Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

think I have spyware or other bad problem

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

think I have spyware or other bad problem

Unread postby daffyd9 » January 27th, 2009, 4:56 am

I have a problem on my PC. My McAfee cannot catch it. I have tried Stopzilla. Spy Sweeper, Kapersky & it is still there. I used to go to Trend Micro about once a month to clean anything. Now, whatever it is will not let me even download scan from Trend Micro. I have tried to find bad program or?? but can't. The only hint of something is when I am shutting PC down. I get a message that something called
app.i171K32yRhwb54ghL.dzFyg.2[/b] is shutting down. Not sure what to do next.
I was able to download & run the highjack this program. Following is log file from that. Thank you for any help you can give me.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:35:13 AM, on 1/27/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bmwebcfg.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lxcjcoms.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\SnoopFreeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\COMPAQ\CPQ650TP\Ver. 2.3\LWBWHEEL.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\AT&T\Communication Manager\ATTCM.exe
C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\RegFixPro\RegFixPro.exe
C:\Program Files\Lexmark 8300 Series\ezprint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\SnoopFreeUI.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe
C:\Program Files\AT&T\Communication Manager\bmctl.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\AT&T\Communication Manager\bmop.exe
C:\Program Files\AOL 9.1c\waol.exe
C:\Program Files\AOL 9.1c\shellmon.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pogo.com/
R3 - URLSearchHook: IAOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - D:\Malware Remove\Stopzilla\SZSG.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar Loader - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - D:\Malware Remove\Stopzilla\SZIEBHO.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - D:\Malware Remove\Stopzilla\SZSG.dll
O4 - HKLM\..\Run: [ezShieldProtector for Px] "C:\WINDOWS\system32\ezSP_Px.exe"
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [LWBMOUSE] "C:\Program Files\COMPAQ\CPQ650TP\Ver. 2.3\LWBWHEEL.exe"
O4 - HKLM\..\Run: [HKSERV.EXE] "C:\Program Files\Sony\HotKey Utility\HKserv.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AT&T Communication Manager] "C:\Program Files\AT&T\Communication Manager\ATTCM.exe" -a
O4 - HKLM\..\Run: [HostManager] "C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe"
O4 - HKLM\..\Run: [lxcjmon.exe] "C:\Program Files\Lexmark 8300 Series\lxcjmon.exe"
O4 - HKLM\..\Run: [WrtMon.exe] "C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe"
O4 - HKLM\..\Run: [Logitech Utility] "C:\WINDOWS\Logi_MwX.Exe"
O4 - HKLM\..\Run: [VMConsole.exe] "C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe" /windowmin
O4 - HKLM\..\Run: [VAIO Recovery] "C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe"
O4 - HKLM\..\Run: [RegFixPro] "C:\Program Files\RegFixPro\RegFixPro.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 8300 Series\ezprint.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] "C:\WINDOWS\system32\dumprep.exe" 0 -k
O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SnoopFreeUI] SnoopFreeUI.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] "C:\PROGRA~1\McAfee\MHN\McENUI.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LXCJCATS] "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCJtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Microsoft Location Finder] "C:\Program Files\Microsoft Location Finder\LocationFinder.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] "C:\WINDOWS\system32\ctfmon.exe"
O4 - Startup: AOL Desktop.lnk = C:\Program Files\Common Files\AOL\Launch\aollaunch.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Hidden%20Expedition%20-%20Titanic/Images/stg_drm.ocx
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/PogoWe ... taller.CAB
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se4009.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4341918252
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v ... b56649.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Hidden%20Expedition%20-%20Titanic/Images/armhelper.ocx
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{114E7C94-FEE8-4F87-89A1-E36721445B5E}: NameServer = 209.183.54.151 209.183.54.151
O17 - HKLM\System\CS3\Services\Tcpip\..\{114E7C94-FEE8-4F87-89A1-E36721445B5E}: NameServer = 209.183.54.151 209.183.54.151
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AT&T RcAppSvc (ATTRcAppSvc) - PCTEL - C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe
O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxcj_device - - C:\WINDOWS\system32\lxcjcoms.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Snoop Free Service (SnoopFreeSvc) - Unknown owner - C:\WINDOWS\System32\SnoopFreeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe

--
End of file - 18024 bytes
daffyd9
Active Member
 
Posts: 11
Joined: January 26th, 2009, 7:56 pm
Advertisement
Register to Remove

Re: think I have spyware or other bad problem

Unread postby Axephilic » February 10th, 2009, 10:20 pm

Hello and sorry about the delay,

Welcome to the Malware Removal Forums! My name is Adam and I will be assisting you with getting the malware off of your computer. Please observe the following points before we start:
  1. If at any point you don't understand something, please let me know and I will be glad to expain or go more into depth for you. :)
  2. I am still in training, so my responses may take more time than usual because all of my posts must be checked by an expert or teacher.
    Also, please remember, I am a volunteer and I have a personal life. I go to school full time, have a part time job, and I do sports. A lot of this takes a lot of time.
  3. Please keep all of your replys in this topic/thread and do not make a new topic/thread, thanks!
  4. Please stick with this, don't stop responding because the symptoms are gone, the infection could still be there. Keep replying to my posts until I give you the All Clean message. ;)
  5. If you don't reply within five days after my last instructions this topic will be closed. If you will not be able to reply within five days please tell me so the topic will not be closed.
  6. Please do not run other tools to remove the malware unless I ask you to until I give you the all clean. They will just mess up my fixes and make things more complicated, not fix the problem.

If you still need help, please do the following:

Make an Uninstall List

Next, please make an uninstall list using HijackThis.
To access the Uninstall Manager you would do the following:

1. Start HijackThis
2. Click on the Config button
3. Click on the Misc Tools button
4. Click on the Open Uninstall Manager button.

Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here on your next reply. Please also include a new HijackThis log.

If you have not replied within 5 days, then I will assume that you no longer need help and this topic will be closed.

Regards,
Adam
User avatar
Axephilic
Retired Graduate
 
Posts: 2180
Joined: June 18th, 2007, 1:10 pm
Location: Wisconsin, US

Re: think I have spyware or other bad problem

Unread postby daffyd9 » February 11th, 2009, 8:23 pm

First, I would like to say thanks for any help. Following are the Hijack This log & uninstall log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:18:43 PM, on 2/11/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\bmwebcfg.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lxcjcoms.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\SnoopFreeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\COMPAQ\CPQ650TP\Ver. 2.3\LWBWHEEL.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\AT&T\Communication Manager\ATTCM.exe
C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe
C:\Program Files\Lexmark 8300 Series\lxcjmon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe
C:\Program Files\RegFixPro\RegFixPro.exe
C:\Program Files\Lexmark 8300 Series\ezprint.exe
C:\WINDOWS\SnoopFreeUI.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Microsoft Location Finder\LocationFinder.exe
D:\Malware Remove\Stopzilla\STOPzilla.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AT&T\Communication Manager\bmctl.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\AT&T\Communication Manager\bmop.exe
C:\Program Files\AOL 9.1c\waol.exe
C:\Program Files\AOL 9.1c\shellmon.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pogo.com/
R3 - URLSearchHook: IAOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - D:\Malware Remove\Stopzilla\SZSG.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar Loader - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - D:\Malware Remove\Stopzilla\SZIEBHO.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - D:\Malware Remove\Stopzilla\SZSG.dll
O4 - HKLM\..\Run: [ezShieldProtector for Px] "C:\WINDOWS\system32\ezSP_Px.exe"
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [LWBMOUSE] "C:\Program Files\COMPAQ\CPQ650TP\Ver. 2.3\LWBWHEEL.exe"
O4 - HKLM\..\Run: [HKSERV.EXE] "C:\Program Files\Sony\HotKey Utility\HKserv.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AT&T Communication Manager] "C:\Program Files\AT&T\Communication Manager\ATTCM.exe" -a
O4 - HKLM\..\Run: [HostManager] "C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe"
O4 - HKLM\..\Run: [lxcjmon.exe] "C:\Program Files\Lexmark 8300 Series\lxcjmon.exe"
O4 - HKLM\..\Run: [WrtMon.exe] "C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe"
O4 - HKLM\..\Run: [Logitech Utility] "C:\WINDOWS\Logi_MwX.Exe"
O4 - HKLM\..\Run: [VMConsole.exe] "C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe" /windowmin
O4 - HKLM\..\Run: [VAIO Recovery] "C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe"
O4 - HKLM\..\Run: [RegFixPro] "C:\Program Files\RegFixPro\RegFixPro.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 8300 Series\ezprint.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] "C:\WINDOWS\system32\dumprep.exe" 0 -k
O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SnoopFreeUI] SnoopFreeUI.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] "C:\PROGRA~1\McAfee\MHN\McENUI.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKLM\..\Run: [LXCJCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCJtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [Microsoft Location Finder] "C:\Program Files\Microsoft Location Finder\LocationFinder.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] "C:\WINDOWS\system32\ctfmon.exe"
O4 - Startup: AOL Desktop.lnk = C:\Program Files\Common Files\AOL\Launch\aollaunch.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Hidden%20Expedition%20-%20Titanic/Images/stg_drm.ocx
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/PogoWe ... taller.CAB
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se4009.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4341918252
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v ... b56649.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Hidden%20Expedition%20-%20Titanic/Images/armhelper.ocx
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{114E7C94-FEE8-4F87-89A1-E36721445B5E}: NameServer = 209.183.54.151 209.183.54.151
O17 - HKLM\System\CS3\Services\Tcpip\..\{114E7C94-FEE8-4F87-89A1-E36721445B5E}: NameServer = 209.183.54.151 209.183.54.151
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AT&T RcAppSvc (ATTRcAppSvc) - PCTEL - C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe
O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxcj_device - - C:\WINDOWS\system32\lxcjcoms.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Snoop Free Service (SnoopFreeSvc) - Unknown owner - C:\WINDOWS\System32\SnoopFreeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe

--
End of file - 17999 bytes

ABBYY FineReader 6.0 Sprint
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.3
Adobe Shockwave Player 11
AIM 6
Aim Plugin for QQ Games
AIMTunes
Amazon MP3 Downloader 1.0.3
AOL Toolbar for Internet Explorer
AOL Uninstaller (Choose which Products to Remove)
Apple Mobile Device Support
Apple Software Update
Aqua Bubble (CD version)
ArcSoft Software Suite
AT&T Communication Manager
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
Avery Wizard 1.1 for Microsoft Word 97
Bejeweled 2 Deluxe 1.0
Boggle
Bonjour
Buddy Icon Maker 1.0.0.1
Cake Mania Deluxe
Colorizer 1.0.0.1
CPQ650TP Ver. 2.3
DesignPro 5.4 Limited Edition
Diamond Drop (CD version)
Digital Giggles
Disney Interactive Compatibility Update May 2002
Driver Installer
DUXUS CLOCK FONT (1.0.0)
DVgate Plus
Enhanced Font List for Word 97 (VBA PowerTool)
Face Dough
Family Album Screen Saver
Hidden Expedition - Titanic
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HotKey Utility
Hoyle Card Games 2005
InterVideo WinDVD 5 for VAIO
iTunes
Jasc Paint Shop Pro 8
Java(TM) 6 Update 11
Juice 2.2
Kodak One-Touch Printing Solution SDK
Kybtec World Clock 3.3.1.1
LAN-Express AS IEEE 802.11 Wireless LAN
Learn2 Player (Uninstall Only)
Lexmark 8300 Series
LivePix 1.0
Logitech Desktop Messenger
Logitech MouseWare 9.79
Logitech Resource Center
Mahjongg Master 5
Malwarebytes' Anti-Malware
McAfee SecurityCenter
Memory Stick Formatter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Location Finder
Microsoft National Language Support Downlevel APIs
Microsoft Office 97 Unique Identifier Removal Tool
Microsoft Office 97, Professional Edition
Microsoft Publisher 2002
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Works 7.0
MobileMe Control Panel
MoodLogic
Moraff's SphereJongg 5.1
MS The Dolphin Assistant(Remove only)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
MSXML 6.0 Parser (KB933579)
Nokia Connectivity Adapter Cable DKU-5
OpenMG Limited Patch 3.4-03-12-16-01
OpenMG Secure Module 3.4.00
Outlook 3 Pane Message Preview Extension (Remove only)
Photo Viewer 2.4
Picture Package Music Transfer
PictureGear Studio 2.0
Presto! Forms 3.50.02
Presto! PageManager 7.12.10
Print to Fax
Puppy Album
Puzzle Master 3
QQ Games
Quicken 2004
QuickTime
RealPlayer
RegFixPro
RegFixPro
Safari
Sandlot Games Client Services
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
SnoopFree Privacy Shield
SoftV92 Data Fax Modem with SmartCP
SonicStage 2.0.02
Sony Certificate PCH
Sony Download Taxi 1.5.0.0
Sony Notebook Setup
Sony Picture Utility
Sony USB Driver
Sony USB Mouse
Sony Utilities DLL
Sony Video Shared Library
Sony XBRITE Screen Saver
Spelling Dictionaries Support For Adobe Reader 8
Spy Sweeper
Spy Sweeper Core
STOPzilla
Super Bubble Pop
TurboTax Deluxe Deduction Maximizer 2006
TurboTax ItsDeductible 2006
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
VAIO Entertainment Platform
VAIO Help and Support
VAIO Media 3.0
VAIO Media Integrated Server 3.0
VAIO Media Redistribution 3.0
VAIO Power Management
VAIO Registration
VAIO SLIT Pattern Wallpaper
VAIO SLIT-C Screen Saver
VAIO Survey Standalone
VAIO Update 2
Viewpoint Media Player
Virtual Earth 3D (Beta)
VIVA MEDIA GAME CENTER
Welcome to VAIO life
WexTech AnswerWorks
Wild Photo Effects
Windows Imaging Component
Windows Installer Clean Up
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Presentation Foundation
Windows XP Service Pack 3
Yahoo! Messenger
Yahoo! Toolbar
Your Photo Here
daffyd9
Active Member
 
Posts: 11
Joined: January 26th, 2009, 7:56 pm

Re: think I have spyware or other bad problem

Unread postby Axephilic » February 12th, 2009, 5:44 pm

Just letting you know, I have researched your logs and will post a response as soon as I can. I am waiting for a Teacher to approve my post because I am still in training, and they are a bit backed up right now.

Regards,
Adam
User avatar
Axephilic
Retired Graduate
 
Posts: 2180
Joined: June 18th, 2007, 1:10 pm
Location: Wisconsin, US

Re: think I have spyware or other bad problem

Unread postby Axephilic » February 14th, 2009, 12:31 pm

Hi there, I can't see anything in any logs so far. I will investigate a little further. Are you still experiencing the problems you described in your first post?

RSIT
  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Run GMER
Please download gmer.zip from Gmer and save it to your desktop.

  1. Right click on gmer.zip and select Extract All....
  2. Click Next on seeing the Welcome to the Compressed (zipped) Folders Extraction Wizard.
  3. Click on the Browse button. Click on Desktop. Then click OK.
  4. Click Next. It will start extracting.
  5. Once done, check (tick) the Show extracted files box and click Finish.
  6. Double click on gmer.exe to run it.
  7. Select the Rootkit tab.
  8. On the right hand side, check all the items to be scanned, but leave Show All box unchecked.
  9. Select all drives that are connected to your system to be scanned.
  10. Click on the Scan button.
  11. When the scan is finished, click Copy to save the scan log to the Windows clipboard.
  12. Open Notepad or a similar text editor.
  13. Paste the clipboard contents into the text editor.
  14. Save the Gmer scan log and post it in your next reply.
  15. Close Gmer.
  16. Open Command Prompt by going to Start > Run and type in cmd. Press Enter.
  17. In Command Prompt, type in net stop gmer. Press Enter.
  18. Type in exit to close Command Prompt.

Note: Do not run any programs while Gmer is running.

In your next reply, please include:
  1. Both RSIT logs
  2. GMER log
  3. A new HijackThis log

Regards,
Adam
User avatar
Axephilic
Retired Graduate
 
Posts: 2180
Joined: June 18th, 2007, 1:10 pm
Location: Wisconsin, US

Re: think I have spyware or other bad problem

Unread postby daffyd9 » February 15th, 2009, 7:19 pm

Hello. Yes I am still having same problems. I haven't been able to follow your latest directions yet. I have tried for 2 days to get the GMER.zip but their web site never loads or responds. I will try again later or tomorrow.
Thanks
daffyd9
Active Member
 
Posts: 11
Joined: January 26th, 2009, 7:56 pm

Re: think I have spyware or other bad problem

Unread postby Axephilic » February 15th, 2009, 7:22 pm

Yes, it looks like the GMER site is down right now. If it's not up by tomorrow I will post new instructions for you. :)

Regards,
Adam
User avatar
Axephilic
Retired Graduate
 
Posts: 2180
Joined: June 18th, 2007, 1:10 pm
Location: Wisconsin, US

Re: think I have spyware or other bad problem

Unread postby Axephilic » February 15th, 2009, 8:30 pm

Hi, could you please download GMER from this link instead: http://majorgeeks.com/GMER_d5198.html

:)

Thanks,
Adam
User avatar
Axephilic
Retired Graduate
 
Posts: 2180
Joined: June 18th, 2007, 1:10 pm
Location: Wisconsin, US

Re: think I have spyware or other bad problem

Unread postby daffyd9 » February 16th, 2009, 11:05 pm

Hello again. I downloaded GMER from the other site. Had problems when using it. Tried several times all day to get it to work. It would run for a while each time & then would say it was stopped. Then I would get a little window saying
Warning GMER has found system modification caused by ROOTKIT activity

I went ahead & copied what it had at the time of closing & will include here. Thanks again, Della

Logfile of random's system information tool 1.05 (written by random/random)
Run by Della at 2009-02-16 14:29:14
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 18 GB (45%) free of 40 GB
Total RAM: 959 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:29:32 PM, on 2/16/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lxcjcoms.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\SnoopFreeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\bmwebcfg.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\COMPAQ\CPQ650TP\Ver. 2.3\LWBWHEEL.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe
C:\Program Files\Lexmark 8300 Series\lxcjmon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\RegFixPro\RegFixPro.exe
C:\Program Files\Lexmark 8300 Series\ezprint.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\SnoopFreeUI.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Location Finder\LocationFinder.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\System32\msiexec.exe
D:\Malware Remove\random's system information tool (RSIT)\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Della.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pogo.com/
R3 - URLSearchHook: IAOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar Loader - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [ezShieldProtector for Px] "C:\WINDOWS\system32\ezSP_Px.exe"
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [LWBMOUSE] "C:\Program Files\COMPAQ\CPQ650TP\Ver. 2.3\LWBWHEEL.exe"
O4 - HKLM\..\Run: [HKSERV.EXE] "C:\Program Files\Sony\HotKey Utility\HKserv.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AT&T Communication Manager] "C:\Program Files\AT&T\Communication Manager\ATTCM.exe" -a
O4 - HKLM\..\Run: [HostManager] "C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe"
O4 - HKLM\..\Run: [lxcjmon.exe] "C:\Program Files\Lexmark 8300 Series\lxcjmon.exe"
O4 - HKLM\..\Run: [WrtMon.exe] "C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe"
O4 - HKLM\..\Run: [Logitech Utility] "C:\WINDOWS\Logi_MwX.Exe"
O4 - HKLM\..\Run: [VMConsole.exe] "C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe" /windowmin
O4 - HKLM\..\Run: [VAIO Recovery] "C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe"
O4 - HKLM\..\Run: [RegFixPro] "C:\Program Files\RegFixPro\RegFixPro.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 8300 Series\ezprint.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] "C:\WINDOWS\system32\dumprep.exe" 0 -k
O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SnoopFreeUI] SnoopFreeUI.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] "C:\PROGRA~1\McAfee\MHN\McENUI.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCJCATS] "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCJtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [Microsoft Location Finder] "C:\Program Files\Microsoft Location Finder\LocationFinder.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] "C:\WINDOWS\system32\ctfmon.exe"
O4 - Startup: AOL Desktop.lnk = C:\Program Files\Common Files\AOL\Launch\aollaunch.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Hidden%20Expedition%20-%20Titanic/Images/stg_drm.ocx
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/PogoWe ... taller.CAB
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se4009.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4341918252
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v ... b56649.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Hidden%20Expedition%20-%20Titanic/Images/armhelper.ocx
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{114E7C94-FEE8-4F87-89A1-E36721445B5E}: NameServer = 209.183.54.151 209.183.54.151
O17 - HKLM\System\CS3\Services\Tcpip\..\{114E7C94-FEE8-4F87-89A1-E36721445B5E}: NameServer = 209.183.54.151 209.183.54.151
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AT&T RcAppSvc (ATTRcAppSvc) - PCTEL - C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe
O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxcj_device - - C:\WINDOWS\system32\lxcjcoms.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Snoop Free Service (SnoopFreeSvc) - Unknown owner - C:\WINDOWS\System32\SnoopFreeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe

--
End of file - 16334 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\McDefragTask.job
C:\WINDOWS\tasks\McQcTask.job
C:\WINDOWS\tasks\RegClean Scheduled Scan.job
C:\WINDOWS\tasks\RegFixPro Scan.job
C:\WINDOWS\tasks\Registration reminder 2.job
C:\WINDOWS\tasks\Registration reminder 3.job
C:\WINDOWS\tasks\RegistrySmart Scheduled Scan.job
C:\WINDOWS\tasks\wrSpySweeper_LF4EDF9159123427B94E9DBE5B2B7871B.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2008-10-17 247312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-14 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar Loader - C:\Program Files\AOL Toolbar\aoltb.dll [2008-07-07 1275232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2008-06-20 58688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-12-14 392240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll [2007-11-06 654832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-11-14 150032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-14 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-14 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
SITEguard
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL Toolbar\aoltb.dll [2008-07-07 1275232]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-11-14 150032]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ezShieldProtector for Px"=C:\WINDOWS\system32\ezSP_Px.exe [2002-08-20 40960]
"VAIO Update 2"=C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe [2004-01-17 135168]
"SonyPowerCfg"=C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2003-12-11 167936]
"LWBMOUSE"=C:\Program Files\COMPAQ\CPQ650TP\Ver. 2.3\LWBWHEEL.exe [2003-05-18 438272]
"HKSERV.EXE"=C:\Program Files\Sony\HotKey Utility\HKserv.exe [2004-02-12 98304]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-04-27 335872]
"AT&T Communication Manager"=C:\Program Files\AT&T\Communication Manager\ATTCM.exe [2007-10-18 33280]
"HostManager"=C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [2008-06-24 41824]
"lxcjmon.exe"=C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [2007-01-30 205744]
"WrtMon.exe"=C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe [2006-09-20 20480]
"Logitech Utility"=C:\WINDOWS\Logi_MwX.Exe [2003-11-07 19968]
"VMConsole.exe"=C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe [2004-02-25 536576]
"VAIO Recovery"=C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe [2003-04-19 28672]
"RegFixPro"=C:\Program Files\RegFixPro\RegFixPro.exe [2008-12-17 30224384]
"EzPrint"=C:\Program Files\Lexmark 8300 Series\ezprint.exe [2007-01-30 103344]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep.exe [2008-04-13 10752]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-11-07 111936]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-12-22 185896]
"SnoopFreeUI"=C:\WINDOWS\SnoopFreeUI.exe [2008-08-16 221184]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2008-07-11 641208]
"McENUI"=C:\PROGRA~1\McAfee\MHN\McENUI.exe [2008-06-13 1176808]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-14 136600]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
"LXCJCATS"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCJtime.dll [2006-11-21 106496]
"SpySweeper"=C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe [2008-11-13 6273400]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Location Finder"=C:\Program Files\Microsoft Location Finder\LocationFinder.exe [2006-11-14 121640]
"Yahoo! Pager"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2007-08-30 4670704]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Office Startup.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE
Quicken Scheduled Updates.lnk - C:\Program Files\Quicken\bagent.exe

C:\Documents and Settings\Della\Start Menu\Programs\Startup
AOL Desktop.lnk - C:\Program Files\Common Files\AOL\Launch\aollaunch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-04-27 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL Connectivity Service"
"C:\Program Files\Common Files\AOL\1188181604\ee\aolsoftware.exe"="C:\Program Files\Common Files\AOL\1188181604\ee\aolsoftware.exe:*:Enabled:AOL Shared Components"
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe"="C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed"
"C:\Program Files\Common Files\AOL\System Information\sinf.exe"="C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\lxcjcoms.exe"="C:\WINDOWS\system32\lxcjcoms.exe:*:Enabled:8300 Series Server"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxcjpswx.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxcjpswx.exe:*:Enabled:8300 Series Printer Status"
"C:\Program Files\AOL 9.1\waol.exe"="C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL 9.1"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe"="C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe:*:Enabled:AOL Desktop"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\AOL 9.1a\waol.exe"="C:\Program Files\AOL 9.1a\waol.exe:*:Enabled:AOL 9.1a"
"C:\Program Files\AOL 9.1b\waol.exe"="C:\Program Files\AOL 9.1b\waol.exe:*:Enabled:AOL 9.1b"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\AOL 9.1c\waol.exe"="C:\Program Files\AOL 9.1c\waol.exe:*:Enabled:AOL 9.1c"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
"C:\Program Files\AOL 9.1\waol.exe"="C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL 9.1"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\AOL 9.1a\waol.exe"="C:\Program Files\AOL 9.1a\waol.exe:*:Enabled:AOL 9.1a"
"C:\Program Files\AOL 9.1b\waol.exe"="C:\Program Files\AOL 9.1b\waol.exe:*:Enabled:AOL 9.1b"
"C:\Program Files\AOL 9.1c\waol.exe"="C:\Program Files\AOL 9.1c\waol.exe:*:Enabled:AOL 9.1c"

======List of files/folders created in the last 1 months======

2009-02-16 14:29:14 ----D---- C:\rsit
2009-02-07 17:38:42 ----D---- C:\Program Files\iPod
2009-02-07 17:37:30 ----D---- C:\Program Files\iTunes
2009-02-07 17:37:30 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-26 16:12:56 ----D---- C:\Documents and Settings\Della\Application Data\Malwarebytes
2009-01-26 16:12:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-26 16:12:42 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-26 16:08:37 ----D---- C:\Program Files\Trend Micro

======List of files/folders modified in the last 1 months======

2009-02-16 14:29:19 ----D---- C:\WINDOWS\Temp
2009-02-16 14:26:20 ----A---- C:\WINDOWS\win.ini
2009-02-16 14:25:04 ----SHD---- C:\WINDOWS\Installer
2009-02-16 14:25:03 ----D---- C:\WINDOWS\WinSxS
2009-02-16 14:25:02 ----D---- C:\WINDOWS\SxsCaPendDel
2009-02-16 14:24:07 ----SHD---- C:\Config.Msi
2009-02-16 14:23:56 ----D---- C:\WINDOWS\system32
2009-02-16 14:20:25 ----A---- C:\WINDOWS\ModemLog_GlobeTrotter HSDPA Modem Interface.txt
2009-02-16 14:16:02 ----D---- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2009-02-16 13:55:01 ----D---- C:\WINDOWS\system32\drivers
2009-02-16 13:48:11 ----SD---- C:\WINDOWS\Tasks
2009-02-16 01:37:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-15 20:39:57 ----D---- C:\Documents and Settings\All Users\Application Data\SITEguard
2009-02-15 00:38:33 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-02-15 00:38:29 ----D---- C:\Program Files\Hidden Expedition - Titanic
2009-02-14 14:58:13 ----D---- C:\Program Files\Lx_cats
2009-02-13 00:18:44 ----D---- C:\Documents and Settings\Della\Application Data\iPodder
2009-02-07 17:38:42 ----RD---- C:\Program Files
2009-02-07 17:37:21 ----D---- C:\Program Files\Common Files\Apple
2009-02-07 17:30:13 ----D---- C:\Program Files\QuickTime
2009-02-05 02:39:35 ----D---- C:\WINDOWS\Prefetch
2009-02-01 21:38:21 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-01 16:03:54 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-01-19 02:20:28 ----SD---- C:\WINDOWS\Downloaded Program Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DMICall;Sony DMI Call service; C:\WINDOWS\System32\DRIVERS\DMICall.sys [2000-12-05 3952]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2008-06-27 207656]
R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2008-06-02 120136]
R1 tcpipBM;Bytemobile Kernel Network Provider; C:\WINDOWS\system32\drivers\tcpipBM.sys [2007-10-18 18816]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-03-31 12032]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-12-11 391424]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-03-23 613244]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\System32\DRIVERS\Apfiltr.sys [2003-09-29 94601]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-04-03 1333152]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2004-04-27 729088]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GTFFBUS;GT FF BUS; C:\WINDOWS\system32\DRIVERS\gtffbus.sys [2007-06-15 17024]
R3 GTMNDISIRPXP;GT M 3G+ IRP NDIS; C:\WINDOWS\system32\DRIVERS\Gtm51Irp.sys [2007-06-15 120960]
R3 GTPTSER;GT PT SER; C:\WINDOWS\system32\DRIVERS\gtptser.sys [2007-06-15 8064]
R3 GTUQBUS;GT UQ BUS; C:\WINDOWS\system32\DRIVERS\gtuqbus.sys [2007-06-15 36992]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2003-12-11 1042432]
R3 HSFHWALI;HSFHWALI; C:\WINDOWS\System32\DRIVERS\HSFHWALI.sys [2003-12-11 196736]
R3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys [2003-11-07 25502]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys [2003-11-07 70798]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2008-06-27 79240]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2008-06-27 35240]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2008-06-27 40488]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-10-18 26368]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2003-03-31 5888]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-02-25 105088]
R3 SNC;Sony Notebook Control Device; C:\WINDOWS\System32\Drivers\SonyNC.sys [2000-11-09 48896]
R3 SSKBFD;Webroot Spy Sweeper Keylogger Shield Keyboard Filter; C:\WINDOWS\System32\Drivers\sskbfd.sys [2006-10-08 21056]
R3 swmsflt;swmsflt; C:\WINDOWS\System32\drivers\swmsflt.sys [2007-10-18 25736]
R3 tifmsony;tifmsony; C:\WINDOWS\system32\drivers\tifmsony.sys [2004-03-04 64512]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\System32\DRIVERS\wanatw4.sys [2003-01-10 33588]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2003-12-11 681344]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
S3 LEX_AS_NIC_SERVICE_YNOS;LAN-Express AS IEEE 802.11g Wireless Network Adapter Service; C:\WINDOWS\System32\DRIVERS\ExpasAG.sys [2004-03-02 379328]
S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2008-06-20 34152]
S3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCTINDIS5.SYS []
S3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\System32\DRIVERS\Rtlnic51.sys [2003-11-07 67712]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 ATWPKT2;ATWPKT2; \??\C:\WINDOWS\system32\drivers\ATWPKT2.SYS []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2004-04-27 397312]
R2 bmwebcfg;Bytemobile Web Configurator; C:\WINDOWS\system32\bmwebcfg.exe [2007-10-18 118784]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-14 152984]
R2 lxcj_device;lxcj_device; C:\WINDOWS\system32\lxcjcoms.exe [2007-01-30 537520]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2008-12-05 206096]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-10-10 792696]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-07-18 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2008-07-09 358736]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2008-06-20 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2008-07-09 884360]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2008-07-09 25416]
R2 SNMP;SNMP Service; C:\WINDOWS\System32\snmp.exe [2008-04-13 33280]
R2 SnoopFreeSvc;Snoop Free Service; C:\WINDOWS\System32\SnoopFreeSvc.exe [2008-08-16 90112]
R2 VAIO Entertainment File Import Service;VAIO Entertainment File Import Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe [2004-03-12 86098]
R2 VAIOMediaPlatform-IntegratedServer-AppServer;VAIO Media Integrated Server; C:\Program Files\Sony\vaio media integrated server\VMISrv.exe [2004-03-12 1691648]
R2 VAIOMediaPlatform-IntegratedServer-HTTP;VAIO Media Integrated Server (HTTP); C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe [2004-02-25 57344]
R2 VAIOMediaPlatform-IntegratedServer-UPnP;VAIO Media Integrated Server (UPnP); C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe [2004-02-25 737280]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 WANMiniportService;WAN Miniport (ATW) Service; C:\WINDOWS\wanmpsvc.exe [2003-08-27 65536]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine; C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe [2008-11-12 3667312]
R2 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [2008-11-13 1086840]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2008-09-16 605512]
S2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe [2008-07-30 41768]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-02 182768]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 ATTRcAppSvc;AT&T RcAppSvc; C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe [2007-10-18 109080]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 MBackMonitor;MBackMonitor; C:\Program Files\McAfee\MBK\MBackMonitor.exe [2008-07-10 66848]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2008-06-20 361800]
S3 PACSPTISVR;PACSPTISVR; C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE [2003-12-09 65625]
S3 SNMPTRAP;SNMP Trap Service; C:\WINDOWS\System32\snmptrap.exe [2008-04-13 8704]
S3 SPTISRV;Sony SPTI Service; C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe [2003-12-09 65622]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 VAIO Entertainment Aggregation and Control Service;VAIO Entertainment Aggregation and Control Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe [2004-03-12 118784]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [2004-03-12 69632]
S3 VAIO Entertainment UPnP Client Adapter;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe [2004-03-12 278528]
S3 VAIOMediaPlatform-Mobile-Gateway;VAIO Media Gateway Server; C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe [2004-03-05 184320]
S3 VAIOMediaPlatform-VideoServer-AppServer;VAIO Media Video Server; C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe [2003-10-30 1286144]
S3 VAIOMediaPlatform-VideoServer-HTTP;VAIO Media Video Server (HTTP); C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe [2004-02-25 57344]
S3 VAIOMediaPlatform-VideoServer-UPnP;VAIO Media Video Server (UPnP); C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe [2004-02-25 737280]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------

ABBYY FineReader 6.0 Sprint
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.3
Adobe Shockwave Player 11
AIM 6
Aim Plugin for QQ Games
AIMTunes
Amazon MP3 Downloader 1.0.3
AOL Toolbar for Internet Explorer
AOL Uninstaller (Choose which Products to Remove)
Apple Mobile Device Support
Apple Software Update
Aqua Bubble (CD version)
ArcSoft Software Suite
AT&T Communication Manager
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
Avery Wizard 1.1 for Microsoft Word 97
Bejeweled 2 Deluxe 1.0
Boggle
Bonjour
Buddy Icon Maker 1.0.0.1
Cake Mania Deluxe
Colorizer 1.0.0.1
CPQ650TP Ver. 2.3
DesignPro 5.4 Limited Edition
Diamond Drop (CD version)
Digital Giggles
Disney Interactive Compatibility Update May 2002
Driver Installer
DUXUS CLOCK FONT (1.0.0)
DVgate Plus
Enhanced Font List for Word 97 (VBA PowerTool)
Face Dough
Family Album Screen Saver
Hidden Expedition - Titanic
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HotKey Utility
Hoyle Card Games 2005
InterVideo WinDVD 5 for VAIO
iTunes
Jasc Paint Shop Pro 8
Java(TM) 6 Update 11
Juice 2.2
Kodak One-Touch Printing Solution SDK
Kybtec World Clock 3.3.1.1
LAN-Express AS IEEE 802.11 Wireless LAN
Learn2 Player (Uninstall Only)
Lexmark 8300 Series
LivePix 1.0
Logitech Desktop Messenger
Logitech MouseWare 9.79
Logitech Resource Center
Mahjongg Master 5
Malwarebytes' Anti-Malware
McAfee SecurityCenter
Memory Stick Formatter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Location Finder
Microsoft National Language Support Downlevel APIs
Microsoft Office 97 Unique Identifier Removal Tool
Microsoft Office 97, Professional Edition
Microsoft Publisher 2002
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Works 7.0
MobileMe Control Panel
MoodLogic
Moraff's SphereJongg 5.1
MS The Dolphin Assistant(Remove only)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
MSXML 6.0 Parser (KB933579)
Nokia Connectivity Adapter Cable DKU-5
OpenMG Limited Patch 3.4-03-12-16-01
OpenMG Secure Module 3.4.00
Outlook 3 Pane Message Preview Extension (Remove only)
Photo Viewer 2.4
Picture Package Music Transfer
PictureGear Studio 2.0
Presto! Forms 3.50.02
Presto! PageManager 7.12.10
Print to Fax
Puppy Album
Puzzle Master 3
QQ Games
Quicken 2004
QuickTime
RealPlayer
RegFixPro
RegFixPro
Safari
Sandlot Games Client Services
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
SnoopFree Privacy Shield
SoftV92 Data Fax Modem with SmartCP
SonicStage 2.0.02
Sony Certificate PCH
Sony Download Taxi 1.5.0.0
Sony Notebook Setup
Sony Picture Utility
Sony USB Driver
Sony USB Mouse
Sony Utilities DLL
Sony Video Shared Library
Sony XBRITE Screen Saver
Spelling Dictionaries Support For Adobe Reader 8
Spy Sweeper
Spy Sweeper Core
STOPzilla
Super Bubble Pop
TurboTax Deluxe Deduction Maximizer 2006
TurboTax ItsDeductible 2006
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
VAIO Entertainment Platform
VAIO Help and Support
VAIO Media 3.0
VAIO Media Integrated Server 3.0
VAIO Media Redistribution 3.0
VAIO Power Management
VAIO Registration
VAIO SLIT Pattern Wallpaper
VAIO SLIT-C Screen Saver
VAIO Survey Standalone
VAIO Update 2
Viewpoint Media Player
Virtual Earth 3D (Beta)
VIVA MEDIA GAME CENTER
Welcome to VAIO life
WexTech AnswerWorks
Wild Photo Effects
Windows Imaging Component
Windows Installer Clean Up
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Presentation Foundation
Windows XP Service Pack 3
Yahoo! Messenger
Yahoo! Toolbar
Your Photo Here


GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2009-02-16 18:28:12
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.14 ----

SSDT 867763E0 ZwAllocateVirtualMemory
SSDT 867C0418 ZwCreateKey
SSDT 86788208 ZwCreateProcess
SSDT 86775478 ZwCreateProcessEx
SSDT 867766B0 ZwCreateThread
SSDT 867DE620 ZwDeleteKey
SSDT 867E0818 ZwDeleteValueKey
SSDT 86776458 ZwQueueApcThread
SSDT 867762F0 ZwReadVirtualMemory
SSDT 86799710 ZwRenameKey
SSDT 86776548 ZwSetContextThread
SSDT 867E9390 ZwSetInformationKey
SSDT 867767A0 ZwSetInformationProcess
SSDT 867765C0 ZwSetInformationThread
SSDT 867E0400 ZwSetValueKey
SSDT 86776728 ZwSuspendProcess
SSDT 867764D0 ZwSuspendThread
SSDT 86776020 ZwTerminateProcess
SSDT 86776638 ZwTerminateThread
SSDT 86776368 ZwWriteVirtualMemory

Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateFile [0xB18429C8]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwEnumerateKey [0xB1842B05]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwEnumerateValueKey [0xB1842AEF]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwMapViewOfSection [0xB1842A08]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwNotifyChangeKey [0xB1842B31]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenKey [0xB1842A4B]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenProcess [0xB1842950]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenThread [0xB1842964]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwProtectVirtualMemory [0xB18429DC]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwQueryKey [0xB1842B6D]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwQueryMultipleValueKey [0xB1842AD9]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwQueryValueKey [0xB1842AC3]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwReplaceKey [0xB1842B59]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwRestoreKey [0xB1842B45]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwUnloadKey [0xB1842B1B]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0xB1842A1E]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwYieldExecution [0xB18429F2]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtCreateFile
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtMapViewOfSection
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtOpenProcess
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtOpenThread

---- Kernel code sections - GMER 1.0.14 ----

.text ntoskrnl.exe!ZwYieldExecution 804F0EA6 7 Bytes JMP B18429F6 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
.text ntoskrnl.exe!ZwYieldExecution 804F0EA6 7 Bytes JMP B18429F6 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE
PAGE ntoskrnl.exe!ZwOpenKey 80568D59 5 Bytes JMP B1842A4F \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwQueryValueKey 8056A1F2 7 Bytes JMP B1842AC7 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwQueryValueKey 8056A1F2 7 Bytes JMP B1842AC7 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!NtCreateFile 8056CDC0 5 Bytes JMP B18429CC \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!NtCreateFile
PAGE ntoskrnl.exe!ZwQueryKey 80570A6D 7 Bytes JMP B1842B71 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwQueryKey 80570A6D 7 Bytes JMP B1842B71 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwEnumerateKey 80570D64 7 Bytes JMP B1842B09 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwEnumerateKey 80570D64 7 Bytes JMP B1842B09 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!NtOpenProcess 805717C7 5 Bytes JMP B1842954 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!NtOpenProcess 805717C7 5 Bytes JMP B1842954 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwProtectVirtualMemory 80571CB1 7 Bytes JMP B18429E0 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwProtectVirtualMemory 80571CB1 7 Bytes JMP B18429E0 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwUnmapViewOfSection 805736E6 5 Bytes JMP B1842A22 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!NtMapViewOfSection
PAGE ntoskrnl.exe!ZwUnmapViewOfSection 80573B61 7 Bytes JMP B1842A0C \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!NtMapViewOfSection 80573B61 7 Bytes JMP B1842A0C \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!NtOpenThread 8058A1C9 5 Bytes JMP B1842968 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!NtOpenThread
PAGE ntoskrnl.exe!ZwNotifyChangeKey 8058A699 5 Bytes JMP B1842B35 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwEnumerateValueKey 80590677 7 Bytes JMP B1842AF3 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwNotifyChangeKey 8058A699 5 Bytes JMP B1842B35 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE
PAGE ntoskrnl.exe!ZwUnloadKey 8064DA12 7 Bytes JMP B1842B1F \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwQueryMultipleValueKey 8064E338 7 Bytes JMP B1842ADD \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwRestoreKey
PAGE ntoskrnl.exe!ZwUnloadKey 8064ECA9 5 Bytes JMP B1842B49 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwReplaceKey 8064F112 5 Bytes JMP B1842B5D \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwQueryMultipleValueKey 8064E338 7 Bytes JMP B1842ADD \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwRestoreKey 8064ECA9 5 Bytes JMP B1842B49 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwReplaceKey 8064F112 5 Bytes JMP B1842B5D \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
? szkg.sys The system cannot find the file specified. !
? szkg.sys The system cannot find the file specified. !
? C:\WINDOWS\system32\drivers\SnopFree.sys The process cannot access the file because it is being used by another process.
? C:\WINDOWS\system32\drivers\SnopFree.sys The process cannot access the file because it is being used by another process.

---- User code sections - GMER 1.0.14 ----

.text C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 021855A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 021852B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 021855A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 021852B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe[560] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 0041BF60 c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee Proxy Service Module/McAfee, Inc.)
.text c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe[560] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 0041BF60 c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee Proxy Service Module/McAfee, Inc.)
.text c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe[560] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 0041BFE0 c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee Proxy Service Module/McAfee, Inc.)
.text c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe[560] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 0041BFE0 c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee Proxy Service Module/McAfee, Inc.)
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00070000
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00070F8D
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070082
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00070F9E
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00070051
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00070FC0
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 000700A4
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00070093
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000700BF
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070F26
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 000700D0
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00070FAF
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00070011
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00070F68
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00070FDB
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 0007002C
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00070F4B
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00060022
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00060F80
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00060011
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00060000
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 0006003D
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00060FEF
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegCreateKeyW 77DFBA25 2 Bytes JMP 00060FA5
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegCreateKeyW + 3 77DFBA28 2 Bytes [ 26, 88 ]
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00060FB6
.text C:\WINDOWS\system32\services.exe[1020] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00040000
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00070000
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00070F8D
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070082
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00070F9E
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00070051
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00070FC0
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 000700A4
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00070093
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000700BF
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070F26
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 000700D0
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00070FAF
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00070011
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00070F68
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00070FDB
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 0007002C
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00070F4B
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00060022
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00060F80
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00060011
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00060000
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 0006003D
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00060FEF
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegCreateKeyW 77DFBA25 2 Bytes JMP 00060FA5
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegCreateKeyW + 3 77DFBA28 2 Bytes [ 26, 88 ]
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00060FB6
.text C:\WINDOWS\system32\services.exe[1020] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00040000
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00FF0FEF
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00FF005D
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00FF0F72
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00FF004C
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00FF0F8D
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00FF0FA8
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00FF007A
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00FF0F32
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00FF0EFC
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00FF0F0D
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00FF0EE1
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00FF002F
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00FF0FD4
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00FF0F43
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00FF0FB9
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00FF000A
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00FF008B
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00FE0FA8
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00FE0F6B
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00FE0FC3
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00FE0FDE
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00FE0F7C
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00FE0FEF
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00FE001E
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00FE0F8D
.text C:\WINDOWS\system32\lsass.exe[1032] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00D30000
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00FF0FEF
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00FF005D
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00FF0F72
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00FF004C
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00FF0F8D
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00FF0FA8
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00FF007A
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00FF0F32
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00FF0EFC
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00FF0F0D
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00FF0EE1
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00FF002F
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00FF0FD4
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00FF0F43
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00FF0FB9
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00FF000A
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00FF008B
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00FE0FA8
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00FE0F6B
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00FE0FC3
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00FE0FDE
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00FE0F7C
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00FE0FEF
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00FE001E
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00FE0F8D
.text C:\WINDOWS\system32\lsass.exe[1032] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00D30000
.text C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe[1180] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 023C55A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe[1180] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 023C52B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe[1180] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 023C55A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe[1180] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 023C52B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00C5000A
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00C500A4
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00C50FAF
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00C50FC0
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00C50FDB
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00C5006C
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00C50F6D
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00C500B5
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateProcessW 7C802336 1 Byte [ E9 ]
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateProcessW + 2 7C802338 3 Bytes [ EB, 44, 84 ]
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00C50F4B
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00C50F1F
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00C5007D
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00C5001B
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00C50F8A
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00C50051
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00C50036
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00C50F5C
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00C40FCA
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00C40FA8
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00C40025
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00C40FE5
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00C40065
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00C40000
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00C4004A
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00C40FB9
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00C5000A
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00C500A4
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00C50FAF
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00C50FC0
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00C50FDB
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00C5006C
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00C50F6D
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00C500B5
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateProcessW 7C802336 1 Byte [ E9 ]
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateProcessW + 2 7C802338 3 Bytes [ EB, 44, 84 ]
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00C50F4B
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00C50F1F
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00C5007D
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00C5001B
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00C50F8A
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00C50051
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00C50036
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00C50F5C
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00C40FCA
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00C40FA8
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00C40025
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00C40FE5
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00C40065
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00C40000
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00C4004A
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00C40FB9
.text C:\WINDOWS\system32\svchost.exe[1208] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00C20FE5
.text C:\WINDOWS\system32\svchost.exe[1208] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00C20FE5
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00E20000
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00E20FAC
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00E200A1
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00E2007A
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00E20069
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00E20047
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00E200C3
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00E20F87
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00E20F31
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00E20F4C
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00E200EF
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00E20058
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00E20FE5
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00E200B2
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00E20036
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00E20011
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00E200D4
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00E20000
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00E20FAC
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00E200A1
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00E2007A
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00E20069
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00E20047
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!GetStartupInfoW
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00E10FE5
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00E10FB9
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegOpenKeyExA 7C801E54 5 Bytes JMP 00E200C3
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00E20F87
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00E20F31
.text
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00E1001B
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegOpenKeyA 77DDE9E4 5 Bytes JMP 00E10FCA
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00E20F4C
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00E200EF
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!LoadLibraryW 77DDEFB8 5 Bytes JMP 00E1000A
.text
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00E1006C
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00E20FE5
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00E200B2
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00E20036
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00E20011
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00E200D4
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00E10FE5
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00E10FB9
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00E10036
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00E1001B
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00E10FCA
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00E1000A
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00E1006C
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00E10051
.text C:\WINDOWS\system32\svchost.exe[1320] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00DF0000
.text C:\WINDOWS\system32\svchost.exe[1320] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00DF0000
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 01E60000
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 01E600B3
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 01E60098
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 01E60FBE
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 01E60FDB
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 01E60062
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 01E600CE
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 01E60F86
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 01E600FA
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 01E600E9
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 01E60F46
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 01E6007D
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 01E6001B
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 01E60FA3
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 01E60047
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 01E60036
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 01E60F61
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 016E0FAF
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 016E004A
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 016E0000
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 016E0FD4
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 016E0039
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 016E0FE5
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegCreateKeyW 77DFBA25 2 Bytes JMP 016E0F8D
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegCreateKeyW + 3 77DFBA28 2 Bytes [ 8E, 89 ]
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 016E0F9E
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 01E60000
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 01E600B3
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 01E60098
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 01E60FBE
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 01E60FDB
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 01E60062
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 01E600CE
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 01E60F86
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 01E600FA
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 01E600E9
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 01E60F46
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 01E6007D
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 01E6001B
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 01E60FA3
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 01E60047
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 01E60036
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 01E60F61
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 016E0FAF
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 016E004A
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 016E0000
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 016E0FD4
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 016E0039
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 016E0FE5
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegCreateKeyW 77DFBA25 2 Bytes JMP 016E0F8D
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegCreateKeyW + 3 77DFBA28 2 Bytes [ 8E, 89 ]
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 016E0F9E
.text C:\WINDOWS\System32\svchost.exe[1408] WS2_32.dll!socket 71AB4211 5 Bytes JMP 016C000A
.text C:\WINDOWS\System32\svchost.exe[1408] WININET.dll!InternetOpenA 7806C865 5 Bytes JMP 01E40000
.text C:\WINDOWS\System32\svchost.exe[1408] WININET.dll!InternetOpenW 7806CE99 5 Bytes JMP 01E4001B
.text C:\WINDOWS\System32\svchost.exe[1408] WININET.dll!InternetOpenUrlA 78070BCA 5 Bytes JMP 01E40FE5
.text C:\WINDOWS\System32\svchost.exe[1408] WININET.dll!InternetOpenUrlW 780BAEB9 5 Bytes JMP 01E40040
.text C:\WINDOWS\System32\svchost.exe[1408] WS2_32.dll!socket 71AB4211 5 Bytes JMP 016C000A
.text C:\WINDOWS\System32\svchost.exe[1408] WININET.dll!InternetOpenA 7806C865 5 Bytes JMP 01E40000
.text C:\WINDOWS\System32\svchost.exe[1408] WININET.dll!InternetOpenW 7806CE99 5 Bytes JMP 01E4001B
.text C:\WINDOWS\System32\svchost.exe[1408] WININET.dll!InternetOpenUrlA 78070BCA 5 Bytes JMP 01E40FE5
.text C:\WINDOWS\System32\svchost.exe[1408] WININET.dll!InternetOpenUrlW 780BAEB9 5 Bytes JMP 01E40040
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00780FE5
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00780F66
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 0078005B
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00780040
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00780F83
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00780F9E
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 0078009D
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00780F4B
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 007800C9
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00780F30
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00780F15
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00780025
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00780000
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00780076
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00780FB9
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00780FCA
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 007800B8
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 0077001B
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00770062
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 0077000A
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00770FD4
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00770FA5
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00770FEF
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00770047
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00770036
.text C:\WINDOWS\System32\svchost.exe[1536] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00750000
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00780FE5
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00780F66
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 0078005B
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00780040
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00780F83
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00780F9E
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 0078009D
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00780F4B
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 007800C9
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00780F30
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00780F15
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00780025
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00780000
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00780076
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00780FB9
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00780FCA
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 007800B8
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateFileA
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegOpenKeyExW 7C801A28 5 Bytes JMP 00C20000
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00C20087
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00C20F92
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!LoadLibraryExW 77DD6A9F 5 Bytes JMP 0077001B
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00770062
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 0077000A
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegOpenKeyW 7C801AF5 5 Bytes JMP 00C20076
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00C20FB9
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!LoadLibraryA 77DD7936 5 Bytes JMP 00770FD4
.text
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00770FA5
.text
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00C20F5C
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00C20F6D
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00770047
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegCreateKeyA 7C802336 5 Bytes JMP 00C20F26
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00C200C9
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00C200DA
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00C2005B
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00C2001B
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00C20098
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00C20FDB
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00C2002C
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00C20F4B
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00B00FC3
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00B00051
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00B00FD4
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00B00FE5
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00B00040
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00B00000
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00B0002F
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00B00FA8
.text C:\WINDOWS\System32\svchost.exe[1536] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00750000
.text C:\WINDOWS\System32\svchost.exe[1668] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 010155A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\WINDOWS\System32\svchost.exe[1668] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00AE000A
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00C20000
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00C20087
.text C:\WINDOWS\System32\svchost.exe[1668] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 010152B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00C20F92
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00C20076
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00C20FB9
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00C20FCA
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00C20F5C
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00C20F6D
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00C20F26
.text C:\WINDOWS\System32\svchost.exe[1668] WININET.dll!InternetOpenA 7806C865 5 Bytes JMP 00B10FEF
.text C:\WINDOWS\System32\svchost.exe[1668] WININET.dll!InternetOpenW 7806CE99 5 Bytes JMP 00B10FDE
.text
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00C200C9
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00C200DA
.text C:\WINDOWS\System32\svchost.exe[1668] WININET.dll!InternetOpenUrlA 78070BCA 5 Bytes JMP 00B10014
.text C:\WINDOWS\System32\svchost.exe[1668] WININET.dll!InternetOpenUrlW 780BAEB9 5 Bytes JMP 00B10025
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00C2001B
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00C20098
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00C20FDB
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00C2002C
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00C20F4B
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00B00FC3
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00B00051
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00B00FD4
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00B00FE5
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00B00040
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00B00000
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00B0002F
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00B00FA8
.text C:\WINDOWS\System32\svchost.exe[1668] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 010155A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\WINDOWS\System32\svchost.exe[1668] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00AE000A
.text C:\WINDOWS\System32\svchost.exe[1668] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 010152B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe[1736] ws2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 029B55A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\WINDOWS\System32\svchost.exe[1668] WININET.dll!InternetOpenA 7806C865 5 Bytes JMP 00B10FEF
.text C:\WINDOWS\System32\svchost.exe[1668] WININET.dll!InternetOpenW 7806CE99 5 Bytes JMP 00B10FDE
.text
.text C:\WINDOWS\System32\svchost.exe[1668] WININET.dll!InternetOpenUrlA 78070BCA 5 Bytes JMP 00B10014
.text C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe[1736] ws2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 029B52B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe[1736] ws2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 029B55A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe[1736] ws2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 029B52B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00D70FE5
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00D70047
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00D70036
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00D70025
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00D70F68
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00D70014
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00D70073
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00D70062
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00D700A9
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00D70F10
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00D70EF5
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00D70F83
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00D70FD4
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00D70F37
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00D70F9E
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00D70FB9
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00D7008E
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00D60FC3
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00D60F9E
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00D60FD4
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00D60FEF
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00D60051
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00D60000
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00D60040
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00D6002F
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00D70FE5
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00D70047
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00D70036
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00D70025
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00D70F68
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00D70014
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00D70073
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00D70062
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00D700A9
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00D70F10
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00D70EF5
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00D70F83
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00D70FD4
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00D70F37
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00D70F9E
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00D70FB9
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00D7008E
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00D60FC3
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00D60F9E
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00D60FD4
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00D60FEF
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00D60051
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00D60000
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00D60040
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00D6002F
.text C:\Program Files\Java\jre6\bin\jusched.exe[3172] ws2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 01B955A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Java\jre6\bin\jusched.exe[3172] ws2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 01B952B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Java\jre6\bin\jusched.exe[3172] ws2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 01B955A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Java\jre6\bin\jusched.exe[3172] ws2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 01B952B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\iTunes\iTunesHelper.exe[3492] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 05C955A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\iTunes\iTunesHelper.exe[3492] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 05C952B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\iTunes\iTunesHelper.exe[3492] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 05C955A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\iTunes\iTunesHelper.exe[3492] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 05C952B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 01CE0FE5
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 01CE0047
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 01CE0F52
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 01CE0F63
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 01CE002C
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 01CE0000
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 01CE006E
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 01CE0F26
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 01CE00AE
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 01CE0093
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 01CE00BF
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 01CE0011
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 01CE0FD4
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 01CE0F37
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 01CE0F94
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 01CE0FAF
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 01CE0F0B
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 01B30036
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 01B30FA5
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 01B30FDB
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 01B30011
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 01B30062
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 01B30000
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegCreateKeyW 77DFBA25 2 Bytes JMP 01B30FC0
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegCreateKeyW + 3 77DFBA28 2 Bytes [ D3, 89 ]
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 01B30047
.text C:\WINDOWS\Explorer.EXE[3624] WININET.dll!InternetOpenA 7806C865 5 Bytes JMP 01B90000
.text C:\WINDOWS\Explorer.EXE[3624] WININET.dll!InternetOpenW 7806CE99 5 Bytes JMP 01B90011
.text C:\WINDOWS\Explorer.EXE[3624] WININET.dll!InternetOpenUrlA 78070BCA 5 Bytes JMP 01B90022
.text C:\WINDOWS\Explorer.EXE[3624] WININET.dll!InternetOpenUrlW 780BAEB9 5 Bytes JMP 01B90FD1
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 01CE0FE5
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 01CE0047
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 01CE0F52
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 01CE0F63
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 01CE002C
.text
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 01CE0000
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 01CE006E
.text
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 01CE00AE
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 01CE0093
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 01CE00BF
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 01CE0011
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 01CE0FD4
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 01CE0F37
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 01CE0F94
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 01CE0FAF
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 01CE0F0B
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 01B30036
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 01B30FA5
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 01B30FDB
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 01B30011
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 01B30062
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 01B30000
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegCreateKeyW 77DFBA25 2 Bytes JMP 01B30FC0
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegCreateKeyW + 3 77DFBA28 2 Bytes [ D3, 89 ]
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 01B30047
.text C:\WINDOWS\Explorer.EXE[3624] WININET.dll!InternetOpenA 7806C865 5 Bytes JMP 01B90000
.text C:\WINDOWS\Explorer.EXE[3624] WININET.dll!InternetOpenW 7806CE99 5 Bytes JMP 01B90011
.text C:\WINDOWS\Explorer.EXE[3624] WININET.dll!InternetOpenUrlA 78070BCA 5 Bytes JMP 01B90022
.text C:\WINDOWS\Explorer.EXE[3624] WININET.dll!InternetOpenUrlW 780BAEB9 5 Bytes JMP 01B90FD1
.text C:\WINDOWS\Explorer.EXE[3624] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00C90000
.text C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 038255A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 038252B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Lexmark 8300 Series\lxcjmon.exe[4016] ws2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 00DD55A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Lexmark 8300 Series\lxcjmon.exe[4016] ws2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 00DD52B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 038255A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 038252B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Lexmark 8300 Series\lxcjmon.exe[4016] ws2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 00DD55A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Lexmark 8300 Series\lxcjmon.exe[4016] ws2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 00DD52B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL

---- Kernel IAT/EAT - GMER 1.0.14 ----

IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180

---- User IAT/EAT - GMER 1.0.14 ----

IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress]
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [63602AA2] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [63602AA2] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA]
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!AnimateWindow] [63601740] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [636015EF] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA]
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!AnimateWindow] [63601740] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [6360208F] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColor] [636015EF] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] [63602065] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu]
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColor] [63601FC4] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW]
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [63602065] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [63602AE9] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [63602AA2] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [63602AE9] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [63602AA2] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [63602065] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [63601FC4] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [6360208F] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] [636015C8] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [63602065] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [63601FC4] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [636015C8] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [636015EF] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)

---- Devices - GMER 1.0.14 ----

AttachedDevice \FileSystem\Ntfs \Ntfs ssfs0bbc.sys (Spy Sweeper FileSystem Filter Driver/Webroot Software, Inc. (www.webroot.com))
AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)

Device \Driver\Tcpip \Device\Ip 863F17D8
Device \Driver\Tcpip \Device\Ip 8500F920
Device \Driver\Tcpip \Device\Ip 84FE8988
Device \Driver\Tcpip \Device\Ip 86402C50

AttachedDevice \Driver\Tcpip \Device\Ip Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)

Device \Driver\Tcpip \Device\Tcp 863F17D8
Device \Driver\Tcpip \Device\Tcp 8500F920
Device \Driver\Tcpip \Device\Tcp 84FE8988
Device \Driver\Tcpip \Device\Tcp 86402C50

AttachedDevice \Driver\Tcpip \Device\Tcp tcpipBM.SYS (Bytemobile Kernel Network Provider/Bytemobile, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)

Device \Driver\Tcpip \Device\Udp 863F17D8
Device \Driver\Tcpip \Device\Udp 8500F920
Device \Driver\Tcpip \Device\Udp 84FE8988
Device \Driver\Tcpip \Device\Udp 86402C50

AttachedDevice \Driver\Tcpip \Device\Udp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)

Device \Driver\Tcpip \Device\RawIp 863F17D8
Device \Driver\Tcpip \Device\RawIp 8500F920
Device \Driver\Tcpip \Device\RawIp 84FE8988
Device \Driver\Tcpip \Device\RawIp 86402C50

AttachedDevice \Driver\Tcpip \Device\RawIp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)

Device \Driver\Tcpip \Device\IPMULTICAST 863F17D8
Device \Driver\Tcpip \Device\IPMULTICAST 8500F920
Device \Driver\Tcpip \Device\IPMULTICAST 84FE8988
Device \Driver\Tcpip \Device\IPMULTICAST 86402C50
Device \Driver\szkg5 \Device\MSProcess szkg.sys
---- Processes - GMER 1.0.14 ----

Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [124] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [124] 0x00FF0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [124] 0x02180000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [124] 0x02410000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [124] 0x02460000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [132] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Bonjour\mDNSResponder.exe [180] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jqs.exe [268] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\system32\lxcjcoms.exe [308] 0x10000000
Library C:\Program (*** hidden *** ) @ c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [540] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\system32\lsass.exe [1032] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [1180] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [1180] 0x023C0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [1180] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [1180] 0x02650000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [1180] 0x026A0000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\system32\svchost.exe [1320] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1408] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1536] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1668] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1668] 0x01010000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1668] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1668] 0x01280000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1668] 0x012D0000
Library C:\Program (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [1736] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [1736] 0x029B0000
Library C:\Program (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [1736] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [1736] 0x02CC0000
Library C:\Program (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [1736] 0x02D10000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\snmp.exe [1844] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\system32\spoolsv.exe [1936] 0x00EC0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Sony\vaio media integrated server\VMISrv.exe [2400] 0x00BB0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe [2888] 0x00820000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe [2932] 0x00900000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jusched.exe [3172] 0x01740000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jusched.exe [3172] 0x01B90000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jusched.exe [3172] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jusched.exe [3172] 0x01E20000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jusched.exe [3172] 0x01E70000
Library C:\Program (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [3492] 0x05840000
Library C:\Program (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [3492] 0x05C90000
Library C:\Program (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [3492] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [3492] 0x05F20000
Library C:\Program (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [3492] 0x05F70000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [4004] 0x02180000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [4004] 0x03820000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [4004] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [4004] 0x03BB0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [4004] 0x03C00000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [4016] 0x00980000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [4016] 0x00DD0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [4016] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [4016] 0x00FE0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [4016] 0x01030000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [124] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [124] 0x00FF0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [124] 0x02180000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [124] 0x02410000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [124] 0x02460000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [132] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Bonjour\mDNSResponder.exe [180] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jqs.exe [268] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\system32\lxcjcoms.exe [308] 0x10000000
Library C:\Program (*** hidden *** ) @ c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [540] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\system32\lsass.exe [1032] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [1180] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [1180] 0x023C0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [1180] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [1180] 0x02650000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [1180] 0x026A0000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\system32\svchost.exe [1320] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1408] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1536] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1668] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1668] 0x01010000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1668] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1668] 0x01280000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1668] 0x012D0000
Library C:\Program (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [1736] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [1736] 0x029B0000
Library C:\Program (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [1736] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [1736] 0x02CC0000
Library C:\Program (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [1736] 0x02D10000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\snmp.exe [1844] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\system32\spoolsv.exe [1936] 0x00EC0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Sony\vaio media integrated server\VMISrv.exe [2400] 0x00BB0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe [2888] 0x00820000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe [2932] 0x00900000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jusched.exe [3172] 0x01740000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jusched.exe [3172] 0x01B90000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jusched.exe [3172] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jusched.exe [3172] 0x01E20000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jusched.exe [3172] 0x01E70000
Library C:\Program (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [3492] 0x05840000
Library C:\Program (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [3492] 0x05C90000
Library C:\Program (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [3492] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [3492] 0x05F20000
Library C:\Program (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [3492] 0x05F70000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [4004] 0x02180000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [4004] 0x03820000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [4004] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [4004] 0x03BB0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [4004] 0x03C00000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [4016] 0x00980000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [4016] 0x00DD0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [4016] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [4016] 0x00FE0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [4016] 0x01030000

---- EOF - GMER 1.0.14 ----


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:40:14 PM, on 2/16/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lxcjcoms.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\SnoopFreeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\bmwebcfg.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\COMPAQ\CPQ650TP\Ver. 2.3\LWBWHEEL.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe
C:\Program Files\Lexmark 8300 Series\lxcjmon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\RegFixPro\RegFixPro.exe
C:\Program Files\Lexmark 8300 Series\ezprint.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\SnoopFreeUI.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Location Finder\LocationFinder.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pogo.com/
R3 - URLSearchHook: IAOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar Loader - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [ezShieldProtector for Px] "C:\WINDOWS\system32\ezSP_Px.exe"
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [LWBMOUSE] "C:\Program Files\COMPAQ\CPQ650TP\Ver. 2.3\LWBWHEEL.exe"
O4 - HKLM\..\Run: [HKSERV.EXE] "C:\Program Files\Sony\HotKey Utility\HKserv.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AT&T Communication Manager] "C:\Program Files\AT&T\Communication Manager\ATTCM.exe" -a
O4 - HKLM\..\Run: [HostManager] "C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe"
O4 - HKLM\..\Run: [lxcjmon.exe] "C:\Program Files\Lexmark 8300 Series\lxcjmon.exe"
O4 - HKLM\..\Run: [WrtMon.exe] "C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe"
O4 - HKLM\..\Run: [Logitech Utility] "C:\WINDOWS\Logi_MwX.Exe"
O4 - HKLM\..\Run: [VMConsole.exe] "C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe" /windowmin
O4 - HKLM\..\Run: [VAIO Recovery] "C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe"
O4 - HKLM\..\Run: [RegFixPro] "C:\Program Files\RegFixPro\RegFixPro.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 8300 Series\ezprint.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] "C:\WINDOWS\system32\dumprep.exe" 0 -k
O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SnoopFreeUI] SnoopFreeUI.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] "C:\PROGRA~1\McAfee\MHN\McENUI.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCJCATS] "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCJtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [Microsoft Location Finder] "C:\Program Files\Microsoft Location Finder\LocationFinder.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] "C:\WINDOWS\system32\ctfmon.exe"
O4 - Startup: AOL Desktop.lnk = C:\Program Files\Common Files\AOL\Launch\aollaunch.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Hidden%20Expedition%20-%20Titanic/Images/stg_drm.ocx
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/PogoWe ... taller.CAB
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se4009.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4341918252
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v ... b56649.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Hidden%20Expedition%20-%20Titanic/Images/armhelper.ocx
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{114E7C94-FEE8-4F87-89A1-E36721445B5E}: NameServer = 209.183.54.151 209.183.54.151
O17 - HKLM\System\CS3\Services\Tcpip\..\{114E7C94-FEE8-4F87-89A1-E36721445B5E}: NameServer = 209.183.54.151 209.183.54.151
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AT&T RcAppSvc (ATTRcAppSvc) - PCTEL - C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe
O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxcj_device - - C:\WINDOWS\system32\lxcjcoms.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Snoop Free Service (SnoopFreeSvc) - Unknown owner - C:\WINDOWS\System32\SnoopFreeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe

--
End of file - 16325 bytes
daffyd9
Active Member
 
Posts: 11
Joined: January 26th, 2009, 7:56 pm

Re: think I have spyware or other bad problem

Unread postby daffyd9 » February 16th, 2009, 11:05 pm

Hello again. I downloaded GMER from the other site. Had problems when using it. Tried several times all day to get it to work. It would run for a while each time & then would say it was stopped. Then I would get a little window saying
Warning GMER has found system modification caused by ROOTKIT activity

I went ahead & copied what it had at the time of closing & will include here. Thanks again, Della

Logfile of random's system information tool 1.05 (written by random/random)
Run by Della at 2009-02-16 14:29:14
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 18 GB (45%) free of 40 GB
Total RAM: 959 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:29:32 PM, on 2/16/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lxcjcoms.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\SnoopFreeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\bmwebcfg.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\COMPAQ\CPQ650TP\Ver. 2.3\LWBWHEEL.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe
C:\Program Files\Lexmark 8300 Series\lxcjmon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\RegFixPro\RegFixPro.exe
C:\Program Files\Lexmark 8300 Series\ezprint.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\SnoopFreeUI.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Location Finder\LocationFinder.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\System32\msiexec.exe
D:\Malware Remove\random's system information tool (RSIT)\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Della.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pogo.com/
R3 - URLSearchHook: IAOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar Loader - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [ezShieldProtector for Px] "C:\WINDOWS\system32\ezSP_Px.exe"
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [LWBMOUSE] "C:\Program Files\COMPAQ\CPQ650TP\Ver. 2.3\LWBWHEEL.exe"
O4 - HKLM\..\Run: [HKSERV.EXE] "C:\Program Files\Sony\HotKey Utility\HKserv.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AT&T Communication Manager] "C:\Program Files\AT&T\Communication Manager\ATTCM.exe" -a
O4 - HKLM\..\Run: [HostManager] "C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe"
O4 - HKLM\..\Run: [lxcjmon.exe] "C:\Program Files\Lexmark 8300 Series\lxcjmon.exe"
O4 - HKLM\..\Run: [WrtMon.exe] "C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe"
O4 - HKLM\..\Run: [Logitech Utility] "C:\WINDOWS\Logi_MwX.Exe"
O4 - HKLM\..\Run: [VMConsole.exe] "C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe" /windowmin
O4 - HKLM\..\Run: [VAIO Recovery] "C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe"
O4 - HKLM\..\Run: [RegFixPro] "C:\Program Files\RegFixPro\RegFixPro.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 8300 Series\ezprint.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] "C:\WINDOWS\system32\dumprep.exe" 0 -k
O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SnoopFreeUI] SnoopFreeUI.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] "C:\PROGRA~1\McAfee\MHN\McENUI.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCJCATS] "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCJtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [Microsoft Location Finder] "C:\Program Files\Microsoft Location Finder\LocationFinder.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] "C:\WINDOWS\system32\ctfmon.exe"
O4 - Startup: AOL Desktop.lnk = C:\Program Files\Common Files\AOL\Launch\aollaunch.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Hidden%20Expedition%20-%20Titanic/Images/stg_drm.ocx
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/PogoWe ... taller.CAB
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se4009.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4341918252
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v ... b56649.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Hidden%20Expedition%20-%20Titanic/Images/armhelper.ocx
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{114E7C94-FEE8-4F87-89A1-E36721445B5E}: NameServer = 209.183.54.151 209.183.54.151
O17 - HKLM\System\CS3\Services\Tcpip\..\{114E7C94-FEE8-4F87-89A1-E36721445B5E}: NameServer = 209.183.54.151 209.183.54.151
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AT&T RcAppSvc (ATTRcAppSvc) - PCTEL - C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe
O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxcj_device - - C:\WINDOWS\system32\lxcjcoms.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Snoop Free Service (SnoopFreeSvc) - Unknown owner - C:\WINDOWS\System32\SnoopFreeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe

--
End of file - 16334 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\Google Software Updater.job
C:\WINDOWS\tasks\McDefragTask.job
C:\WINDOWS\tasks\McQcTask.job
C:\WINDOWS\tasks\RegClean Scheduled Scan.job
C:\WINDOWS\tasks\RegFixPro Scan.job
C:\WINDOWS\tasks\Registration reminder 2.job
C:\WINDOWS\tasks\Registration reminder 3.job
C:\WINDOWS\tasks\RegistrySmart Scheduled Scan.job
C:\WINDOWS\tasks\wrSpySweeper_LF4EDF9159123427B94E9DBE5B2B7871B.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\mskapbho.dll [2008-10-17 247312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-14 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar Loader - C:\Program Files\AOL Toolbar\aoltb.dll [2008-07-07 1275232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\McAfee\VirusScan\scriptsn.dll [2008-06-20 58688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-12-14 392240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll [2007-11-06 654832]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-11-14 150032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-14 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-14 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2008-07-28 160496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
SITEguard
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AOL Toolbar - C:\Program Files\AOL Toolbar\aoltb.dll [2008-07-07 1275232]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2008-07-28 882416]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-11-14 150032]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ezShieldProtector for Px"=C:\WINDOWS\system32\ezSP_Px.exe [2002-08-20 40960]
"VAIO Update 2"=C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe [2004-01-17 135168]
"SonyPowerCfg"=C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2003-12-11 167936]
"LWBMOUSE"=C:\Program Files\COMPAQ\CPQ650TP\Ver. 2.3\LWBWHEEL.exe [2003-05-18 438272]
"HKSERV.EXE"=C:\Program Files\Sony\HotKey Utility\HKserv.exe [2004-02-12 98304]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-04-27 335872]
"AT&T Communication Manager"=C:\Program Files\AT&T\Communication Manager\ATTCM.exe [2007-10-18 33280]
"HostManager"=C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [2008-06-24 41824]
"lxcjmon.exe"=C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [2007-01-30 205744]
"WrtMon.exe"=C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe [2006-09-20 20480]
"Logitech Utility"=C:\WINDOWS\Logi_MwX.Exe [2003-11-07 19968]
"VMConsole.exe"=C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe [2004-02-25 536576]
"VAIO Recovery"=C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe [2003-04-19 28672]
"RegFixPro"=C:\Program Files\RegFixPro\RegFixPro.exe [2008-12-17 30224384]
"EzPrint"=C:\Program Files\Lexmark 8300 Series\ezprint.exe [2007-01-30 103344]
"KernelFaultCheck"=C:\WINDOWS\system32\dumprep.exe [2008-04-13 10752]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-11-07 111936]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-12-22 185896]
"SnoopFreeUI"=C:\WINDOWS\SnoopFreeUI.exe [2008-08-16 221184]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2008-07-11 641208]
"McENUI"=C:\PROGRA~1\McAfee\MHN\McENUI.exe [2008-06-13 1176808]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-14 136600]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2009-01-05 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-01-06 290088]
"LXCJCATS"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCJtime.dll [2006-11-21 106496]
"SpySweeper"=C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe [2008-11-13 6273400]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Location Finder"=C:\Program Files\Microsoft Location Finder\LocationFinder.exe [2006-11-14 121640]
"Yahoo! Pager"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2007-08-30 4670704]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE
Office Startup.lnk - C:\Program Files\Microsoft Office\Office\OSA.EXE
Quicken Scheduled Updates.lnk - C:\Program Files\Quicken\bagent.exe

C:\Documents and Settings\Della\Start Menu\Programs\Startup
AOL Desktop.lnk - C:\Program Files\Common Files\AOL\Launch\aollaunch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-04-27 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WebrootSpySweeperService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WRConsumerService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=255

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0"
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe"="C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer"
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe"="C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL Connectivity Service"
"C:\Program Files\Common Files\AOL\1188181604\ee\aolsoftware.exe"="C:\Program Files\Common Files\AOL\1188181604\ee\aolsoftware.exe:*:Enabled:AOL Shared Components"
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe"="C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed"
"C:\Program Files\Common Files\AOL\System Information\sinf.exe"="C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\WINDOWS\system32\lxcjcoms.exe"="C:\WINDOWS\system32\lxcjcoms.exe:*:Enabled:8300 Series Server"
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxcjpswx.exe"="C:\WINDOWS\system32\spool\drivers\w32x86\3\lxcjpswx.exe:*:Enabled:8300 Series Printer Status"
"C:\Program Files\AOL 9.1\waol.exe"="C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL 9.1"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe"="C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe:*:Enabled:AOL Desktop"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\AOL 9.1a\waol.exe"="C:\Program Files\AOL 9.1a\waol.exe:*:Enabled:AOL 9.1a"
"C:\Program Files\AOL 9.1b\waol.exe"="C:\Program Files\AOL 9.1b\waol.exe:*:Enabled:AOL 9.1b"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\AOL 9.1c\waol.exe"="C:\Program Files\AOL 9.1c\waol.exe:*:Enabled:AOL 9.1c"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\America Online 9.0\waol.exe"="C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0"
"C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0"
"C:\Program Files\AOL 9.1\waol.exe"="C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL 9.1"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\AOL 9.1a\waol.exe"="C:\Program Files\AOL 9.1a\waol.exe:*:Enabled:AOL 9.1a"
"C:\Program Files\AOL 9.1b\waol.exe"="C:\Program Files\AOL 9.1b\waol.exe:*:Enabled:AOL 9.1b"
"C:\Program Files\AOL 9.1c\waol.exe"="C:\Program Files\AOL 9.1c\waol.exe:*:Enabled:AOL 9.1c"

======List of files/folders created in the last 1 months======

2009-02-16 14:29:14 ----D---- C:\rsit
2009-02-07 17:38:42 ----D---- C:\Program Files\iPod
2009-02-07 17:37:30 ----D---- C:\Program Files\iTunes
2009-02-07 17:37:30 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-26 16:12:56 ----D---- C:\Documents and Settings\Della\Application Data\Malwarebytes
2009-01-26 16:12:42 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-01-26 16:12:42 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2009-01-26 16:08:37 ----D---- C:\Program Files\Trend Micro

======List of files/folders modified in the last 1 months======

2009-02-16 14:29:19 ----D---- C:\WINDOWS\Temp
2009-02-16 14:26:20 ----A---- C:\WINDOWS\win.ini
2009-02-16 14:25:04 ----SHD---- C:\WINDOWS\Installer
2009-02-16 14:25:03 ----D---- C:\WINDOWS\WinSxS
2009-02-16 14:25:02 ----D---- C:\WINDOWS\SxsCaPendDel
2009-02-16 14:24:07 ----SHD---- C:\Config.Msi
2009-02-16 14:23:56 ----D---- C:\WINDOWS\system32
2009-02-16 14:20:25 ----A---- C:\WINDOWS\ModemLog_GlobeTrotter HSDPA Modem Interface.txt
2009-02-16 14:16:02 ----D---- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2009-02-16 13:55:01 ----D---- C:\WINDOWS\system32\drivers
2009-02-16 13:48:11 ----SD---- C:\WINDOWS\Tasks
2009-02-16 01:37:04 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-02-15 20:39:57 ----D---- C:\Documents and Settings\All Users\Application Data\SITEguard
2009-02-15 00:38:33 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2009-02-15 00:38:29 ----D---- C:\Program Files\Hidden Expedition - Titanic
2009-02-14 14:58:13 ----D---- C:\Program Files\Lx_cats
2009-02-13 00:18:44 ----D---- C:\Documents and Settings\Della\Application Data\iPodder
2009-02-07 17:38:42 ----RD---- C:\Program Files
2009-02-07 17:37:21 ----D---- C:\Program Files\Common Files\Apple
2009-02-07 17:30:13 ----D---- C:\Program Files\QuickTime
2009-02-05 02:39:35 ----D---- C:\WINDOWS\Prefetch
2009-02-01 21:38:21 ----D---- C:\WINDOWS\system32\CatRoot2
2009-02-01 16:03:54 ----D---- C:\Documents and Settings\All Users\Application Data\Google Updater
2009-01-19 02:20:28 ----SD---- C:\WINDOWS\Downloaded Program Files

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 DMICall;Sony DMI Call service; C:\WINDOWS\System32\DRIVERS\DMICall.sys [2000-12-05 3952]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2008-06-27 207656]
R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2008-06-02 120136]
R1 tcpipBM;Bytemobile Kernel Network Provider; C:\WINDOWS\system32\drivers\tcpipBM.sys [2007-10-18 18816]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-03-31 12032]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 tmcomm;tmcomm; \??\C:\WINDOWS\system32\drivers\tmcomm.sys []
R3 ALCXSENS;Service for WDM 3D Audio Driver; C:\WINDOWS\system32\drivers\ALCXSENS.SYS [2003-12-11 391424]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-03-23 613244]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\System32\DRIVERS\Apfiltr.sys [2003-09-29 94601]
R3 AR5416;Atheros AR5008 Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\athw.sys [2008-04-03 1333152]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2004-04-27 729088]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 GTFFBUS;GT FF BUS; C:\WINDOWS\system32\DRIVERS\gtffbus.sys [2007-06-15 17024]
R3 GTMNDISIRPXP;GT M 3G+ IRP NDIS; C:\WINDOWS\system32\DRIVERS\Gtm51Irp.sys [2007-06-15 120960]
R3 GTPTSER;GT PT SER; C:\WINDOWS\system32\DRIVERS\gtptser.sys [2007-06-15 8064]
R3 GTUQBUS;GT UQ BUS; C:\WINDOWS\system32\DRIVERS\gtuqbus.sys [2007-06-15 36992]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2003-12-11 1042432]
R3 HSFHWALI;HSFHWALI; C:\WINDOWS\System32\DRIVERS\HSFHWALI.sys [2003-12-11 196736]
R3 LHidFlt2;Logitech HID/USB Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys [2003-11-07 25502]
R3 LMouFlt2;Logitech Mouse Class Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys [2003-11-07 70798]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2008-06-27 79240]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2008-06-27 35240]
R3 mfesmfk;McAfee Inc. mfesmfk; C:\WINDOWS\system32\drivers\mfesmfk.sys [2008-06-27 40488]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 RimVSerPort;RIM Virtual Serial Port v2; C:\WINDOWS\system32\DRIVERS\RimSerial.sys [2007-10-18 26368]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2003-03-31 5888]
R3 RTL8023xp;Realtek 10/100/1000 PCI NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2008-02-25 105088]
R3 SNC;Sony Notebook Control Device; C:\WINDOWS\System32\Drivers\SonyNC.sys [2000-11-09 48896]
R3 SSKBFD;Webroot Spy Sweeper Keylogger Shield Keyboard Filter; C:\WINDOWS\System32\Drivers\sskbfd.sys [2006-10-08 21056]
R3 swmsflt;swmsflt; C:\WINDOWS\System32\drivers\swmsflt.sys [2007-10-18 25736]
R3 tifmsony;tifmsony; C:\WINDOWS\system32\drivers\tifmsony.sys [2004-03-04 64512]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\System32\DRIVERS\wanatw4.sys [2003-01-10 33588]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2003-12-11 681344]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
S3 LEX_AS_NIC_SERVICE_YNOS;LAN-Express AS IEEE 802.11g Wireless Network Adapter Service; C:\WINDOWS\System32\DRIVERS\ExpasAG.sys [2004-03-02 379328]
S3 mferkdk;McAfee Inc. mferkdk; C:\WINDOWS\system32\drivers\mferkdk.sys [2008-06-20 34152]
S3 PCTINDIS5;PCTINDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\PCTINDIS5.SYS []
S3 RTL8023;Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver; C:\WINDOWS\System32\DRIVERS\Rtlnic51.sys [2003-11-07 67712]
S3 SONYPVU1;Sony USB Filter Driver (SONYPVU1); C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 ATWPKT2;ATWPKT2; \??\C:\WINDOWS\system32\drivers\ATWPKT2.SYS []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\System32\Ati2evxx.exe [2004-04-27 397312]
R2 bmwebcfg;Bytemobile Web Configurator; C:\WINDOWS\system32\bmwebcfg.exe [2007-10-18 118784]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-14 152984]
R2 lxcj_device;lxcj_device; C:\WINDOWS\system32\lxcjcoms.exe [2007-01-30 537520]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [2008-12-05 206096]
R2 mcmscsvc;McAfee Services; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [2008-10-10 792696]
R2 McNASvc;McAfee Network Agent; c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [2008-07-18 2482848]
R2 McProxy;McAfee Proxy Service; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [2008-07-09 358736]
R2 McShield;McAfee Real-time Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [2008-06-20 144704]
R2 MpfService;McAfee Personal Firewall Service; C:\Program Files\McAfee\MPF\MPFSrv.exe [2008-07-09 884360]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\McAfee\MSK\MskSrver.exe [2008-07-09 25416]
R2 SNMP;SNMP Service; C:\WINDOWS\System32\snmp.exe [2008-04-13 33280]
R2 SnoopFreeSvc;Snoop Free Service; C:\WINDOWS\System32\SnoopFreeSvc.exe [2008-08-16 90112]
R2 VAIO Entertainment File Import Service;VAIO Entertainment File Import Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe [2004-03-12 86098]
R2 VAIOMediaPlatform-IntegratedServer-AppServer;VAIO Media Integrated Server; C:\Program Files\Sony\vaio media integrated server\VMISrv.exe [2004-03-12 1691648]
R2 VAIOMediaPlatform-IntegratedServer-HTTP;VAIO Media Integrated Server (HTTP); C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe [2004-02-25 57344]
R2 VAIOMediaPlatform-IntegratedServer-UPnP;VAIO Media Integrated Server (UPnP); C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe [2004-02-25 737280]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 WANMiniportService;WAN Miniport (ATW) Service; C:\WINDOWS\wanmpsvc.exe [2003-08-27 65536]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine; C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe [2008-11-12 3667312]
R2 WRConsumerService;Webroot Client Service; C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [2008-11-13 1086840]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
R3 McSysmon;McAfee SystemGuards; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [2008-09-16 605512]
S2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe [2008-07-30 41768]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-02 182768]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 ATTRcAppSvc;AT&T RcAppSvc; C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe [2007-10-18 109080]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 MBackMonitor;MBackMonitor; C:\Program Files\McAfee\MBK\MBackMonitor.exe [2008-07-10 66848]
S3 McODS;McAfee Scanner; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [2008-06-20 361800]
S3 PACSPTISVR;PACSPTISVR; C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE [2003-12-09 65625]
S3 SNMPTRAP;SNMP Trap Service; C:\WINDOWS\System32\snmptrap.exe [2008-04-13 8704]
S3 SPTISRV;Sony SPTI Service; C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe [2003-12-09 65622]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 VAIO Entertainment Aggregation and Control Service;VAIO Entertainment Aggregation and Control Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe [2004-03-12 118784]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [2004-03-12 69632]
S3 VAIO Entertainment UPnP Client Adapter;VAIO Entertainment UPnP Client Adapter; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe [2004-03-12 278528]
S3 VAIOMediaPlatform-Mobile-Gateway;VAIO Media Gateway Server; C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe [2004-03-05 184320]
S3 VAIOMediaPlatform-VideoServer-AppServer;VAIO Media Video Server; C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe [2003-10-30 1286144]
S3 VAIOMediaPlatform-VideoServer-HTTP;VAIO Media Video Server (HTTP); C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe [2004-02-25 57344]
S3 VAIOMediaPlatform-VideoServer-UPnP;VAIO Media Video Server (UPnP); C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe [2004-02-25 737280]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------

ABBYY FineReader 6.0 Sprint
Adobe AIR
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.3
Adobe Shockwave Player 11
AIM 6
Aim Plugin for QQ Games
AIMTunes
Amazon MP3 Downloader 1.0.3
AOL Toolbar for Internet Explorer
AOL Uninstaller (Choose which Products to Remove)
Apple Mobile Device Support
Apple Software Update
Aqua Bubble (CD version)
ArcSoft Software Suite
AT&T Communication Manager
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
Avery Wizard 1.1 for Microsoft Word 97
Bejeweled 2 Deluxe 1.0
Boggle
Bonjour
Buddy Icon Maker 1.0.0.1
Cake Mania Deluxe
Colorizer 1.0.0.1
CPQ650TP Ver. 2.3
DesignPro 5.4 Limited Edition
Diamond Drop (CD version)
Digital Giggles
Disney Interactive Compatibility Update May 2002
Driver Installer
DUXUS CLOCK FONT (1.0.0)
DVgate Plus
Enhanced Font List for Word 97 (VBA PowerTool)
Face Dough
Family Album Screen Saver
Hidden Expedition - Titanic
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HotKey Utility
Hoyle Card Games 2005
InterVideo WinDVD 5 for VAIO
iTunes
Jasc Paint Shop Pro 8
Java(TM) 6 Update 11
Juice 2.2
Kodak One-Touch Printing Solution SDK
Kybtec World Clock 3.3.1.1
LAN-Express AS IEEE 802.11 Wireless LAN
Learn2 Player (Uninstall Only)
Lexmark 8300 Series
LivePix 1.0
Logitech Desktop Messenger
Logitech MouseWare 9.79
Logitech Resource Center
Mahjongg Master 5
Malwarebytes' Anti-Malware
McAfee SecurityCenter
Memory Stick Formatter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Location Finder
Microsoft National Language Support Downlevel APIs
Microsoft Office 97 Unique Identifier Removal Tool
Microsoft Office 97, Professional Edition
Microsoft Publisher 2002
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Works 7.0
MobileMe Control Panel
MoodLogic
Moraff's SphereJongg 5.1
MS The Dolphin Assistant(Remove only)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
MSXML 6.0 Parser (KB933579)
Nokia Connectivity Adapter Cable DKU-5
OpenMG Limited Patch 3.4-03-12-16-01
OpenMG Secure Module 3.4.00
Outlook 3 Pane Message Preview Extension (Remove only)
Photo Viewer 2.4
Picture Package Music Transfer
PictureGear Studio 2.0
Presto! Forms 3.50.02
Presto! PageManager 7.12.10
Print to Fax
Puppy Album
Puzzle Master 3
QQ Games
Quicken 2004
QuickTime
RealPlayer
RegFixPro
RegFixPro
Safari
Sandlot Games Client Services
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
SnoopFree Privacy Shield
SoftV92 Data Fax Modem with SmartCP
SonicStage 2.0.02
Sony Certificate PCH
Sony Download Taxi 1.5.0.0
Sony Notebook Setup
Sony Picture Utility
Sony USB Driver
Sony USB Mouse
Sony Utilities DLL
Sony Video Shared Library
Sony XBRITE Screen Saver
Spelling Dictionaries Support For Adobe Reader 8
Spy Sweeper
Spy Sweeper Core
STOPzilla
Super Bubble Pop
TurboTax Deluxe Deduction Maximizer 2006
TurboTax ItsDeductible 2006
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
VAIO Entertainment Platform
VAIO Help and Support
VAIO Media 3.0
VAIO Media Integrated Server 3.0
VAIO Media Redistribution 3.0
VAIO Power Management
VAIO Registration
VAIO SLIT Pattern Wallpaper
VAIO SLIT-C Screen Saver
VAIO Survey Standalone
VAIO Update 2
Viewpoint Media Player
Virtual Earth 3D (Beta)
VIVA MEDIA GAME CENTER
Welcome to VAIO life
WexTech AnswerWorks
Wild Photo Effects
Windows Imaging Component
Windows Installer Clean Up
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Presentation Foundation
Windows XP Service Pack 3
Yahoo! Messenger
Yahoo! Toolbar
Your Photo Here


GMER 1.0.14.14536 - http://www.gmer.net
Rootkit scan 2009-02-16 18:28:12
Windows 5.1.2600 Service Pack 3


---- System - GMER 1.0.14 ----

SSDT 867763E0 ZwAllocateVirtualMemory
SSDT 867C0418 ZwCreateKey
SSDT 86788208 ZwCreateProcess
SSDT 86775478 ZwCreateProcessEx
SSDT 867766B0 ZwCreateThread
SSDT 867DE620 ZwDeleteKey
SSDT 867E0818 ZwDeleteValueKey
SSDT 86776458 ZwQueueApcThread
SSDT 867762F0 ZwReadVirtualMemory
SSDT 86799710 ZwRenameKey
SSDT 86776548 ZwSetContextThread
SSDT 867E9390 ZwSetInformationKey
SSDT 867767A0 ZwSetInformationProcess
SSDT 867765C0 ZwSetInformationThread
SSDT 867E0400 ZwSetValueKey
SSDT 86776728 ZwSuspendProcess
SSDT 867764D0 ZwSuspendThread
SSDT 86776020 ZwTerminateProcess
SSDT 86776638 ZwTerminateThread
SSDT 86776368 ZwWriteVirtualMemory

Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwCreateFile [0xB18429C8]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwEnumerateKey [0xB1842B05]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwEnumerateValueKey [0xB1842AEF]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwMapViewOfSection [0xB1842A08]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwNotifyChangeKey [0xB1842B31]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenKey [0xB1842A4B]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenProcess [0xB1842950]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwOpenThread [0xB1842964]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwProtectVirtualMemory [0xB18429DC]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwQueryKey [0xB1842B6D]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwQueryMultipleValueKey [0xB1842AD9]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwQueryValueKey [0xB1842AC3]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwReplaceKey [0xB1842B59]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwRestoreKey [0xB1842B45]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwUnloadKey [0xB1842B1B]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwUnmapViewOfSection [0xB1842A1E]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) ZwYieldExecution [0xB18429F2]
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtCreateFile
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtMapViewOfSection
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtOpenProcess
Code \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.) NtOpenThread

---- Kernel code sections - GMER 1.0.14 ----

.text ntoskrnl.exe!ZwYieldExecution 804F0EA6 7 Bytes JMP B18429F6 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
.text ntoskrnl.exe!ZwYieldExecution 804F0EA6 7 Bytes JMP B18429F6 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE
PAGE ntoskrnl.exe!ZwOpenKey 80568D59 5 Bytes JMP B1842A4F \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwQueryValueKey 8056A1F2 7 Bytes JMP B1842AC7 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwQueryValueKey 8056A1F2 7 Bytes JMP B1842AC7 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!NtCreateFile 8056CDC0 5 Bytes JMP B18429CC \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!NtCreateFile
PAGE ntoskrnl.exe!ZwQueryKey 80570A6D 7 Bytes JMP B1842B71 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwQueryKey 80570A6D 7 Bytes JMP B1842B71 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwEnumerateKey 80570D64 7 Bytes JMP B1842B09 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwEnumerateKey 80570D64 7 Bytes JMP B1842B09 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!NtOpenProcess 805717C7 5 Bytes JMP B1842954 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!NtOpenProcess 805717C7 5 Bytes JMP B1842954 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwProtectVirtualMemory 80571CB1 7 Bytes JMP B18429E0 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwProtectVirtualMemory 80571CB1 7 Bytes JMP B18429E0 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwUnmapViewOfSection 805736E6 5 Bytes JMP B1842A22 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!NtMapViewOfSection
PAGE ntoskrnl.exe!ZwUnmapViewOfSection 80573B61 7 Bytes JMP B1842A0C \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!NtMapViewOfSection 80573B61 7 Bytes JMP B1842A0C \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!NtOpenThread 8058A1C9 5 Bytes JMP B1842968 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!NtOpenThread
PAGE ntoskrnl.exe!ZwNotifyChangeKey 8058A699 5 Bytes JMP B1842B35 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwEnumerateValueKey 80590677 7 Bytes JMP B1842AF3 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwNotifyChangeKey 8058A699 5 Bytes JMP B1842B35 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE
PAGE ntoskrnl.exe!ZwUnloadKey 8064DA12 7 Bytes JMP B1842B1F \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwQueryMultipleValueKey 8064E338 7 Bytes JMP B1842ADD \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwRestoreKey
PAGE ntoskrnl.exe!ZwUnloadKey 8064ECA9 5 Bytes JMP B1842B49 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwReplaceKey 8064F112 5 Bytes JMP B1842B5D \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwQueryMultipleValueKey 8064E338 7 Bytes JMP B1842ADD \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwRestoreKey 8064ECA9 5 Bytes JMP B1842B49 \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
PAGE ntoskrnl.exe!ZwReplaceKey 8064F112 5 Bytes JMP B1842B5D \SystemRoot\system32\drivers\mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)
? szkg.sys The system cannot find the file specified. !
? szkg.sys The system cannot find the file specified. !
? C:\WINDOWS\system32\drivers\SnopFree.sys The process cannot access the file because it is being used by another process.
? C:\WINDOWS\system32\drivers\SnopFree.sys The process cannot access the file because it is being used by another process.

---- User code sections - GMER 1.0.14 ----

.text C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 021855A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 021852B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 021855A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 021852B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe[560] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 0041BF60 c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee Proxy Service Module/McAfee, Inc.)
.text c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe[560] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 0041BF60 c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee Proxy Service Module/McAfee, Inc.)
.text c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe[560] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 0041BFE0 c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee Proxy Service Module/McAfee, Inc.)
.text c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe[560] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 0041BFE0 c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee Proxy Service Module/McAfee, Inc.)
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00070000
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00070F8D
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070082
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00070F9E
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00070051
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00070FC0
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 000700A4
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00070093
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000700BF
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070F26
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 000700D0
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00070FAF
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00070011
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00070F68
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00070FDB
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 0007002C
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00070F4B
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00060022
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00060F80
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00060011
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00060000
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 0006003D
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00060FEF
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegCreateKeyW 77DFBA25 2 Bytes JMP 00060FA5
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegCreateKeyW + 3 77DFBA28 2 Bytes [ 26, 88 ]
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00060FB6
.text C:\WINDOWS\system32\services.exe[1020] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00040000
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00070000
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00070F8D
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00070082
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00070F9E
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00070051
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00070FC0
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 000700A4
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00070093
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 000700BF
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00070F26
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 000700D0
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00070FAF
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00070011
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00070F68
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00070FDB
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 0007002C
.text C:\WINDOWS\system32\services.exe[1020] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00070F4B
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00060022
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00060F80
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00060011
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00060000
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 0006003D
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00060FEF
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegCreateKeyW 77DFBA25 2 Bytes JMP 00060FA5
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegCreateKeyW + 3 77DFBA28 2 Bytes [ 26, 88 ]
.text C:\WINDOWS\system32\services.exe[1020] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00060FB6
.text C:\WINDOWS\system32\services.exe[1020] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00040000
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00FF0FEF
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00FF005D
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00FF0F72
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00FF004C
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00FF0F8D
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00FF0FA8
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00FF007A
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00FF0F32
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00FF0EFC
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00FF0F0D
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00FF0EE1
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00FF002F
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00FF0FD4
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00FF0F43
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00FF0FB9
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00FF000A
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00FF008B
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00FE0FA8
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00FE0F6B
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00FE0FC3
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00FE0FDE
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00FE0F7C
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00FE0FEF
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00FE001E
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00FE0F8D
.text C:\WINDOWS\system32\lsass.exe[1032] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00D30000
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00FF0FEF
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00FF005D
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00FF0F72
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00FF004C
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00FF0F8D
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00FF0FA8
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00FF007A
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00FF0F32
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00FF0EFC
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00FF0F0D
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00FF0EE1
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00FF002F
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00FF0FD4
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00FF0F43
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00FF0FB9
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00FF000A
.text C:\WINDOWS\system32\lsass.exe[1032] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00FF008B
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00FE0FA8
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00FE0F6B
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00FE0FC3
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00FE0FDE
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00FE0F7C
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00FE0FEF
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00FE001E
.text C:\WINDOWS\system32\lsass.exe[1032] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00FE0F8D
.text C:\WINDOWS\system32\lsass.exe[1032] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00D30000
.text C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe[1180] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 023C55A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe[1180] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 023C52B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe[1180] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 023C55A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe[1180] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 023C52B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00C5000A
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00C500A4
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00C50FAF
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00C50FC0
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00C50FDB
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00C5006C
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00C50F6D
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00C500B5
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateProcessW 7C802336 1 Byte [ E9 ]
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateProcessW + 2 7C802338 3 Bytes [ EB, 44, 84 ]
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00C50F4B
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00C50F1F
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00C5007D
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00C5001B
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00C50F8A
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00C50051
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00C50036
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00C50F5C
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00C40FCA
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00C40FA8
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00C40025
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00C40FE5
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00C40065
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00C40000
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00C4004A
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00C40FB9
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00C5000A
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00C500A4
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00C50FAF
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00C50FC0
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00C50FDB
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00C5006C
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00C50F6D
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00C500B5
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateProcessW 7C802336 1 Byte [ E9 ]
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateProcessW + 2 7C802338 3 Bytes [ EB, 44, 84 ]
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00C50F4B
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00C50F1F
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00C5007D
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00C5001B
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00C50F8A
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00C50051
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00C50036
.text C:\WINDOWS\system32\svchost.exe[1208] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00C50F5C
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00C40FCA
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00C40FA8
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00C40025
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00C40FE5
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00C40065
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00C40000
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00C4004A
.text C:\WINDOWS\system32\svchost.exe[1208] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00C40FB9
.text C:\WINDOWS\system32\svchost.exe[1208] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00C20FE5
.text C:\WINDOWS\system32\svchost.exe[1208] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00C20FE5
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00E20000
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00E20FAC
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00E200A1
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00E2007A
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00E20069
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00E20047
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00E200C3
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00E20F87
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00E20F31
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00E20F4C
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00E200EF
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00E20058
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00E20FE5
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00E200B2
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00E20036
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00E20011
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00E200D4
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00E20000
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00E20FAC
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00E200A1
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00E2007A
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00E20069
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00E20047
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!GetStartupInfoW
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00E10FE5
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00E10FB9
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegOpenKeyExA 7C801E54 5 Bytes JMP 00E200C3
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00E20F87
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00E20F31
.text
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00E1001B
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegOpenKeyA 77DDE9E4 5 Bytes JMP 00E10FCA
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00E20F4C
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00E200EF
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!LoadLibraryW 77DDEFB8 5 Bytes JMP 00E1000A
.text
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00E1006C
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00E20FE5
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00E200B2
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00E20036
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00E20011
.text C:\WINDOWS\system32\svchost.exe[1320] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00E200D4
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00E10FE5
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00E10FB9
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00E10036
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00E1001B
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00E10FCA
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00E1000A
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00E1006C
.text C:\WINDOWS\system32\svchost.exe[1320] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00E10051
.text C:\WINDOWS\system32\svchost.exe[1320] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00DF0000
.text C:\WINDOWS\system32\svchost.exe[1320] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00DF0000
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 01E60000
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 01E600B3
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 01E60098
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 01E60FBE
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 01E60FDB
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 01E60062
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 01E600CE
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 01E60F86
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 01E600FA
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 01E600E9
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 01E60F46
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 01E6007D
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 01E6001B
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 01E60FA3
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 01E60047
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 01E60036
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 01E60F61
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 016E0FAF
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 016E004A
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 016E0000
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 016E0FD4
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 016E0039
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 016E0FE5
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegCreateKeyW 77DFBA25 2 Bytes JMP 016E0F8D
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegCreateKeyW + 3 77DFBA28 2 Bytes [ 8E, 89 ]
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 016E0F9E
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 01E60000
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 01E600B3
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 01E60098
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 01E60FBE
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 01E60FDB
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 01E60062
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 01E600CE
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 01E60F86
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 01E600FA
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 01E600E9
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 01E60F46
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 01E6007D
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 01E6001B
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 01E60FA3
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 01E60047
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 01E60036
.text C:\WINDOWS\System32\svchost.exe[1408] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 01E60F61
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 016E0FAF
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 016E004A
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 016E0000
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 016E0FD4
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 016E0039
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 016E0FE5
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegCreateKeyW 77DFBA25 2 Bytes JMP 016E0F8D
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegCreateKeyW + 3 77DFBA28 2 Bytes [ 8E, 89 ]
.text C:\WINDOWS\System32\svchost.exe[1408] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 016E0F9E
.text C:\WINDOWS\System32\svchost.exe[1408] WS2_32.dll!socket 71AB4211 5 Bytes JMP 016C000A
.text C:\WINDOWS\System32\svchost.exe[1408] WININET.dll!InternetOpenA 7806C865 5 Bytes JMP 01E40000
.text C:\WINDOWS\System32\svchost.exe[1408] WININET.dll!InternetOpenW 7806CE99 5 Bytes JMP 01E4001B
.text C:\WINDOWS\System32\svchost.exe[1408] WININET.dll!InternetOpenUrlA 78070BCA 5 Bytes JMP 01E40FE5
.text C:\WINDOWS\System32\svchost.exe[1408] WININET.dll!InternetOpenUrlW 780BAEB9 5 Bytes JMP 01E40040
.text C:\WINDOWS\System32\svchost.exe[1408] WS2_32.dll!socket 71AB4211 5 Bytes JMP 016C000A
.text C:\WINDOWS\System32\svchost.exe[1408] WININET.dll!InternetOpenA 7806C865 5 Bytes JMP 01E40000
.text C:\WINDOWS\System32\svchost.exe[1408] WININET.dll!InternetOpenW 7806CE99 5 Bytes JMP 01E4001B
.text C:\WINDOWS\System32\svchost.exe[1408] WININET.dll!InternetOpenUrlA 78070BCA 5 Bytes JMP 01E40FE5
.text C:\WINDOWS\System32\svchost.exe[1408] WININET.dll!InternetOpenUrlW 780BAEB9 5 Bytes JMP 01E40040
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00780FE5
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00780F66
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 0078005B
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00780040
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00780F83
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00780F9E
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 0078009D
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00780F4B
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 007800C9
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00780F30
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00780F15
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00780025
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00780000
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00780076
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00780FB9
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00780FCA
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 007800B8
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 0077001B
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00770062
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 0077000A
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00770FD4
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00770FA5
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00770FEF
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00770047
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00770036
.text C:\WINDOWS\System32\svchost.exe[1536] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00750000
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00780FE5
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00780F66
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 0078005B
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00780040
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00780F83
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00780F9E
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 0078009D
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00780F4B
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 007800C9
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00780F30
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00780F15
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00780025
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00780000
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00780076
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00780FB9
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00780FCA
.text C:\WINDOWS\System32\svchost.exe[1536] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 007800B8
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateFileA
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegOpenKeyExW 7C801A28 5 Bytes JMP 00C20000
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00C20087
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00C20F92
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!LoadLibraryExW 77DD6A9F 5 Bytes JMP 0077001B
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00770062
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 0077000A
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegOpenKeyW 7C801AF5 5 Bytes JMP 00C20076
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00C20FB9
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!LoadLibraryA 77DD7936 5 Bytes JMP 00770FD4
.text
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00770FA5
.text
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00C20F5C
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00C20F6D
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00770047
.text C:\WINDOWS\System32\svchost.exe[1536] ADVAPI32.dll!RegCreateKeyA 7C802336 5 Bytes JMP 00C20F26
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00C200C9
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00C200DA
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00C2005B
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00C2001B
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00C20098
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00C20FDB
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00C2002C
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00C20F4B
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00B00FC3
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00B00051
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00B00FD4
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00B00FE5
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00B00040
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00B00000
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00B0002F
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00B00FA8
.text C:\WINDOWS\System32\svchost.exe[1536] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00750000
.text C:\WINDOWS\System32\svchost.exe[1668] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 010155A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\WINDOWS\System32\svchost.exe[1668] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00AE000A
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00C20000
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00C20087
.text C:\WINDOWS\System32\svchost.exe[1668] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 010152B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00C20F92
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00C20076
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00C20FB9
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00C20FCA
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00C20F5C
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00C20F6D
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00C20F26
.text C:\WINDOWS\System32\svchost.exe[1668] WININET.dll!InternetOpenA 7806C865 5 Bytes JMP 00B10FEF
.text C:\WINDOWS\System32\svchost.exe[1668] WININET.dll!InternetOpenW 7806CE99 5 Bytes JMP 00B10FDE
.text
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00C200C9
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00C200DA
.text C:\WINDOWS\System32\svchost.exe[1668] WININET.dll!InternetOpenUrlA 78070BCA 5 Bytes JMP 00B10014
.text C:\WINDOWS\System32\svchost.exe[1668] WININET.dll!InternetOpenUrlW 780BAEB9 5 Bytes JMP 00B10025
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00C2001B
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00C20098
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00C20FDB
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00C2002C
.text C:\WINDOWS\System32\svchost.exe[1668] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00C20F4B
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00B00FC3
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00B00051
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00B00FD4
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00B00FE5
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00B00040
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00B00000
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00B0002F
.text C:\WINDOWS\System32\svchost.exe[1668] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00B00FA8
.text C:\WINDOWS\System32\svchost.exe[1668] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 010155A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\WINDOWS\System32\svchost.exe[1668] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00AE000A
.text C:\WINDOWS\System32\svchost.exe[1668] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 010152B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe[1736] ws2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 029B55A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\WINDOWS\System32\svchost.exe[1668] WININET.dll!InternetOpenA 7806C865 5 Bytes JMP 00B10FEF
.text C:\WINDOWS\System32\svchost.exe[1668] WININET.dll!InternetOpenW 7806CE99 5 Bytes JMP 00B10FDE
.text
.text C:\WINDOWS\System32\svchost.exe[1668] WININET.dll!InternetOpenUrlA 78070BCA 5 Bytes JMP 00B10014
.text C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe[1736] ws2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 029B52B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe[1736] ws2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 029B55A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe[1736] ws2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 029B52B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00D70FE5
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00D70047
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00D70036
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00D70025
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00D70F68
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00D70014
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00D70073
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00D70062
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00D700A9
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00D70F10
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00D70EF5
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00D70F83
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00D70FD4
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00D70F37
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00D70F9E
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00D70FB9
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00D7008E
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00D60FC3
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00D60F9E
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00D60FD4
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00D60FEF
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00D60051
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00D60000
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00D60040
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00D6002F
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 00D70FE5
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 00D70047
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 00D70036
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 00D70025
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 00D70F68
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 00D70014
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 00D70073
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 00D70062
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 00D700A9
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 00D70F10
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 00D70EF5
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 00D70F83
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 00D70FD4
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 00D70F37
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 00D70F9E
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 00D70FB9
.text C:\WINDOWS\System32\svchost.exe[2244] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 00D7008E
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 00D60FC3
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 00D60F9E
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 00D60FD4
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 00D60FEF
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 00D60051
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 00D60000
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegCreateKeyW 77DFBA25 5 Bytes JMP 00D60040
.text C:\WINDOWS\System32\svchost.exe[2244] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 00D6002F
.text C:\Program Files\Java\jre6\bin\jusched.exe[3172] ws2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 01B955A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Java\jre6\bin\jusched.exe[3172] ws2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 01B952B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Java\jre6\bin\jusched.exe[3172] ws2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 01B955A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Java\jre6\bin\jusched.exe[3172] ws2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 01B952B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\iTunes\iTunesHelper.exe[3492] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 05C955A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\iTunes\iTunesHelper.exe[3492] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 05C952B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\iTunes\iTunesHelper.exe[3492] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 05C955A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\iTunes\iTunesHelper.exe[3492] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 05C952B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 01CE0FE5
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 01CE0047
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 01CE0F52
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 01CE0F63
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 01CE002C
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 01CE0000
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 01CE006E
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!GetStartupInfoA 7C801EF2 5 Bytes JMP 01CE0F26
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 01CE00AE
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 01CE0093
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 01CE00BF
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 01CE0011
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 01CE0FD4
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 01CE0F37
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 01CE0F94
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 01CE0FAF
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 01CE0F0B
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 01B30036
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 01B30FA5
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 01B30FDB
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 01B30011
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 01B30062
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 01B30000
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegCreateKeyW 77DFBA25 2 Bytes JMP 01B30FC0
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegCreateKeyW + 3 77DFBA28 2 Bytes [ D3, 89 ]
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 01B30047
.text C:\WINDOWS\Explorer.EXE[3624] WININET.dll!InternetOpenA 7806C865 5 Bytes JMP 01B90000
.text C:\WINDOWS\Explorer.EXE[3624] WININET.dll!InternetOpenW 7806CE99 5 Bytes JMP 01B90011
.text C:\WINDOWS\Explorer.EXE[3624] WININET.dll!InternetOpenUrlA 78070BCA 5 Bytes JMP 01B90022
.text C:\WINDOWS\Explorer.EXE[3624] WININET.dll!InternetOpenUrlW 780BAEB9 5 Bytes JMP 01B90FD1
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateFileA 7C801A28 5 Bytes JMP 01CE0FE5
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!VirtualProtectEx 7C801A61 5 Bytes JMP 01CE0047
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!VirtualProtect 7C801AD4 5 Bytes JMP 01CE0F52
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!LoadLibraryExW 7C801AF5 5 Bytes JMP 01CE0F63
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!LoadLibraryExA 7C801D53 5 Bytes JMP 01CE002C
.text
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!LoadLibraryA 7C801D7B 5 Bytes JMP 01CE0000
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!GetStartupInfoW 7C801E54 5 Bytes JMP 01CE006E
.text
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateProcessW 7C802336 5 Bytes JMP 01CE00AE
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateProcessA 7C80236B 5 Bytes JMP 01CE0093
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!GetProcAddress 7C80AE30 5 Bytes JMP 01CE00BF
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!LoadLibraryW 7C80AEDB 5 Bytes JMP 01CE0011
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateFileW 7C8107F0 5 Bytes JMP 01CE0FD4
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreatePipe 7C81D827 5 Bytes JMP 01CE0F37
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateNamedPipeW 7C82F0C5 5 Bytes JMP 01CE0F94
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!CreateNamedPipeA 7C860B7C 5 Bytes JMP 01CE0FAF
.text C:\WINDOWS\Explorer.EXE[3624] kernel32.dll!WinExec 7C8623AD 5 Bytes JMP 01CE0F0B
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegOpenKeyExW 77DD6A9F 5 Bytes JMP 01B30036
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegCreateKeyExW 77DD775C 5 Bytes JMP 01B30FA5
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegOpenKeyExA 77DD7842 5 Bytes JMP 01B30FDB
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegOpenKeyW 77DD7936 5 Bytes JMP 01B30011
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegCreateKeyExA 77DDE9E4 5 Bytes JMP 01B30062
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegOpenKeyA 77DDEFB8 5 Bytes JMP 01B30000
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegCreateKeyW 77DFBA25 2 Bytes JMP 01B30FC0
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegCreateKeyW + 3 77DFBA28 2 Bytes [ D3, 89 ]
.text C:\WINDOWS\Explorer.EXE[3624] ADVAPI32.dll!RegCreateKeyA 77DFBCC3 5 Bytes JMP 01B30047
.text C:\WINDOWS\Explorer.EXE[3624] WININET.dll!InternetOpenA 7806C865 5 Bytes JMP 01B90000
.text C:\WINDOWS\Explorer.EXE[3624] WININET.dll!InternetOpenW 7806CE99 5 Bytes JMP 01B90011
.text C:\WINDOWS\Explorer.EXE[3624] WININET.dll!InternetOpenUrlA 78070BCA 5 Bytes JMP 01B90022
.text C:\WINDOWS\Explorer.EXE[3624] WININET.dll!InternetOpenUrlW 780BAEB9 5 Bytes JMP 01B90FD1
.text C:\WINDOWS\Explorer.EXE[3624] WS2_32.dll!socket 71AB4211 5 Bytes JMP 00C90000
.text C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 038255A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 038252B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Lexmark 8300 Series\lxcjmon.exe[4016] ws2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 00DD55A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Lexmark 8300 Series\lxcjmon.exe[4016] ws2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 00DD52B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] WS2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 038255A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] WS2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 038252B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Lexmark 8300 Series\lxcjmon.exe[4016] ws2_32.dll!getaddrinfo 71AB2A6F 5 Bytes JMP 00DD55A0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL
.text C:\Program Files\Lexmark 8300 Series\lxcjmon.exe[4016] ws2_32.dll!gethostbyname 71AB5355 5 Bytes JMP 00DD52B0 C:\Program Files\Common Files\iS3\Anti-Spyware\SGPRXY.DLL

---- Kernel IAT/EAT - GMER 1.0.14 ----

IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\ndiswan.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\raspppoe.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\psched.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\Drivers\NDProxy.SYS[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\tcpip.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\wanarp.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\arp1394.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\arp1394.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisRegisterProtocol] 86776278
IAT \SystemRoot\System32\DRIVERS\ndisuio.sys[NDIS.SYS!NdisDeregisterProtocol] 86776180

---- User IAT/EAT - GMER 1.0.14 ----

IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WS2HELP.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\PSAPI.DLL [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!LoadLibraryA] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\userenv.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe[124] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\WS2_32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe[3140] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress]
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress]
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [63602AA2] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [63602AA2] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [63602AA2] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!GetProcAddress] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA]
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!AnimateWindow] [63601740] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [636015EF] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcA]
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!AnimateWindow] [63601740] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [6360208F] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColor] [636015EF] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW] [63602065] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu]
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!GetSysColor] [63601FC4] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!DefWindowProcW]
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [63602065] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [63602AE9] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [63602AA2] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [63602AE9] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [63602B3E] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [63602AA2] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [63602A5B] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [63602441] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [63602065] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [63601FC4] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [6360208F] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] [636015C8] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [63602065] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [63601FC4] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenu] [636015C8] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[3496] @ C:\WINDOWS\system32\SHLWAPI.dll [USER32.dll!TrackPopupMenuEx] [636015EF] C:\Program Files\Yahoo!\Shared\YbSkin2.dll (Yahoo! Skinning Object/Yahoo! Inc.)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryExW]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ADVAPI32.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!SetUnhandledExceptionFilter]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\Secur32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USER32.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\ole32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryW]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\NETAPI32.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryExW] [6BFA9DE1] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\WININET.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA]
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryW] [6BFA9CCD] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryExA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9D54] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!LoadLibraryA] [6BFA9C46] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)
IAT C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe[4004] @ C:\WINDOWS\system32\USERENV.dll [KERNEL32.dll!SetUnhandledExceptionFilter] [6BFA9E6E] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll (AOL Diagnostics/AOL LLC)

---- Devices - GMER 1.0.14 ----

AttachedDevice \FileSystem\Ntfs \Ntfs ssfs0bbc.sys (Spy Sweeper FileSystem Filter Driver/Webroot Software, Inc. (www.webroot.com))
AttachedDevice \FileSystem\Ntfs \Ntfs mfehidk.sys (Host Intrusion Detection Link Driver/McAfee, Inc.)

Device \Driver\Tcpip \Device\Ip 863F17D8
Device \Driver\Tcpip \Device\Ip 8500F920
Device \Driver\Tcpip \Device\Ip 84FE8988
Device \Driver\Tcpip \Device\Ip 86402C50

AttachedDevice \Driver\Tcpip \Device\Ip Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)

Device \Driver\Tcpip \Device\Tcp 863F17D8
Device \Driver\Tcpip \Device\Tcp 8500F920
Device \Driver\Tcpip \Device\Tcp 84FE8988
Device \Driver\Tcpip \Device\Tcp 86402C50

AttachedDevice \Driver\Tcpip \Device\Tcp tcpipBM.SYS (Bytemobile Kernel Network Provider/Bytemobile, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)

Device \Driver\Tcpip \Device\Udp 863F17D8
Device \Driver\Tcpip \Device\Udp 8500F920
Device \Driver\Tcpip \Device\Udp 84FE8988
Device \Driver\Tcpip \Device\Udp 86402C50

AttachedDevice \Driver\Tcpip \Device\Udp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)

Device \Driver\Tcpip \Device\RawIp 863F17D8
Device \Driver\Tcpip \Device\RawIp 8500F920
Device \Driver\Tcpip \Device\RawIp 84FE8988
Device \Driver\Tcpip \Device\RawIp 86402C50

AttachedDevice \Driver\Tcpip \Device\RawIp Mpfp.sys (McAfee Personal Firewall Plus Driver/McAfee, Inc.)

Device \Driver\Tcpip \Device\IPMULTICAST 863F17D8
Device \Driver\Tcpip \Device\IPMULTICAST 8500F920
Device \Driver\Tcpip \Device\IPMULTICAST 84FE8988
Device \Driver\Tcpip \Device\IPMULTICAST 86402C50
Device \Driver\szkg5 \Device\MSProcess szkg.sys
---- Processes - GMER 1.0.14 ----

Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [124] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [124] 0x00FF0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [124] 0x02180000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [124] 0x02410000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [124] 0x02460000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [132] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Bonjour\mDNSResponder.exe [180] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jqs.exe [268] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\system32\lxcjcoms.exe [308] 0x10000000
Library C:\Program (*** hidden *** ) @ c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [540] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\system32\lsass.exe [1032] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [1180] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [1180] 0x023C0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [1180] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [1180] 0x02650000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [1180] 0x026A0000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\system32\svchost.exe [1320] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1408] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1536] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1668] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1668] 0x01010000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1668] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1668] 0x01280000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1668] 0x012D0000
Library C:\Program (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [1736] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [1736] 0x029B0000
Library C:\Program (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [1736] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [1736] 0x02CC0000
Library C:\Program (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [1736] 0x02D10000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\snmp.exe [1844] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\system32\spoolsv.exe [1936] 0x00EC0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Sony\vaio media integrated server\VMISrv.exe [2400] 0x00BB0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe [2888] 0x00820000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe [2932] 0x00900000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jusched.exe [3172] 0x01740000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jusched.exe [3172] 0x01B90000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jusched.exe [3172] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jusched.exe [3172] 0x01E20000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jusched.exe [3172] 0x01E70000
Library C:\Program (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [3492] 0x05840000
Library C:\Program (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [3492] 0x05C90000
Library C:\Program (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [3492] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [3492] 0x05F20000
Library C:\Program (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [3492] 0x05F70000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [4004] 0x02180000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [4004] 0x03820000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [4004] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [4004] 0x03BB0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [4004] 0x03C00000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [4016] 0x00980000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [4016] 0x00DD0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [4016] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [4016] 0x00FE0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [4016] 0x01030000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [124] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [124] 0x00FF0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [124] 0x02180000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [124] 0x02410000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [124] 0x02460000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [132] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Bonjour\mDNSResponder.exe [180] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jqs.exe [268] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\system32\lxcjcoms.exe [308] 0x10000000
Library C:\Program (*** hidden *** ) @ c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe [540] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\system32\lsass.exe [1032] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [1180] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [1180] 0x023C0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [1180] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [1180] 0x02650000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe [1180] 0x026A0000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\system32\svchost.exe [1320] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1408] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1536] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1668] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1668] 0x01010000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1668] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1668] 0x01280000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\svchost.exe [1668] 0x012D0000
Library C:\Program (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [1736] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [1736] 0x029B0000
Library C:\Program (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [1736] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [1736] 0x02CC0000
Library C:\Program (*** hidden *** ) @ C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [1736] 0x02D10000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\System32\snmp.exe [1844] 0x10000000
Library C:\Program (*** hidden *** ) @ C:\WINDOWS\system32\spoolsv.exe [1936] 0x00EC0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Sony\vaio media integrated server\VMISrv.exe [2400] 0x00BB0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe [2888] 0x00820000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe [2932] 0x00900000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jusched.exe [3172] 0x01740000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jusched.exe [3172] 0x01B90000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jusched.exe [3172] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jusched.exe [3172] 0x01E20000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Java\jre6\bin\jusched.exe [3172] 0x01E70000
Library C:\Program (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [3492] 0x05840000
Library C:\Program (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [3492] 0x05C90000
Library C:\Program (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [3492] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [3492] 0x05F20000
Library C:\Program (*** hidden *** ) @ C:\Program Files\iTunes\iTunesHelper.exe [3492] 0x05F70000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [4004] 0x02180000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [4004] 0x03820000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [4004] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [4004] 0x03BB0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe [4004] 0x03C00000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [4016] 0x00980000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [4016] 0x00DD0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [4016] 0x0F000000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [4016] 0x00FE0000
Library C:\Program (*** hidden *** ) @ C:\Program Files\Lexmark 8300 Series\lxcjmon.exe [4016] 0x01030000

---- EOF - GMER 1.0.14 ----


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:40:14 PM, on 2/16/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lxcjcoms.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\SnoopFreeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\bmwebcfg.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\COMPAQ\CPQ650TP\Ver. 2.3\LWBWHEEL.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe
C:\Program Files\Lexmark 8300 Series\lxcjmon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\RegFixPro\RegFixPro.exe
C:\Program Files\Lexmark 8300 Series\ezprint.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\SnoopFreeUI.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Microsoft Location Finder\LocationFinder.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pogo.com/
R3 - URLSearchHook: IAOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar Loader - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [ezShieldProtector for Px] "C:\WINDOWS\system32\ezSP_Px.exe"
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [LWBMOUSE] "C:\Program Files\COMPAQ\CPQ650TP\Ver. 2.3\LWBWHEEL.exe"
O4 - HKLM\..\Run: [HKSERV.EXE] "C:\Program Files\Sony\HotKey Utility\HKserv.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AT&T Communication Manager] "C:\Program Files\AT&T\Communication Manager\ATTCM.exe" -a
O4 - HKLM\..\Run: [HostManager] "C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe"
O4 - HKLM\..\Run: [lxcjmon.exe] "C:\Program Files\Lexmark 8300 Series\lxcjmon.exe"
O4 - HKLM\..\Run: [WrtMon.exe] "C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe"
O4 - HKLM\..\Run: [Logitech Utility] "C:\WINDOWS\Logi_MwX.Exe"
O4 - HKLM\..\Run: [VMConsole.exe] "C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe" /windowmin
O4 - HKLM\..\Run: [VAIO Recovery] "C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe"
O4 - HKLM\..\Run: [RegFixPro] "C:\Program Files\RegFixPro\RegFixPro.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 8300 Series\ezprint.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] "C:\WINDOWS\system32\dumprep.exe" 0 -k
O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SnoopFreeUI] SnoopFreeUI.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] "C:\PROGRA~1\McAfee\MHN\McENUI.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCJCATS] "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCJtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [Microsoft Location Finder] "C:\Program Files\Microsoft Location Finder\LocationFinder.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] "C:\WINDOWS\system32\ctfmon.exe"
O4 - Startup: AOL Desktop.lnk = C:\Program Files\Common Files\AOL\Launch\aollaunch.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Hidden%20Expedition%20-%20Titanic/Images/stg_drm.ocx
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/PogoWe ... taller.CAB
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se4009.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4341918252
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v ... b56649.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Hidden%20Expedition%20-%20Titanic/Images/armhelper.ocx
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{114E7C94-FEE8-4F87-89A1-E36721445B5E}: NameServer = 209.183.54.151 209.183.54.151
O17 - HKLM\System\CS3\Services\Tcpip\..\{114E7C94-FEE8-4F87-89A1-E36721445B5E}: NameServer = 209.183.54.151 209.183.54.151
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AT&T RcAppSvc (ATTRcAppSvc) - PCTEL - C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe
O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxcj_device - - C:\WINDOWS\system32\lxcjcoms.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Snoop Free Service (SnoopFreeSvc) - Unknown owner - C:\WINDOWS\System32\SnoopFreeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe

--
End of file - 16325 bytes
daffyd9
Active Member
 
Posts: 11
Joined: January 26th, 2009, 7:56 pm

Re: think I have spyware or other bad problem

Unread postby Axephilic » February 18th, 2009, 5:28 pm

Hello,

Run Blacklight
  1. Please download F-Secure Blacklight and save it to C drive.
  2. Click on Start > Run and copy and paste in the following: C:\fsbl.exe /expert. Click OK.
  3. You will be shown a license agreement. Read through it and select I accept the agreement. Click Next.
  4. Click on Scan.
  5. Once the scan is done, close F-Secure Blacklight. Don't rename anything found!
  6. A log will be produced on your C drive. It's named fsbl-XXXXXXXXXXXXXX.log, where the XXXXXXXXXXXXXX are numbers. Please post this log in your next reply.


Run OTScanIt2
Please download OTScanIt2 from Geeks to Go or Bleeping Computer. Save it to your desktop.

  1. Double click on OTScanIt2.exe to run it.
  2. Click on Extract. Once done, you will be prompted. Click OK and click Close.
  3. Double click on the OTScanIt2 folder. Double click on OTScanIt2.exe to run it.
  4. Under Rookit Search, select Yes.
  5. Click on Run Scan at the top left hand corner.
  6. When done, Notepad will open. Please post this log in your next reply.

Download DDS

Download at your desktop DDS from one of the links below:

Link1
Link2
Link3
  • Double click the tool to run it.
  • A black Screen will open, just read the contents and do nothing.
  • When the tool finish it will open 2 reports.
  • Copy/paste both reports back here and remove DDS from your desktop.

Scan with Malwarebytes' Anti-Malware

  • Double click on the Malwarebytes' Anti-Malware icon on your desktop.
  • Once the program has loaded, click on the Update tab and click on Check for Updates.
  • Click on the Scanner tab.
  • Select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply.
  • If you accidently close it, the log file is saved here and will be named like this: C:\Documents and Settings\<your username>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt

In your next reply, please include:
  1. Blacklight log
  2. OTScanIt log
  3. DDS log
  4. MBAM log
  5. A new HijackThis log

Regards,
Adam
User avatar
Axephilic
Retired Graduate
 
Posts: 2180
Joined: June 18th, 2007, 1:10 pm
Location: Wisconsin, US

Re: think I have spyware or other bad problem

Unread postby Axephilic » February 21st, 2009, 8:18 pm

Hello,

THREE DAY BUMP!

It has been three days since my last post.
  • Do you still need help with this?
  • Do you need more time?
  • Are you having problems following my instructions?

If after 48 hours you have not replied to this thread, then it will have to be closed!

Regards,
Adam
User avatar
Axephilic
Retired Graduate
 
Posts: 2180
Joined: June 18th, 2007, 1:10 pm
Location: Wisconsin, US

Re: think I have spyware or other bad problem

Unread postby daffyd9 » February 21st, 2009, 9:06 pm

Sorry. I did reply yesterday but don't see it posted so will repost.

02/19/09 15:07:11 [Info]: BlackLight Engine 2.2.1092 initialized
02/19/09 15:07:11 [Info]: OS: 5.1 build 2600 (Service Pack 3)
02/19/09 15:07:14 [Note]: 7019 4
02/19/09 15:07:14 [Note]: 7005 0
02/19/09 15:07:33 [Note]: 7006 0
02/19/09 15:07:33 [Note]: 7011 2720
02/19/09 15:07:33 [Note]: 7035 0
02/19/09 15:07:34 [Note]: 7026 0
02/19/09 15:07:34 [Note]: 7026 0
02/19/09 15:07:45 [Note]: FSRAW library version 1.7.1024
02/19/09 15:48:31 [Note]: 7007 0

Code: Select all
OTScanIt2 logfile created on: 2/18/2009 7:30:45 PM - Run 1
OTScanIt2 by OldTimer - Version 1.0.7.1     Folder = D:\Malware Remove\OTScanit2\OTScanIt2
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
958.98 Mb Total Physical Memory | 459.93 Mb Available Physical Memory | 47.96% Memory free
2.17 Gb Paging File | 1.61 Gb Available in Paging File | 74.36% Paging File free
Paging file location(s): C:\pagefile.sys 672 1344;D:\pagefile.sys 672 2048;
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 38.98 Gb Total Space | 16.41 Gb Free Space | 42.10% Space Free | Partition Type: NTFS
Drive D: | 84.52 Gb Total Space | 75.47 Gb Free Space | 89.30% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
 
Computer Name: VALUED-2CA80C17
Current User Name: Della
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: Current user
Whitelist: On
File Age = 30 Days
 
[Processes - Safe List]
aolacsd.exe -> %CommonProgramFiles%\AOL\ACS\AOLacsd.exe -> [2006/10/23 04:50:35 | 00,046,640 | ---- | M] (AOL LLC)
aoldesktop.exe -> %CommonProgramFiles%\AOL\1188181604\ee\AOLDesktop.exe -> [2008/06/24 10:34:50 | 00,041,824 | ---- | M] (AOL LLC)
aolsoftware.exe -> %CommonProgramFiles%\AOL\1188181604\ee\aolsoftware.exe -> [2008/06/24 10:34:50 | 00,041,824 | ---- | M] (AOL LLC)
applemobiledeviceservice.exe -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.)
ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> [2004/04/27 20:38:36 | 00,397,312 | ---- | M] ()
ati2evxx.exe -> %SystemRoot%\system32\ati2evxx.exe -> [2004/04/27 20:38:36 | 00,397,312 | ---- | M] ()
atiptaxx.exe -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> [2004/04/27 20:10:00 | 00,335,872 | ---- | M] (ATI Technologies, Inc.)
attcm.exe -> %ProgramFiles%\AT&T\Communication Manager\ATTCM.exe -> [2007/10/18 11:08:36 | 00,033,280 | ---- | M] (ATT)
bmctl.exe -> %ProgramFiles%\AT&T\Communication Manager\bmctl.exe -> [2007/10/18 11:08:46 | 00,339,968 | ---- | M] (Bytemobile, Inc.)
bmop.exe -> %ProgramFiles%\AT&T\Communication Manager\bmop.exe -> [2007/10/18 11:08:48 | 00,622,592 | ---- | M] (Bytemobile, Inc.)
bmwebcfg.exe -> %SystemRoot%\system32\bmwebcfg.exe -> [2007/10/18 11:08:32 | 00,118,784 | ---- | M] (Bytemobile, Inc.)
em_exec.exe -> %ProgramFiles%\Logitech\MouseWare\system\EM_EXEC.EXE -> [2003/11/14 09:50:00 | 00,037,888 | ---- | M] (Logitech Inc.)
ezprint.exe -> %ProgramFiles%\Lexmark 8300 Series\ezprint.exe -> [2007/01/30 06:35:59 | 00,103,344 | ---- | M] (Lexmark International Inc.)
ezsp_px.exe -> %SystemRoot%\system32\ezSP_Px.exe -> [2002/08/20 10:29:26 | 00,040,960 | ---- | M] (Easy Systems Japan Ltd.)
hkserv.exe -> %ProgramFiles%\Sony\HotKey Utility\HKServ.exe -> [2004/02/12 22:01:24 | 00,098,304 | ---- | M] (Sony Corporation)
hkwnd.exe -> %ProgramFiles%\Sony\HotKey Utility\HKWnd.exe -> [2004/02/12 22:00:22 | 00,274,432 | ---- | M] (Sony Corporation)
ipodservice.exe -> %ProgramFiles%\iPod\bin\iPodService.exe -> [2009/01/06 13:06:24 | 00,536,872 | ---- | M] (Apple Inc.)
ituneshelper.exe -> %ProgramFiles%\iTunes\iTunesHelper.exe -> [2009/01/06 13:06:36 | 00,290,088 | ---- | M] (Apple Inc.)
jqs.exe -> %ProgramFiles%\Java\jre6\bin\jqs.exe -> [2009/01/14 23:23:36 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.)
jusched.exe -> %ProgramFiles%\Java\jre6\bin\jusched.exe -> [2009/01/14 23:23:38 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.)
locationfinder.exe -> %ProgramFiles%\Microsoft Location Finder\LocationFinder.exe -> [2006/11/14 12:22:10 | 00,121,640 | ---- | M] (Microsoft Corporation)
lwbwheel.exe -> %ProgramFiles%\COMPAQ\CPQ650TP\Ver. 2.3\LwbWheel.exe -> [2003/05/18 19:24:20 | 00,438,272 | ---- | M] ()
lxcjcoms.exe -> %SystemRoot%\system32\lxcjcoms.exe -> [2007/01/30 06:30:39 | 00,537,520 | ---- | M] ( )
lxcjmon.exe -> %ProgramFiles%\Lexmark 8300 Series\lxcjmon.exe -> [2007/01/30 06:32:06 | 00,205,744 | ---- | M] (Lexmark International, Inc.)
mcagent.exe -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe -> [2008/07/11 16:48:54 | 00,641,208 | ---- | M] (McAfee, Inc.)
mcmscsvc.exe -> %ProgramFiles%\McAfee\MSC\mcmscsvc.exe -> [2008/10/10 16:16:00 | 00,792,696 | ---- | M] (McAfee, Inc.)
mcnasvc.exe -> %CommonProgramFiles%\McAfee\MNA\McNASvc.exe -> [2008/07/18 08:02:52 | 02,482,848 | ---- | M] (McAfee, Inc.)
mcproxy.exe -> %CommonProgramFiles%\McAfee\McProxy\McProxy.exe -> [2008/07/09 14:49:10 | 00,358,736 | ---- | M] (McAfee, Inc.)
mcsacore.exe -> %ProgramFiles%\McAfee\SiteAdvisor\McSACore.exe -> [2008/12/05 15:51:06 | 00,206,096 | ---- | M] ()
mcshield.exe -> %ProgramFiles%\McAfee\VirusScan\Mcshield.exe -> [2008/06/20 05:41:04 | 00,144,704 | ---- | M] (McAfee, Inc.)
mcsysmon.exe -> %ProgramFiles%\McAfee\VirusScan\mcsysmon.exe -> [2008/09/16 10:04:12 | 00,605,512 | ---- | M] (McAfee, Inc.)
mdnsresponder.exe -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> [2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.)
mpfsrv.exe -> %ProgramFiles%\McAfee\MPF\MpfSrv.exe -> [2008/07/09 17:36:30 | 00,884,360 | ---- | M] (McAfee, Inc.)
mscorsvw.exe -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation)
msksrver.exe -> %ProgramFiles%\McAfee\MSK\msksrver.exe -> [2008/07/09 13:35:34 | 00,025,416 | ---- | M] (McAfee, Inc.)
msmsgs.exe -> %ProgramFiles%\Messenger\msmsgs.exe -> [2008/04/13 16:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
otscanit2.exe -> D:\Malware Remove\OTScanit2\OTScanIt2\OTScanIt2.exe -> [2009/01/26 12:13:22 | 00,485,376 | ---- | M] (OldTimer Tools)
regfixpro.exe -> %ProgramFiles%\RegFixPro\RegFixPro.exe -> [2008/12/17 11:16:52 | 30,224,384 | ---- | M] (PC Utility Inc.)
snmp.exe -> %SystemRoot%\system32\snmp.exe -> [2008/04/13 16:12:36 | 00,033,280 | ---- | M] (Microsoft Corporation)
snoopfreesvc.exe -> %SystemRoot%\system32\SnoopFreeSvc.exe -> [2008/08/16 13:12:44 | 00,090,112 | ---- | M] ()
snoopfreeui.exe -> %SystemRoot%\SnoopFreeUI.exe -> [2008/08/16 13:12:47 | 00,221,184 | ---- | M] (SnoopFree Software)
spmgr.exe -> %ProgramFiles%\Sony\VAIO Power Management\SPMgr.exe -> [2003/12/11 22:03:06 | 00,167,936 | ---- | M] (Sony Corporation)
spysweeper.exe -> %ProgramFiles%\Webroot\Spy Sweeper\SpySweeper.exe -> [2008/11/12 16:02:14 | 03,667,312 | ---- | M] (Webroot Software, Inc. (www.webroot.com))
spysweeperui.exe -> %ProgramFiles%\Webroot\Spy Sweeper\SpySweeperUI.exe -> [2008/11/13 17:11:40 | 06,273,400 | ---- | M] (Webroot Software, Inc.)
ssu.exe -> %ProgramFiles%\Webroot\Spy Sweeper\SSU.exe -> [2008/11/12 16:02:14 | 00,181,616 | ---- | M] (Webroot Software, Inc. (www.webroot.com))
sv_httpd.exe -> %ProgramFiles%\Sony\vaio media integrated server\Platform\SV_Httpd.exe -> [2004/02/25 04:12:38 | 00,057,344 | ---- | M] (Sony Corporation)
upnpframework.exe -> %ProgramFiles%\Sony\vaio media integrated server\Platform\UPnPFramework.exe -> [2004/02/25 04:22:06 | 00,737,280 | ---- | M] (Sony Corporation)
vaioupdt.exe -> %ProgramFiles%\Sony\VAIO Update 2\VAIOUpdt.exe -> [2004/01/17 02:36:44 | 00,135,168 | ---- | M] (Sony Corporation)
viewpointservice.exe -> %ProgramFiles%\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 13:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation)
vmconsole.exe -> %ProgramFiles%\Sony\vaio media integrated server\Platform\VMConsole.exe -> [2004/02/25 05:08:40 | 00,536,576 | ---- | M] (Sony Corporation)
vmisrv.exe -> %ProgramFiles%\Sony\vaio media integrated server\VMISrv.exe -> [2004/03/12 11:20:34 | 01,691,648 | ---- | M] (Sony Corporation)
vzfw.exe -> %CommonProgramFiles%\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe -> [2004/03/12 16:32:38 | 00,086,098 | ---- | M] (Sony Corporation)
wanmpsvc.exe -> %SystemRoot%\wanmpsvc.exe -> [2003/08/27 09:27:44 | 00,065,536 | ---- | M] (America Online, Inc.)
wrconsumerservice.exe -> %ProgramFiles%\Webroot\Spy Sweeper\WRConsumerService.exe -> [2008/11/13 17:11:26 | 01,086,840 | ---- | M] (Webroot Software, Inc. )
wrtmon.exe -> %SystemRoot%\system32\spool\drivers\w32x86\3\WrtMon.exe -> [2006/09/20 08:35:26 | 00,020,480 | ---- | M] ()
wrtproc.exe -> %SystemRoot%\system32\spool\drivers\w32x86\3\WrtProc.exe -> [2006/10/30 16:59:34 | 00,024,576 | ---- | M] ()
ymsgr_tray.exe -> %ProgramFiles%\Yahoo!\Messenger\Ymsgr_tray.exe -> [2007/08/30 16:43:18 | 00,103,664 | ---- | M] (Yahoo! Inc.)
 
[Win32 Services - Safe List]
(AOL ACS) AOL Connectivity Service [Win32_Own | Auto | Stopped] -> %CommonProgramFiles%\AOL\ACS\acsd.exe -> [2008/07/30 08:27:04 | 00,041,768 | R--- | M] (AOL LLC)
(Apple Mobile Device) Apple Mobile Device [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -> [2008/11/07 14:28:16 | 00,132,424 | ---- | M] (Apple Inc.)
(aspnet_state) ASP.NET State Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -> [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation)
(Ati HotKey Poller) Ati HotKey Poller [Win32_Own | Auto | Running] -> %SystemRoot%\system32\ati2evxx.exe -> [2004/04/27 20:38:36 | 00,397,312 | ---- | M] ()
(ATTRcAppSvc) AT&T RcAppSvc [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\AT&T\Communication Manager\RcAppSvc.exe -> [2007/10/18 11:08:42 | 00,109,080 | ---- | M] (PCTEL)
(bmwebcfg) Bytemobile Web Configurator [Win32_Own | Auto | Running] -> %SystemRoot%\system32\bmwebcfg.exe -> [2007/10/18 11:08:32 | 00,118,784 | ---- | M] (Bytemobile, Inc.)
(Bonjour Service) Bonjour Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Bonjour\mDNSResponder.exe -> [2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.)
(clr_optimization_v2.0.50727_32) .NET Runtime Optimization Service v2.0.50727_X86 [Win32_Own | Auto | Running] -> %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -> [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation)
(FontCache3.0.0.0) Windows Presentation Foundation Font Cache 3.0.0.0 [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -> [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation)
(gusvc) Google Software Updater [Win32_Own | Auto | Stopped] -> %ProgramFiles%\Google\Common\Google Updater\GoogleUpdaterService.exe -> [2009/02/02 19:23:16 | 00,182,768 | ---- | M] (Google)
(helpsvc) Help and Support [Win32_Shared | Auto | Running] -> %SystemRoot%\PCHealth\HelpCtr\Binaries\pchsvc.dll -> [2008/04/13 16:12:02 | 00,038,400 | ---- | M] (Microsoft Corporation)
(idsvc) Windows CardSpace [Win32_Shared | Unknown | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -> [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation)
(iPod Service) iPod Service [Win32_Own | On_Demand | Running] -> %ProgramFiles%\iPod\bin\iPodService.exe -> [2009/01/06 13:06:24 | 00,536,872 | ---- | M] (Apple Inc.)
(JavaQuickStarterService) Java Quick Starter [Win32_Own | Auto | Running] -> %ProgramFiles%\Java\jre6\bin\jqs.exe -> [2009/01/14 23:23:36 | 00,152,984 | ---- | M] (Sun Microsystems, Inc.)
(lxcj_device) lxcj_device [Win32_Own | Auto | Running] -> %SystemRoot%\system32\lxcjcoms.exe -> [2007/01/30 06:30:39 | 00,537,520 | ---- | M] ( )
(MBackMonitor) MBackMonitor [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\McAfee\MBK\MBackMonitor.exe -> [2008/07/10 14:42:56 | 00,066,848 | ---- | M] (McAfee)
(McAfee SiteAdvisor Service) McAfee SiteAdvisor Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\SiteAdvisor\McSACore.exe -> [2008/12/05 15:51:06 | 00,206,096 | ---- | M] ()
(mcmscsvc) McAfee Services [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MSC\mcmscsvc.exe -> [2008/10/10 16:16:00 | 00,792,696 | ---- | M] (McAfee, Inc.)
(McNASvc) McAfee Network Agent [Win32_Own | Auto | Running] -> %CommonProgramFiles%\McAfee\MNA\McNASvc.exe -> [2008/07/18 08:02:52 | 02,482,848 | ---- | M] (McAfee, Inc.)
(McODS) McAfee Scanner [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\McAfee\VirusScan\mcods.exe -> [2008/06/20 13:10:22 | 00,361,800 | ---- | M] (McAfee, Inc.)
(McProxy) McAfee Proxy Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\McAfee\McProxy\McProxy.exe -> [2008/07/09 14:49:10 | 00,358,736 | ---- | M] (McAfee, Inc.)
(McShield) McAfee Real-time Scanner [Win32_Own | Unknown | Running] -> %ProgramFiles%\McAfee\VirusScan\Mcshield.exe -> [2008/06/20 05:41:04 | 00,144,704 | ---- | M] (McAfee, Inc.)
(McSysmon) McAfee SystemGuards [Win32_Own | On_Demand | Running] -> %ProgramFiles%\McAfee\VirusScan\mcsysmon.exe -> [2008/09/16 10:04:12 | 00,605,512 | ---- | M] (McAfee, Inc.)
(MpfService) McAfee Personal Firewall Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MPF\MpfSrv.exe -> [2008/07/09 17:36:30 | 00,884,360 | ---- | M] (McAfee, Inc.)
(MSK80Service) McAfee Anti-Spam Service [Win32_Own | Auto | Running] -> %ProgramFiles%\McAfee\MSK\msksrver.exe -> [2008/07/09 13:35:34 | 00,025,416 | ---- | M] (McAfee, Inc.)
(NetTcpPortSharing) Net.Tcp Port Sharing Service [Win32_Shared | Disabled | Stopped] -> %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -> [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation)
(PACSPTISVR) PACSPTISVR [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\Pacsptisvr.exe -> [2003/12/09 05:38:14 | 00,065,625 | ---- | M] ()
(SNMP) SNMP Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\snmp.exe -> [2008/04/13 16:12:36 | 00,033,280 | ---- | M] (Microsoft Corporation)
(SNMPTRAP) SNMP Trap Service [Win32_Own | On_Demand | Stopped] -> %SystemRoot%\system32\snmptrap.exe -> [2008/04/13 16:12:36 | 00,008,704 | ---- | M] (Microsoft Corporation)
(SnoopFreeSvc) Snoop Free Service [Win32_Own | Auto | Running] -> %SystemRoot%\system32\SnoopFreeSvc.exe -> [2008/08/16 13:12:44 | 00,090,112 | ---- | M] ()
(SPTISRV) Sony SPTI Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\AVLib\Sptisrv.exe -> [2003/12/09 05:32:58 | 00,065,622 | ---- | M] (Sony Corporation)
(usnjsvc) Messenger Sharing Folders USN Journal Reader service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\MSN Messenger\usnsvc.exe -> [2007/01/19 11:54:14 | 00,097,136 | ---- | M] (Microsoft Corporation)
(VAIO Entertainment Aggregation and Control Service) VAIO Entertainment Aggregation and Control Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe -> [2004/03/12 16:33:54 | 00,118,784 | ---- | M] (Sony Corporation)
(VAIO Entertainment File Import Service) VAIO Entertainment File Import Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe -> [2004/03/12 16:32:38 | 00,086,098 | ---- | M] (Sony Corporation)
(VAIO Entertainment TV Device Arbitration Service) VAIO Entertainment TV Device Arbitration Service [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -> [2004/03/12 16:11:34 | 00,069,632 | ---- | M] (Sony Corporation)
(VAIO Entertainment UPnP Client Adapter) VAIO Entertainment UPnP Client Adapter [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe -> [2004/03/12 15:57:42 | 00,278,528 | ---- | M] (Sony Corporation)
(VAIOMediaPlatform-IntegratedServer-AppServer) VAIO Media Integrated Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Sony\vaio media integrated server\VMISrv.exe -> [2004/03/12 11:20:34 | 01,691,648 | ---- | M] (Sony Corporation)
(VAIOMediaPlatform-IntegratedServer-HTTP) VAIO Media Integrated Server (HTTP) [Win32_Shared | Auto | Running] -> %ProgramFiles%\Sony\vaio media integrated server\Platform\SV_Httpd.exe -> [2004/02/25 04:12:38 | 00,057,344 | ---- | M] (Sony Corporation)
(VAIOMediaPlatform-IntegratedServer-UPnP) VAIO Media Integrated Server (UPnP) [Win32_Own | Auto | Running] -> %ProgramFiles%\Sony\vaio media integrated server\Platform\UPnPFramework.exe -> [2004/02/25 04:22:06 | 00,737,280 | ---- | M] (Sony Corporation)
(VAIOMediaPlatform-Mobile-Gateway) VAIO Media Gateway Server [Win32_Shared | On_Demand | Stopped] -> %ProgramFiles%\Sony\vaio media integrated server\Platform\VmGateway.exe -> [2004/03/05 12:35:34 | 00,184,320 | ---- | M] (Sony Corporation)
(VAIOMediaPlatform-VideoServer-AppServer) VAIO Media Video Server [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Sony\vaio media integrated server\Video\GPVSvr.exe -> [2003/10/30 11:48:10 | 01,286,144 | ---- | M] (Sony Corporation)
(VAIOMediaPlatform-VideoServer-HTTP) VAIO Media Video Server (HTTP) [Win32_Shared | On_Demand | Stopped] -> %ProgramFiles%\Sony\vaio media integrated server\Platform\SV_Httpd.exe -> [2004/02/25 04:12:38 | 00,057,344 | ---- | M] (Sony Corporation)
(VAIOMediaPlatform-VideoServer-UPnP) VAIO Media Video Server (UPnP) [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Sony\vaio media integrated server\Platform\UPnPFramework.exe -> [2004/02/25 04:22:06 | 00,737,280 | ---- | M] (Sony Corporation)
(Viewpoint Manager Service) Viewpoint Manager Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Viewpoint\Common\ViewpointService.exe -> [2007/01/04 13:38:08 | 00,024,652 | ---- | M] (Viewpoint Corporation)
(WANMiniportService) WAN Miniport (ATW) Service [Win32_Own | Auto | Running] -> %SystemRoot%\wanmpsvc.exe -> [2003/08/27 09:27:44 | 00,065,536 | ---- | M] (America Online, Inc.)
(WebrootSpySweeperService) Webroot Spy Sweeper Engine [Win32_Own | Auto | Running] -> %ProgramFiles%\Webroot\Spy Sweeper\SpySweeper.exe -> [2008/11/12 16:02:14 | 03,667,312 | ---- | M] (Webroot Software, Inc. (www.webroot.com))
(WMPNetworkSvc) Windows Media Player Network Sharing Service [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Windows Media Player\wmpnetwk.exe -> [2006/10/18 19:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation)
(WRConsumerService) Webroot Client Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Webroot\Spy Sweeper\WRConsumerService.exe -> [2008/11/13 17:11:26 | 01,086,840 | ---- | M] (Webroot Software, Inc. )
(WudfSvc) Windows Driver Foundation - User-mode Driver Framework [Win32_Shared | On_Demand | Stopped] -> %SystemRoot%\system32\WudfSvc.dll -> [2006/09/28 17:56:14 | 00,055,808 | ---- | M] (Microsoft Corporation)
 
[Driver Services - Safe List]
(ALCXSENS) Service for WDM 3D Audio Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ALCXSENS.SYS -> [2003/12/11 23:54:14 | 00,391,424 | ---- | M] (Sensaura Ltd)
(ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ALCXWDM.SYS -> [2004/03/23 16:36:42 | 00,613,244 | ---- | M] (Realtek Semiconductor Corp.)
(AliIde) AliIde [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\aliide.sys -> [2003/03/31 04:00:00 | 00,005,248 | ---- | M] (Acer Laboratories Inc.)
(ApfiltrService) Alps Pointing-device Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Apfiltr.sys -> [2003/09/29 13:31:38 | 00,094,601 | ---- | M] (Alps Electric Co., Ltd.)
(AR5416) Atheros AR5008 Wireless Network Adapter Service [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\athw.sys -> [2008/04/03 04:03:08 | 01,333,152 | ---- | M] (Atheros Communications, Inc.)
(ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ati2mtag.sys -> [2004/04/27 20:39:58 | 00,729,088 | ---- | M] (ATI Technologies Inc.)
(caboagp) ATI Cabo AGP Filter [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\atisgkaf.SYS -> [2003/04/23 14:06:40 | 00,013,174 | ---- | M] (ATI Technologies Inc.)
(DMICall) Sony DMI Call service [Kernel | System | Running] -> %SystemRoot%\system32\drivers\DMICall.sys -> [2000/12/05 15:18:02 | 00,003,952 | R--- | M] (Sony Corporation)
(GEARAspiWDM) GEAR ASPI Filter Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\GEARAspiWDM.sys -> [2008/04/17 12:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.)
(gmer) gmer [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\gmer.sys -> [2009/02/16 14:36:13 | 00,085,969 | ---- | M] (GMER)
(GTFFBUS) GT FF BUS [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\gtffbus.sys -> [2007/06/15 14:35:28 | 00,017,024 | R--- | M] (Option N.V.)
(GTMNDISIRPXP) GT M 3G+ IRP NDIS [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Gtm51Irp.sys -> [2007/06/15 14:35:28 | 00,120,960 | R--- | M] (Option NV)
(GTPTSER) GT PT SER [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\gtptser.sys -> [2007/06/15 14:35:30 | 00,008,064 | R--- | M] (Option N.V.)
(GTUQBUS) GT UQ BUS [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\gtuqbus.sys -> [2007/06/15 14:35:30 | 00,036,992 | R--- | M] (Option N.V.)
(HSFHWALI) HSFHWALI [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSFHWALI.sys -> [2003/12/11 11:50:54 | 00,196,736 | ---- | M] (Conexant Systems, Inc.)
(HSF_DP) HSF_DP [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_DP.sys -> [2003/12/11 11:47:10 | 01,042,432 | ---- | M] (Conexant Systems, Inc.)
(LEX_AS_NIC_SERVICE_YNOS) LAN-Express AS IEEE 802.11g Wireless Network Adapter Service [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\ExpasAG.sys -> [2004/03/02 18:11:20 | 00,379,328 | ---- | M] (Atheros Communications, Inc.)
(LHidFlt2) Logitech HID/USB Mouse Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\LHidFlt2.Sys -> [2003/11/07 01:50:00 | 00,025,502 | ---- | M] (Logitech, Inc.)
(LMouFlt2) Logitech Mouse Class Filter Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\LMouFlt2.Sys -> [2003/11/07 01:50:00 | 00,070,798 | ---- | M] (Logitech, Inc.)
(mdmxsdk) mdmxsdk [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\mdmxsdk.sys -> [2003/04/09 13:48:08 | 00,011,043 | ---- | M] (Conexant)
(mfeavfk) McAfee Inc. mfeavfk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\mfeavfk.sys -> [2008/06/27 06:08:40 | 00,079,240 | ---- | M] (McAfee, Inc.)
(mfebopk) McAfee Inc. mfebopk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\mfebopk.sys -> [2008/06/27 06:08:40 | 00,035,240 | ---- | M] (McAfee, Inc.)
(mfehidk) McAfee Inc. mfehidk [Kernel | System | Running] -> %SystemRoot%\system32\drivers\mfehidk.sys -> [2008/06/27 06:08:40 | 00,207,656 | ---- | M] (McAfee, Inc.)
(mferkdk) McAfee Inc. mferkdk [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\mferkdk.sys -> [2008/06/20 05:41:38 | 00,034,152 | ---- | M] (McAfee, Inc.)
(mfesmfk) McAfee Inc. mfesmfk [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\mfesmfk.sys -> [2008/06/27 06:08:40 | 00,040,488 | ---- | M] (McAfee, Inc.)
(MPFP) MPFP [Kernel | System | Running] -> %SystemRoot%\system32\drivers\Mpfp.sys -> [2008/06/02 14:55:42 | 00,120,136 | ---- | M] (McAfee, Inc.)
(PCTINDIS5) PCTINDIS5 NDIS Protocol Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\PCTINDIS5.sys -> [2007/10/18 11:08:32 | 00,032,160 | ---- | M] (PCTEL Inc.)
(Ptilink) Direct Parallel Link Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\ptilink.sys -> [2003/03/31 04:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.)
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\pxhelp20.sys -> [2006/10/18 02:00:00 | 00,036,624 | ---- | M] (Sonic Solutions)
(RimVSerPort) RIM Virtual Serial Port v2 [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\RimSerial.sys -> [2007/10/18 11:08:16 | 00,026,368 | R--- | M] (Research in Motion Ltd)
(ROOTMODEM) Microsoft Legacy Modem Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\rootmdm.sys -> [2003/03/31 04:00:00 | 00,005,888 | ---- | M] (Microsoft Corporation)
(RTL8023) Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\Rtlnic51.sys -> [2003/11/07 10:28:34 | 00,067,712 | ---- | M] (Realtek Semiconductor Corporation                           )
(RTL8023xp) Realtek 10/100/1000 PCI NIC Family NDIS XP Driver [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\Rtnicxp.sys -> [2008/02/25 11:54:56 | 00,105,088 | ---- | M] (Realtek Semiconductor Corporation                           )
(Secdrv) Secdrv [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\secdrv.sys -> [2007/11/13 02:25:53 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
(SNC) Sony Notebook Control Device [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\SonyNC.sys -> [2000/11/09 19:15:08 | 00,048,896 | ---- | M] (Sony Corporation)
(SnoopFree) SnoopFree Driver [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\SnopFree.sys -> [2008/08/16 13:12:46 | 00,009,472 | ---- | M] ()
(SONYPVU1) Sony USB Filter Driver (SONYPVU1) [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\SONYPVU1.SYS -> [2001/08/17 13:56:16 | 00,007,552 | ---- | M] (Sony Corporation)
(ssfs0bbc) ssfs0bbc [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\ssfs0bbc.sys -> [2008/11/12 16:02:26 | 00,029,808 | ---- | M] (Webroot Software, Inc. (www.webroot.com))
(SSHRMD) SSHRMD [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\sshrmd.sys -> [2008/11/12 16:02:26 | 00,023,152 | ---- | M] (Webroot Software, Inc. (www.webroot.com))
(SSIDRV) SSIDRV [Kernel | Boot | Running] -> %SystemRoot%\system32\drivers\ssidrv.sys -> [2008/11/12 16:02:28 | 00,170,608 | ---- | M] (Webroot Software, Inc. (www.webroot.com))
(SSKBFD) Webroot Spy Sweeper Keylogger Shield Keyboard Filter [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\sskbfd.sys -> [2006/10/08 11:03:36 | 00,021,056 | ---- | M] (Webroot Software Inc (www.webroot.com))
(swmsflt) swmsflt [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\swmsflt.sys -> [2007/10/18 11:08:48 | 00,025,736 | R--- | M] ()
(tcpipBM) Bytemobile Kernel Network Provider [Kernel | System | Running] -> %SystemRoot%\system32\drivers\tcpipBM.sys -> [2007/10/18 11:08:30 | 00,018,816 | ---- | M] (Bytemobile, Inc.)
(tifmsony) tifmsony [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\tifmsony.sys -> [2004/03/04 12:51:20 | 00,064,512 | ---- | M] (Texas Instruments)
(tmcomm) tmcomm [Kernel | Auto | Running] -> %SystemRoot%\system32\drivers\tmcomm.sys -> [2008/06/21 10:41:46 | 00,102,664 | ---- | M] (Trend Micro Inc.)
(USBAAPL) Apple Mobile USB Driver [Kernel | On_Demand | Stopped] -> %SystemRoot%\system32\drivers\usbaapl.sys -> [2008/10/01 12:01:28 | 00,032,000 | ---- | M] (Apple, Inc.)
(wanatw) WAN Miniport (ATW) [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\wanatw4.sys -> [2003/01/10 13:13:04 | 00,033,588 | R--- | M] (America Online, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Running] -> %SystemRoot%\system32\drivers\HSF_CNXT.sys -> [2003/12/11 11:48:46 | 00,681,344 | ---- | M] (Conexant Systems, Inc.)
(WS2IFSL) Windows Socket 2.0 Non-IFS Service Provider Support Environment [Kernel | System | Running] -> %SystemRoot%\system32\drivers\ws2ifsl.sys -> [2003/03/31 04:00:00 | 00,012,032 | ---- | M] (Microsoft Corporation)
 
[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Page_URL" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Search_URL" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_LOCAL_MACHINE\: Main\\"Default_Secondary_Page_URL" ->  -> 
HKEY_LOCAL_MACHINE\: Main\\"Extensions Off Page" -> about:NoAdd-ons -> 
HKEY_LOCAL_MACHINE\: Main\\"Local Page" -> %SystemRoot%\system32\blank.htm -> 
HKEY_LOCAL_MACHINE\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_LOCAL_MACHINE\: Main\\"Security Risk Page" -> about:SecurityRisk -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home -> 
HKEY_LOCAL_MACHINE\: Search\\"CustomizeSearch" -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm -> 
HKEY_LOCAL_MACHINE\: Search\\"Default_Search_URL" -> http://www.google.com/ie -> 
HKEY_LOCAL_MACHINE\: Search\\"SearchAssistant" -> http://www.google.com/ie -> 
HKEY_LOCAL_MACHINE\: URLSearchHooks\\"{EA756889-2338-43DB-8F07-D1CA6FB9C90D}" [HKLM] -> %ProgramFiles%\AOL Toolbar\aoltb.dll [IAOLTBSearch Class] -> [2008/07/07 12:36:06 | 01,275,232 | ---- | M] (AOL LLC)
< Internet Explorer Settings [HKEY_CURRENT_USER\] > -> -> 
HKEY_CURRENT_USER\: Main\\"Local Page" -> C:\WINDOWS\system32\blank.htm -> 
HKEY_CURRENT_USER\: Main\\"Page_Transitions" ->  -> 
HKEY_CURRENT_USER\: Main\\"Search Page" -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch -> 
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultName" -> Google -> 
HKEY_CURRENT_USER\: Main\\"SearchMigratedDefaultURL" -> http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 -> 
HKEY_CURRENT_USER\: Main\\"Start Page" -> http://pogo.com/ -> 
HKEY_CURRENT_USER\: Search\\"SearchAssistant" -> http://www.google.com/ie -> 
HKEY_CURRENT_USER\: SearchURL\\"" -> http://www.google.com/search?q=%s -> 
HKEY_CURRENT_USER\: URLSearchHooks\\"{EA756889-2338-43DB-8F07-D1CA6FB9C90D}" [HKLM] -> %ProgramFiles%\AOL Toolbar\aoltb.dll [IAOLTBSearch Class] -> [2008/07/07 12:36:06 | 01,275,232 | ---- | M] (AOL LLC)
HKEY_CURRENT_USER\: "ProxyEnable" -> 0 -> 
< HOSTS File > (734 bytes and 19 lines) -> C:\WINDOWS\System32\drivers\etc\Hosts -> 
127.0.0.1       localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [&Yahoo! Toolbar Helper] -> [2008/07/28 02:47:40 | 00,882,416 | ---- | M] (Yahoo! Inc.)
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %CommonProgramFiles%\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> [2006/10/22 23:08:42 | 00,062,080 | ---- | M] (Adobe Systems Incorporated)
{27B4851A-3207-45A2-B947-BE8AFE6163AB} [HKLM] -> %ProgramFiles%\McAfee\MSK\mskapbho.dll [McAfee Phishing Filter] -> [2008/10/17 11:45:10 | 00,247,312 | ---- | M] ()
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre6\bin\ssv.dll [Java(tm) Plug-In SSV Helper] -> [2009/01/14 23:23:45 | 00,320,920 | ---- | M] (Sun Microsystems, Inc.)
{7C554162-8CB7-45A4-B8F4-8EA1C75885F9} [HKLM] -> %ProgramFiles%\AOL Toolbar\aoltb.dll [AOL Toolbar Loader] -> [2008/07/07 12:36:06 | 01,275,232 | ---- | M] (AOL LLC)
{7DB2D5A0-7241-4E79-B68D-6309F01C5231} [HKLM] -> %ProgramFiles%\McAfee\VirusScan\scriptsn.dll [scriptproxy] -> [2008/06/20 05:41:56 | 00,058,688 | ---- | M] (McAfee, Inc.)
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> %CommonProgramFiles%\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [Windows Live Sign-in Helper] -> [2007/12/14 11:54:06 | 00,392,240 | ---- | M] (Microsoft Corporation)
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [HKLM] -> %ProgramFiles%\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll [Google Toolbar Notifier BHO] -> [2007/11/06 00:22:38 | 00,654,832 | ---- | M] (Google Inc.)
{B164E929-A1B6-4A06-B104-2CD0E90A88FF} [HKLM] -> %ProgramFiles%\McAfee\SiteAdvisor\McIEPlg.dll [McAfee SiteAdvisor BHO] -> [2008/11/14 12:25:26 | 00,150,032 | ---- | M] ()
{DBC80044-A445-435b-BC74-9C25C1C588A9} [HKLM] -> %ProgramFiles%\Java\jre6\bin\jp2ssv.dll [Java(tm) Plug-In 2 SSV Helper] -> [2009/01/14 23:23:35 | 00,034,816 | ---- | M] (Sun Microsystems, Inc.)
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} [HKLM] -> %ProgramFiles%\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [JQSIEStartDetectorImpl Class] -> [2009/01/14 23:23:49 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.)
{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [SingleInstance Class] -> [2008/07/28 02:47:42 | 00,160,496 | ---- | M] (Yahoo! Inc)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}" [HKLM] -> %ProgramFiles%\McAfee\SiteAdvisor\McIEPlg.dll [McAfee SiteAdvisor Toolbar] -> [2008/11/14 12:25:26 | 00,150,032 | ---- | M] ()
"{DE9C389F-3316-41A7-809B-AA305ED9D922}" [HKLM] -> %ProgramFiles%\AOL Toolbar\aoltb.dll [AOL Toolbar] -> [2008/07/07 12:36:06 | 01,275,232 | ---- | M] (AOL LLC)
"{EF99BD32-C1FB-11D2-892F-0090271D4F88}" [HKLM] -> %ProgramFiles%\Yahoo!\Companion\Installs\cpn\yt.dll [Yahoo! Toolbar] -> [2008/07/28 02:47:40 | 00,882,416 | ---- | M] (Yahoo! Inc.)
"SITEguard" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ -> 
ShellBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.] -> File not found
WebBrowser\\"{DE9C389F-3316-41A7-809B-AA305ED9D922}" [HKLM] -> %ProgramFiles%\AOL Toolbar\aoltb.dll [AOL Toolbar] -> [2008/07/07 12:36:06 | 01,275,232 | ---- | M] (AOL LLC)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"Adobe Reader Speed Launcher" -> %ProgramFiles%\Adobe\Reader 8.0\Reader\reader_sl.exe ["C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"] -> [2008/10/15 01:04:34 | 00,039,792 | ---- | M] (Adobe Systems Incorporated)
"AppleSyncNotifier" -> %CommonProgramFiles%\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe ["C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"] -> [2008/11/07 14:16:58 | 00,111,936 | ---- | M] (Apple Inc.)
"AT&T Communication Manager" -> %ProgramFiles%\AT&T\Communication Manager\ATTCM.exe ["C:\Program Files\AT&T\Communication Manager\ATTCM.exe" -a] -> [2007/10/18 11:08:36 | 00,033,280 | ---- | M] (ATT)
"ATIPTA" -> %ProgramFiles%\ATI Technologies\ATI Control Panel\atiptaxx.exe ["C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"] -> [2004/04/27 20:10:00 | 00,335,872 | ---- | M] (ATI Technologies, Inc.)
"EzPrint" -> %ProgramFiles%\Lexmark 8300 Series\ezprint.exe ["C:\Program Files\Lexmark 8300 Series\ezprint.exe"] -> [2007/01/30 06:35:59 | 00,103,344 | ---- | M] (Lexmark International Inc.)
"ezShieldProtector for Px" -> %SystemRoot%\system32\ezSP_Px.exe ["C:\WINDOWS\system32\ezSP_Px.exe"] -> [2002/08/20 10:29:26 | 00,040,960 | ---- | M] (Easy Systems Japan Ltd.)
"HKSERV.EXE" -> %ProgramFiles%\Sony\HotKey Utility\HKServ.exe ["C:\Program Files\Sony\HotKey Utility\HKserv.exe"] -> [2004/02/12 22:01:24 | 00,098,304 | ---- | M] (Sony Corporation)
"HostManager" -> %CommonProgramFiles%\AOL\1188181604\ee\aolsoftware.exe ["C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe"] -> [2008/06/24 10:34:50 | 00,041,824 | ---- | M] (AOL LLC)
"iTunesHelper" -> %ProgramFiles%\iTunes\iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe"] -> [2009/01/06 13:06:36 | 00,290,088 | ---- | M] (Apple Inc.)
"KernelFaultCheck" -> %SystemRoot%\system32\dumprep.exe ["C:\WINDOWS\system32\dumprep.exe" 0 -k] -> [2008/04/13 16:12:18 | 00,010,752 | ---- | M] (Microsoft Corporation)
"Logitech Utility" -> %SystemRoot%\LOGI_MWX.EXE ["C:\WINDOWS\Logi_MwX.Exe"] -> [2003/11/07 01:50:00 | 00,019,968 | ---- | M] (Logitech Inc.)
"LWBMOUSE" -> %ProgramFiles%\COMPAQ\CPQ650TP\Ver. 2.3\LwbWheel.exe ["C:\Program Files\COMPAQ\CPQ650TP\Ver. 2.3\LWBWHEEL.exe"] -> [2003/05/18 19:24:20 | 00,438,272 | ---- | M] ()
"LXCJCATS" -> %SystemRoot%\system32\spool\drivers\w32x86\3\lxcjtime.dll [rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCJtime.dll,_RunDLLEntry@16] -> [2006/11/21 09:27:06 | 00,106,496 | ---- | M] (Lexmark International Inc.)
"lxcjmon.exe" -> %ProgramFiles%\Lexmark 8300 Series\lxcjmon.exe ["C:\Program Files\Lexmark 8300 Series\lxcjmon.exe"] -> [2007/01/30 06:32:06 | 00,205,744 | ---- | M] (Lexmark International, Inc.)
"mcagent_exe" -> %ProgramFiles%\McAfee.com\Agent\mcagent.exe ["C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey] -> [2008/07/11 16:48:54 | 00,641,208 | ---- | M] (McAfee, Inc.)
"McENUI" -> %ProgramFiles%\McAfee\MHN\McENUI.exe ["C:\PROGRA~1\McAfee\MHN\McENUI.exe" /hide] -> [2008/06/13 02:59:26 | 01,176,808 | ---- | M] (McAfee, Inc.)
"QuickTime Task" -> %ProgramFiles%\QuickTime\QTTask.exe ["C:\Program Files\QuickTime\qttask.exe" -atboottime] -> [2009/01/05 16:18:48 | 00,413,696 | ---- | M] (Apple Inc.)
"RegFixPro" -> %ProgramFiles%\RegFixPro\RegFixPro.exe ["C:\Program Files\RegFixPro\RegFixPro.exe"] -> [2008/12/17 11:16:52 | 30,224,384 | ---- | M] (PC Utility Inc.)
"SnoopFreeUI" -> %SystemRoot%\SnoopFreeUI.exe [SnoopFreeUI.exe] -> [2008/08/16 13:12:47 | 00,221,184 | ---- | M] (SnoopFree Software)
"SonyPowerCfg" -> %ProgramFiles%\Sony\VAIO Power Management\SPMgr.exe ["C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"] -> [2003/12/11 22:03:06 | 00,167,936 | ---- | M] (Sony Corporation)
"SpySweeper" ->  ["C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray] -> File not found
"SunJavaUpdateSched" -> %ProgramFiles%\Java\jre6\bin\jusched.exe ["C:\Program Files\Java\jre6\bin\jusched.exe"] -> [2009/01/14 23:23:38 | 00,136,600 | ---- | M] (Sun Microsystems, Inc.)
"TkBellExe" -> %CommonProgramFiles%\Real\Update_OB\realsched.exe ["C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot] -> [2008/12/22 18:18:12 | 00,185,896 | ---- | M] (RealNetworks, Inc.)
"VAIO Recovery" -> %SystemRoot%\SONYSYS\VAIO Recovery\Partseal.exe ["C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe"] -> [2003/04/19 21:08:44 | 00,028,672 | ---- | M] (Sony Electronics Inc)
"VAIO Update 2" ->  ["C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary] -> File not found
"VMConsole.exe" -> %ProgramFiles%\Sony\vaio media integrated server\Platform\VMConsole.exe ["C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe" /windowmin] -> [2004/02/25 05:08:40 | 00,536,576 | ---- | M] (Sony Corporation)
"WrtMon.exe" -> %SystemRoot%\system32\spool\drivers\w32x86\3\WrtMon.exe ["C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe"] -> [2006/09/20 08:35:26 | 00,020,480 | ---- | M] ()
< Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"Microsoft Location Finder" -> %ProgramFiles%\Microsoft Location Finder\LocationFinder.exe ["C:\Program Files\Microsoft Location Finder\LocationFinder.exe"] -> [2006/11/14 12:22:10 | 00,121,640 | ---- | M] (Microsoft Corporation)
"MSMSGS" -> %ProgramFiles%\Messenger\msmsgs.exe ["C:\Program Files\Messenger\msmsgs.exe" /background] -> [2008/04/13 16:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
"Yahoo! Pager" -> %ProgramFiles%\Yahoo!\Messenger\YahooMessenger.exe ["C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet] -> [2007/08/30 16:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.)
< All Users Startup Folder > -> C:\Documents and Settings\All Users\Start Menu\Programs\Startup -> 
%AllUsersProfile%\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk -> %ProgramFiles%\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe -> [2007/12/22 21:43:43 | 00,169,472 | ---- | M] (Logitech)
%AllUsersProfile%\Start Menu\Programs\Startup\Microsoft Office.lnk -> %ProgramFiles%\Microsoft Office\Office10\OSA.EXE -> [2001/02/13 01:01:04 | 00,083,360 | ---- | M] (Microsoft Corporation)
%AllUsersProfile%\Start Menu\Programs\Startup\Office Startup.lnk -> %ProgramFiles%\Microsoft Office\Office\OSA.EXE -> [1997/07/11 00:00:00 | 00,051,984 | ---- | M] ()
%AllUsersProfile%\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk -> %ProgramFiles%\Quicken\bagent.exe -> [2003/10/02 13:08:08 | 00,057,344 | ---- | M] (Intuit Inc.)
< Della Startup Folder > -> C:\Documents and Settings\Della\Start Menu\Programs\Startup -> 
%UserProfile%\Start Menu\Programs\Startup\AOL Desktop.lnk -> %CommonProgramFiles%\AOL\Launch\aollaunch.exe -> [2008/06/24 10:34:51 | 00,041,824 | ---- | M] (AOL LLC)
< Software Policy Settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
< Software Policy Settings [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [255] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"dontdisplaylastusername" ->  [0] -> File not found
\\"legalnoticecaption" ->  [] -> File not found
\\"legalnoticetext" ->  [] -> File not found
\\"shutdownwithoutlogon" ->  [1] -> File not found
\\"undockwithoutlogon" ->  [1] -> File not found
< CurrentVersion Policy Settings - Explorer [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" ->  [255] -> File not found
< CurrentVersion Policy Settings - System [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< Internet Explorer Menu Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\ -> 
&AOL Toolbar Search -> %AllUsersProfile%\Application Data\AOL\ieToolbar\resources\en-US\local\search.html [C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html] -> [2008/05/22 06:44:38 | 00,000,747 | ---- | M] ()
E&xport to Microsoft Excel -> %SystemDrive%\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE [res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000] -> File not found
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{85d1f590-48f4-11d9-9669-0800200c9a66}:Exec [HKLM] -> %SystemRoot%\bdoscandel.exe [Menu: Uninstall BitDefender Online Scanner v8] -> File not found
{e2e2dd38-d088-4134-82b7-f2ba38496583}:Exec [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [Menu: @xpsp3res.dll,-20001] -> [2008/04/13 10:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Button: Messenger] -> [2008/04/13 16:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
{FB5F1910-F110-11d2-BB9E-00C04F795683}:Exec [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Menu: Windows Messenger] -> [2008/04/13 16:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Extensions [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{08B0E5C0-4FCB-11CF-AAA5-00401C608501}" [HKLM] ->  [Reg Error: Value  does not exist or could not be read.] -> File not found
CmdMapping\\"{4982D40A-C53B-4615-B15B-B5B5E98D167C}" [HKLM] ->  [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\"{85d1f590-48f4-11d9-9669-0800200c9a66}" [HKLM] -> %SystemRoot%\bdoscandel.exe [Uninstall BitDefender Online Scanner v8] -> File not found
CmdMapping\\"{92780B25-18CC-41C8-B9BE-3C9C571A8263}" [HKLM] ->  [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\"{AC9E2541-2814-11d5-BC6D-00B0D0A1DE45}" [HKLM] ->  [Reg Error: Key does not exist or could not be opened.] -> File not found
CmdMapping\\"{e2e2dd38-d088-4134-82b7-f2ba38496583}" [HKLM] -> %SystemRoot%\network diagnostic\xpnetdiag.exe [@xpsp3res.dll,-20001] -> [2008/04/13 10:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
CmdMapping\\"{FB5F1910-F110-11d2-BB9E-00C04F795683}" [HKLM] -> %ProgramFiles%\Messenger\msmsgs.exe [Messenger] -> [2008/04/13 16:12:28 | 01,695,232 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ -> 
PluginsPageFriendlyName -> Microsoft ActiveX Gallery -> 
PluginsPage -> http://activex.microsoft.com/controls/find.asp?ext=%s&mime=%s -> 
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 1 domain(s) found. -> 
1 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 4 domain(s) found. -> 
objects_aol.com [*] -> Out of zone range - ( 5 ) -> 
internet .[about] -> Trusted sites -> 
mcafee.com .[http] -> Trusted sites -> 
mcafee.com .[https] -> Trusted sites -> 
housecall_trendmicro.com [https] -> Trusted sites -> 
2 domain(s) and sub-domain(s) not assigned to a zone.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{02BCC737-B171-4746-94C9-0D8A0B2C0089} [HKLM] -> http://office.microsoft.com/templates/ieawsdc.cab [Microsoft Office Template and Media Control] -> 
{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} [HKLM] -> http://download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab [Office Genuine Advantage Validation Tool] -> 
{149E45D8-163E-4189-86FC-45022AB2B6C9} [HKLM] -> file:///C:/Program%20Files/Hidden%20Expedition%20-%20Titanic/Images/stg_drm.ocx [Reg Error: Key does not exist or could not be opened.] -> 
{3107C2A8-9F0B-4404-A58B-21BD85268FBC} [HKLM] -> http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB [PogoWebLauncher Control] -> 
{5ED80217-570B-4DA9-BF44-BE107C0EC166} [HKLM] -> http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab [Windows Live Safety Center Base Module] -> 
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [HKLM] -> http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194341918252 [MUWebControl Class] -> 
{8AD9C840-044E-11D1-B3E9-00805F499D93} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> 
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} [HKLM] -> http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab [Reg Error: Key does not exist or could not be opened.] -> 
{B8BE5E93-A60C-4D26-A2DC-220313175592} [HKLM] -> http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab [MSN Games - Installer] -> 
{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab [Java Plug-in 1.6.0_11] -> 
{CC450D71-CC90-424C-8638-1F2DBAC87A54} [HKLM] -> file:///C:/Program%20Files/Hidden%20Expedition%20-%20Titanic/Images/armhelper.ocx [Reg Error: Key does not exist or could not be opened.] -> 
{EF791A6B-FC12-4C68-99EF-FB9E207A39E6} [HKLM] -> http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5142/mcfscan.cab [McFreeScan Class] -> 
< DNS Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ -> 
{6BBF6D47-DFB5-4A3C-9871-AF42EE397368} ->    (1394 Net Adapter) -> 
{84258BDA-B613-4886-AC29-8C9290DDA47A} ->    (Realtek RTL8139/810x Family Fast Ethernet NIC) -> 
{ADDFD7C8-9609-4B33-A67C-5180EEEF3BA0} ->    (LAN-Express AS IEEE 802.11g miniPCI Adapter) -> 
{CA5B2E33-97EA-4CB5-84CE-25D01021AC02} ->    (GlobeTrotter HSDPA Network Card) -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
AtiExtEvent -> %SystemRoot%\system32\ati2evxx.dll -> [2004/04/27 20:38:40 | 00,086,016 | ---- | M] ()
< Domain Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List -> 
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 10:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 16:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"C:\Program Files\America Online 9.0\waol.exe" -> C:\Program Files\America Online 9.0\waol.exe [C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0] -> File not found
"C:\Program Files\AOL 9.0\waol.exe" -> C:\Program Files\AOL 9.0\waol.exe [C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0] -> File not found
"C:\Program Files\AOL 9.1\waol.exe" -> C:\Program Files\AOL 9.1\waol.exe [C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL 9.1] -> File not found
"C:\Program Files\AOL 9.1a\waol.exe" -> C:\Program Files\AOL 9.1a\waol.exe [C:\Program Files\AOL 9.1a\waol.exe:*:Enabled:AOL 9.1a] -> File not found
"C:\Program Files\AOL 9.1b\waol.exe" -> C:\Program Files\AOL 9.1b\waol.exe [C:\Program Files\AOL 9.1b\waol.exe:*:Enabled:AOL 9.1b] -> File not found
"C:\Program Files\AOL 9.1c\waol.exe" -> C:\Program Files\AOL 9.1c\waol.exe [C:\Program Files\AOL 9.1c\waol.exe:*:Enabled:AOL 9.1c] -> [2008/06/02 21:36:06 | 00,039,264 | ---- | M] (AOL, LLC.)
"C:\Program Files\MSN Messenger\livecall.exe" -> C:\Program Files\MSN Messenger\livecall.exe [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> [2007/01/04 15:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1] -> [2007/01/19 11:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
"%windir%\Network Diagnostic\xpnetdiag.exe" -> C:\WINDOWS\network diagnostic\xpnetdiag.exe [%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000] -> [2008/04/13 10:53:32 | 00,558,080 | ---- | M] (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" -> C:\WINDOWS\system32\sessmgr.exe [%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019] -> [2008/04/13 16:12:34 | 00,141,312 | ---- | M] (Microsoft Corporation)
"C:\Program Files\AIM6\aim6.exe" -> C:\Program Files\AIM6\aim6.exe [C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM] -> [2008/08/06 07:21:06 | 00,050,472 | ---- | M] (AOL LLC)
"C:\Program Files\America Online 9.0\waol.exe" -> C:\Program Files\America Online 9.0\waol.exe [C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0] -> File not found
"C:\Program Files\AOL 9.0\waol.exe" -> C:\Program Files\AOL 9.0\waol.exe [C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL 9.0] -> File not found
"C:\Program Files\AOL 9.1\waol.exe" -> C:\Program Files\AOL 9.1\waol.exe [C:\Program Files\AOL 9.1\waol.exe:*:Enabled:AOL 9.1] -> File not found
"C:\Program Files\AOL 9.1a\waol.exe" -> C:\Program Files\AOL 9.1a\waol.exe [C:\Program Files\AOL 9.1a\waol.exe:*:Enabled:AOL 9.1a] -> File not found
"C:\Program Files\AOL 9.1b\waol.exe" -> C:\Program Files\AOL 9.1b\waol.exe [C:\Program Files\AOL 9.1b\waol.exe:*:Enabled:AOL 9.1b] -> File not found
"C:\Program Files\AOL 9.1c\waol.exe" -> C:\Program Files\AOL 9.1c\waol.exe [C:\Program Files\AOL 9.1c\waol.exe:*:Enabled:AOL 9.1c] -> [2008/06/02 21:36:06 | 00,039,264 | ---- | M] (AOL, LLC.)
"C:\Program Files\Bonjour\mDNSResponder.exe" -> C:\Program Files\Bonjour\mDNSResponder.exe [C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour] -> [2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.)
"C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe" -> C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe [C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe:*:Enabled:AOL Desktop] -> [2008/06/24 10:34:50 | 00,041,824 | ---- | M] (AOL LLC)
"C:\Program Files\Common Files\AOL\1188181604\ee\aolsoftware.exe" -> C:\Program Files\Common Files\AOL\1188181604\ee\aolsoftware.exe [C:\Program Files\Common Files\AOL\1188181604\ee\aolsoftware.exe:*:Enabled:AOL Shared Components] -> [2008/06/24 10:34:50 | 00,041,824 | ---- | M] (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe [C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe:*:Enabled:AOL Connectivity Service] -> [2006/10/23 04:50:35 | 00,046,640 | ---- | M] (AOL LLC)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" -> C:\Program Files\Common Files\AOL\ACS\AOLDial.exe [C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL Connectivity Service Dialer] -> [2006/10/23 04:50:37 | 00,071,216 | R--- | M] (AOL LLC)
"C:\Program Files\Common Files\AOL\Loader\aolload.exe" -> C:\Program Files\Common Files\AOL\Loader\aolload.exe [C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader] -> [2006/11/02 23:17:27 | 00,010,800 | ---- | M] (AOL LLC)
"C:\Program Files\Common Files\AOL\System Information\sinf.exe" -> C:\Program Files\Common Files\AOL\System Information\sinf.exe [C:\Program Files\Common Files\AOL\System Information\sinf.exe:*:Enabled:AOL System Information] -> [2007/09/17 05:02:47 | 00,206,176 | ---- | M] (AOL LLC)
"C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe" -> C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe [C:\Program Files\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe:*:Enabled:AOL TopSpeed] -> [2007/04/02 04:33:32 | 00,063,120 | ---- | M] (AOL LLC)
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" -> C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe [C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent] -> [2008/07/18 08:02:52 | 02,482,848 | ---- | M] (McAfee, Inc.)
"C:\Program Files\iTunes\iTunes.exe" -> C:\Program Files\iTunes\iTunes.exe [C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes] -> [2009/01/06 13:06:28 | 14,294,824 | ---- | M] (Apple Inc.)
"C:\Program Files\MSN Messenger\livecall.exe" -> C:\Program Files\MSN Messenger\livecall.exe [C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)] -> [2007/01/04 15:10:02 | 00,297,752 | ---- | M] (Microsoft Corporation)
"C:\Program Files\MSN Messenger\msnmsgr.exe" -> C:\Program Files\MSN Messenger\msnmsgr.exe [C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1] -> [2007/01/19 11:54:56 | 05,674,352 | ---- | M] (Microsoft Corporation)
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -> C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger] -> [2007/08/30 16:43:18 | 04,670,704 | ---- | M] (Yahoo! Inc.)
"C:\Program Files\Yahoo!\Messenger\YServer.exe" -> C:\Program Files\Yahoo!\Messenger\YServer.exe [C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server] -> [2007/08/30 16:43:18 | 00,091,376 | ---- | M] (Yahoo! Inc.)
"C:\WINDOWS\system32\dpvsetup.exe" -> C:\WINDOWS\system32\dpvsetup.exe [C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test] -> [2008/04/13 16:12:18 | 00,083,456 | ---- | M] (Microsoft Corporation)
"C:\WINDOWS\system32\lxcjcoms.exe" -> C:\WINDOWS\system32\lxcjcoms.exe [C:\WINDOWS\system32\lxcjcoms.exe:*:Enabled:8300 Series Server] -> [2007/01/30 06:30:39 | 00,537,520 | ---- | M] ( )
"C:\WINDOWS\system32\spool\drivers\w32x86\3\lxcjpswx.exe" -> C:\WINDOWS\system32\spool\drivers\w32x86\3\lxcjpswx.exe [C:\WINDOWS\system32\spool\drivers\w32x86\3\lxcjpswx.exe:*:Enabled:8300 Series Printer Status] -> [2007/01/30 06:30:58 | 00,189,360 | ---- | M] ()
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
"AlternateShell" -> cmd.exe -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> CD-ROM Driver -> 
"ImagePath" -> %SystemRoot%\system32\drivers\cdrom.sys [System32\DRIVERS\cdrom.sys] -> [2008/04/13 10:40:46 | 00,062,976 | ---- | M] (Microsoft Corporation)
< Drives with AutoRun files > ->  -> 
C:\AUTOEXEC.BAT [] -> %SystemDrive%\AUTOEXEC.BAT [ NTFS ] -> [2004/05/14 17:43:58 | 00,000,000 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
 
 
[Files/Folders - Created Within 30 Days]
Blacklight -> %SystemDrive%\Blacklight -> [2009/02/18 18:41:09 | 00,000,000 | ---D | C]
The History of APRONS.doc -> %UserProfile%\My Documents\The History of APRONS.doc -> [2009/02/17 20:36:32 | 00,022,528 | ---- | C] ()
GMER scan 2-16.CLP -> %UserProfile%\My Documents\GMER scan 2-16.CLP -> [2009/02/16 18:30:38 | 01,773,163 | ---- | C] ()
gmer.ini -> %SystemRoot%\gmer.ini -> [2009/02/16 14:36:19 | 00,000,250 | ---- | C] ()
gmer.dll -> %SystemRoot%\gmer.dll -> [2009/02/16 14:36:13 | 00,884,736 | ---- | C] ()
gmer.exe -> %SystemRoot%\gmer.exe -> [2009/02/16 14:36:13 | 00,811,008 | ---- | C] ()
gmer.sys -> %SystemRoot%\System32\drivers\gmer.sys -> [2009/02/16 14:36:13 | 00,085,969 | ---- | C] (GMER)
gmer_uninstall.cmd -> %SystemRoot%\gmer_uninstall.cmd -> [2009/02/16 14:36:13 | 00,000,080 | ---- | C] ()
rsit -> %SystemDrive%\rsit -> [2009/02/16 14:29:14 | 00,000,000 | ---D | C]
watermelon slices.CLP -> %UserProfile%\My Documents\watermelon slices.CLP -> [2009/02/13 17:07:16 | 08,192,459 | ---- | C] ()
pink flower.CLP -> %UserProfile%\My Documents\pink flower.CLP -> [2009/02/13 17:03:26 | 08,192,459 | ---- | C] ()
iTunes.lnk -> %AllUsersProfile%\Desktop\iTunes.lnk -> [2009/02/07 17:40:47 | 00,002,137 | ---- | C] ()
iPod -> %ProgramFiles%\iPod -> [2009/02/07 17:38:42 | 00,000,000 | ---D | C]
iTunes -> %ProgramFiles%\iTunes -> [2009/02/07 17:37:30 | 00,000,000 | ---D | C]
{3276BE95_AF08_429F_A64F_CA64CB79BCF6} -> %AllUsersProfile%\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} -> [2009/02/07 17:37:30 | 00,000,000 | ---D | C]
WAMUTransactionHistory.qfx -> %UserProfile%\My Documents\WAMUTransactionHistory.qfx -> [2009/02/04 13:47:35 | 00,002,442 | ---- | C] ()
Google Software Updater.job -> %SystemRoot%\tasks\Google Software Updater.job -> [2009/02/02 19:23:20 | 00,000,868 | ---- | C] ()
Shortcut to CaSIR22.exe.lnk -> %UserProfile%\Desktop\Shortcut to CaSIR22.exe.lnk -> [2009/02/02 11:29:53 | 00,000,657 | ---- | C] ()
rrt_is.wav -> %SystemRoot%\System32\rrt_is.wav -> [2009/02/01 23:31:04 | 00,016,244 | ---- | C] ()
rrt_vf.wav -> %SystemRoot%\System32\rrt_vf.wav -> [2009/02/01 23:31:04 | 00,007,302 | ---- | C] ()
rrt_tv.wav -> %SystemRoot%\System32\rrt_tv.wav -> [2009/02/01 23:31:04 | 00,007,148 | ---- | C] ()
rrt_tn.wav -> %SystemRoot%\System32\rrt_tn.wav -> [2009/02/01 23:31:04 | 00,006,282 | ---- | C] ()
fat cars 2.CLP -> %UserProfile%\My Documents\fat cars 2.CLP -> [2009/01/29 17:19:11 | 08,192,459 | ---- | C] ()
fat cars 1.CLP -> %UserProfile%\My Documents\fat cars 1.CLP -> [2009/01/29 17:18:01 | 08,192,459 | ---- | C] ()
Malwarebytes -> %AppData%\Malwarebytes -> [2009/01/26 16:12:56 | 00,000,000 | ---D | C]
mbam.sys -> %SystemRoot%\System32\drivers\mbam.sys -> [2009/01/26 16:12:49 | 00,015,504 | ---- | C] (Malwarebytes Corporation)
mbamswissarmy.sys -> %SystemRoot%\System32\drivers\mbamswissarmy.sys -> [2009/01/26 16:12:45 | 00,038,496 | ---- | C] (Malwarebytes Corporation)
Malwarebytes' Anti-Malware -> %ProgramFiles%\Malwarebytes' Anti-Malware -> [2009/01/26 16:12:42 | 00,000,000 | ---D | C]
Malwarebytes -> %AllUsersProfile%\Application Data\Malwarebytes -> [2009/01/26 16:12:42 | 00,000,000 | ---D | C]
Trend Micro -> %ProgramFiles%\Trend Micro -> [2009/01/26 16:08:37 | 00,000,000 | ---D | C]
ask bar has virus.doc -> %UserProfile%\My Documents\ask bar has virus.doc -> [2009/01/21 01:18:03 | 00,019,456 | ---- | C] ()
kaspersky scan report 1-21.html -> %UserProfile%\My Documents\kaspersky scan report 1-21.html -> [2009/01/21 01:08:03 | 00,002,934 | ---- | C] ()
 
[Files/Folders - Modified Within 30 Days]
4 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> 
2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> 
1 C:\Documents and Settings\All Users\*.tmp files -> C:\Documents and Settings\All Users\*.tmp -> 
1904 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> 
1904 C:\WINDOWS\Temp\*.tmp files -> C:\WINDOWS\Temp\*.tmp -> 
104 C:\WINDOWS\Temp\wrstemp\*.tmp files -> C:\WINDOWS\Temp\wrstemp\*.tmp -> 
S-1-5-21-689224757-2645235278-3701144041-1006.dat -> %SystemRoot%\Temp\wrstemp\S-1-5-21-689224757-2645235278-3701144041-1006.dat -> [2009/02/18 19:32:33 | 00,004,486 | ---- | M] ()
S-1-5-20.dat -> %SystemRoot%\Temp\wrstemp\S-1-5-20.dat -> [2009/02/18 19:32:33 | 00,004,250 | ---- | M] ()
S-1-5-19.dat -> %SystemRoot%\Temp\wrstemp\S-1-5-19.dat -> [2009/02/18 19:32:33 | 00,004,182 | ---- | M] ()
S-1-5-18.dat -> %SystemRoot%\Temp\wrstemp\S-1-5-18.dat -> [2009/02/18 19:32:33 | 00,003,698 | ---- | M] ()
Google Software Updater.job -> %SystemRoot%\tasks\Google Software Updater.job -> [2009/02/18 19:10:11 | 00,000,868 | ---- | M] ()
win.ini -> %SystemRoot%\win.ini -> [2009/02/18 17:50:13 | 00,002,241 | ---- | M] ()
Config.MPF -> %SystemRoot%\System32\Config.MPF -> [2009/02/18 17:49:10 | 00,014,655 | ---- | M] ()
ntuser.dat -> %UserProfile%\ntuser.dat -> [2009/02/18 17:44:04 | 07,077,888 | ---- | M] ()
wpa.dbl -> %SystemRoot%\System32\wpa.dbl -> [2009/02/18 17:37:56 | 00,001,158 | ---- | M] ()
Perflib_Perfdata_624.dat -> %SystemRoot%\Temp\Perflib_Perfdata_624.dat -> [2009/02/18 17:31:16 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_e0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_e0.dat -> [2009/02/18 17:30:23 | 00,016,384 | ---- | M] ()
SA.DAT -> %SystemRoot%\tasks\SA.DAT -> [2009/02/18 17:30:17 | 00,000,006 | -H-- | M] ()
bootstat.dat -> %SystemRoot%\bootstat.dat -> [2009/02/18 17:29:56 | 00,002,048 | --S- | M] ()
hiberfil.sys -> %SystemDrive%\hiberfil.sys -> [2009/02/18 17:29:49 | 10,056,37632 | -HS- | M] ()
FNTCACHE.DAT -> %SystemRoot%\System32\FNTCACHE.DAT -> [2009/02/18 17:29:49 | 00,633,960 | ---- | M] ()
ntuser.ini -> %UserProfile%\ntuser.ini -> [2009/02/18 17:27:10 | 00,000,178 | -HS- | M] ()
imsins.BAK -> %SystemRoot%\imsins.BAK -> [2009/02/18 17:06:48 | 00,001,374 | ---- | M] ()
PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI -> [2009/02/18 16:56:43 | 00,502,064 | ---- | M] ()
perfh009.dat -> %SystemRoot%\System32\perfh009.dat -> [2009/02/18 16:56:43 | 00,441,692 | ---- | M] ()
perfc009.dat -> %SystemRoot%\System32\perfc009.dat -> [2009/02/18 16:56:43 | 00,071,462 | ---- | M] ()
qmgr0.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr0.dat -> [2009/02/18 15:38:03 | 00,004,646 | ---- | M] ()
qmgr1.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr1.dat -> [2009/02/18 15:38:03 | 00,004,232 | ---- | M] ()
Perflib_Perfdata_354.dat -> %SystemRoot%\Temp\Perflib_Perfdata_354.dat -> [2009/02/18 14:06:10 | 00,016,384 | ---- | M] ()
The History of APRONS.doc -> %UserProfile%\My Documents\The History of APRONS.doc -> [2009/02/17 20:36:33 | 00,022,528 | ---- | M] ()
sqmnoopt15.sqm -> %SystemDrive%\sqmnoopt15.sqm -> [2009/02/17 15:47:57 | 00,000,244 | -H-- | M] ()
sqmdata15.sqm -> %SystemDrive%\sqmdata15.sqm -> [2009/02/17 15:47:57 | 00,000,232 | -H-- | M] ()
RegistrySmart Scheduled Scan.job -> %SystemRoot%\tasks\RegistrySmart Scheduled Scan.job -> [2009/02/17 03:30:00 | 00,000,426 | ---- | M] ()
RegClean Scheduled Scan.job -> %SystemRoot%\tasks\RegClean Scheduled Scan.job -> [2009/02/17 03:30:00 | 00,000,386 | ---- | M] ()
sqmnoopt14.sqm -> %SystemDrive%\sqmnoopt14.sqm -> [2009/02/16 19:17:45 | 00,000,244 | -H-- | M] ()
sqmdata14.sqm -> %SystemDrive%\sqmdata14.sqm -> [2009/02/16 19:17:45 | 00,000,232 | -H-- | M] ()
GMER scan 2-16.CLP -> %UserProfile%\My Documents\GMER scan 2-16.CLP -> [2009/02/16 18:30:39 | 01,773,163 | ---- | M] ()
gmer.ini -> %SystemRoot%\gmer.ini -> [2009/02/16 14:36:19 | 00,000,250 | ---- | M] ()
gmer.dll -> %SystemRoot%\gmer.dll -> [2009/02/16 14:36:13 | 00,884,736 | ---- | M] ()
gmer.sys -> %SystemRoot%\System32\drivers\gmer.sys -> [2009/02/16 14:36:13 | 00,085,969 | ---- | M] (GMER)
gmer_uninstall.cmd -> %SystemRoot%\gmer_uninstall.cmd -> [2009/02/16 14:36:13 | 00,000,080 | ---- | M] ()
gmer.exe -> %SystemRoot%\gmer.exe -> [2009/02/16 14:35:42 | 00,811,008 | ---- | M] ()
Perflib_Perfdata_734.dat -> %SystemRoot%\Temp\Perflib_Perfdata_734.dat -> [2009/02/16 12:48:09 | 00,016,384 | ---- | M] ()
sqmnoopt13.sqm -> %SystemDrive%\sqmnoopt13.sqm -> [2009/02/15 15:25:14 | 00,000,244 | -H-- | M] ()
sqmdata13.sqm -> %SystemDrive%\sqmdata13.sqm -> [2009/02/15 15:25:14 | 00,000,232 | -H-- | M] ()
Perflib_Perfdata_650.dat -> %SystemRoot%\Temp\Perflib_Perfdata_650.dat -> [2009/02/15 14:24:31 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_3b8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_3b8.dat -> [2009/02/14 13:19:20 | 00,016,384 | ---- | M] ()
sqmnoopt12.sqm -> %SystemDrive%\sqmnoopt12.sqm -> [2009/02/13 17:45:11 | 00,000,244 | -H-- | M] ()
sqmdata12.sqm -> %SystemDrive%\sqmdata12.sqm -> [2009/02/13 17:45:11 | 00,000,232 | -H-- | M] ()
watermelon slices.CLP -> %UserProfile%\My Documents\watermelon slices.CLP -> [2009/02/13 17:07:22 | 08,192,459 | ---- | M] ()
pink flower.CLP -> %UserProfile%\My Documents\pink flower.CLP -> [2009/02/13 17:03:34 | 08,192,459 | ---- | M] ()
wrSpySweeper_LF4EDF9159123427B94E9DBE5B2B7871B.job -> %SystemRoot%\tasks\wrSpySweeper_LF4EDF9159123427B94E9DBE5B2B7871B.job -> [2009/02/13 16:53:19 | 00,001,654 | ---- | M] ()
Perflib_Perfdata_5b4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5b4.dat -> [2009/02/13 16:24:04 | 00,016,384 | ---- | M] ()
sqmnoopt11.sqm -> %SystemDrive%\sqmnoopt11.sqm -> [2009/02/12 14:56:34 | 00,000,244 | -H-- | M] ()
sqmdata11.sqm -> %SystemDrive%\sqmdata11.sqm -> [2009/02/12 14:56:34 | 00,000,232 | -H-- | M] ()
MRT.exe -> %SystemRoot%\System32\MRT.exe -> [2009/02/11 20:56:17 | 21,244,872 | ---- | M] (Microsoft Corporation)
sqmnoopt10.sqm -> %SystemDrive%\sqmnoopt10.sqm -> [2009/02/11 16:30:37 | 00,000,244 | -H-- | M] ()
sqmdata10.sqm -> %SystemDrive%\sqmdata10.sqm -> [2009/02/11 16:30:37 | 00,000,232 | -H-- | M] ()
sqmnoopt09.sqm -> %SystemDrive%\sqmnoopt09.sqm -> [2009/02/10 14:55:05 | 00,000,244 | -H-- | M] ()
sqmdata09.sqm -> %SystemDrive%\sqmdata09.sqm -> [2009/02/10 14:55:05 | 00,000,232 | -H-- | M] ()
sqmnoopt08.sqm -> %SystemDrive%\sqmnoopt08.sqm -> [2009/02/08 20:01:21 | 00,000,244 | -H-- | M] ()
sqmdata08.sqm -> %SystemDrive%\sqmdata08.sqm -> [2009/02/08 20:01:21 | 00,000,232 | -H-- | M] ()
iTunes.lnk -> %AllUsersProfile%\Desktop\iTunes.lnk -> [2009/02/07 18:17:34 | 00,002,137 | ---- | M] ()
Perflib_Perfdata_588.dat -> %SystemRoot%\Temp\Perflib_Perfdata_588.dat -> [2009/02/07 17:51:09 | 00,016,384 | ---- | M] ()
sqmnoopt07.sqm -> %SystemDrive%\sqmnoopt07.sqm -> [2009/02/07 14:10:06 | 00,000,244 | -H-- | M] ()
sqmdata07.sqm -> %SystemDrive%\sqmdata07.sqm -> [2009/02/07 14:10:06 | 00,000,232 | -H-- | M] ()
AppleSoftwareUpdate.job -> %SystemRoot%\tasks\AppleSoftwareUpdate.job -> [2009/02/06 07:46:14 | 00,000,284 | ---- | M] ()
S-1-5-21-689224757-2645235278-3701144041-1005.dat -> %SystemRoot%\Temp\wrstemp\S-1-5-21-689224757-2645235278-3701144041-1005.dat -> [2009/02/06 04:25:09 | 00,005,090 | ---- | M] ()
S-1-5-21-689224757-2645235278-3701144041-1008.dat -> %SystemRoot%\Temp\wrstemp\S-1-5-21-689224757-2645235278-3701144041-1008.dat -> [2009/02/06 04:25:09 | 00,004,628 | ---- | M] ()
S-1-5-21-689224757-2645235278-3701144041-1010.dat -> %SystemRoot%\Temp\wrstemp\S-1-5-21-689224757-2645235278-3701144041-1010.dat -> [2009/02/06 04:25:09 | 00,004,482 | ---- | M] ()
BookwormAdventures.dll -> %SystemRoot%\Temp\BookwormAdventures.dll -> [2009/02/06 02:30:23 | 01,709,512 | ---- | M] ()
Perflib_Perfdata_580.dat -> %SystemRoot%\Temp\Perflib_Perfdata_580.dat -> [2009/02/05 19:54:07 | 00,016,384 | ---- | M] ()
sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm -> [2009/02/04 15:17:58 | 00,000,232 | -H-- | M] ()
sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm -> [2009/02/04 15:17:57 | 00,000,244 | -H-- | M] ()
WAMUTransactionHistory.qfx -> %UserProfile%\My Documents\WAMUTransactionHistory.qfx -> [2009/02/04 13:47:37 | 00,002,442 | ---- | M] ()
Perflib_Perfdata_6a8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6a8.dat -> [2009/02/04 12:16:29 | 00,016,384 | ---- | M] ()
RegFixPro Scan.job -> %SystemRoot%\tasks\RegFixPro Scan.job -> [2009/02/03 12:00:16 | 00,000,430 | ---- | M] ()
SearchWithGoogleUpdate.exe -> %SystemRoot%\Temp\gisa600b\SearchWithGoogleUpdate.exe -> [2009/02/02 19:23:12 | 00,910,320 | ---- | M] (Google Inc.)
GoogleUpdaterService.exe -> %SystemRoot%\Temp\gisa600b\GoogleUpdaterService.exe -> [2009/02/02 19:23:11 | 00,182,768 | ---- | M] (Google)
GoogleUpdaterSetup.exe -> %SystemRoot%\Temp\gisa600b\2.4.1487.6512\GoogleUpdaterSetup.exe -> [2009/02/02 19:23:11 | 00,176,112 | ---- | M] (Google Inc.)
GoogleUpdater.exe -> %SystemRoot%\Temp\gisa600b\GoogleUpdater.exe -> [2009/02/02 19:23:11 | 00,161,776 | ---- | M] (Google)
cires.dll -> %SystemRoot%\Temp\gisa600b\2.4.1487.6512\cires.dll -> [2009/02/02 19:23:11 | 00,095,232 | ---- | M] ()
ci.dll -> %SystemRoot%\Temp\gisa600b\2.4.1487.6512\ci.dll -> [2009/02/02 19:23:10 | 01,182,208 | ---- | M] (Google)
GoogleUpdaterInstallMgr.exe -> %SystemRoot%\Temp\gisa600b\2.4.1487.6512\GoogleUpdaterInstallMgr.exe -> [2009/02/02 19:23:10 | 00,169,968 | ---- | M] (Google)
npCIDetect13.dll -> %SystemRoot%\Temp\gisa600b\2.4.1487.6512\npCIDetect13.dll -> [2009/02/02 19:23:10 | 00,094,208 | ---- | M] (Google)
GoogleUpdaterAdminPrefs.exe -> %SystemRoot%\Temp\gisa600b\2.4.1487.6512\GoogleUpdaterAdminPrefs.exe -> [2009/02/02 19:23:09 | 00,227,824 | ---- | M] (Google)
Shortcut to CaSIR22.exe.lnk -> %UserProfile%\Desktop\Shortcut to CaSIR22.exe.lnk -> [2009/02/02 11:29:46 | 00,000,657 | ---- | M] ()
Perflib_Perfdata_6c8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6c8.dat -> [2009/02/02 11:03:50 | 00,016,384 | ---- | M] ()
rrt_is.wav -> %SystemRoot%\System32\rrt_is.wav -> [2009/02/01 23:31:04 | 00,016,244 | ---- | M] ()
rrt_vf.wav -> %SystemRoot%\System32\rrt_vf.wav -> [2009/02/01 23:31:04 | 00,007,302 | ---- | M] ()
rrt_tv.wav -> %SystemRoot%\System32\rrt_tv.wav -> [2009/02/01 23:31:04 | 00,007,148 | ---- | M] ()
rrt_tn.wav -> %SystemRoot%\System32\rrt_tn.wav -> [2009/02/01 23:31:04 | 00,006,282 | ---- | M] ()
Perflib_Perfdata_818.dat -> %SystemRoot%\Temp\Perflib_Perfdata_818.dat -> [2009/02/01 22:28:18 | 00,016,384 | ---- | M] ()
McQcTask.job -> %SystemRoot%\tasks\McQcTask.job -> [2009/02/01 01:00:31 | 00,000,332 | ---- | M] ()
Perflib_Perfdata_84c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_84c.dat -> [2009/01/31 21:06:40 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_7e8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7e8.dat -> [2009/01/31 14:48:45 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_824.dat -> %SystemRoot%\Temp\Perflib_Perfdata_824.dat -> [2009/01/29 23:24:46 | 00,016,384 | ---- | M] ()
fat cars 2.CLP -> %UserProfile%\My Documents\fat cars 2.CLP -> [2009/01/29 17:19:18 | 08,192,459 | ---- | M] ()
fat cars 1.CLP -> %UserProfile%\My Documents\fat cars 1.CLP -> [2009/01/29 17:18:08 | 08,192,459 | ---- | M] ()
Perflib_Perfdata_834.dat -> %SystemRoot%\Temp\Perflib_Perfdata_834.dat -> [2009/01/27 12:51:42 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_85c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_85c.dat -> [2009/01/23 12:42:35 | 00,016,384 | ---- | M] ()
My Sharing Folders.lnk -> %UserProfile%\My Documents\My Sharing Folders.lnk -> [2009/01/21 13:29:48 | 00,000,565 | ---- | M] ()
sqmdata05.sqm -> %SystemDrive%\sqmdata05.sqm -> [2009/01/21 13:22:57 | 00,000,232 | -H-- | M] ()
sqmnoopt05.sqm -> %SystemDrive%\sqmnoopt05.sqm -> [2009/01/21 13:22:56 | 00,000,244 | -H-- | M] ()
ask bar has virus.doc -> %UserProfile%\My Documents\ask bar has virus.doc -> [2009/01/21 01:18:04 | 00,019,456 | ---- | M] ()
kaspersky scan report 1-21.html -> %UserProfile%\My Documents\kaspersky scan report 1-21.html -> [2009/01/21 01:08:03 | 00,002,934 | ---- | M] ()
outlook.pst -> %SystemRoot%\outlook.pst -> [2009/01/20 23:34:24 | 01,064,960 | ---- | M] ()
Perflib_Perfdata_820.dat -> %SystemRoot%\Temp\Perflib_Perfdata_820.dat -> [2009/01/19 13:19:00 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_890.dat -> %SystemRoot%\Temp\Perflib_Perfdata_890.dat -> [2009/01/18 12:47:34 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6f8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6f8.dat -> [2009/01/17 09:49:22 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_828.dat -> %SystemRoot%\Temp\Perflib_Perfdata_828.dat -> [2009/01/15 09:45:13 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_600.dat -> %SystemRoot%\Temp\Perflib_Perfdata_600.dat -> [2009/01/14 11:55:16 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_cc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_cc.dat -> [2009/01/14 03:26:15 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5dc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5dc.dat -> [2009/01/13 18:26:16 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_458.dat -> %SystemRoot%\Temp\Perflib_Perfdata_458.dat -> [2009/01/12 14:37:38 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5f4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5f4.dat -> [2009/01/08 22:15:43 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_614.dat -> %SystemRoot%\Temp\Perflib_Perfdata_614.dat -> [2009/01/08 13:11:04 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_39c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_39c.dat -> [2009/01/06 22:40:35 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5a4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5a4.dat -> [2009/01/05 13:45:07 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_3ac.dat -> %SystemRoot%\Temp\Perflib_Perfdata_3ac.dat -> [2009/01/02 13:17:01 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_468.dat -> %SystemRoot%\Temp\Perflib_Perfdata_468.dat -> [2009/01/01 17:51:25 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_a18.dat -> %SystemRoot%\Temp\Perflib_Perfdata_a18.dat -> [2008/12/28 19:48:03 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_2b0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2b0.dat -> [2008/12/28 11:30:51 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_474.dat -> %SystemRoot%\Temp\Perflib_Perfdata_474.dat -> [2008/12/27 12:22:55 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_2d0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2d0.dat -> [2008/12/26 13:03:27 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_3dc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_3dc.dat -> [2008/12/25 13:24:30 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_554.dat -> %SystemRoot%\Temp\Perflib_Perfdata_554.dat -> [2008/12/21 15:25:53 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_400.dat -> %SystemRoot%\Temp\Perflib_Perfdata_400.dat -> [2008/12/21 15:25:24 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_670.dat -> %SystemRoot%\Temp\Perflib_Perfdata_670.dat -> [2008/12/21 14:03:15 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_514.dat -> %SystemRoot%\Temp\Perflib_Perfdata_514.dat -> [2008/12/21 13:58:54 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_23c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_23c.dat -> [2008/12/11 23:04:02 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_88.dat -> %SystemRoot%\Temp\Perflib_Perfdata_88.dat -> [2008/12/05 12:19:11 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_438.dat -> %SystemRoot%\Temp\Perflib_Perfdata_438.dat -> [2008/11/26 13:36:50 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_348.dat -> %SystemRoot%\Temp\Perflib_Perfdata_348.dat -> [2008/11/23 13:24:16 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_440.dat -> %SystemRoot%\Temp\Perflib_Perfdata_440.dat -> [2008/11/22 12:21:28 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_308.dat -> %SystemRoot%\Temp\Perflib_Perfdata_308.dat -> [2008/11/21 13:01:19 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_2dc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2dc.dat -> [2008/11/15 12:25:02 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_2b8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2b8.dat -> [2008/11/12 15:36:31 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_41c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_41c.dat -> [2008/11/09 16:22:27 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_454.dat -> %SystemRoot%\Temp\Perflib_Perfdata_454.dat -> [2008/11/06 15:16:56 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_248.dat -> %SystemRoot%\Temp\Perflib_Perfdata_248.dat -> [2008/11/04 19:44:23 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_230.dat -> %SystemRoot%\Temp\Perflib_Perfdata_230.dat -> [2008/11/04 13:01:58 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_36c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_36c.dat -> [2008/11/02 12:40:25 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_25c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_25c.dat -> [2008/11/02 12:25:47 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_2e4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2e4.dat -> [2008/10/28 18:20:19 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_30c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_30c.dat -> [2008/10/27 19:05:28 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_19c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_19c.dat -> [2008/10/26 18:06:10 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_290.dat -> %SystemRoot%\Temp\Perflib_Perfdata_290.dat -> [2008/10/23 15:25:14 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_2ac.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2ac.dat -> [2008/10/23 14:46:04 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_304.dat -> %SystemRoot%\Temp\Perflib_Perfdata_304.dat -> [2008/10/22 10:39:53 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_418.dat -> %SystemRoot%\Temp\Perflib_Perfdata_418.dat -> [2008/10/20 19:24:45 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_350.dat -> %SystemRoot%\Temp\Perflib_Perfdata_350.dat -> [2008/10/17 14:53:23 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_1e4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_1e4.dat -> [2008/10/16 15:47:13 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_24c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_24c.dat -> [2008/10/16 10:20:26 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_2c4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2c4.dat -> [2008/10/15 18:34:21 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_1d8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_1d8.dat -> [2008/10/15 18:29:49 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_3a0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_3a0.dat -> [2008/10/15 11:37:00 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_3fc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_3fc.dat -> [2008/10/14 19:42:21 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_268.dat -> %SystemRoot%\Temp\Perflib_Perfdata_268.dat -> [2008/10/14 13:40:51 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_250.dat -> %SystemRoot%\Temp\Perflib_Perfdata_250.dat -> [2008/10/11 14:07:18 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_2f4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2f4.dat -> [2008/10/09 12:24:56 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_29c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_29c.dat -> [2008/10/07 20:18:32 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_310.dat -> %SystemRoot%\Temp\Perflib_Perfdata_310.dat -> [2008/10/06 00:39:26 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_470.dat -> %SystemRoot%\Temp\Perflib_Perfdata_470.dat -> [2008/10/05 02:33:14 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_4ac.dat -> %SystemRoot%\Temp\Perflib_Perfdata_4ac.dat -> [2008/10/04 17:21:01 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_270.dat -> %SystemRoot%\Temp\Perflib_Perfdata_270.dat -> [2008/10/02 21:55:50 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_2a0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2a0.dat -> [2008/10/02 15:57:19 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_2d8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2d8.dat -> [2008/10/01 14:30:21 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_318.dat -> %SystemRoot%\Temp\Perflib_Perfdata_318.dat -> [2008/09/26 14:28:05 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_2ec.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2ec.dat -> [2008/09/25 18:05:40 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_3e0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_3e0.dat -> [2008/09/25 13:17:22 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_364.dat -> %SystemRoot%\Temp\Perflib_Perfdata_364.dat -> [2008/09/23 14:21:51 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_27c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_27c.dat -> [2008/09/22 11:59:32 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_238.dat -> %SystemRoot%\Temp\Perflib_Perfdata_238.dat -> [2008/09/21 19:04:55 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_3ec.dat -> %SystemRoot%\Temp\Perflib_Perfdata_3ec.dat -> [2008/09/20 13:13:10 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_1d4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_1d4.dat -> [2008/09/19 18:44:14 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_4f8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_4f8.dat -> [2008/09/14 09:54:48 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_314.dat -> %SystemRoot%\Temp\Perflib_Perfdata_314.dat -> [2008/09/13 21:42:56 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_2a8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2a8.dat -> [2008/09/13 10:19:55 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_45c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_45c.dat -> [2008/09/13 00:39:08 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_4a8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_4a8.dat -> [2008/09/12 18:02:57 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_1c8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_1c8.dat -> [2008/09/10 19:08:10 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_280.dat -> %SystemRoot%\Temp\Perflib_Perfdata_280.dat -> [2008/09/10 09:49:20 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_294.dat -> %SystemRoot%\Temp\Perflib_Perfdata_294.dat -> [2008/09/09 13:48:27 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_174.dat -> %SystemRoot%\Temp\Perflib_Perfdata_174.dat -> [2008/09/08 20:00:04 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_320.dat -> %SystemRoot%\Temp\Perflib_Perfdata_320.dat -> [2008/09/08 19:34:24 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_20c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_20c.dat -> [2008/09/07 11:07:48 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_240.dat -> %SystemRoot%\Temp\Perflib_Perfdata_240.dat -> [2008/09/06 15:39:57 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_1c4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_1c4.dat -> [2008/09/06 13:35:09 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_2e0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2e0.dat -> [2008/09/04 12:01:58 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_838.dat -> %SystemRoot%\Temp\Perflib_Perfdata_838.dat -> [2008/09/02 20:23:57 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_330.dat -> %SystemRoot%\Temp\Perflib_Perfdata_330.dat -> [2008/08/30 18:42:50 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_358.dat -> %SystemRoot%\Temp\Perflib_Perfdata_358.dat -> [2008/08/30 11:47:38 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_2b4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2b4.dat -> [2008/08/29 19:45:02 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_2c8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2c8.dat -> [2008/08/28 17:14:04 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_398.dat -> %SystemRoot%\Temp\Perflib_Perfdata_398.dat -> [2008/08/28 10:06:52 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_804.dat -> %SystemRoot%\Temp\Perflib_Perfdata_804.dat -> [2008/08/28 02:33:26 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_220.dat -> %SystemRoot%\Temp\Perflib_Perfdata_220.dat -> [2008/08/27 03:05:34 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_4f0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_4f0.dat -> [2008/08/26 11:44:23 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_1310.dat -> %SystemRoot%\Temp\Perflib_Perfdata_1310.dat -> [2008/08/26 01:59:21 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_234.dat -> %SystemRoot%\Temp\Perflib_Perfdata_234.dat -> [2008/08/26 01:23:43 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_404.dat -> %SystemRoot%\Temp\Perflib_Perfdata_404.dat -> [2008/08/25 16:49:31 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_3d0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_3d0.dat -> [2008/08/25 16:45:15 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_3a8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_3a8.dat -> [2008/08/24 13:02:08 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_414.dat -> %SystemRoot%\Temp\Perflib_Perfdata_414.dat -> [2008/08/23 19:34:27 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_544.dat -> %SystemRoot%\Temp\Perflib_Perfdata_544.dat -> [2008/08/23 15:35:18 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_4d0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_4d0.dat -> [2008/08/22 19:29:00 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_2e8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2e8.dat -> [2008/08/22 11:07:55 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6b0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6b0.dat -> [2008/08/21 19:38:46 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_4f4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_4f4.dat -> [2008/08/20 19:31:26 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_1e0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_1e0.dat -> [2008/08/18 13:52:45 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_224.dat -> %SystemRoot%\Temp\Perflib_Perfdata_224.dat -> [2008/08/17 20:54:46 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_28c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_28c.dat -> [2008/08/15 17:24:22 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_680.dat -> %SystemRoot%\Temp\Perflib_Perfdata_680.dat -> [2008/07/30 14:03:04 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_158.dat -> %SystemRoot%\Temp\Perflib_Perfdata_158.dat -> [2008/07/29 20:07:09 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_1b4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_1b4.dat -> [2008/07/18 20:35:54 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_138.dat -> %SystemRoot%\Temp\Perflib_Perfdata_138.dat -> [2008/07/16 12:44:52 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_7d0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7d0.dat -> [2008/07/04 16:59:34 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_764.dat -> %SystemRoot%\Temp\Perflib_Perfdata_764.dat -> [2008/07/02 11:17:15 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_70.dat -> %SystemRoot%\Temp\Perflib_Perfdata_70.dat -> [2008/06/30 11:06:21 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_78c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_78c.dat -> [2008/06/24 13:30:31 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6ec.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6ec.dat -> [2008/06/20 10:23:49 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5c4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5c4.dat -> [2008/06/17 12:01:17 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_450.dat -> %SystemRoot%\Temp\Perflib_Perfdata_450.dat -> [2008/06/15 09:25:15 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_7d8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7d8.dat -> [2008/06/13 14:11:32 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_61c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_61c.dat -> [2008/06/13 13:57:29 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_520.dat -> %SystemRoot%\Temp\Perflib_Perfdata_520.dat -> [2008/06/13 08:54:55 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6c0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6c0.dat -> [2008/06/12 10:09:17 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_13c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_13c.dat -> [2008/06/09 07:32:29 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6a4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6a4.dat -> [2008/06/01 22:51:09 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_154.dat -> %SystemRoot%\Temp\Perflib_Perfdata_154.dat -> [2008/05/26 18:51:13 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_12c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_12c.dat -> [2008/05/26 11:11:58 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_324.dat -> %SystemRoot%\Temp\Perflib_Perfdata_324.dat -> [2008/05/20 14:24:30 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_284.dat -> %SystemRoot%\Temp\Perflib_Perfdata_284.dat -> [2008/05/19 20:11:45 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_744.dat -> %SystemRoot%\Temp\Perflib_Perfdata_744.dat -> [2008/05/14 12:31:20 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_794.dat -> %SystemRoot%\Temp\Perflib_Perfdata_794.dat -> [2008/05/13 20:04:49 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_4c8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_4c8.dat -> [2008/05/10 21:00:37 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_7ec.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7ec.dat -> [2008/05/08 16:12:27 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_17c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_17c.dat -> [2008/05/02 14:30:58 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_62c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_62c.dat -> [2008/04/23 19:43:30 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_7dc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7dc.dat -> [2008/04/23 15:24:26 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_7ac.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7ac.dat -> [2008/04/19 15:32:29 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_c1c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_c1c.dat -> [2008/04/19 14:15:35 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_170.dat -> %SystemRoot%\Temp\Perflib_Perfdata_170.dat -> [2008/04/17 10:22:59 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_664.dat -> %SystemRoot%\Temp\Perflib_Perfdata_664.dat -> [2008/04/16 14:00:42 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_4bc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_4bc.dat -> [2008/04/16 09:36:49 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5bc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5bc.dat -> [2008/04/15 15:44:23 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_52c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_52c.dat -> [2008/04/13 19:32:01 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_65c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_65c.dat -> [2008/04/12 11:14:52 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6bc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6bc.dat -> [2008/04/11 19:09:09 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_180.dat -> %SystemRoot%\Temp\Perflib_Perfdata_180.dat -> [2008/04/08 15:44:44 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_674.dat -> %SystemRoot%\Temp\Perflib_Perfdata_674.dat -> [2008/04/08 10:58:07 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_264.dat -> %SystemRoot%\Temp\Perflib_Perfdata_264.dat -> [2008/04/06 15:57:04 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_104.dat -> %SystemRoot%\Temp\Perflib_Perfdata_104.dat -> [2008/04/04 16:51:06 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_244.dat -> %SystemRoot%\Temp\Perflib_Perfdata_244.dat -> [2008/04/01 21:34:25 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_2a4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2a4.dat -> [2008/04/01 20:27:40 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5c8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5c8.dat -> [2008/03/30 12:16:17 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_790.dat -> %SystemRoot%\Temp\Perflib_Perfdata_790.dat -> [2008/03/24 17:05:16 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_150.dat -> %SystemRoot%\Temp\Perflib_Perfdata_150.dat -> [2008/03/22 16:38:37 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_700.dat -> %SystemRoot%\Temp\Perflib_Perfdata_700.dat -> [2008/03/20 12:56:01 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_610.dat -> %SystemRoot%\Temp\Perflib_Perfdata_610.dat -> [2008/03/19 15:28:13 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6fc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6fc.dat -> [2008/03/15 15:45:52 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_644.dat -> %SystemRoot%\Temp\Perflib_Perfdata_644.dat -> [2008/03/15 13:42:52 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_79c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_79c.dat -> [2008/03/15 11:03:19 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_7d4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7d4.dat -> [2008/03/15 10:54:42 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_32c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_32c.dat -> [2008/03/13 18:40:44 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_1a0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_1a0.dat -> [2008/03/09 19:26:29 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_31c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_31c.dat -> [2008/03/09 19:12:21 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_1a4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_1a4.dat -> [2008/03/06 22:09:26 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_16c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_16c.dat -> [2008/03/06 10:43:30 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_648.dat -> %SystemRoot%\Temp\Perflib_Perfdata_648.dat -> [2008/03/05 20:25:46 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_98.dat -> %SystemRoot%\Temp\Perflib_Perfdata_98.dat -> [2008/03/05 19:47:01 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_160.dat -> %SystemRoot%\Temp\Perflib_Perfdata_160.dat -> [2008/03/05 13:46:47 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_340.dat -> %SystemRoot%\Temp\Perflib_Perfdata_340.dat -> [2008/03/03 20:20:44 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_694.dat -> %SystemRoot%\Temp\Perflib_Perfdata_694.dat -> [2008/02/29 19:11:47 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_d0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_d0.dat -> [2008/02/24 18:20:23 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_d4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_d4.dat -> [2008/02/23 17:53:36 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_130.dat -> %SystemRoot%\Temp\Perflib_Perfdata_130.dat -> [2008/02/21 18:21:20 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_368.dat -> %SystemRoot%\Temp\Perflib_Perfdata_368.dat -> [2008/02/16 17:38:44 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_780.dat -> %SystemRoot%\Temp\Perflib_Perfdata_780.dat -> [2008/02/14 10:18:47 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_78.dat -> %SystemRoot%\Temp\Perflib_Perfdata_78.dat -> [2008/02/13 11:07:16 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_808.dat -> %SystemRoot%\Temp\Perflib_Perfdata_808.dat -> [2008/02/07 12:44:40 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_704.dat -> %SystemRoot%\Temp\Perflib_Perfdata_704.dat -> [2008/02/06 16:44:20 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_604.dat -> %SystemRoot%\Temp\Perflib_Perfdata_604.dat -> [2008/02/03 13:57:01 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_258.dat -> %SystemRoot%\Temp\Perflib_Perfdata_258.dat -> [2008/02/02 15:27:28 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_598.dat -> %SystemRoot%\Temp\Perflib_Perfdata_598.dat -> [2008/02/02 12:38:14 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_7c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7c.dat -> [2008/02/01 18:07:21 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_628.dat -> %SystemRoot%\Temp\Perflib_Perfdata_628.dat -> [2008/01/31 13:16:29 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_66c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_66c.dat -> [2008/01/30 17:35:39 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_698.dat -> %SystemRoot%\Temp\Perflib_Perfdata_698.dat -> [2008/01/29 16:42:36 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_3e4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_3e4.dat -> [2008/01/27 11:47:14 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6ac.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6ac.dat -> [2008/01/27 01:51:24 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_7e0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7e0.dat -> [2008/01/26 18:04:08 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6e8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6e8.dat -> [2008/01/25 15:35:00 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_488.dat -> %SystemRoot%\Temp\Perflib_Perfdata_488.dat -> [2008/01/23 14:57:13 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_548.dat -> %SystemRoot%\Temp\Perflib_Perfdata_548.dat -> [2008/01/22 12:36:05 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_54c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_54c.dat -> [2008/01/21 17:03:38 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_3b4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_3b4.dat -> [2008/01/18 16:57:55 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_594.dat -> %SystemRoot%\Temp\Perflib_Perfdata_594.dat -> [2008/01/17 11:31:59 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_64c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_64c.dat -> [2008/01/13 13:33:13 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6a0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6a0.dat -> [2008/01/10 15:01:32 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_640.dat -> %SystemRoot%\Temp\Perflib_Perfdata_640.dat -> [2008/01/10 13:05:46 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_63c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_63c.dat -> [2008/01/09 18:03:54 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_7bc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7bc.dat -> [2008/01/07 17:17:16 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_7e4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7e4.dat -> [2008/01/06 17:42:14 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_760.dat -> %SystemRoot%\Temp\Perflib_Perfdata_760.dat -> [2008/01/04 21:22:42 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5f0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5f0.dat -> [2008/01/04 12:17:34 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5e0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5e0.dat -> [2008/01/03 15:38:12 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_7b4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7b4.dat -> [2008/01/02 19:19:31 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_688.dat -> %SystemRoot%\Temp\Perflib_Perfdata_688.dat -> [2007/12/28 17:47:48 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_3c8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_3c8.dat -> [2007/12/27 14:52:04 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_57c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_57c.dat -> [2007/12/26 11:22:09 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5f8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5f8.dat -> [2007/12/25 08:29:33 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5ac.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5ac.dat -> [2007/12/25 00:54:32 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_660.dat -> %SystemRoot%\Temp\Perflib_Perfdata_660.dat -> [2007/12/24 11:23:55 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_a0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_a0.dat -> [2007/12/23 18:20:01 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_7c8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7c8.dat -> [2007/12/22 21:33:46 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_484.dat -> %SystemRoot%\Temp\Perflib_Perfdata_484.dat -> [2007/12/22 17:47:17 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_7a8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7a8.dat -> [2007/12/21 21:14:13 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5a0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5a0.dat -> [2007/12/21 18:58:33 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5c0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5c0.dat -> [2007/12/21 12:31:43 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6e4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6e4.dat -> [2007/12/20 22:32:45 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_7b0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7b0.dat -> [2007/12/19 17:58:29 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_7f4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7f4.dat -> [2007/12/19 12:46:02 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6d8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6d8.dat -> [2007/12/19 12:16:40 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_2d4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2d4.dat -> [2007/12/18 17:04:56 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_300.dat -> %SystemRoot%\Temp\Perflib_Perfdata_300.dat -> [2007/12/18 16:43:01 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_630.dat -> %SystemRoot%\Temp\Perflib_Perfdata_630.dat -> [2007/12/16 23:21:18 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_518.dat -> %SystemRoot%\Temp\Perflib_Perfdata_518.dat -> [2007/12/16 21:30:18 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_508.dat -> %SystemRoot%\Temp\Perflib_Perfdata_508.dat -> [2007/12/16 19:59:23 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_7f0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7f0.dat -> [2007/12/16 19:22:33 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_708.dat -> %SystemRoot%\Temp\Perflib_Perfdata_708.dat -> [2007/12/16 17:33:56 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_388.dat -> %SystemRoot%\Temp\Perflib_Perfdata_388.dat -> [2007/12/16 12:34:09 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_560.dat -> %SystemRoot%\Temp\Perflib_Perfdata_560.dat -> [2007/12/15 15:50:29 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_690.dat -> %SystemRoot%\Temp\Perflib_Perfdata_690.dat -> [2007/12/12 18:15:33 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5fc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5fc.dat -> [2007/12/10 17:27:36 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_70c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_70c.dat -> [2007/12/08 15:14:10 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_608.dat -> %SystemRoot%\Temp\Perflib_Perfdata_608.dat -> [2007/12/08 15:01:26 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6b4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6b4.dat -> [2007/12/08 14:33:49 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6dc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6dc.dat -> [2007/12/08 14:17:18 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6b8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6b8.dat -> [2007/12/07 17:30:27 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_558.dat -> %SystemRoot%\Temp\Perflib_Perfdata_558.dat -> [2007/12/05 18:49:30 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_7c0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7c0.dat -> [2007/12/04 19:59:19 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6c4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6c4.dat -> [2007/12/04 13:20:05 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_84.dat -> %SystemRoot%\Temp\Perflib_Perfdata_84.dat -> [2007/12/03 19:51:38 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_754.dat -> %SystemRoot%\Temp\Perflib_Perfdata_754.dat -> [2007/12/03 13:55:22 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_370.dat -> %SystemRoot%\Temp\Perflib_Perfdata_370.dat -> [2007/12/03 11:09:53 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_38c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_38c.dat -> [2007/12/02 12:37:34 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_298.dat -> %SystemRoot%\Temp\Perflib_Perfdata_298.dat -> [2007/12/01 17:32:33 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_378.dat -> %SystemRoot%\Temp\Perflib_Perfdata_378.dat -> [2007/11/30 18:13:22 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_37c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_37c.dat -> [2007/11/27 11:57:28 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_344.dat -> %SystemRoot%\Temp\Perflib_Perfdata_344.dat -> [2007/11/25 16:42:08 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_68c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_68c.dat -> [2007/11/24 18:10:28 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_390.dat -> %SystemRoot%\Temp\Perflib_Perfdata_390.dat -> [2007/11/23 19:37:41 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5d0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5d0.dat -> [2007/11/22 14:52:35 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6c.dat -> [2007/11/22 10:13:12 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_384.dat -> %SystemRoot%\Temp\Perflib_Perfdata_384.dat -> [2007/11/21 22:09:25 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_620.dat -> %SystemRoot%\Temp\Perflib_Perfdata_620.dat -> [2007/11/20 19:35:42 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_58c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_58c.dat -> [2007/11/19 18:58:24 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5d4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5d4.dat -> [2007/11/16 18:02:33 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_4fc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_4fc.dat -> [2007/11/15 17:11:52 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_4e4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_4e4.dat -> [2007/11/14 15:17:16 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_74c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_74c.dat -> [2007/11/12 19:58:25 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_448.dat -> %SystemRoot%\Temp\Perflib_Perfdata_448.dat -> [2007/11/12 11:57:58 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5b8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5b8.dat -> [2007/11/11 16:28:30 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_b98.dat -> %SystemRoot%\Temp\Perflib_Perfdata_b98.dat -> [2007/11/11 12:31:28 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_568.dat -> %SystemRoot%\Temp\Perflib_Perfdata_568.dat -> [2007/11/10 19:37:07 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_574.dat -> %SystemRoot%\Temp\Perflib_Perfdata_574.dat -> [2007/11/08 20:39:52 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5d8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5d8.dat -> [2007/11/07 12:18:09 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5ec.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5ec.dat -> [2007/11/07 03:14:33 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5e8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5e8.dat -> [2007/11/06 16:57:56 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_1030.dat -> %SystemRoot%\Temp\Perflib_Perfdata_1030.dat -> [2007/11/06 01:48:18 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_53c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_53c.dat -> [2007/11/04 16:01:04 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_4b8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_4b8.dat -> [2007/11/03 17:10:11 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_7cc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_7cc.dat -> [2007/11/02 14:36:54 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_738.dat -> %SystemRoot%\Temp\Perflib_Perfdata_738.dat -> [2007/11/02 12:36:31 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5b0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5b0.dat -> [2007/10/30 18:31:12 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_3c4.dat -> %SystemRoot%\Temp\Perflib_Perfdata_3c4.dat -> [2007/10/29 11:55:06 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_728.dat -> %SystemRoot%\Temp\Perflib_Perfdata_728.dat -> [2007/10/28 22:49:49 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_798.dat -> %SystemRoot%\Temp\Perflib_Perfdata_798.dat -> [2007/10/28 17:03:59 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_740.dat -> %SystemRoot%\Temp\Perflib_Perfdata_740.dat -> [2007/10/28 15:46:47 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_5cc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_5cc.dat -> [2007/10/28 12:18:41 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_3bc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_3bc.dat -> [2007/10/26 12:09:57 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_3b0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_3b0.dat -> [2007/10/26 10:22:50 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_73c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_73c.dat -> [2007/10/25 21:21:06 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_72c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_72c.dat -> [2007/10/25 14:13:00 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_710.dat -> %SystemRoot%\Temp\Perflib_Perfdata_710.dat -> [2007/10/24 19:47:21 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_71c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_71c.dat -> [2007/10/24 19:41:57 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6cc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6cc.dat -> [2007/10/24 19:19:56 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_768.dat -> %SystemRoot%\Temp\Perflib_Perfdata_768.dat -> [2007/10/24 16:59:53 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_56c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_56c.dat -> [2007/10/24 09:41:29 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_538.dat -> %SystemRoot%\Temp\Perflib_Perfdata_538.dat -> [2007/10/23 17:38:05 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_564.dat -> %SystemRoot%\Temp\Perflib_Perfdata_564.dat -> [2007/10/23 09:38:14 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_748.dat -> %SystemRoot%\Temp\Perflib_Perfdata_748.dat -> [2007/10/22 17:20:30 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_478.dat -> %SystemRoot%\Temp\Perflib_Perfdata_478.dat -> [2007/10/21 23:49:40 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_720.dat -> %SystemRoot%\Temp\Perflib_Perfdata_720.dat -> [2007/10/21 23:04:13 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6d0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6d0.dat -> [2007/10/21 17:14:28 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_46c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_46c.dat -> [2007/10/21 10:40:19 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_2fc.dat -> %SystemRoot%\Temp\Perflib_Perfdata_2fc.dat -> [2007/10/20 18:13:41 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_678.dat -> %SystemRoot%\Temp\Perflib_Perfdata_678.dat -> [2007/10/20 15:04:30 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_654.dat -> %SystemRoot%\Temp\Perflib_Perfdata_654.dat -> [2007/10/20 08:28:32 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_6e0.dat -> %SystemRoot%\Temp\Perflib_Perfdata_6e0.dat -> [2007/10/20 08:12:49 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_444.dat -> %SystemRoot%\Temp\Perflib_Perfdata_444.dat -> [2007/10/18 13:22:06 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_774.dat -> %SystemRoot%\Temp\Perflib_Perfdata_774.dat -> [2007/10/18 11:41:31 | 00,016,384 | ---- | M] ()
wkcalcat.dat -> %AllUsersProfile%\Application Data\Microsoft\Works\wkcalcat.dat -> [2007/10/15 01:21:57 | 00,016,384 | ---- | M] ()
wklntsk.dat -> %AllUsersProfile%\Application Data\Microsoft\Works\wklntsk.dat -> [2007/10/15 01:21:54 | 00,515,952 | ---- | M] ()
wklntnts.dat -> %AllUsersProfile%\Application Data\Microsoft\Works\wklntnts.dat -> [2007/10/15 01:21:54 | 00,515,952 | ---- | M] ()
opa11.dat -> %AllUsersProfile%\Application Data\Microsoft\OFFICE\DATA\opa11.dat -> [2007/10/12 00:19:18 | 00,008,398 | ---- | M] ()
Perflib_Perfdata_77c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_77c.dat -> [2007/09/07 03:03:26 | 00,016,384 | ---- | M] ()
_WUTL95.DLL -> %SystemRoot%\Temp\_WUTL95.DLL -> [2007/07/14 19:47:47 | 00,027,648 | ---- | M] (Stirling Technologies, Inc.)
Perflib_Perfdata_76c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_76c.dat -> [2007/06/18 20:21:02 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_1e8.dat -> %SystemRoot%\Temp\Perflib_Perfdata_1e8.dat -> [2007/05/25 14:49:56 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_44c.dat -> %SystemRoot%\Temp\Perflib_Perfdata_44c.dat -> [2007/05/24 14:03:12 | 00,016,384 | ---- | M] ()
Perflib_Perfdata_724.dat -> %SystemRoot%\Temp\Perflib_Perfdata_724.dat -> [2007/03/30 18:39:30 | 00,016,384 | ---- | M] ()
SymSCLiveUpdate.dat -> %SystemRoot%\Temp\SymSCLiveUpdate.dat -> [2004/11/02 11:54:10 | 00,000,316 | ---- | M] ()
symcprop.dat -> %SystemRoot%\Temp\symcprop.dat -> [2004/11/02 11:54:10 | 00,000,124 | ---- | M] ()
 
[Alternate Data Streams]
@Alternate Data Stream - 0 bytes -> %SystemRoot%\Thumbs.db:encryptable
@Alternate Data Stream - 0 bytes -> %UserProfile%\Desktop\Thumbs.db:encryptable
@Alternate Data Stream - 0 bytes -> %UserProfile%\My Documents\Thumbs.db:encryptable
@Alternate Data Stream - 106 bytes -> %AllUsersProfile%\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 114 bytes -> %AllUsersProfile%\Application Data\TEMP:889A0437
@Alternate Data Stream - 135 bytes -> %AllUsersProfile%\Application Data\TEMP:9B7E8561
@Alternate Data Stream - 152 bytes -> %AllUsersProfile%\Application Data\TEMP:E26A1EF1
[CatchMe Rootkit Scan by GMER]
< Windows folder & sub-folders >
scanning hidden processes ...
IPC error: 2 The system cannot find the file specified.
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
< Document and Settings folder & sub folders >
scanning hidden processes ...
IPC error: 2 The system cannot find the file specified.
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
 
< End of report >



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-02-01.01)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume2
Install Date: 9/14/2004 7:53:44 PM
System Uptime: 2/18/2009 5:28:11 PM (2 hours ago)

Motherboard: Sony Corporation | | Q-Project
Processor: Intel(R) Pentium(R) 4 CPU 2.80GHz | N/A | 2791/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 39 GiB total, 16.403 GiB free.
D: is FIXED (NTFS) - 85 GiB total, 75.473 GiB free.
E: is CDROM ()
F: is Removable
G: is Removable

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP180: 11/9/2008 3:25:16 AM - System Checkpoint
RP181: 11/11/2008 12:31:19 AM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.
RP182: 11/11/2008 12:32:18 AM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.
RP183: 11/11/2008 6:20:02 PM - Software Distribution Service 3.0
RP184: 11/14/2008 11:17:38 AM - System Checkpoint
RP185: 11/15/2008 1:16:00 PM - System Checkpoint
RP186: 11/16/2008 7:59:43 PM - System Checkpoint
RP187: 11/17/2008 8:48:06 PM - System Checkpoint
RP188: 11/19/2008 7:23:28 PM - System Checkpoint
RP189: 11/21/2008 9:17:02 PM - System Checkpoint
RP190: 11/24/2008 2:28:10 PM - System Checkpoint
RP191: 11/27/2008 3:08:37 PM - System Checkpoint
RP192: 12/1/2008 3:15:37 PM - System Checkpoint
RP193: 12/4/2008 7:49:21 PM - System Checkpoint
RP194: 12/6/2008 12:13:01 PM - System Checkpoint
RP195: 12/8/2008 6:37:47 AM - System Checkpoint
RP196: 12/11/2008 11:25:27 PM - Software Distribution Service 3.0
RP197: 12/13/2008 12:00:56 AM - System Checkpoint
RP198: 12/13/2008 3:00:43 AM - Software Distribution Service 3.0
RP199: 12/14/2008 3:29:42 AM - System Checkpoint
RP200: 12/14/2008 11:20:07 AM - Installed Java(TM) 6 Update 11
RP201: 12/18/2008 2:31:05 AM - Software Distribution Service 3.0
RP202: 12/23/2008 4:44:00 PM - System Checkpoint
RP203: 12/24/2008 2:10:35 PM - Installed RegFixPro
RP204: 12/30/2008 6:13:12 PM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.
RP205: 12/30/2008 6:14:01 PM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.
RP206: 1/6/2009 8:40:32 PM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.
RP207: 1/6/2009 8:41:36 PM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.
RP208: 1/6/2009 10:29:06 PM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.
RP209: 1/9/2009 5:14:18 PM - Installed Uniblue DriverScanner v1.0
RP210: 1/11/2009 2:24:06 PM - Installed Microsoft Publisher 2002
RP211: 1/12/2009 3:02:19 PM - Software Distribution Service 3.0
RP212: 1/13/2009 2:25:01 AM - Software Distribution Service 3.0
RP213: 1/14/2009 3:01:50 AM - Software Distribution Service 3.0
RP214: 1/14/2009 9:22:44 PM - Installed J2SE Runtime Environment 5.0 Update 7
RP215: 1/14/2009 10:15:24 PM - Removed J2SE Runtime Environment 5.0 Update 7
RP216: 1/14/2009 10:20:53 PM - Removed Java(TM) 6 Update 11
RP217: 1/14/2009 10:24:32 PM - Removed Java(TM) 6 Update 5
RP218: 1/14/2009 10:27:08 PM - Removed Java(TM) 6 Update 7
RP219: 1/14/2009 10:33:57 PM - Removed Jott Express
RP220: 1/14/2009 11:22:19 PM - Installed Java(TM) 6 Update 11
RP221: 1/15/2009 1:33:34 AM - Software Distribution Service 3.0
RP222: 1/19/2009 8:06:06 AM - System Checkpoint
RP223: 1/22/2009 4:28:10 PM - System Checkpoint
RP224: 1/24/2009 6:30:02 PM - System Checkpoint
RP225: 1/26/2009 5:38:45 PM - System Checkpoint
RP226: 1/28/2009 11:09:07 PM - System Checkpoint
RP227: 2/3/2009 11:23:06 AM - System Checkpoint
RP228: 2/6/2009 2:57:14 PM - System Checkpoint
RP229: 2/7/2009 5:33:22 PM - Installed iTunes
RP230: 2/16/2009 2:23:08 PM - Removed STOPzilla. Available with Windows Installer version 1.2 and later.
RP231: 2/18/2009 3:39:13 PM - Software Distribution Service 3.0
RP232: 2/18/2009 5:35:46 PM - Printer Driver Microsoft XPS Document Writer Installed

==== Installed Programs ======================

ABBYY FineReader 6.0 Sprint
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Reader 8.1.3
Adobe Shockwave Player 11
AIM 6
Aim Plugin for QQ Games
AIMTunes
Amazon MP3 Downloader 1.0.3
AOL Toolbar for Internet Explorer
AOL Uninstaller (Choose which Products to Remove)
Apple Mobile Device Support
Apple Software Update
Aqua Bubble (CD version)
ArcSoft Software Suite
AT&T Communication Manager
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
Avery Wizard 1.1 for Microsoft Word 97
Bejeweled 2 Deluxe 1.0
Boggle
Bonjour
Buddy Icon Maker 1.0.0.1
Cake Mania Deluxe
Colorizer 1.0.0.1
CPQ650TP Ver. 2.3
DesignPro 5.4 Limited Edition
Diamond Drop (CD version)
Digital Giggles
Disney Interactive Compatibility Update May 2002
Driver Installer
DUXUS CLOCK FONT (1.0.0)
DVgate Plus
Enhanced Font List for Word 97 (VBA PowerTool)
Face Dough
Family Album Screen Saver
Hidden Expedition - Titanic
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.0 (KB932471)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
HotKey Utility
Hoyle Card Games 2005
InterVideo WinDVD 5 for VAIO
iTunes
Jasc Paint Shop Pro 8
Java(TM) 6 Update 11
Juice 2.2
Kodak One-Touch Printing Solution SDK
Kybtec World Clock 3.3.1.1
LAN-Express AS IEEE 802.11 Wireless LAN
Learn2 Player (Uninstall Only)
Lexmark 8300 Series
LivePix 1.0
Logitech Desktop Messenger
Logitech MouseWare 9.79
Logitech Resource Center
Mahjongg Master 5
Malwarebytes' Anti-Malware
McAfee SecurityCenter
Memory Stick Formatter
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Location Finder
Microsoft National Language Support Downlevel APIs
Microsoft Office 97 Unique Identifier Removal Tool
Microsoft Office 97, Professional Edition
Microsoft Publisher 2002
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Works 7.0
MobileMe Control Panel
MoodLogic
Moraff's SphereJongg 5.1
Move Networks Media Player for Internet Explorer
MS The Dolphin Assistant(Remove only)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
MSXML 6.0 Parser (KB933579)
Nokia Connectivity Adapter Cable DKU-5
OpenMG Limited Patch 3.4-03-12-16-01
OpenMG Secure Module 3.4.00
Outlook 3 Pane Message Preview Extension (Remove only)
Photo Viewer 2.4
Picture Package Music Transfer
PictureGear Studio 2.0
Presto! Forms 3.50.02
Presto! PageManager 7.12.10
Print to Fax
Puppy Album
Puzzle Master 3
QQ Games
Quicken 2004
QuickTime
RealPlayer
RegFixPro
Safari
Sandlot Games Client Services
Security Update for CAPICOM (KB931906)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB960715)
SnoopFree Privacy Shield
SoftV92 Data Fax Modem with SmartCP
SonicStage 2.0.02
Sony Certificate PCH
Sony Download Taxi 1.5.0.0
Sony Notebook Setup
Sony Picture Utility
Sony USB Driver
Sony USB Mouse
Sony Utilities DLL
Sony Video Shared Library
Sony XBRITE Screen Saver
Spelling Dictionaries Support For Adobe Reader 8
Spy Sweeper
Spy Sweeper Core
Super Bubble Pop
TurboTax Deluxe Deduction Maximizer 2006
TurboTax ItsDeductible 2006
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955839)
VAIO Entertainment Platform
VAIO Help and Support
VAIO Media 3.0
VAIO Media Integrated Server 3.0
VAIO Media Redistribution 3.0
VAIO Power Management
VAIO Registration
VAIO SLIT-C Screen Saver
VAIO SLIT Pattern Wallpaper
VAIO Survey Standalone
VAIO Update 2
Viewpoint Media Player
Virtual Earth 3D (Beta)
VIVA MEDIA GAME CENTER
WebFldrs XP
Welcome to VAIO life
WexTech AnswerWorks
Wild Photo Effects
Windows Imaging Component
Windows Installer Clean Up
Windows Live Messenger
Windows Live OneCare safety scanner
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Player 11
Windows Presentation Foundation
Windows XP Service Pack 3
Yahoo! Messenger
Yahoo! Toolbar
Your Photo Here

==== Event Viewer Messages From Past Week ========

2/14/2009 1:22:28 PM, error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
2/14/2009 1:20:46 PM, error: Service Control Manager [7000] - The Webroot Spy Sweeper Engine service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/14/2009 1:20:46 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Webroot Spy Sweeper Engine service to connect.
2/14/2009 1:20:46 PM, error: Service Control Manager [7000] - The AOL Connectivity Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/14/2009 1:20:46 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the AOL Connectivity Service service to connect.
2/13/2009 12:01:10 AM, error: Service Control Manager [7000] - The IMAPI CD-Burning COM Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/13/2009 12:01:10 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
2/13/2009 12:00:27 AM, error: Service Control Manager [7022] - The McAfee Real-time Scanner service hung on starting.
2/12/2009 11:38:28 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service WebrootSpySweeperService with arguments "" in order to run the server: {1281A68F-9E75-418F-B3AC-D5B23DD86408}
2/12/2009 1:42:33 PM, error: Service Control Manager [7022] - The Webroot Spy Sweeper Engine service hung on starting.
2/11/2009 4:11:15 PM, error: Print [6161] - The document viewtopic.php?f=11&t=39260&p=40 owned by Della failed to print on printer Lexmark 8300 Series. Data type: LEMF. Size of the spool file in bytes: 9692481. Number of bytes printed: 0. Total number of pages in the document: 8. Number of pages printed: 4. Client machine: \\VALUED-2CA80C17. Win32 error code returned by the print processor: 0 (0x0).
2/11/2009 2:51:14 PM, error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/11/2009 2:51:12 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Apple Mobile Device service to connect.
2/11/2009 2:50:02 PM, error: Service Control Manager [7000] - The McAfee SystemGuards service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/11/2009 2:50:02 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the McAfee SystemGuards service to connect.
2/15/2009 2:29:28 PM, error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
2/15/2009 7:31:25 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the mcmscsvc service.
2/16/2009 12:51:55 PM, error: Service Control Manager [7031] - The Bytemobile Web Configurator service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
2/16/2009 2:21:20 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the szserver service.
2/16/2009 6:46:03 PM, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.
2/16/2009 6:46:03 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC. Reference error message: The referenced assembly is not installed on your system. .
2/16/2009 6:46:03 PM, error: SideBySide [59] - Generate Activation Context failed for C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL. Reference error message: The operation completed successfully. .

==== End Of File ===========================


DDS (Ver_09-02-01.01) - NTFSx86
Run by Della at 19:44:35.13 on Wed 02/18/2009
Internet Explorer: 7.0.5730.13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.959.419 [GMT -8:00]

AV: McAfee VirusScan *On-access scanning enabled* (Updated)
FW: Webroot Internet Security Essentials *disabled*
FW: McAfee Personal Firewall *enabled*

============== Running Processes ===============

C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bmwebcfg.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lxcjcoms.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\SnoopFreeSvc.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\COMPAQ\CPQ650TP\Ver. 2.3\LWBWHEEL.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\AT&T\Communication Manager\ATTCM.exe
C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe
C:\Program Files\Lexmark 8300 Series\lxcjmon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\RegFixPro\RegFixPro.exe
C:\Program Files\Lexmark 8300 Series\ezprint.exe
C:\WINDOWS\SnoopFreeUI.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Microsoft Location Finder\LocationFinder.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe
C:\Program Files\AT&T\Communication Manager\bmctl.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\Program Files\AT&T\Communication Manager\bmop.exe
C:\Program Files\Webroot\Spy Sweeper\SSU.EXE
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
D:\Malware Remove\DDS\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://pogo.com/
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: IAOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol toolbar\aoltb.dll
mURLSearchHooks: IAOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol toolbar\aoltb.dll
mURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: NoExplorer - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: AOL Toolbar Loader: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol toolbar\aoltb.dll
BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\mcafee\virusscan\scriptsn.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\2.1.615.5858\swg.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol toolbar\aoltb.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
TB: {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [Microsoft Location Finder] "c:\program files\microsoft location finder\LocationFinder.exe"
uRun: [Yahoo! Pager] "c:\program files\yahoo!\messenger\YahooMessenger.exe" -quiet
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [ctfmon.exe] "c:\windows\system32\ctfmon.exe"
mRun: [ezShieldProtector for Px] "c:\windows\system32\ezSP_Px.exe"
mRun: [VAIO Update 2] "c:\program files\sony\vaio update 2\VAIOUpdt.exe" /Stationary
mRun: [SonyPowerCfg] "c:\program files\sony\vaio power management\SPMgr.exe"
mRun: [LWBMOUSE] "c:\program files\compaq\cpq650tp\ver. 2.3\LWBWHEEL.exe"
mRun: [HKSERV.EXE] "c:\program files\sony\hotkey utility\HKserv.exe"
mRun: [ATIPTA] "c:\program files\ati technologies\ati control panel\atiptaxx.exe"
mRun: [AT&T Communication Manager] "c:\program files\at&t\communication manager\ATTCM.exe" -a
mRun: [HostManager] "c:\program files\common files\aol\1188181604\ee\AOLSoftware.exe"
mRun: [lxcjmon.exe] "c:\program files\lexmark 8300 series\lxcjmon.exe"
mRun: [WrtMon.exe] "c:\windows\system32\spool\drivers\w32x86\3\WrtMon.exe"
mRun: [Logitech Utility] "c:\windows\Logi_MwX.Exe"
mRun: [VMConsole.exe] "c:\program files\sony\vaio media integrated server\platform\VMConsole.exe" /windowmin
mRun: [VAIO Recovery] "c:\windows\sonysys\vaio recovery\PartSeal.exe"
mRun: [RegFixPro] "c:\program files\regfixpro\RegFixPro.exe"
mRun: [EzPrint] "c:\program files\lexmark 8300 series\ezprint.exe"
mRun: [KernelFaultCheck] "c:\windows\system32\dumprep.exe" 0 -k
mRun: [AppleSyncNotifier] "c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [SnoopFreeUI] SnoopFreeUI.exe
mRun: [mcagent_exe] "c:\program files\mcafee.com\agent\mcagent.exe" /runkey
mRun: [McENUI] "c:\progra~1\mcafee\mhn\McENUI.exe" /hide
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [SpySweeper] "c:\program files\webroot\spy sweeper\SpySweeperUI.exe" /startintray
mRun: [LXCJCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCJtime.dll,_RunDLLEntry@16
StartupFolder: c:\docume~1\della\startm~1\programs\startup\aoldes~1.lnk - c:\program files\common files\aol\launch\aollaunch.exe
StartupFolder: c:\docume~1\della\startm~1\programs\startup\aoldes~1.lnk - c:\program files\common files\aol\launch\aollaunch.exe
IE: &AOL Toolbar Search - c:\documents and settings\all users\application data\aol\ietoolbar\resources\en-us\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
LSP: bmnet.dll
Trusted Zone: internet
Trusted Zone: mcafee.com
Trusted Zone: trendmicro.com\housecall
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} - hxxp://download.microsoft.com/download/ ... ontrol.cab
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Hidden%20Expedition%20-%20Titanic/Images/stg_drm.ocx
DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} - hxxp://www.pogo.com/cdl/launcher/PogoWe ... taller.CAB
DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - hxxp://cdn.scan.onecare.live.com/resour ... se4009.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microso ... 4341918252
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/fl ... rashim.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v ... b56649.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Hidden%20Expedition%20-%20Titanic/Images/armhelper.ocx
DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} - hxxp://download.mcafee.com/molbin/iss-l ... cfscan.cab
TCP: {114E7C94-FEE8-4F87-89A1-E36721445B5E} = 209.183.54.151 209.183.54.151
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\progra~1\mcafee\sitead~1\McIEPlg.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

============= SERVICES / DRIVERS ===============

R0 SnoopFree;SnoopFree Driver;c:\windows\system32\drivers\SnopFree.sys [2008-8-16 9472]
R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys [2008-11-12 29808]
R1 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2008-12-28 207656]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\mcafee\siteadvisor\McSACore.exe [2008-12-28 206096]
R2 McProxy;McAfee Proxy Service;c:\progra~1\common~1\mcafee\mcproxy\mcproxy.exe [2008-12-28 358736]
R2 McShield;McAfee Real-time Scanner;c:\progra~1\mcafee\viruss~1\mcshield.exe [2008-12-28 144704]
R2 SnoopFreeSvc;Snoop Free Service;System32\SnoopFreeSvc.exe --> System32\SnoopFreeSvc.exe [?]
R2 VAIO Entertainment File Import Service;VAIO Entertainment File Import Service;c:\program files\common files\sony shared\vaio entertainment\vzcdb\VzFw.exe [2004-5-19 86098]
R2 Viewpoint Manager Service;Viewpoint Manager Service;c:\program files\viewpoint\common\ViewpointService.exe [2007-10-30 24652]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine;c:\program files\webroot\spy sweeper\SpySweeper.exe [2008-11-12 3667312]
R2 WRConsumerService;Webroot Client Service;c:\program files\webroot\spy sweeper\WRConsumerService.exe [2009-1-9 1086840]
R3 GTFFBUS;GT FF BUS;c:\windows\system32\drivers\gtffbus.sys [2007-10-6 17024]
R3 GTMNDISIRPXP;GT M 3G+ IRP NDIS;c:\windows\system32\drivers\Gtm51Irp.sys [2007-10-6 120960]
R3 GTPTSER;GT PT SER;c:\windows\system32\drivers\gtptser.sys [2007-10-6 8064]
R3 GTUQBUS;GT UQ BUS;c:\windows\system32\drivers\gtuqbus.sys [2007-10-6 36992]
R3 McSysmon;McAfee SystemGuards;c:\progra~1\mcafee\viruss~1\mcsysmon.exe [2008-12-28 605512]
R3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2008-12-28 79240]
R3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2008-12-28 35240]
R3 mfesmfk;McAfee Inc. mfesmfk;c:\windows\system32\drivers\mfesmfk.sys [2008-12-28 40488]
S3 ATTRcAppSvc;AT&T RcAppSvc;c:\program files\at&t\communication manager\RcAppSvc.exe [2007-10-18 109080]
S3 mferkdk;McAfee Inc. mferkdk;c:\windows\system32\drivers\mferkdk.sys [2008-12-28 34152]
S3 VAIO Entertainment UPnP Client Adapter;VAIO Entertainment UPnP Client Adapter;c:\program files\common files\sony shared\vaio entertainment\vcsw\vcsw.exe -runbyscm --> c:\program files\common files\sony shared\vaio entertainment\vcsw\VCSW.exe -RunBySCM [?]

=============== Created Last 30 ================

2009-02-18 18:41 <DIR> --d----- C:\Blacklight
2009-02-16 14:36 250 a------- c:\windows\gmer.ini
2009-02-07 17:38 <DIR> --d----- c:\program files\iPod
2009-02-07 17:37 <DIR> --d----- c:\program files\iTunes
2009-02-07 17:37 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-02-01 23:31 16,244 a------- c:\windows\system32\rrt_is.wav
2009-02-01 23:31 7,302 a------- c:\windows\system32\rrt_vf.wav
2009-02-01 23:31 7,148 a------- c:\windows\system32\rrt_tv.wav
2009-02-01 23:31 6,282 a------- c:\windows\system32\rrt_tn.wav
2009-01-26 16:12 <DIR> --d----- c:\docume~1\della\applic~1\Malwarebytes
2009-01-26 16:12 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-01-26 16:12 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-01-26 16:12 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-01-26 16:12 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-01-26 16:08 <DIR> --d----- c:\program files\Trend Micro

==================== Find3M ====================

2009-01-14 23:23 410,984 a------- c:\windows\system32\deploytk.dll
2008-12-20 15:15 826,368 a------- c:\windows\system32\wininet.dll
2008-06-10 13:29 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008061020080611\index.dat

============= FINISH: 19:46:12.06 ===============

Malwarebytes' Anti-Malware 1.33
Database version: 1697
Windows 5.1.2600 Service Pack 3

2/19/2009 2:06:00 PM
mbam-log-2009-02-19 (14-06-00).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 222532
Time elapsed: 5 hour(s), 25 minute(s), 39 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\System Volume Information\_restore{1C83D26D-BBBD-43D0-8754-E07CF513167A}\RP222\A0091723.DLL (Adware.AskSBAR) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{1C83D26D-BBBD-43D0-8754-E07CF513167A}\RP222\A0091768.dll (Adware.AskSBAR) -> Quarantined and deleted successfully.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:29:16 PM, on 2/19/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\bmwebcfg.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\lxcjcoms.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\McAfee\MSK\MskSrver.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\SnoopFreeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\ezSP_Px.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\COMPAQ\CPQ650TP\Ver. 2.3\LWBWHEEL.exe
C:\Program Files\Sony\HotKey Utility\HKserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\AT&T\Communication Manager\ATTCM.exe
C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe
C:\Program Files\Lexmark 8300 Series\lxcjmon.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe
C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtProc.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\RegFixPro\RegFixPro.exe
C:\Program Files\Sony\HotKey Utility\HKWnd.exe
C:\Program Files\Lexmark 8300 Series\ezprint.exe
C:\WINDOWS\SnoopFreeUI.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Microsoft Location Finder\LocationFinder.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\Program Files\Common Files\AOL\1188181604\ee\AOLDesktop.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\AT&T\Communication Manager\bmctl.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://pogo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: IAOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~1\mcafee\msk\mskapbho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: AOL Toolbar Loader - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL Toolbar\aoltb.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL Toolbar\aoltb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [ezShieldProtector for Px] C:\WINDOWS\system32\ezSP_Px.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [SonyPowerCfg] "C:\Program Files\Sony\VAIO Power Management\SPMgr.exe"
O4 - HKLM\..\Run: [LWBMOUSE] "C:\Program Files\COMPAQ\CPQ650TP\Ver. 2.3\LWBWHEEL.exe"
O4 - HKLM\..\Run: [HKSERV.EXE] "C:\Program Files\Sony\HotKey Utility\HKserv.exe"
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [AT&T Communication Manager] "C:\Program Files\AT&T\Communication Manager\ATTCM.exe" -a
O4 - HKLM\..\Run: [HostManager] "C:\Program Files\Common Files\AOL\1188181604\ee\AOLSoftware.exe"
O4 - HKLM\..\Run: [lxcjmon.exe] "C:\Program Files\Lexmark 8300 Series\lxcjmon.exe"
O4 - HKLM\..\Run: [WrtMon.exe] "C:\WINDOWS\system32\spool\drivers\w32x86\3\WrtMon.exe"
O4 - HKLM\..\Run: [Logitech Utility] "C:\WINDOWS\Logi_MwX.Exe"
O4 - HKLM\..\Run: [VMConsole.exe] "C:\Program Files\sony\vaio media integrated server\Platform\VMConsole.exe" /windowmin
O4 - HKLM\..\Run: [VAIO Recovery] "C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe"
O4 - HKLM\..\Run: [RegFixPro] "C:\Program Files\RegFixPro\RegFixPro.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 8300 Series\ezprint.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] "C:\WINDOWS\system32\dumprep.exe" 0 -k
O4 - HKLM\..\Run: [AppleSyncNotifier] "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SnoopFreeUI] SnoopFreeUI.exe
O4 - HKLM\..\Run: [mcagent_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [McENUI] "C:\PROGRA~1\McAfee\MHN\McENUI.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCJCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCJtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [SpySweeper] C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe /startintray
O4 - HKCU\..\Run: [Microsoft Location Finder] "C:\Program Files\Microsoft Location Finder\LocationFinder.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: AOL Desktop.lnk = C:\Program Files\Common Files\AOL\Launch\aollaunch.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Office Startup.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Global Startup: Quicken Scheduled Updates.lnk = C:\Program Files\Quicken\bagent.exe
O8 - Extra context menu item: &AOL Toolbar Search - C:\Documents and Settings\All Users\Application Data\AOL\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O10 - Unknown file in Winsock LSP: bmnet.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Hidden%20Expedition%20-%20Titanic/Images/stg_drm.ocx
O16 - DPF: {3107C2A8-9F0B-4404-A58B-21BD85268FBC} (PogoWebLauncher Control) - http://www.pogo.com/cdl/launcher/PogoWe ... taller.CAB
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resour ... se4009.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 4341918252
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v ... b56649.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/Hidden%20Expedition%20-%20Titanic/Images/armhelper.ocx
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-l ... cfscan.cab
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\acsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AT&T RcAppSvc (ATTRcAppSvc) - PCTEL - C:\Program Files\AT&T\Communication Manager\RcAppSvc.exe
O23 - Service: Bytemobile Web Configurator (bmwebcfg) - Bytemobile, Inc. - C:\WINDOWS\system32\bmwebcfg.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lxcj_device - - C:\WINDOWS\system32\lxcjcoms.exe
O23 - Service: MBackMonitor - McAfee - C:\Program Files\McAfee\MBK\MBackMonitor.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\PACSPT~1.EXE
O23 - Service: Snoop Free Service (SnoopFreeSvc) - Unknown owner - C:\WINDOWS\System32\SnoopFreeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\VmGateway.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\vaio media integrated server\Platform\UPnPFramework.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe

--
End of file - 16042 bytes
daffyd9
Active Member
 
Posts: 11
Joined: January 26th, 2009, 7:56 pm

Re: think I have spyware or other bad problem

Unread postby Axephilic » February 22nd, 2009, 1:52 pm

Hi there,

Please make sure that you are observing this point from my first post:
Please do not run other tools to remove the malware unless I ask you to until I give you the all clean. They will just mess up my fixes and make things more complicated, not fix the problem.


Please navigate to the system tray on the bottom right hand corner and look for a Image sign.
  • Right-click it -> chose "Exit."
  • A popup will warn that protection will now be disabled. Click on "Yes" to disable the Antivirus guard.
You successfully disabled the McAfee Guard.

OTScanIt

Please start OTScanIt2. Copy/Paste the information in the quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.
[Kill Explorer]
[Unregister Dlls]
[Registry - Safe List]
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YN -> {7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
YN -> ShellBrowser\\"{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
YN -> WebBrowser\\"{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}" [HKLM] -> Reg Error: Key does not exist or could not be opened. [Reg Error: Key does not exist or could not be opened.]
[Files/Folders - Created Within 30 Days]
NY -> watermelon slices.CLP -> %UserProfile%\My Documents\watermelon slices.CLP
NY -> pink flower.CLP -> %UserProfile%\My Documents\pink flower.CLP
NY -> {3276BE95_AF08_429F_A64F_CA64CB79BCF6} -> %AllUsersProfile%\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
NY -> Shortcut to CaSIR22.exe.lnk -> %UserProfile%\Desktop\Shortcut to CaSIR22.exe.lnk
NY -> rrt_is.wav -> %SystemRoot%\System32\rrt_is.wav
NY -> rrt_vf.wav -> %SystemRoot%\System32\rrt_vf.wav
NY -> rrt_tv.wav -> %SystemRoot%\System32\rrt_tv.wav
NY -> rrt_tn.wav -> %SystemRoot%\System32\rrt_tn.wav
NY -> fat cars 2.CLP -> %UserProfile%\My Documents\fat cars 2.CLP
NY -> fat cars 1.CLP -> %UserProfile%\My Documents\fat cars 1.CLP
[Files/Folders - Modified Within 30 Days]
NY -> PerfStringBackup.INI -> %SystemRoot%\System32\PerfStringBackup.INI
NY -> perfh009.dat -> %SystemRoot%\System32\perfh009.dat
NY -> perfc009.dat -> %SystemRoot%\System32\perfc009.dat
NY -> qmgr1.dat -> %AllUsersProfile%\Application Data\Microsoft\Network\Downloader\qmgr1.dat
NY -> sqmnoopt15.sqm -> %SystemDrive%\sqmnoopt15.sqm
NY -> sqmdata15.sqm -> %SystemDrive%\sqmdata15.sqm
NY -> RegistrySmart Scheduled Scan.job -> %SystemRoot%\tasks\RegistrySmart Scheduled Scan.job
NY -> RegClean Scheduled Scan.job -> %SystemRoot%\tasks\RegClean Scheduled Scan.job
NY -> sqmnoopt14.sqm -> %SystemDrive%\sqmnoopt14.sqm
NY -> sqmdata14.sqm -> %SystemDrive%\sqmdata14.sqm
NY -> sqmnoopt13.sqm -> %SystemDrive%\sqmnoopt13.sqm
NY -> sqmdata13.sqm -> %SystemDrive%\sqmdata13.sqm
NY -> sqmnoopt12.sqm -> %SystemDrive%\sqmnoopt12.sqm
NY -> sqmdata12.sqm -> %SystemDrive%\sqmdata12.sqm
NY -> watermelon slices.CLP -> %UserProfile%\My Documents\watermelon slices.CLP
NY -> pink flower.CLP -> %UserProfile%\My Documents\pink flower.CLP
NY -> sqmnoopt11.sqm -> %SystemDrive%\sqmnoopt11.sqm
NY -> sqmdata11.sqm -> %SystemDrive%\sqmdata11.sqm
NY -> sqmnoopt10.sqm -> %SystemDrive%\sqmnoopt10.sqm
NY -> sqmdata10.sqm -> %SystemDrive%\sqmdata10.sqm
NY -> sqmnoopt09.sqm -> %SystemDrive%\sqmnoopt09.sqm
NY -> sqmdata09.sqm -> %SystemDrive%\sqmdata09.sqm
NY -> sqmnoopt08.sqm -> %SystemDrive%\sqmnoopt08.sqm
NY -> sqmdata08.sqm -> %SystemDrive%\sqmdata08.sqm
NY -> sqmnoopt07.sqm -> %SystemDrive%\sqmnoopt07.sqm
NY -> sqmdata07.sqm -> %SystemDrive%\sqmdata07.sqm
NY -> BookwormAdventures.dll -> %SystemRoot%\Temp\BookwormAdventures.dll
NY -> sqmdata06.sqm -> %SystemDrive%\sqmdata06.sqm
NY -> sqmnoopt06.sqm -> %SystemDrive%\sqmnoopt06.sqm
NY -> RegFixPro Scan.job -> %SystemRoot%\tasks\RegFixPro Scan.job
NY -> SearchWithGoogleUpdate.exe -> %SystemRoot%\Temp\gisa600b\SearchWithGoogleUpdate.exe
NY -> GoogleUpdaterService.exe -> %SystemRoot%\Temp\gisa600b\GoogleUpdaterService.exe
NY -> GoogleUpdaterSetup.exe -> %SystemRoot%\Temp\gisa600b\2.4.1487.6512\GoogleUpdaterSetup.exe
NY -> GoogleUpdater.exe -> %SystemRoot%\Temp\gisa600b\GoogleUpdater.exe
NY -> cires.dll -> %SystemRoot%\Temp\gisa600b\2.4.1487.6512\cires.dll
NY -> ci.dll -> %SystemRoot%\Temp\gisa600b\2.4.1487.6512\ci.dll
NY -> GoogleUpdaterInstallMgr.exe -> %SystemRoot%\Temp\gisa600b\2.4.1487.6512\GoogleUpdaterInstallMgr.exe
NY -> npCIDetect13.dll -> %SystemRoot%\Temp\gisa600b\2.4.1487.6512\npCIDetect13.dll
NY -> GoogleUpdaterAdminPrefs.exe -> %SystemRoot%\Temp\gisa600b\2.4.1487.6512\GoogleUpdaterAdminPrefs.exe
NY -> Shortcut to CaSIR22.exe.lnk -> %UserProfile%\Desktop\Shortcut to CaSIR22.exe.lnk
NY -> rrt_is.wav -> %SystemRoot%\System32\rrt_is.wav
NY -> rrt_vf.wav -> %SystemRoot%\System32\rrt_vf.wav
NY -> rrt_tv.wav -> %SystemRoot%\System32\rrt_tv.wav
NY -> rrt_tn.wav -> %SystemRoot%\System32\rrt_tn.wav
NY -> fat cars 2.CLP -> %UserProfile%\My Documents\fat cars 2.CLP
NY -> fat cars 1.CLP -> %UserProfile%\My Documents\fat cars 1.CLP
NY -> sqmdata05.sqm -> %SystemDrive%\sqmdata05.sqm
NY -> sqmnoopt05.sqm -> %SystemDrive%\sqmnoopt05.sqm
NY -> SymSCLiveUpdate.dat -> %SystemRoot%\Temp\SymSCLiveUpdate.dat
NY -> symcprop.dat -> %SystemRoot%\Temp\symcprop.dat
[Purity]
[Empty Temp Folders]
[Start Explorer]
[Reboot]

The fix should only take a very short time and then you will be asked if you want to reboot. Choose Yes.
Warning: This fix is for this user only. DO NOT duplicate this fix or you risk damaging your own system

Download and Run ComboFix
Please visit this page to download and run Combofix - http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Save it to your desktop.

  • Double click on ComboFix.exe & follow the prompts.
  • As part of its process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. You will see the following message if Microsoft Windows Recovery Console is not installed.

    Image

    With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue its malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Image

Click on Yes to continue scanning for malware.

When finished, a log will be produced. Please post this log in your next reply.

Do not mouse click on Combofix while it is running. That may cause it to stall.

Please also post the Kaspersky report from this file in the My Documents folder: kaspersky scan report 1-21.html.

In your next reply, please include:
  1. OTScanIt Log
  2. ComboFix log
  3. Kaspersky report
  4. A new HijackThis log

Regards,
Adam
User avatar
Axephilic
Retired Graduate
 
Posts: 2180
Joined: June 18th, 2007, 1:10 pm
Location: Wisconsin, US

Re: think I have spyware or other bad problem

Unread postby daffyd9 » February 23rd, 2009, 4:29 pm

have tried to send the logs & report numerous times. Keep getting error, even when I try to divide & send one at time. Will keep trying later.

SQL ERROR [ mysql4 ]

Got a packet bigger than 'max_allowed_packet' bytes [1153]

An SQL error occurred while fetching this page. Please contact the Board Administrator if this problem persists.
daffyd9
Active Member
 
Posts: 11
Joined: January 26th, 2009, 7:56 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 26 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware