Thank you in advance:)
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/11/15 23:29
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================
Drivers
-------------------
Name: 1394BUS.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\1394BUS.SYS
Address: 0xF8515000 Size: 57344 File Visible: - Signed: -
Status: -
Name: ACPI.sys
Image Path: ACPI.sys
Address: 0xF83C6000 Size: 187776 File Visible: - Signed: -
Status: -
Name: ACPI_HAL
Image Path: \Driver\ACPI_HAL
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -
Name: ACPIEC.sys
Image Path: ACPIEC.sys
Address: 0xF8911000 Size: 11648 File Visible: - Signed: -
Status: -
Name: aec.sys
Image Path: C:\WINDOWS\system32\drivers\aec.sys
Address: 0x9EF12000 Size: 5776 File Visible: - Signed: -
Status: -
Name: afd.sys
Image Path: C:\WINDOWS\System32\drivers\afd.sys
Address: 0x9D905000 Size: 138496 File Visible: - Signed: -
Status: -
Name: aliide.sys
Image Path: aliide.sys
Address: 0xF89FD000 Size: 5248 File Visible: - Signed: -
Status: -
Name: arp1394.sys
Image Path: C:\WINDOWS\system32\DRIVERS\arp1394.sys
Address: 0x9EA16000 Size: 60800 File Visible: - Signed: -
Status: -
Name: atapi.sys
Image Path: atapi.sys
Address: 0xF8360000 Size: 96512 File Visible: - Signed: -
Status: -
Name: audstub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\audstub.sys
Address: 0xF8C48000 Size: 3072 File Visible: - Signed: -
Status: -
Name: BATTC.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\BATTC.SYS
Address: 0xF890D000 Size: 16384 File Visible: - Signed: -
Status: -
Name: Beep.SYS
Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS
Address: 0xA0E3C000 Size: 4224 File Visible: - Signed: -
Status: -
Name: BOOTVID.dll
Image Path: C:\WINDOWS\system32\BOOTVID.dll
Address: 0xF8905000 Size: 12288 File Visible: - Signed: -
Status: -
Name: btaudio.sys
Image Path: C:\WINDOWS\system32\drivers\btaudio.sys
Address: 0x9D78A000 Size: 401664 File Visible: - Signed: -
Status: -
Name: btkrnl.sys
Image Path: C:\WINDOWS\system32\DRIVERS\btkrnl.sys
Address: 0xBA502000 Size: 1327456 File Visible: - Signed: -
Status: -
Name: btport.sys
Image Path: C:\WINDOWS\system32\DRIVERS\btport.sys
Address: 0x9E594000 Size: 28160 File Visible: - Signed: -
Status: -
Name: btwmodem.sys
Image Path: C:\WINDOWS\system32\DRIVERS\btwmodem.sys
Address: 0x9E58C000 Size: 28000 File Visible: - Signed: -
Status: -
Name: btwusb.sys
Image Path: C:\WINDOWS\System32\Drivers\btwusb.sys
Address: 0x9E3B4000 Size: 54784 File Visible: - Signed: -
Status: -
Name: Cdfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Address: 0xB9F18000 Size: 63744 File Visible: - Signed: -
Status: -
Name: cdrom.sys
Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys
Address: 0xF85A5000 Size: 62976 File Visible: - Signed: -
Status: -
Name: CHDAud.sys
Image Path: C:\WINDOWS\system32\drivers\CHDAud.sys
Address: 0x9DC4A000 Size: 610304 File Visible: - Signed: -
Status: -
Name: CLASSPNP.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Address: 0xF8555000 Size: 53248 File Visible: - Signed: -
Status: -
Name: CmBatt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\CmBatt.sys
Address: 0xBAD29000 Size: 13952 File Visible: - Signed: -
Status: -
Name: compbatt.sys
Image Path: compbatt.sys
Address: 0xF8909000 Size: 10240 File Visible: - Signed: -
Status: -
Name: cpqbttn.sys
Image Path: C:\WINDOWS\system32\DRIVERS\cpqbttn.sys
Address: 0xBAD31000 Size: 9344 File Visible: - Signed: -
Status: -
Name: disk.sys
Image Path: disk.sys
Address: 0xF8545000 Size: 36352 File Visible: - Signed: -
Status: -
Name: drmk.sys
Image Path: C:\WINDOWS\system32\drivers\drmk.sys
Address: 0x9F176000 Size: 61440 File Visible: - Signed: -
Status: -
Name: dump_iaStor.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_iaStor.sys
Address: 0x9D6B4000 Size: 876544 File Visible: No Signed: -
Status: -
Name: Dxapi.sys
Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys
Address: 0xB5F00000 Size: 12288 File Visible: - Signed: -
Status: -
Name: dxg.sys
Image Path: C:\WINDOWS\System32\drivers\dxg.sys
Address: 0xBF9C3000 Size: 73728 File Visible: - Signed: -
Status: -
Name: dxgthk.sys
Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys
Address: 0xF8AEC000 Size: 4096 File Visible: - Signed: -
Status: -
Name: e100b325.sys
Image Path: C:\WINDOWS\system32\DRIVERS\e100b325.sys
Address: 0xBA69A000 Size: 157696 File Visible: - Signed: -
Status: -
Name: Fastfat.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fastfat.SYS
Address: 0x9D7ED000 Size: 143744 File Visible: - Signed: -
Status: -
Name: Fips.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS
Address: 0x9EA36000 Size: 44544 File Visible: - Signed: -
Status: -
Name: fltmgr.sys
Image Path: fltmgr.sys
Address: 0xF826A000 Size: 129792 File Visible: - Signed: -
Status: -
Name: Fs_Rec.SYS
Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS
Address: 0xA0E3E000 Size: 7936 File Visible: - Signed: -
Status: -
Name: ftdisk.sys
Image Path: ftdisk.sys
Address: 0xF8378000 Size: 125056 File Visible: - Signed: -
Status: -
Name: GEARAspiWDM.sys
Image Path: C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
Address: 0xF85C5000 Size: 40960 File Visible: - Signed: -
Status: -
Name: hal.dll
Image Path: C:\WINDOWS\system32\hal.dll
Address: 0x806D0000 Size: 131840 File Visible: - Signed: -
Status: -
Name: HDAudBus.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
Address: 0xBA721000 Size: 163840 File Visible: - Signed: -
Status: -
Name: HIDCLASS.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\HIDCLASS.SYS
Address: 0xF8755000 Size: 36864 File Visible: - Signed: -
Status: -
Name: HIDPARSE.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\HIDPARSE.SYS
Address: 0xF8835000 Size: 28672 File Visible: - Signed: -
Status: -
Name: HSF_CNXT.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
Address: 0x9DA47000 Size: 718464 File Visible: - Signed: -
Status: -
Name: HSF_DPV.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
Address: 0x9DAF7000 Size: 1035008 File Visible: - Signed: -
Status: -
Name: HSFHWAZL.sys
Image Path: C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
Address: 0x9DBF4000 Size: 201600 File Visible: - Signed: -
Status: -
Name: HTTP.sys
Image Path: C:\WINDOWS\System32\Drivers\HTTP.sys
Address: 0x9C094000 Size: 264832 File Visible: - Signed: -
Status: -
Name: i2omgmt.SYS
Image Path: C:\WINDOWS\System32\Drivers\i2omgmt.SYS
Address: 0x9F298000 Size: 8576 File Visible: - Signed: -
Status: -
Name: i8042prt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\i8042prt.sys
Address: 0xF8765000 Size: 52480 File Visible: - Signed: -
Status: -
Name: ialmdd5.DLL
Image Path: C:\WINDOWS\System32\ialmdd5.DLL
Address: 0xBFA41000 Size: 983040 File Visible: - Signed: -
Status: -
Name: ialmdev5.DLL
Image Path: C:\WINDOWS\System32\ialmdev5.DLL
Address: 0xBFA06000 Size: 241664 File Visible: - Signed: -
Status: -
Name: ialmdnt5.dll
Image Path: C:\WINDOWS\System32\ialmdnt5.dll
Address: 0xBF9E4000 Size: 139264 File Visible: - Signed: -
Status: -
Name: ialmnt5.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
Address: 0xBA75D000 Size: 1166848 File Visible: - Signed: -
Status: -
Name: ialmrnt5.dll
Image Path: C:\WINDOWS\System32\ialmrnt5.dll
Address: 0xBF9D5000 Size: 61440 File Visible: - Signed: -
Status: -
Name: iaStor.sys
Image Path: iaStor.sys
Address: 0xF828A000 Size: 874240 File Visible: - Signed: -
Status: -
Name: imapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\imapi.sys
Address: 0xF8595000 Size: 42112 File Visible: - Signed: -
Status: -
Name: intelide.sys
Image Path: intelide.sys
Address: 0xF89F9000 Size: 5504 File Visible: - Signed: -
Status: -
Name: intelppm.sys
Image Path: C:\WINDOWS\system32\DRIVERS\intelppm.sys
Address: 0xF8745000 Size: 36352 File Visible: - Signed: -
Status: -
Name: ipfltdrv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
Address: 0x9EA56000 Size: 32896 File Visible: - Signed: -
Status: -
Name: ipnat.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipnat.sys
Address: 0x9D811000 Size: 152832 File Visible: - Signed: -
Status: -
Name: ipsec.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ipsec.sys
Address: 0x9D9CF000 Size: 75264 File Visible: - Signed: -
Status: -
Name: isapnp.sys
Image Path: isapnp.sys
Address: 0xF84F5000 Size: 37248 File Visible: - Signed: -
Status: -
Name: kbdclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\kbdclass.sys
Address: 0xF884D000 Size: 24576 File Visible: - Signed: -
Status: -
Name: kbdhid.sys
Image Path: C:\WINDOWS\system32\DRIVERS\kbdhid.sys
Address: 0xB6822000 Size: 14592 File Visible: - Signed: -
Status: -
Name: KDCOM.DLL
Image Path: C:\WINDOWS\system32\KDCOM.DLL
Address: 0xF89F5000 Size: 8192 File Visible: - Signed: -
Status: -
Name: kmixer.sys
Image Path: C:\WINDOWS\system32\drivers\kmixer.sys
Address: 0x9BAA1000 Size: 172416 File Visible: - Signed: -
Status: -
Name: ks.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ks.sys
Address: 0xBA647000 Size: 143360 File Visible: - Signed: -
Status: -
Name: KSecDD.sys
Image Path: KSecDD.sys
Address: 0xF8241000 Size: 92928 File Visible: - Signed: -
Status: -
Name: mdmxsdk.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
Address: 0x9CF92000 Size: 12672 File Visible: - Signed: -
Status: -
Name: mfeavfk.sys
Image Path: C:\WINDOWS\system32\drivers\mfeavfk.sys
Address: 0x9C215000 Size: 73152 File Visible: - Signed: -
Status: -
Name: mfebopk.sys
Image Path: C:\WINDOWS\system32\drivers\mfebopk.sys
Address: 0xF8805000 Size: 28544 File Visible: - Signed: -
Status: -
Name: mfehidk.sys
Image Path: C:\WINDOWS\system32\drivers\mfehidk.sys
Address: 0x9D837000 Size: 207296 File Visible: - Signed: -
Status: -
Name: mnmdd.SYS
Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS
Address: 0xA0E3A000 Size: 4224 File Visible: - Signed: -
Status: -
Name: Modem.SYS
Image Path: C:\WINDOWS\System32\Drivers\Modem.SYS
Address: 0xB602E000 Size: 30080 File Visible: - Signed: -
Status: -
Name: mouclass.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mouclass.sys
Address: 0xF87A5000 Size: 23040 File Visible: - Signed: -
Status: -
Name: MountMgr.sys
Image Path: MountMgr.sys
Address: 0xF8525000 Size: 42368 File Visible: - Signed: -
Status: -
Name: Mpfp.sys
Image Path: C:\WINDOWS\System32\Drivers\Mpfp.sys
Address: 0x9D94F000 Size: 159744 File Visible: - Signed: -
Status: -
Name: mrxdav.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxdav.sys
Address: 0x9D0F4000 Size: 180608 File Visible: - Signed: -
Status: -
Name: mrxsmb.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
Address: 0x9D86A000 Size: 455296 File Visible: - Signed: -
Status: -
Name: Msfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS
Address: 0x9EB11000 Size: 19072 File Visible: - Signed: -
Status: -
Name: msgpc.sys
Image Path: C:\WINDOWS\system32\DRIVERS\msgpc.sys
Address: 0xF86A5000 Size: 35072 File Visible: - Signed: -
Status: -
Name: mssmbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\mssmbios.sys
Address: 0xB6826000 Size: 15488 File Visible: - Signed: -
Status: -
Name: Mup.sys
Image Path: Mup.sys
Address: 0xF816D000 Size: 105344 File Visible: - Signed: -
Status: -
Name: NDIS.sys
Image Path: NDIS.sys
Address: 0xF8187000 Size: 182656 File Visible: - Signed: -
Status: -
Name: ndistapi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndistapi.sys
Address: 0xBAD21000 Size: 10112 File Visible: - Signed: -
Status: -
Name: ndisuio.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndisuio.sys
Address: 0xA2380000 Size: 14592 File Visible: - Signed: -
Status: -
Name: ndiswan.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ndiswan.sys
Address: 0xBA4EB000 Size: 91520 File Visible: - Signed: -
Status: -
Name: NDProxy.SYS
Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS
Address: 0xB60C0000 Size: 40576 File Visible: - Signed: -
Status: -
Name: netbios.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbios.sys
Address: 0x9EA46000 Size: 34688 File Visible: - Signed: -
Status: -
Name: netbt.sys
Image Path: C:\WINDOWS\system32\DRIVERS\netbt.sys
Address: 0x9D927000 Size: 162816 File Visible: - Signed: -
Status: -
Name: nic1394.sys
Image Path: C:\WINDOWS\system32\DRIVERS\nic1394.sys
Address: 0xF8585000 Size: 61824 File Visible: - Signed: -
Status: -
Name: Npfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS
Address: 0x9E5B4000 Size: 30848 File Visible: - Signed: -
Status: -
Name: Ntfs.sys
Image Path: Ntfs.sys
Address: 0xF81B4000 Size: 574976 File Visible: - Signed: -
Status: -
Name: ntkrnlpa.exe
Image Path: C:\WINDOWS\system32\ntkrnlpa.exe
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -
Name: Null.SYS
Image Path: C:\WINDOWS\System32\Drivers\Null.SYS
Address: 0x9F219000 Size: 2944 File Visible: - Signed: -
Status: -
Name: ohci1394.sys
Image Path: ohci1394.sys
Address: 0xF8505000 Size: 61696 File Visible: - Signed: -
Status: -
Name: OPRGHDLR.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
Address: 0xF8ABE000 Size: 4096 File Visible: - Signed: -
Status: -
Name: PartMgr.sys
Image Path: PartMgr.sys
Address: 0xF877D000 Size: 19712 File Visible: - Signed: -
Status: -
Name: pci.sys
Image Path: pci.sys
Address: 0xF83B5000 Size: 68224 File Visible: - Signed: -
Status: -
Name: pciide.sys
Image Path: pciide.sys
Address: 0xF8ABD000 Size: 3328 File Visible: - Signed: -
Status: -
Name: PCIIDEX.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Address: 0xF8775000 Size: 28672 File Visible: - Signed: -
Status: -
Name: pcmcia.sys
Image Path: pcmcia.sys
Address: 0xF8397000 Size: 120192 File Visible: - Signed: -
Status: -
Name: PnpManager
Image Path: \Driver\PnpManager
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -
Name: portcls.sys
Image Path: C:\WINDOWS\system32\drivers\portcls.sys
Address: 0x9DC26000 Size: 147456 File Visible: - Signed: -
Status: -
Name: psched.sys
Image Path: C:\WINDOWS\system32\DRIVERS\psched.sys
Address: 0xBA4DA000 Size: 69120 File Visible: - Signed: -
Status: -
Name: ptilink.sys
Image Path: C:\WINDOWS\system32\DRIVERS\ptilink.sys
Address: 0xB603E000 Size: 17792 File Visible: - Signed: -
Status: -
Name: PxHelp20.sys
Image Path: PxHelp20.sys
Address: 0xF8785000 Size: 20000 File Visible: - Signed: -
Status: -
Name: rasacd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasacd.sys
Address: 0x9F294000 Size: 8832 File Visible: - Signed: -
Status: -
Name: rasl2tp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
Address: 0xF85D5000 Size: 51328 File Visible: - Signed: -
Status: -
Name: raspppoe.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspppoe.sys
Address: 0xF85E5000 Size: 41472 File Visible: - Signed: -
Status: -
Name: raspptp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspptp.sys
Address: 0xF85F5000 Size: 48384 File Visible: - Signed: -
Status: -
Name: raspti.sys
Image Path: C:\WINDOWS\system32\DRIVERS\raspti.sys
Address: 0xB6036000 Size: 16512 File Visible: - Signed: -
Status: -
Name: RAW
Image Path: \FileSystem\RAW
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -
Name: rdbss.sys
Image Path: C:\WINDOWS\system32\DRIVERS\rdbss.sys
Address: 0x9D8DA000 Size: 175744 File Visible: - Signed: -
Status: -
Name: RDPCDD.sys
Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
Address: 0xA0E38000 Size: 4224 File Visible: - Signed: -
Status: -
Name: redbook.sys
Image Path: C:\WINDOWS\system32\DRIVERS\redbook.sys
Address: 0xF85B5000 Size: 57600 File Visible: - Signed: -
Status: -
Name: RNDISMP.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\RNDISMP.SYS
Address: 0x9E5AC000 Size: 32768 File Visible: - Signed: -
Status: -
Name: RootMdm.sys
Image Path: C:\WINDOWS\System32\Drivers\RootMdm.sys
Address: 0xF8A0D000 Size: 5888 File Visible: - Signed: -
Status: -
Name: rootrepeal[1].sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal[1].sys
Address: 0xB5A87000 Size: 49152 File Visible: No Signed: -
Status: -
Name: sdbus.sys
Image Path: C:\WINDOWS\system32\DRIVERS\sdbus.sys
Address: 0xBA6C1000 Size: 79232 File Visible: - Signed: -
Status: -
Name: Serial.sys
Image Path: Serial.sys
Address: 0xF8565000 Size: 64512 File Visible: - Signed: -
Status: -
Name: sr.sys
Image Path: sr.sys
Address: 0xF8258000 Size: 73472 File Visible: - Signed: -
Status: -
Name: srv.sys
Image Path: C:\WINDOWS\system32\DRIVERS\srv.sys
Address: 0x9CFB2000 Size: 333952 File Visible: - Signed: -
Status: -
Name: swenum.sys
Image Path: C:\WINDOWS\system32\DRIVERS\swenum.sys
Address: 0xF8A0F000 Size: 4352 File Visible: - Signed: -
Status: -
Name: SynTP.sys
Image Path: C:\WINDOWS\system32\DRIVERS\SynTP.sys
Address: 0xBA66A000 Size: 192736 File Visible: - Signed: -
Status: -
Name: sysaudio.sys
Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys
Address: 0xB5A57000 Size: 60800 File Visible: - Signed: -
Status: -
Name: tcpip.sys
Image Path: C:\WINDOWS\system32\DRIVERS\tcpip.sys
Address: 0x9D976000 Size: 361600 File Visible: - Signed: -
Status: -
Name: TDI.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\TDI.SYS
Address: 0xF8855000 Size: 20480 File Visible: - Signed: -
Status: -
Name: termdd.sys
Image Path: C:\WINDOWS\system32\DRIVERS\termdd.sys
Address: 0xB60D0000 Size: 40704 File Visible: - Signed: -
Status: -
Name: tifm21.sys
Image Path: C:\WINDOWS\system32\drivers\tifm21.sys
Address: 0xBA6D5000 Size: 162432 File Visible: - Signed: -
Status: -
Name: update.sys
Image Path: C:\WINDOWS\system32\DRIVERS\update.sys
Address: 0xB580C000 Size: 384768 File Visible: - Signed: -
Status: -
Name: usb8023.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usb8023.sys
Address: 0x9EE0F000 Size: 12800 File Visible: - Signed: -
Status: -
Name: USBD.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBD.SYS
Address: 0xF8A3B000 Size: 8192 File Visible: - Signed: -
Status: -
Name: usbehci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbehci.sys
Address: 0xF8845000 Size: 30208 File Visible: - Signed: -
Status: -
Name: usbhub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbhub.sys
Address: 0x9EA66000 Size: 59520 File Visible: - Signed: -
Status: -
Name: USBPORT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS
Address: 0xBA6FD000 Size: 147456 File Visible: - Signed: -
Status: -
Name: usbuhci.sys
Image Path: C:\WINDOWS\system32\DRIVERS\usbuhci.sys
Address: 0xF883D000 Size: 20608 File Visible: - Signed: -
Status: -
Name: vga.sys
Image Path: C:\WINDOWS\System32\drivers\vga.sys
Address: 0x9EB19000 Size: 20992 File Visible: - Signed: -
Status: -
Name: viaide.sys
Image Path: viaide.sys
Address: 0xF89FB000 Size: 5376 File Visible: - Signed: -
Status: -
Name: VIDEOPRT.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS
Address: 0xBA749000 Size: 81920 File Visible: - Signed: -
Status: -
Name: VolSnap.sys
Image Path: VolSnap.sys
Address: 0xF8535000 Size: 52352 File Visible: - Signed: -
Status: -
Name: wanarp.sys
Image Path: C:\WINDOWS\system32\DRIVERS\wanarp.sys
Address: 0x9EA26000 Size: 34560 File Visible: - Signed: -
Status: -
Name: watchdog.sys
Image Path: C:\WINDOWS\System32\watchdog.sys
Address: 0x9E56C000 Size: 20480 File Visible: - Signed: -
Status: -
Name: wdmaud.sys
Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys
Address: 0x9D677000 Size: 83072 File Visible: - Signed: -
Status: -
Name: Win32k
Image Path: \Driver\Win32k
Address: 0xBF800000 Size: 1847296 File Visible: - Signed: -
Status: -
Name: win32k.sys
Image Path: C:\WINDOWS\System32\win32k.sys
Address: 0xBF800000 Size: 1847296 File Visible: - Signed: -
Status: -
Name: wmiacpi.sys
Image Path: C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
Address: 0xBAD2D000 Size: 8832 File Visible: - Signed: -
Status: -
Name: WMILIB.SYS
Image Path: C:\WINDOWS\system32\DRIVERS\WMILIB.SYS
Address: 0xF89F7000 Size: 8192 File Visible: - Signed: -
Status: -
Name: WMIxWDM
Image Path: \Driver\WMIxWDM
Address: 0x804D7000 Size: 2066048 File Visible: - Signed: -
Status: -
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/11/15 23:29
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================
Shadow SSDT
-------------------
#: 000 Function Name: NtGdiAbortDoc
Status: Not hooked
#: 001 Function Name: NtGdiAbortPath
Status: Not hooked
#: 002 Function Name: NtGdiAddFontResourceW
Status: Not hooked
#: 003 Function Name: NtGdiAddRemoteFontToDC
Status: Not hooked
#: 004 Function Name: NtGdiAddFontMemResourceEx
Status: Not hooked
#: 005 Function Name: NtGdiRemoveMergeFont
Status: Not hooked
#: 006 Function Name: NtGdiAddRemoteMMInstanceToDC
Status: Not hooked
#: 007 Function Name: NtGdiAlphaBlend
Status: Not hooked
#: 008 Function Name: NtGdiAngleArc
Status: Not hooked
#: 009 Function Name: NtGdiAnyLinkedFonts
Status: Not hooked
#: 010 Function Name: NtGdiFontIsLinked
Status: Not hooked
#: 011 Function Name: NtGdiArcInternal
Status: Not hooked
#: 012 Function Name: NtGdiBeginPath
Status: Not hooked
#: 013 Function Name: NtGdiBitBlt
Status: Not hooked
#: 014 Function Name: NtGdiCancelDC
Status: Not hooked
#: 015 Function Name: NtGdiCheckBitmapBits
Status: Not hooked
#: 016 Function Name: NtGdiCloseFigure
Status: Not hooked
#: 017 Function Name: NtGdiClearBitmapAttributes
Status: Not hooked
#: 018 Function Name: NtGdiClearBrushAttributes
Status: Not hooked
#: 019 Function Name: NtGdiColorCorrectPalette
Status: Not hooked
#: 020 Function Name: NtGdiCombineRgn
Status: Not hooked
#: 021 Function Name: NtGdiCombineTransform
Status: Not hooked
#: 022 Function Name: NtGdiComputeXformCoefficients
Status: Not hooked
#: 023 Function Name: NtGdiConsoleTextOut
Status: Not hooked
#: 024 Function Name: NtGdiConvertMetafileRect
Status: Not hooked
#: 025 Function Name: NtGdiCreateBitmap
Status: Not hooked
#: 026 Function Name: NtGdiCreateClientObj
Status: Not hooked
#: 027 Function Name: NtGdiCreateColorSpace
Status: Not hooked
#: 028 Function Name: NtGdiCreateColorTransform
Status: Not hooked
#: 029 Function Name: NtGdiCreateCompatibleBitmap
Status: Not hooked
#: 030 Function Name: NtGdiCreateCompatibleDC
Status: Not hooked
#: 031 Function Name: NtGdiCreateDIBBrush
Status: Not hooked
#: 032 Function Name: NtGdiCreateDIBitmapInternal
Status: Not hooked
#: 033 Function Name: NtGdiCreateDIBSection
Status: Not hooked
#: 034 Function Name: NtGdiCreateEllipticRgn
Status: Not hooked
#: 035 Function Name: NtGdiCreateHalftonePalette
Status: Not hooked
#: 036 Function Name: NtGdiCreateHatchBrushInternal
Status: Not hooked
#: 037 Function Name: NtGdiCreateMetafileDC
Status: Not hooked
#: 038 Function Name: NtGdiCreatePaletteInternal
Status: Not hooked
#: 039 Function Name: NtGdiCreatePatternBrushInternal
Status: Not hooked
#: 040 Function Name: NtGdiCreatePen
Status: Not hooked
#: 041 Function Name: NtGdiCreateRectRgn
Status: Not hooked
#: 042 Function Name: NtGdiCreateRoundRectRgn
Status: Not hooked
#: 043 Function Name: NtGdiCreateServerMetaFile
Status: Not hooked
#: 044 Function Name: NtGdiCreateSolidBrush
Status: Not hooked
#: 045 Function Name: NtGdiD3dContextCreate
Status: Not hooked
#: 046 Function Name: NtGdiD3dContextDestroy
Status: Not hooked
#: 047 Function Name: NtGdiD3dContextDestroyAll
Status: Not hooked
#: 048 Function Name: NtGdiD3dValidateTextureStageState
Status: Not hooked
#: 049 Function Name: NtGdiD3dDrawPrimitives2
Status: Not hooked
#: 050 Function Name: NtGdiDdGetDriverState
Status: Not hooked
#: 051 Function Name: NtGdiDdAddAttachedSurface
Status: Not hooked
#: 052 Function Name: NtGdiDdAlphaBlt
Status: Not hooked
#: 053 Function Name: NtGdiDdAttachSurface
Status: Not hooked
#: 054 Function Name: NtGdiDdBeginMoCompFrame
Status: Not hooked
#: 055 Function Name: NtGdiDdBlt
Status: Not hooked
#: 056 Function Name: NtGdiDdCanCreateSurface
Status: Not hooked
#: 057 Function Name: NtGdiDdCanCreateD3DBuffer
Status: Not hooked
#: 058 Function Name: NtGdiDdColorControl
Status: Not hooked
#: 059 Function Name: NtGdiDdCreateDirectDrawObject
Status: Not hooked
#: 060 Function Name: NtGdiDdCreateSurface
Status: Not hooked
#: 061 Function Name: NtGdiDdCreateD3DBuffer
Status: Not hooked
#: 062 Function Name: NtGdiDdCreateMoComp
Status: Not hooked
#: 063 Function Name: NtGdiDdCreateSurfaceObject
Status: Not hooked
#: 064 Function Name: NtGdiDdDeleteDirectDrawObject
Status: Not hooked
#: 065 Function Name: NtGdiDdDeleteSurfaceObject
Status: Not hooked
#: 066 Function Name: NtGdiDdDestroyMoComp
Status: Not hooked
#: 067 Function Name: NtGdiDdDestroySurface
Status: Not hooked
#: 068 Function Name: NtGdiDdDestroyD3DBuffer
Status: Not hooked
#: 069 Function Name: NtGdiDdEndMoCompFrame
Status: Not hooked
#: 070 Function Name: NtGdiDdFlip
Status: Not hooked
#: 071 Function Name: NtGdiDdFlipToGDISurface
Status: Not hooked
#: 072 Function Name: NtGdiDdGetAvailDriverMemory
Status: Not hooked
#: 073 Function Name: NtGdiDdGetBltStatus
Status: Not hooked
#: 074 Function Name: NtGdiDdGetDC
Status: Not hooked
#: 075 Function Name: NtGdiDdGetDriverInfo
Status: Not hooked
#: 076 Function Name: NtGdiDdGetDxHandle
Status: Not hooked
#: 077 Function Name: NtGdiDdGetFlipStatus
Status: Not hooked
#: 078 Function Name: NtGdiDdGetInternalMoCompInfo
Status: Not hooked
#: 079 Function Name: NtGdiDdGetMoCompBuffInfo
Status: Not hooked
#: 080 Function Name: NtGdiDdGetMoCompGuids
Status: Not hooked
#: 081 Function Name: NtGdiDdGetMoCompFormats
Status: Not hooked
#: 082 Function Name: NtGdiDdGetScanLine
Status: Not hooked
#: 083 Function Name: NtGdiDdLock
Status: Not hooked
#: 084 Function Name: NtGdiDdLockD3D
Status: Not hooked
#: 085 Function Name: NtGdiDdQueryDirectDrawObject
Status: Not hooked
#: 086 Function Name: NtGdiDdQueryMoCompStatus
Status: Not hooked
#: 087 Function Name: NtGdiDdReenableDirectDrawObject
Status: Not hooked
#: 088 Function Name: NtGdiDdReleaseDC
Status: Not hooked
#: 089 Function Name: NtGdiDdRenderMoComp
Status: Not hooked
#: 090 Function Name: NtGdiDdResetVisrgn
Status: Not hooked
#: 091 Function Name: NtGdiDdSetColorKey
Status: Not hooked
#: 092 Function Name: NtGdiDdSetExclusiveMode
Status: Not hooked
#: 093 Function Name: NtGdiDdSetGammaRamp
Status: Not hooked
#: 094 Function Name: NtGdiDdCreateSurfaceEx
Status: Not hooked
#: 095 Function Name: NtGdiDdSetOverlayPosition
Status: Not hooked
#: 096 Function Name: NtGdiDdUnattachSurface
Status: Not hooked
#: 097 Function Name: NtGdiDdUnlock
Status: Not hooked
#: 098 Function Name: NtGdiDdUnlockD3D
Status: Not hooked
#: 099 Function Name: NtGdiDdUpdateOverlay
Status: Not hooked
#: 100 Function Name: NtGdiDdWaitForVerticalBlank
Status: Not hooked
#: 101 Function Name: NtGdiDvpCanCreateVideoPort
Status: Not hooked
#: 102 Function Name: NtGdiDvpColorControl
Status: Not hooked
#: 103 Function Name: NtGdiDvpCreateVideoPort
Status: Not hooked
#: 104 Function Name: NtGdiDvpDestroyVideoPort
Status: Not hooked
#: 105 Function Name: NtGdiDvpFlipVideoPort
Status: Not hooked
#: 106 Function Name: NtGdiDvpGetVideoPortBandwidth
Status: Not hooked
#: 107 Function Name: NtGdiDvpGetVideoPortField
Status: Not hooked
#: 108 Function Name: NtGdiDvpGetVideoPortFlipStatus
Status: Not hooked
#: 109 Function Name: NtGdiDvpGetVideoPortInputFormats
Status: Not hooked
#: 110 Function Name: NtGdiDvpGetVideoPortLine
Status: Not hooked
#: 111 Function Name: NtGdiDvpGetVideoPortOutputFormats
Status: Not hooked
#: 112 Function Name: NtGdiDvpGetVideoPortConnectInfo
Status: Not hooked
#: 113 Function Name: NtGdiDvpGetVideoSignalStatus
Status: Not hooked
#: 114 Function Name: NtGdiDvpUpdateVideoPort
Status: Not hooked
#: 115 Function Name: NtGdiDvpWaitForVideoPortSync
Status: Not hooked
#: 116 Function Name: NtGdiDvpAcquireNotification
Status: Not hooked
#: 117 Function Name: NtGdiDvpReleaseNotification
Status: Not hooked
#: 118 Function Name: NtGdiDxgGenericThunk
Status: Not hooked
#: 119 Function Name: NtGdiDeleteClientObj
Status: Not hooked
#: 120 Function Name: NtGdiDeleteColorSpace
Status: Not hooked
#: 121 Function Name: NtGdiDeleteColorTransform
Status: Not hooked
#: 122 Function Name: NtGdiDeleteObjectApp
Status: Not hooked
#: 123 Function Name: NtGdiDescribePixelFormat
Status: Not hooked
#: 124 Function Name: NtGdiGetPerBandInfo
Status: Not hooked
#: 125 Function Name: NtGdiDoBanding
Status: Not hooked
#: 126 Function Name: NtGdiDoPalette
Status: Not hooked
#: 127 Function Name: NtGdiDrawEscape
Status: Not hooked
#: 128 Function Name: NtGdiEllipse
Status: Not hooked
#: 129 Function Name: NtGdiEnableEudc
Status: Not hooked
#: 130 Function Name: NtGdiEndDoc
Status: Not hooked
#: 131 Function Name: NtGdiEndPage
Status: Not hooked
#: 132 Function Name: NtGdiEndPath
Status: Not hooked
#: 133 Function Name: NtGdiEnumFontChunk
Status: Not hooked
#: 134 Function Name: NtGdiEnumFontClose
Status: Not hooked
#: 135 Function Name: NtGdiEnumFontOpen
Status: Not hooked
#: 136 Function Name: NtGdiEnumObjects
Status: Not hooked
#: 137 Function Name: NtGdiEqualRgn
Status: Not hooked
#: 138 Function Name: NtGdiEudcLoadUnloadLink
Status: Not hooked
#: 139 Function Name: NtGdiExcludeClipRect
Status: Not hooked
#: 140 Function Name: NtGdiExtCreatePen
Status: Not hooked
#: 141 Function Name: NtGdiExtCreateRegion
Status: Not hooked
#: 142 Function Name: NtGdiExtEscape
Status: Not hooked
#: 143 Function Name: NtGdiExtFloodFill
Status: Not hooked
#: 144 Function Name: NtGdiExtGetObjectW
Status: Not hooked
#: 145 Function Name: NtGdiExtSelectClipRgn
Status: Not hooked
#: 146 Function Name: NtGdiExtTextOutW
Status: Not hooked
#: 147 Function Name: NtGdiFillPath
Status: Not hooked
#: 148 Function Name: NtGdiFillRgn
Status: Not hooked
#: 149 Function Name: NtGdiFlattenPath
Status: Not hooked
#: 150 Function Name: NtGdiFlushUserBatch
Status: Not hooked
#: 151 Function Name: NtGdiFlush
Status: Not hooked
#: 152 Function Name: NtGdiForceUFIMapping
Status: Not hooked
#: 153 Function Name: NtGdiFrameRgn
Status: Not hooked
#: 154 Function Name: NtGdiFullscreenControl
Status: Not hooked
#: 155 Function Name: NtGdiGetAndSetDCDword
Status: Not hooked
#: 156 Function Name: NtGdiGetAppClipBox
Status: Not hooked
#: 157 Function Name: NtGdiGetBitmapBits
Status: Not hooked
#: 158 Function Name: NtGdiGetBitmapDimension
Status: Not hooked
#: 159 Function Name: NtGdiGetBoundsRect
Status: Not hooked
#: 160 Function Name: NtGdiGetCharABCWidthsW
Status: Not hooked
#: 161 Function Name: NtGdiGetCharacterPlacementW
Status: Not hooked
#: 162 Function Name: NtGdiGetCharSet
Status: Not hooked
#: 163 Function Name: NtGdiGetCharWidthW
Status: Not hooked
#: 164 Function Name: NtGdiGetCharWidthInfo
Status: Not hooked
#: 165 Function Name: NtGdiGetColorAdjustment
Status: Not hooked
#: 166 Function Name: NtGdiGetColorSpaceforBitmap
Status: Not hooked
#: 167 Function Name: NtGdiGetDCDword
Status: Not hooked
#: 168 Function Name: NtGdiGetDCforBitmap
Status: Not hooked
#: 169 Function Name: NtGdiGetDCObject
Status: Not hooked
#: 170 Function Name: NtGdiGetDCPoint
Status: Not hooked
#: 171 Function Name: NtGdiGetDeviceCaps
Status: Not hooked
#: 172 Function Name: NtGdiGetDeviceGammaRamp
Status: Not hooked
#: 173 Function Name: NtGdiGetDeviceCapsAll
Status: Not hooked
#: 174 Function Name: NtGdiGetDIBitsInternal
Status: Not hooked
#: 175 Function Name: NtGdiGetETM
Status: Not hooked
#: 176 Function Name: NtGdiGetEudcTimeStampEx
Status: Not hooked
#: 177 Function Name: NtGdiGetFontData
Status: Not hooked
#: 178 Function Name: NtGdiGetFontResourceInfoInternalW
Status: Not hooked
#: 179 Function Name: NtGdiGetGlyphIndicesW
Status: Not hooked
#: 180 Function Name: NtGdiGetGlyphIndicesWInternal
Status: Not hooked
#: 181 Function Name: NtGdiGetGlyphOutline
Status: Not hooked
#: 182 Function Name: NtGdiGetKerningPairs
Status: Not hooked
#: 183 Function Name: NtGdiGetLinkedUFIs
Status: Not hooked
#: 184 Function Name: NtGdiGetMiterLimit
Status: Not hooked
#: 185 Function Name: NtGdiGetMonitorID
Status: Not hooked
#: 186 Function Name: NtGdiGetNearestColor
Status: Not hooked
#: 187 Function Name: NtGdiGetNearestPaletteIndex
Status: Not hooked
#: 188 Function Name: NtGdiGetObjectBitmapHandle
Status: Not hooked
#: 189 Function Name: NtGdiGetOutlineTextMetricsInternalW
Status: Not hooked
#: 190 Function Name: NtGdiGetPath
Status: Not hooked
#: 191 Function Name: NtGdiGetPixel
Status: Not hooked
#: 192 Function Name: NtGdiGetRandomRgn
Status: Not hooked
#: 193 Function Name: NtGdiGetRasterizerCaps
Status: Not hooked
#: 194 Function Name: NtGdiGetRealizationInfo
Status: Not hooked
#: 195 Function Name: NtGdiGetRegionData
Status: Not hooked
#: 196 Function Name: NtGdiGetRgnBox
Status: Not hooked
#: 197 Function Name: NtGdiGetServerMetaFileBits
Status: Not hooked
#: 198 Function Name: NtGdiGetSpoolMessage
Status: Not hooked
#: 199 Function Name: NtGdiGetStats
Status: Not hooked
#: 200 Function Name: NtGdiGetStockObject
Status: Not hooked
#: 201 Function Name: NtGdiGetStringBitmapW
Status: Not hooked
#: 202 Function Name: NtGdiGetSystemPaletteUse
Status: Not hooked
#: 203 Function Name: NtGdiGetTextCharsetInfo
Status: Not hooked
#: 204 Function Name: NtGdiGetTextExtent
Status: Not hooked
#: 205 Function Name: NtGdiGetTextExtentExW
Status: Not hooked
#: 206 Function Name: NtGdiGetTextFaceW
Status: Not hooked
#: 207 Function Name: NtGdiGetTextMetricsW
Status: Not hooked
#: 208 Function Name: NtGdiGetTransform
Status: Not hooked
#: 209 Function Name: NtGdiGetUFI
Status: Not hooked
#: 210 Function Name: NtGdiGetEmbUFI
Status: Not hooked
#: 211 Function Name: NtGdiGetUFIPathname
Status: Not hooked
#: 212 Function Name: NtGdiGetEmbedFonts
Status: Not hooked
#: 213 Function Name: NtGdiChangeGhostFont
Status: Not hooked
#: 214 Function Name: NtGdiAddEmbFontToDC
Status: Not hooked
#: 215 Function Name: NtGdiGetFontUnicodeRanges
Status: Not hooked
#: 216 Function Name: NtGdiGetWidthTable
Status: Not hooked
#: 217 Function Name: NtGdiGradientFill
Status: Not hooked
#: 218 Function Name: NtGdiHfontCreate
Status: Not hooked
#: 219 Function Name: NtGdiIcmBrushInfo
Status: Not hooked
#: 220 Function Name: NtGdiInit
Status: Not hooked
#: 221 Function Name: NtGdiInitSpool
Status: Not hooked
#: 222 Function Name: NtGdiIntersectClipRect
Status: Not hooked
#: 223 Function Name: NtGdiInvertRgn
Status: Not hooked
#: 224 Function Name: NtGdiLineTo
Status: Not hooked
#: 225 Function Name: NtGdiMakeFontDir
Status: Not hooked
#: 226 Function Name: NtGdiMakeInfoDC
Status: Not hooked
#: 227 Function Name: NtGdiMaskBlt
Status: Not hooked
#: 228 Function Name: NtGdiModifyWorldTransform
Status: Not hooked
#: 229 Function Name: NtGdiMonoBitmap
Status: Not hooked
#: 230 Function Name: NtGdiMoveTo
Status: Not hooked
#: 231 Function Name: NtGdiOffsetClipRgn
Status: Not hooked
#: 232 Function Name: NtGdiOffsetRgn
Status: Not hooked
#: 233 Function Name: NtGdiOpenDCW
Status: Not hooked
#: 234 Function Name: NtGdiPatBlt
Status: Not hooked
#: 235 Function Name: NtGdiPolyPatBlt
Status: Not hooked
#: 236 Function Name: NtGdiPathToRegion
Status: Not hooked
#: 237 Function Name: NtGdiPlgBlt
Status: Not hooked
#: 238 Function Name: NtGdiPolyDraw
Status: Not hooked
#: 239 Function Name: NtGdiPolyPolyDraw
Status: Not hooked
#: 240 Function Name: NtGdiPolyTextOutW
Status: Not hooked
#: 241 Function Name: NtGdiPtInRegion
Status: Not hooked
#: 242 Function Name: NtGdiPtVisible
Status: Not hooked
#: 243 Function Name: NtGdiQueryFonts
Status: Not hooked
#: 244 Function Name: NtGdiQueryFontAssocInfo
Status: Not hooked
#: 245 Function Name: NtGdiRectangle
Status: Not hooked
#: 246 Function Name: NtGdiRectInRegion
Status: Not hooked
#: 247 Function Name: NtGdiRectVisible
Status: Not hooked
#: 248 Function Name: NtGdiRemoveFontResourceW
Status: Not hooked
#: 249 Function Name: NtGdiRemoveFontMemResourceEx
Status: Not hooked
#: 250 Function Name: NtGdiResetDC
Status: Not hooked
#: 251 Function Name: NtGdiResizePalette
Status: Not hooked
#: 252 Function Name: NtGdiRestoreDC
Status: Not hooked
#: 253 Function Name: NtGdiRoundRect
Status: Not hooked
#: 254 Function Name: NtGdiSaveDC
Status: Not hooked
#: 255 Function Name: NtGdiScaleViewportExtEx
Status: Not hooked
#: 256 Function Name: NtGdiScaleWindowExtEx
Status: Not hooked
#: 257 Function Name: NtGdiSelectBitmap
Status: Not hooked
#: 258 Function Name: NtGdiSelectBrush
Status: Not hooked
#: 259 Function Name: NtGdiSelectClipPath
Status: Not hooked
#: 260 Function Name: NtGdiSelectFont
Status: Not hooked
#: 261 Function Name: NtGdiSelectPen
Status: Not hooked
#: 262 Function Name: NtGdiSetBitmapAttributes
Status: Not hooked
#: 263 Function Name: NtGdiSetBitmapBits
Status: Not hooked
#: 264 Function Name: NtGdiSetBitmapDimension
Status: Not hooked
#: 265 Function Name: NtGdiSetBoundsRect
Status: Not hooked
#: 266 Function Name: NtGdiSetBrushAttributes
Status: Not hooked
#: 267 Function Name: NtGdiSetBrushOrg
Status: Not hooked
#: 268 Function Name: NtGdiSetColorAdjustment
Status: Not hooked
#: 269 Function Name: NtGdiSetColorSpace
Status: Not hooked
#: 270 Function Name: NtGdiSetDeviceGammaRamp
Status: Not hooked
#: 271 Function Name: NtGdiSetDIBitsToDeviceInternal
Status: Not hooked
#: 272 Function Name: NtGdiSetFontEnumeration
Status: Not hooked
#: 273 Function Name: NtGdiSetFontXform
Status: Not hooked
#: 274 Function Name: NtGdiSetIcmMode
Status: Not hooked
#: 275 Function Name: NtGdiSetLinkedUFIs
Status: Not hooked
#: 276 Function Name: NtGdiSetMagicColors
Status: Not hooked
#: 277 Function Name: NtGdiSetMetaRgn
Status: Not hooked
#: 278 Function Name: NtGdiSetMiterLimit
Status: Not hooked
#: 279 Function Name: NtGdiGetDeviceWidth
Status: Not hooked
#: 280 Function Name: NtGdiMirrorWindowOrg
Status: Not hooked
#: 281 Function Name: NtGdiSetLayout
Status: Not hooked
#: 282 Function Name: NtGdiSetPixel
Status: Not hooked
#: 283 Function Name: NtGdiSetPixelFormat
Status: Not hooked
#: 284 Function Name: NtGdiSetRectRgn
Status: Not hooked
#: 285 Function Name: NtGdiSetSystemPaletteUse
Status: Not hooked
#: 286 Function Name: NtGdiSetTextJustification
Status: Not hooked
#: 287 Function Name: NtGdiSetupPublicCFONT
Status: Not hooked
#: 288 Function Name: NtGdiSetVirtualResolution
Status: Not hooked
#: 289 Function Name: NtGdiSetSizeDevice
Status: Not hooked
#: 290 Function Name: NtGdiStartDoc
Status: Not hooked
#: 291 Function Name: NtGdiStartPage
Status: Not hooked
#: 292 Function Name: NtGdiStretchBlt
Status: Not hooked
#: 293 Function Name: NtGdiStretchDIBitsInternal
Status: Not hooked
#: 294 Function Name: NtGdiStrokeAndFillPath
Status: Not hooked
#: 295 Function Name: NtGdiStrokePath
Status: Not hooked
#: 296 Function Name: NtGdiSwapBuffers
Status: Not hooked
#: 297 Function Name: NtGdiTransformPoints
Status: Not hooked
#: 298 Function Name: NtGdiTransparentBlt
Status: Not hooked
#: 299 Function Name: NtGdiUnloadPrinterDriver
Status: Not hooked
#: 300 Function Name: NtGdiUnmapMemFont
Status: Not hooked
#: 301 Function Name: NtGdiUnrealizeObject
Status: Not hooked
#: 302 Function Name: NtGdiUpdateColors
Status: Not hooked
#: 303 Function Name: NtGdiWidenPath
Status: Not hooked
#: 304 Function Name: NtUserActivateKeyboardLayout
Status: Not hooked
#: 305 Function Name: NtUserAlterWindowStyle
Status: Not hooked
#: 306 Function Name: NtUserAssociateInputContext
Status: Not hooked
#: 307 Function Name: NtUserAttachThreadInput
Status: Not hooked
#: 308 Function Name: NtUserBeginPaint
Status: Not hooked
#: 309 Function Name: NtUserBitBltSysBmp
Status: Not hooked
#: 310 Function Name: NtUserBlockInput
Status: Not hooked
#: 311 Function Name: NtUserBuildHimcList
Status: Not hooked
#: 312 Function Name: NtUserBuildHwndList
Status: Not hooked
#: 313 Function Name: NtUserBuildNameList
Status: Not hooked
#: 314 Function Name: NtUserBuildPropList
Status: Not hooked
#: 315 Function Name: NtUserCallHwnd
Status: Not hooked
#: 316 Function Name: NtUserCallHwndLock
Status: Not hooked
#: 317 Function Name: NtUserCallHwndOpt
Status: Not hooked
#: 318 Function Name: NtUserCallHwndParam
Status: Not hooked
#: 319 Function Name: NtUserCallHwndParamLock
Status: Not hooked
#: 320 Function Name: NtUserCallMsgFilter
Status: Not hooked
#: 321 Function Name: NtUserCallNextHookEx
Status: Not hooked
#: 322 Function Name: NtUserCallNoParam
Status: Not hooked
#: 323 Function Name: NtUserCallOneParam
Status: Not hooked
#: 324 Function Name: NtUserCallTwoParam
Status: Not hooked
#: 325 Function Name: NtUserChangeClipboardChain
Status: Not hooked
#: 326 Function Name: NtUserChangeDisplaySettings
Status: Not hooked
#: 327 Function Name: NtUserCheckImeHotKey
Status: Not hooked
#: 328 Function Name: NtUserCheckMenuItem
Status: Not hooked
#: 329 Function Name: NtUserChildWindowFromPointEx
Status: Not hooked
#: 330 Function Name: NtUserClipCursor
Status: Not hooked
#: 331 Function Name: NtUserCloseClipboard
Status: Not hooked
#: 332 Function Name: NtUserCloseDesktop
Status: Not hooked
#: 333 Function Name: NtUserCloseWindowStation
Status: Not hooked
#: 334 Function Name: NtUserConsoleControl
Status: Not hooked
#: 335 Function Name: NtUserConvertMemHandle
Status: Not hooked
#: 336 Function Name: NtUserCopyAcceleratorTable
Status: Not hooked
#: 337 Function Name: NtUserCountClipboardFormats
Status: Not hooked
#: 338 Function Name: NtUserCreateAcceleratorTable
Status: Not hooked
#: 339 Function Name: NtUserCreateCaret
Status: Not hooked
#: 340 Function Name: NtUserCreateDesktop
Status: Not hooked
#: 341 Function Name: NtUserCreateInputContext
Status: Not hooked
#: 342 Function Name: NtUserCreateLocalMemHandle
Status: Not hooked
#: 343 Function Name: NtUserCreateWindowEx
Status: Not hooked
#: 344 Function Name: NtUserCreateWindowStation
Status: Not hooked
#: 345 Function Name: NtUserDdeGetQualityOfService
Status: Not hooked
#: 346 Function Name: NtUserDdeInitialize
Status: Not hooked
#: 347 Function Name: NtUserDdeSetQualityOfService
Status: Not hooked
#: 348 Function Name: NtUserDeferWindowPos
Status: Not hooked
#: 349 Function Name: NtUserDefSetText
Status: Not hooked
#: 350 Function Name: NtUserDeleteMenu
Status: Not hooked
#: 351 Function Name: NtUserDestroyAcceleratorTable
Status: Not hooked
#: 352 Function Name: NtUserDestroyCursor
Status: Not hooked
#: 353 Function Name: NtUserDestroyInputContext
Status: Not hooked
#: 354 Function Name: NtUserDestroyMenu
Status: Not hooked
#: 355 Function Name: NtUserDestroyWindow
Status: Not hooked
#: 356 Function Name: NtUserDisableThreadIme
Status: Not hooked
#: 357 Function Name: NtUserDispatchMessage
Status: Not hooked
#: 358 Function Name: NtUserDragDetect
Status: Not hooked
#: 359 Function Name: NtUserDragObject
Status: Not hooked
#: 360 Function Name: NtUserDrawAnimatedRects
Status: Not hooked
#: 361 Function Name: NtUserDrawCaption
Status: Not hooked
#: 362 Function Name: NtUserDrawCaptionTemp
Status: Not hooked
#: 363 Function Name: NtUserDrawIconEx
Status: Not hooked
#: 364 Function Name: NtUserDrawMenuBarTemp
Status: Not hooked
#: 365 Function Name: NtUserEmptyClipboard
Status: Not hooked
#: 366 Function Name: NtUserEnableMenuItem
Status: Not hooked
#: 367 Function Name: NtUserEnableScrollBar
Status: Not hooked
#: 368 Function Name: NtUserEndDeferWindowPosEx
Status: Not hooked
#: 369 Function Name: NtUserEndMenu
Status: Not hooked
#: 370 Function Name: NtUserEndPaint
Status: Not hooked
#: 371 Function Name: NtUserEnumDisplayDevices
Status: Not hooked
#: 372 Function Name: NtUserEnumDisplayMonitors
Status: Not hooked
#: 373 Function Name: NtUserEnumDisplaySettings
Status: Not hooked
#: 374 Function Name: NtUserEvent
Status: Not hooked
#: 375 Function Name: NtUserExcludeUpdateRgn
Status: Not hooked
#: 376 Function Name: NtUserFillWindow
Status: Not hooked
#: 377 Function Name: NtUserFindExistingCursorIcon
Status: Not hooked
#: 378 Function Name: NtUserFindWindowEx
Status: Not hooked
#: 379 Function Name: NtUserFlashWindowEx
Status: Not hooked
#: 380 Function Name: NtUserGetAltTabInfo
Status: Not hooked
#: 381 Function Name: NtUserGetAncestor
Status: Not hooked
#: 382 Function Name: NtUserGetAppImeLevel
Status: Not hooked
#: 383 Function Name: NtUserGetAsyncKeyState
Status: Not hooked
#: 384 Function Name: NtUserGetAtomName
Status: Not hooked
#: 385 Function Name: NtUserGetCaretBlinkTime
Status: Not hooked
#: 386 Function Name: NtUserGetCaretPos
Status: Not hooked
#: 387 Function Name: NtUserGetClassInfo
Status: Not hooked
#: 388 Function Name: NtUserGetClassName
Status: Not hooked
#: 389 Function Name: NtUserGetClipboardData
Status: Not hooked
#: 390 Function Name: NtUserGetClipboardFormatName
Status: Not hooked
#: 391 Function Name: NtUserGetClipboardOwner
Status: Not hooked
#: 392 Function Name: NtUserGetClipboardSequenceNumber
Status: Not hooked
#: 393 Function Name: NtUserGetClipboardViewer
Status: Not hooked
#: 394 Function Name: NtUserGetClipCursor
Status: Not hooked
#: 395 Function Name: NtUserGetComboBoxInfo
Status: Not hooked
#: 396 Function Name: NtUserGetControlBrush
Status: Not hooked
#: 397 Function Name: NtUserGetControlColor
Status: Not hooked
#: 398 Function Name: NtUserGetCPD
Status: Not hooked
#: 399 Function Name: NtUserGetCursorFrameInfo
Status: Not hooked
#: 400 Function Name: NtUserGetCursorInfo
Status: Not hooked
#: 401 Function Name: NtUserGetDC
Status: Not hooked
#: 402 Function Name: NtUserGetDCEx
Status: Not hooked
#: 403 Function Name: NtUserGetDoubleClickTime
Status: Not hooked
#: 404 Function Name: NtUserGetForegroundWindow
Status: Not hooked
#: 405 Function Name: NtUserGetGuiResources
Status: Not hooked
#: 406 Function Name: NtUserGetGUIThreadInfo
Status: Not hooked
#: 407 Function Name: NtUserGetIconInfo
Status: Not hooked
#: 408 Function Name: NtUserGetIconSize
Status: Not hooked
#: 409 Function Name: NtUserGetImeHotKey
Status: Not hooked
#: 410 Function Name: NtUserGetImeInfoEx
Status: Not hooked
#: 411 Function Name: NtUserGetInternalWindowPos
Status: Not hooked
#: 412 Function Name: NtUserGetKeyboardLayoutList
Status: Not hooked
#: 413 Function Name: NtUserGetKeyboardLayoutName
Status: Not hooked
#: 414 Function Name: NtUserGetKeyboardState
Status: Not hooked
#: 415 Function Name: NtUserGetKeyNameText
Status: Not hooked
#: 416 Function Name: NtUserGetKeyState
Status: Not hooked
#: 417 Function Name: NtUserGetListBoxInfo
Status: Not hooked
#: 418 Function Name: NtUserGetMenuBarInfo
Status: Not hooked
#: 419 Function Name: NtUserGetMenuIndex
Status: Not hooked
#: 420 Function Name: NtUserGetMenuItemRect
Status: Not hooked
#: 421 Function Name: NtUserGetMessage
Status: Not hooked
#: 422 Function Name: NtUserGetMouseMovePointsEx
Status: Not hooked
#: 423 Function Name: NtUserGetObjectInformation
Status: Not hooked
#: 424 Function Name: NtUserGetOpenClipboardWindow
Status: Not hooked
#: 425 Function Name: NtUserGetPriorityClipboardFormat
Status: Not hooked
#: 426 Function Name: NtUserGetProcessWindowStation
Status: Not hooked
#: 427 Function Name: NtUserGetRawInputBuffer
Status: Not hooked
#: 428 Function Name: NtUserGetRawInputData
Status: Not hooked
#: 429 Function Name: NtUserGetRawInputDeviceInfo
Status: Not hooked
#: 430 Function Name: NtUserGetRawInputDeviceList
Status: Not hooked
#: 431 Function Name: NtUserGetRegisteredRawInputDevices
Status: Not hooked
#: 432 Function Name: NtUserGetScrollBarInfo
Status: Not hooked
#: 433 Function Name: NtUserGetSystemMenu
Status: Not hooked
#: 434 Function Name: NtUserGetThreadDesktop
Status: Not hooked
#: 435 Function Name: NtUserGetThreadState
Status: Not hooked
#: 436 Function Name: NtUserGetTitleBarInfo
Status: Not hooked
#: 437 Function Name: NtUserGetUpdateRect
Status: Not hooked
#: 438 Function Name: NtUserGetUpdateRgn
Status: Not hooked
#: 439 Function Name: NtUserGetWindowDC
Status: Not hooked
#: 440 Function Name: NtUserGetWindowPlacement
Status: Not hooked
#: 441 Function Name: NtUserGetWOWClass
Status: Not hooked
#: 442 Function Name: NtUserHardErrorControl
Status: Not hooked
#: 443 Function Name: NtUserHideCaret
Status: Not hooked
#: 444 Function Name: NtUserHiliteMenuItem
Status: Not hooked
#: 445 Function Name: NtUserImpersonateDdeClientWindow
Status: Not hooked
#: 446 Function Name: NtUserInitialize
Status: Not hooked
#: 447 Function Name: NtUserInitializeClientPfnArrays
Status: Not hooked
#: 448 Function Name: NtUserInitTask
Status: Not hooked
#: 449 Function Name: NtUserInternalGetWindowText
Status: Not hooked
#: 450 Function Name: NtUserInvalidateRect
Status: Not hooked
#: 451 Function Name: NtUserInvalidateRgn
Status: Not hooked
#: 452 Function Name: NtUserIsClipboardFormatAvailable
Status: Not hooked
#: 453 Function Name: NtUserKillTimer
Status: Not hooked
#: 454 Function Name: NtUserLoadKeyboardLayoutEx
Status: Not hooked
#: 455 Function Name: NtUserLockWindowStation
Status: Not hooked
#: 456 Function Name: NtUserLockWindowUpdate
Status: Not hooked
#: 457 Function Name: NtUserLockWorkStation
Status: Not hooked
#: 458 Function Name: NtUserMapVirtualKeyEx
Status: Not hooked
#: 459 Function Name: NtUserMenuItemFromPoint
Status: Not hooked
#: 460 Function Name: NtUserMessageCall
Status: Not hooked
#: 461 Function Name: NtUserMinMaximize
Status: Not hooked
#: 462 Function Name: NtUserMNDragLeave
Status: Not hooked
#: 463 Function Name: NtUserMNDragOver
Status: Not hooked
#: 464 Function Name: NtUserModifyUserStartupInfoFlags
Status: Not hooked
#: 465 Function Name: NtUserMoveWindow
Status: Not hooked
#: 466 Function Name: NtUserNotifyIMEStatus
Status: Not hooked
#: 467 Function Name: NtUserNotifyProcessCreate
Status: Not hooked
#: 468 Function Name: NtUserNotifyWinEvent
Status: Not hooked
#: 469 Function Name: NtUserOpenClipboard
Status: Not hooked
#: 470 Function Name: NtUserOpenDesktop
Status: Not hooked
#: 471 Function Name: NtUserOpenInputDesktop
Status: Not hooked
#: 472 Function Name: NtUserOpenWindowStation
Status: Not hooked
#: 473 Function Name: NtUserPaintDesktop
Status: Not hooked
#: 474 Function Name: NtUserPeekMessage
Status: Not hooked
#: 475 Function Name: NtUserPostMessage
Status: Not hooked
#: 476 Function Name: NtUserPostThreadMessage
Status: Not hooked
#: 477 Function Name: NtUserPrintWindow
Status: Not hooked
#: 478 Function Name: NtUserProcessConnect
Status: Not hooked
#: 479 Function Name: NtUserQueryInformationThread
Status: Not hooked
#: 480 Function Name: NtUserQueryInputContext
Status: Not hooked
#: 481 Function Name: NtUserQuerySendMessage
Status: Not hooked
#: 482 Function Name: NtUserQueryUserCounters
Status: Not hooked
#: 483 Function Name: NtUserQueryWindow
Status: Not hooked
#: 484 Function Name: NtUserRealChildWindowFromPoint
Status: Not hooked
#: 485 Function Name: NtUserRealInternalGetMessage
Status: Not hooked
#: 486 Function Name: NtUserRealWaitMessageEx
Status: Not hooked
#: 487 Function Name: NtUserRedrawWindow
Status: Not hooked
#: 488 Function Name: NtUserRegisterClassExWOW
Status: Not hooked
#: 489 Function Name: NtUserRegisterUserApiHook
Status: Not hooked
#: 490 Function Name: NtUserRegisterHotKey
Status: Not hooked
#: 491 Function Name: NtUserRegisterRawInputDevices
Status: Not hooked
#: 492 Function Name: NtUserRegisterTasklist
Status: Not hooked
#: 493 Function Name: NtUserRegisterWindowMessage
Status: Not hooked
#: 494 Function Name: NtUserRemoveMenu
Status: Not hooked
#: 495 Function Name: NtUserRemoveProp
Status: Not hooked
#: 496 Function Name: NtUserResolveDesktop
Status: Not hooked
#: 497 Function Name: NtUserResolveDesktopForWOW
Status: Not hooked
#: 498 Function Name: NtUserSBGetParms
Status: Not hooked
#: 499 Function Name: NtUserScrollDC
Status: Not hooked
#: 500 Function Name: NtUserScrollWindowEx
Status: Not hooked
#: 501 Function Name: NtUserSelectPalette
Status: Not hooked
#: 502 Function Name: NtUserSendInput
Status: Not hooked
#: 503 Function Name: NtUserSetActiveWindow
Status: Not hooked
#: 504 Function Name: NtUserSetAppImeLevel
Status: Not hooked
#: 505 Function Name: NtUserSetCapture
Status: Not hooked
#: 506 Function Name: NtUserSetClassLong
Status: Not hooked
#: 507 Function Name: NtUserSetClassWord
Status: Not hooked
#: 508 Function Name: NtUserSetClipboardData
Status: Not hooked
#: 509 Function Name: NtUserSetClipboardViewer
Status: Not hooked
#: 510 Function Name: NtUserSetConsoleReserveKeys
Status: Not hooked
#: 511 Function Name: NtUserSetCursor
Status: Not hooked
#: 512 Function Name: NtUserSetCursorContents
Status: Not hooked
#: 513 Function Name: NtUserSetCursorIconData
Status: Not hooked
#: 514 Function Name: NtUserSetDbgTag
Status: Not hooked
#: 515 Function Name: NtUserSetFocus
Status: Not hooked
#: 516 Function Name: NtUserSetImeHotKey
Status: Not hooked
#: 517 Function Name: NtUserSetImeInfoEx
Status: Not hooked
#: 518 Function Name: NtUserSetImeOwnerWindow
Status: Not hooked
#: 519 Function Name: NtUserSetInformationProcess
Status: Not hooked
#: 520 Function Name: NtUserSetInformationThread
Status: Not hooked
#: 521 Function Name: NtUserSetInternalWindowPos
Status: Not hooked
#: 522 Function Name: NtUserSetKeyboardState
Status: Not hooked
#: 523 Function Name: NtUserSetLogonNotifyWindow
Status: Not hooked
#: 524 Function Name: NtUserSetMenu
Status: Not hooked
#: 525 Function Name: NtUserSetMenuContextHelpId
Status: Not hooked
#: 526 Function Name: NtUserSetMenuDefaultItem
Status: Not hooked
#: 527 Function Name: NtUserSetMenuFlagRtoL
Status: Not hooked
#: 528 Function Name: NtUserSetObjectInformation
Status: Not hooked
#: 529 Function Name: NtUserSetParent
Status: Not hooked
#: 530 Function Name: NtUserSetProcessWindowStation
Status: Not hooked
#: 531 Function Name: NtUserSetProp
Status: Not hooked
#: 532 Function Name: NtUserSetRipFlags
Status: Not hooked
#: 533 Function Name: NtUserSetScrollInfo
Status: Not hooked
#: 534 Function Name: NtUserSetShellWindowEx
Status: Not hooked
#: 535 Function Name: NtUserSetSysColors
Status: Not hooked
#: 536 Function Name: NtUserSetSystemCursor
Status: Not hooked
#: 537 Function Name: NtUserSetSystemMenu
Status: Not hooked
#: 538 Function Name: NtUserSetSystemTimer
Status: Not hooked
#: 539 Function Name: NtUserSetThreadDesktop
Status: Not hooked
#: 540 Function Name: NtUserSetThreadLayoutHandles
Status: Not hooked
#: 541 Function Name: NtUserSetThreadState
Status: Not hooked
#: 542 Function Name: NtUserSetTimer
Status: Not hooked
#: 543 Function Name: NtUserSetWindowFNID
Status: Not hooked
#: 544 Function Name: NtUserSetWindowLong
Status: Not hooked
#: 545 Function Name: NtUserSetWindowPlacement
Status: Not hooked
#: 546 Function Name: NtUserSetWindowPos
Status: Not hooked
#: 547 Function Name: NtUserSetWindowRgn
Status: Not hooked
#: 548 Function Name: NtUserSetWindowsHookAW
Status: Not hooked
#: 549 Function Name: NtUserSetWindowsHookEx
Status: Not hooked
#: 550 Function Name: NtUserSetWindowStationUser
Status: Not hooked
#: 551 Function Name: NtUserSetWindowWord
Status: Not hooked
#: 552 Function Name: NtUserSetWinEventHook
Status: Not hooked
#: 553 Function Name: NtUserShowCaret
Status: Not hooked
#: 554 Function Name: NtUserShowScrollBar
Status: Not hooked
#: 555 Function Name: NtUserShowWindow
Status: Not hooked
#: 556 Function Name: NtUserShowWindowAsync
Status: Not hooked
#: 557 Function Name: NtUserSoundSentry
Status: Not hooked
#: 558 Function Name: NtUserSwitchDesktop
Status: Not hooked
#: 559 Function Name: NtUserSystemParametersInfo
Status: Not hooked
#: 560 Function Name: NtUserTestForInteractiveUser
Status: Not hooked
#: 561 Function Name: NtUserThunkedMenuInfo
Status: Not hooked
#: 562 Function Name: NtUserThunkedMenuItemInfo
Status: Not hooked
#: 563 Function Name: NtUserToUnicodeEx
Status: Not hooked
#: 564 Function Name: NtUserTrackMouseEvent
Status: Not hooked
#: 565 Function Name: NtUserTrackPopupMenuEx
Status: Not hooked
#: 566 Function Name: NtUserCalcMenuBar
Status: Not hooked
#: 567 Function Name: NtUserPaintMenuBar
Status: Not hooked
#: 568 Function Name: NtUserTranslateAccelerator
Status: Not hooked
#: 569 Function Name: NtUserTranslateMessage
Status: Not hooked
#: 570 Function Name: NtUserUnhookWindowsHookEx
Status: Not hooked
#: 571 Function Name: NtUserUnhookWinEvent
Status: Not hooked
#: 572 Function Name: NtUserUnloadKeyboardLayout
Status: Not hooked
#: 573 Function Name: NtUserUnlockWindowStation
Status: Not hooked
#: 574 Function Name: NtUserUnregisterClass
Status: Not hooked
#: 575 Function Name: NtUserUnregisterUserApiHook
Status: Not hooked
#: 576 Function Name: NtUserUnregisterHotKey
Status: Not hooked
#: 577 Function Name: NtUserUpdateInputContext
Status: Not hooked
#: 578 Function Name: NtUserUpdateInstance
Status: Not hooked
#: 579 Function Name: NtUserUpdateLayeredWindow
Status: Not hooked
#: 580 Function Name: NtUserGetLayeredWindowAttributes
Status: Not hooked
#: 581 Function Name: NtUserSetLayeredWindowAttributes
Status: Not hooked
#: 582 Function Name: NtUserUpdatePerUserSystemParameters
Status: Not hooked
#: 583 Function Name: NtUserUserHandleGrantAccess
Status: Not hooked
#: 584 Function Name: NtUserValidateHandleSecure
Status: Not hooked
#: 585 Function Name: NtUserValidateRect
Status: Not hooked
#: 586 Function Name: NtUserValidateTimerCallback
Status: Not hooked
#: 587 Function Name: NtUserVkKeyScanEx
Status: Not hooked
#: 588 Function Name: NtUserWaitForInputIdle
Status: Not hooked
#: 589 Function Name: NtUserWaitForMsgAndEvent
Status: Not hooked
#: 590 Function Name: NtUserWaitMessage
Status: Not hooked
#: 591 Function Name: NtUserWin32PoolAllocationStats
Status: Not hooked
#: 592 Function Name: NtUserWindowFromPoint
Status: Not hooked
#: 593 Function Name: NtUserYieldTask
Status: Not hooked
#: 594 Function Name: NtUserRemoteConnect
Status: Not hooked
#: 595 Function Name: NtUserRemoteRedrawRectangle
Status: Not hooked
#: 596 Function Name: NtUserRemoteRedrawScreen
Status: Not hooked
#: 597 Function Name: NtUserRemoteStopScreenUpdates
Status: Not hooked
#: 598 Function Name: NtUserCtxDisplayIOCtl
Status: Not hooked
#: 599 Function Name: NtGdiEngAssociateSurface
Status: Not hooked
#: 600 Function Name: NtGdiEngCreateBitmap
Status: Not hooked
#: 601 Function Name: NtGdiEngCreateDeviceSurface
Status: Not hooked
#: 602 Function Name: NtGdiEngCreateDeviceBitmap
Status: Not hooked
#: 603 Function Name: NtGdiEngCreatePalette
Status: Not hooked
#: 604 Function Name: NtGdiEngComputeGlyphSet
Status: Not hooked
#: 605 Function Name: NtGdiEngCopyBits
Status: Not hooked
#: 606 Function Name: NtGdiEngDeletePalette
Status: Not hooked
#: 607 Function Name: NtGdiEngDeleteSurface
Status: Not hooked
#: 608 Function Name: NtGdiEngEraseSurface
Status: Not hooked
#: 609 Function Name: NtGdiEngUnlockSurface
Status: Not hooked
#: 610 Function Name: NtGdiEngLockSurface
Status: Not hooked
#: 611 Function Name: NtGdiEngBitBlt
Status: Not hooked
#: 612 Function Name: NtGdiEngStretchBlt
Status: Not hooked
#: 613 Function Name: NtGdiEngPlgBlt
Status: Not hooked
#: 614 Function Name: NtGdiEngMarkBandingSurface
Status: Not hooked
#: 615 Function Name: NtGdiEngStrokePath
Status: Not hooked
#: 616 Function Name: NtGdiEngFillPath
Status: Not hooked
#: 617 Function Name: NtGdiEngStrokeAndFillPath
Status: Not hooked
#: 618 Function Name: NtGdiEngPaint
Status: Not hooked
#: 619 Function Name: NtGdiEngLineTo
Status: Not hooked
#: 620 Function Name: NtGdiEngAlphaBlend
Status: Not hooked
#: 621 Function Name: NtGdiEngGradientFill
Status: Not hooked
#: 622 Function Name: NtGdiEngTransparentBlt
Status: Not hooked
#: 623 Function Name: NtGdiEngTextOut
Status: Not hooked
#: 624 Function Name: NtGdiEngStretchBltROP
Status: Not hooked
#: 625 Function Name: NtGdiXLATEOBJ_cGetPalette
Status: Not hooked
#: 626 Function Name: NtGdiXLATEOBJ_iXlate
Status: Not hooked
#: 627 Function Name: NtGdiXLATEOBJ_hGetColorTransform
Status: Not hooked
#: 628 Function Name: NtGdiCLIPOBJ_bEnum
Status: Not hooked
#: 629 Function Name: NtGdiCLIPOBJ_cEnumStart
Status: Not hooked
#: 630 Function Name: NtGdiCLIPOBJ_ppoGetPath
Status: Not hooked
#: 631 Function Name: NtGdiEngDeletePath
Status: Not hooked
#: 632 Function Name: NtGdiEngCreateClip
Status: Not hooked
#: 633 Function Name: NtGdiEngDeleteClip
Status: Not hooked
#: 634 Function Name: NtGdiBRUSHOBJ_ulGetBrushColor
Status: Not hooked
#: 635 Function Name: NtGdiBRUSHOBJ_pvAllocRbrush
Status: Not hooked
#: 636 Function Name: NtGdiBRUSHOBJ_pvGetRbrush
Status: Not hooked
#: 637 Function Name: NtGdiBRUSHOBJ_hGetColorTransform
Status: Not hooked
#: 638 Function Name: NtGdiXFORMOBJ_bApplyXform
Status: Not hooked
#: 639 Function Name: NtGdiXFORMOBJ_iGetXform
Status: Not hooked
#: 640 Function Name: NtGdiFONTOBJ_vGetInfo
Status: Not hooked
#: 641 Function Name: NtGdiFONTOBJ_pxoGetXform
Status: Not hooked
#: 642 Function Name: NtGdiFONTOBJ_cGetGlyphs
Status: Not hooked
#: 643 Function Name: NtGdiFONTOBJ_pifi
Status: Not hooked
#: 644 Function Name: NtGdiFONTOBJ_pfdg
Status: Not hooked
#: 645 Function Name: NtGdiFONTOBJ_pQueryGlyphAttrs
Status: Not hooked
#: 646 Function Name: NtGdiFONTOBJ_pvTrueTypeFontFile
Status: Not hooked
#: 647 Function Name: NtGdiFONTOBJ_cGetAllGlyphHandles
Status: Not hooked
#: 648 Function Name: NtGdiSTROBJ_bEnum
Status: Not hooked
#: 649 Function Name: NtGdiSTROBJ_bEnumPositionsOnly
Status: Not hooked
#: 650 Function Name: NtGdiSTROBJ_bGetAdvanceWidths
Status: Not hooked
#: 651 Function Name: NtGdiSTROBJ_vEnumStart
Status: Not hooked
#: 652 Function Name: NtGdiSTROBJ_dwGetCodePage
Status: Not hooked
#: 653 Function Name: NtGdiPATHOBJ_vGetBounds
Status: Not hooked
#: 654 Function Name: NtGdiPATHOBJ_bEnum
Status: Not hooked
#: 655 Function Name: NtGdiPATHOBJ_vEnumStart
Status: Not hooked
#: 656 Function Name: NtGdiPATHOBJ_vEnumStartClipLines
Status: Not hooked
#: 657 Function Name: NtGdiPATHOBJ_bEnumClipLines
Status: Not hooked
#: 658 Function Name: NtGdiGetDhpdev
Status: Not hooked
#: 659 Function Name: NtGdiEngCheckAbort
Status: Not hooked
#: 660 Function Name: NtGdiHT_Get8BPPFormatPalette
Status: Not hooked
#: 661 Function Name: NtGdiHT_Get8BPPMaskPalette
Status: Not hooked
#: 662 Function Name: NtGdiUpdateTransform
Status: Not hooked
#: 663 Function Name: NtGdiSetPUMPDOBJ
Status: Not hooked
#: 664 Function Name: NtGdiBRUSHOBJ_DeleteRbrush
Status: Not hooked
#: 665 Function Name: NtGdiUnmapMemFont
Status: Not hooked
#: 666 Function Name: NtGdiDrawStream
Status: Not hooked
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/11/15 23:29
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================
Processes
-------------------
Path: System
PID: 4 Status: -
Path: C:\WINDOWS\explorer.exe
PID: 216 Status: -
Path: C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PID: 280 Status: -
Path: C:\Program Files\Hp\Digital Imaging\bin\hpqimzone.exe
PID: 444 Status: -
Path: C:\WINDOWS\system32\winsc.exe
PID: 488 Status: -
Path: C:\WINDOWS\system32\smss.exe
PID: 600 Status: -
Path: C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
PID: 812 Status: -
Path: C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
PID: 816 Status: -
Path: C:\WINDOWS\system32\csrss.exe
PID: 824 Status: -
Path: C:\WINDOWS\system32\winlogon.exe
PID: 848 Status: -
Path: C:\WINDOWS\system32\services.exe
PID: 900 Status: -
Path: C:\WINDOWS\system32\lsass.exe
PID: 912 Status: -
Path: C:\WINDOWS\system32\hkcmd.exe
PID: 984 Status: -
Path: C:\WINDOWS\system32\igfxpers.exe
PID: 992 Status: -
Path: C:\WINDOWS\system32\svchost.exe
PID: 1116 Status: -
Path: C:\WINDOWS\system32\svchost.exe
PID: 1164 Status: -
Path: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PID: 1204 Status: -
Path: C:\Program Files\Hp\QuickPlay\QPService.exe
PID: 1224 Status: -
Path: C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
PID: 1312 Status: -
Path: C:\Program Files\iPod\bin\iPodService.exe
PID: 1352 Status: -
Path: C:\WINDOWS\system32\svchost.exe
PID: 1408 Status: -
Path: C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
PID: 1448 Status: -
Path: C:\WINDOWS\system32\svchost.exe
PID: 1456 Status: -
Path: C:\Program Files\iTunes\iTunesHelper.exe
PID: 1516 Status: -
Path: C:\WINDOWS\system32\svchost.exe
PID: 1520 Status: -
Path: C:\Program Files\McAfee.com\Agent\mcagent.exe
PID: 1576 Status: -
Path: C:\Program Files\Personal Guard 2009\personalguard.exe
PID: 1680 Status: -
Path: C:\Program Files\Internet Explorer\iexplore.exe
PID: 1684 Status: -
Path: C:\WINDOWS\system32\ctfmon.exe
PID: 1796 Status: -
Path: C:\WINDOWS\system32\spoolsv.exe
PID: 1876 Status: -
Path: C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PID: 1948 Status: -
Path: C:\Documents and Settings\Kaitlyn\Temporary Internet Files\Content.IE5\6I3ZI6PH\RootRepeal[1].exe
PID: 1972 Status: -
Path: C:\WINDOWS\system32\wbem\wmiprvse.exe
PID: 1992 Status: -
Path: C:\WINDOWS\system32\svchost.exe
PID: 2088 Status: -
Path: C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PID: 2120 Status: -
Path: C:\Program Files\Bonjour\mDNSResponder.exe
PID: 2140 Status: -
Path: C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
PID: 2192 Status: -
Path: C:\Program Files\iWin Games\iWinTrusted.exe
PID: 2284 Status: -
Path: C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PID: 2412 Status: -
Path: C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PID: 2456 Status: -
Path: C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
PID: 2536 Status: -
Path: C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
PID: 2576 Status: -
Path: C:\PROGRA~1\COMMON~1\McAfee\MNA\McNASvc.exe
PID: 2620 Status: -
Path: C:\PROGRA~1\COMMON~1\McAfee\McProxy\McProxy.exe
PID: 2736 Status: -
Path: C:\PROGRA~1\McAfee\VIRUSS~1\Mcshield.exe
PID: 2760 Status: -
Path: C:\Program Files\McAfee\MPF\MpfSrv.exe
PID: 2820 Status: -
Path: C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
PID: 2848 Status: -
Path: C:\WINDOWS\system32\alg.exe
PID: 2972 Status: -
Path: C:\WINDOWS\system32\wdfmgr.exe
PID: 3104 Status: -
Path: C:\Program Files\Viewpoint\Common\ViewpointService.exe
PID: 3308 Status: -
Path: C:\Program Files\Internet Explorer\iexplore.exe
PID: 3564 Status: -
OTL logfile created on: 11/15/2009 11:32:01 PM - Run 1
OTL by OldTimer - Version 3.1.5.0 Folder = C:\Documents and Settings\Kaitlyn\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
502.05 Mb Total Physical Memory | 123.34 Mb Available Physical Memory | 24.57% Memory free
1.20 Gb Paging File | 0.69 Gb Available in Paging File | 57.58% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 47.86 Gb Total Space | 25.12 Gb Free Space | 52.48% Space Free | Partition Type: NTFS
Drive D: | 8.01 Gb Total Space | 1.10 Gb Free Space | 13.76% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: YOUR-09DEDAFE33
Current User Name: Kaitlyn
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ==========
PRC - [2009/11/15 23:30:59 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kaitlyn\Desktop\OTL.exe
PRC - [2009/11/15 22:48:02 | 01,015,296 | ---- | M] () -- C:\Program Files\Personal Guard 2009\personalguard.exe
PRC - [2009/11/15 22:44:15 | 00,379,904 | ---- | M] () -- C:\WINDOWS\system32\winsc.exe
PRC - [2009/06/04 10:11:12 | 00,078,104 | ---- | M] (iWin Inc.) -- C:\Program Files\iWin Games\iWinTrusted.exe
PRC - [2009/04/02 15:11:02 | 00,342,312 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe
PRC - [2009/04/02 15:10:56 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe
PRC - [2009/03/26 14:31:20 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
PRC - [2009/03/25 16:25:20 | 00,797,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe
PRC - [2009/03/25 16:25:20 | 00,645,328 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2009/03/25 10:05:48 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe
PRC - [2009/03/19 10:42:02 | 00,884,360 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MpfSrv.exe
PRC - [2009/03/08 13:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/03/08 13:09:26 | 00,638,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe
PRC - [2009/02/11 10:06:36 | 00,210,216 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
PRC - [2009/02/06 04:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvse.exe
PRC - [2009/01/09 10:31:16 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe
PRC - [2009/01/09 07:06:52 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe
PRC - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/11/05 21:59:00 | 00,079,088 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe
PRC - [2008/06/10 04:27:04 | 00,144,784 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
PRC - [2008/06/10 04:27:03 | 00,329,104 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
PRC - [2008/04/13 18:12:19 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/08 16:24:20 | 00,054,840 | ---- | M] (Hewlett-Packard) -- C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
PRC - [2007/01/04 15:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe
PRC - [2006/04/11 22:54:16 | 00,102,400 | ---- | M] (CyberLink Corp.) -- C:\Program Files\Hp\QuickPlay\QPService.exe
PRC - [2006/03/23 06:17:50 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2006/03/23 06:13:40 | 00,077,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2006/03/03 23:46:48 | 00,761,948 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
PRC - [2006/02/27 17:02:06 | 00,581,693 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2006/02/27 17:00:58 | 01,265,748 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
PRC - [2006/02/27 16:55:44 | 00,258,103 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
PRC - [2006/02/17 16:26:32 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe
PRC - [2006/02/14 20:49:22 | 00,454,656 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe
PRC - [2005/12/23 22:44:26 | 00,491,606 | ---- | M] () -- C:\Program Files\HPQ\Shared\HpqToaster.exe
PRC - [2005/09/24 10:42:32 | 00,475,136 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files\Hp\Digital Imaging\bin\hpqimzone.exe
PRC - [2005/01/28 14:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe
========== Modules (SafeList) ==========
MOD - [2009/11/15 23:30:59 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kaitlyn\Desktop\OTL.exe
MOD - [2009/08/15 20:28:03 | 00,089,600 | -HS- | M] () -- C:\WINDOWS\system32\teyesoro.dll
MOD - [2009/08/13 20:27:42 | 00,051,200 | -HS- | M] () -- C:\WINDOWS\system32\wimoroka.dll
MOD - [2009/02/11 10:06:38 | 00,014,032 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\sahook.dll
MOD - [2008/04/13 18:12:51 | 01,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
MOD - [2008/04/13 18:11:53 | 00,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
========== Win32 Services (SafeList) ==========
SRV - [2009/06/04 10:11:12 | 00,078,104 | ---- | M] (iWin Inc.) -- C:\Program Files\iWin Games\iWinTrusted.exe -- (iWinTrusted)
SRV - [2009/04/02 15:10:56 | 00,656,168 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV - [2009/04/01 13:21:30 | 00,365,072 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009/03/26 14:31:20 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/03/25 16:25:20 | 00,797,864 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2009/03/25 10:05:48 | 00,144,704 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009/03/23 23:03:18 | 00,606,736 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\VirusScan\mcsysmon.exe -- (McSysmon)
SRV - [2009/03/23 21:22:38 | 00,183,280 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2009/03/19 10:42:02 | 00,884,360 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009/02/11 10:06:36 | 00,210,216 | ---- | M] () -- C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/01/09 10:31:16 | 02,482,848 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\MNA\McNASvc.exe -- (McNASvc)
SRV - [2009/01/09 07:06:52 | 00,359,952 | ---- | M] (McAfee, Inc.) -- c:\Program Files\Common Files\McAfee\McProxy\McProxy.exe -- (McProxy)
SRV - [2008/12/12 10:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service)
SRV - [2008/04/13 18:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2007/01/04 15:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation) -- C:\Program Files\Viewpoint\Common\ViewpointService.exe -- (Viewpoint Manager Service)
SRV - [2006/02/27 16:55:44 | 00,258,103 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe -- (btwdins)
SRV - [2006/02/17 16:26:32 | 00,073,728 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2005/04/04 01:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2005/01/28 14:44:28 | 00,038,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdfmgr.exe -- (UMWdf)
SRV - [2004/07/15 11:49:26 | 00,032,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe -- (aspnet_state)
SRV - [2003/07/28 13:28:22 | 00,089,136 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.c...aspx?TbId=60170
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.c...rch/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.c...spx?tb_id=60170
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...m...tf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://myyahoo.com/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - HKLM\software\mozilla\Firefox\Extensions\\{A49E0270-5083-4BBB-B2CD-28F048918E72}: C:\Documents and Settings\Kaitlyn\Local Settings\Application Data\{A49E0270-5083-4BBB-B2CD-28F048918E72} [2009/04/16 10:34:19 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45}: C:\Program Files\McAfee\SiteAdvisor [2009/08/30 19:34:15 | 00,000,000 | ---D | M]
O1 HOSTS File: (306733 bytes) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 10560 more lines...
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {6500B7B4-42C3-4E13-A81E-F991E5F1592A} - C:\WINDOWS\System32\byXNgghh.dll File not found
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\Cpqset.exe ()
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\CHDAudPropShortcut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpWirelessAssistant] C:\Program Files\HPQ\HP Wireless Assistant\HP Wireless Assistant.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [personalguard] C:\Program Files\Personal Guard 2009\personalguard.exe ()
O4 - HKLM..\Run: [QPService] C:\Program Files\HP\QuickPlay\QPService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.)
O4 - HKLM..\Run: [RecGuard] C:\WINDOWS\SMINST\Recguard.exe ()
O4 - HKLM..\Run: [rofifodol] C:\WINDOWS\System32\teyesoro.DLL ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics, Inc.)
O4 - HKCU..\Run: [Aim6] File not found
O4 - HKCU..\Run: [Messenger (Yahoo!)] C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\mav\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\Bluetooth.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\StartUp\HP Photosmart Premier Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.)
O9 - Extra Button: IE Theme Search Bar - {323AF0A7-690A-47D9-819B-348831CC7DC5} - C:\Program Files\IECustomizer.com\IEButtons\SearchIECThemes.htm ()
O9 - Extra 'Tools' menuitem : Free Themes for Internet Explorer - {323AF0A7-690A-47D9-819B-348831CC7DC5} - C:\Program Files\IECustomizer.com\IEButtons\SearchIECThemes.htm ()
O9 - Extra 'Tools' menuitem : Online Themes Gallery - {472A296E-D7C1-4A70-8511-5039B09EBDDB} - File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Themes - {B9844E33-6201-47AA-B30A-BCA3363C2BFA} - C:\Program Files\IECustomizer.com\Tools\IETheme.exe (Eye Can Publishing)
O9 - Extra 'Tools' menuitem : Themes - {B9844E33-6201-47AA-B30A-BCA3363C2BFA} - C:\Program Files\IECustomizer.com\Tools\IETheme.exe (Eye Can Publishing)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 50 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: match.com ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: videopoker.com ([www] * in Trusted sites)
O15 - HKCU\..Trusted Domains: 50 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} http://www.worldwinn...rabblecubes.cab (ScrabbleCubes Control)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} http://media3.keytra.../IE/awswaxd.cab (Macromedia Authorware Web Player Control)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://www.worldwinn...GamesLoader.cab (FunGamesLoader Object)
O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} http://cached.gamede...ds_2_0_0_77.cab (GameDesire Card Games)
O16 - DPF: {1D082E71-DF20-4AAF-863B-596428C49874} http://www.worldwinn...0/tpir/tpir.cab (TPIR Control)
O16 - DPF: {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} http://www.worldwinn...0/pool/pool.cab (Pool Control)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {58FC4C77-71C2-4972-A8CD-78691AD85158} http://www.worldwinn...jattack/bja.cab (BJA Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.mi...b?1225342565870 (WUWebControl Class)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinn...ed/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {94299420-321F-4FF9-A247-62A23EBB640B} http://www.worldwinn...jo/wordmojo.cab (WordMojo Control)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} http://www.worldwinn...v57/wof/wof.cab (WoF Control)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CF969D51-F764-4FBF-9E90-475248601C8A} http://www.worldwinn.../familyfeud.cab (FamilyFeud Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ent/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://games.pogo.co...ploader_v10.cab (PopCapLoader Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (gr.dll) - File not found
O20 - AppInit_DLLs: (c:\windows\system32\) - C:\WINDOWS\System32\ [2009/11/15 23:12:18 | 00,000,000 | ---D | M]
O20 - AppInit_DLLs: (famugawe.dll) - File not found
O20 - AppInit_DLLs: (c:\windows\system32\yamijoja.dll) - C:\WINDOWS\System32\yamijoja.dll File not found
O20 - AppInit_DLLs: (wimoroka.dll) - C:\WINDOWS\System32\wimoroka.dll ()
O20 - AppInit_DLLs: (c:\windows\system32\teyesoro.dll) - C:\WINDOWS\system32\teyesoro.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (logon.exe) - C:\WINDOWS\System32\logon.exe ()
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O21 - SSODL: juluyuzob - {88fd1f32-51f3-4390-9b78-9aba8a9a2036} - C:\WINDOWS\system32\teyesoro.dll ()
O21 - SSODL: SysNet - {D6E12ED5-1E48-44C2-BB85-6E8B5C287980} - C:\Documents and Settings\All Users\Microsoft AData\sysnet.dll ()
O22 - SharedTaskScheduler: {88fd1f32-51f3-4390-9b78-9aba8a9a2036} - kupuhivus - C:\WINDOWS\system32\teyesoro.dll ()
O24 - Desktop Components:0 (My Current Home Page) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/07/27 22:07:38 | 00,000,000 | -HS- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2008/11/05 20:19:22 | 00,000,090 | ---- | M] () - D:\Autorun.inf -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 14:01:14 | 00,000,053 | -HS- | M] () - D:\AUTORUN.FCB -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
NetSvcs: 6to4 - File not found
NetSvcs: Ias - C:\WINDOWS\system32\ias [2008/10/27 00:45:03 | 00,000,000 | ---D | M]
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: Wmi - C:\WINDOWS\system32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: helpsvc - C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll (Microsoft Corporation)
========== Files/Folders - Created Within 14 Days ==========
[2009/11/15 23:30:51 | 00,529,408 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kaitlyn\Desktop\OTL.exe
[2009/11/15 23:06:46 | 00,339,456 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kaitlyn\Desktop\TFC.exe
[2009/11/15 23:01:45 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2009/11/15 23:01:31 | 00,812,344 | ---- | C] (Trend Micro Inc.) -- C:\Documents and Settings\Kaitlyn\Desktop\HJTInstall.exe
[2009/11/15 22:57:14 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/11/15 22:57:12 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/11/15 22:57:12 | 00,000,000 | ---D | C] -- C:\Program Files\mav
[2009/11/15 22:54:10 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/11/15 22:44:13 | 00,000,000 | ---D | C] -- C:\Program Files\Personal Guard 2009
[2009/11/15 22:44:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Microsoft AData
[2009/11/15 19:59:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Kaitlyn\Local Settings\Application Data\Yahoo!
[2009/11/09 18:29:46 | 00,000,000 | ---D | C] -- C:\VundoFix Backups
[2005/09/24 10:49:16 | 00,012,288 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\WINDOWS\Fonts\RandFont.dll
========== Files - Modified Within 14 Days ==========
[2009/11/15 23:34:45 | 00,006,456 | -H-- | M] () -- C:\WINDOWS\System32\sesayefu
[2009/11/15 23:30:59 | 00,529,408 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kaitlyn\Desktop\OTL.exe
[2009/11/15 23:28:23 | 00,000,015 | ---- | M] () -- C:\Documents and Settings\Kaitlyn\Desktop\settings.dat
[2009/11/15 23:22:02 | 00,000,592 | ---- | M] () -- C:\Documents and Settings\Kaitlyn\Desktop\ERUNT.lnk
[2009/11/15 23:16:59 | 00,015,145 | ---- | M] () -- C:\WINDOWS\System32\Config.MPF
[2009/11/15 23:16:32 | 00,000,313 | ---- | M] () -- C:\hpqp.ini
[2009/11/15 23:15:26 | 00,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2009/11/15 23:14:51 | 00,000,039 | ---- | M] () -- C:\XP_TV.ini
[2009/11/15 23:14:05 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/11/15 23:14:02 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/11/15 23:13:59 | 52,650,3936 | -HS- | M] () -- C:\hiberfil.sys
[2009/11/15 23:13:07 | 08,126,464 | ---- | M] () -- C:\Documents and Settings\Kaitlyn\ntuser.dat
[2009/11/15 23:13:07 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Kaitlyn\ntuser.ini
[2009/11/15 23:06:57 | 00,339,456 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kaitlyn\Desktop\TFC.exe
[2009/11/15 23:01:45 | 00,001,734 | ---- | M] () -- C:\Documents and Settings\Kaitlyn\Desktop\HijackThis.lnk
[2009/11/15 23:01:35 | 00,812,344 | ---- | M] (Trend Micro Inc.) -- C:\Documents and Settings\Kaitlyn\Desktop\HJTInstall.exe
[2009/11/15 22:48:03 | 00,051,197 | ---- | M] () -- C:\WINDOWS\spoov.exe
[2009/11/15 22:48:03 | 00,047,872 | ---- | M] () -- C:\WINDOWS\certsystem.exe
[2009/11/15 22:48:03 | 00,038,352 | ---- | M] () -- C:\WINDOWS\regred.exe
[2009/11/15 22:48:03 | 00,033,149 | ---- | M] () -- C:\WINDOWS\usexplorer.exe
[2009/11/15 22:48:03 | 00,028,320 | ---- | M] () -- C:\WINDOWS\securits.com
[2009/11/15 22:48:03 | 00,018,941 | ---- | M] () -- C:\WINDOWS\microsoftdef.dll
[2009/11/15 22:44:15 | 00,379,904 | ---- | M] () -- C:\WINDOWS\System32\winsc.exe
[2009/11/15 22:40:08 | 03,702,222 | -H-- | M] () -- C:\Documents and Settings\Kaitlyn\Local Settings\Application Data\IconCache.db
[2009/11/15 22:28:08 | 00,000,036 | ---- | M] () -- C:\Documents and Settings\Kaitlyn\Local Settings\Application Data\housecall.guid.cache
[2009/11/15 01:33:53 | 00,000,344 | ---- | M] () -- C:\WINDOWS\tasks\McDefragTask.job
[2009/11/10 12:55:04 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/11/09 20:07:56 | 00,000,588 | ---- | M] () -- C:\Documents and Settings\Kaitlyn\Application Data\wklnhst.dat
[2009/11/09 18:19:51 | 00,439,376 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/11/09 18:19:51 | 00,380,918 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/11/09 18:19:51 | 00,053,166 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/11/09 18:02:24 | 00,000,587 | ---- | M] () -- C:\WINDOWS\WININIT.INI
[2009/11/09 16:12:23 | 00,018,438 | ---- | M] () -- C:\Documents and Settings\Kaitlyn\Desktop\Nov statement.pdf
[2009/11/07 18:53:19 | 00,031,748 | ---- | M] () -- C:\WINDOWS\System32\logon.exe
========== Files Created - No Company Name ==========
[2009/11/15 23:26:11 | 00,000,015 | ---- | C] () -- C:\Documents and Settings\Kaitlyn\Desktop\settings.dat
[2009/11/15 23:22:02 | 00,000,592 | ---- | C] () -- C:\Documents and Settings\Kaitlyn\Desktop\ERUNT.lnk
[2009/11/15 23:01:45 | 00,001,734 | ---- | C] () -- C:\Documents and Settings\Kaitlyn\Desktop\HijackThis.lnk
[2009/11/15 22:44:15 | 00,379,904 | ---- | C] () -- C:\WINDOWS\System32\winsc.exe
[2009/11/15 22:44:13 | 00,051,197 | ---- | C] () -- C:\WINDOWS\spoov.exe
[2009/11/15 22:44:13 | 00,047,872 | ---- | C] () -- C:\WINDOWS\certsystem.exe
[2009/11/15 22:44:13 | 00,038,352 | ---- | C] () -- C:\WINDOWS\regred.exe
[2009/11/15 22:44:13 | 00,033,149 | ---- | C] () -- C:\WINDOWS\usexplorer.exe
[2009/11/15 22:44:13 | 00,028,320 | ---- | C] () -- C:\WINDOWS\securits.com
[2009/11/15 22:44:13 | 00,018,941 | ---- | C] () -- C:\WINDOWS\microsoftdef.dll
[2009/11/15 22:28:08 | 00,000,036 | ---- | C] () -- C:\Documents and Settings\Kaitlyn\Local Settings\Application Data\housecall.guid.cache
[2009/11/09 18:02:51 | 00,006,456 | -H-- | C] () -- C:\WINDOWS\System32\sesayefu
[2009/11/09 16:12:23 | 00,018,438 | ---- | C] () -- C:\Documents and Settings\Kaitlyn\Desktop\Nov statement.pdf
[2009/11/07 18:53:27 | 00,031,748 | ---- | C] () -- C:\WINDOWS\System32\logon.exe
[2009/08/15 20:28:03 | 00,089,600 | -HS- | C] () -- C:\WINDOWS\System32\teyesoro.dll
[2009/08/15 20:28:03 | 00,038,400 | -HS- | C] () -- C:\WINDOWS\System32\lagimete.dll
[2009/08/15 08:27:51 | 00,089,088 | -HS- | C] () -- C:\WINDOWS\System32\favuyije.dll
[2009/08/15 08:27:51 | 00,038,400 | -HS- | C] () -- C:\WINDOWS\System32\mijupaja.dll
[2009/08/14 20:27:41 | 00,089,600 | -HS- | C] () -- C:\WINDOWS\System32\forasuho.dll
[2009/08/14 20:27:41 | 00,037,888 | -HS- | C] () -- C:\WINDOWS\System32\zagidato.dll
[2009/08/14 08:27:29 | 00,089,600 | -HS- | C] () -- C:\WINDOWS\System32\jokudoyu.dll
[2009/08/14 08:27:29 | 00,038,400 | -HS- | C] () -- C:\WINDOWS\System32\fupafeyo.dll
[2009/08/13 20:27:42 | 00,051,200 | -HS- | C] () -- C:\WINDOWS\System32\wimoroka.dll
[2009/08/13 20:27:42 | 00,051,200 | -HS- | C] () -- C:\WINDOWS\System32\ratapeju.dll
[2009/08/13 20:27:41 | 00,051,200 | -HS- | C] () -- C:\WINDOWS\System32\bimujofo.dll
[2009/08/13 20:27:09 | 00,089,600 | -HS- | C] () -- C:\WINDOWS\System32\bofesuki.dll
[2009/08/13 20:27:09 | 00,051,200 | -HS- | C] () -- C:\WINDOWS\System32\budibusi.dll
[2009/08/13 20:27:09 | 00,038,400 | -HS- | C] () -- C:\WINDOWS\System32\jidojeke.dll
[2009/08/13 08:26:42 | 00,051,712 | -HS- | C] () -- C:\WINDOWS\System32\rewokita.dll
[2009/08/12 20:26:26 | 00,090,624 | -HS- | C] () -- C:\WINDOWS\System32\nejejuhi.dll
[2009/08/12 20:26:26 | 00,038,912 | -HS- | C] () -- C:\WINDOWS\System32\tevupiru.dll
[2009/08/11 18:09:49 | 00,090,112 | -HS- | C] () -- C:\WINDOWS\System32\guborusi.dll
[2009/08/11 06:09:35 | 00,039,424 | -HS- | C] () -- C:\WINDOWS\System32\tiwupeki.dll
[2009/08/10 18:09:30 | 00,052,736 | -HS- | C] () -- C:\WINDOWS\System32\bejayiti.dll
[2009/08/10 18:09:30 | 00,038,400 | -HS- | C] () -- C:\WINDOWS\System32\sawumupo.dll
[2009/08/10 06:09:22 | 00,089,088 | -HS- | C] () -- C:\WINDOWS\System32\valalafo.dll
[2009/08/10 06:09:22 | 00,037,888 | -HS- | C] () -- C:\WINDOWS\System32\lutalafo.dll
[2009/08/09 18:09:18 | 00,089,600 | -HS- | C] () -- C:\WINDOWS\System32\wamugupu.dll
[2009/08/09 18:09:18 | 00,051,712 | -HS- | C] () -- C:\WINDOWS\System32\besifega.dll
[2009/08/09 18:09:18 | 00,037,888 | -HS- | C] () -- C:\WINDOWS\System32\rowugopu.dll
[2009/08/09 18:02:54 | 00,051,712 | -HS- | C] () -- C:\WINDOWS\System32\mudeweba.dll
[2009/08/09 18:02:54 | 00,037,888 | -HS- | C] () -- C:\WINDOWS\System32\vubumega.dll
[2009/08/08 18:53:20 | 00,090,112 | -HS- | C] () -- C:\WINDOWS\System32\fumilusi.dll
[2009/08/08 06:53:17 | 00,090,112 | -HS- | C] () -- C:\WINDOWS\System32\mejeweme.dll
[2009/04/16 07:23:47 | 00,013,683 | ---- | C] () -- C:\WINDOWS\GnuHashes.ini
[2009/04/16 07:15:46 | 00,000,294 | -HS- | C] () -- C:\Documents and Settings\Kaitlyn\Application Data\02000000f8216911577O.manifest
[2009/04/16 07:15:46 | 00,000,011 | -HS- | C] () -- C:\Documents and Settings\Kaitlyn\Application Data\02000000f8216911577S.manifest
[2009/04/16 07:15:45 | 00,005,737 | -HS- | C] () -- C:\Documents and Settings\Kaitlyn\Application Data\02000000f8216911577C.manifest
[2009/04/16 07:15:45 | 00,001,811 | -HS- | C] () -- C:\Documents and Settings\Kaitlyn\Application Data\02000000f8216911577P.manifest
[2009/04/07 14:55:39 | 00,000,588 | ---- | C] () -- C:\Documents and Settings\Kaitlyn\Application Data\wklnhst.dat
[2008/11/05 11:46:19 | 00,006,144 | ---- | C] () -- C:\Documents and Settings\Kaitlyn\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/10/28 20:00:10 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Kaitlyn\Application Data\desktop.ini
[2008/10/28 20:00:09 | 03,702,222 | -H-- | C] () -- C:\Documents and Settings\Kaitlyn\Local Settings\Application Data\IconCache.db
[2008/10/28 20:00:09 | 00,064,568 | ---- | C] () -- C:\Documents and Settings\Kaitlyn\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2008/10/28 20:00:09 | 00,000,130 | ---- | C] () -- C:\Documents and Settings\Kaitlyn\Local Settings\Application Data\fusioncache.dat
[2008/10/28 20:00:09 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Kaitlyn\Local Settings\Application Data\DSwitch.txt
[2008/10/28 20:00:09 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Kaitlyn\Local Settings\Application Data\AtStart.txt
[2008/10/28 20:00:08 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\Kaitlyn\Local Settings\Application Data\QSwitch.txt
[2006/05/09 07:19:58 | 00,000,031 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2006/05/09 07:16:56 | 00,000,698 | ---- | C] () -- C:\WINDOWS\NSSetDefaultBrowser.ini
[2006/05/09 06:57:54 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2006/05/09 06:54:12 | 00,028,836 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2006/03/27 11:00:36 | 00,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/03/27 10:24:48 | 00,000,368 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/03/27 10:20:24 | 00,000,587 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2006/03/27 10:17:12 | 00,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2006/03/27 09:59:58 | 00,000,642 | ---- | C] () -- C:\WINDOWS\win.ini
[2006/03/27 01:50:12 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2006/03/27 01:49:50 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2006/02/27 16:51:36 | 00,090,112 | ---- | C] () -- C:\WINDOWS\System32\btprn2k.dll
[2005/12/02 12:09:10 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/01/13 13:46:34 | 00,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2003/01/07 16:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002/05/15 22:29:04 | 00,000,607 | ---- | C] () -- C:\WINDOWS\System32\BTNeighborhood.dll.manifest
[2001/11/23 17:18:00 | 00,000,597 | ---- | C] () -- C:\WINDOWS\System32\btcss.dll.manifest
[2001/11/14 12:56:00 | 01,802,240 | ---- | C] () -- C:\WINDOWS\System32\lcppn21.dll
========== LOP Check ==========
[2009/03/24 14:19:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\acccore
[2009/01/10 14:44:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FunGames
[2009/06/07 16:57:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\iWin Games
[2009/06/22 01:17:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst
[2009/01/30 06:30:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2009/06/20 06:29:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/03/24 14:19:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2009/04/08 22:28:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/03/24 14:25:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kaitlyn\Application Data\acccore
[2009/10/31 08:30:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kaitlyn\Application Data\FrostWire
[2008/11/09 21:09:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kaitlyn\Application Data\funkitron
[2009/06/20 05:01:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kaitlyn\Application Data\GanymedeNet
[2008/12/23 23:45:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kaitlyn\Application Data\IMVU
[2008/12/23 23:45:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kaitlyn\Application Data\IMVUClient
[2008/12/14 02:10:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kaitlyn\Application Data\Leadertech
[2009/06/22 01:17:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kaitlyn\Application Data\PlayFirst
[2009/04/07 14:55:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kaitlyn\Application Data\Template
[2009/04/14 04:43:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Kaitlyn\Application Data\Viewpoint
[2004/08/04 15:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/11/15 01:33:53 | 00,000,344 | ---- | M] () -- C:\WINDOWS\Tasks\McDefragTask.job
[2009/11/01 00:00:31 | 00,000,336 | ---- | M] () -- C:\WINDOWS\Tasks\McQcTask.job
[2009/11/15 23:14:05 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.exe >
< %SYSTEMDRIVE%\eventlog.dll /s /md5 >
[2004/08/04 15:00:00 | 00,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
[2008/04/13 18:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 18:11:53 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
< %SYSTEMDRIVE%\scecli.dll /s /md5 >
[2004/08/04 15:00:00 | 00,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
[2008/04/13 18:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 18:12:05 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
< %SYSTEMDRIVE%\netlogon.dll /s /md5 >
[2004/08/04 15:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2008/04/13 18:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 18:12:01 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
< %SYSTEMDRIVE%\cngaudit.dll /s /md5 >
< %SYSTEMDRIVE%\sceclt.dll /s /md5 >
< %SYSTEMDRIVE%\ntelogon.dll /s /md5 >
< %SYSTEMDRIVE%\logevent.dll /s /md5 >
< %SYSTEMDRIVE%\iaStor.sys /s /md5 >
[2005/10/13 03:07:12 | 00,874,240 | ---- | M] (Intel Corporation) MD5=309C4D86D989FB1FCF64BD30DC81C51B -- C:\SWSETUP\HDD\iastor.sys
[2005/10/13 03:07:12 | 00,874,240 | ---- | M] (Intel Corporation) MD5=309C4D86D989FB1FCF64BD30DC81C51B -- C:\WINDOWS\system32\drivers\iaStor.sys
< %SYSTEMDRIVE%\nvstor.sys /s /md5 >
< %SYSTEMDRIVE%\atapi.sys /s /md5 >
[2004/08/03 23:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2008/04/13 12:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 12:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 08:59:44 | 00,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\atapi.sys
< %SYSTEMDRIVE%\IdeChnDr.sys /s /md5 >
< %SYSTEMDRIVE%\viasraid.sys /s /md5 >
< %SYSTEMDRIVE%\AGP440.sys /s /md5 >
[2004/08/04 09:07:42 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
[2008/04/13 12:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 12:36:38 | 00,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< %SYSTEMDRIVE%\vaxscsi.sys /s /md5 >
========== Alternate Data Streams ==========
@Alternate Data Stream - 132 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:BA43D2E3
< End of report >
OTL Extras logfile created on: 11/15/2009 11:32:02 PM - Run 1
OTL by OldTimer - Version 3.1.5.0 Folder = C:\Documents and Settings\Kaitlyn\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
502.05 Mb Total Physical Memory | 123.34 Mb Available Physical Memory | 24.57% Memory free
1.20 Gb Paging File | 0.69 Gb Available in Paging File | 57.58% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 47.86 Gb Total Space | 25.12 Gb Free Space | 52.48% Space Free | Partition Type: NTFS
Drive D: | 8.01 Gb Total Space | 1.10 Gb Free Space | 13.76% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: YOUR-09DEDAFE33
Current User Name: Kaitlyn
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
"UpdatesDisableNotify" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"" =
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"" =
"C:\Program Files\Vongo\VongoService.exe" = C:\Program Files\Vongo\VongoService.exe:*:enabled:VongoService -- (Starz Entertainment Group LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe" = C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink -- File not found
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger -- (Yahoo! Inc.)
"C:\WINDOWS\system32\mmc.exe" = C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console -- (Microsoft Corporation)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" = C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader -- (AOL LLC)
"C:\Program Files\AIM6\aim6.exe" = C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM -- (AOL LLC)
"C:\Program Files\HP Rhapsody\rhapsody.exe" = C:\Program Files\HP Rhapsody\rhapsody.exe:*:Enabled:Rhapsody -- File not found
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent -- (McAfee, Inc.)
"C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation)
"C:\Program Files\iWin Games\iWinGames.exe" = C:\Program Files\iWin Games\iWinGames.exe:*:Enabled:iWin Games application. -- (iWin Inc.)
"C:\Program Files\iWin Games\WebUpdater.exe" = C:\Program Files\iWin Games\WebUpdater.exe:*:Enabled:iWin Games updater. -- ()
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour -- (Apple Inc.)
"C:\WINDOWS\explorer.exe" = C:\WINDOWS\explorer.exe:*:Enabled:Explorer -- (Microsoft Corporation)
"C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" = C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe:*:Enabled:SpybotSD -- (Safer Networking Limited)
"C:\Program Files\McAfee\MSC\mcmscsvc.exe" = C:\Program Files\McAfee\MSC\mcmscsvc.exe:*:Enabled:mcmscsvc -- (McAfee, Inc.)
"C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe" = C:\Program Files\Common Files\McAfee\McProxy\McProxy.exe:*:Enabled:mcproxy -- (McAfee, Inc.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07287123-B8AC-41CE-8346-3D777245C35B}" = Bonjour
"{075473F5-846A-448B-BCB3-104AA1760205}" = Sonic Data Module
"{09D8492A-C8E2-421E-927D-46800FB327A3}" = Wireless Home Network Setup
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1CB34CE9-0E6B-493F-BB66-3425E5DF76E5}" = CP_CalendarTemplates1
"{21657574-BD54-48A2-9450-EB03B2C7FC29}" = Sonic MyDVD Plus
"{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime
"{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23B35809-5E4A-4F14-8332-1CDEDDFAC089}" = CP_Package_Variety2
"{24BEBF2E-73F3-4599-840B-EDC612CCDD0D}" = Destinations
"{286F29AF-0BE2-4D5F-AB17-B7631A810553}" = muvee autoProducer 4.5
"{2A548002-9042-4083-A270-B67473DE1073}" = SkinsHP1
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Sonic Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0150060}" = J2SE Runtime Environment 5.0 Update 6
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{3347F0DF-4396-4DAB-9DDA-81D38B08FF63}_is1" = Internet Explorer Theme Manager (1.1.3)
"{34F3FCF1-817B-4D61-B6AF-19D9486AFEA0}" = Unload
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36D620AD-EEBA-4973-BA86-0C9AE6396620}" = OptionalContentQFolder
"{3F4EC965-28EF-45C3-B063-04B25D4E9679}" = HP Integrated Module with Bluetooth wireless technology
"{3F92ABBB-6BBF-11D5-B229-002078017FBF}" = NetWaiting
"{3FE0CFAB-584A-4AA5-B8CD-C32284CFA308}" = RandMap
"{4041C245-7099-4C96-9738-5EBC23827B3C}" = BufferChm
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}" = HP Wireless Assistant 2.00 E1
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 2.1
"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant
"{494D17B5-3369-4905-8C4B-80C972C5E0FF}" = CP_Panorama1Config
"{4DA4012B-39AF-48c2-B23B-A4D570D233A6}" = cp_LightScribeConfig
"{522D1D79-9C0A-4361-91F8-2AFF8EC6C2E1}" = CP_Package_Variety1
"{53EE9E42-CECB-4C92-BF76-9CA65DAF8F1C}" = FullDPAppQFolder
"{54F0998F-73C8-4b51-8286-FE903C231BED}" = cp_PosterPrintConfig
"{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Sonic Express Labeler
"{6815FCDD-401D-481E-BA88-31B4754C2B46}" = Macromedia Flash Player 8
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{766633B3-1AFA-44B6-A3FC-1DE991CD9C52}" = CP_Package_Basic1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79F8E1D4-36C1-439C-95FA-F695050B5B07}" = Sonic_PrimoSDK
"{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = TIPCI
"{80AE27BA-B0ED-4288-A8B9-D8194BCF4115}" = cp_UpdateProjectsConfig
"{869C3062-4745-4949-B6C9-98AF24D89030}" = PhotoGallery
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel® Graphics Media Accelerator Driver
"{91120409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Standard Edition 2003
"{9D4ABB0C-F60B-44A6-956C-A4A63D5495C9}" = CueTour
"{A01FC76F-CC09-4658-9E37-5C2F635EE708}" = TourSetup
"{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}" = HP Help and Support
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AB708C9B-97C8-4AC9-899B-DBF226AC9382}" = Sonic Audio Module
"{AC76BA86-7AD7-1033-7B44-A00000000001}" = Adobe Reader 6.0.1
"{AEF7A12C-CD9B-4773-8AD1-6916138CA7EA}" = SmartAudio
"{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support
"{B11E71BA-498C-42D4-9F1A-9D7A89D9DA61}" = CP_AtenaShokunin1Config
"{B12665F4-4E93-4AB4-B7FC-37053B524629}" = Sonic Copy Module
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B57F2FF0-5A25-4332-B503-4592B370C02F}" = CP_Package_Variety3
"{BBD3BF67-5B89-4CBB-BA58-5818ED5F3290}" = cp_OnlineProjectsConfig
"{BC96BBA7-C634-460E-AD18-A0A994213F80}" = HP User Guides--System Recovery
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{D755C7A3-C03E-4460-8C00-AC6E55505FB5}" = LightScribe 1.4.74.1
"{DB518BA6-CB74-4EB6-9ABD-880B6D6E1F38}" = HpSdpAppCoreApp
"{DB7E00C9-6DEF-489A-8112-D8F81614F45A}" = Vongo
"{E74E3D81-773B-4DCF-B706-50236F80BD81}" = HP User Guides 0019
"{FC8D25A7-FF1B-41BB-BB3B-9A06C0A60AE0}" = InstantShareDevices
"{FE57DE70-95DE-4B64-9266-84DA811053DB}" = HP Update
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player
"AIM_6" = AIM 6
"Bookworm® Deluxe" = Bookworm® Deluxe
"CNXT_HDAUDIO" = Conexant HD Audio
"CNXT_MODEM_HDAUDIO_CPL30A5m" = HDAUDIO Soft Data Fax Modem with SmartCP
"ERUNT_is1" = ERUNT 1.1j
"FrostWire" = FrostWire 4.17.2
"Google Updater" = Google Updater
"HijackThis" = HijackThis 2.0.2
"HP Game Console" = HP Game Console and games
"HP Imaging Device Functions" = HP Imaging Device Functions 6.0
"HP Photo & Imaging" = HP Photosmart Premier Software 6.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}" = Customer Experience Enhancement
"InstallShield_{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}" = Texas Instruments PCIxx21/x515/xx12 drivers.
"iWinArcade" = iWin Games (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"MSC" = McAfee SecurityCenter
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"Peggle Nights Deluxe 1.0" = Peggle Nights Deluxe 1.0
"Personal Guard 2009" = Personal Guard 2009
"PROSet" = Intel® PRO Network Connections Drivers
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"WildTangent CDA" = WildTangent Web Driver
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"Yahoo! Messenger" = Yahoo! Messenger
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 11/15/2009 9:36:38 PM | Computer Name = YOUR-09DEDAFE33 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 11/15/2009 9:37:09 PM | Computer Name = YOUR-09DEDAFE33 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 11/15/2009 9:41:59 PM | Computer Name = YOUR-09DEDAFE33 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 11/16/2009 12:11:30 AM | Computer Name = YOUR-09DEDAFE33 | Source = Application Hang | ID = 1002
Description = Hanging application SpybotSD.exe, version 1.6.2.46, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.
Error - 11/16/2009 12:12:51 AM | Computer Name = YOUR-09DEDAFE33 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 11/16/2009 12:20:25 AM | Computer Name = YOUR-09DEDAFE33 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 11/16/2009 12:59:42 AM | Computer Name = YOUR-09DEDAFE33 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 11/16/2009 1:18:11 AM | Computer Name = YOUR-09DEDAFE33 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 11/16/2009 1:18:11 AM | Computer Name = YOUR-09DEDAFE33 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
Error - 11/16/2009 1:19:11 AM | Computer Name = YOUR-09DEDAFE33 | Source = Application Hang | ID = 1002
Description = Hanging application iexplore.exe, version 8.0.6001.18702, hang module
hungapp, version 0.0.0.0, hang address 0x00000000.
[ System Events ]
Error - 11/16/2009 1:07:22 AM | Computer Name = YOUR-09DEDAFE33 | Source = Service Control Manager | ID = 7034
Description = The iWinTrusted service terminated unexpectedly. It has done this
1 time(s).
Error - 11/16/2009 1:07:22 AM | Computer Name = YOUR-09DEDAFE33 | Source = Service Control Manager | ID = 7034
Description = The LightScribeService Direct Disc Labeling Service service terminated
unexpectedly. It has done this 1 time(s).
Error - 11/16/2009 1:07:22 AM | Computer Name = YOUR-09DEDAFE33 | Source = Service Control Manager | ID = 7034
Description = The McAfee SiteAdvisor Service service terminated unexpectedly. It
has done this 1 time(s).
Error - 11/16/2009 1:07:22 AM | Computer Name = YOUR-09DEDAFE33 | Source = Service Control Manager | ID = 7031
Description = The McAfee Services service terminated unexpectedly. It has done
this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 11/16/2009 1:07:22 AM | Computer Name = YOUR-09DEDAFE33 | Source = Service Control Manager | ID = 7031
Description = The McAfee Network Agent service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 11/16/2009 1:07:22 AM | Computer Name = YOUR-09DEDAFE33 | Source = Service Control Manager | ID = 7031
Description = The McAfee Proxy Service service terminated unexpectedly. It has
done this 1 time(s). The following corrective action will be taken in 60000 milliseconds:
Restart the service.
Error - 11/16/2009 1:07:22 AM | Computer Name = YOUR-09DEDAFE33 | Source = Service Control Manager | ID = 7031
Description = The McAfee Real-time Scanner service terminated unexpectedly. It
has done this 1 time(s). The following corrective action will be taken in 60000
milliseconds: Restart the service.
Error - 11/16/2009 1:07:22 AM | Computer Name = YOUR-09DEDAFE33 | Source = Service Control Manager | ID = 7034
Description = The Viewpoint Manager Service service terminated unexpectedly. It
has done this 1 time(s).
Error - 11/16/2009 1:07:22 AM | Computer Name = YOUR-09DEDAFE33 | Source = Service Control Manager | ID = 7031
Description = The McAfee Personal Firewall Service service terminated unexpectedly.
It has done this 1 time(s). The following corrective action will be taken in
5000 milliseconds: Run the configured recovery program.
Error - 11/16/2009 1:07:22 AM | Computer Name = YOUR-09DEDAFE33 | Source = Service Control Manager | ID = 7034
Description = The iPod Service service terminated unexpectedly. It has done this
1 time(s).
< End of report >
Sign In
Create Account
