23 | 00,017,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\X3DAudio1_2.dll
[2009/12/30 20:12:22 | 03,497,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_34.dll
[2009/12/30 20:12:22 | 01,124,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_34.dll
[2009/12/30 20:12:22 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_34.dll
[2009/12/30 20:12:21 | 00,081,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_3.dll
[2009/12/30 20:12:20 | 00,261,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_7.dll
[2009/12/30 20:12:19 | 03,495,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_33.dll
[2009/12/30 20:12:19 | 01,123,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\D3DCompiler_33.dll
[2009/12/30 20:12:19 | 00,443,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx10_33.dll
[2009/12/30 20:12:18 | 00,255,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_6.dll
[2009/12/30 20:12:17 | 00,251,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_5.dll
[2009/12/30 20:12:16 | 03,426,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_32.dll
[2009/12/30 20:12:15 | 02,414,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_31.dll
[2009/12/30 20:12:15 | 00,237,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_4.dll
[2009/12/30 20:12:15 | 00,015,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_1.dll
[2009/12/30 20:12:14 | 00,236,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_3.dll
[2009/12/30 20:12:13 | 00,230,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_2.dll
[2009/12/30 20:12:13 | 00,062,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_2.dll
[2009/12/30 20:12:12 | 00,062,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput1_1.dll
[2009/12/30 20:12:11 | 02,388,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_30.dll
[2009/12/30 20:12:11 | 00,229,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_1.dll
[2009/12/30 20:12:10 | 02,332,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_29.dll
[2009/12/30 20:12:10 | 02,323,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_28.dll
[2009/12/30 20:12:10 | 00,230,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xactengine2_0.dll
[2009/12/30 20:12:10 | 00,014,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\x3daudio1_0.dll
[2009/12/30 20:12:09 | 02,319,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_27.dll
[2009/12/30 20:12:09 | 00,061,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\xinput9_1_0.dll
[2009/12/30 20:12:08 | 02,337,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_25.dll
[2009/12/30 20:12:08 | 02,297,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_26.dll
[2009/12/30 20:12:07 | 02,222,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\d3dx9_24.dll
[2009/12/30 20:09:04 | 46,510,828 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Documents and Settings\HP_Administrator\Desktop\9-12_xp32_dd_ccc_wdm_enu.exe
[2009/12/30 20:06:59 | 00,730,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll
[2009/12/30 20:06:58 | 02,145,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2009/12/30 20:06:57 | 02,189,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2009/12/30 20:06:56 | 02,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2009/12/30 20:06:12 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2009/12/30 20:05:52 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2009/12/30 20:05:43 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll
[2009/12/30 20:05:19 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2009/12/30 20:04:57 | 00,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2009/12/30 20:04:54 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys
[2009/12/30 19:58:30 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Macromedia
[2009/12/30 19:55:33 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2009/12/30 19:52:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\My Received Files
[2009/12/30 19:51:48 | 00,044,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll
[2009/12/30 19:51:48 | 00,021,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wucltui.dll.mui
[2009/12/30 19:51:47 | 00,017,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaueng.dll.mui
[2009/12/30 19:51:47 | 00,015,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuaucpl.cpl.mui
[2009/12/30 19:51:47 | 00,015,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui
[2009/12/30 19:51:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2009/12/30 19:50:50 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\HP_Administrator\UserData
[2009/12/30 19:50:40 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/12/30 19:50:36 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Administrator\Recent
[2009/12/30 19:50:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\setupupd
[2009/12/30 19:42:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Intuit
[2009/12/30 19:42:48 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Identities
[2009/12/30 19:42:47 | 00,000,000 | --SD | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft
[2009/12/30 19:42:47 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Administrator\SendTo
[2009/12/30 19:42:47 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\HP_Administrator\Application Data
[2009/12/30 19:42:47 | 00,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\Start Menu
[2009/12/30 19:42:47 | 00,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\My Videos
[2009/12/30 19:42:47 | 00,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\My Pictures
[2009/12/30 19:42:47 | 00,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\My Music
[2009/12/30 19:42:47 | 00,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\My Documents
[2009/12/30 19:42:47 | 00,000,000 | R--D | C] -- C:\Documents and Settings\HP_Administrator\Favorites
[2009/12/30 19:42:47 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\HP_Administrator\IETldCache
[2009/12/30 19:42:47 | 00,000,000 | -HSD | C] -- C:\Documents and Settings\HP_Administrator\Cookies
[2009/12/30 19:42:47 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\HP_Administrator\Templates
[2009/12/30 19:42:47 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\HP_Administrator\PrintHood
[2009/12/30 19:42:47 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\HP_Administrator\NetHood
[2009/12/30 19:42:47 | 00,000,000 | -H-D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings
[2009/12/30 19:42:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\WINDOWS
[2009/12/30 19:42:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Wildtangent
[2009/12/30 19:42:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Real
[2009/12/30 19:42:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Mozilla
[2009/12/30 19:42:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla
[2009/12/30 19:42:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Microsoft
[2009/12/30 19:42:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Desktop
[2009/12/30 19:42:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\ApplicationHistory
[2009/12/30 19:42:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\{3248F0A6-6813-11D6-A77B-00B0D0150060}
[2009/12/30 18:04:54 | 00,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2009/12/30 03:46:18 | 00,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2009/12/30 02:14:06 | 00,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2009/12/30 02:05:25 | 00,000,000 | ---D | C] -- C:\ERDNT
[2009/12/30 02:05:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2009/12/30 02:05:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/12/30 02:05:15 | 00,000,000 | ---D | C] -- C:\!FixIEDef
[2009/12/30 01:52:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\pss
[2009/12/29 21:02:47 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Defender
[2009/12/29 19:05:50 | 00,000,000 | -H-D | C] -- C:\$AVG
[2009/12/29 19:05:16 | 00,000,000 | ---D | C] -- C:\Program Files\AVG
[2009/12/29 19:05:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/12/29 14:35:56 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\WindSolutions
[2009/12/26 14:27:50 | 00,000,000 | ---D | C] -- C:\Program Files\Warcraft III
[2009/12/06 21:15:12 | 00,000,000 | ---D | C] -- C:\Program Files\iPod
[2009/12/06 21:15:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/12/06 21:14:54 | 00,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2009/12/01 00:09:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2006/08/17 14:51:11 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
[2006/08/17 14:51:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
[2006/08/17 14:51:10 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
[2006/08/17 14:51:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
[2006/02/19 09:28:56 | 00,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\Fonts\RandFont.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2009/12/30 23:01:03 | 00,004,716 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Desktop\New Wordpad Document.doc
[2009/12/30 22:58:58 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\HP_Administrator\Desktop\OTL.exe
[2009/12/30 22:58:39 | 01,310,720 | -H-- | M] () -- C:\Documents and Settings\HP_Administrator\NTUSER.DAT
[2009/12/30 22:57:10 | 00,000,246 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2009/12/30 22:56:32 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/12/30 22:56:30 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/12/30 22:55:17 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\HP_Administrator\ntuser.ini
[2009/12/30 22:54:40 | 31,123,861 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Documents and Settings\HP_Administrator\Desktop\WDM_R240.exe
[2009/12/30 22:53:23 | 01,941,232 | ---- | M] (Hewlett-Packard Development Company, L.P. ) -- C:\Documents and Settings\HP_Administrator\Desktop\sp37394.exe
[2009/12/30 21:59:08 | 00,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/12/30 21:43:55 | 00,382,022 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/12/30 21:43:55 | 00,053,640 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/12/30 21:43:54 | 00,441,626 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/12/30 21:34:13 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/12/30 21:22:11 | 00,001,879 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates From HP.lnk
[2009/12/30 21:14:06 | 00,185,816 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/12/30 21:08:53 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2009/12/30 20:57:02 | 00,250,048 | RHS- | M] () -- C:\ntldr
[2009/12/30 20:46:39 | 02,959,376 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\HP_Administrator\Desktop\dotnetfx35setup.exe
[2009/12/30 20:36:00 | 03,170,488 | -H-- | M] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\IconCache.db
[2009/12/30 20:27:06 | 00,003,584 | ---- | M] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/30 20:09:07 | 46,510,828 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Documents and Settings\HP_Administrator\Desktop\9-12_xp32_dd_ccc_wdm_enu.exe
[2009/12/30 19:50:51 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/12/30 19:48:51 | 00,001,840 | RHS- | M] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_RJ181AA-ABA a1600n_YC_0Pavi_QMXF646_E64NAemMPA4_48_INODUSM3_SASUSTek Computer INC._V1.05_B3.10_T061213_WXP2_L409_M3583_J200_7AMD_8Athlon 64 X2 Dual Core_92_#061216_N_Z_G_OTSSTcorp CD DVDW TS-H652L_D.MRK
[2009/12/30 19:41:50 | 00,001,111 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2009/12/30 19:41:45 | 00,262,144 | ---- | M] () -- C:\Documents and Settings\All Users\NTUSER.DAT
[2009/12/30 19:40:56 | 00,000,211 | RHS- | M] () -- C:\BOOT.BAK
[2009/12/30 18:37:11 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/12/30 01:51:20 | 00,000,008 | RHS- | M] () -- C:\Documents and Settings\All Users\ntuser.pol
[2009/12/21 01:21:25 | 00,000,754 | ---- | M] () -- C:\WINDOWS\WORDPAD.INI
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2009/12/30 22:58:38 | 00,004,716 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Desktop\New Wordpad Document.doc
[2009/12/30 21:22:11 | 00,001,879 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Updates From HP.lnk
[2009/12/30 21:11:32 | 00,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009/12/30 21:11:32 | 00,373,600 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.cap
[2009/12/30 21:11:32 | 00,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2009/12/30 21:11:32 | 00,196,565 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009/12/30 21:11:32 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2009/12/30 21:11:32 | 00,007,167 | ---- | C] () -- C:\WINDOWS\System32\atifglpf.xml
[2009/12/30 21:11:32 | 00,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009/12/30 20:52:03 | 00,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2009/12/30 20:51:56 | 00,000,974 | ---- | C] () -- C:\WINDOWS\System32\pid.inf
[2009/12/30 20:51:52 | 00,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2009/12/30 20:51:49 | 00,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2009/12/30 20:27:06 | 00,003,584 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/12/30 19:48:50 | 00,001,840 | RHS- | C] () -- C:\WINDOWS\System32\drivers\103C_HP_CPC_RJ181AA-ABA a1600n_YC_0Pavi_QMXF646_E64NAemMPA4_48_INODUSM3_SASUSTek Computer INC._V1.05_B3.10_T061213_WXP2_L409_M3583_J200_7AMD_8Athlon 64 X2 Dual Core_92_#061216_N_Z_G_OTSSTcorp CD DVDW TS-H652L_D.MRK
[2009/12/30 19:42:51 | 00,000,136 | ---- | C] () -- C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\fusioncache.dat
[2009/12/30 19:42:47 | 01,310,720 | -H-- | C] () -- C:\Documents and Settings\HP_Administrator\NTUSER.DAT
[2009/12/30 19:42:47 | 00,000,178 | -HS- | C] () -- C:\Documents and Settings\HP_Administrator\ntuser.ini
[2009/12/30 01:50:32 | 00,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\ntuser.pol
[2009/12/21 01:21:25 | 00,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2009/11/26 13:04:02 | 00,193,656 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2009/10/22 20:52:44 | 00,000,262 | ---- | C] () -- C:\WINDOWS\{789289CA-F73A-4A16-A331-54D498CE069F}_WiseFW.ini
[2006/08/17 16:16:20 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/08/17 15:54:56 | 00,028,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\USBkey.sys
[2006/08/17 15:48:19 | 00,014,316 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2006/08/17 15:48:13 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2006/08/17 15:44:40 | 00,000,174 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/08/17 15:30:41 | 00,000,157 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/08/17 15:30:00 | 00,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/08/17 15:24:41 | 00,000,368 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/08/17 15:23:41 | 00,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2006/08/17 15:20:17 | 01,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2006/08/17 15:20:17 | 01,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2006/08/17 15:20:17 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2006/08/17 15:20:17 | 00,573,440 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006/08/17 15:20:17 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2006/08/17 15:20:17 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2006/08/17 15:20:17 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2006/08/17 15:18:57 | 00,000,791 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/08/17 14:54:40 | 00,323,584 | ---- | C] () -- C:\WINDOWS\System32\pythoncom22.dll
[2006/08/17 14:54:40 | 00,094,208 | ---- | C] () -- C:\WINDOWS\System32\pywintypes22.dll
[2006/08/17 14:54:19 | 00,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2006/06/16 10:58:18 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2005/08/05 20:01:54 | 00,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/08/02 22:19:16 | 00,050,176 | ---- | C] () -- C:\WINDOWS\armcex.dll
[2004/09/16 19:24:26 | 03,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2004/07/26 06:51:38 | 00,000,560 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini

========== Custom Scans ==========


< %ALLUSERSPROFILE%\Application Data\*. >
[2006/08/17 15:45:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Adobe
[2009/08/22 16:51:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL
[2009/08/22 16:52:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AOL OCP
[2009/11/30 20:34:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple
[2009/11/30 20:35:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Apple Computer
[2009/11/30 19:19:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ATI
[2009/12/29 20:21:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
[2009/07/28 12:31:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Avira
[2009/11/24 02:54:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BioWare
[2006/08/17 15:39:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink
[2009/10/23 22:02:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
[2006/08/17 15:36:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Digital Interactive Systems Corporation
[2009/11/17 00:01:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverCure
[2006/08/17 16:11:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
[2006/08/17 15:31:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InstallShield
[2006/08/17 15:44:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Intuit
[2006/08/17 15:41:23 | 00,000,000 | --SD | M] -- C:\Documents and Settings\All Users\Application Data\Microsoft
[2009/11/19 00:39:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2009/11/11 02:02:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nero
[2009/10/25 02:51:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NOS
[2009/10/25 15:51:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
[2009/07/28 12:25:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2009/11/16 01:54:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
[2006/08/17 15:19:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SBSI
[2006/08/17 15:25:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sonic
[2009/12/30 04:38:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2009/12/30 20:37:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2009/12/30 18:52:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/12/01 00:09:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trymedia
[2009/08/22 16:51:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/12/30 20:24:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WildTangent
[2009/07/27 18:56:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
[2009/12/29 14:47:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WindSolutions
[2009/12/06 21:15:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}

< %ALLUSERSPROFILE%\Application Data\*.exe /s >
[2009/02/04 14:56:14 | 00,075,112 | ---- | M] (GEAR Software, Inc.) -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}\x86\DifXInstall32.exe
[2009/11/12 17:07:12 | 00,079,144 | ---- | M] (Apple Inc.) -- C:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.0.2.25\SetupAdmin.exe
[2001/09/25 10:05:58 | 01,707,856 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard\HP Boot Optimizer\InstMsiA.Exe
[2001/09/11 13:04:42 | 01,821,008 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard\HP Boot Optimizer\InstMsiW.Exe
[2003/03/18 20:03:28 | 00,110,592 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard\HP Boot Optimizer\Setup.Exe
[2005/06/15 21:08:46 | 02,393,338 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Sku\Qnue\Custom\inprod_deluxe.exe
[2005/06/15 23:07:48 | 03,514,373 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Sku\Qnue\Custom\inprod_premier.exe
[2005/06/15 21:10:04 | 02,402,304 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Sku\Qnue\Custom\inprod_qnue.exe
[2005/06/15 21:10:28 | 03,410,304 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Intuit\Quicken\Sku\Qnue\Custom\quicken_start.exe
[2009/10/25 02:35:41 | 00,086,016 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\NOS\Adobe_Downloads\arh.exe
[2009/10/27 03:46:35 | 00,006,144 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator\sp_rsdel.exe
[2006/05/23 16:55:20 | 00,090,392 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\WildTangent\oem-eula.exe

< %APPDATA%\*. >
[2005/11/14 17:04:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\Identities
[2006/08/17 15:44:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\Intuit
[2009/12/30 19:58:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\Macromedia
[2009/12/30 20:43:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\Media Player Classic
[2009/12/30 19:56:45 | 00,000,000 | --SD | M] -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft
[2009/12/30 18:56:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\Mozilla
[2006/08/17 15:30:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\Real
[2009/12/30 20:40:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\HP_Administrator\Application Data\WinBatch

< %APPDATA%\*.exe /s >
[2009/12/30 21:11:23 | 00,010,134 | R--- | M] () -- C:\Documents and Settings\HP_Administrator\Application Data\Microsoft\Installer\{A778A787-08A4-4089-CB68-02A9737DE532}\ARPPRODUCTICON.exe

< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2008/04/13 10:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 10:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\agp440.sys
[2008/04/13 10:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2008/04/13 10:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 10:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\atapi.sys
[2008/04/13 10:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 04:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

< MD5 for: EVENTLOG.DLL >
[2008/04/13 16:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 16:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\eventlog.dll
[2008/04/13 16:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
[2004/08/09 20:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

< MD5 for: IASTOR.SYS >
[2005/06/17 05:33:40 | 00,872,064 | ---- | M] (Intel Corporation) MD5=9A65E42664D1534B68512CAAD0EFE963 -- C:\hp\drivers\Intel_5_1_0_1022_PV\iastor.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 16:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 16:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\netlogon.dll
[2008/04/13 16:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 10:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[2009/02/06 10:46:09 | 00,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[2004/08/09 20:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

< MD5 for: NVGTS.SYS >
[2009/06/30 17:31:18 | 00,164,896 | ---- | M] (NVIDIA Corporation) MD5=17F915C35450783A446E70693AFA749B -- C:\NVIDIA\nForce\15.45\International\IDE\WinXP\sataraid\nvgts.sys
[2009/06/30 17:31:00 | 00,164,896 | ---- | M] (NVIDIA Corporation) MD5=619D8943725402D1179941FD58574CC8 -- C:\NVIDIA\nForce\15.45\International\IDE\WinXP\sata_ide\nvgts.sys

< MD5 for: NVRD32.SYS >
[2009/06/30 17:31:18 | 00,139,296 | ---- | M] (NVIDIA Corporation) MD5=C0B63B73BC79C48EAF53900E494F6DE9 -- C:\NVIDIA\nForce\15.45\International\IDE\WinXP\sataraid\nvrd32.sys

< MD5 for: SCECLI.DLL >
[2004/08/09 20:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 16:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 16:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\SoftwareDistribution\Download\9866fb57abdc0ea2f5d4e132d055ba4e\scecli.dll
[2008/04/13 16:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll

< %systemroot%\*. /mp /s >

< c:\$recycle.bin\*.* /s >

< %systemroot%\system32\*.dll /lockedfiles >
[2008/04/13 16:11:51 | 01,267,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\comsvcs.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

========== Alternate Data Streams ==========

@Alternate Data Stream - 154 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B3D74A13
@Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:05EE1EEF
< End of report >

==EXTRAS.TXT===
OTL Extras logfile created on: 12/30/2009 11:01:16 PM - Run 1
OTL by OldTimer - Version 3.1.20.1 Folder = C:\Documents and Settings\HP_Administrator\Desktop
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 87.00% Memory free
5.00 Gb Paging File | 5.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 88.74 Gb Total Space | 34.71 Gb Free Space | 39.11% Space Free | Partition Type: NTFS
Drive D: | 88.72 Gb Total Space | 2.37 Gb Free Space | 2.67% Space Free | Partition Type: NTFS
Drive E: | 8.83 Gb Total Space | 0.55 Gb Free Space | 6.19% Space Free | Partition Type: FAT32
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: HP_DESKTOP
Current User Name: HP_Administrator
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Standard

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 1
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP -- (Hewlett-Packard)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\DISC\DISCover.exe" = C:\Program Files\DISC\DISCover.exe:*:Enabled:DISCover Drop & Play System -- (Digital Interactive Systems Corporation)
"C:\Program Files\DISC\DiscStreamHub.exe" = C:\Program Files\DISC\DiscStreamHub.exe:*:Enabled:DISCover Stream Hub -- (Digital Interactive Systems Corporation, Inc.)
"C:\Program Files\DISC\myFTP.exe" = C:\Program Files\DISC\myFTP.exe:*:Enabled:DISCover FTP -- (Digital Interactive Systems Corporation, Inc.)
"C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe" = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe:*:Enabled:Updates from HP -- (Hewlett-Packard)
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- File not found


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01840D1A-3B62-1E2A-9997-C9B9007F1E5F}" = Catalyst Control Center Core Implementation
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic RecordNow Data
"{0A65A3BD-54B5-4d0d-B084-7688507813F5}" = SlideShow
"{1341D838-719C-4A05-B50F-49420CA1B4BB}" = HP Boot Optimizer
"{15C0AF59-4877-49B6-B8C6-A61CE54515F5}" = cp_OnlineProjectsConfig
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"{2376813B-2E5A-4641-B7B3-A0D5ADB55229}" = HPPhotoSmartExpress
"{2818095F-FB6C-42C8-827E-0A406CC9AFF5}" = Quicken 2006
"{2F58D60D-2BFD-4467-9B4D-64E7355C329D}" = Sonic_PrimoSDK
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{32BAA79B-CBB2-3693-A0E3-71EA4A1E9761}" = ccc-core-static
"{33BA828D-CF19-0B52-8483-61FCFD83F75D}" = Catalyst Control Center HydraVision Full
"{33BF0960-DBA3-4187-B6CC-C969FCFA2D25}" = SkinsHP1
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{362CCC45-63D1-9688-C74D-F32F1B0CD919}" = CCC Help English
"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{4183E4E3-F943-416C-D4E1-0673F1CBA6E1}" = ccc-utility
"{41E776A5-9B12-416D-9A12-B4F7B044EBED}" = CP_Package_Basic1
"{45B8A76B-57EC-4242-B019-066400CD8428}" = BufferChm
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 2.1
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{5FDD0538-C67A-4F67-B3F8-09D1AAF04D99}" = muvee autoProducer unPlugged 2.0
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6696D9A4-28A8-4F5A-8E9A-2E8974C8C39C}" = RandMap
"{69FAC221-570C-A7A2-10FF-30F3BDDED603}" = Catalyst Control Center Graphics Light
"{6F42FC6B-947B-9B89-29B0-545F0815AD7F}" = ATI Parental Control & Encoder
"{7131646D-CD3C-40F4-97B9-CD9E4E6262EF}" = Microsoft .NET Framework 2.0
"{72736F5F-520D-472A-88CC-7B02872FD34E}" = ATI Catalyst Registration
"{77C4F53F-8618-B4AC-A54D-694CA504BC2E}" = Catalyst Control Center Graphics Full Existing
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX
"{82081779-4175-4666-A457-AB711CD37EF0}" = cp_LightScribeConfig
"{829DAAD6-BB11-4BB7-921B-07FFB703F944}" = CP_Package_Variety3
"{82E55892-6FFD-403F-AA97-D726846768AA}" = CP_AtenaShokunin1Config
"{866A0078-DEA7-4348-9C9A-999AF2991EAA}" = SlideShowMusic
"{8A534F71-3202-4464-A422-B767295E67B9}" = CP_Package_Variety2
"{8CE4E6E9-9D55-43FB-9DDB-688C976BFC05}" = Unload
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{93E5A317-24EC-4744-812C-16FECFE86E6A}" = CP_Package_Variety1
"{9F7AF7CD-E3D0-4C68-A3BA-C76C359B3AA8}" = LightScribe 1.4.105.1
"{A29800BA-0BF1-4E63-9F31-DF05A87F4104}" = InstantShareDevices
"{A52C4BAB-E8E7-906E-EF34-91EA765505BE}" = ccc-core-preinstall
"{A778A787-08A4-4089-CB68-02A9737DE532}" = Catalyst Control Center InstallProxy
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic RecordNow Audio
"{AC76BA86-7AD7-1033-7B44-A70500000002}" = Adobe Reader 7.0.5
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic RecordNow Copy
"{B2157760-AA3C-4E2E-BFE6-D20BC52495D9}" = cp_PosterPrintConfig
"{B6286A44-7505-471A-A72B-04EC2DB2F442}" = CueTour
"{B69CFE29-FD03-4E0A-87A7-6ED97F98E5B3}" = CP_Panorama1Config
"{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}" = HP Software Update
"{C1C6767D-B395-43CB-BF99-051B58B86DA6}" = PhotoGallery
"{C3FAA091-B278-44A7-BF48-190811C5F9F7}" = cp_UpdateProjectsConfig
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{DAAD5187-62C5-4AD6-A526-803C18C4944D}" = HP Web Helper
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{EB2E2ED5-DE74-F09D-3B23-0C4BA51D8C60}" = Catalyst Control Center Graphics Previews Common
"{ED2C557E-9C18-41FF-B58E-A05EEF0B3B5F}" = CP_CalendarTemplates1
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F80239D8-7811-4D5E-B033-0D0BBFE32920}" = HP DigitalMedia Archive
"{FB15E224-67C3-491F-9F5C-F257BC418412}" = Destinations
"{FB4740B3-2530-452D-A825-F7AB246CA7DF}" = muvee autoProducer 5.0
"{FDE0EEEA-B1CD-BFED-22BB-AD87B886CC47}" = Catalyst Control Center Graphics Full New
"ATI Display Driver" = ATI Display Driver
"AwayMode160" = Microsoft Away Mode
"B3EE3001-DC24-4cd1-8743-5692C716659F" = Otto
"CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1" = Data Fax SoftModem with SmartCP
"DISCover" = DISCover
"HP Imaging Device Functions" = HP Imaging Device Functions 7.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.5
"HP Photosmart for Media Center PC" = HP Photosmart for Media Center PC
"HPOOVClient-9972322 Uninstaller" = Updates from HP (remove only)
"ie8" = Windows Internet Explorer 8
"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0" = Microsoft .NET Framework 2.0
"Money2006b" = Microsoft Money 2006
"NVIDIA Drivers" = NVIDIA Drivers
"PC-Doctor 5 for Windows" = PC-Doctor 5 for Windows
"Python 2.2.3" = Python 2.2.3
"pywin32-py2.2" = Python 2.2 pywin32 extensions (build 203)
"RealPlayer 6.0" = RealPlayer
"ShockwaveFlash" = Macromedia Flash Player 8
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Service Pack" = Windows XP Service Pack 3

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 12/31/2009 2:01:36 AM | Computer Name = HP_DESKTOP | Source = MsiInstaller | ID = 10005
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 -- There is a
problem with this Windows Installer package. Please refer to the setup log for
more information.

Error - 12/31/2009 2:01:37 AM | Computer Name = HP_DESKTOP | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework CLR' could not be installed. Error code 1603. Additional information
is available in the log file C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\dd_NET_Framework20_Setup58F0.txt.

Error - 12/31/2009 2:01:37 AM | Computer Name = HP_DESKTOP | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework CA' could not be installed. Error code 1603. Additional information is
available in the log file C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\dd_NET_Framework20_Setup58F0.txt.

Error - 12/31/2009 2:01:37 AM | Computer Name = HP_DESKTOP | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework CRT' could not be installed. Error code 1603. Additional information
is available in the log file C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\dd_NET_Framework20_Setup58F0.txt.

Error - 12/31/2009 2:01:37 AM | Computer Name = HP_DESKTOP | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework PreXP' could not be installed. Error code 1603. Additional information
is available in the log file C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\dd_NET_Framework20_Setup58F0.txt.

Error - 12/31/2009 2:01:37 AM | Computer Name = HP_DESKTOP | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update 'Dr.
Watson' could not be installed. Error code 1603. Additional information is available
in the log file C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\dd_NET_Framework20_Setup58F0.txt.

Error - 12/31/2009 2:01:37 AM | Computer Name = HP_DESKTOP | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework 1' could not be installed. Error code 1603. Additional information is
available in the log file C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\dd_NET_Framework20_Setup58F0.txt.

Error - 12/31/2009 2:01:37 AM | Computer Name = HP_DESKTOP | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework 2' could not be installed. Error code 1603. Additional information is
available in the log file C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\dd_NET_Framework20_Setup58F0.txt.

Error - 12/31/2009 2:01:37 AM | Computer Name = HP_DESKTOP | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework ASP .NET' could not be installed. Error code 1603. Additional information
is available in the log file C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\dd_NET_Framework20_Setup58F0.txt.

Error - 12/31/2009 2:01:37 AM | Computer Name = HP_DESKTOP | Source = MsiInstaller | ID = 1023
Description = Product: Microsoft .NET Framework 2.0 Service Pack 2 - Update '.NET
Framework WinForms' could not be installed. Error code 1603. Additional information
is available in the log file C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\dd_NET_Framework20_Setup58F0.txt.

[ System Events ]
Error - 12/31/2009 1:12:21 AM | Computer Name = HP_DESKTOP | Source = SideBySide | ID = 16842786
Description = Component identity found in manifest does not match the identity of
the component requested

Error - 12/31/2009 1:12:21 AM | Computer Name = HP_DESKTOP | Source = SideBySide | ID = 16842810
Description = Syntax error in manifest or policy file "C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Previews-Common\Microsoft.VC80.CRT.MANIFEST"
on line 4.

Error - 12/31/2009 1:12:21 AM | Computer Name = HP_DESKTOP | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\Program Files\ATI Technologies\ATI.ACE\Graphics-Previews-Common\Ticker.ax.
Reference
error message: The operation completed successfully. .

Error - 12/31/2009 1:14:45 AM | Computer Name = HP_DESKTOP | Source = SideBySide | ID = 16842784
Description = Dependent Assembly Microsoft.VC80.CRT could not be found and Last
Error was The referenced assembly is not installed on your system.

Error - 12/31/2009 1:14:45 AM | Computer Name = HP_DESKTOP | Source = SideBySide | ID = 16842811
Description = Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error
message: The referenced assembly is not installed on your system. .

Error - 12/31/2009 1:14:46 AM | Computer Name = HP_DESKTOP | Source = SideBySide | ID = 16842811
Description = Generate Activation Context failed for C:\WINDOWS\system32\atiadlxx.dll.
Reference
error message: The operation completed successfully. .

Error - 12/31/2009 1:45:17 AM | Computer Name = HP_DESKTOP | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework
3.5 Family Update (KB951847) x86.

Error - 12/31/2009 1:47:35 AM | Computer Name = HP_DESKTOP | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework
3.5 Family Update (KB951847) x86.

Error - 12/31/2009 1:58:48 AM | Computer Name = HP_DESKTOP | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework
3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86.

Error - 12/31/2009 2:01:53 AM | Computer Name = HP_DESKTOP | Source = Windows Update Agent | ID = 20
Description = Installation Failure: Windows failed to install the following update
with error 0x80070643: Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework
3.5 Family Update for .NET versions 2.0 through 3.5 (KB951847) x86.


< End of report >
  • 0

#4
daic
Posted 31 December 2009 - 03:01 AM

daic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Continued....

===GMER.TXT===


GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2009-12-31 00:47:08
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\kwdoykog.sys


---- System - GMER 1.0.15 ----
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2009-12-31 00:47:08
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\kwdoykog.sys


---- System - GMER 1.0.15 ----

SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAcceptConnectPort [0x805A4614]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheck [0x805F0AEA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckAndAuditAlarm [0x805F4320]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByType [0x805F0B1C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByTypeAndAuditAlarm [0x805F435A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByTypeResultList [0x805F0B52]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByTypeResultListAndAuditAlarm [0x805F439E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAccessCheckByTypeResultListAndAuditAlarmByHandle [0x805F43E2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAddAtom [0x806153CE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAddBootEntry [0x80616110]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAdjustGroupsToken [0x805EBEE8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAdjustPrivilegesToken [0x805EBB40]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlertResumeThread [0x805D4B48]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAlertThread [0x805D4AF8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateLocallyUniqueId [0x806159F4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateUserPhysicalPages [0x805B5F80]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateUuids [0x80615010]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAllocateVirtualMemory [0x805A8A9E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAreMappedFilesTheSame [0x805B0594]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwAssignProcessToJobObject [0x805D660C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCallbackReturn [0x8050189C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCancelDeviceWakeupRequest [0x80616102]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCancelIoFile [0x80576AE6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCancelTimer [0x80538BE2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwClearEvent [0x8060E5DE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwClose [0x805BC4FA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCloseObjectAuditAlarm [0x805F485A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCompactKeys [0x80623382]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCompareTokens [0x805F8D6A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCompleteConnectPort [0x805A4D02]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCompressKey [0x806235D6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwConnectPort [0x805A45B4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwContinue [0x80544E7C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateDebugObject [0x80641EA8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateDirectoryObject [0x805BE4AA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateEvent [0x8060E62E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateEventPair [0x80616986]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateFile [0x80579084]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateIoCompletion [0x80578A62]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateJobObject [0x805D55D0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateJobSet [0x805D5308]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateKey [0x806237B2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateMailslotFile [0x80579192]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateMutant [0x80616D7E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateNamedPipeFile [0x805790BE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreatePagingFile [0x805AB9D2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreatePort [0x805A50D0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateProcess [0x805D11FA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateProcessEx [0x805D1144]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateProfile [0x8061719E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateSection [0x805AB3AC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateSemaphore [0x8061472E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateSymbolicLinkObject [0x805C39C4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateThread [0x805D0FE2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateTimer [0x8061664E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateToken [0x805F9112]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateWaitablePort [0x805A50F4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDebugActiveProcess [0x80642F84]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDebugContinue [0x806430D4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDelayExecution [0x80616052]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteAtom [0x80615884]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteFile [0x80576C2C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteKey [0x80623C42]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteObjectAuditAlarm [0x805F4966]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeleteValueKey [0x80623E12]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDeviceIoControlFile [0x8057924A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDisplayString [0x806126AC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDuplicateObject [0x805BDFD2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwDuplicateToken [0x805ECD96]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnumerateKey [0x80623FF2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnumerateSystemEnvironmentValuesEx [0x806160F4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwEnumerateValueKey [0x8062425C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwExtendSection [0x805B3CA0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFilterToken [0x805ECF42]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFindAtom [0x80615638]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushBuffersFile [0x80576CF8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushInstructionCache [0x805B6814]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushKey [0x806244C6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushVirtualMemory [0x805AC6E6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFlushWriteBuffer [0x805B67B6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFreeUserPhysicalPages [0x805B6322]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFreeVirtualMemory [0x805B2F7C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwFsControlFile [0x8057927E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetContextThread [0x805D14F4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetDevicePowerState [0x805C864E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetPlugPlayEvent [0x80599116]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwGetWriteWatch [0x8052118A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwImpersonateAnonymousToken [0x805F8A5E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwImpersonateClientOfPort [0x805A515E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwImpersonateThread [0x805D77CC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwInitializeRegistry [0x80621908]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwInitiatePowerAction [0x805C8434]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwIsProcessInJob [0x805D51CC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwIsSystemResumeAutomatic [0x805C863A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwListenPort [0x805A536A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLoadDriver [0x8058413A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLoadKey [0x806259AE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLoadKey2 [0x806255BA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLockFile [0x805792B2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLockProductActivationKeys [0x80612C9E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLockRegistryKey [0x80623682]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwLockVirtualMemory [0x805B691C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMakePermanentObject [0x805BE2A0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMakeTemporaryObject [0x805BC59E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMapUserPhysicalPages [0x805B53E0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMapUserPhysicalPagesScatter [0x805B5930]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwMapViewOfSection [0x805B2004]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwNotifyChangeDirectoryFile [0x80579ECA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwNotifyChangeKey [0x80625978]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwNotifyChangeMultipleKeys [0x806245C8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenDirectoryObject [0x805BE57C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenEvent [0x8060E72E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenEventPair [0x80616A5E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenFile [0x8057A182]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenIoCompletion [0x80578B3A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenJobObject [0x805D5756]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenKey [0x80624B84]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenMutant [0x80616E56]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenObjectAuditAlarm [0x805F4428]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenProcess [0x805CB40A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenProcessToken [0x805ED730]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenProcessTokenEx [0x805ED394]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenSection [0x805AA3D0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenSemaphore [0x80614828]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenSymbolicLinkObject [0x805C3BAA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenThread [0x805CB696]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenThreadToken [0x805ED74E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenThreadTokenEx [0x805ED504]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenTimer [0x80616770]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPlugPlayControl [0x80645176]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPowerInformation [0x805C94BC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrivilegeCheck [0x805F7B10]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrivilegeObjectAuditAlarm [0x805F373A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPrivilegedServiceAuditAlarm [0x805F3926]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwProtectVirtualMemory [0x805B83E8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwPulseEvent [0x8060E7E6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryAttributesFile [0x80576ED6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDebugFilterState [0x8053FBC6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDefaultLocale [0x806103D8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDefaultUILanguage [0x80611038]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDirectoryFile [0x80579E64]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryDirectoryObject [0x805BE61C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryEaFile [0x8057A1B2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryEvent [0x8060E8AE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryFullAttributesFile [0x8057702A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationAtom [0x806158AC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationFile [0x8057AA1E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationJobObject [0x805D5C28]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationPort [0x805A53C8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationProcess [0x805CCF5E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationThread [0x805CBB8C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInformationToken [0x805ED82E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryInstallUILanguage [0x806107D6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryIntervalProfile [0x80617620]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryIoCompletion [0x80578BE2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryKey [0x80624EAA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryMultipleValueKey [0x80622900]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryMutant [0x80616EFE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryObject [0x805C5296]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryOpenSubKeys [0x80622FAC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryPerformanceCounter [0x806176AE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryQuotaInformationFile [0x8057B800]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySection [0x805B85AA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySecurityObject [0x805C0064]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySemaphore [0x806148E0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySymbolicLinkObject [0x805C3C4A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySystemEnvironmentValue [0x8061612C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySystemEnvironmentValueEx [0x806160E6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySystemInformation [0x806110B8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQuerySystemTime [0x80612878]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryTimer [0x80616828]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryTimerResolution [0x8061290A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryValueKey [0x806219EA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryVirtualMemory [0x805B8C38]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryVolumeInformationFile [0x8057BCEA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueueApcThread [0x805D1240]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRaiseException [0x80544EC4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRaiseHardError [0x80614552]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReadFile [0x8057C48A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReadFileScatter [0x8057C9F4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReadRequestData [0x805A5E50]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReadVirtualMemory [0x805B428C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRegisterThreadTerminatePort [0x805D2762]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReleaseMutant [0x80617036]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReleaseSemaphore [0x80614A10]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRemoveIoCompletion [0x80578EDA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRemoveProcessDebug [0x80643054]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRenameKey [0x806231D4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplaceKey [0x8062585E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplyPort [0x805A54D0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplyWaitReceivePort [0x805A6498]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplyWaitReceivePortEx [0x805A5EA0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReplyWaitReplyPort [0x805A57BA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRequestDeviceWakeup [0x805C85CC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRequestPort [0x805A2A2E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRequestWaitReplyPort [0x805A2D5A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRequestWakeupLatency [0x805C83DA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwResetEvent [0x8060E9C0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwResetWriteWatch [0x80521672]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwRestoreKey [0x8062516A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwResumeProcess [0x805D4AA2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwResumeThread [0x805D4984]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSaveKey [0x80625266]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSaveKeyEx [0x8062534C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSaveMergedKeys [0x80625474]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSecureConnectPort [0x805A3D48]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetContextThread [0x805D1704]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetDebugFilterState [0x80645D0C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetDefaultHardErrorPort [0x806143FC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetDefaultLocale [0x80610528]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetDefaultUILanguage [0x80610D9A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetEaFile [0x8057A6C6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetEvent [0x8060EA80]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetEventBoostPriority [0x8060EB4A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetHighEventPair [0x80616D1A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetHighWaitLowEventPair [0x80616C4A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationDebugObject [0x80642A1E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationFile [0x8057B010]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationJobObject [0x805D6936]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationKey [0x806224CC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationObject [0x805C480C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationProcess [0x805CDE54]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationThread [0x805CC0D8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetInformationToken [0x805F9E8C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetIntervalProfile [0x80617182]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetIoCompletion [0x80578E78]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetLdtEntries [0x805D38CE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetLowEventPair [0x80616CB6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetLowWaitHighEventPair [0x80616BDE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetQuotaInformationFile [0x8057B7DE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetSecurityObject [0x805C05F8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetSystemEnvironmentValue [0x806163B0]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetSystemInformation [0x8060F3E6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetSystemPowerState [0x80652E18]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetSystemTime [0x80613B80]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetThreadExecutionState [0x805C82EE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetTimer [0x80538D72]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetTimerResolution [0x80613052]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetUuidSeed [0x80614EC6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetValueKey [0x80621D38]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSetVolumeInformationFile [0x8057C0F4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwShutdownSystem [0x80612670]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSignalAndWaitForSingleObject [0x80526768]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwStartProfile [0x806173CC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwStopProfile [0x80617576]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSuspendProcess [0x805D4A4C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSuspendThread [0x805D48BE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwSystemDebugControl [0x8061779A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTerminateJobObject [0x805D74CA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTerminateProcess [0x805D29AC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTerminateThread [0x805D2BA6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTestAlert [0x805D4C0C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTraceEvent [0x80535108]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwTranslateFilePath [0x8061611E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnloadDriver [0x805842CE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnloadKey [0x80622062]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnloadKeyEx [0x8062227C]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnlockFile [0x80579656]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnlockVirtualMemory [0x805B6EAA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwUnmapViewOfSection [0x805B2E12]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwVdmControl [0x805FB244]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitForDebugEvent [0x80642786]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitForMultipleObjects [0x805C07AE]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitForSingleObject [0x805C06C4]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitHighEventPair [0x80616B7A]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitLowEventPair [0x80616B16]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWriteFile [0x8057CEF2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWriteFileGather [0x8057D4D6]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWriteRequestData [0x805A5E78]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWriteVirtualMemory [0x805B4396]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwYieldExecution [0x80504AE8]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwCreateKeyedEvent [0x80617BF2]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwOpenKeyedEvent [0x80617CDC]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwReleaseKeyedEvent [0x80617D8E]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwWaitForKeyedEvent [0x80617FEA]
SSDT \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) ZwQueryPortInformationProcess [0x805CB90C]

INT 0x00 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805421B0
INT 0x01 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054232C
INT 0x03 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80542740
INT 0x04 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805428C0
INT 0x05 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80542A20
INT 0x06 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80542B94
INT 0x07 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054320C
INT 0x09 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80543610
INT 0x0A \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80543730
INT 0x0B \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80543870
INT 0x0C \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80543AD0
INT 0x0D \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80543DBC
INT 0x0E \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805444B8
INT 0x0F \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805447F0
INT 0x10 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544910
INT 0x11 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544A4C
INT 0x12 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805447F0
INT 0x13 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80544BB4
INT 0x14 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805447F0
INT 0x15 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805447F0
INT 0x16 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805447F0
INT 0x17 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805447F0
INT 0x18 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805447F0
INT 0x19 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805447F0
INT 0x1A \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805447F0
INT 0x1B \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805447F0
INT 0x1C \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805447F0
INT 0x1D \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805447F0
INT 0x1E \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805447F0
INT 0x1F \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E610C
INT 0x2A \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805419DE
INT 0x2B \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541AE0
INT 0x2C \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541C90
INT 0x2D \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054261C
INT 0x2E \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541461
INT 0x2F \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805447F0
INT 0x30 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540B20
INT 0x31 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540B2A
INT 0x32 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540B34
INT 0x33 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540B3E
INT 0x34 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540B48
INT 0x35 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540B52
INT 0x36 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540B5C
INT 0x37 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E5864
INT 0x38 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540B70
INT 0x39 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540B7A
INT 0x3A \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540B84
INT 0x3B \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540B8E
INT 0x3C \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540B98
INT 0x3D \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E6E2C
INT 0x3E \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540BAC
INT 0x3F \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540BB6
INT 0x40 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540BC0
INT 0x41 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E6C88
INT 0x42 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540BD4
INT 0x43 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540BDE
INT 0x44 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540BE8
INT 0x45 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540BF2
INT 0x46 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540BFC
INT 0x47 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C06
INT 0x48 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C10
INT 0x49 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C1A
INT 0x4A \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C24
INT 0x4B \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C2E
INT 0x4C \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C38
INT 0x4D \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C42
INT 0x4E \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C4C
INT 0x4F \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C56
INT 0x50 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E593C
INT 0x51 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C6A
INT 0x52 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C74
INT 0x53 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C7E
INT 0x54 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C88
INT 0x55 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C92
INT 0x56 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540C9C
INT 0x57 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540CA6
INT 0x58 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540CB0
INT 0x59 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540CBA
INT 0x5A \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540CC4
INT 0x5B \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540CCE
INT 0x5C \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540CD8
INT 0x5D \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540CE2
INT 0x5E \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540CEC
INT 0x5F \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540CF6
INT 0x60 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D00
INT 0x61 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D0A
INT 0x62 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D14
INT 0x63 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) B9F1067E
INT 0x63 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) B9F1067E
INT 0x63 \SystemRoot\system32\DRIVERS\NVNRM.SYS (NVIDIA Network Resource Manager./NVIDIA Corporation) B94F0EDA
INT 0x63 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) B9F1067E
INT 0x64 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D28
INT 0x65 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D32
INT 0x66 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D3C
INT 0x67 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D46
INT 0x68 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D50
INT 0x69 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D5A
INT 0x6A \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D64
INT 0x6B \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D6E
INT 0x6C \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D78
INT 0x6D \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D82
INT 0x6E \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D8C
INT 0x6F \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540D96
INT 0x70 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540DA0
INT 0x71 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540DAA
INT 0x72 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540DB4
INT 0x73 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) B9F1067E
INT 0x73 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) B9F1067E
INT 0x73 \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) B956BE54
INT 0x73 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) B9F1067E
INT 0x74 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540DC8
INT 0x75 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540DD2
INT 0x76 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540DDC
INT 0x77 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540DE6
INT 0x78 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540DF0
INT 0x79 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540DFA
INT 0x7A \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E04
INT 0x7B \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E0E
INT 0x7C \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E18
INT 0x7D \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E22
INT 0x7E \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E2C
INT 0x7F \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E36
INT 0x80 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E40
INT 0x81 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E4A
INT 0x82 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) B9F1067E
INT 0x83 ohci1394.sys (1394 OpenHCI Port Driver/Microsoft Corporation) BA0BE2F0
INT 0x84 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E68
INT 0x85 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E72
INT 0x86 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E7C
INT 0x87 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E86
INT 0x88 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E90
INT 0x89 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540E9A
INT 0x8A \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540EA4
INT 0x8B \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540EAE
INT 0x8C \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540EB8
INT 0x8D \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540EC2
INT 0x8E \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540ECC
INT 0x8F \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540ED6
INT 0x90 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540EE0
INT 0x91 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540EEA
INT 0x92 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540EF4
INT 0x93 \SystemRoot\system32\DRIVERS\i8042prt.sys (i8042 Port Driver/Microsoft Corporation) BA228495
INT 0x94 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F08
INT 0x95 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F12
INT 0x96 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F1C
INT 0x97 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F26
INT 0x98 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F30
INT 0x99 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F3A
INT 0x9A \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F44
INT 0x9B \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F4E
INT 0x9C \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F58
INT 0x9D \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F62
INT 0x9E \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F6C
INT 0x9F \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F76
INT 0xA0 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F80
INT 0xA1 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F8A
INT 0xA2 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F94
INT 0xA3 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540F9E
INT 0xA4 \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) B956BE54
INT 0xA5 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540FB2
INT 0xA6 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540FBC
INT 0xA7 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540FC6
INT 0xA8 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540FD0
INT 0xA9 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540FDA
INT 0xAA \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540FE4
INT 0xAB \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540FEE
INT 0xAC \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80540FF8
INT 0xAD \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541002
INT 0xAE \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054100C
INT 0xAF \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541016
INT 0xB0 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541020
INT 0xB1 ACPI.sys (ACPI Driver for NT/Microsoft Corporation) B9F8431E
INT 0xB2 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541034
INT 0xB3 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054103E
INT 0xB4 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS (Video Port Driver/Microsoft Corporation) B959ECB8
INT 0xB5 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541052
INT 0xB6 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054105C
INT 0xB7 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541066
INT 0xB8 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541070
INT 0xB9 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054107A
INT 0xBA \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541084
INT 0xBB \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054108E
INT 0xBC \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541098
INT 0xBD \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805410A2
INT 0xBE \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805410AC
INT 0xBF \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805410B6
INT 0xC0 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805410C0
INT 0xC1 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E5AC0
INT 0xC2 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805410D4
INT 0xC3 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805410DE
INT 0xC4 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805410E8
INT 0xC5 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805410F2
INT 0xC6 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805410FC
INT 0xC7 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541106
INT 0xC8 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541110
INT 0xC9 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054111A
INT 0xCA \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541124
INT 0xCB \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054112E
INT 0xCC \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541138
INT 0xCD \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541142
INT 0xCE \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054114C
INT 0xCF \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541156
INT 0xD0 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541160
INT 0xD1 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E52A0
INT 0xD2 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541174
INT 0xD3 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054117E
INT 0xD4 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541188
INT 0xD5 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541192
INT 0xD6 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054119C
INT 0xD7 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805411A6
INT 0xD8 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805411B0
INT 0xD9 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805411BA
INT 0xDA \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805411C4
INT 0xDB \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805411CE
INT 0xDC \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805411D8
INT 0xDD \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805411E2
INT 0xDE \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805411EC
INT 0xDF \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805411F6
INT 0xE0 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541200
INT 0xE1 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E6048
INT 0xE2 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541214
INT 0xE3 \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E5DAC
INT 0xE4 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541228
INT 0xE5 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541232
INT 0xE6 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054123C
INT 0xE7 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541246
INT 0xE8 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541250
INT 0xE9 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054125A
INT 0xEA \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541264
INT 0xEB \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054126E
INT 0xEC \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541278
INT 0xED \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541282
INT 0xEE \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541289
INT 0xEF \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541290
INT 0xF0 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541297
INT 0xF1 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 8054129E
INT 0xF2 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412A5
INT 0xF3 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412AC
INT 0xF4 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412B3
INT 0xF5 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412BA
INT 0xF6 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412C1
INT 0xF7 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412C8
INT 0xF8 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412CF
INT 0xF9 \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412D6
INT 0xFA \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412DD
INT 0xFB \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412E4
INT 0xFC \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 805412EB
INT 0xFD \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E65A8
INT 0xFE \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E6748
INT 0xFF \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 80541300

SYSENTER \WINDOWS\system32\ntkrnlpa.exe 80541530

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device \FileSystem\Ntfs \Ntfs ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Ntfs \Ntfs Ntfs.sys (NT File System Driver/Microsoft Corporation)
Device \FileSystem\Ntfs \Ntfs ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)

AttachedDevice \FileSystem\Ntfs \Ntfs bb-run.sys (Promise Disk Accelerator/Promise Technology, Inc.)

Device \FileSystem\Fastfat \FatCdrom Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
Device \FileSystem\Fastfat \FatCdrom ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fastfat \FatCdrom ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Mup \Dfs Mup.sys (Multiple UNC Provider driver/Microsoft Corporation)
Device \Driver\NDIS \Device\Ndis NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\KSecDD \Device\KsecDD KSecDD.sys (Kernel Security Support Provider Interface/Microsoft Corporation)
Device \Driver\KSecDD \Device\KsecDD ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Beep \Device\Beep Beep.SYS (BEEP Driver/Microsoft Corporation)
Device \Driver\Beep \Device\Beep ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\00000032
Device \Device\00000025
Device \Device\00000019
Device \Driver\PnpManager \Device\00000033 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000033 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\NetBIOS \Device\Netbios netbios.sys (NetBIOS interface driver/Microsoft Corporation)
Device \FileSystem\NetBIOS \Device\Netbios ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\00000026
Device \Driver\Tcpip \Device\Ip tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000034 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000034 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\TermDD \Device\RDP_CONSOLE0 termdd.sys (Terminal Server Driver/Microsoft Corporation)
Device \Driver\ACPI \Device\00000040 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Device\00000027
Device \Driver\Kbdclass \Device\KeyboardClass0 kbdclass.sys (Keyboard Class Driver/Microsoft Corporation)
Device \Driver\Kbdclass \Device\KeyboardClass0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 arkbcfltr.sys (Microsoft AR PS/2 Keyboard Filter Driver (Beta 2 Release 2)/Microsoft Corporation)

Device \Device\{5B4CF069-C7F2-4CAC-B774-620F31DE379D}
Device \Driver\Fips \Device\Fips Fips.SYS (FIPS Crypto Driver/Microsoft Corporation)
Device \Driver\Fips \Device\Fips ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\Video0
Device \Driver\PnpManager \Device\00000035 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000035 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\TermDD \Device\RDP_CONSOLE1 termdd.sys (Terminal Server Driver/Microsoft Corporation)
Device \Driver\ACPI \Device\00000041 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Device\00000028
Device \Driver\Kbdclass \Device\KeyboardClass1 kbdclass.sys (Keyboard Class Driver/Microsoft Corporation)
Device \Driver\Kbdclass \Device\KeyboardClass1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)

AttachedDevice \Driver\Kbdclass \Device\KeyboardClass1 arkbcfltr.sys (Microsoft AR PS/2 Keyboard Filter Driver (Beta 2 Release 2)/Microsoft Corporation)

Device \Driver\NDProxy \Device\NDProxy NDProxy.SYS (NDIS Proxy/Microsoft Corporation)
Device \Driver\NDProxy \Device\NDProxy ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\Video1
Device \Driver\ACPI \Device\00000042 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Device\00000036
Device \Device\00000029
Device \Driver\PSched \Device\{CA178B6B-B775-499A-8315-179C68F482FE} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Device\Video2
Device \Driver\Mouclass \Device\PointerClass0 mouclass.sys (Mouse Class Driver/Microsoft Corporation)
Device \Driver\Mouclass \Device\PointerClass0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\RdpDrDvMgr
Device \Device\00000050
Device \Device\00000043
Device \Device\00000037
Device \Device\0000000a
Device \Driver\NVENETFD \Device\{B5F14722-BE35-4284-AA7C-AE1EE6CB1CCF} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Device\Video3
Device \Device\PointerClass1
Device \Driver\usbohci \Device\USBPDO-0 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbohci \Device\USBPDO-0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\Processor
Device \Device\00000051
Device \Device\00000044
Device \Device\0000000b
Device \Driver\WMIxWDM \Device\WMIDataDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\WMIxWDM \Device\WMIDataDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\WMIxWDM \Device\WMIDataDevice ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\dmio \Device\DmControl\DmIoDaemon dmio.sys (NT Disk Manager I/O Driver/Microsoft Corp., Veritas Software)
Device \Driver\dmio \Device\DmControl\DmIoDaemon ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\dmio \Device\DmControl\DmConfig dmio.sys (NT Disk Manager I/O Driver/Microsoft Corp., Veritas Software)
Device \Driver\dmio \Device\DmControl\DmConfig ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\dmio \Device\DmControl\DmPnP dmio.sys (NT Disk Manager I/O Driver/Microsoft Corp., Veritas Software)
Device \Driver\dmio \Device\DmControl\DmPnP ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\dmio \Device\DmControl\DmInfo dmio.sys (NT Disk Manager I/O Driver/Microsoft Corp., Veritas Software)
Device \Driver\dmio \Device\DmControl\DmInfo ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\i
Device \Driver\usbehci \Device\USBPDO-1 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbehci \Device\USBPDO-1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawTape ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawTape ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\00000039 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI_HAL \Device\00000039 hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)
Device \Driver\kwdoykog \Device\kwdoykog kwdoykog.sys
Device \Driver\kwdoykog \Device\kwdoykog ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\MRxDAV \Device\WebDavRedirector mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation)
Device \FileSystem\MRxDAV \Device\WebDavRedirector ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\rdpdr \Device\RdpDrPort rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation)
Device \Driver\usbhub \Device\USBPDO-3 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\USBPDO-3 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ati2mtag \Device\CmmqsMiniport ati2mtag.sys (ATI Radeon WindowsNT Miniport Driver/ATI Technologies Inc.)
Device \Driver\ati2mtag \Device\CmmqsMiniport ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ati2mtag \Device\CmmqsMiniport VIDEOPRT.SYS (Video Port Driver/Microsoft Corporation)
Device \Driver\ACPI \Device\00000060 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\RasAcd \Device\RasAcd rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation)
Device \Driver\RasAcd \Device\RasAcd ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\IpNat \Device\IPNAT ipnat.sys (IP Network Address Translator/Microsoft Corporation)
Device \Driver\IpNat \Device\IPNAT ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PSched \Device\PSched NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\ACPI \Device\00000061 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\ACPI \Device\00000048 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\Tcpip \Device\Tcp tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
Device \Driver\ACPI \Device\00000062 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\usbstor \Device\00000070 USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation)
Device \Driver\usbstor \Device\00000070 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\rdpdr \Device\RdpDr rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation)
Device \Driver\ACPI \Device\00000057 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0011 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0011 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Driver\Ftdisk \Device\HarddiskVolume1 ftdisk.sys (FT Disk Driver/Microsoft Corporation)
Device \Driver\Ftdisk \Device\HarddiskVolume1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\mdmxsdk \Device\ConexantDiagnosticsServer mdmxsdk.sys (Diagnostic Interface DRIVER/Conexant)
Device \Driver\mdmxsdk \Device\ConexantDiagnosticsServer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\Http\Filter
Device \Device\Http\AppPool
Device \Device\Http\Control
Device \Driver\PnpManager \Device\0000002b ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000002b ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\00000058 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\Ftdisk \Device\HarddiskVolume2 ftdisk.sys (FT Disk Driver/Microsoft Corporation)
Device \Driver\Ftdisk \Device\HarddiskVolume2 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Cdrom \Device\CdRom0 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\Cdrom \Device\CdRom0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\TermDD \Device\Termdd termdd.sys (Terminal Server Driver/Microsoft Corporation)
Device \FileSystem\Rdbss \Device\FsWrap rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
Device \FileSystem\Rdbss \Device\FsWrap ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000002c ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000002c ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\00000065 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\ACPI \Device\00000059 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort0 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCIIde \Device\Ide\PciIde1Channel0-2 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCIIde \Device\Ide\PciIde1Channel0-2 PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort1 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-5 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCIIde \Device\Ide\PciIde0Channel0-0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCIIde \Device\Ide\PciIde0Channel0-0 PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort2 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort2 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort3 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort3 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort4 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort4 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort5 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdePort5 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCIIde \Device\Ide\PciIde2Channel0-4 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCIIde \Device\Ide\PciIde2Channel0-4 PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation)
Device \Driver\PCIIde \Device\Ide\PciIde1Channel1-3 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCIIde \Device\Ide\PciIde1Channel1-3 PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-16 atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation)
Device \Driver\atapi \Device\Ide\IdeDeviceP1T0L0-16 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCIIde \Device\Ide\PciIde2Channel1-5 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCIIde \Device\Ide\PciIde2Channel1-5 PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation)
Device \Driver\PCIIde \Device\Ide\PciIde0Channel1-1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCIIde \Device\Ide\PciIde0Channel1-1 PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation)
Device \Device\Ide\PciIde0
Device \Device\Ide\PciIde1
Device \Device\Ide\PciIde2
Device \Driver\Ftdisk \Device\HarddiskVolume3 ftdisk.sys (FT Disk Driver/Microsoft Corporation)
Device \Driver\Ftdisk \Device\HarddiskVolume3 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\RasPppoe \Device\{BA92F0E7-66BE-4161-9CE3-573FC0FEF9C6} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0020 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0020 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0014 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0014 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000002d ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000002d ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\00000066 ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\PSched \Device\{1F752EB1-8B8F-42A1-B414-3E45B5A2D05B} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0015 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0015 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Driver\PptpMiniport \Device\{DA82C691-6184-4681-8F87-AFE18BE9D90E} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\PxHelp20 \Device\PxHelperDevice0 PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions)
Device \Driver\usbhub \Device\00000068 usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\00000068 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000002f ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\0000002f ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000003c ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\nvnetbus \Device\00000069 nvnetbus.sys (NVIDIA Networking Bus Driver./NVIDIA Corporation)
Device \Driver\nvnetbus \Device\00000069 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000003d ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBt_Wins_Export netbt.sys (MBT Transport driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBt_Wins_Export ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000004b ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\Arp1394 \Device\ARP1394 arp1394.sys (IP/1394 Arp Client/Microsoft Corporation)
Device \Driver\Arp1394 \Device\ARP1394 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0025 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0025 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Driver\NetBT \Device\NetbiosSmb netbt.sys (MBT Transport driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetbiosSmb ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0026 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0026 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0027 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PCI \Device\NTPNP_PCI0027 pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation)
Device \Driver\ACPI \Device\0000005a ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\MountMgr \Device\MountPointManager MountMgr.sys (Mount Manager/Microsoft Corporation)
Device \Driver\MountMgr \Device\MountPointManager ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\isapnp \Device\0000005b isapnp.sys (PNP ISA Bus Driver/Microsoft Corporation)
Device \Driver\isapnp \Device\0000005b ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Wanarp \Device\WANARP wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation)
Device \FileSystem\Srv \Device\LanmanServer srv.sys (Server driver/Microsoft Corporation)
Device \FileSystem\Mup \Device\Mup Mup.sys (Multiple UNC Provider driver/Microsoft Corporation)
Device \Driver\ohci1394 \Device\0000005c 1394BUS.SYS (1394 Bus Device Driver/Microsoft Corporation)
Device \Driver\ohci1394 \Device\0000005c ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Tcpip \Device\Udp tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
Device \Driver\Ps2 \Device\Ps2 PS2.sys (PS2 SYS/Hewlett-Packard Company)
Device \Driver\ACPI \Device\0000005d ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Device\Harddisk0\DP(1)0x7d8200-0x162f3a8000+1
Device \Device\Harddisk0\DP(3)0x162fb88000-0x162e3efe00+3
Device \Driver\Disk \Device\Harddisk0\DR0 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk0\DR0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Device\Harddisk0\DP(2)0x2c5df77e00-0x235c40400+2
Device \Driver\Tcpip \Device\RawIp tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
Device \Driver\usbhub \Device\0000006a usbhub.sys (Default Hub Driver for USB/Microsoft Corporation)
Device \Driver\usbhub \Device\0000006a ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\NdisWan \Device\NdisWanIp NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\ARPolicy \Device\ARPolicy arpolicy.sys (Microsoft AR Policy Driver (Beta 2 Release 2)/Microsoft Corporation)
Device \Driver\ARPolicy \Device\ARPolicy ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000005e ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk1\DR4 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk1\DR4 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+8 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk1\DP(1)0-0+8 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000002 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000002 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbstor \Device\0000006b USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation)
Device \Driver\usbstor \Device\0000006b ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawDisk ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawDisk ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ACPI \Device\0000005f ACPI.sys (ACPI Driver for NT/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk2\DR5 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk2\DR5 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+9 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk2\DP(1)0-0+9 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbohci \Device\USBFDO-0 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbohci \Device\USBFDO-0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Null \Device\Null Null.SYS (NULL Driver/Microsoft Corporation)
Device \Driver\Null \Device\Null ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000003 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000003 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\ohci1394 \Device\1394BUS0 1394BUS.SYS (1394 Bus Device Driver/Microsoft Corporation)
Device \Driver\ohci1394 \Device\1394BUS0 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+a CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk3\DP(1)0-0+a ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk3\DR6 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk3\DR6 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\IPSec \Device\IPSEC ipsec.sys (IPSec Driver/Microsoft Corporation)
Device \Driver\IPSec \Device\IPSEC ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbstor \Device\0000006d USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation)
Device \Driver\usbstor \Device\0000006d ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\usbehci \Device\USBFDO-1 USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation)
Device \Driver\usbehci \Device\USBFDO-1 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000004 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000004 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+b CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk4\DP(1)0-0+b ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk4\DR7 CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation)
Device \Driver\Disk \Device\Harddisk4\DR7 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
Device \Driver\NdisTapi \Device\NdisTapi ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation)
Device \Driver\NdisTapi \Device\NdisTapi ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\NdisWan \Device\NdisWan NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\usbstor \Device\0000006e USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation)
Device \Driver\usbstor \Device\0000006e ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Tcpip \Device\IPMULTICAST tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation)
Device \Driver\dmload \Device\DmLoader dmload.sys (NT Disk Manager Startup Driver/Microsoft Corp., Veritas Software.)
Device \Driver\dmload \Device\DmLoader ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\MRxSmb \Device\LanmanRedirector mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation)
Device \FileSystem\MRxSmb \Device\LanmanRedirector rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation)
Device \Driver\Gpc \Device\Gpc msgpc.sys (MS General Packet Classifier/Microsoft Corporation)
Device \Driver\usbstor \Device\0000006f USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation)
Device \Driver\usbstor \Device\0000006f ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Npfs \Device\NamedPipe Npfs.SYS (NPFS Driver/Microsoft Corporation)
Device \FileSystem\Npfs \Device\NamedPipe ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBT_Tcpip_{B5F14722-BE35-4284-AA7C-AE1EE6CB1CCF} netbt.sys (MBT Transport driver/Microsoft Corporation)
Device \Driver\NetBT \Device\NetBT_Tcpip_{B5F14722-BE35-4284-AA7C-AE1EE6CB1CCF} ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\Ftdisk \Device\FtControl ftdisk.sys (FT Disk Driver/Microsoft Corporation)
Device \Driver\Ftdisk \Device\FtControl ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Msfs \Device\Mailslot Msfs.SYS (Mailslot driver/Microsoft Corporation)
Device \FileSystem\Msfs \Device\Mailslot ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\AFD \Device\Afd afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation)
Device \Driver\NIC1394 \Device\{174DF476-68FB-4FA0-BF9D-27D6117E73CC} NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation)
Device \Driver\Ndisuio \Device\Ndisuio ndisuio.sys (NDIS User mode I/O Driver/Microsoft Corporation)
Device \Driver\Ndisuio \Device\Ndisuio ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawCdRom ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\RAW \Device\RawCdRom ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000030 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \Driver\PnpManager \Device\00000030 ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Mup \Device\WinDfs\Root Mup.sys (Multiple UNC Provider driver/Microsoft Corporation)
Device \FileSystem\Fastfat \Fat Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation)
Device \FileSystem\Fastfat \Fat ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fastfat \Fat ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)

AttachedDevice \FileSystem\Fastfat \Fat bb-run.sys (Promise Disk Accelerator/Promise Technology, Inc.)

Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\UdfsCdRomRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Filters\BBRun
Device \FileSystem\Filters\FltMgrMsg
Device \FileSystem\Filters\SystemRestore
Device \FileSystem\FltMgr \FileSystem\Filters\FltMgr fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatCdRomRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\CdfsRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\FatDiskRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation)
Device \FileSystem\Fs_Rec \FileSystem\UdfsDiskRecognizer ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Cdfs \Cdfs Cdfs.SYS (CD-ROM File System Driver/Microsoft Corporation)
Device \FileSystem\Cdfs \Cdfs ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)
Device \FileSystem\Cdfs \Cdfs ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation)

---- Modules - GMER 1.0.15 ----

Module \WINDOWS\system32\ntkrnlpa.exe (NT Kernel & System/Microsoft Corporation) 804D7000-806E4000 (2150400 bytes)
Module \WINDOWS\system32\hal.dll (Hardware Abstraction Layer DLL/Microsoft Corporation) 806E4000-80704D00 (134400 bytes)
Module \WINDOWS\system32\KDCOM.DLL (Kernel Debugger HW Extension DLL/Microsoft Corporation) BA5A8000-BA5AA000 (8192 bytes)
Module \WINDOWS\system32\BOOTVID.dll (VGA Boot Driver/Microsoft Corporation) BA4B8000-BA4BB000 (12288 bytes)
Module ACPI.sys (ACPI Driver for NT/Microsoft Corporation) B9F79000-B9FA7000 (188416 bytes)
Module \WINDOWS\system32\DRIVERS\WMILIB.SYS (WMILIB WMI support library Dll/Microsoft Corporation) BA5AA000-BA5AC000 (8192 bytes)
Module pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) B9F68000-B9F79000 (69632 bytes)
Module isapnp.sys (PNP ISA Bus Driver/Microsoft Corporation) BA0A8000-BA0B2000 (40960 bytes)
Module ohci1394.sys (1394 OpenHCI Port Driver/Microsoft Corporation) BA0B8000-BA0C8000 (65536 bytes)
Module \WINDOWS\system32\DRIVERS\1394BUS.SYS (1394 Bus Device Driver/Microsoft Corporation) BA0C8000-BA0D6000 (57344 bytes)
Module pciide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) BA670000-BA671000 (4096 bytes)
Module \WINDOWS\system32\DRIVERS\PCIIDEX.SYS (PCI IDE Bus Driver Extension/Microsoft Corporation) BA328000-BA32F000 (28672 bytes)
Module viaide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) BA5AC000-BA5AE000 (8192 bytes)
Module intelide.sys (Intel PCI IDE Driver/Microsoft Corporation) BA5AE000-BA5B0000 (8192 bytes)
Module MountMgr.sys (Mount Manager/Microsoft Corporation) BA0D8000-BA0E3000 (45056 bytes)
Module ftdisk.sys (FT Disk Driver/Microsoft Corporation) B9F49000-B9F68000 (126976 bytes)
Module dmload.sys (NT Disk Manager Startup Driver/Microsoft Corp., Veritas Software.) BA5B0000-BA5B2000 (8192 bytes)
Module dmio.sys (NT Disk Manager I/O Driver/Microsoft Corp., Veritas Software) B9F23000-B9F49000 (155648 bytes)
Module PartMgr.sys (Partition Manager/Microsoft Corporation) BA330000-BA335000 (20480 bytes)
Module VolSnap.sys (Volume Shadow Copy Driver/Microsoft Corporation) BA0E8000-BA0F5000 (53248 bytes)
Module atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) B9F0B000-B9F23000 (98304 bytes)
Module ftsata2.sys (Promise Driver for Windows Server 2003/Promise Technology, Inc.) B9EC8000-B9F0B000 (274432 bytes)
Module \WINDOWS\system32\DRIVERS\SCSIPORT.SYS (SCSI Port Driver/Microsoft Corporation) B9EB0000-B9EC8000 (98304 bytes)
Module disk.sys (PnP Disk Driver/Microsoft Corporation) BA0F8000-BA101000 (36864 bytes)
Module \WINDOWS\system32\DRIVERS\CLASSPNP.SYS (SCSI Class System Dll/Microsoft Corporation) BA108000-BA115000 (53248 bytes)
Module fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) B9E90000-B9EB0000 (131072 bytes)
Module sr.sys (System Restore Filesystem Filter Driver/Microsoft Corporation) B9E7E000-B9E90000 (73728 bytes)
Module bb-run.sys (Promise Disk Accelerator/Promise Technology, Inc.) BA118000-BA121000 (36864 bytes)
Module PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) BA128000-BA134000 (49152 bytes)
Module KSecDD.sys (Kernel Security Support Provider Interface/Microsoft Corporation) B9E67000-B9E7E000 (94208 bytes)
Module Ntfs.sys (NT File System Driver/Microsoft Corporation) B9DDA000-B9E67000 (577536 bytes)
Module NDIS.sys (NDIS 5.1 wrapper driver/Microsoft Corporation) B9DAD000-B9DDA000 (184320 bytes)
Module Mup.sys (Multiple UNC Provider driver/Microsoft Corporation) B9D93000-B9DAD000 (106496 bytes)
Module \SystemRoot\system32\DRIVERS\AmdK8.sys (AMD Processor Driver/Advanced Micro Devices) BA1D8000-BA1E6000 (57344 bytes)
Module \SystemRoot\system32\DRIVERS\aracpi.sys (Microsoft AR ACPI Driver (Beta 2 Release 2)/Microsoft Corporation) BA468000-BA46E000 (24576 bytes)
Module \SystemRoot\system32\DRIVERS\ati2mtag.sys (ATI Radeon WindowsNT Miniport Driver/ATI Technologies Inc.) B95B1000-B9A44000 (4796416 bytes)
Module \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS (Video Port Driver/Microsoft Corporation) B959D000-B95B1000 (81920 bytes)
Module \SystemRoot\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows ® Server 2003 DDK provider) B9575000-B959D000 (163840 bytes)
Module \SystemRoot\system32\DRIVERS\usbohci.sys (OHCI USB Miniport Driver/Microsoft Corporation) BA478000-BA47D000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\USBPORT.SYS (USB 1.1 & 2.0 Port Driver/Microsoft Corporation) B9551000-B9575000 (147456 bytes)
Module \SystemRoot\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) BA480000-BA488000 (32768 bytes)
Module \SystemRoot\system32\DRIVERS\imapi.sys (IMAPI Kernel Driver/Microsoft Corporation) BA1E8000-BA1F3000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) BA1F8000-BA208000 (65536 bytes)
Module \SystemRoot\system32\DRIVERS\redbook.sys (Redbook Audio Filter Driver/Microsoft Corporation) BA208000-BA217000 (61440 bytes)
Module \SystemRoot\system32\DRIVERS\ks.sys (Kernel CSA Library/Microsoft Corporation) B952E000-B9551000 (143360 bytes)
Module \SystemRoot\system32\DRIVERS\nic1394.sys (IEEE1394 Ndis Miniport and Call Manager/Microsoft Corporation) BA218000-BA228000 (65536 bytes)
Module \SystemRoot\system32\DRIVERS\nvnetbus.sys (NVIDIA Networking Bus Driver./NVIDIA Corporation) B9D5F000-B9D63000 (16384 bytes)
Module \SystemRoot\system32\DRIVERS\NVNRM.SYS (NVIDIA Network Resource Manager./NVIDIA Corporation) B94E3000-B952E000 (307200 bytes)
Module \SystemRoot\system32\DRIVERS\NVSNPU.SYS (NVIDIA Networking Soft-NPU Driver./NVIDIA Corporation) B94AC000-B94E3000 (225280 bytes)
Module \SystemRoot\system32\DRIVERS\i8042prt.sys (i8042 Port Driver/Microsoft Corporation) BA228000-BA235000 (53248 bytes)
Module \SystemRoot\system32\DRIVERS\PS2.sys (PS2 SYS/Hewlett-Packard Company) BA488000-BA48D000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\kbdclass.sys (Keyboard Class Driver/Microsoft Corporation) BA490000-BA496000 (24576 bytes)
Module \SystemRoot\system32\DRIVERS\arkbcfltr.sys (Microsoft AR PS/2 Keyboard Filter Driver (Beta 2 Release 2)/Microsoft Corporation) BA5EC000-BA5EE000 (8192 bytes)
Module \SystemRoot\system32\DRIVERS\arpolicy.sys (Microsoft AR Policy Driver (Beta 2 Release 2)/Microsoft Corporation) B9D5B000-B9D5E000 (12288 bytes)
Module \SystemRoot\system32\DRIVERS\audstub.sys (AudStub Driver/Microsoft Corporation) BA798000-BA799000 (4096 bytes)
Module \SystemRoot\system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) BA238000-BA245000 (53248 bytes)
Module \SystemRoot\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) B9D57000-B9D5A000 (12288 bytes)
Module \SystemRoot\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) B9495000-B94AC000 (94208 bytes)
Module \SystemRoot\system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) BA248000-BA253000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) BA258000-BA264000 (49152 bytes)
Module \SystemRoot\system32\DRIVERS\TDI.SYS (TDI Wrapper/Microsoft Corporation) BA498000-BA49D000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\psched.sys (MS QoS Packet Scheduler/Microsoft Corporation) B9484000-B9495000 (69632 bytes)
Module \SystemRoot\system32\DRIVERS\msgpc.sys (MS General Packet Classifier/Microsoft Corporation) BA268000-BA271000 (36864 bytes)
Module \SystemRoot\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) BA4A0000-BA4A5000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\raspti.sys (PTI DirectParallel® mini-port/call-manager driver/Microsoft Corporation) BA4A8000-BA4AD000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation) B93B4000-B93E4000 (196608 bytes)
Module \SystemRoot\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) BA278000-BA282000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\mouclass.sys (Mouse Class Driver/Microsoft Corporation) BA4B0000-BA4B6000 (24576 bytes)
Module \SystemRoot\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) BA5EE000-BA5F0000 (8192 bytes)
Module \SystemRoot\system32\DRIVERS\update.sys (Update Driver/Microsoft Corporation) B9356000-B93B4000 (385024 bytes)
Module \SystemRoot\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) B9A5C000-B9A60000 (16384 bytes)
Module \SystemRoot\System32\Drivers\NDProxy.SYS (NDIS Proxy/Microsoft Corporation) BA298000-BA2A2000 (40960 bytes)
Module \SystemRoot\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) BA2C8000-BA2D7000 (61440 bytes)
Module \SystemRoot\system32\DRIVERS\USBD.SYS (Universal Serial Bus Driver/Microsoft Corporation) BA5F2000-BA5F4000 (8192 bytes)
Module \SystemRoot\system32\DRIVERS\NVENETFD.sys (NVIDIA Networking Function Driver./NVIDIA Corporation) BA2D8000-BA2E1000 (36864 bytes)
Module \SystemRoot\System32\Drivers\Fs_Rec.SYS (File System Recognizer Driver/Microsoft Corporation) BA5F4000-BA5F6000 (8192 bytes)
Module \SystemRoot\System32\Drivers\Null.SYS (NULL Driver/Microsoft Corporation) BA7FA000-BA7FB000 (4096 bytes)
Module \SystemRoot\System32\Drivers\Beep.SYS (BEEP Driver/Microsoft Corporation) BA5F6000-BA5F8000 (8192 bytes)
Module \SystemRoot\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) BA390000-BA396000 (24576 bytes)
Module \SystemRoot\System32\Drivers\mnmdd.SYS (Frame buffer simulator/Microsoft Corporation) BA5F8000-BA5FA000 (8192 bytes)
Module \SystemRoot\System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) BA5FA000-BA5FC000 (8192 bytes)
Module \SystemRoot\System32\Drivers\Msfs.SYS (Mailslot driver/Microsoft Corporation) BA398000-BA39D000 (20480 bytes)
Module \SystemRoot\System32\Drivers\Npfs.SYS (NPFS Driver/Microsoft Corporation) BA3A0000-BA3A8000 (32768 bytes)
Module \SystemRoot\system32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) BA558000-BA55B000 (12288 bytes)
Module \SystemRoot\system32\DRIVERS\ipsec.sys (IPSec Driver/Microsoft Corporation) AD2AB000-AD2BE000 (77824 bytes)
Module \SystemRoot\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation) AD252000-AD2AB000 (364544 bytes)
Module \SystemRoot\system32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) AD22A000-AD252000 (163840 bytes)
Module \SystemRoot\system32\DRIVERS\ipnat.sys (IP Network Address Translator/Microsoft Corporation) AD204000-AD22A000 (155648 bytes)
Module \SystemRoot\System32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) AD1E2000-AD204000 (139264 bytes)
Module \SystemRoot\system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) BA2E8000-BA2F1000 (36864 bytes)
Module \SystemRoot\system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) BA2F8000-BA301000 (36864 bytes)
Module \SystemRoot\system32\DRIVERS\arp1394.sys (IP/1394 Arp Client/Microsoft Corporation) BA318000-BA327000 (61440 bytes)
Module \SystemRoot\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation) AD117000-AD142000 (176128 bytes)
Module \SystemRoot\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) AD0A7000-AD117000 (458752 bytes)
Module \SystemRoot\System32\Drivers\Fips.SYS (FIPS Crypto Driver/Microsoft Corporation) BA158000-BA163000 (45056 bytes)
Module \SystemRoot\system32\DRIVERS\hidusb.sys (USB Miniport Driver for Input Devices/Microsoft Corporation) BA564000-BA567000 (12288 bytes)
Module \SystemRoot\system32\DRIVERS\HIDCLASS.SYS (Hid Class Library/Microsoft Corporation) BA168000-BA171000 (36864 bytes)
Module \SystemRoot\system32\DRIVERS\HIDPARSE.SYS (Hid Parsing Library/Microsoft Corporation) BA3A8000-BA3AF000 (28672 bytes)
Module \SystemRoot\system32\DRIVERS\arhidfltr.sys (Microsoft AR HID Filter Driver (Beta 2 Release 2)/Microsoft Corporation) BA3B0000-BA3B5000 (20480 bytes)
Module \SystemRoot\system32\DRIVERS\USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation) BA3B8000-BA3BF000 (28672 bytes)
Module \SystemRoot\system32\DRIVERS\mouhid.sys (HID Mouse Filter Driver/Microsoft Corporation) BA56C000-BA56F000 (12288 bytes)
Module \SystemRoot\system32\DRIVERS\armoucfltr.sys (Microsoft AR PS/2 Mouse Filter Driver (Beta 2 Release 2)/Microsoft Corporation) BA5FC000-BA5FE000 (8192 bytes)
Module \SystemRoot\System32\Drivers\Fastfat.SYS (Fast FAT File System Driver/Microsoft Corporation) AD05B000-AD07F000 (147456 bytes)
Module \SystemRoot\System32\Drivers\dump_atapi.sys AD043000-AD05B000 (98304 bytes)
Module \SystemRoot\System32\Drivers\dump_WMILIB.SYS BA61E000-BA620000 (8192 bytes)
Module \SystemRoot\System32\win32k.sys (Multi-User Win32 Driver/Microsoft Corporation) BF800000-BF9C4000 (1851392 bytes)
Module \SystemRoot\System32\drivers\Dxapi.sys (DirectX API Driver/Microsoft Corporation) B9308000-B930B000 (12288 bytes)
Module \SystemRoot\System32\watchdog.sys (Watchdog Driver/Microsoft Corporation) BA400000-BA405000 (20480 bytes)
Module \SystemRoot\System32\drivers\dxg.sys (DirectX Graphics Driver/Microsoft Corporation) BF000000-BF012000 (73728 bytes)
Module \SystemRoot\System32\drivers\dxgthk.sys (DirectX Graphics Driver Thunk/Microsoft Corporation) BA6AD000-BA6AE000 (4096 bytes)
Module \SystemRoot\System32\ati2dvag.dll (ATI Radeon WindowsNT Display Driver/ATI Technologies Inc.) BF012000-BF060000 (319488 bytes)
Module \SystemRoot\System32\ati2cqag.dll (Central Memory Manager / Queue Server Module/ATI Technologies Inc.) BF060000-BF0FC000 (638976 bytes)
Module \SystemRoot\System32\atikvmag.dll (Virtual Command And Memory Manager/ATI Technologies Inc.) BF0FC000-BF196000 (630784 bytes)
Module \SystemRoot\System32\atiok3x2.dll (Ring 0 x2 component/ATI Technologies Inc.) BF196000-BF1FC000 (417792 bytes)
Module \SystemRoot\System32\ati3duag.dll (ati3duag.dll/ATI Technologies Inc. ) BF1FC000-BF55C000 (3538944 bytes)
Module \SystemRoot\System32\ativvaxx.dll (Radeon Video Acceleration Universal Driver/Advanced Micro Devices, Inc. ) BF55C000-BF768000 (2146304 bytes)
Module \SystemRoot\system32\DRIVERS\ndisuio.sys (NDIS User mode I/O Driver/Microsoft Corporation) AA4FA000-AA4FE000 (16384 bytes)
Module \SystemRoot\System32\Drivers\Cdfs.SYS (CD-ROM File System Driver/Microsoft Corporation) AA232000-AA242000 (65536 bytes)
Module \SystemRoot\system32\DRIVERS\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) A9F25000-A9F52000 (184320 bytes)
Module \SystemRoot\System32\Drivers\HTTP.sys (HTTP Protocol Stack/Microsoft Corporation) A9EE4000-A9F25000 (266240 bytes)
Module \SystemRoot\system32\DRIVERS\mdmxsdk.sys (Diagnostic Interface DRIVER/Conexant) AA01E000-AA022000 (16384 bytes)
Module \SystemRoot\system32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) A9D52000-A9DA4000 (335872 bytes)
Module \??\C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\kwdoykog.sys (GMER) A96FB000-A9712000 (94208 bytes)
Module \WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 7C900000-7C9B2000 (729088 bytes)

---- Processes - GMER 1.0.15 ----

Process System Idle 0
Process System 4
Process C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe (DMAScheduler/Sonic Solutions) 132
Library C:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe (DMAScheduler/Sonic Solutions) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\Program Files\HP DigitalMedia Archive\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x7C340000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\msi.dll (Windows Installer/Microsoft Corporation) 0x7D1E0000
Library c:\Program Files\Common Files\Sonic Shared\Sonic Central\Engine\PxWrap.dll (Sonic Solutions) 0x65300000
Library C:\WINDOWS\system32\PX.dll (Px/Sonic Solutions) 0x10000000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library c:\Program Files\Common Files\Sonic Shared\Sonic Central\Engine\MSVCP71.dll (Microsoft® C++ Runtime Library/Microsoft Corporation) 0x7C3A0000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\wmp.dll (Windows Media Player Core/Microsoft Corporation) 0x07510000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) 0x4EC50000
Library C:\WINDOWS\system32\MSVFW32.dll (Microsoft Video for Windows DLL/Microsoft Corporation) 0x75A70000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\wmploc.dll (Windows Media Player/Microsoft Corporation) 0x08270000
Library C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\IadHide5.dll (IAdHide/BackWeb) 0x00990000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\WINDOWS\system32\PXDRV.DLL (Px Unit Table/Sonic Solutions) 0x00AD0000
Library C:\WINDOWS\system32\PXMAS.DLL (PxMas/Sonic Solutions) 0x00B60000
Library C:\WINDOWS\system32\PXSFS.DLL (PxSfs/Sonic Solutions) 0x00BA0000
Library C:\WINDOWS\system32\PXWAVE.DLL (PxWave/Sonic Solutions) 0x00CF0000
Library C:\WINDOWS\system32\VXBLOCK.DLL (VxBlock/Sonic Solutions) 0x00EA0000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x01120000
Library c:\Program Files\HP DigitalMedia Archive\EAFunctions.dll (DigitalMedia Archive/Sonic Solutions) 0x00FC0000
Library C:\WINDOWS\system32\mstask.dll (Task Scheduler interface DLL/Microsoft Corporation) 0x75830000
Library C:\WINDOWS\system32\comdlg32.dll (Common Dialogs DLL/Microsoft Corporation) 0x763B0000
Library C:\WINDOWS\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x71B20000
Library C:\WINDOWS\system32\NTDSAPI.dll (NT5DS/Microsoft Corporation) 0x767A0000
Library C:\WINDOWS\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x76F20000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000

Process C:\Program Files\HP\HP Software Update\HPwuSchd2.exe (Hewlett-Packard Product Assistant/Hewlett-Packard Co.) 200
Library C:\Program Files\HP\HP Software Update\HPwuSchd2.exe (Hewlett-Packard Product Assistant/Hewlett-Packard Co.) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000

Process C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe (Updates from HP/Hewlett-Packard) 260
Library C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe (Updates from HP/Hewlett-Packard) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\BackWeb.dll (BackWeb/BackWeb Technologies Inc.) 0x00900000
Library C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\bwsec.dll (bwsec/BackWeb) 0x10000000
Library C:\WINDOWS\system32\MSVCRT.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\clntutil.dll 0x00840000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\snmpapi.dll (SNMP Utility Library/Microsoft Corporation) 0x71F60000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x3D930000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x00850000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x78130000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x3DFD0000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\MFC42.DLL (MFCDLL Shared Library - Retail Version/Microsoft Corporation) 0x73DD0000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\MSVCP60.dll (Microsoft ® C++ Runtime Library/Microsoft Corporation) 0x76080000
Library C:\WINDOWS\system32\WSOCK32.dll (Windows Socket 32-Bit DLL/Microsoft Corporation) 0x71AD0000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\PROGRA~1\UPDATE~1\9972322\632~1.116\program\EN\ClientRC.dll (BackWeb/BackWeb Technologies Inc.) 0x00E10000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x00FC0000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\wtsapi32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F50000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76360000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\feclient.dll (Windows NT File Encryption Client Interfaces/Microsoft Corporation) 0x693F0000
Library C:\WINDOWS\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x71B20000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\Program Files\Updates from HP\9972322\Program\BWfiles-9972322.dll (Updates from HP/Hewlett-Packard) 0x01390000
Library C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\BWfiles.dll 0x013A0000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\IadHide5.dll (IAdHide/BackWeb) 0x015E0000
Library C:\WINDOWS\system32\inetmib1.dll (Microsoft MIB-II subagent/Microsoft Corporation) 0x666F0000
Library C:\WINDOWS\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\system32\MPRAPI.dll (Windows NT MP Router Administration DLL/Microsoft Corporation) 0x76D40000
Library C:\WINDOWS\system32\ACTIVEDS.dll (ADs Router Layer DLL/Microsoft Corporation) 0x77CC0000
Library C:\WINDOWS\system32\adsldpc.dll (ADs LDAP Provider C DLL/Microsoft Corporation) 0x76E10000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\WINDOWS\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x76B20000
Library C:\WINDOWS\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x76E80000
Library C:\WINDOWS\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71BF0000
Library C:\WINDOWS\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library C:\WINDOWS\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x71A50000
Library C:\WINDOWS\system32\hnetcfg.dll (Home Networking Configuration Manager/Microsoft Corporation) 0x662B0000
Library C:\Program Files\Updates from HP\9972322\Program\frext-9972322.dll (Updates from HP/Hewlett-Packard) 0x01670000
Library C:\Program Files\Updates from HP\9972322\6.3.2.116-9972322\Program\frext.dll 0x01680000
Library C:\WINDOWS\System32\wshtcpip.dll (Windows Sockets Helper DLL/Microsoft Corporation) 0x71A90000
Library C:\WINDOWS\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x76F20000
Library C:\WINDOWS\system32\msi.dll (Windows Installer/Microsoft Corporation) 0x7D1E0000
Library C:\WINDOWS\System32\winrnr.dll (LDAP RnR Provider DLL/Microsoft Corporation) 0x76FB0000
Library C:\WINDOWS\system32\SXS.DLL (Fusion 2.5/Microsoft Corporation) 0x7E720000
Library C:\WINDOWS\system32\rasadhlp.dll (Remote Access AutoDial Helper/Microsoft Corporation) 0x76FC0000
Library C:\Program Files\Updates from HP\9972322\Program\HPClientExt.dll 0x01E10000
Library C:\WINDOWS\system32\rasapi32.dll (Remote Access API/Microsoft Corporation) 0x76EE0000
Library C:\WINDOWS\system32\rasman.dll (Remote Access Connection Manager/Microsoft Corporation) 0x76E90000
Library C:\WINDOWS\system32\TAPI32.dll (Microsoft® Windows™ Telephony API Client DLL/Microsoft Corporation) 0x76EB0000

Process C:\Documents and Settings\HP_Administrator\Desktop\gmer\gmer.exe 344
Library C:\Documents and Settings\HP_Administrator\Desktop\gmer\gmer.exe 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\COMCTL32.DLL (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\IadHide5.dll (IAdHide/BackWeb) 0x10000000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\VERSION.DLL (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000

Process C:\WINDOWS\System32\smss.exe (Windows NT Session Manager/Microsoft Corporation) 596
Library C:\WINDOWS\System32\smss.exe (Windows NT Session Manager/Microsoft Corporation) 0x48580000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000

Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 660
Library C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x77690000
Library C:\WINDOWS\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71BF0000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x00630000
Library c:\windows\system32\webclnt.dll (Web DAV Service DLL/Microsoft Corporation) 0x5A6E0000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x3D930000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x00940000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x78130000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x3DFD0000
Library c:\windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library c:\windows\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000

Process C:\WINDOWS\system32\csrss.exe (Client Server Runtime Process/Microsoft Corporation) 664
Library C:\WINDOWS\system32\csrss.exe (Client Server Runtime Process/Microsoft Corporation) 0x4A680000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\CSRSRV.dll (Client Server Runtime Process/Microsoft Corporation) 0x75B40000
Library C:\WINDOWS\system32\basesrv.dll (Windows NT BASE API Server DLL/Microsoft Corporation) 0x75B50000
Library C:\WINDOWS\system32\winsrv.dll (Windows Server DLL/Microsoft Corporation) 0x75B60000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\KERNEL32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\sxs.dll (Fusion 2.5/Microsoft Corporation) 0x7E720000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
  • 0

#5
daic
Posted 31 December 2009 - 03:05 AM

daic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Process C:\WINDOWS\system32\winlogon.exe (Windows NT Logon Application/Microsoft Corporation) 696
Library C:\WINDOWS\system32\winlogon.exe (Windows NT Logon Application/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x776C0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\NDdeApi.dll (Network DDE Share Management APIs/Microsoft Corporation) 0x75940000
Library C:\WINDOWS\system32\PROFMAP.dll (Userenv/Microsoft Corporation) 0x75930000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76BF0000
Library C:\WINDOWS\system32\REGAPI.dll (Registry Configuration APIs/Microsoft Corporation) 0x76BC0000
Library C:\WINDOWS\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76360000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\system32\MSGINA.dll (Windows NT Logon GINA DLL/Microsoft Corporation) 0x75970000
Library C:\WINDOWS\system32\COMCTL32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\ODBC32.dll (Microsoft Data Access - ODBC Driver Manager/Microsoft Corporation) 0x74320000
Library C:\WINDOWS\system32\comdlg32.dll (Common Dialogs DLL/Microsoft Corporation) 0x763B0000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\odbcint.dll (Microsoft Data Access - ODBC Resources/Microsoft Corporation) 0x00970000
Library C:\WINDOWS\system32\SHSVCS.dll (Windows Shell Services Dll/Microsoft Corporation) 0x776E0000
Library C:\WINDOWS\system32\sfc.dll (Windows File Protection/Microsoft Corporation) 0x76BB0000
Library C:\WINDOWS\system32\sfc_os.dll (Windows File Protection/Microsoft Corporation) 0x76C60000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\Apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x77B40000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\WINDOWS\system32\WINSCARD.DLL (Microsoft Smart Card API/Microsoft Corporation) 0x723D0000
Library C:\WINDOWS\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F50000
Library C:\WINDOWS\system32\sxs.dll (Fusion 2.5/Microsoft Corporation) 0x7E720000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\Ati2evxx.dll (ATI External Event Utility DLL Module/ATI Technologies Inc.) 0x10000000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\cscdll.dll (Offline Network Agent/Microsoft Corporation) 0x76600000
Library C:\WINDOWS\System32\dimsntfy.dll (DIMS Notification Handler/Microsoft Corporation) 0x47020000
Library C:\WINDOWS\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x68000000
Library C:\WINDOWS\system32\WlNotify.dll (Common DLL to receive Winlogon notifications/Microsoft Corporation) 0x75950000
Library C:\WINDOWS\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x71B20000
Library C:\WINDOWS\system32\WINSPOOL.DRV (Windows Spooler Driver/Microsoft Corporation) 0x73000000
Library C:\WINDOWS\system32\msv1_0.dll (Microsoft Authentication Package v1.0/Microsoft Corporation) 0x77C70000
Library C:\WINDOWS\system32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x76790000
Library C:\WINDOWS\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71BF0000
Library C:\WINDOWS\system32\cscui.dll (Client Side Caching UI/Microsoft Corporation) 0x77A20000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x016E0000
Library C:\WINDOWS\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x77690000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000

Process C:\WINDOWS\system32\services.exe (Services and Controller app/Microsoft Corporation) 740
Library C:\WINDOWS\system32\services.exe (Services and Controller app/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\NCObjAPI.DLL (Microsoft Corporation) 0x5F770000
Library C:\WINDOWS\system32\MSVCP60.dll (Microsoft ® C++ Runtime Library/Microsoft Corporation) 0x76080000
Library C:\WINDOWS\system32\SCESRV.dll (Windows Security Configuration Editor Engine/Microsoft Corporation) 0x7DBD0000
Library C:\WINDOWS\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x776C0000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\umpnpmgr.dll (User-mode Plug-and-Play Service/Microsoft Corporation) 0x7DBA0000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76360000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcAdProc.dll (Windows Compatibility DLL/Microsoft Corporation) 0x47260000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\system32\Apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x77B40000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\eventlog.dll (Event Logging Service/Microsoft Corporation) 0x77B70000
Library C:\WINDOWS\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76BF0000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\wtsapi32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F50000

Process C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) 752
Library C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\LSASRV.dll (LSA Server DLL/Microsoft Corporation) 0x75730000
Library C:\WINDOWS\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x71B20000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\NTDSAPI.dll (NT5DS/Microsoft Corporation) 0x767A0000
Library C:\WINDOWS\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x76F20000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\WINDOWS\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71BF0000
Library C:\WINDOWS\system32\SAMSRV.dll (SAM Server DLL/Microsoft Corporation) 0x74440000
Library C:\WINDOWS\system32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x76790000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\msprivs.dll (Microsoft Privilege Translations/Microsoft Corporation) 0x4D200000
Library C:\WINDOWS\system32\kerberos.dll (Kerberos Security Package/Microsoft Corporation) 0x71CF0000
Library C:\WINDOWS\system32\msv1_0.dll (Microsoft Authentication Package v1.0/Microsoft Corporation) 0x77C70000
Library C:\WINDOWS\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\system32\netlogon.dll (Net Logon Services DLL/Microsoft Corporation) 0x744B0000
Library C:\WINDOWS\system32\w32time.dll (Windows Time Service/Microsoft Corporation) 0x767C0000
Library C:\WINDOWS\system32\MSVCP60.dll (Microsoft ® C++ Runtime Library/Microsoft Corporation) 0x76080000
Library C:\WINDOWS\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x767F0000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\wdigest.dll (Microsoft Digest Access/Microsoft Corporation) 0x7DFC0000
Library C:\WINDOWS\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x68000000
Library C:\WINDOWS\system32\setupapi.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library C:\WINDOWS\system32\scecli.dll (Windows Security Configuration Editor Client Engine/Microsoft Corporation) 0x74410000
Library C:\WINDOWS\system32\ipsecsvc.dll (Windows IPSec SPD Server DLL/Microsoft Corporation) 0x743E0000
Library C:\WINDOWS\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x776C0000
Library C:\WINDOWS\system32\oakley.DLL (Oakley Key Manager/Microsoft Corporation) 0x75D90000
Library C:\WINDOWS\system32\WINIPSEC.DLL (Windows IPSec SPD Client DLL/Microsoft Corporation) 0x74370000
Library C:\WINDOWS\system32\pstorsvc.dll (Protected storage server/Microsoft Corporation) 0x743A0000
Library C:\WINDOWS\system32\psbase.dll (Protected Storage default provider/Microsoft Corporation) 0x743C0000
Library C:\WINDOWS\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x71A50000
Library C:\WINDOWS\system32\hnetcfg.dll (Home Networking Configuration Manager/Microsoft Corporation) 0x662B0000
Library C:\WINDOWS\System32\wshtcpip.dll (Windows Sockets Helper DLL/Microsoft Corporation) 0x71A90000
Library C:\WINDOWS\system32\dssenh.dll (Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider/Microsoft Corporation) 0x68100000

Process C:\WINDOWS\arservice.exe (ARSVC Application/Microsoft) 896
Library C:\WINDOWS\arservice.exe (ARSVC Application/Microsoft) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\POWRPROF.dll (Power Profile Helper DLL/Microsoft Corporation) 0x74AD0000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000

Process C:\WINDOWS\system32\Ati2evxx.exe (ATI External Event Utility EXE Module/ATI Technologies Inc.) 936
Library C:\WINDOWS\system32\Ati2evxx.exe (ATI External Event Utility EXE Module/ATI Technologies Inc.) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76BF0000
Library C:\WINDOWS\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\system32\wtsapi32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F50000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76360000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\powrprof.dll (Power Profile Helper DLL/Microsoft Corporation) 0x74AD0000
Library C:\WINDOWS\system32\cfgMgr32.dll (Configuration Manager Forwarder DLL/Microsoft Corporation) 0x74AE0000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library C:\WINDOWS\system32\Ati2edxx.dll (ati2edxx/ATI Technologies, Inc.) 0x003C0000
Library C:\WINDOWS\system32\atipdlxx.dll (ATI Desktop CWDDEDI DLL/ATI Technologies, Inc.) 0x10000000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000

Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 956
Library C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x77690000
Library C:\WINDOWS\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71BF0000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library c:\windows\system32\rpcss.dll (Distributed COM Services/Microsoft Corporation) 0x76A80000
Library c:\windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library c:\windows\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x006B0000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library c:\windows\system32\termsrv.dll (Terminal Server Service/Microsoft Corporation) 0x760F0000
Library c:\windows\system32\ICAAPI.dll (DLL Interface to TermDD Device Driver/Microsoft Corporation) 0x74F70000
Library c:\windows\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library c:\windows\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library c:\windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library c:\windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library c:\windows\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x776C0000
Library c:\windows\system32\mstlsapi.dll (Microsoft® Terminal Server Licensing/Microsoft Corporation) 0x75110000
Library c:\windows\system32\ACTIVEDS.dll (ADs Router Layer DLL/Microsoft Corporation) 0x77CC0000
Library c:\windows\system32\adsldpc.dll (ADs LDAP Provider C DLL/Microsoft Corporation) 0x76E10000
Library c:\windows\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library c:\windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x76B20000
Library C:\WINDOWS\system32\REGAPI.dll (Registry Configuration APIs/Microsoft Corporation) 0x76BC0000
Library C:\WINDOWS\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x68000000
Library C:\WINDOWS\system32\Apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x77B40000

Process C:\WINDOWS\eHome\ehRecvr.exe (Media Center Receiver Service/Microsoft Corporation) 988
Library C:\WINDOWS\eHome\ehRecvr.exe (Media Center Receiver Service/Microsoft Corporation) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x76B20000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\faultrep.DLL (Windows Error Reporting/Microsoft Corporation) 0x69450000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76360000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F50000
Library C:\WINDOWS\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76BF0000
Library C:\WINDOWS\eHome\ehTrace.dll (Media Center Event Trace Module/Microsoft Corporation) 0x46630000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x00590000
Library C:\WINDOWS\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x77690000
Library C:\WINDOWS\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71BF0000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\sbe.dll 0x4EE30000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\msvidctl.dll (ActiveX control for streaming video/Microsoft Corporation) 0x35800000
Library C:\WINDOWS\system32\quartz.dll 0x74810000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\devenum.dll 0x75F40000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library C:\WINDOWS\system32\msdmo.dll 0x736B0000

Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1008
Library C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library c:\windows\system32\rpcss.dll (Distributed COM Services/Microsoft Corporation) 0x76A80000
Library c:\windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library c:\windows\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x006B0000
Library C:\WINDOWS\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x68000000
Library C:\WINDOWS\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x71A50000
Library C:\WINDOWS\system32\hnetcfg.dll (Home Networking Configuration Manager/Microsoft Corporation) 0x662B0000
Library C:\WINDOWS\System32\wshtcpip.dll (Windows Sockets Helper DLL/Microsoft Corporation) 0x71A90000
Library C:\WINDOWS\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x76F20000
Library C:\WINDOWS\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\System32\winrnr.dll (LDAP RnR Provider DLL/Microsoft Corporation) 0x76FB0000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\WINDOWS\system32\rasadhlp.dll (Remote Access AutoDial Helper/Microsoft Corporation) 0x76FC0000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000

Process C:\WINDOWS\eHome\ehSched.exe (Media Center Scheduler Service/Microsoft Corporation) 1060
Library C:\WINDOWS\eHome\ehSched.exe (Media Center Scheduler Service/Microsoft Corporation) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x76B20000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x00570000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\msi.dll (Windows Installer/Microsoft Corporation) 0x7D1E0000
Library C:\WINDOWS\eHome\ehProxy.dll (Media Center Proxy/Microsoft Corporation) 0x49E10000
Library C:\WINDOWS\system32\SXS.DLL (Fusion 2.5/Microsoft Corporation) 0x7E720000

Process C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1112
Library C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\System32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\System32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\System32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\System32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\System32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x77690000
Library C:\WINDOWS\System32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71BF0000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\WINDOWS\System32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x00630000
Library c:\windows\system32\shsvcs.dll (Windows Shell Services Dll/Microsoft Corporation) 0x776E0000
Library C:\WINDOWS\System32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76360000
Library C:\WINDOWS\System32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library c:\windows\system32\dhcpcsvc.dll (DHCP Client Service/Microsoft Corporation) 0x7D4B0000
Library c:\windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x76F20000
Library c:\windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library c:\windows\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library c:\windows\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x71A50000
Library C:\WINDOWS\System32\hnetcfg.dll (Home Networking Configuration Manager/Microsoft Corporation) 0x662B0000
Library C:\WINDOWS\System32\wshtcpip.dll (Windows Sockets Helper DLL/Microsoft Corporation) 0x71A90000
Library c:\windows\system32\wzcsvc.dll (Wireless Zero Configuration Service/Microsoft Corporation) 0x7DB10000
Library c:\windows\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x76E80000
Library c:\windows\system32\WMI.dll (WMI DC and DP functionality/Microsoft Corporation) 0x76D30000
Library c:\windows\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library c:\windows\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library c:\windows\system32\EapolQec.dll (Microsoft EAPOL NAP Enforcement Client/Microsoft Corporation) 0x72810000
Library c:\windows\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x76B20000
Library c:\windows\system32\QUtil.dll (Quarantine Utilities/Microsoft Corporation) 0x726C0000
Library c:\windows\system32\MSVCP60.dll (Microsoft ® C++ Runtime Library/Microsoft Corporation) 0x76080000
Library c:\windows\system32\dot3api.dll (802.3 Autoconfiguration API/Microsoft Corporation) 0x478C0000
Library c:\windows\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F50000
Library c:\windows\system32\ESENT.dll (Server Database Storage Engine/Microsoft Corporation) 0x606B0000
Library C:\WINDOWS\System32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x68000000
Library C:\WINDOWS\System32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\System32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\System32\rastls.dll (Remote Access PPP EAP-TLS/Microsoft Corporation) 0x76B70000
Library C:\WINDOWS\System32\CRYPTUI.dll (Microsoft Trust UI Provider/Microsoft Corporation) 0x754D0000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x3D930000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x00C40000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x78130000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x3DFD0000
Library C:\WINDOWS\System32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library C:\WINDOWS\System32\MPRAPI.dll (Windows NT MP Router Administration DLL/Microsoft Corporation) 0x76D40000
Library C:\WINDOWS\System32\ACTIVEDS.dll (ADs Router Layer DLL/Microsoft Corporation) 0x77CC0000
Library C:\WINDOWS\System32\adsldpc.dll (ADs LDAP Provider C DLL/Microsoft Corporation) 0x76E10000
Library C:\WINDOWS\System32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library C:\WINDOWS\System32\RASAPI32.dll (Remote Access API/Microsoft Corporation) 0x76EE0000
Library C:\WINDOWS\System32\rasman.dll (Remote Access Connection Manager/Microsoft Corporation) 0x76E90000
Library C:\WINDOWS\System32\TAPI32.dll (Microsoft® Windows™ Telephony API Client DLL/Microsoft Corporation) 0x76EB0000
Library C:\WINDOWS\System32\SCHANNEL.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x767F0000
Library C:\WINDOWS\System32\WinSCard.dll (Microsoft Smart Card API/Microsoft Corporation) 0x723D0000
Library C:\WINDOWS\System32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76BF0000
Library c:\windows\system32\schedsvc.dll (Task Scheduler Engine/Microsoft Corporation) 0x77300000
Library c:\windows\system32\NTDSAPI.dll (NT5DS/Microsoft Corporation) 0x767A0000
Library C:\WINDOWS\System32\raschap.dll (Remote Access PPP CHAP/Microsoft Corporation) 0x76BD0000
Library C:\WINDOWS\system32\msv1_0.dll (Microsoft Authentication Package v1.0/Microsoft Corporation) 0x77C70000
Library C:\WINDOWS\System32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x76790000
Library C:\WINDOWS\System32\MSIDLE.DLL (User Idle Monitor/Microsoft Corporation) 0x74F50000
Library c:\windows\system32\audiosrv.dll (Windows Audio Service/Microsoft Corporation) 0x708B0000
Library c:\windows\system32\wkssvc.dll (Workstation Service DLL/Microsoft Corporation) 0x76E40000
Library c:\windows\system32\dmserver.dll (Logical Disk Manager service dll/Microsoft Corp.) 0x74F90000
Library c:\windows\system32\cryptsvc.dll (Cryptographic Services/Microsoft Corporation) 0x76CE0000
Library c:\windows\system32\certcli.dll (Microsoft® Certificate Services Client/Microsoft Corporation) 0x77B90000
Library c:\windows\system32\ersvc.dll (Windows Error Reporting Service/Microsoft Corporation) 0x74F80000
Library c:\windows\system32\es.dll (Microsoft Corporation) 0x77710000
Library c:\windows\system32\srvsvc.dll (Server Service DLL/Microsoft Corporation) 0x75090000
Library c:\windows\system32\netman.dll (Network Connections Manager/Microsoft Corporation) 0x77D00000
Library c:\windows\system32\netshell.dll (Network Connections Shell/Microsoft Corporation) 0x76400000
Library c:\windows\system32\credui.dll (Credential Manager User Interface/Microsoft Corporation) 0x76C00000
Library c:\windows\system32\dot3dlg.dll (802.3 UI Helper/Microsoft Corporation) 0x736D0000
Library c:\windows\system32\OneX.DLL (IEEE 802.1X supplicant library/Microsoft Corporation) 0x5DCA0000
Library c:\windows\system32\eappcfg.dll (Eap Peer Config/Microsoft Corporation) 0x745B0000
Library c:\windows\system32\eappprxy.dll (Microsoft EAPHost Peer Client DLL/Microsoft Corporation) 0x5DCD0000
Library c:\windows\system32\WZCSAPI.DLL (Wireless Zero Configuration service API/Microsoft Corporation) 0x73030000
Library c:\windows\system32\srsvc.dll (System Restore Service/Microsoft Corporation) 0x751A0000
Library c:\windows\system32\POWRPROF.dll (Power Profile Helper DLL/Microsoft Corporation) 0x74AD0000
Library c:\windows\pchealth\helpctr\binaries\pchsvc.dll (Microsoft PCHealth Service Holder/Microsoft Corporation) 0x74F40000
Library c:\windows\system32\seclogon.dll (Secondary Logon Service DLL/Microsoft Corporation) 0x73D20000
Library c:\windows\system32\trkwks.dll (Distributed Link Tracking Client/Microsoft Corporation) 0x75070000
Library c:\windows\system32\w32time.dll (Windows Time Service/Microsoft Corporation) 0x767C0000
Library c:\windows\system32\wbem\wmisvc.dll (WMI/Microsoft Corporation) 0x59490000
Library C:\WINDOWS\system32\VSSAPI.DLL (Microsoft® Volume Shadow Copy Requestor/Writer Services API DLL/Microsoft Corporation) 0x753E0000
Library c:\windows\system32\wuauserv.dll (Windows Update AutoUpdate Service/Microsoft Corporation) 0x50000000
Library C:\WINDOWS\system32\wuaueng.dll (Windows Update Agent/Microsoft Corporation) 0x50040000
Library C:\WINDOWS\System32\WINSPOOL.DRV (Windows Spooler Driver/Microsoft Corporation) 0x73000000
Library C:\WINDOWS\System32\WINHTTP.dll (Windows HTTP Services/Microsoft Corporation) 0x4D4F0000
Library C:\WINDOWS\System32\Cabinet.dll (Microsoft® Cabinet File API/Microsoft Corporation) 0x75150000
Library C:\WINDOWS\System32\mspatcha.dll (Microsoft® Patch Engine/Microsoft Corporation) 0x600A0000
Library c:\windows\system32\sens.dll (System Event Notification Service (SENS)/Microsoft Corporation) 0x722D0000
Library C:\WINDOWS\System32\sfc.dll (Windows File Protection/Microsoft Corporation) 0x76BB0000
Library C:\WINDOWS\System32\sfc_os.dll (Windows File Protection/Microsoft Corporation) 0x76C60000
Library c:\windows\system32\browser.dll (Computer Browser Service DLL/Microsoft Corporation) 0x76DA0000
Library c:\windows\system32\ipnathlp.dll (Microsoft NAT Helper Components/Microsoft Corporation) 0x66460000
Library c:\windows\system32\AUTHZ.dll (Authorization Framework/Microsoft Corporation) 0x776C0000
Library c:\windows\system32\wscsvc.dll (Windows Security Center Service/Microsoft Corporation) 0x4C0A0000
Library c:\windows\system32\msi.dll (Windows Installer/Microsoft Corporation) 0x7D1E0000
Library C:\WINDOWS\system32\wbem\wbemcomn.dll (WMI/Microsoft Corporation) 0x75290000
Library C:\WINDOWS\System32\SXS.DLL (Fusion 2.5/Microsoft Corporation) 0x7E720000
Library C:\WINDOWS\System32\Wbem\wbemcore.dll (WMI/Microsoft Corporation) 0x762C0000
Library C:\WINDOWS\System32\Wbem\esscli.dll (WMI/Microsoft Corporation) 0x75310000
Library C:\WINDOWS\System32\Wbem\FastProx.dll (WMI/Microsoft Corporation) 0x75690000
Library C:\WINDOWS\system32\comsvcs.dll (Microsoft Corporation) 0x76620000
Library C:\WINDOWS\system32\colbact.DLL (Microsoft Corporation) 0x75130000
Library C:\WINDOWS\system32\MTXCLU.DLL (MS DTC amd MTS clustering support DLL/Microsoft Corporation) 0x750F0000
Library C:\WINDOWS\system32\WSOCK32.dll (Windows Socket 32-Bit DLL/Microsoft Corporation) 0x71AD0000
Library C:\WINDOWS\System32\CLUSAPI.DLL (Cluster API Library/Microsoft Corporation) 0x76D10000
Library C:\WINDOWS\System32\RESUTILS.DLL (Microsoft Cluster Resource Utility DLL/Microsoft Corporation) 0x750B0000
Library C:\WINDOWS\system32\Apphelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x77B40000
Library C:\WINDOWS\system32\wbem\wbemsvc.dll (WMI/Microsoft Corporation) 0x74ED0000
Library C:\WINDOWS\system32\wbem\wmiutils.dll (WMI/Microsoft Corporation) 0x75020000
Library C:\WINDOWS\system32\wbem\repdrvfs.dll (WMI/Microsoft Corporation) 0x75200000
Library C:\WINDOWS\system32\wbem\wmiprvsd.dll (WMI/Microsoft Corporation) 0x3F1E0000
Library C:\WINDOWS\system32\NCObjAPI.DLL (Microsoft Corporation) 0x5F770000
Library C:\WINDOWS\system32\wbem\wbemess.dll (WMI/Microsoft Corporation) 0x75390000
Library C:\WINDOWS\system32\wbem\ncprov.dll (Non-COM WMI Event Provision APIs/Microsoft Corporation) 0x5F740000
Library C:\WINDOWS\system32\wups2.dll (Windows Update client proxy stub 2/Microsoft Corporation) 0x50F00000
Library C:\WINDOWS\system32\upnp.dll (Universal Plug and Play API/Microsoft Corporation) 0x76DE0000
Library C:\WINDOWS\system32\SSDPAPI.dll (SSDP Client API DLL/Microsoft Corporation) 0x74F00000
Library C:\WINDOWS\System32\rasadhlp.dll (Remote Access AutoDial Helper/Microsoft Corporation) 0x76FC0000
Library C:\WINDOWS\system32\netcfgx.dll (Network Configuration Objects/Microsoft Corporation) 0x755F0000
Library C:\WINDOWS\System32\RASDLG.dll (Remote Access Common Dialog API/Microsoft Corporation) 0x768D0000
Library C:\WINDOWS\System32\NETRAP.dll (Net Remote Admin Protocol DLL/Microsoft Corporation) 0x71C80000
Library c:\windows\system32\tapisrv.dll (Microsoft® Windows™ Telephony Server/Microsoft Corporation) 0x733E0000
Library c:\windows\system32\rasmans.dll (Remote Access Connection Manager/Microsoft Corporation) 0x7DF30000
Library c:\windows\system32\WINIPSEC.DLL (Windows IPSec SPD Client DLL/Microsoft Corporation) 0x74370000
Library C:\WINDOWS\System32\rastapi.dll (Remote Access TAPI Compliance Layer/Microsoft Corporation) 0x75880000
Library C:\WINDOWS\System32\unimdm.tsp (Unimodem 5 Service Provider/Microsoft Corporation) 0x57CC0000
Library C:\WINDOWS\System32\uniplat.dll (Unimodem AT Mini Driver Platform Driver for Windows NT/Microsoft Corporation) 0x72000000
Library C:\WINDOWS\System32\kmddsp.tsp (TAPI Kernel-Mode Service Provider/Microsoft Corporation) 0x57D40000
Library C:\WINDOWS\System32\ndptsp.tsp (NDIS Proxy TAPI Service Provider/Microsoft Corporation) 0x57D20000
Library C:\WINDOWS\System32\ipconf.tsp (Microsoft Multicast Conference TAPI Service Provider/Microsoft Corporation) 0x57D50000
Library C:\WINDOWS\System32\h323.tsp (Microsoft H.323 Telephony Service Provider/Microsoft Corporation) 0x57D70000
Library C:\WINDOWS\System32\hidphone.tsp (Microsoft HID Phone TSP/Microsoft Corporation) 0x57D60000
Library C:\WINDOWS\System32\HID.DLL (Hid User Library/Microsoft Corporation) 0x688F0000
Library C:\WINDOWS\System32\rasppp.dll (Remote Access PPP/Microsoft Corporation) 0x72240000
Library C:\WINDOWS\System32\ntlsapi.dll (Microsoft® License Server Interface DLL/Microsoft Corporation) 0x724B0000
Library C:\WINDOWS\system32\kerberos.dll (Kerberos Security Package/Microsoft Corporation) 0x71CF0000
Library C:\WINDOWS\System32\RASQEC.DLL (RAS Quarantine Enforcement Client/Microsoft Corporation) 0x72AE0000
Library c:\windows\system32\qmgr.dll (Background Intelligent Transfer Service/Microsoft Corporation) 0x5B9F0000
Library C:\WINDOWS\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x71B20000
Library c:\windows\system32\SHFOLDER.dll (Shell Folder Service/Microsoft Corporation) 0x76780000
Library C:\WINDOWS\system32\qmgrprxy.dll (Background Intelligent Transfer Service Proxy/Microsoft Corporation) 0x5DDC0000
Library C:\WINDOWS\system32\advpack.dll (ADVPACK/Microsoft Corporation) 0x65000000
Library C:\WINDOWS\System32\catsrvut.dll (Microsoft Corporation) 0x6FB10000
Library C:\WINDOWS\System32\catsrv.dll (Microsoft Corporation) 0x6FBD0000
Library C:\WINDOWS\System32\MfcSubs.dll (Microsoft Corporation) 0x61990000
Library C:\WINDOWS\system32\wuapi.dll (Windows Update Client API/Microsoft Corporation) 0x506A0000
Library C:\WINDOWS\system32\msxml3.dll (MSXML 3.0 SP10/Microsoft Corporation) 0x74980000
Library C:\WINDOWS\System32\winrnr.dll (LDAP RnR Provider DLL/Microsoft Corporation) 0x76FB0000
Library C:\WINDOWS\System32\dssenh.dll (Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider/Microsoft Corporation) 0x68100000

Process C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company) 1140
Library C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\Program Files\Common Files\LightScribe\LSSProxy.dll (Hewlett-Packard Company) 0x67000000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76BF0000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\Program Files\Common Files\LightScribe\LSLog.dll (Hewlett-Packard Company) 0x68000000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x78130000
Library C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCP80.dll (Microsoft® C++ Runtime Library/Microsoft Corporation) 0x7C420000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000

Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1208
Library C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library c:\windows\system32\dnsrslvr.dll (DNS Caching Resolver Service/Microsoft Corporation) 0x76770000
Library c:\windows\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x76F20000
Library c:\windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library c:\windows\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library c:\windows\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x68000000
Library C:\WINDOWS\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x71A50000
Library C:\WINDOWS\system32\hnetcfg.dll (Home Networking Configuration Manager/Microsoft Corporation) 0x662B0000
Library C:\WINDOWS\System32\wshtcpip.dll (Windows Sockets Helper DLL/Microsoft Corporation) 0x71A90000

Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1280
Library C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x77690000
Library C:\WINDOWS\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71BF0000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x00630000
Library c:\windows\system32\lmhsvc.dll (TCPIP NetBios Transport Services DLL/Microsoft Corporation) 0x74C40000
Library c:\windows\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x76D60000
Library c:\windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library c:\windows\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library c:\windows\system32\regsvc.dll (Remote Registry Service/Microsoft Corporation) 0x76AF0000

Process C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) 1304
Library C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x00670000
Library C:\WINDOWS\system32\COMSVCS.DLL (Microsoft Corporation) 0x76620000
Library C:\WINDOWS\system32\colbact.DLL (Microsoft Corporation) 0x75130000
Library C:\WINDOWS\system32\MTXCLU.DLL (MS DTC amd MTS clustering support DLL/Microsoft Corporation) 0x750F0000
Library C:\WINDOWS\system32\WSOCK32.dll (Windows Socket 32-Bit DLL/Microsoft Corporation) 0x71AD0000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\CLUSAPI.DLL (Cluster API Library/Microsoft Corporation) 0x76D10000
Library C:\WINDOWS\system32\RESUTILS.DLL (Microsoft Cluster Resource Utility DLL/Microsoft Corporation) 0x750B0000
Library C:\WINDOWS\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x68000000
Library C:\WINDOWS\system32\txflog.dll (Simple Kernel-mode File-based Log/Microsoft Corporation) 0x5B2B0000
Library C:\WINDOWS\system32\ES.DLL (Microsoft Corporation) 0x77710000
Library C:\WINDOWS\system32\wtsapi32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F50000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76360000
Library C:\WINDOWS\system32\SXS.DLL (Fusion 2.5/Microsoft Corporation) 0x7E720000

Process C:\WINDOWS\system32\Ati2evxx.exe (ATI External Event Utility EXE Module/ATI Technologies Inc.) 1420
Library C:\WINDOWS\system32\Ati2evxx.exe (ATI External Event Utility EXE Module/ATI Technologies Inc.) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76BF0000
Library C:\WINDOWS\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\system32\wtsapi32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F50000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76360000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\powrprof.dll (Power Profile Helper DLL/Microsoft Corporation) 0x74AD0000
Library C:\WINDOWS\system32\cfgMgr32.dll (Configuration Manager Forwarder DLL/Microsoft Corporation) 0x74AE0000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x00D90000
Library C:\WINDOWS\system32\Ati2edxx.dll (ati2edxx/ATI Technologies, Inc.) 0x00C90000
Library C:\WINDOWS\system32\atipdlxx.dll (ATI Desktop CWDDEDI DLL/ATI Technologies, Inc.) 0x10000000
Library C:\WINDOWS\system32\ati2evxx.dll (ATI External Event Utility DLL Module/ATI Technologies Inc.) 0x00CC0000
Library C:\WINDOWS\system32\winspool.drv (Windows Spooler Driver/Microsoft Corporation) 0x73000000

Process C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 1448
Library C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x77690000
Library C:\WINDOWS\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71BF0000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x00630000
Library c:\windows\system32\ssdpsrv.dll (SSDP Service DLL/Microsoft Corporation) 0x765E0000
Library c:\windows\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library c:\windows\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\hnetcfg.dll (Home Networking Configuration Manager/Microsoft Corporation) 0x662B0000
Library C:\WINDOWS\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x71A50000
Library C:\WINDOWS\System32\wshtcpip.dll (Windows Sockets Helper DLL/Microsoft Corporation) 0x71A90000

Process C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) 1540
Library C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\SPOOLSS.DLL (Spooler SubSystem DLL/Microsoft Corporation) 0x742E0000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x76F20000
Library C:\WINDOWS\system32\rasadhlp.dll (Remote Access AutoDial Helper/Microsoft Corporation) 0x76FC0000
Library C:\WINDOWS\system32\localspl.dll (Local Spooler DLL/Microsoft Corporation) 0x75BB0000
Library C:\WINDOWS\system32\sfc_os.dll (Windows File Protection/Microsoft Corporation) 0x76C60000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library C:\WINDOWS\system32\winspool.drv (Windows Spooler Driver/Microsoft Corporation) 0x73000000
Library C:\WINDOWS\system32\netapi32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\cnbjmon.dll (Langage Monitor for Canon Bubble-Jet Printer/Microsoft Corporation) 0x742A0000
Library C:\WINDOWS\system32\FXSMON.DLL (Microsoft Fax Print Monitor/Microsoft Corporation) 0x68F00000
Library C:\WINDOWS\system32\FXSEVENT.dll (Microsoft Fax EventLog Support DLL/Microsoft Corporation) 0x68F20000
Library C:\WINDOWS\system32\pjlmon.dll (PJL Language monitor/Microsoft Corporation) 0x74280000
Library C:\WINDOWS\system32\tcpmon.dll (Standard TCP/IP Port Monitor DLL/Microsoft Corporation) 0x72400000
Library C:\WINDOWS\system32\usbmon.dll (Standard Dynamic Printing Port Monitor DLL/Microsoft Corporation) 0x723F0000
Library C:\WINDOWS\System32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x71A50000
Library C:\WINDOWS\System32\winrnr.dll (LDAP RnR Provider DLL/Microsoft Corporation) 0x76FB0000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\WINDOWS\system32\win32spl.dll (32-bit Spooler API DLL/Microsoft Corporation) 0x75C10000
Library C:\WINDOWS\system32\NETRAP.dll (Net Remote Admin Protocol DLL/Microsoft Corporation) 0x71C80000
Library C:\WINDOWS\system32\NTDSAPI.dll (NT5DS/Microsoft Corporation) 0x767A0000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\inetpp.dll (Internet Print Provider DLL/Microsoft Corporation) 0x74300000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x01010000

Process C:\WINDOWS\Explorer.EXE (Windows Explorer/Microsoft Corporation) 1804
Library C:\WINDOWS\Explorer.EXE (Windows Explorer/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\BROWSEUI.dll (Shell Browser UI Library/Microsoft Corporation) 0x75F80000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\SHDOCVW.dll (Shell Doc Object and Control Library/Microsoft Corporation) 0x7E290000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\CRYPTUI.dll (Microsoft Trust UI Provider/Microsoft Corporation) 0x754D0000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x3D930000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x00400000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x78130000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x3DFD0000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\WINDOWS\system32\appHelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x77B40000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\System32\cscui.dll (Client Side Caching UI/Microsoft Corporation) 0x77A20000
Library C:\WINDOWS\System32\CSCDLL.dll (Offline Network Agent/Microsoft Corporation) 0x76600000
Library C:\WINDOWS\system32\themeui.dll (Windows Theme API/Microsoft Corporation) 0x5BA60000
Library C:\WINDOWS\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x76380000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x01100000
Library C:\WINDOWS\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71BF0000
Library C:\WINDOWS\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library C:\WINDOWS\system32\LINKINFO.dll (Windows Volume Tracking/Microsoft Corporation) 0x76980000
Library C:\WINDOWS\system32\ntshrui.dll (Shell extensions for sharing/Microsoft Corporation) 0x76990000
Library C:\WINDOWS\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x76B20000
Library C:\WINDOWS\system32\ieframe.dll (Internet Explorer/Microsoft Corporation) 0x3E1C0000
Library C:\WINDOWS\system32\msi.dll (Windows Installer/Microsoft Corporation) 0x7D1E0000
Library C:\WINDOWS\system32\NETSHELL.dll (Network Connections Shell/Microsoft Corporation) 0x76400000
Library C:\WINDOWS\system32\credui.dll (Credential Manager User Interface/Microsoft Corporation) 0x76C00000
Library C:\WINDOWS\system32\dot3api.dll (802.3 Autoconfiguration API/Microsoft Corporation) 0x478C0000
Library C:\WINDOWS\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x76E80000
Library C:\WINDOWS\system32\dot3dlg.dll (802.3 UI Helper/Microsoft Corporation) 0x736D0000
Library C:\WINDOWS\system32\OneX.DLL (IEEE 802.1X supplicant library/Microsoft Corporation) 0x5DCA0000
Library C:\WINDOWS\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F50000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76360000
Library C:\WINDOWS\system32\eappcfg.dll (Eap Peer Config/Microsoft Corporation) 0x745B0000
Library C:\WINDOWS\system32\MSVCP60.dll (Microsoft ® C++ Runtime Library/Microsoft Corporation) 0x76080000
Library C:\WINDOWS\system32\eappprxy.dll (Microsoft EAPHost Peer Client DLL/Microsoft Corporation) 0x5DCD0000
Library C:\WINDOWS\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\MLANG.dll (Multi Language Support DLL/Microsoft Corporation) 0x75CF0000
Library C:\WINDOWS\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x68000000
Library C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\IadHide5.dll (IAdHide/BackWeb) 0x10000000
Library C:\WINDOWS\system32\webcheck.dll (Web Site Monitor/Microsoft Corporation) 0x01690000
Library C:\WINDOWS\system32\stobject.dll (Systray shell service object/Microsoft Corporation) 0x76280000
Library C:\WINDOWS\system32\BatMeter.dll (Battery Meter Helper DLL/Microsoft Corporation) 0x74AF0000
Library C:\WINDOWS\system32\POWRPROF.dll (Power Profile Helper DLL/Microsoft Corporation) 0x74AD0000
Library C:\WINDOWS\system32\fxsst.dll (Fax Service/Microsoft Corporation) 0x68DF0000
Library C:\WINDOWS\system32\WINSPOOL.DRV (Windows Spooler Driver/Microsoft Corporation) 0x73000000
Library C:\WINDOWS\system32\FXSAPI.dll (Microsoft Fax API Support DLL/Microsoft Corporation) 0x5A980000
Library C:\WINDOWS\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x77690000
Library C:\WINDOWS\system32\MPR.dll (Multiple Provider Router DLL/Microsoft Corporation) 0x71B20000
Library C:\WINDOWS\System32\drprov.dll (Microsoft Terminal Server Network Provider/Microsoft Corporation) 0x75F60000
Library C:\WINDOWS\System32\ntlanman.dll (Microsoft® Lan Manager/Microsoft Corporation) 0x71C10000
Library C:\WINDOWS\System32\NETUI0.dll (NT LM UI Common Code - GUI Classes/Microsoft Corporation) 0x71CD0000
Library C:\WINDOWS\System32\NETUI1.dll (NT LM UI Common Code - Networking classes/Microsoft Corporation) 0x71C90000
Library C:\WINDOWS\System32\NETRAP.dll (Net Remote Admin Protocol DLL/Microsoft Corporation) 0x71C80000
Library C:\WINDOWS\System32\davclnt.dll (Web DAV Client DLL/Microsoft Corporation) 0x75F70000
Library C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll (PDF Shell Extension/Adobe Systems, Inc.) 0x00C00000
Library C:\WINDOWS\system32\nvcpl.dll (NVIDIA Display Properties Extension/NVIDIA Corporation) 0x02800000
Library C:\WINDOWS\system32\comdlg32.dll (Common Dialogs DLL/Microsoft Corporation) 0x763B0000
Library C:\WINDOWS\system32\OLEACC.dll (Active Accessibility Core Component/Microsoft Corporation) 0x74C80000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll (AMD Desktop Control Panel/Advanced Micro Devices, Inc.) 0x01FB0000
Library C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll (AMD Desktop Control Panel/Advanced Micro Devices, Inc.) 0x01430000
Library C:\WINDOWS\system32\nvshell.dll 0x02060000
Library C:\WINDOWS\system32\browselc.dll (Shell Browser UI Library/Microsoft Corporation) 0x71600000
Library C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Acrobat IE Helper Version 7.0 for ActiveX/Adobe Systems Incorporated) 0x01550000
Library C:\WINDOWS\system32\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x7C340000
Library C:\WINDOWS\system32\SXS.DLL (Fusion 2.5/Microsoft Corporation) 0x7E720000
Library C:\WINDOWS\system32\MSGINA.dll (Windows NT Logon GINA DLL/Microsoft Corporation) 0x75970000
Library C:\WINDOWS\system32\ODBC32.dll (Microsoft Data Access - ODBC Driver Manager/Microsoft Corporation) 0x74320000
Library C:\WINDOWS\system32\odbcint.dll (Microsoft Data Access - ODBC Resources/Microsoft Corporation) 0x01E40000
Library C:\WINDOWS\system32\DUSER.dll (Windows DirectUser Engine/Microsoft Corporation) 0x6C1B0000
Library C:\WINDOWS\system32\shdoclc.dll (Shell Doc Object and Control Library/Microsoft Corporation) 0x71800000
Library C:\WINDOWS\system32\zipfldr.dll (Compressed (zipped) Folders/Microsoft Corporation) 0x73380000
  • 0

#6
daic
Posted 31 December 2009 - 03:06 AM

daic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Process C:\WINDOWS\ehome\mcrdsvc.exe (MCRD Device Service/Microsoft Corporation) 1884
Library C:\WINDOWS\ehome\mcrdsvc.exe (MCRD Device Service/Microsoft Corporation) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x76B20000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F50000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76360000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\SSDPAPI.dll (SSDP Client API DLL/Microsoft Corporation) 0x74F00000
Library C:\WINDOWS\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\eHome\ehTrace.dll (Media Center Event Trace Module/Microsoft Corporation) 0x46630000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x00740000
Library C:\WINDOWS\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x71A50000
Library C:\WINDOWS\system32\hnetcfg.dll (Home Networking Configuration Manager/Microsoft Corporation) 0x662B0000
Library C:\WINDOWS\System32\wshtcpip.dll (Windows Sockets Helper DLL/Microsoft Corporation) 0x71A90000

Process C:\WINDOWS\ehome\ehtray.exe (Media Center Tray Applet/Microsoft Corporation) 2004
Library C:\WINDOWS\ehome\ehtray.exe (Media Center Tray Applet/Microsoft Corporation) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x76B20000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\POWRPROF.dll (Power Profile Helper DLL/Microsoft Corporation) 0x74AD0000
Library C:\WINDOWS\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F50000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76360000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x3D930000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x00280000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x78130000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x3DFD0000
Library C:\WINDOWS\system32\HID.DLL (Hid User Library/Microsoft Corporation) 0x688F0000
Library C:\WINDOWS\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\IadHide5.dll (IAdHide/BackWeb) 0x10000000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x012C0000
Library C:\WINDOWS\system32\msi.dll (Windows Installer/Microsoft Corporation) 0x7D1E0000
Library C:\WINDOWS\system32\SXS.DLL (Fusion 2.5/Microsoft Corporation) 0x7E720000
Library C:\WINDOWS\eHome\ehProxy.dll (Media Center Proxy/Microsoft Corporation) 0x49E10000

Process C:\WINDOWS\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation) 2212
Library C:\WINDOWS\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\System32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x76B20000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\System32\WSOCK32.dll (Windows Socket 32-Bit DLL/Microsoft Corporation) 0x71AD0000
Library C:\WINDOWS\System32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\System32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\System32\MSWSOCK.DLL (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x71A50000
Library C:\WINDOWS\System32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\System32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\System32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\System32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\System32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\System32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\System32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x00740000
Library C:\WINDOWS\system32\hnetcfg.dll (Home Networking Configuration Manager/Microsoft Corporation) 0x662B0000
Library C:\WINDOWS\System32\wshtcpip.dll (Windows Sockets Helper DLL/Microsoft Corporation) 0x71A90000

Process C:\HP\KBD\KBD.EXE (KBD EXE/Hewlett-Packard Company) 2464
Library C:\HP\KBD\KBD.EXE (KBD EXE/Hewlett-Packard Company) 0x63000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\IadHide5.dll (IAdHide/BackWeb) 0x10000000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\HP\KBD\led.dll (LED DLL/Hewlett-Packard Company) 0x63080000
Library C:\HP\KBD\USB.dll (USB DLL/Hewlett-Packard Company) 0x63190000
Library C:\WINDOWS\system32\CFGMGR32.dll (Configuration Manager Forwarder DLL/Microsoft Corporation) 0x74AE0000
Library C:\WINDOWS\system32\setupapi.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library C:\WINDOWS\system32\HID.DLL (Hid User Library/Microsoft Corporation) 0x688F0000
Library C:\HP\KBD\ps2.dll (PS2 DLL/Hewlett-Packard Company) 0x63130000
Library C:\HP\KBD\msg.dll (MSG DLL/Hewlett-Packard Company) 0x630A0000
Library C:\HP\KBD\osd.dll (OSD DLL/Hewlett-Packard Company) 0x63110000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\HP\KBD\sct.dll (ONL DLL/Hewlett-Packard Company) 0x63150000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\HP\KBD\onl.dll (ONL DLL/Hewlett-Packard Company) 0x630E0000
Library C:\HP\KBD\aol.dll (AOL DLL/Hewlett-Packard Company) 0x63020000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x3D930000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x01400000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x78130000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x3DFD0000
Library C:\HP\KBD\url.dll (URL DLL/Hewlett-Packard Company) 0x63170000
Library C:\HP\KBD\cfg.dll (CFG DLL/Hewlett-Packard Company) 0x63040000
Library C:\WINDOWS\system32\sensapi.dll (SENS Connectivity API DLL/Microsoft Corporation) 0x722B0000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\HP\KBD\MSIKBDIF.DLL (MSIKBDIF DLL/Hewlett-Packard Company) 0x630C0000
Library C:\WINDOWS\system32\MSVCIRT.dll (Windows NT IOStreams DLL/Microsoft Corporation) 0x01E70000

Process C:\WINDOWS\eHome\ehmsas.exe (Media Center Media Status Aggregator Service/Microsoft Corporation) 2476
Library C:\WINDOWS\eHome\ehmsas.exe (Media Center Media Status Aggregator Service/Microsoft Corporation) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\ATL.DLL (ATL Module for Windows XP (Unicode)/Microsoft Corporation) 0x76B20000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\IadHide5.dll (IAdHide/BackWeb) 0x10000000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\armcex.dll 0x003F0000
Library c:\windows\system32\fpalsu.dll (Front Panel Assembly Led Status Update Module/Hewlett-Packard Company) 0x008B0000
Library c:\windows\system32\CFGMGR32.dll (Configuration Manager Forwarder DLL/Microsoft Corporation) 0x74AE0000
Library C:\WINDOWS\system32\setupapi.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library c:\windows\system32\HID.DLL (Hid User Library/Microsoft Corporation) 0x688F0000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x00B10000
Library C:\WINDOWS\system32\msi.dll (Windows Installer/Microsoft Corporation) 0x7D1E0000
Library C:\WINDOWS\system32\SXS.DLL (Fusion 2.5/Microsoft Corporation) 0x7E720000

Process c:\windows\system\hpsysdrv.exe (hpsysdrv/Hewlett-Packard Company) 2644
Library c:\windows\system\hpsysdrv.exe (hpsysdrv/Hewlett-Packard Company) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\IadHide5.dll (IAdHide/BackWeb) 0x10000000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000

Process C:\Program Files\DISC\DISCover.exe (DISCover Drop & Play System Executable/Digital Interactive Systems Corporation) 2660
Library C:\Program Files\DISC\DISCover.exe (DISCover Drop & Play System Executable/Digital Interactive Systems Corporation) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\PSAPI.DLL (Process Status Helper/Microsoft Corporation) 0x76BF0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\Program Files\DISC\DiscDLL.dll (DiscDLL/Digital Interactive Systems Corporation, Inc.) 0x10000000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\Program Files\DISC\StdDisc.dll (StdDisc/Digital Interactive Systems Corporation, Inc.) 0x00330000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\DINPUT8.dll (Microsoft DirectInput/Microsoft Corporation) 0x6CE10000
Library C:\Program Files\DISC\MYTDLIB.dll (Support Library for DISCover Drop & Play System/Digital Interactive Systems Corporation, Inc.) 0x00350000
Library C:\Program Files\DISC\downloadMgr.dll (downloadMgr/Digital Interactive Systems Corporation, Inc.) 0x00370000
Library C:\WINDOWS\system32\comdlg32.dll (Common Dialogs DLL/Microsoft Corporation) 0x763B0000
Library C:\WINDOWS\system32\COMCTL32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\WINSPOOL.DRV (Windows Spooler Driver/Microsoft Corporation) 0x73000000
Library C:\WINDOWS\system32\oledlg.dll (Microsoft Windows™ OLE 2.0 User Interface Support/Microsoft Corporation) 0x7DF70000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x3D930000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x00390000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x78130000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x3DFD0000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\IadHide5.dll (IAdHide/BackWeb) 0x00BE0000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x00E10000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\wbem\wbemprox.dll (WMI/Microsoft Corporation) 0x74EF0000
Library C:\WINDOWS\system32\wbem\wbemcomn.dll (WMI/Microsoft Corporation) 0x75290000
Library C:\WINDOWS\system32\wbem\wbemsvc.dll (WMI/Microsoft Corporation) 0x74ED0000
Library C:\WINDOWS\system32\wbem\fastprox.dll (WMI/Microsoft Corporation) 0x75690000
Library C:\WINDOWS\system32\MSVCP60.dll (Microsoft ® C++ Runtime Library/Microsoft Corporation) 0x76080000
Library C:\WINDOWS\system32\NTDSAPI.dll (NT5DS/Microsoft Corporation) 0x767A0000
Library C:\WINDOWS\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x76F20000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\WINDOWS\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\WINDOWS\system32\RASAPI32.dll (Remote Access API/Microsoft Corporation) 0x76EE0000
Library C:\WINDOWS\system32\rasman.dll (Remote Access Connection Manager/Microsoft Corporation) 0x76E90000
Library C:\WINDOWS\system32\TAPI32.dll (Microsoft® Windows™ Telephony API Client DLL/Microsoft Corporation) 0x76EB0000
Library C:\WINDOWS\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x76E80000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\sensapi.dll (SENS Connectivity API DLL/Microsoft Corporation) 0x722B0000
Library C:\WINDOWS\System32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x71A50000
Library C:\WINDOWS\system32\rasadhlp.dll (Remote Access AutoDial Helper/Microsoft Corporation) 0x76FC0000
Library C:\WINDOWS\system32\hnetcfg.dll (Home Networking Configuration Manager/Microsoft Corporation) 0x662B0000
Library C:\WINDOWS\System32\wshtcpip.dll (Windows Sockets Helper DLL/Microsoft Corporation) 0x71A90000
Library C:\WINDOWS\system32\msv1_0.dll (Microsoft Authentication Package v1.0/Microsoft Corporation) 0x77C70000
Library C:\WINDOWS\system32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x76790000
Library C:\WINDOWS\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\system32\qmgrprxy.dll (Background Intelligent Transfer Service Proxy/Microsoft Corporation) 0x5DDC0000

Process C:\WINDOWS\system32\wbem\wmiprvse.exe (WMI/Microsoft Corporation) 2696
Library C:\WINDOWS\system32\wbem\wmiprvse.exe (WMI/Microsoft Corporation) 0x01000000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\wbem\wbemcomn.dll (WMI/Microsoft Corporation) 0x75290000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\wbem\FastProx.dll (WMI/Microsoft Corporation) 0x75690000
Library C:\WINDOWS\system32\MSVCP60.dll (Microsoft ® C++ Runtime Library/Microsoft Corporation) 0x76080000
Library C:\WINDOWS\system32\NTDSAPI.dll (NT5DS/Microsoft Corporation) 0x767A0000
Library C:\WINDOWS\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x76F20000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\WINDOWS\system32\NCObjAPI.DLL (Microsoft Corporation) 0x5F770000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x00800000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\wbem\wbemsvc.dll (WMI/Microsoft Corporation) 0x74ED0000
Library C:\WINDOWS\system32\wbem\wmiutils.dll (WMI/Microsoft Corporation) 0x75020000
Library C:\WINDOWS\system32\wbem\cimwin32.dll (WMI Win32 Provider/Microsoft Corporation) 0x46AA0000
Library C:\WINDOWS\system32\wbem\framedyn.dll (WMI SDK Provider Framework/Microsoft Corporation) 0x692C0000
Library C:\WINDOWS\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library C:\WINDOWS\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F50000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76360000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\SECURITY.DLL (Security Support Provider Interface/Microsoft Corporation) 0x71F80000
Library C:\WINDOWS\system32\schannel.dll (TLS / SSL Security Provider/Microsoft Corporation) 0x767F0000

Process C:\Program Files\DISC\DiscUpdMgr.exe (DISCover Upd. Manager/Digital Interactive Systems Corporation, Inc.) 2812
Library C:\Program Files\DISC\DiscUpdMgr.exe (DISCover Upd. Manager/Digital Interactive Systems Corporation, Inc.) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\mscoree.dll (Microsoft .NET Runtime Execution Engine/Microsoft Corporation) 0x79000000
Library C:\WINDOWS\system32\KERNEL32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll (Microsoft .NET Runtime Common Language Runtime - WorkStation/Microsoft Corporation) 0x791B0000
Library C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x7C340000
Library C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll (Assembly manager/Microsoft Corporation) 0x00900000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll (Microsoft Common Language Runtime Class Library/Microsoft Corporation) 0x79780000
Library c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_e558f737\mscorlib.dll 0x79990000
Library C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll (Microsoft .NET Strong Name Support/Microsoft Corporation) 0x79510000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\IadHide5.dll (IAdHide/BackWeb) 0x10000000
Library c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll (System.Windows.Forms.dll/Microsoft Corporation) 0x7B610000
Library c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_84f58d56\system.windows.forms.dll 0x7B810000
Library c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll (System.dll/Microsoft Corporation) 0x7B0A0000
Library c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_bbe05cb0\system.dll 0x7B1D0000
Library C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL (Microsoft .NET Runtime Just-In-Time Compiler/Microsoft Corporation) 0x79430000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x02E40000
Library c:\program files\disc\discobjslib.dll ( /Digital Interactive Systems Corporation, Inc.) 0x11000000
Library c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll (System.Drawing.dll/Microsoft Corporation) 0x7B490000
Library c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_e647e3cc\system.drawing.dll 0x7B510000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) 0x4EC50000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000

Process C:\Program Files\DISC\DiscStreamHub.exe (DISCover Stream Hub/Digital Interactive Systems Corporation, Inc.) 2820
Library C:\Program Files\DISC\DiscStreamHub.exe (DISCover Stream Hub/Digital Interactive Systems Corporation, Inc.) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\mscoree.dll (Microsoft .NET Runtime Execution Engine/Microsoft Corporation) 0x79000000
Library C:\WINDOWS\system32\KERNEL32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll (Microsoft .NET Runtime Common Language Runtime - WorkStation/Microsoft Corporation) 0x791B0000
Library C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll (Microsoft® C Runtime Library/Microsoft Corporation) 0x7C340000
Library C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusion.dll (Assembly manager/Microsoft Corporation) 0x00900000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\comctl32.dll (Common Controls Library/Microsoft Corporation) 0x5D090000
Library c:\windows\microsoft.net\framework\v1.1.4322\mscorlib.dll (Microsoft Common Language Runtime Class Library/Microsoft Corporation) 0x79780000
Library c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_e558f737\mscorlib.dll 0x79990000
Library C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll (Microsoft .NET Strong Name Support/Microsoft Corporation) 0x79510000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\IadHide5.dll (IAdHide/BackWeb) 0x10000000
Library c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll (System.Windows.Forms.dll/Microsoft Corporation) 0x7B610000
Library c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_84f58d56\system.windows.forms.dll 0x7B810000
Library c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll (System.dll/Microsoft Corporation) 0x7B0A0000
Library c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_bbe05cb0\system.dll 0x7B1D0000
Library C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL (Microsoft .NET Runtime Just-In-Time Compiler/Microsoft Corporation) 0x79430000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x02E60000
Library c:\program files\disc\discobjslib.dll ( /Digital Interactive Systems Corporation, Inc.) 0x11000000
Library c:\program files\disc\bitsdownloadmanager.dll (DISCover BITS Download Manager/Digital Interactive Systems Corporation, Inc.) 0x03330000
Library c:\program files\disc\yummypack.dll ( /Digital Interactive Systems Corporation, Inc.) 0x03350000
Library c:\program files\disc\ebgamespack.dll ( /Digital Interactive Systems Corporation, Inc.) 0x03370000
Library c:\program files\disc\socketcomm.dll ( / ) 0x033A0000
Library c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll (System.Drawing.dll/Microsoft Corporation) 0x7B490000
Library c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_e647e3cc\system.drawing.dll 0x7B510000
Library c:\program files\disc\interop.yummyplayer.dll ( / ) 0x033C0000
Library c:\windows\assembly\gac\system.web.services\1.0.5000.0__b03f5f7f11d50a3a\system.web.services.dll (System.Web.Services.dll/Microsoft Corporation) 0x7A2C0000
Library c:\program files\disc\securecomm.dll ( / ) 0x033E0000
Library c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll (System.Xml.dll/Microsoft Corporation) 0x7BC10000
Library c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_53db11dd\system.xml.dll 0x7BD60000
Library c:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll (System.Web.dll/Microsoft Corporation) 0x7A090000
Library C:\WINDOWS\system32\rsaenh.dll (Microsoft Enhanced Cryptographic Provider/Microsoft Corporation) 0x68000000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\netapi32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library c:\windows\assembly\gac\system.enterpriseservices\1.0.5000.0__b03f5f7f11d50a3a\system.enterpriseservices.dll (Microsoft .NET Services Support Infrastructure/Microsoft Corporation) 0x03480000
Library c:\program files\disc\microsoft.msdn.samples.bits.dll (BITS/Microsoft Developer Network) 0x03630000
Library c:\program files\disc\dashboardpack.dll ( / ) 0x03650000
Library C:\WINDOWS\system32\version.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library c:\program files\disc\backgroundcopymanager.dll ( / ) 0x036E0000
Library c:\windows\assembly\gac\microsoft.visualbasic\7.0.5000.0__b03f5f7f11d50a3a\microsoft.visualbasic.dll (Visual Basic Runtime Library/Microsoft Corporation) 0x52B80000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\qmgrprxy.dll (Background Intelligent Transfer Service Proxy/Microsoft Corporation) 0x5DDC0000
Library c:\program files\disc\logitechprofilerpack.dll ( / ) 0x03810000
Library C:\WINDOWS\system32\ws2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x71A50000
Library C:\WINDOWS\system32\hnetcfg.dll (Home Networking Configuration Manager/Microsoft Corporation) 0x662B0000
Library C:\WINDOWS\System32\wshtcpip.dll (Windows Sockets Helper DLL/Microsoft Corporation) 0x71A90000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\gdiplus.dll (Microsoft GDI+/Microsoft Corporation) 0x4EC50000

Process C:\WINDOWS\system32\wuauclt.exe (Windows Update/Microsoft Corporation) 2992
Library C:\WINDOWS\system32\wuauclt.exe (Windows Update/Microsoft Corporation) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\wuaueng.dll (Windows Update Agent/Microsoft Corporation) 0x50040000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\ESENT.dll (Server Database Storage Engine/Microsoft Corporation) 0x606B0000
Library C:\WINDOWS\system32\WTSAPI32.dll (Windows Terminal Server SDK APIs/Microsoft Corporation) 0x76F50000
Library C:\WINDOWS\system32\WINSTA.dll (Winstation Library/Microsoft Corporation) 0x76360000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\WINSPOOL.DRV (Windows Spooler Driver/Microsoft Corporation) 0x73000000
Library C:\WINDOWS\system32\IPHLPAPI.DLL (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\system32\WINHTTP.dll (Windows HTTP Services/Microsoft Corporation) 0x4D4F0000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library C:\WINDOWS\system32\Cabinet.dll (Microsoft® Cabinet File API/Microsoft Corporation) 0x75150000
Library C:\WINDOWS\system32\mspatcha.dll (Microsoft® Patch Engine/Microsoft Corporation) 0x600A0000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x00CF0000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\wups2.dll (Windows Update client proxy stub 2/Microsoft Corporation) 0x50F00000

Process C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation) 3260
Library C:\Program Files\Mozilla Firefox\firefox.exe (Firefox/Mozilla Corporation) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\Program Files\Mozilla Firefox\xul.dll (Mozilla Foundation) 0x10000000
Library C:\Program Files\Mozilla Firefox\sqlite3.dll (SQLite Database Library/sqlite.org) 0x00280000
Library C:\Program Files\Mozilla Firefox\MOZCRT19.dll (User-Generated Microsoft ® C/C++ Runtime Library/Mozilla Foundation) 0x78130000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\Program Files\Mozilla Firefox\js3250.dll (Netscape 32-bit JavaScript Module/Netscape Communications Corporation) 0x00300000
Library C:\Program Files\Mozilla Firefox\nspr4.dll (NSPR Library/Mozilla Foundation) 0x004E0000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\WSOCK32.dll (Windows Socket 32-Bit DLL/Microsoft Corporation) 0x71AD0000
Library C:\WINDOWS\system32\WS2_32.dll (Windows Socket 2.0 32-Bit DLL/Microsoft Corporation) 0x71AB0000
Library C:\WINDOWS\system32\WS2HELP.dll (Windows Socket 2.0 Helper for Windows NT/Microsoft Corporation) 0x71AA0000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\Program Files\Mozilla Firefox\smime3.dll (NSS S/MIME Library/Mozilla Foundation) 0x00510000
Library C:\Program Files\Mozilla Firefox\nss3.dll (NSS Base Library/Mozilla Foundation) 0x00530000
Library C:\Program Files\Mozilla Firefox\nssutil3.dll (NSS Utility Library/Mozilla Foundation) 0x005D0000
Library C:\Program Files\Mozilla Firefox\plc4.dll (PLC Library/Mozilla Foundation) 0x003F0000
Library C:\Program Files\Mozilla Firefox\plds4.dll (PLDS Library/Mozilla Foundation) 0x005F0000
Library C:\Program Files\Mozilla Firefox\ssl3.dll (NSS SSL Library/Mozilla Foundation) 0x00600000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\WINSPOOL.DRV (Windows Spooler Driver/Microsoft Corporation) 0x73000000
Library C:\WINDOWS\system32\COMDLG32.dll (Common Dialogs DLL/Microsoft Corporation) 0x763B0000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\IMM32.dll (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x76380000
Library C:\WINDOWS\system32\USP10.dll (Uniscribe Unicode script processor/Microsoft Corporation) 0x74D90000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\Program Files\Mozilla Firefox\xpcom.dll (Mozilla Foundation) 0x00620000
Library C:\WINDOWS\system32\uxtheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\dbghelp.dll (Windows Image Helper/Microsoft Corporation) 0x59A60000
Library C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\IadHide5.dll (IAdHide/BackWeb) 0x007F0000
Library C:\WINDOWS\system32\SETUPAPI.dll (Windows Setup API/Microsoft Corporation) 0x77920000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll (Mozilla Foundation) 0x01300000
Library C:\WINDOWS\system32\mswsock.dll (Microsoft Windows Sockets 2.0 Service Provider/Microsoft Corporation) 0x71A50000
Library C:\WINDOWS\system32\hnetcfg.dll (Home Networking Configuration Manager/Microsoft Corporation) 0x662B0000
Library C:\WINDOWS\System32\wshtcpip.dll (Windows Sockets Helper DLL/Microsoft Corporation) 0x71A90000
Library C:\WINDOWS\system32\iphlpapi.dll (IP Helper API/Microsoft Corporation) 0x76D60000
Library C:\WINDOWS\system32\DNSAPI.dll (DNS Client API DLL/Microsoft Corporation) 0x76F20000
Library C:\WINDOWS\System32\winrnr.dll (LDAP RnR Provider DLL/Microsoft Corporation) 0x76FB0000
Library C:\WINDOWS\system32\WLDAP32.dll (Win32 LDAP API DLL/Microsoft Corporation) 0x76F60000
Library C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll (Mozilla Foundation) 0x018B0000
Library C:\WINDOWS\system32\t2embed.dll (Microsoft T2Embed Font Embedding/Microsoft Corporation) 0x73CE0000
Library C:\WINDOWS\system32\LZ32.dll (LZ Expand/Compress API DLL/Microsoft Corporation) 0x73DC0000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x01F00000
Library C:\WINDOWS\system32\mscms.dll (Microsoft Color Matching System DLL/Microsoft Corporation) 0x73B30000
Library C:\WINDOWS\system32\rasadhlp.dll (Remote Access AutoDial Helper/Microsoft Corporation) 0x76FC0000
Library C:\Program Files\Mozilla Firefox\softokn3.dll (NSS PKCS #11 Library/Mozilla Foundation) 0x02900000
Library C:\Program Files\Mozilla Firefox\nssdbm3.dll (Legacy Database Driver/Mozilla Foundation) 0x02930000
Library C:\Program Files\Mozilla Firefox\freebl3.dll (NSS freebl Library/Mozilla Foundation) 0x02950000
Library C:\Program Files\Mozilla Firefox\nssckbi.dll (NSS Builtin Trusted Root CAs/Mozilla Foundation) 0x029A0000
Library C:\WINDOWS\system32\shdocvw.dll (Shell Doc Object and Control Library/Microsoft Corporation) 0x7E290000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\CRYPTUI.dll (Microsoft Trust UI Provider/Microsoft Corporation) 0x754D0000
Library C:\WINDOWS\system32\NETAPI32.dll (Net Win32 API DLL/Microsoft Corporation) 0x5B860000
Library C:\WINDOWS\system32\WININET.dll (Internet Extensions for Win32/Microsoft Corporation) 0x3D930000
Library C:\WINDOWS\system32\Normaliz.dll (Unicode Normalization DLL/Microsoft Corporation) 0x03750000
Library C:\WINDOWS\system32\urlmon.dll (OLE32 Extensions for Win32/Microsoft Corporation) 0x04300000
Library C:\WINDOWS\system32\iertutil.dll (Run time utility for Internet Explorer/Microsoft Corporation) 0x3DFD0000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library C:\WINDOWS\system32\NTMARTA.DLL (Windows NT MARTA provider/Microsoft Corporation) 0x77690000
Library C:\WINDOWS\system32\SAMLIB.dll (SAM Library DLL/Microsoft Corporation) 0x71BF0000
Library C:\WINDOWS\system32\appHelp.dll (Application Compatibility Client Library/Microsoft Corporation) 0x77B40000
Library C:\WINDOWS\System32\cscui.dll (Client Side Caching UI/Microsoft Corporation) 0x77A20000
Library C:\WINDOWS\System32\CSCDLL.dll (Offline Network Agent/Microsoft Corporation) 0x76600000
Library C:\WINDOWS\system32\RASAPI32.dll (Remote Access API/Microsoft Corporation) 0x76EE0000
Library C:\WINDOWS\system32\rasman.dll (Remote Access Connection Manager/Microsoft Corporation) 0x76E90000
Library C:\WINDOWS\system32\TAPI32.dll (Microsoft® Windows™ Telephony API Client DLL/Microsoft Corporation) 0x76EB0000
Library C:\WINDOWS\system32\rtutils.dll (Routing Utilities/Microsoft Corporation) 0x76E80000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\msv1_0.dll (Microsoft Authentication Package v1.0/Microsoft Corporation) 0x77C70000
Library C:\WINDOWS\system32\cryptdll.dll (Cryptography Manager/Microsoft Corporation) 0x76790000
Library C:\WINDOWS\system32\sensapi.dll (SENS Connectivity API DLL/Microsoft Corporation) 0x722B0000
Library C:\WINDOWS\system32\wuapi.dll (Windows Update Client API/Microsoft Corporation) 0x506A0000
Library C:\WINDOWS\system32\Cabinet.dll (Microsoft® Cabinet File API/Microsoft Corporation) 0x75150000

Process C:\WINDOWS\system32\wuauclt.exe (Windows Update/Microsoft Corporation) 3672
Library C:\WINDOWS\system32\wuauclt.exe (Windows Update/Microsoft Corporation) 0x00400000
Library C:\WINDOWS\system32\ntdll.dll (NT Layer DLL/Microsoft Corporation) 0x7C900000
Library C:\WINDOWS\system32\kernel32.dll (Windows NT BASE API Client DLL/Microsoft Corporation) 0x7C800000
Library C:\WINDOWS\system32\msvcrt.dll (Windows NT CRT DLL/Microsoft Corporation) 0x77C10000
Library C:\WINDOWS\system32\ole32.dll (Microsoft OLE for Windows/Microsoft Corporation) 0x774E0000
Library C:\WINDOWS\system32\ADVAPI32.dll (Advanced Windows 32 Base API/Microsoft Corporation) 0x77DD0000
Library C:\WINDOWS\system32\RPCRT4.dll (Remote Procedure Call Runtime/Microsoft Corporation) 0x77E70000
Library C:\WINDOWS\system32\Secur32.dll (Security Support Provider Interface/Microsoft Corporation) 0x77FE0000
Library C:\WINDOWS\system32\GDI32.dll (GDI Client DLL/Microsoft Corporation) 0x77F10000
Library C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) 0x7E410000
Library C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 0x77120000
Library C:\WINDOWS\system32\SHLWAPI.dll (Shell Light-weight Utility Library/Microsoft Corporation) 0x77F60000
Library C:\WINDOWS\system32\ShimEng.dll (Shim Engine DLL/Microsoft Corporation) 0x5CB70000
Library C:\WINDOWS\AppPatch\AcGenral.DLL (Windows Compatibility DLL/Microsoft Corporation) 0x6F880000
Library C:\WINDOWS\system32\WINMM.dll (MCI API DLL/Microsoft Corporation) 0x76B40000
Library C:\WINDOWS\system32\MSACM32.dll (Microsoft ACM Audio Filter/Microsoft Corporation) 0x77BE0000
Library C:\WINDOWS\system32\VERSION.dll (Version Checking and File Installation Libraries/Microsoft Corporation) 0x77C00000
Library C:\WINDOWS\system32\SHELL32.dll (Windows Shell Common Dll/Microsoft Corporation) 0x7C9C0000
Library C:\WINDOWS\system32\USERENV.dll (Userenv/Microsoft Corporation) 0x769C0000
Library C:\WINDOWS\system32\UxTheme.dll (Microsoft UxTheme Library/Microsoft Corporation) 0x5AD70000
Library C:\WINDOWS\system32\IMM32.DLL (Windows XP IMM32 API Client DLL/Microsoft Corporation) 0x76390000
Library C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (User Experience Controls Library/Microsoft Corporation) 0x773D0000
Library C:\WINDOWS\system32\wucltui.dll (Windows Update Client UI Plugin/Microsoft Corporation) 0x507E0000
Library C:\WINDOWS\system32\MSIMG32.dll (GDIEXT Client DLL/Microsoft Corporation) 0x76380000
Library C:\WINDOWS\system32\Cabinet.dll (Microsoft® Cabinet File API/Microsoft Corporation) 0x75150000
Library C:\WINDOWS\system32\CRYPT32.dll (Crypto API32/Microsoft Corporation) 0x77A80000
Library C:\WINDOWS\system32\MSASN1.dll (ASN.1 Runtime APIs/Microsoft Corporation) 0x77B20000
Library C:\WINDOWS\system32\WINTRUST.dll (Microsoft Trust Verification APIs/Microsoft Corporation) 0x76C30000
Library C:\WINDOWS\system32\IMAGEHLP.dll (Windows NT Image Helper/Microsoft Corporation) 0x76C90000
Library C:\DOCUME~1\HP_ADM~2\LOCALS~1\Temp\IadHide5.dll (IAdHide/BackWeb) 0x10000000
Library C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation) 0x76FD0000
Library C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 0x77050000
Library C:\WINDOWS\system32\xpsp2res.dll (Service Pack 2 Messages/Microsoft Corporation) 0x00A30000
Library C:\WINDOWS\system32\wups2.dll (Windows Update client proxy stub 2/Microsoft Corporation) 0x50F00000
Library C:\WINDOWS\system32\msctfime.ime (Microsoft Text Frame Work Service IME/Microsoft Corporation) 0x755C0000

---- Services - GMER 1.0.15 ----

Service .NET CLR Data
Service .NET CLR Networking
Service .NETFramework
Service [DISABLED] Abiosdsk
Service [DISABLED] abp480n5
Service C:\WINDOWS\system32\DRIVERS\ACPI.sys (ACPI Driver for NT/Microsoft Corporation) [BOOT] ACPI
Service (ACPI Embedded Controller Driver/Microsoft Corporation) [DISABLED] ACPIEC
Service [DISABLED] adpu160m
Service C:\WINDOWS\system32\drivers\aec.sys (Microsoft Acoustic Echo Canceller/Microsoft Corporation) [MANUAL] aec
Service C:\WINDOWS\System32\drivers\afd.sys (Ancillary Function Driver for WinSock/Microsoft Corporation) [SYSTEM] AFD
Service [DISABLED] Aha154x
Service [DISABLED] aic78u2
Service [DISABLED] aic78xx
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Alerter
Service C:\WINDOWS\System32\alg.exe (Application Layer Gateway Service/Microsoft Corporation) [MANUAL] ALG
Service [DISABLED] AliIde
Service C:\WINDOWS\system32\DRIVERS\AmdK8.sys (AMD Processor Driver/Advanced Micro Devices) [SYSTEM] AmdK8
Service [DISABLED] amsint
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] AppMgmt
Service C:\WINDOWS\system32\DRIVERS\aracpi.sys (Microsoft AR ACPI Driver (Beta 2 Release 2)/Microsoft Corporation) [MANUAL] aracpi
Service C:\WINDOWS\system32\DRIVERS\arhidfltr.sys (Microsoft AR HID Filter Driver (Beta 2 Release 2)/Microsoft Corporation) [MANUAL] arhidfltr
Service C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys (Microsoft AR PS/2 Keyboard Filter Driver (Beta 2 Release 2)/Microsoft Corporation) [MANUAL] arkbcfltr
Service C:\WINDOWS\system32\DRIVERS\armoucfltr.sys (Microsoft AR PS/2 Mouse Filter Driver (Beta 2 Release 2)/Microsoft Corporation) [MANUAL] armoucfltr
Service C:\WINDOWS\system32\DRIVERS\arp1394.sys (IP/1394 Arp Client/Microsoft Corporation) [MANUAL] Arp1394
Service C:\WINDOWS\system32\DRIVERS\arpolicy.sys (Microsoft AR Policy Driver (Beta 2 Release 2)/Microsoft Corporation) [MANUAL] ARPolicy
Service C:\WINDOWS\arservice.exe (ARSVC Application/Microsoft) [AUTO] ARSVC
Service [DISABLED] asc
Service [DISABLED] asc3350p
Service [DISABLED] asc3550
Service ASP.NET
Service ASP.NET_1.1.4322
Service C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe (aspnet_state.exe/Microsoft Corporation) [MANUAL] aspnet_state
Service C:\WINDOWS\system32\DRIVERS\asyncmac.sys (MS Remote Access serial network driver/Microsoft Corporation) [MANUAL] AsyncMac
Service C:\WINDOWS\system32\DRIVERS\atapi.sys (IDE/ATAPI Port Driver/Microsoft Corporation) [BOOT] atapi
Service [DISABLED] Atdisk
Service C:\WINDOWS\system32\Ati2evxx.exe (ATI External Event Utility EXE Module/ATI Technologies Inc.) [AUTO] Ati HotKey Poller
Service C:\WINDOWS\system32\DRIVERS\ati2mtag.sys (ATI Radeon WindowsNT Miniport Driver/ATI Technologies Inc.) [MANUAL] ati2mtag
Service Atierecord
Service C:\WINDOWS\system32\DRIVERS\atmarpc.sys (IP/ATM Arp Client/Microsoft Corporation) [MANUAL] Atmarpc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] AudioSrv
Service C:\WINDOWS\system32\DRIVERS\audstub.sys (AudStub Driver/Microsoft Corporation) [MANUAL] audstub
Service BattC
Service C:\WINDOWS\system32\DRIVERS\bb-run.sys (Promise Disk Accelerator/Promise Technology, Inc.) [BOOT] bb-run
Service (BEEP Driver/Microsoft Corporation) [SYSTEM] Beep
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] BITS
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Browser
Service (CardBus/PCMCIA IDE Miniport Driver/Microsoft Corporation) [DISABLED] cbidf2k
Service [DISABLED] cd20xrnt
Service (CD-ROM Audio Filter Driver/Microsoft Corporation) [SYSTEM] Cdaudio
Service (CD-ROM File System Driver/Microsoft Corporation) [DISABLED] Cdfs
Service C:\WINDOWS\system32\DRIVERS\cdrom.sys (SCSI CD-ROM Driver/Microsoft Corporation) [SYSTEM] Cdrom
Service [SYSTEM] Changer
Service C:\WINDOWS\system32\cisvc.exe (Content Index service/Microsoft Corporation) [MANUAL] CiSvc
Service C:\WINDOWS\system32\clipsrv.exe (Windows NT DDE Server/Microsoft Corporation) [DISABLED] ClipSrv
Service [DISABLED] CmdIde
Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] COMSysApp
Service ContentFilter
Service ContentIndex
Service [DISABLED] Cpqarray
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] CryptSvc
Service [DISABLED] dac2w2k
Service [DISABLED] dac960nt
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] DcomLaunch
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dhcp
Service C:\WINDOWS\system32\DRIVERS\disk.sys (PnP Disk Driver/Microsoft Corporation) [BOOT] Disk
Service C:\WINDOWS\System32\dmadmin.exe (Logical Disk Manager service process/Microsoft Corp., Veritas Software) [MANUAL] dmadmin
Service C:\WINDOWS\System32\drivers\dmboot.sys (NT Disk Manager Startup Driver/Microsoft Corp., Veritas Software) [DISABLED] dmboot
Service C:\WINDOWS\System32\drivers\dmio.sys (NT Disk Manager I/O Driver/Microsoft Corp., Veritas Software) [BOOT] dmio
Service C:\WINDOWS\System32\drivers\dmload.sys (NT Disk Manager Startup Driver/Microsoft Corp., Veritas Software.) [BOOT] dmload
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] dmserver
Service C:\WINDOWS\system32\drivers\DMusic.sys (Microsoft Kernel DLS Synthesizer/Microsoft Corporation) [MANUAL] DMusic
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Dnscache
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Dot3svc
Service [DISABLED] dpti2o
Service C:\WINDOWS\system32\drivers\drmkaud.sys (Microsoft Kernel DRM Audio Descrambler Filter/Microsoft Corporation) [MANUAL] drmkaud
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] EapHost
Service C:\WINDOWS\eHome\ehRecvr.exe (Media Center Receiver Service/Microsoft Corporation) [AUTO] ehRecvr
Service C:\WINDOWS\eHome\ehSched.exe (Media Center Scheduler Service/Microsoft Corporation) [AUTO] ehSched
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ERSvc
Service C:\WINDOWS\system32\services.exe (Services and Controller app/Microsoft Corporation) [AUTO] Eventlog
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] EventSystem
Service (Fast FAT File System Driver/Microsoft Corporation) [DISABLED] Fastfat
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] FastUserSwitchingCompatibility
Service C:\WINDOWS\system32\fxssvc.exe (Fax Service/Microsoft Corporation) [MANUAL] Fax
Service (Floppy Disk Controller Driver/Microsoft Corporation) [SYSTEM] Fdc
Service (FIPS Crypto Driver/Microsoft Corporation) [SYSTEM] Fips
Service (Floppy Driver/Microsoft Corporation) [SYSTEM] Flpydisk
Service C:\WINDOWS\system32\drivers\fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) [BOOT] FltMgr
Service (File System Recognizer Driver/Microsoft Corporation) [SYSTEM] Fs_Rec
Service C:\WINDOWS\system32\DRIVERS\ftdisk.sys (FT Disk Driver/Microsoft Corporation) [BOOT] Ftdisk
Service C:\WINDOWS\system32\DRIVERS\ftsata2.sys (Promise Driver for Windows Server 2003/Promise Technology, Inc.) [BOOT] ftsata2
Service C:\WINDOWS\system32\DRIVERS\msgpc.sys (MS General Packet Classifier/Microsoft Corporation) [MANUAL] Gpc
Service C:\WINDOWS\system32\DRIVERS\HDAudBus.sys (High Definition Audio Bus Driver v1.0a/Windows ® Server 2003 DDK provider) [MANUAL] HDAudBus
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] helpsvc
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] HidServ
Service C:\WINDOWS\system32\DRIVERS\hidusb.sys (USB Miniport Driver for Input Devices/Microsoft Corporation) [MANUAL] HidUsb
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] hkmsvc
Service [DISABLED] hpn
Service C:\WINDOWS\system32\DRIVERS\HSXHWBS2.sys (HSF_HWB2 WDM driver/Conexant Systems, Inc.) [MANUAL] HSXHWBS2
Service C:\WINDOWS\system32\DRIVERS\HSX_DP.sys (HSF_DP driver/Conexant Systems, Inc.) [MANUAL] HSX_DP
Service C:\WINDOWS\System32\Drivers\HTTP.sys (HTTP Protocol Stack/Microsoft Corporation) [MANUAL] HTTP
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] HTTPFilter
Service [SYSTEM] i2omgmt
Service [DISABLED] i2omp
Service C:\WINDOWS\system32\DRIVERS\i8042prt.sys (i8042 Port Driver/Microsoft Corporation) [SYSTEM] i8042prt
Service C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (IDriverT Module/Macrovision Corporation) [MANUAL] IDriverT
Service C:\WINDOWS\system32\DRIVERS\imapi.sys (IMAPI Kernel Driver/Microsoft Corporation) [SYSTEM] Imapi
Service C:\WINDOWS\system32\imapi.exe (Image Mastering API/Microsoft Corporation) [MANUAL] ImapiService
Service inetaccs
Service [DISABLED] ini910u
Service Inport
Service C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek® High Definition Audio Function Driver/Realtek Semiconductor Corp.) [MANUAL] IntcAzAudAddService
Service C:\WINDOWS\system32\DRIVERS\intelide.sys (Intel PCI IDE Driver/Microsoft Corporation) [BOOT] IntelIde
Service C:\WINDOWS\system32\DRIVERS\intelppm.sys (Processor Device Driver/Microsoft Corporation) [DISABLED] intelppm
Service C:\WINDOWS\system32\drivers\ip6fw.sys (IPv6 Windows Firewall Driver/Microsoft Corporation) [MANUAL] Ip6Fw
Service C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys (IP FILTER DRIVER/Microsoft Corporation) [MANUAL] IpFilterDriver
Service C:\WINDOWS\system32\DRIVERS\ipinip.sys (IP in IP Encapsulation Driver/Microsoft Corporation) [MANUAL] IpInIp
Service C:\WINDOWS\system32\DRIVERS\ipnat.sys (IP Network Address Translator/Microsoft Corporation) [MANUAL] IpNat
Service C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec Driver/Microsoft Corporation) [SYSTEM] IPSec
Service C:\WINDOWS\system32\DRIVERS\irenum.sys (Infra-Red Bus Enumerator/Microsoft Corporation) [MANUAL] IRENUM
Service ISAPISearch
Service C:\WINDOWS\system32\DRIVERS\isapnp.sys (PNP ISA Bus Driver/Microsoft Corporation) [BOOT] isapnp
Service C:\WINDOWS\system32\DRIVERS\kbdclass.sys (Keyboard Class Driver/Microsoft Corporation) [SYSTEM] Kbdclass
Service C:\WINDOWS\system32\drivers\kmixer.sys (Kernel Mode Audio Mixer/Microsoft Corporation) [MANUAL] kmixer
Service (Kernel Security Support Provider Interface/Microsoft Corporation) [BOOT] KSecDD
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] lanmanserver
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] lanmanworkstation
Service [SYSTEM] lbrtfdc
Service ldap
Service LicenseService
Service C:\Program Files\Common Files\LightScribe\LSSrvc.exe (Hewlett-Packard Company) [AUTO] LightScribeService
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] LmHosts
Service C:\WINDOWS\ehome\mcrdsvc.exe (MCRD Device Service/Microsoft Corporation) [AUTO] McrdSvc
Service C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys (Diagnostic Interface DRIVER/Conexant) [AUTO] mdmxsdk
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] Messenger
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] MHN
Service C:\WINDOWS\system32\DRIVERS\mhndrv.sys (Microsoft Multimedia Home Network (MHN) Support Driver/Microsoft Corporation) [MANUAL] MHNDRV
Service (Frame buffer simulator/Microsoft Corporation) [SYSTEM] mnmdd
Service C:\WINDOWS\system32\mnmsrvc.exe (NetMeeting Remote Desktop Sharing/Microsoft Corporation) [MANUAL] mnmsrvc
Service (Modem Device Driver/Microsoft Corporation) [MANUAL] Modem
Service C:\WINDOWS\system32\DRIVERS\mouclass.sys (Mouse Class Driver/Microsoft Corporation) [SYSTEM] Mouclass
Service C:\WINDOWS\system32\DRIVERS\mouhid.sys (HID Mouse Filter Driver/Microsoft Corporation) [MANUAL] mouhid
Service (Mount Manager/Microsoft Corporation) [BOOT] MountMgr
Service [DISABLED] mraid35x
Service C:\WINDOWS\system32\DRIVERS\mrxdav.sys (Windows NT WebDav Minirdr/Microsoft Corporation) [MANUAL] MRxDAV
Service C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (Windows NT SMB Minirdr/Microsoft Corporation) [SYSTEM] MRxSmb
Service (Mailslot driver/Microsoft Corporation) [SYSTEM] Msfs
Service C:\WINDOWS\system32\msiexec.exe (Windows® installer/Microsoft Corporation) [MANUAL] MSIServer
Service C:\WINDOWS\system32\drivers\MSKSSRV.sys (MS KS Server/Microsoft Corporation) [MANUAL] MSKSSRV
Service C:\WINDOWS\system32\drivers\MSPCLOCK.sys (MS Proxy Clock/Microsoft Corporation) [MANUAL] MSPCLOCK
Service C:\WINDOWS\system32\drivers\MSPQM.sys (MS Proxy Quality Manager/Microsoft Corporation) [MANUAL] MSPQM
Service C:\WINDOWS\system32\DRIVERS\mssmbios.sys (System Management BIOS Driver/Microsoft Corporation) [MANUAL] mssmbios
Service (Multiple UNC Provider driver/Microsoft Corporation) [BOOT] Mup
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] napagent
Service (NDIS 5.1 wrapper driver/Microsoft Corporation) [BOOT] NDIS
Service C:\WINDOWS\system32\DRIVERS\ndistapi.sys (NDIS 3.0 connection wrapper driver/Microsoft Corporation) [MANUAL] NdisTapi
Service C:\WINDOWS\system32\DRIVERS\ndisuio.sys (NDIS User mode I/O Driver/Microsoft Corporation) [MANUAL] Ndisuio
Service C:\WINDOWS\system32\DRIVERS\ndiswan.sys (MS PPP Framing Driver (Strong Encryption)/Microsoft Corporation) [MANUAL] NdisWan
Service (NDIS Proxy/Microsoft Corporation) [MANUAL] NDProxy
Service C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS interface driver/Microsoft Corporation) [SYSTEM] NetBIOS
Service C:\WINDOWS\system32\DRIVERS\netbt.sys (MBT Transport driver/Microsoft Corporation) [SYSTEM] NetBT
Service C:\WINDOWS\system32\netdde.exe (Network DDE - DDE Communication/Microsoft Corporation) [DISABLED] NetDDE
Service C:\WINDOWS\system32\netdde.exe (Network DDE - DDE Communication/Microsoft Corporation) [DISABLED] NetDDEdsdm
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [MANUAL] Netlogon
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Netman
Service C:\WINDOWS\system32\DRIVERS\nic1394.sys (IEEE1394 Ndis Miniport and Call Manager/Microsoft Corporation) [MANUAL] NIC1394
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Nla
Service (NPFS Driver/Microsoft Corporation) [SYSTEM] Npfs
Service (NT File System Driver/Microsoft Corporation) [DISABLED] Ntfs
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [MANUAL] NtLmSsp
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] NtmsSvc
Service (NULL Driver/Microsoft Corporation) [SYSTEM] Null
Service C:\WINDOWS\system32\DRIVERS\nv4_mini.sys (NVIDIA Compatible Windows 2000 Miniport Driver, Version 82.08 /NVIDIA Corporation) [MANUAL] nv
Service C:\WINDOWS\system32\DRIVERS\NVENETFD.sys (NVIDIA Networking Function Driver./NVIDIA Corporation) [MANUAL] NVENETFD
Service C:\WINDOWS\system32\DRIVERS\nvnetbus.sys (NVIDIA Networking Bus Driver./NVIDIA Corporation) [MANUAL] nvnetbus
Service C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Driver Helper Service, Version 82.08/NVIDIA Corporation) [AUTO] NVSvc
Service C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys (NWLINK2 Traffic Filter Driver/Microsoft Corporation) [MANUAL] NwlnkFlt
Service C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys (NWLINK2 Forwarder Driver/Microsoft Corporation) [MANUAL] NwlnkFwd
Service C:\WINDOWS\system32\DRIVERS\ohci1394.sys (1394 OpenHCI Port Driver/Microsoft Corporation) [BOOT] ohci1394
Service C:\WINDOWS\system32\DRIVERS\parport.sys (Parallel Port Driver/Microsoft Corporation) [MANUAL] Parport
Service (Partition Manager/Microsoft Corporation) [BOOT] PartMgr
Service (VDM Parallel Driver/Microsoft Corporation) [DISABLED] ParVdm
Service C:\WINDOWS\system32\DRIVERS\pci.sys (NT Plug and Play PCI Enumerator/Microsoft Corporation) [BOOT] PCI
Service [SYSTEM] PCIDump
Service C:\WINDOWS\system32\DRIVERS\pciide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) [BOOT] PCIIde
Service (PCMCIA Bus Driver/Microsoft Corporation) [DISABLED] Pcmcia
Service [MANUAL] PDCOMP
Service [MANUAL] PDFRAME
Service [MANUAL] PDRELI
Service [MANUAL] PDRFRAME
Service [DISABLED] perc2
Service [DISABLED] perc2hib
Service PerfDisk
Service PerfNet
Service PerfOS
Service PerfProc
Service C:\WINDOWS\system32\services.exe (Services and Controller app/Microsoft Corporation) [AUTO] PlugPlay
Service [BOOT] Pml Driver HPZ12
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] PolicyAgent
Service C:\WINDOWS\system32\DRIVERS\raspptp.sys (Peer-to-Peer Tunneling Protocol/Microsoft Corporation) [MANUAL] PptpMiniport
Service C:\WINDOWS\system32\DRIVERS\processr.sys (Processor Device Driver/Microsoft Corporation) [SYSTEM] Processor
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] ProtectedStorage
Service C:\WINDOWS\system32\DRIVERS\PS2.sys (PS2 SYS/Hewlett-Packard Company) [MANUAL] Ps2
Service C:\WINDOWS\system32\DRIVERS\psched.sys (MS QoS Packet Scheduler/Microsoft Corporation) [MANUAL] PSched
Service C:\WINDOWS\system32\DRIVERS\ptilink.sys (Parallel Technologies DirectParallel IO Library/Parallel Technologies, Inc.) [MANUAL] Ptilink
Service C:\WINDOWS\System32\Drivers\PxHelp20.sys (Px Engine Device Driver for Windows 2000/XP/Sonic Solutions) [BOOT] PxHelp20
Service [DISABLED] ql1080
Service [DISABLED] Ql10wnt
Service [DISABLED] ql12160
Service [DISABLED] ql1240
Service [DISABLED] ql1280
Service C:\WINDOWS\system32\DRIVERS\rasacd.sys (RAS Automatic Connection Driver/Microsoft Corporation) [SYSTEM] RasAcd
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] RasAuto
Service C:\WINDOWS\system32\DRIVERS\rasl2tp.sys (RAS L2TP mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Rasl2tp
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] RasMan
Service C:\WINDOWS\system32\DRIVERS\raspppoe.sys (RAS PPPoE mini-port/call-manager driver/Microsoft Corporation) [MANUAL] RasPppoe
Service C:\WINDOWS\system32\DRIVERS\raspti.sys (PTI DirectParallel® mini-port/call-manager driver/Microsoft Corporation) [MANUAL] Raspti
Service C:\WINDOWS\system32\DRIVERS\rdbss.sys (Redirected Drive Buffering SubSystem Driver/Microsoft Corporation) [SYSTEM] Rdbss
Service C:\WINDOWS\System32\DRIVERS\RDPCDD.sys (RDP Miniport/Microsoft Corporation) [SYSTEM] RDPCDD
Service RDPDD
Service C:\WINDOWS\system32\DRIVERS\rdpdr.sys (Microsoft RDP Device redirector/Microsoft Corporation) [MANUAL] rdpdr
Service RDPNP
Service (RDP Terminal Stack Driver (US/Canada Only, Not for Export)/Microsoft Corporation) [MANUAL] RDPWD
Service C:\WINDOWS\system32\sessmgr.exe (Microsoft® Remote Desktop Help Session Manager/Microsoft Corporation) [MANUAL] RDSessMgr
Service C:\WINDOWS\system32\DRIVERS\redbook.sys (Redbook Audio Filter Driver/Microsoft Corporation) [SYSTEM] redbook
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [DISABLED] RemoteAccess
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] RemoteRegistry
Service C:\WINDOWS\system32\locator.exe (Rpc Locator/Microsoft Corporation) [MANUAL] RpcLocator
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] RpcSs
Service C:\WINDOWS\system32\rsvp.exe (Microsoft RSVP/Microsoft Corporation) [MANUAL] RSVP
Service C:\WINDOWS\system32\DRIVERS\RTL8139.SYS (Realtek RTL8139 NDIS 5.0 Driver/Realtek Semiconductor Corporation) [MANUAL] rtl8139
Service C:\WINDOWS\system32\lsass.exe (LSA Shell (Export Version)/Microsoft Corporation) [AUTO] SamSs
Service C:\WINDOWS\System32\SCardSvr.exe (Smart Card Resource Management Server/Microsoft Corporation) [MANUAL] SCardSvr
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Schedule
Service C:\WINDOWS\system32\drivers\scsiport.sys (SCSI Port Driver/Microsoft Corporation) ScsiPort
Service C:\WINDOWS\system32\DRIVERS\secdrv.sys (Macrovision SECURITY Driver/Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [MANUAL] Secdrv
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] seclogon
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SENS
Service (Serial Device Driver/Microsoft Corporation) [AUTO] Serial
Service (SCSI Floppy Driver/Microsoft Corporation) [SYSTEM] Sfloppy
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SharedAccess
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] ShellHWDetection
Service [DISABLED] Simbad
Service [DISABLED] Sparrow
Service C:\WINDOWS\system32\drivers\splitter.sys (Microsoft Kernel Audio Splitter/Microsoft Corporation) [MANUAL] splitter
Service C:\WINDOWS\system32\spoolsv.exe (Spooler SubSystem App/Microsoft Corporation) [AUTO] Spooler
Service C:\WINDOWS\system32\DRIVERS\sr.sys (System Restore Filesystem Filter Driver/Microsoft Corporation) [BOOT] sr
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] srservice
Service C:\WINDOWS\system32\DRIVERS\srv.sys (Server driver/Microsoft Corporation) [MANUAL] Srv
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] SSDPSRV
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] stisvc
Service C:\WINDOWS\system32\DRIVERS\swenum.sys (Plug and Play Software Device Enumerator/Microsoft Corporation) [MANUAL] swenum
Service C:\WINDOWS\system32\drivers\swmidi.sys (Microsoft GS Wavetable Synthesizer/Microsoft Corporation) [MANUAL] swmidi
Service C:\WINDOWS\system32\dllhost.exe (COM Surrogate/Microsoft Corporation) [MANUAL] SwPrv
Service swwd
Service [DISABLED] symc810
Service [DISABLED] symc8xx
Service [DISABLED] sym_hi
Service [DISABLED] sym_u3
Service C:\WINDOWS\system32\drivers\sysaudio.sys (System Audio WDM Filter/Microsoft Corporation) [MANUAL] sysaudio
Service C:\WINDOWS\system32\smlogsvc.exe (Performance Logs and Alerts Service/Microsoft Corporation) [MANUAL] SysmonLog
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] TapiSrv
Service C:\WINDOWS\system32\DRIVERS\tcpip.sys (TCP/IP Protocol Driver/Microsoft Corporation) [SYSTEM] Tcpip
Service (Named Pipe Transport Driver/Microsoft Corporation) [MANUAL] TDPIPE
Service (TCP Transport Driver/Microsoft Corporation) [MANUAL] TDTCP
Service C:\WINDOWS\system32\DRIVERS\termdd.sys (Terminal Server Driver/Microsoft Corporation) [SYSTEM] TermDD
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] TermService
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] Themes
Service C:\WINDOWS\system32\tlntsvr.exe (Telnet/Microsoft Corporation) [DISABLED] TlntSvr
Service [DISABLED] TosIde
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] TrkWks
Service TSDDD
Service (UDF File System Driver/Microsoft Corporation) [DISABLED] Udfs
Service [DISABLED] ultra
Service C:\WINDOWS\system32\wdfmgr.exe (Windows User Mode Driver Manager/Microsoft Corporation) [MANUAL] UMWdf
Service C:\WINDOWS\system32\DRIVERS\update.sys (Update Driver/Microsoft Corporation) [MANUAL] Update
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] upnphost
Service C:\WINDOWS\System32\ups.exe (UPS Service/Microsoft Corporation) [MANUAL] UPS
Service usb
Service C:\WINDOWS\system32\DRIVERS\usbehci.sys (EHCI eUSB Miniport Driver/Microsoft Corporation) [MANUAL] usbehci
Service C:\WINDOWS\system32\DRIVERS\usbhub.sys (Default Hub Driver for USB/Microsoft Corporation) [MANUAL] usbhub
Service C:\WINDOWS\system32\DRIVERS\usbohci.sys (OHCI USB Miniport Driver/Microsoft Corporation) [MANUAL] usbohci
Service C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS (USB Mass Storage Class Driver/Microsoft Corporation) [MANUAL] usbstor
Service C:\WINDOWS\system32\DRIVERS\usbuhci.sys (UHCI USB Miniport Driver/Microsoft Corporation) [MANUAL] usbuhci
Service C:\WINDOWS\System32\drivers\vga.sys (VGA/Super VGA Video Driver/Microsoft Corporation) [SYSTEM] VgaSave
Service C:\WINDOWS\system32\DRIVERS\viaide.sys (Generic PCI IDE Bus Driver/Microsoft Corporation) [BOOT] ViaIde
Service (Volume Shadow Copy Driver/Microsoft Corporation) [BOOT] VolSnap
Service C:\WINDOWS\System32\vssvc.exe (Microsoft® Volume Shadow Copy Service/Microsoft Corporation) [MANUAL] VSS
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] W32Time
Service W3SVC
Service C:\WINDOWS\system32\DRIVERS\wanarp.sys (MS Remote Access and Routing ARP Driver/Microsoft Corporation) [MANUAL] Wanarp
Service [MANUAL] WDICA
Service C:\WINDOWS\system32\drivers\wdmaud.sys (MMSYSTEM Wave/Midi API mapper/Microsoft Corporation) [MANUAL] wdmaud
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] WebClient
Service C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys (HSF_CNXT driver/Conexant Systems, Inc.) [MANUAL] winachsx
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] winmgmt
Service [MANUAL] Winsock
Service WinSock2
Service WinTrust
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] WmdmPmSN
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] Wmi
Service WmiApRpl
Service C:\WINDOWS\system32\wbem\wmiapsrv.exe (WMI Performance Adapter Service/Microsoft Corporation) [MANUAL] WmiApSrv
Service (Winsock2 IFS Layer/Microsoft Corporation) [SYSTEM] WS2IFSL
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] wscsvc
Service C:\WINDOWS\system32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] wuauserv
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [AUTO] WZCSVC
Service C:\WINDOWS\System32\svchost.exe (Generic Host Process for Win32 Services/Microsoft Corporation) [MANUAL] xmlprov
Service {174DF476-68FB-4FA0-BF9D-27D6117E73CC}
Service {892900FC-9814-4488-99C0-81491C1EE93D}
Service {B5F14722-BE35-4284-AA7C-AE1EE6CB1CCF}

---- EOF - GMER 1.0.15 ----
  • 0

#7
hammerman
Posted 31 December 2009 - 05:38 AM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

Thanks for the info. Log's look OK but we'll carry out a couple of scans to check.

Please follow these steps.

-- Step 1 --

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O4 - HKLM..\Run: [] File not found

:Services

:Reg

:Files

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • This fix will produce a report. Please add this to your reply.
-- Step 2 --

You have traces of Norton on your system. Please use the Norton removal tool here, selecting the correct version, to completely remove Norton from your computer.

I notice that you do not have an antivirus program running on your computer. Without this protection, you are extremely vulnerable to the ever-increasing number of viruses and malware present today. This is so important that I ask you to install an antivirus program before we proceed.

There are many free programs available for you to use. Two such programs are Avast from here or Avira from here. Please install ONE of these programs now and ensure you carry out a full update.

-- Step 3 --

Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

-- Step 4 --

Please download JavaRa to your desktop and unzip it to its own folder
  • Run JavaRa.exe, pick the language of your choice and click Select. Then click Remove Older Versions.
  • Accept any prompts.
  • Open JavaRa.exe again and select Search For Updates.
  • Select Update Using Sun Java's Website then click Search and click on the Open Webpage button. Download and install the latest Java Runtime Environment (JRE) version for your computer.
-- Step 5 --

Please do an online scan with Kaspersky WebScanner

Click on Accept

You will be promted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on View Report and then Save Report
  • Save the file to your desktop as a text file.
  • Copy and paste that information in your next post.
]
  • 0

#8
daic
Posted 31 December 2009 - 04:39 PM

daic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Hello again, heres the report logs.

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 3399639 bytes
->FireFox cache emptied: 3485746 bytes

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 3399639 bytes
->FireFox cache emptied: 3485746 bytes

User: HP_Administrator
->Temp folder emptied: 618288320 bytes
->Temporary Internet Files folder emptied: 31754736 bytes
->Java cache emptied: 13690439 bytes
->FireFox cache emptied: 61630190 bytes

User: LocalService
->Temp folder emptied: 65984 bytes
->Temporary Internet Files folder emptied: 32902 bytes

User: NetworkService
->Temp folder emptied: 1906 bytes
->Temporary Internet Files folder emptied: 33170 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 370003 bytes
%systemroot%\System32 .tmp files removed: 21594641 bytes
Windows Temp folder emptied: 22325788 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 3399639 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 751.00 mb


OTL by OldTimer - Version 3.1.20.1 log created on 12312009_133235

Files\Folders moved on Reboot...
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\dd_NET_Framework20_Setup0CF3.txt moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\IadHide5.dll moved successfully.
C:\Documents and Settings\HP_Administrator\Local Settings\Temp\Perflib_Perfdata_f74.dat moved successfully.

Registry entries deleted on Reboot...

===

Malwarebytes' Anti-Malware 1.43
Database version: 3465
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/31/2009 1:59:01 PM
mbam-log-2009-12-31 (13-59-01).txt

Scan type: Quick Scan
Objects scanned: 115359
Time elapsed: 5 minute(s), 40 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

===

Kaspersky Online Sanner 7 results scanning now, will be in next post.
  • 0

#9
daic
Posted 31 December 2009 - 09:49 PM

daic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Thursday, December 31, 2009
Operating system: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner version: 7.0.26.13
Last database update: Thursday, December 31, 2009 22:11:15
Records in database: 3420436
Scan settings
scan using the following database extended
Scan archives yes
Scan e-mail databases yes
Scan area My Computer
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
Scan statistics
Objects scanned 104142
Threats found 0
Infected objects found 0
Suspicious objects found 0
Scan duration 02:23:18

No threats found. Scanned area is clean.
Selected area has been scanned.
  • 0

#10
hammerman
Posted 01 January 2010 - 01:52 AM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

Congratulations, your computer appears clean :)

Let's remove the tools we've been using.

Please follow these steps.

-- Step 1 --
  • Download OTC to your desktop and run it
  • Click Yes to beginning the Cleanup process and remove these components, including this application.
  • You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.
-- Step 2 --

Your backup files in the System Restore points may be infected and need to be cleared. The only way to do this is to turn off System Restore and then turn it back on again. This will delete all your backup files in the System Restore points, including any that are infected. You can then create a new restore point containing your clean files. Please follow these instructions.

  • Right-click on My Computer and select Properties.
  • Click the System Restore tab.
  • Check Turn off System Restore.
  • Click Apply then click Yes to confirm. This will remove all your System Restore points and infected files.
  • Now uncheck the Turn off System Restore, click Apply then OK.
A new Restore Point has now been created containing backup files for your computer that are clean. You can create additional Restore Points at any time. Click here for instructions.

Here are some measures you can take to ensure that your computer remains clean.

1. Updates

Windows Updates

It is essential that you regularly check and install the latest Windows Updates. Vulnerabilities within Windows can leave your computer open to infection. Regular updates are released to fix these security vulnerabilities. It is recommended that you set Windows to check, download and install your updates automatically.

  • Click Start
  • Select Control Panel
  • Click on Automatic (recommended)
  • Set the day and time for the update check. Set this to a time when your computer will normally be on and connected to the internet.
  • Click Apply then OK.
Java Updates

As with Windows, Java also needs to be regularly updated to fix security vulnerabilites. You can download the latest version of the Java Runtime Environment (JRE) from here. Download, install and reboot your computer. You also need to uininstall older versions of Java.

  • Click Start
  • Select Control Panel
  • Select Add or Remove Programs
  • Remove all Java updates except the latest one you have just installed.
Adobe Updates

Your Adobe reader needs updating. You should ensure you use the latest Adobe Acrobat Reader and install any security updates that are released. You can download the latest reader and updates from here.

Other Updates

Regularly check for updates for all your security programs including firewall, antivirus, antispyware etc

2. Security Programs

Here is a list of security programs that I would recommend.

Firewall

A firewall is essential to stop hackers infiltrating your computer. The following firewalls are free for personal use. Do not install more than one firewall.

Zone Alarm is an excellent free basic firewall which is very easy to use.
Online-Armor Free is a more advanced firewall which includes a Host Intrusion Protection System (HIPS). This ensures that unrecognised programs will not run unless you give permission.

Antivirus

An antivirus program is essential. The following antivirus programs are free for personal use. Do not use more than one antivirus and always update virus definitions regularly.

AVG
Avira Free
Avast

Anti-Malware

Malwarebytes Anti-Malware MBAM is an excellent anti-malware tool that should be updated and a Quick Scan performed regularly. A Full Scan does not have to be carried out on such a regular basis as the developers aim to detect the vast majority of malware with the Quick Scan. The scanner is free for on-demand scans only.

Ad-Aware, Spybot, SuperAntispyware and A-Squared Free are also very good anti-malware programs that are free for on-demand scans. Spybot has a real-time protection feature called TeaTimer.

Prevention

SpywareBlaster is an excellent free tool for preventing the installation of spyware.
SpywareGuard offers real-time protection so that spyware is detected and blocked before it can do any harm.

Cleaner

ATF Cleaner removes temporary Internet Explorer, Firefox and Windows files.

Browser

Firefox is an alternative browser to Internet Explorer and is more secure.
NoScript is an add-on for Firefox and prevents execution of malicious scripts.
MVPS is a HOSTS file to replace your existing file. This prevents you connecting to a list of well-known ad sites.
  • 0

Advertisements

#11
daic
Posted 01 January 2010 - 03:47 PM

daic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Thanks for all your help.
I do still have an issue. My .net framework will not update, could it be due to a recovery install and there are still .net framework items on the computer that arent being registered?

Is there a removal tool out there so i may completly remove all instances of the .NET framework?

~thanks again
-daic
  • 0

#12
hammerman
Posted 01 January 2010 - 05:22 PM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

I suggest you uninstall all versions of .NET framework and then reinstall them.

1. Click Start, and then click Control Panel.
2. Double-click Add or Remove Programs.
3. Note each version of the .NET Framework that is already installed on the computer, and then uninstall all the versions of the .NET Framework.
4. When you are prompted, restart the computer.
5. Use the Windows Installer CleanUp Utility to clean up the MSI database state for all the versions of the .NET Framework.

To do this, follow these steps:
a. Download the Windows Installer CleanUp Utility. The following file is available for download from the Microsoft Download Center: here
b. Click Start, point to All Programs, and then click Windows Install Cleanup.
c. In the Windows Installer CleanUp Utility, remove all Windows Installer applications for the .NET Framework.

6. Restart the computer.
7. Download and then reinstall all the versions of the .NET Framework that were previously installed on the computer.
  • 0

#13
daic
Posted 01 January 2010 - 07:03 PM

daic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Thanks that helped. Had to manually delete the previous install folders, was getting a corrupt error at first try. Framework 2.0 was needed for my ATI Catalyst control center. Version 1.1 installed fine but 3.0 had an error. Any suggestions?

~daic
  • 0

#14
hammerman
Posted 02 January 2010 - 05:48 AM

hammerman

    Member 4k

  • Member
  • PipPipPipPipPipPipPip
  • 4,183 posts
Hi,

What was the error? Can you post a screenshot?
  • 0

#15
daic
Posted 02 January 2010 - 09:21 AM

daic

    Member

  • Topic Starter
  • Member
  • PipPip
  • 28 posts
Sorry about that should have been more specific. After downloading Microsoft .net Frameowrk 3.0 Redistributable from microsoft.com, i download the file find but after a few percent into install an error comes up saying it encounter a problem and had to close. Gives an option to send error report to microsoft. heres the Error Signature-
EventType : clr20r3 P1 : servicemodelreg.exe P2 : 3.0.4506.30
P3 : 4545a225 P4 : servicemodelreg P5 : 3.0.0.0 P6 : 4545a225
P7 : 2b P8 : 1e P9 : system.typeloadexception

~Daic
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP