• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
Sign in to follow this  
Followers 0
gazzaman

please help before pc crashes

18 posts in this topic

Could someone please help to get rid of this peski malware my pc is getting slower by the day.

I have attatched the hijack this log. Thank you in advance regards Gary.

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:28:12, on 18/01/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16945)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\AVG\AVG9\avgchsvx.exe

C:\Program Files\AVG\AVG9\avgrsx.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\RunDll32.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\PeerGuardian2\pg2.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

C:\Program Files\Kodak\printer\center\KodakSvc.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\QuickTime\QuickTimePlayer.exe

C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart.exe

C:\Program Files\AVG\AVG9\avgwdsvc.exe

C:\Program Files\AVG\AVG9\avgnsx.exe

C:\Program Files\AVG\AVG9\avgtray.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: (no name) - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)

O2 - BHO: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: (no name) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - (no file)

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [soundFusion] RunDll32 hercplgs.cpl,BootEntryPoint

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h

O4 - HKLM\..\Run: [COMODO SafeSurf] "C:\Program Files\COMODO\SafeSurf\cssurf.exe" -s

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe

O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: PHOTOfunSTUDIO.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe

O4 - Global Startup: Ulead Photo Express 3.0 SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1031444432593

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll

O20 - AppInit_DLLs:

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)

O23 - Service: Kodak AiO Device Service (KodakSvc) - Eastman Kodak Company - C:\Program Files\Kodak\printer\center\KodakSvc.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

O24 - Desktop Component 0: (no name) - http://www.gumtree.com/common/images/bg_posting.gif

 

--

End of file - 8323 bytes

Share this post


Link to post
Share on other sites

And here is the malwarebytes log

 

Malwarebytes' Anti-Malware 1.44

Database version: 3596

Windows 5.1.2600 Service Pack 3

Internet Explorer 7.0.5730.13

 

19/01/2010 06:27:11

mbam-log-2010-01-19 (06-27-11).txt

 

Scan type: Full Scan (C:\|D:\|)

Objects scanned: 176525

Time elapsed: 58 minute(s), 12 second(s)

 

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

 

Memory Processes Infected:

(No malicious items detected)

 

Memory Modules Infected:

(No malicious items detected)

 

Registry Keys Infected:

(No malicious items detected)

 

Registry Values Infected:

(No malicious items detected)

 

Registry Data Items Infected:

(No malicious items detected)

 

Folders Infected:

(No malicious items detected)

 

Files Infected:

(No malicious items detected)

Share this post


Link to post
Share on other sites

Welcome to SWI. We apologize for the delay; our helpers have been very busy.

 

If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

 

Thank you for your patience.

 

 

[this is an automated reply]

Share this post


Link to post
Share on other sites

Hi,

I'm nasdaq and will be helping you.

 

Print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.

 

No malware was found on your log. Just some cleaning up to do.

 

I notice that you have Spybot's TeaTimer running. While this is normally a wonderful tool to protect against hijackers, it can also interfere with HijackThis fixes. So please disable TeaTimer by doing the following:

  • Run Spybot-S&D
  • Go to the Mode menu , and make sure "Advanced Mode " is selected
  • On the left hand side, choose Tools -> Resident
  • Uncheck "Resident TeaTimer " and OK any prompts
  • Restart your computer.

When everything is done and your log is clean again, you can enable it again.

If TeaTimer gives you a warning afterwards that some changes were made, allow this instead of blocking it.

 

Please don't forget this step to disable TeaTimer.

 

 

Close all programs leaving only HijackThis running. Place a check against each of the following, making sure you get them all and not any others by mistake:

 

O2 - BHO: (no name) - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file)

O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)

O2 - BHO: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file)

O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file)

O2 - BHO: (no name) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - (no file)

O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

O20 - AppInit_DLLs:

 

Restart the computer normally.

===

 

Random's System Information Tool (RSIT)

 

Download random's system information tool (RSIT) by random/random from >>here<< and save it to your desktop.

  • Double click on RSIT.exe to launch program.
  • Click Continue at the disclaimer screen.
  • Your firewall may alert you that RSIT is requesting Internet access. Please allow it.
  • Once it has finished, two logs will open: log.txt<-- this will be maximized and info.txt<-- this will be minimized.

 

These reports are long, please post the contents of both logs (in separate post) in your next reply.

====

 

Please run this security check for my review.

 

Download Security Check by screen317 from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

===

 

While I have a look at your logs see is this page can also help.

 

Take a look at this page created by miekiemoes, one of the Global Moderators here, on slow systems, and some things you can try to do to try to improve it:

http://users.telenet.be/bluepatchy/miekiemoes/slowcomputer.html

Share this post


Link to post
Share on other sites

Hi Nasdaq, thank you very much for heling me.One of the objects that you asked me to delete was not there. It was the 03 toolbar. Here is the first log

logfile of random's system information tool 1.06 (written by random/random)

Run by gp at 2010-02-01 23:43:48

Microsoft Windows XP Home Edition Service Pack 3

System drive C: has 118 GB (39%) free of 305 GB

Total RAM: 1023 MB (37% free)

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 23:44:13, on 01/02/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16981)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\AVG\AVG9\avgchsvx.exe

C:\Program Files\AVG\AVG9\avgrsx.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\AVG\AVG9\avgwdsvc.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Kodak\printer\center\KodakSvc.exe

C:\WINDOWS\system32\slserv.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe

C:\PROGRA~1\AVG\AVG9\avgtray.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\PeerGuardian2\pg2.exe

C:\Program Files\AVG\AVG9\avgnsx.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Documents and Settings\gp\My Documents\Downloads\RSIT.exe

C:\Program Files\Trend Micro\HijackThis\gp.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [soundFusion] RunDll32 hercplgs.cpl,BootEntryPoint

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM\..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe

O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: PHOTOfunSTUDIO.lnk = C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe

O4 - Global Startup: Ulead Photo Express 3.0 SE Calendar Checker.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1031444432593

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS.exe (file missing)

O23 - Service: Kodak AiO Device Service (KodakSvc) - Eastman Kodak Company - C:\Program Files\Kodak\printer\center\KodakSvc.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe

O24 - Desktop Component 0: (no name) - http://www.gumtree.com/common/images/bg_posting.gif

 

--

End of file - 7498 bytes

 

======Scheduled tasks folder======

 

C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job

C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job

C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job

C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

C:\WINDOWS\tasks\EasyShare Registration Task.job

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]

AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2009-12-12 1484056]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-13 263280]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll [2009-11-28 764912]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-11-01 41760]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-11-01 73728]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-12-13 263280]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]

"SoundFusion"=RunDll32 hercplgs.cpl,BootEntryPoint []

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-11-01 149280]

"EKIJ5000StatusMonitor"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe [2008-10-22 1310720]

"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-01-07 2033432]

"KernelFaultCheck"=C:\WINDOWS\system32\dumprep 0 -k []

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-04-20 39408]

"PeerGuardian"=C:\Program Files\PeerGuardian2\pg2.exe [2007-01-29 1432064]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

 

C:\Documents and Settings\All Users\Start Menu\Programs\Startup

Kodak EasyShare software.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe

Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

PHOTOfunSTUDIO.lnk - C:\Program Files\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe

Ulead Photo Express 3.0 SE Calendar Checker.lnk - C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\CalCheck.exe

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]

C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\avgrsstarter]

C:\WINDOWS\system32\avgrsstx.dll [2009-11-14 12464]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client"

"C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe"="C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe:*:Enabled:EasyShare"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\AVG\AVG9\avgupd.exe"="C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe"

"C:\Program Files\AVG\AVG9\avgnsx.exe"="C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

 

======List of files/folders created in the last 1 months======

 

2010-02-01 23:43:48 ----D---- C:\rsit

2010-01-31 21:38:14 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP

2010-01-31 21:34:34 ----D---- C:\Documents and Settings\gp\Application Data\Auslogics

2010-01-31 21:33:38 ----D---- C:\Program Files\Auslogics

2010-01-31 20:24:22 ----A---- C:\WINDOWS\system32\devil.dll

2010-01-31 20:24:22 ----A---- C:\WINDOWS\system32\avisynth.dll

2010-01-31 20:24:21 ----A---- C:\WINDOWS\system32\yv12vfw.dll

2010-01-31 20:24:21 ----A---- C:\WINDOWS\system32\i420vfw.dll

2010-01-31 20:24:21 ----A---- C:\WINDOWS\system32\AVSredirect.dll

2010-01-31 20:24:20 ----D---- C:\Program Files\AviSynth 2.5

2010-01-31 20:23:32 ----RSH---- C:\WINDOWS\system32\nbDX.dll

2010-01-31 20:23:32 ----RSH---- C:\WINDOWS\system32\msfDX.dll

2010-01-31 20:23:32 ----RSH---- C:\WINDOWS\system32\flvDX.dll

2010-01-31 20:23:28 ----D---- C:\Program Files\eRightSoft

2010-01-31 19:22:08 ----D---- C:\Program Files\Hotbar

2010-01-19 00:01:06 ----D---- C:\Documents and Settings\gp\Application Data\Malwarebytes

2010-01-19 00:00:59 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2010-01-19 00:00:58 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2010-01-18 23:27:38 ----D---- C:\Program Files\Trend Micro

2010-01-15 02:03:12 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$

2010-01-15 02:03:07 ----A---- C:\WINDOWS\imsins.BAK

2010-01-15 02:03:03 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$

2010-01-09 20:42:17 ----D---- C:\Program Files\WMV9_VCM

2010-01-09 19:43:00 ----D---- C:\Program Files\CCleaner

2010-01-09 19:19:15 ----A---- C:\WINDOWS\system32\unrar.dll

2010-01-09 19:19:13 ----D---- C:\Program Files\K-Lite Codec Pack

2010-01-09 09:51:19 ----D---- C:\Documents and Settings\gp\Application Data\vlc

2010-01-09 02:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$

2010-01-09 02:01:14 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$

2010-01-07 16:39:05 ----A---- C:\WINDOWS\system32\wmpns.dll

2010-01-07 16:36:25 ----D---- C:\WINDOWS\Prefetch

2010-01-07 16:33:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$

2010-01-07 16:33:33 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$

2010-01-07 16:33:18 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$

2010-01-07 16:32:58 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$

2010-01-07 16:32:46 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$

2010-01-07 16:32:30 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$

2010-01-07 16:32:14 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$

2010-01-07 16:31:45 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$

2010-01-07 16:31:11 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$

2010-01-07 16:30:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$

2010-01-07 16:29:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$

2010-01-07 16:29:01 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$

2010-01-07 16:28:46 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$

2010-01-07 16:28:34 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$

2010-01-07 16:28:20 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$

2010-01-07 16:28:02 ----HDC---- C:\WINDOWS\$NtUninstallKB971486$

2010-01-07 16:27:44 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$

2010-01-07 16:27:31 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$

2010-01-07 16:27:16 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$

2010-01-07 16:26:53 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$

2010-01-07 16:26:41 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$

2010-01-07 16:26:22 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$

2010-01-07 16:26:05 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$

2010-01-07 16:25:45 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$

2010-01-07 16:25:32 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$

2010-01-07 16:25:18 ----HDC---- C:\WINDOWS\$NtUninstallKB961371$

2010-01-07 16:24:47 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$

2010-01-07 16:24:31 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$

2010-01-07 16:24:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$

2010-01-07 16:24:02 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$

2010-01-07 16:23:50 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$

2010-01-07 16:23:36 ----HDC---- C:\WINDOWS\$NtUninstallKB958690$

2010-01-07 16:23:25 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$

2010-01-07 16:23:11 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$

2010-01-07 16:23:01 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$

2010-01-07 16:22:45 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$

2010-01-07 16:22:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$

2010-01-07 16:22:21 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$

2010-01-07 16:21:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$

2010-01-07 16:21:39 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$

2010-01-07 16:21:23 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$

2010-01-07 16:21:11 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_1$

2010-01-07 16:20:58 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$

2010-01-07 16:20:44 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$

2010-01-07 16:20:33 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$

2010-01-07 16:20:17 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$

2010-01-07 16:20:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$

2010-01-07 16:19:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$

2010-01-07 16:19:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$

2010-01-07 16:19:24 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$

2010-01-07 16:19:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$

2010-01-07 16:18:54 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$

2010-01-07 16:18:44 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$

2010-01-07 16:18:28 ----HDC---- C:\WINDOWS\$NtUninstallKB932716-v2$

2010-01-07 16:18:14 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$

2010-01-07 16:13:08 ----D---- C:\WINDOWS\system32\scripting

2010-01-07 16:13:02 ----D---- C:\WINDOWS\l2schemas

2010-01-07 16:13:01 ----D---- C:\WINDOWS\system32\en

2010-01-07 16:13:01 ----D---- C:\WINDOWS\system32\bits

2010-01-07 16:01:38 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$

2010-01-07 16:01:36 ----D---- C:\WINDOWS\EHome

2010-01-03 22:59:45 ----D---- C:\Documents and Settings\gp\Application Data\dvdcss

2010-01-03 21:36:51 ----D---- C:\Documents and Settings\gp\Application Data\AnvSoft

2010-01-03 21:36:42 ----D---- C:\Program Files\AnvSoft

 

======List of files/folders modified in the last 1 months======

 

2010-02-01 23:43:20 ----D---- C:\Program Files\PeerGuardian2

2010-02-01 23:41:48 ----SD---- C:\WINDOWS\Tasks

2010-02-01 23:41:45 ----D---- C:\WINDOWS\Temp

2010-02-01 23:40:27 ----D---- C:\Program Files\Mozilla Firefox

2010-02-01 23:38:30 ----A---- C:\WINDOWS\SchedLgU.Txt

2010-02-01 23:26:06 ----D---- C:\WINDOWS\system32\config

2010-02-01 23:26:06 ----D---- C:\WINDOWS\system32

2010-02-01 22:15:41 ----A---- C:\WINDOWS\NeroDigital.ini

2010-01-31 21:56:43 ----SHD---- C:\WINDOWS\Installer

2010-01-31 21:56:40 ----D---- C:\Config.Msi

2010-01-31 21:56:33 ----RD---- C:\Program Files

2010-01-31 21:56:18 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer

2010-01-31 21:56:15 ----D---- C:\WINDOWS

2010-01-31 20:24:11 ----RSD---- C:\WINDOWS\Fonts

2010-01-31 19:22:21 ----D---- C:\WINDOWS\system32\CatRoot2

2010-01-30 03:00:55 ----D---- C:\WINDOWS\Minidump

2010-01-25 14:15:32 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2010-01-22 02:01:16 ----HD---- C:\WINDOWS\inf

2010-01-22 02:01:06 ----RSHDC---- C:\WINDOWS\system32\dllcache

2010-01-22 02:01:01 ----D---- C:\WINDOWS\system32\en-US

2010-01-22 02:01:01 ----D---- C:\Program Files\Internet Explorer

2010-01-22 02:00:49 ----D---- C:\WINDOWS\ie7updates

2010-01-21 21:03:29 ----HD---- C:\WINDOWS\$hf_mig$

2010-01-19 00:01:01 ----D---- C:\WINDOWS\system32\drivers

2010-01-15 02:20:59 ----D---- C:\WINDOWS\AppPatch

2010-01-15 02:00:26 ----D---- C:\WINDOWS\Debug

2010-01-09 20:18:26 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

2010-01-09 20:12:49 ----D---- C:\Program Files\ffdshow

2010-01-07 16:35:58 ----D---- C:\WINDOWS\system32\wbem

2010-01-07 16:35:58 ----D---- C:\WINDOWS\system32\Setup

2010-01-07 16:34:53 ----D---- C:\WINDOWS\security

2010-01-07 16:33:48 ----D---- C:\WINDOWS\system32\CatRoot

2010-01-07 16:29:51 ----D---- C:\Program Files\Outlook Express

2010-01-07 16:18:55 ----D---- C:\Program Files\Messenger

2010-01-07 16:18:44 ----D---- C:\WINDOWS\WinSxS

2010-01-07 16:13:36 ----D---- C:\WINDOWS\network diagnostic

2010-01-07 16:13:35 ----D---- C:\WINDOWS\ime

2010-01-07 16:13:35 ----D---- C:\WINDOWS\Help

2010-01-07 16:13:09 ----D---- C:\WINDOWS\system32\usmt

2010-01-07 16:13:01 ----D---- C:\WINDOWS\PeerNet

2010-01-07 16:13:00 ----D---- C:\Program Files\Movie Maker

2010-01-07 16:08:31 ----D---- C:\WINDOWS\ServicePackFiles

2010-01-07 16:08:25 ----D---- C:\WINDOWS\system32\Restore

2010-01-07 16:08:25 ----D---- C:\WINDOWS\system32\npp

2010-01-07 16:08:23 ----D---- C:\WINDOWS\msagent

2010-01-07 16:08:22 ----D---- C:\WINDOWS\srchasst

2010-01-07 16:08:21 ----D---- C:\Program Files\NetMeeting

2010-01-07 16:08:20 ----D---- C:\WINDOWS\system32\Com

2010-01-07 16:08:18 ----D---- C:\Program Files\Windows Media Player

2010-01-07 16:08:17 ----D---- C:\Program Files\Windows NT

2010-01-07 16:08:13 ----D---- C:\Program Files\Common Files\System

2010-01-07 16:07:53 ----D---- C:\WINDOWS\system32\oobe

2010-01-07 16:07:50 ----D---- C:\WINDOWS\system

2010-01-07 16:04:31 ----D---- C:\WINDOWS\system32\ReinstallBackups

2010-01-07 15:22:39 ----D---- C:\WINDOWS\Registration

2010-01-05 10:00:29 ----A---- C:\WINDOWS\system32\wininet.dll

2010-01-05 10:00:28 ----N---- C:\WINDOWS\system32\pngfilt.dll

2010-01-05 10:00:28 ----N---- C:\WINDOWS\system32\occache.dll

2010-01-05 10:00:28 ----N---- C:\WINDOWS\system32\mstime.dll

2010-01-05 10:00:28 ----A---- C:\WINDOWS\system32\webcheck.dll

2010-01-05 10:00:28 ----A---- C:\WINDOWS\system32\urlmon.dll

2010-01-05 10:00:28 ----A---- C:\WINDOWS\system32\url.dll

2010-01-05 10:00:27 ----N---- C:\WINDOWS\system32\msrating.dll

2010-01-05 10:00:27 ----N---- C:\WINDOWS\system32\mshtmled.dll

2010-01-05 10:00:26 ----A---- C:\WINDOWS\system32\mshtml.dll

2010-01-05 10:00:25 ----A---- C:\WINDOWS\system32\msfeedsbs.dll

2010-01-05 10:00:24 ----N---- C:\WINDOWS\system32\iernonce.dll

2010-01-05 10:00:24 ----A---- C:\WINDOWS\system32\msfeeds.dll

2010-01-05 10:00:24 ----A---- C:\WINDOWS\system32\jsproxy.dll

2010-01-05 10:00:24 ----A---- C:\WINDOWS\system32\iertutil.dll

2010-01-05 10:00:24 ----A---- C:\WINDOWS\system32\iepeers.dll

2010-01-05 10:00:23 ----A---- C:\WINDOWS\system32\ieframe.dll

2010-01-05 10:00:21 ----N---- C:\WINDOWS\system32\iedkcs32.dll

2010-01-05 10:00:21 ----N---- C:\WINDOWS\system32\ieaksie.dll

2010-01-05 10:00:21 ----N---- C:\WINDOWS\system32\ieakeng.dll

2010-01-05 10:00:21 ----N---- C:\WINDOWS\system32\extmgr.dll

2010-01-05 10:00:21 ----N---- C:\WINDOWS\system32\dxtrans.dll

2010-01-05 10:00:21 ----A---- C:\WINDOWS\system32\ieencode.dll

2010-01-05 10:00:21 ----A---- C:\WINDOWS\system32\ieapfltr.dll

2010-01-05 10:00:21 ----A---- C:\WINDOWS\system32\icardie.dll

2010-01-05 10:00:20 ----N---- C:\WINDOWS\system32\dxtmsft.dll

2010-01-05 10:00:20 ----N---- C:\WINDOWS\system32\corpol.dll

2010-01-05 10:00:20 ----A---- C:\WINDOWS\system32\advpack.dll

2010-01-05 00:17:46 ----A---- C:\WINDOWS\system32\MRT.exe

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2009-11-14 333192]

R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2009-11-14 28424]

R1 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2009-11-14 360584]

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]

R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []

R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []

R1 Uim_IM;UIM Drive Backup Image Plugin; C:\WINDOWS\System32\Drivers\Uim_IM.sys [2009-02-11 129880]

R1 UimBus;Universal Image Mounter Controller; C:\WINDOWS\system32\DRIVERS\UimBus.sys [2009-02-11 32040]

R3 hercspud;Hercules ® WDM Audio Driver; C:\WINDOWS\system32\drivers\hercspud.sys [2007-03-14 153216]

R3 hercwdm;Hercules ® WDM Interface Driver; C:\WINDOWS\system32\drivers\hercwdm.sys [2007-03-13 497152]

R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]

R3 Mtlmnt5;Mtlmnt5; C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys [2004-08-03 126686]

R3 NCHSSVAD;SoundTap Recorder; C:\WINDOWS\system32\drivers\nchssvad.sys [2009-07-03 27136]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]

R3 pgfilter;pgfilter; \??\C:\Program Files\PeerGuardian2\pgfilter.sys []

R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]

R3 Slntamr;Smart Link 56K Modem Driver; C:\WINDOWS\system32\DRIVERS\slntamr.sys [2004-08-03 404990]

R3 SlWdmSup;SlWdmSup; C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys [2004-08-03 13240]

R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]

R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]

R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]

R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]

S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver; C:\WINDOWS\system32\drivers\msmpu401.sys [2001-08-17 2944]

S3 Mtlstrm;Mtlstrm; C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys [2004-08-03 1309184]

S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]

S3 NtMtlFax;NtMtlFax; C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys [2004-08-03 180360]

S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []

S3 SlNtHal;SlNtHal; C:\WINDOWS\system32\DRIVERS\Slnthal.sys [2004-08-03 95424]

S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2009-11-14 285392]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-11-01 153376]

R2 KodakSvc;Kodak AiO Device Service; C:\Program Files\Kodak\printer\center\KodakSvc.exe [2008-10-30 28672]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-01-27 1181328]

R2 SLService;SmartLinkService; C:\WINDOWS\system32\slserv.exe [2008-04-14 73796]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-04-20 182768]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 KodakCCS;Kodak Camera Connection Software; C:\WINDOWS\system32\drivers\KodakCCS.exe []

S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

 

Regards Gary.

Share this post


Link to post
Share on other sites

Here is the second log thank you

 

info.txt logfile of random's system information tool 1.06 2010-02-01 23:44:22

 

======Uninstall list======

 

-->C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL

-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER

-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL

-->C:\WINDOWS\UNNMP.exe /UNINSTALL

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}

Ad-Aware-->"C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe" REMOVE=TRUE MODIFY=FALSE

Ad-Aware-->C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}\Ad-AwareInstallation.exe

Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall

Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}

Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe

Adobe Reader 9.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A92000000001}

aiofw-->MsiExec.exe /I{791E3D44-33D3-4446-82AD-5CD4B0169083}

aioocr-->MsiExec.exe /I{3BED0238-3A25-41AE-BC23-316914B5B048}

aioprnt-->MsiExec.exe /I{2A97D5B3-A989-47E1-B207-1CA9E3635655}

aioscnnr-->MsiExec.exe /I{C0251585-1BE8-4278-B3CB-964B6E01C59D}

Auslogics Registry Cleaner-->"C:\Program Files\Auslogics\Auslogics Registry Cleaner\unins000.exe"

Auslogics Registry Defrag-->"C:\Program Files\Auslogics\Auslogics Registry Defrag\unins000.exe"

AVG Free 9.0-->C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL

AVIcodec (remove only)-->"C:\Program Files\AVIcodec\uninst.exe"

BitComet 0.70-->C:\Program Files\BitComet\uninst.exe

CCleaner-->"C:\Program Files\CCleaner\uninst.exe"

CCScore-->MsiExec.exe /I{B4B44FE7-41FF-4DAD-8C0A-E406DDA72992}

center-->MsiExec.exe /I{79E41D91-BA1C-44B9-9358-48E598263ECF}

DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC

DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER

DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS

ESSBrwr-->MsiExec.exe /I{643EAE81-920C-4931-9F0B-4B343B225CA6}

ESSCDBK-->MsiExec.exe /I{AE1FA02D-E6A4-4EA0-8E58-6483CAC016DD}

ESScore-->MsiExec.exe /I{42938595-0D83-404D-9F73-F8177FDD531A}

ESSgui-->MsiExec.exe /I{91517631-A9F3-4B7C-B482-43E0068FD55A}

ESSini-->MsiExec.exe /I{8E92D746-CD9F-4B90-9668-42B74C14F765}

ESSPCD-->MsiExec.exe /I{14D4ED84-6A9A-45A0-96F6-1753768C3CB5}

ESSTOOLS-->MsiExec.exe /I{8A502E38-29C9-49FA-BCFA-D727CA062589}

essvatgt-->MsiExec.exe /I{2D03B6F8-DF36-4980-B7B6-5B93D5BA3A8F}

Golden Records Vinyl to CD Converter-->C:\Program Files\NCH Swift Sound\Golden\uninst.exe

Google Toolbar for Internet Explorer-->"C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarManager_0E996B068B56FCA2.exe" /uninstall

Google Toolbar for Internet Explorer-->MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}

Help_CTR-->MsiExec.exe /I{0996C331-6DCB-4E38-A3EC-0A77ABAE1361}

helptut-->MsiExec.exe /I{843081BD-351F-46FC-8A17-517A0D9117A3}

helpug-->MsiExec.exe /I{DC626A21-EDF1-40C7-8F2F-D2BA7535529F}

Hercules Crystal based Sound cards-->C:\Program Files\InstallShield Installation Information\{3AC3721C-D4A2-42D0-9A25-4E190B4931EF}\setup.exe -runfromtemp -l0x0009 -removeonly

HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"

Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB932716-v2)-->"C:\WINDOWS\$NtUninstallKB932716-v2$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB945060-v3)-->"C:\WINDOWS\$NtUninstallKB945060-v3$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB976098-v2)-->"C:\WINDOWS\$NtUninstallKB976098-v2$\spuninst\spuninst.exe"

Java 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}

kgcbaby-->MsiExec.exe /I{E18B549C-5D15-45DA-8D8F-8FD2BD946344}

kgchday-->MsiExec.exe /I{11F3F858-4131-4FFA-A560-3FE282933B6E}

kgchlwn-->MsiExec.exe /I{03EDED24-8375-407D-A721-4643D9768BE1}

kgcinvt-->MsiExec.exe /I{9BD54685-1496-46A5-AB62-357CD140ED8B}

kgckids-->MsiExec.exe /I{693C08A7-9E76-43FF-B11E-9A58175474C4}

kgcmove-->MsiExec.exe /I{A1588373-1D86-4D44-86C9-78ABD190F9CC}

kgcvday-->MsiExec.exe /I{8A8664E1-84C8-4936-891C-BC1F07797549}

K-Lite Codec Pack 5.6.1 (Basic)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"

Kodak EasyShare software-->C:\Documents and Settings\All Users\Application Data\Kodak\EasyShareSetup\$SETUP_140001_6b1be5b6\Setup.exe /APR-REMOVE

ksdip-->MsiExec.exe /I{73F1681F-ADE1-461F-9F18-B7640507D395}

Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"

Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"

Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"

Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}

Microsoft Publisher 2002-->MsiExec.exe /I{90190409-6000-11D3-8CFE-0050048383C9}

Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}

Microsoft Windows Media Video 9 VCM-->RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmv9vcm.inf, Uninstall

Mozilla Firefox (3.5.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}

Nero Suite-->C:\Program Files\Common Files\Nero\Uninstall\setupx.exe /uninstall ExtraUninstallID=""

netbrdg-->MsiExec.exe /I{4537EA4B-F603-4181-89FB-2953FC695AB1}

OfotoXMI-->MsiExec.exe /I{B162D0A6-9A1D-4B7C-91A5-88FB48113C45}

PeerGuardian 2.0-->"C:\Program Files\PeerGuardian2\unins000.exe"

PHOTOfunSTUDIO-->C:\Program Files\InstallShield Installation Information\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}\setup.exe -runfromtemp -l0x0009 -z"Uninstall" -removeonly

Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB972260)-->"C:\WINDOWS\ie7updates\KB972260-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB974455)-->"C:\WINDOWS\ie7updates\KB974455-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB976325)-->"C:\WINDOWS\ie7updates\KB976325-IE7\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 7 (KB978207)-->"C:\WINDOWS\ie7updates\KB978207-IE7\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"

Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"

Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"

Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"

Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"

Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"

Security Update for Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"

Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971486)-->"C:\WINDOWS\$NtUninstallKB971486$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"

Security Update for Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"

Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"

SFR-->MsiExec.exe /I{DB02F716-6275-42E9-B8D2-83BA2BF5100B}

SHASTA-->MsiExec.exe /I{605A4E39-613C-4A12-B56F-DEFBE6757237}

skin0001-->MsiExec.exe /I{5316DFC9-CE99-4458-9AB3-E8726EDE0210}

SKINXSDK-->MsiExec.exe /I{F4A2E7CC-60CA-4AFA-B67F-AD5E58173C3F}

SoundTap Streaming Audio Recorder-->C:\Program Files\NCH Swift Sound\SoundTap\uninst.exe

Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"

staticcr-->MsiExec.exe /I{8943CE61-53BD-475E-90E1-A580869E98A2}

SUPER © Version 2010.bld.37 (Jan 2, 2010)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0

SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}

Switch Sound File Converter-->C:\Program Files\NCH Swift Sound\Switch\uninst.exe

Ulead Photo Express 3.0 SE-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\Uninst.isu" -c"C:\Program Files\Ulead Systems\Ulead Photo Express 3.0 SE\IS32Inst.dll"

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Update for Windows Internet Explorer 7 (KB976749)-->"C:\WINDOWS\ie7updates\KB976749-IE7\spuninst\spuninst.exe"

Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"

Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"

Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"

Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"

Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"

Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"

Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"

VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}

Visual C++ 2008 x86 Runtime - (v9.0.30729)-->MsiExec.exe /X{F333A33D-125C-32A2-8DCE-5C5D14231E27}

Visual C++ 2008 x86 Runtime - v9.0.30729.01-->C:\WINDOWS\system32\msiexec.exe /x {F333A33D-125C-32A2-8DCE-5C5D14231E27} /qb+ REBOOTPROMPT=""

VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe

VPRINTOL-->MsiExec.exe /I{999D43F4-9709-4887-9B1A-83EBB15A8370}

Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"

Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"

Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall

Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

WIRELESS-->MsiExec.exe /I{F9593CFB-D836-49BC-BFF1-0E669A411D9F}

 

=====HijackThis Backups=====

 

O2 - BHO: (no name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - (no file) [2010-02-01]

O2 - BHO: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file) [2010-02-01]

O2 - BHO: (no name) - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file) [2010-02-01]

O2 - BHO: (no name) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - (no file) [2010-02-01]

O20 - AppInit_DLLs: [2010-02-01]

O2 - BHO: (no name) - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - (no file) [2010-02-01]

 

======Security center information======

 

AV: AVG Anti-Virus Free

 

======System event log======

 

Computer Name: GP-2058EC20DD2B

Event Code: 54

Message:

Record Number: 30617

Source Name: AvgTdiX

Time Written: 20100130141151.000000+000

Event Type: warning

User:

 

Computer Name: GP-2058EC20DD2B

Event Code: 54

Message:

Record Number: 30616

Source Name: AvgTdiX

Time Written: 20100130141151.000000+000

Event Type: warning

User:

 

Computer Name: GP-2058EC20DD2B

Event Code: 54

Message:

Record Number: 30615

Source Name: AvgTdiX

Time Written: 20100130141151.000000+000

Event Type: warning

User:

 

Computer Name: GP-2058EC20DD2B

Event Code: 54

Message:

Record Number: 30614

Source Name: AvgTdiX

Time Written: 20100130141150.000000+000

Event Type: warning

User:

 

Computer Name: GP-2058EC20DD2B

Event Code: 54

Message:

Record Number: 30613

Source Name: AvgTdiX

Time Written: 20100130141150.000000+000

Event Type: warning

User:

 

=====Application event log=====

 

Computer Name: GP-2058EC20DD2B

Event Code: 1000

Message: Faulting application vlc.exe, version 0.9.9.0, faulting module ntdll.dll, version 5.1.2600.3520, fault address 0x00010a19.

 

Record Number: 297

Source Name: Application Error

Time Written: 20090501184300.000000+060

Event Type: error

User:

 

Computer Name: GP-2058EC20DD2B

Event Code: 5603

Message: A provider, OffProv10, has been registered in the WMI namespace, Root\MSAPPS10, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.

 

Record Number: 285

Source Name: WinMgmt

Time Written: 20090427190828.000000+060

Event Type: warning

User: NT AUTHORITY\SYSTEM

 

Computer Name: GP-2058EC20DD2B

Event Code: 5603

Message: A provider, OffProv10, has been registered in the WMI namespace, Root\MSAPPS10, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.

 

Record Number: 284

Source Name: WinMgmt

Time Written: 20090427190828.000000+060

Event Type: warning

User: NT AUTHORITY\SYSTEM

 

Computer Name: GP-2058EC20DD2B

Event Code: 5603

Message: A provider, OffProv10, has been registered in the WMI namespace, Root\MSAPPS10, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.

 

Record Number: 282

Source Name: WinMgmt

Time Written: 20090427185329.000000+060

Event Type: warning

User: NT AUTHORITY\SYSTEM

 

Computer Name: GP-2058EC20DD2B

Event Code: 5603

Message: A provider, OffProv10, has been registered in the WMI namespace, Root\MSAPPS10, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.

 

Record Number: 281

Source Name: WinMgmt

Time Written: 20090427185329.000000+060

Event Type: warning

User: NT AUTHORITY\SYSTEM

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\DivX Shared\

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 2 Stepping 7, GenuineIntel

"PROCESSOR_REVISION"=0207

"NUMBER_OF_PROCESSORS"=1

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

 

-----------------EOF-----------------

Share this post


Link to post
Share on other sites

Hi Nasdaq, here is the last log

 

Results of screen317's Security Check version 0.99.1

Windows XP Service Pack 3

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Enabled!

AVG Free 9.0

``````````````````````````````

Anti-malware/Other Utilities Check:

Ad-Aware

Spybot - Search & Destroy

SUPERAntiSpyware Free Edition

HijackThis 2.0.2

CCleaner

Auslogics Registry Cleaner

Java 6 Update 16

Out of date Java installed!

Adobe Flash Player 10

Adobe Reader 9.2

``````````````````````````````

Process Check:

objlist.exe by Laurent

Ad-Aware AAWService.exe

Ad-Aware AAWTray.exe is disabled!

``````````````````````````````

DNS Vulnerability Check:

GREAT! (Not vulnerable to DNS cache poisoning)

 

`````````End of Log```````````

Share this post


Link to post
Share on other sites

Nothing suspicious was found on your log.

 

I have one question why do you check 4 times a day for an Ad-Aware update.

Once a week is plenty.

 

C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job

C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job

C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job

C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job

C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job

 

===

 

We Need to check for Rootkits with RootRepeal

  1. Download RootRepeal from the following location and save it to your desktop.

[*]Zip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)

[*]Rar Mirrors - Only if you know what a RAR is and can extract it.

[*]Extract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).

[*]Open rootRepealDesktopIcon.png on your desktop.

[*]Click the reportTab.png tab.

[*]Click the btnScan.png button.

[*]Check all seven boxes: checkBoxes2.png

[*]Push Ok

[*]Check the box for your main system drive (Usually C:), and press Ok.

[*]Allow RootRepeal to run a scan of your system. This may take some time.

[*]Once the scan completes, push the saveReport.png button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.

Share this post


Link to post
Share on other sites

Hi Nasdaq thank you for your reply once again. you are very kind.

Here are the logs you asked for, they came out seperately as i had to do the scans manually.

 

ROOTREPEAL © AD, 2007-2009

==================================================

Scan Start Time: 2010/02/02 22:46

Program Version: Version 1.3.5.0

Windows Version: Windows XP SP3

==================================================

 

Drivers

-------------------

Name: 1394BUS.SYS

Image Path: C:\WINDOWS\system32\DRIVERS\1394BUS.SYS

Address: 0xF784E000 Size: 57344 File Visible: - Signed: -

Status: -

 

Name: ACPI.sys

Image Path: ACPI.sys

Address: 0xF77DF000 Size: 187776 File Visible: - Signed: -

Status: -

 

Name: ACPI_HAL

Image Path: \Driver\ACPI_HAL

Address: 0x804D7000 Size: 2189184 File Visible: - Signed: -

Status: -

 

Name: afd.sys

Image Path: C:\WINDOWS\System32\drivers\afd.sys

Address: 0xF588C000 Size: 138496 File Visible: - Signed: -

Status: -

 

Name: atapi.sys

Image Path: atapi.sys

Address: 0xF7797000 Size: 96512 File Visible: - Signed: -

Status: -

 

Name: ATMFD.DLL

Image Path: C:\WINDOWS\System32\ATMFD.DLL

Address: 0xBFFA0000 Size: 286720 File Visible: - Signed: -

Status: -

 

Name: audstub.sys

Image Path: C:\WINDOWS\system32\DRIVERS\audstub.sys

Address: 0xF7EE0000 Size: 3072 File Visible: - Signed: -

Status: -

 

Name: avgldx86.sys

Image Path: C:\WINDOWS\System32\Drivers\avgldx86.sys

Address: 0xF5754000 Size: 326528 File Visible: - Signed: -

Status: -

 

Name: avgmfx86.sys

Image Path: C:\WINDOWS\System32\Drivers\avgmfx86.sys

Address: 0xF7C16000 Size: 21760 File Visible: - Signed: -

Status: -

 

Name: avgtdix.sys

Image Path: C:\WINDOWS\System32\Drivers\avgtdix.sys

Address: 0xF58FC000 Size: 353920 File Visible: - Signed: -

Status: -

 

Name: Beep.SYS

Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS

Address: 0xF7D56000 Size: 4224 File Visible: - Signed: -

Status: -

 

Name: BOOTVID.dll

Image Path: C:\WINDOWS\system32\BOOTVID.dll

Address: 0xF7C3E000 Size: 12288 File Visible: - Signed: -

Status: -

 

Name: Cdfs.SYS

Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS

Address: 0xF797E000 Size: 63744 File Visible: - Signed: -

Status: -

 

Name: cdrom.sys

Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys

Address: 0xF7109000 Size: 62976 File Visible: - Signed: -

Status: -

 

Name: CLASSPNP.SYS

Image Path: C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS

Address: 0xF788E000 Size: 53248 File Visible: - Signed: -

Status: -

 

Name: disk.sys

Image Path: disk.sys

Address: 0xF787E000 Size: 36352 File Visible: - Signed: -

Status: -

 

Name: drmk.sys

Image Path: C:\WINDOWS\system32\drivers\drmk.sys

Address: 0xF7119000 Size: 61440 File Visible: - Signed: -

Status: -

 

Name: dump_atapi.sys

Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys

Address: 0xF569C000 Size: 98304 File Visible: No Signed: -

Status: -

 

Name: dump_WMILIB.SYS

Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS

Address: 0xF7D60000 Size: 8192 File Visible: No Signed: -

Status: -

 

Name: Dxapi.sys

Image Path: C:\WINDOWS\System32\drivers\Dxapi.sys

Address: 0xF6CE0000 Size: 12288 File Visible: - Signed: -

Status: -

 

Name: dxg.sys

Image Path: C:\WINDOWS\System32\drivers\dxg.sys

Address: 0xBF000000 Size: 73728 File Visible: - Signed: -

Status: -

 

Name: dxgthk.sys

Image Path: C:\WINDOWS\System32\drivers\dxgthk.sys

Address: 0xF7E7D000 Size: 4096 File Visible: - Signed: -

Status: -

 

Name: Fastfat.SYS

Image Path: C:\WINDOWS\System32\Drivers\Fastfat.SYS

Address: 0xF25C3000 Size: 143744 File Visible: - Signed: -

Status: -

 

Name: fdc.sys

Image Path: C:\WINDOWS\system32\DRIVERS\fdc.sys

Address: 0xF7BA6000 Size: 27392 File Visible: - Signed: -

Status: -

 

Name: Fips.SYS

Image Path: C:\WINDOWS\System32\Drivers\Fips.SYS

Address: 0xF794E000 Size: 44544 File Visible: - Signed: -

Status: -

 

Name: flpydisk.sys

Image Path: C:\WINDOWS\system32\DRIVERS\flpydisk.sys

Address: 0xF7BE6000 Size: 20480 File Visible: - Signed: -

Status: -

 

Name: fltmgr.sys

Image Path: fltmgr.sys

Address: 0xF7777000 Size: 129792 File Visible: - Signed: -

Status: -

 

Name: Fs_Rec.SYS

Image Path: C:\WINDOWS\System32\Drivers\Fs_Rec.SYS

Address: 0xF7D54000 Size: 7936 File Visible: - Signed: -

Status: -

 

Name: ftdisk.sys

Image Path: ftdisk.sys

Address: 0xF77AF000 Size: 125056 File Visible: - Signed: -

Status: -

 

Name: gameenum.sys

Image Path: C:\WINDOWS\system32\DRIVERS\gameenum.sys

Address: 0xF7CFA000 Size: 10624 File Visible: - Signed: -

Status: -

 

Name: hal.dll

Image Path: C:\WINDOWS\system32\hal.dll

Address: 0x806EE000 Size: 131840 File Visible: - Signed: -

Status: -

 

Name: hercos.sys

Image Path: C:\WINDOWS\system32\drivers\hercos.sys

Address: 0xF7D46000 Size: 8192 File Visible: - Signed: -

Status: -

 

Name: hercspud.sys

Image Path: C:\WINDOWS\system32\drivers\hercspud.sys

Address: 0xF6D7E000 Size: 153216 File Visible: - Signed: -

Status: -

 

Name: hercwdm.sys

Image Path: C:\WINDOWS\system32\drivers\hercwdm.sys

Address: 0xF5A07000 Size: 497152 File Visible: - Signed: -

Status: -

 

Name: HTTP.sys

Image Path: C:\WINDOWS\System32\Drivers\HTTP.sys

Address: 0xF300B000 Size: 265728 File Visible: - Signed: -

Status: -

 

Name: i8042prt.sys

Image Path: C:\WINDOWS\system32\DRIVERS\i8042prt.sys

Address: 0xF7A9E000 Size: 52480 File Visible: - Signed: -

Status: -

 

Name: imapi.sys

Image Path: C:\WINDOWS\system32\DRIVERS\imapi.sys

Address: 0xF70E9000 Size: 42112 File Visible: - Signed: -

Status: -

 

Name: intelppm.sys

Image Path: C:\WINDOWS\system32\DRIVERS\intelppm.sys

Address: 0xF7A8E000 Size: 36352 File Visible: - Signed: -

Status: -

 

Name: ipfltdrv.sys

Image Path: C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

Address: 0xF31F4000 Size: 32896 File Visible: - Signed: -

Status: -

 

Name: ipnat.sys

Image Path: C:\WINDOWS\system32\DRIVERS\ipnat.sys

Address: 0xF58D6000 Size: 152832 File Visible: - Signed: -

Status: -

 

Name: ipsec.sys

Image Path: C:\WINDOWS\system32\DRIVERS\ipsec.sys

Address: 0xF59AC000 Size: 75264 File Visible: - Signed: -

Status: -

 

Name: isapnp.sys

Image Path: isapnp.sys

Address: 0xF782E000 Size: 37248 File Visible: - Signed: -

Status: -

 

Name: kbdclass.sys

Image Path: C:\WINDOWS\system32\DRIVERS\kbdclass.sys

Address: 0xF7B9E000 Size: 24576 File Visible: - Signed: -

Status: -

 

Name: KDCOM.DLL

Image Path: C:\WINDOWS\system32\KDCOM.DLL

Address: 0xF7D2E000 Size: 8192 File Visible: - Signed: -

Status: -

 

Name: kmixer.sys

Image Path: C:\WINDOWS\system32\drivers\kmixer.sys

Address: 0xEB02D000 Size: 172416 File Visible: - Signed: -

Status: -

 

Name: ks.sys

Image Path: C:\WINDOWS\system32\drivers\ks.sys

Address: 0xF6E4A000 Size: 143360 File Visible: - Signed: -

Status: -

 

Name: KSecDD.sys

Image Path: KSecDD.sys

Address: 0xF774E000 Size: 92928 File Visible: - Signed: -

Status: -

 

Name: Lbd.sys

Image Path: Lbd.sys

Address: 0xF789E000 Size: 57600 File Visible: - Signed: -

Status: -

 

Name: mnmdd.SYS

Image Path: C:\WINDOWS\System32\Drivers\mnmdd.SYS

Address: 0xF7D58000 Size: 4224 File Visible: - Signed: -

Status: -

 

Name: Modem.SYS

Image Path: C:\WINDOWS\System32\Drivers\Modem.SYS

Address: 0xF7BB6000 Size: 30080 File Visible: - Signed: -

Status: -

 

Name: MODEMCSA.sys

Image Path: C:\WINDOWS\system32\drivers\MODEMCSA.sys

Address: 0xF7642000 Size: 16128 File Visible: - Signed: -

Status: -

 

Name: mouclass.sys

Image Path: C:\WINDOWS\system32\DRIVERS\mouclass.sys

Address: 0xF7B96000 Size: 23040 File Visible: - Signed: -

Status: -

 

Name: MountMgr.sys

Image Path: MountMgr.sys

Address: 0xF785E000 Size: 42368 File Visible: - Signed: -

Status: -

 

Name: mrxdav.sys

Image Path: C:\WINDOWS\system32\DRIVERS\mrxdav.sys

Address: 0xF372E000 Size: 180608 File Visible: - Signed: -

Status: -

 

Name: mrxsmb.sys

Image Path: C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

Address: 0xF57A4000 Size: 455296 File Visible: - Signed: -

Status: -

 

Name: Msfs.SYS

Image Path: C:\WINDOWS\System32\Drivers\Msfs.SYS

Address: 0xF7BFE000 Size: 19072 File Visible: - Signed: -

Status: -

 

Name: msgpc.sys

Image Path: C:\WINDOWS\system32\DRIVERS\msgpc.sys

Address: 0xF7099000 Size: 35072 File Visible: - Signed: -

Status: -

 

Name: mssmbios.sys

Image Path: C:\WINDOWS\system32\DRIVERS\mssmbios.sys

Address: 0xF7D16000 Size: 15488 File Visible: - Signed: -

Status: -

 

Name: Mtlmnt5.sys

Image Path: C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys

Address: 0xF6DA4000 Size: 126656 File Visible: - Signed: -

Status: -

 

Name: Mup.sys

Image Path: Mup.sys

Address: 0xF767A000 Size: 105344 File Visible: - Signed: -

Status: -

 

Name: NDIS.sys

Image Path: NDIS.sys

Address: 0xF7694000 Size: 182656 File Visible: - Signed: -

Status: -

 

Name: ndistapi.sys

Image Path: C:\WINDOWS\system32\DRIVERS\ndistapi.sys

Address: 0xF7D0E000 Size: 10112 File Visible: - Signed: -

Status: -

 

Name: ndisuio.sys

Image Path: C:\WINDOWS\system32\DRIVERS\ndisuio.sys

Address: 0xF44AE000 Size: 14592 File Visible: - Signed: -

Status: -

 

Name: ndiswan.sys

Image Path: C:\WINDOWS\system32\DRIVERS\ndiswan.sys

Address: 0xF6D67000 Size: 91520 File Visible: - Signed: -

Status: -

 

Name: NDProxy.SYS

Image Path: C:\WINDOWS\System32\Drivers\NDProxy.SYS

Address: 0xF78FE000 Size: 40576 File Visible: - Signed: -

Status: -

 

Name: netbios.sys

Image Path: C:\WINDOWS\system32\DRIVERS\netbios.sys

Address: 0xF793E000 Size: 34688 File Visible: - Signed: -

Status: -

 

Name: netbt.sys

Image Path: C:\WINDOWS\system32\DRIVERS\netbt.sys

Address: 0xF58AE000 Size: 162816 File Visible: - Signed: -

Status: -

 

Name: Npfs.SYS

Image Path: C:\WINDOWS\System32\Drivers\Npfs.SYS

Address: 0xF7C06000 Size: 30848 File Visible: - Signed: -

Status: -

 

Name: Ntfs.sys

Image Path: Ntfs.sys

Address: 0xF76C1000 Size: 574976 File Visible: - Signed: -

Status: -

 

Name: ntoskrnl.exe

Image Path: C:\WINDOWS\system32\ntoskrnl.exe

Address: 0x804D7000 Size: 2189184 File Visible: - Signed: -

Status: -

 

Name: Null.SYS

Image Path: C:\WINDOWS\System32\Drivers\Null.SYS

Address: 0xF7E2F000 Size: 2944 File Visible: - Signed: -

Status: -

 

Name: nv4_disp.dll

Image Path: C:\WINDOWS\System32\nv4_disp.dll

Address: 0xBF012000 Size: 4276224 File Visible: - Signed: -

Status: -

 

Name: nv4_mini.sys

Image Path: C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

Address: 0xF6EB9000 Size: 1897408 File Visible: - Signed: -

Status: -

 

Name: ohci1394.sys

Image Path: ohci1394.sys

Address: 0xF783E000 Size: 61696 File Visible: - Signed: -

Status: -

 

Name: parport.sys

Image Path: C:\WINDOWS\system32\DRIVERS\parport.sys

Address: 0xF6E91000 Size: 80128 File Visible: - Signed: -

Status: -

 

Name: PartMgr.sys

Image Path: PartMgr.sys

Address: 0xF7AB6000 Size: 19712 File Visible: - Signed: -

Status: -

 

Name: ParVdm.SYS

Image Path: C:\WINDOWS\System32\Drivers\ParVdm.SYS

Address: 0xF7DC8000 Size: 6784 File Visible: - Signed: -

Status: -

 

Name: pci.sys

Image Path: pci.sys

Address: 0xF77CE000 Size: 68224 File Visible: - Signed: -

Status: -

 

Name: pciide.sys

Image Path: pciide.sys

Address: 0xF7DF6000 Size: 3328 File Visible: - Signed: -

Status: -

 

Name: PCIIDEX.SYS

Image Path: C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS

Address: 0xF7AAE000 Size: 28672 File Visible: - Signed: -

Status: -

 

Name: pgfilter.sys

Image Path: C:\Program Files\PeerGuardian2\pgfilter.sys

Address: 0xF7B46000 Size: 24576 File Visible: - Signed: -

Status: -

 

Name: PnpManager

Image Path: \Driver\PnpManager

Address: 0x804D7000 Size: 2189184 File Visible: - Signed: -

Status: -

 

Name: portcls.sys

Image Path: C:\WINDOWS\system32\drivers\portcls.sys

Address: 0xF6E6D000 Size: 147456 File Visible: - Signed: -

Status: -

 

Name: psched.sys

Image Path: C:\WINDOWS\system32\DRIVERS\psched.sys

Address: 0xF6D56000 Size: 69120 File Visible: - Signed: -

Status: -

 

Name: ptilink.sys

Image Path: C:\WINDOWS\system32\DRIVERS\ptilink.sys

Address: 0xF7BCE000 Size: 17792 File Visible: - Signed: -

Status: -

 

Name: rasacd.sys

Image Path: C:\WINDOWS\system32\DRIVERS\rasacd.sys

Address: 0xF7CBE000 Size: 8832 File Visible: - Signed: -

Status: -

 

Name: rasl2tp.sys

Image Path: C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

Address: 0xF70C9000 Size: 51328 File Visible: - Signed: -

Status: -

 

Name: raspppoe.sys

Image Path: C:\WINDOWS\system32\DRIVERS\raspppoe.sys

Address: 0xF70B9000 Size: 41472 File Visible: - Signed: -

Status: -

 

Name: raspptp.sys

Image Path: C:\WINDOWS\system32\DRIVERS\raspptp.sys

Address: 0xF70A9000 Size: 48384 File Visible: - Signed: -

Status: -

 

Name: raspti.sys

Image Path: C:\WINDOWS\system32\DRIVERS\raspti.sys

Address: 0xF7BD6000 Size: 16512 File Visible: - Signed: -

Status: -

 

Name: RAW

Image Path: \FileSystem\RAW

Address: 0x804D7000 Size: 2189184 File Visible: - Signed: -

Status: -

 

Name: rdbss.sys

Image Path: C:\WINDOWS\system32\DRIVERS\rdbss.sys

Address: 0xF583C000 Size: 175744 File Visible: - Signed: -

Status: -

 

Name: RDPCDD.sys

Image Path: C:\WINDOWS\System32\DRIVERS\RDPCDD.sys

Address: 0xF7D5A000 Size: 4224 File Visible: - Signed: -

Status: -

 

Name: RecAgent.sys

Image Path: RecAgent.sys

Address: 0xF7C42000 Size: 13696 File Visible: - Signed: -

Status: -

 

Name: redbook.sys

Image Path: C:\WINDOWS\system32\DRIVERS\redbook.sys

Address: 0xF70F9000 Size: 57600 File Visible: - Signed: -

Status: -

 

Name: rootrepeal.sys

Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys

Address: 0xF34CC000 Size: 49152 File Visible: No Signed: -

Status: -

 

Name: RTL8139.SYS

Image Path: C:\WINDOWS\system32\DRIVERS\RTL8139.SYS

Address: 0xF7BBE000 Size: 20992 File Visible: - Signed: -

Status: -

 

Name: SASDIFSV.SYS

Image Path: C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

Address: 0xF7C0E000 Size: 24576 File Visible: - Signed: -

Status: -

 

Name: SASKUTIL.sys

Image Path: C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys

Address: 0xF5867000 Size: 151552 File Visible: - Signed: -

Status: -

 

Name: serenum.sys

Image Path: C:\WINDOWS\system32\DRIVERS\serenum.sys

Address: 0xF7CF6000 Size: 15744 File Visible: - Signed: -

Status: -

 

Name: serial.sys

Image Path: C:\WINDOWS\system32\DRIVERS\serial.sys

Address: 0xF78DE000 Size: 64512 File Visible: - Signed: -

Status: -

 

Name: sisagp.sys

Image Path: sisagp.sys

Address: 0xF78AE000 Size: 40960 File Visible: - Signed: -

Status: -

 

Name: slntamr.sys

Image Path: C:\WINDOWS\system32\DRIVERS\slntamr.sys

Address: 0xF6DC3000 Size: 404960 File Visible: - Signed: -

Status: -

 

Name: SlWdmSup.sys

Image Path: C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys

Address: 0xF7D06000 Size: 13152 File Visible: - Signed: -

Status: -

 

Name: sr.sys

Image Path: sr.sys

Address: 0xF7765000 Size: 73472 File Visible: - Signed: -

Status: -

 

Name: srv.sys

Image Path: C:\WINDOWS\system32\DRIVERS\srv.sys

Address: 0xF359C000 Size: 333952 File Visible: - Signed: -

Status: -

 

Name: swenum.sys

Image Path: C:\WINDOWS\system32\DRIVERS\swenum.sys

Address: 0xF7D48000 Size: 4352 File Visible: - Signed: -

Status: -

 

Name: sysaudio.sys

Image Path: C:\WINDOWS\system32\drivers\sysaudio.sys

Address: 0xF44FE000 Size: 60800 File Visible: - Signed: -

Status: -

 

Name: tcpip.sys

Image Path: C:\WINDOWS\system32\DRIVERS\tcpip.sys

Address: 0xF5953000 Size: 361600 File Visible: - Signed: -

Status: -

 

Name: TDI.SYS

Image Path: C:\WINDOWS\system32\DRIVERS\TDI.SYS

Address: 0xF7BC6000 Size: 20480 File Visible: - Signed: -

Status: -

 

Name: termdd.sys

Image Path: C:\WINDOWS\system32\DRIVERS\termdd.sys

Address: 0xF7089000 Size: 40704 File Visible: - Signed: -

Status: -

 

Name: Uim_IM.sys

Image Path: C:\WINDOWS\System32\Drivers\Uim_IM.sys

Address: 0xF6CB2000 Size: 118880 File Visible: - Signed: -

Status: -

 

Name: UimBus.sys

Image Path: C:\WINDOWS\system32\DRIVERS\UimBus.sys

Address: 0xF7BDE000 Size: 25088 File Visible: - Signed: -

Status: -

 

Name: UimFIO.SYS

Image Path: C:\WINDOWS\System32\Drivers\UimFIO.SYS

Address: 0xF6C81000 Size: 200704 File Visible: - Signed: -

Status: -

 

Name: update.sys

Image Path: C:\WINDOWS\system32\DRIVERS\update.sys

Address: 0xF6CF8000 Size: 384768 File Visible: - Signed: -

Status: -

 

Name: usbccgp.sys

Image Path: C:\WINDOWS\system32\DRIVERS\usbccgp.sys

Address: 0xF7C1E000 Size: 32128 File Visible: - Signed: -

Status: -

 

Name: USBD.SYS

Image Path: C:\WINDOWS\system32\DRIVERS\USBD.SYS

Address: 0xF7D52000 Size: 8192 File Visible: - Signed: -

Status: -

 

Name: usbhub.sys

Image Path: C:\WINDOWS\system32\DRIVERS\usbhub.sys

Address: 0xF791E000 Size: 59520 File Visible: - Signed: -

Status: -

 

Name: usbohci.sys

Image Path: C:\WINDOWS\system32\DRIVERS\usbohci.sys

Address: 0xF7BAE000 Size: 17152 File Visible: - Signed: -

Status: -

 

Name: USBPORT.SYS

Image Path: C:\WINDOWS\system32\DRIVERS\USBPORT.SYS

Address: 0xF6E26000 Size: 147456 File Visible: - Signed: -

Status: -

 

Name: usbprint.sys

Image Path: C:\WINDOWS\system32\DRIVERS\usbprint.sys

Address: 0xF7C26000 Size: 25856 File Visible: - Signed: -

Status: -

 

Name: usbscan.sys

Image Path: C:\WINDOWS\system32\DRIVERS\usbscan.sys

Address: 0xF7CDE000 Size: 15104 File Visible: - Signed: -

Status: -

 

Name: vga.sys

Image Path: C:\WINDOWS\System32\drivers\vga.sys

Address: 0xF7BF6000 Size: 20992 File Visible: - Signed: -

Status: -

 

Name: VIDEOPRT.SYS

Image Path: C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS

Address: 0xF6EA5000 Size: 81920 File Visible: - Signed: -

Status: -

 

Name: VolSnap.sys

Image Path: VolSnap.sys

Address: 0xF786E000 Size: 52352 File Visible: - Signed: -

Status: -

 

Name: wanarp.sys

Image Path: C:\WINDOWS\system32\DRIVERS\wanarp.sys

Address: 0xF792E000 Size: 34560 File Visible: - Signed: -

Status: -

 

Name: watchdog.sys

Image Path: C:\WINDOWS\System32\watchdog.sys

Address: 0xF7C2E000 Size: 20480 File Visible: - Signed: -

Status: -

 

Name: wdmaud.sys

Image Path: C:\WINDOWS\system32\drivers\wdmaud.sys

Address: 0xF3969000 Size: 83072 File Visible: - Signed: -

Status: -

 

Name: Win32k

Image Path: \Driver\Win32k

Address: 0xBF800000 Size: 1851392 File Visible: - Signed: -

Status: -

 

Name: win32k.sys

Image Path: C:\WINDOWS\System32\win32k.sys

Address: 0xBF800000 Size: 1851392 File Visible: - Signed: -

Status: -

 

Name: WMILIB.SYS

Image Path: C:\WINDOWS\system32\DRIVERS\WMILIB.SYS

Address: 0xF7D30000 Size: 8192 File Visible: - Signed: -

Status: -

 

Name: WMIxWDM

Image Path: \Driver\WMIxWDM

Address: 0x804D7000 Size: 2189184 File Visible: - Signed: -

Status: -

Share this post


Link to post
Share on other sites

heres the next one.

 

ROOTREPEAL © AD, 2007-2009

==================================================

Scan Start Time: 2010/02/02 22:52

Program Version: Version 1.3.5.0

Windows Version: Windows XP SP3

==================================================

 

Hidden/Locked Files

-------------------

Path: C:\hiberfil.sys

Status: Locked to the Windows API!

 

Path: c:\program files\bitcomet\torrents\va - supafunkanova mp3.xml

Status: Size mismatch (API: 6291, Raw: 6331)

Share this post


Link to post
Share on other sites

and the next

 

ROOTREPEAL © AD, 2007-2009

==================================================

Scan Start Time: 2010/02/02 22:52

Program Version: Version 1.3.5.0

Windows Version: Windows XP SP3

==================================================

 

Processes

-------------------

Path: System

PID: 4 Status: -

 

Path: C:\Program Files\Java\jre6\bin\jucheck.exe

PID: 212 Status: -

 

Path: C:\WINDOWS\system32\svchost.exe

PID: 232 Status: -

 

Path: C:\Program Files\Kodak\Printer\Center\KodakSvc.exe

PID: 296 Status: -

 

Path: C:\Program Files\AVG\AVG9\avgwdsvc.exe

PID: 328 Status: -

 

Path: C:\Program Files\Java\jre6\bin\jqs.exe

PID: 368 Status: -

 

Path: C:\WINDOWS\system32\smss.exe

PID: 432 Status: -

 

Path: C:\WINDOWS\system32\csrss.exe

PID: 496 Status: -

 

Path: C:\WINDOWS\system32\winlogon.exe

PID: 520 Status: -

 

Path: C:\WINDOWS\system32\services.exe

PID: 564 Status: -

 

Path: C:\WINDOWS\system32\lsass.exe

PID: 576 Status: -

 

Path: C:\WINDOWS\system32\svchost.exe

PID: 728 Status: -

 

Path: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

PID: 776 Status: -

 

Path: C:\WINDOWS\system32\svchost.exe

PID: 804 Status: -

 

Path: C:\WINDOWS\system32\svchost.exe

PID: 840 Status: -

 

Path: C:\WINDOWS\system32\svchost.exe

PID: 872 Status: -

 

Path: C:\WINDOWS\system32\svchost.exe

PID: 928 Status: -

 

Path: C:\Program Files\AVG\AVG9\avgchsvx.exe

PID: 1004 Status: -

 

Path: C:\Program Files\AVG\AVG9\avgrsx.exe

PID: 1012 Status: -

 

Path: C:\WINDOWS\system32\svchost.exe

PID: 1048 Status: -

 

Path: C:\Program Files\AVG\AVG9\avgcsrvx.exe

PID: 1196 Status: -

 

Path: C:\WINDOWS\system32\spoolsv.exe

PID: 1352 Status: -

 

Path: C:\Program Files\BitComet\BitComet.exe

PID: 1624 Status: -

 

Path: C:\Program Files\Java\jre6\bin\jusched.exe

PID: 1648 Status: -

 

Path: C:\PROGRA~1\AVG\AVG9\avgtray.exe

PID: 1704 Status: -

 

Path: C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

PID: 1832 Status: -

 

Path: C:\Program Files\PeerGuardian2\pg2.exe

PID: 1876 Status: -

 

Path: C:\Program Files\AVG\AVG9\avgnsx.exe

PID: 1924 Status: -

 

Path: C:\WINDOWS\explorer.exe

PID: 1932 Status: -

 

Path: C:\WINDOWS\system32\ctfmon.exe

PID: 2060 Status: -

 

Path: C:\WINDOWS\system32\wbem\unsecapp.exe

PID: 2360 Status: -

 

Path: C:\Documents and Settings\gp\My Documents\Downloads\RootRepeal.exe

PID: 2676 Status: -

 

Path: C:\WINDOWS\system32\wbem\wmiprvse.exe

PID: 2744 Status: -

 

Path: C:\WINDOWS\system32\alg.exe

PID: 2896 Status: -

 

Path: C:\Program Files\Mozilla Firefox\firefox.exe

PID: 3296 Status: -

 

Path: C:\Program Files\Windows Media Player\wmplayer.exe

PID: 3944 Status: -

 

Path: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

PID: 4032 Status: -

Share this post


Link to post
Share on other sites

and the next

 

ROOTREPEAL © AD, 2007-2009

==================================================

Scan Start Time: 2010/02/02 22:53

Program Version: Version 1.3.5.0

Windows Version: Windows XP SP3

==================================================

 

SSDT

-------------------

#: 000 Function Name: NtAcceptConnectPort

Status: Not hooked

 

#: 001 Function Name: NtAccessCheck

Status: Not hooked

 

#: 002 Function Name: NtAccessCheckAndAuditAlarm

Status: Not hooked

 

#: 003 Function Name: NtAccessCheckByType

Status: Not hooked

 

#: 004 Function Name: NtAccessCheckByTypeAndAuditAlarm

Status: Not hooked

 

#: 005 Function Name: NtAccessCheckByTypeResultList

Status: Not hooked

 

#: 006 Function Name: NtAccessCheckByTypeResultListAndAuditAlarm

Status: Not hooked

 

#: 007 Function Name: NtAccessCheckByTypeResultListAndAuditAlarmByHandle

Status: Not hooked

 

#: 008 Function Name: NtAddAtom

Status: Not hooked

 

#: 009 Function Name: NtAddBootEntry

Status: Not hooked

 

#: 010 Function Name: NtAdjustGroupsToken

Status: Not hooked

 

#: 011 Function Name: NtAdjustPrivilegesToken

Status: Not hooked

 

#: 012 Function Name: NtAlertResumeThread

Status: Not hooked

 

#: 013 Function Name: NtAlertThread

Status: Not hooked

 

#: 014 Function Name: NtAllocateLocallyUniqueId

Status: Not hooked

 

#: 015 Function Name: NtAllocateUserPhysicalPages

Status: Not hooked

 

#: 016 Function Name: NtAllocateUuids

Status: Not hooked

 

#: 017 Function Name: NtAllocateVirtualMemory

Status: Not hooked

 

#: 018 Function Name: NtAreMappedFilesTheSame

Status: Not hooked

 

#: 019 Function Name: NtAssignProcessToJobObject

Status: Not hooked

 

#: 020 Function Name: NtCallbackReturn

Status: Not hooked

 

#: 021 Function Name: NtCancelDeviceWakeupRequest

Status: Not hooked

 

#: 022 Function Name: NtCancelIoFile

Status: Not hooked

 

#: 023 Function Name: NtCancelTimer

Status: Not hooked

 

#: 024 Function Name: NtClearEvent

Status: Not hooked

 

#: 025 Function Name: NtClose

Status: Not hooked

 

#: 026 Function Name: NtCloseObjectAuditAlarm

Status: Not hooked

 

#: 027 Function Name: NtCompactKeys

Status: Not hooked

 

#: 028 Function Name: NtCompareTokens

Status: Not hooked

 

#: 029 Function Name: NtCompleteConnectPort

Status: Not hooked

 

#: 030 Function Name: NtCompressKey

Status: Not hooked

 

#: 031 Function Name: NtConnectPort

Status: Not hooked

 

#: 032 Function Name: NtContinue

Status: Not hooked

 

#: 033 Function Name: NtCreateDebugObject

Status: Not hooked

 

#: 034 Function Name: NtCreateDirectoryObject

Status: Not hooked

 

#: 035 Function Name: NtCreateEvent

Status: Not hooked

 

#: 036 Function Name: NtCreateEventPair

Status: Not hooked

 

#: 037 Function Name: NtCreateFile

Status: Not hooked

 

#: 038 Function Name: NtCreateIoCompletion

Status: Not hooked

 

#: 039 Function Name: NtCreateJobObject

Status: Not hooked

 

#: 040 Function Name: NtCreateJobSet

Status: Not hooked

 

#: 041 Function Name: NtCreateKey

Status: Hooked by "Lbd.sys" at address 0xf789e87e

 

#: 042 Function Name: NtCreateMailslotFile

Status: Not hooked

 

#: 043 Function Name: NtCreateMutant

Status: Not hooked

 

#: 044 Function Name: NtCreateNamedPipeFile

Status: Not hooked

 

#: 045 Function Name: NtCreatePagingFile

Status: Not hooked

 

#: 046 Function Name: NtCreatePort

Status: Not hooked

 

#: 047 Function Name: NtCreateProcess

Status: Not hooked

 

#: 048 Function Name: NtCreateProcessEx

Status: Not hooked

 

#: 049 Function Name: NtCreateProfile

Status: Not hooked

 

#: 050 Function Name: NtCreateSection

Status: Not hooked

 

#: 051 Function Name: NtCreateSemaphore

Status: Not hooked

 

#: 052 Function Name: NtCreateSymbolicLinkObject

Status: Not hooked

 

#: 053 Function Name: NtCreateThread

Status: Not hooked

 

#: 054 Function Name: NtCreateTimer

Status: Not hooked

 

#: 055 Function Name: NtCreateToken

Status: Not hooked

 

#: 056 Function Name: NtCreateWaitablePort

Status: Not hooked

 

#: 057 Function Name: NtDebugActiveProcess

Status: Not hooked

 

#: 058 Function Name: NtDebugContinue

Status: Not hooked

 

#: 059 Function Name: NtDelayExecution

Status: Not hooked

 

#: 060 Function Name: NtDeleteAtom

Status: Not hooked

 

#: 061 Function Name: NtDeleteBootEntry

Status: Not hooked

 

#: 062 Function Name: NtDeleteFile

Status: Not hooked

 

#: 063 Function Name: NtDeleteKey

Status: Not hooked

 

#: 064 Function Name: NtDeleteObjectAuditAlarm

Status: Not hooked

 

#: 065 Function Name: NtDeleteValueKey

Status: Not hooked

 

#: 066 Function Name: NtDeviceIoControlFile

Status: Not hooked

 

#: 067 Function Name: NtDisplayString

Status: Not hooked

 

#: 068 Function Name: NtDuplicateObject

Status: Not hooked

 

#: 069 Function Name: NtDuplicateToken

Status: Not hooked

 

#: 070 Function Name: NtEnumerateBootEntries

Status: Not hooked

 

#: 071 Function Name: NtEnumerateKey

Status: Not hooked

 

#: 072 Function Name: NtEnumerateSystemEnvironmentValuesEx

Status: Not hooked

 

#: 073 Function Name: NtEnumerateValueKey

Status: Not hooked

 

#: 074 Function Name: NtExtendSection

Status: Not hooked

 

#: 075 Function Name: NtFilterToken

Status: Not hooked

 

#: 076 Function Name: NtFindAtom

Status: Not hooked

 

#: 077 Function Name: NtFlushBuffersFile

Status: Not hooked

 

#: 078 Function Name: NtFlushInstructionCache

Status: Not hooked

 

#: 079 Function Name: NtFlushKey

Status: Not hooked

 

#: 080 Function Name: NtFlushVirtualMemory

Status: Not hooked

 

#: 081 Function Name: NtFlushWriteBuffer

Status: Not hooked

 

#: 082 Function Name: NtFreeUserPhysicalPages

Status: Not hooked

 

#: 083 Function Name: NtFreeVirtualMemory

Status: Not hooked

 

#: 084 Function Name: NtFsControlFile

Status: Not hooked

 

#: 085 Function Name: NtGetContextThread

Status: Not hooked

 

#: 086 Function Name: NtGetDevicePowerState

Status: Not hooked

 

#: 087 Function Name: NtGetPlugPlayEvent

Status: Not hooked

 

#: 088 Function Name: NtGetWriteWatch

Status: Not hooked

 

#: 089 Function Name: NtImpersonateAnonymousToken

Status: Not hooked

 

#: 090 Function Name: NtImpersonateClientOfPort

Status: Not hooked

 

#: 091 Function Name: NtImpersonateThread

Status: Not hooked

 

#: 092 Function Name: NtInitializeRegistry

Status: Not hooked

 

#: 093 Function Name: NtInitiatePowerAction

Status: Not hooked

 

#: 094 Function Name: NtIsProcessInJob

Status: Not hooked

 

#: 095 Function Name: NtIsSystemResumeAutomatic

Status: Not hooked

 

#: 096 Function Name: NtListenPort

Status: Not hooked

 

#: 097 Function Name: NtLoadDriver

Status: Not hooked

 

#: 098 Function Name: NtLoadKey

Status: Not hooked

 

#: 099 Function Name: NtLoadKey2

Status: Not hooked

 

#: 100 Function Name: NtLockFile

Status: Not hooked

 

#: 101 Function Name: NtLockProductActivationKeys

Status: Not hooked

 

#: 102 Function Name: NtLockRegistryKey

Status: Not hooked

 

#: 103 Function Name: NtLockVirtualMemory

Status: Not hooked

 

#: 104 Function Name: NtMakePermanentObject

Status: Not hooked

 

#: 105 Function Name: NtMakeTemporaryObject

Status: Not hooked

 

#: 106 Function Name: NtMapUserPhysicalPages

Status: Not hooked

 

#: 107 Function Name: NtMapUserPhysicalPagesScatter

Status: Not hooked

 

#: 108 Function Name: NtMapViewOfSection

Status: Not hooked

 

#: 109 Function Name: NtModifyBootEntry

Status: Not hooked

 

#: 110 Function Name: NtNotifyChangeDirectoryFile

Status: Not hooked

 

#: 111 Function Name: NtNotifyChangeKey

Status: Not hooked

 

#: 112 Function Name: NtNotifyChangeMultipleKeys

Status: Not hooked

 

#: 113 Function Name: NtOpenDirectoryObject

Status: Not hooked

 

#: 114 Function Name: NtOpenEvent

Status: Not hooked

 

#: 115 Function Name: NtOpenEventPair

Status: Not hooked

 

#: 116 Function Name: NtOpenFile

Status: Not hooked

 

#: 117 Function Name: NtOpenIoCompletion

Status: Not hooked

 

#: 118 Function Name: NtOpenJobObject

Status: Not hooked

 

#: 119 Function Name: NtOpenKey

Status: Not hooked

 

#: 120 Function Name: NtOpenMutant

Status: Not hooked

 

#: 121 Function Name: NtOpenObjectAuditAlarm

Status: Not hooked

 

#: 122 Function Name: NtOpenProcess

Status: Not hooked

 

#: 123 Function Name: NtOpenProcessToken

Status: Not hooked

 

#: 124 Function Name: NtOpenProcessTokenEx

Status: Not hooked

 

#: 125 Function Name: NtOpenSection

Status: Not hooked

 

#: 126 Function Name: NtOpenSemaphore

Status: Not hooked

 

#: 127 Function Name: NtOpenSymbolicLinkObject

Status: Not hooked

 

#: 128 Function Name: NtOpenThread

Status: Not hooked

 

#: 129 Function Name: NtOpenThreadToken

Status: Not hooked

 

#: 130 Function Name: NtOpenThreadTokenEx

Status: Not hooked

 

#: 131 Function Name: NtOpenTimer

Status: Not hooked

 

#: 132 Function Name: NtPlugPlayControl

Status: Not hooked

 

#: 133 Function Name: NtPowerInformation

Status: Not hooked

 

#: 134 Function Name: NtPrivilegeCheck

Status: Not hooked

 

#: 135 Function Name: NtPrivilegeObjectAuditAlarm

Status: Not hooked

 

#: 136 Function Name: NtPrivilegedServiceAuditAlarm

Status: Not hooked

 

#: 137 Function Name: NtProtectVirtualMemory

Status: Not hooked

 

#: 138 Function Name: NtPulseEvent

Status: Not hooked

 

#: 139 Function Name: NtQueryAttributesFile

Status: Not hooked

 

#: 140 Function Name: NtQueryBootEntryOrder

Status: Not hooked

 

#: 141 Function Name: NtQueryBootOptions

Status: Not hooked

 

#: 142 Function Name: NtQueryDebugFilterState

Status: Not hooked

 

#: 143 Function Name: NtQueryDefaultLocale

Status: Not hooked

 

#: 144 Function Name: NtQueryDefaultUILanguage

Status: Not hooked

 

#: 145 Function Name: NtQueryDirectoryFile

Status: Not hooked

 

#: 146 Function Name: NtQueryDirectoryObject

Status: Not hooked

 

#: 147 Function Name: NtQueryEaFile

Status: Not hooked

 

#: 148 Function Name: NtQueryEvent

Status: Not hooked

 

#: 149 Function Name: NtQueryFullAttributesFile

Status: Not hooked

 

#: 150 Function Name: NtQueryInformationAtom

Status: Not hooked

 

#: 151 Function Name: NtQueryInformationFile

Status: Not hooked

 

#: 152 Function Name: NtQueryInformationJobObject

Status: Not hooked

 

#: 153 Function Name: NtQueryInformationPort

Status: Not hooked

 

#: 154 Function Name: NtQueryInformationProcess

Status: Not hooked

 

#: 155 Function Name: NtQueryInformationThread

Status: Not hooked

 

#: 156 Function Name: NtQueryInformationToken

Status: Not hooked

 

#: 157 Function Name: NtQueryInstallUILanguage

Status: Not hooked

 

#: 158 Function Name: NtQueryIntervalProfile

Status: Not hooked

 

#: 159 Function Name: NtQueryIoCompletion

Status: Not hooked

 

#: 160 Function Name: NtQueryKey

Status: Not hooked

 

#: 161 Function Name: NtQueryMultipleValueKey

Status: Not hooked

 

#: 162 Function Name: NtQueryMutant

Status: Not hooked

 

#: 163 Function Name: NtQueryObject

Status: Not hooked

 

#: 164 Function Name: NtQueryOpenSubKeys

Status: Not hooked

 

#: 165 Function Name: NtQueryPerformanceCounter

Status: Not hooked

 

#: 166 Function Name: NtQueryQuotaInformationFile

Status: Not hooked

 

#: 167 Function Name: NtQuerySection

Status: Not hooked

 

#: 168 Function Name: NtQuerySecurityObject

Status: Not hooked

 

#: 169 Function Name: NtQuerySemaphore

Status: Not hooked

 

#: 170 Function Name: NtQuerySymbolicLinkObject

Status: Not hooked

 

#: 171 Function Name: NtQuerySystemEnvironmentValue

Status: Not hooked

 

#: 172 Function Name: NtQuerySystemEnvironmentValueEx

Status: Not hooked

 

#: 173 Function Name: NtQuerySystemInformation

Status: Not hooked

 

#: 174 Function Name: NtQuerySystemTime

Status: Not hooked

 

#: 175 Function Name: NtQueryTimer

Status: Not hooked

 

#: 176 Function Name: NtQueryTimerResolution

Status: Not hooked

 

#: 177 Function Name: NtQueryValueKey

Status: Not hooked

 

#: 178 Function Name: NtQueryVirtualMemory

Status: Not hooked

 

#: 179 Function Name: NtQueryVolumeInformationFile

Status: Not hooked

 

#: 180 Function Name: NtQueueApcThread

Status: Not hooked

 

#: 181 Function Name: NtRaiseException

Status: Not hooked

 

#: 182 Function Name: NtRaiseHardError

Status: Not hooked

 

#: 183 Function Name: NtReadFile

Status: Not hooked

 

#: 184 Function Name: NtReadFileScatter

Status: Not hooked

 

#: 185 Function Name: NtReadRequestData

Status: Not hooked

 

#: 186 Function Name: NtReadVirtualMemory

Status: Not hooked

 

#: 187 Function Name: NtRegisterThreadTerminatePort

Status: Not hooked

 

#: 188 Function Name: NtReleaseMutant

Status: Not hooked

 

#: 189 Function Name: NtReleaseSemaphore

Status: Not hooked

 

#: 190 Function Name: NtRemoveIoCompletion

Status: Not hooked

 

#: 191 Function Name: NtRemoveProcessDebug

Status: Not hooked

 

#: 192 Function Name: NtRenameKey

Status: Not hooked

 

#: 193 Function Name: NtReplaceKey

Status: Not hooked

 

#: 194 Function Name: NtReplyPort

Status: Not hooked

 

#: 195 Function Name: NtReplyWaitReceivePort

Status: Not hooked

 

#: 196 Function Name: NtReplyWaitReceivePortEx

Status: Not hooked

 

#: 197 Function Name: NtReplyWaitReplyPort

Status: Not hooked

 

#: 198 Function Name: NtRequestDeviceWakeup

Status: Not hooked

 

#: 199 Function Name: NtRequestPort

Status: Not hooked

 

#: 200 Function Name: NtRequestWaitReplyPort

Status: Not hooked

 

#: 201 Function Name: NtRequestWakeupLatency

Status: Not hooked

 

#: 202 Function Name: NtResetEvent

Status: Not hooked

 

#: 203 Function Name: NtResetWriteWatch

Status: Not hooked

 

#: 204 Function Name: NtRestoreKey

Status: Not hooked

 

#: 205 Function Name: NtResumeProcess

Status: Not hooked

 

#: 206 Function Name: NtResumeThread

Status: Not hooked

 

#: 207 Function Name: NtSaveKey

Status: Not hooked

 

#: 208 Function Name: NtSaveKeyEx

Status: Not hooked

 

#: 209 Function Name: NtSaveMergedKeys

Status: Not hooked

 

#: 210 Function Name: NtSecureConnectPort

Status: Not hooked

 

#: 211 Function Name: NtSetBootEntryOrder

Status: Not hooked

 

#: 212 Function Name: NtSetBootOptions

Status: Not hooked

 

#: 213 Function Name: NtSetContextThread

Status: Not hooked

 

#: 214 Function Name: NtSetDebugFilterState

Status: Not hooked

 

#: 215 Function Name: NtSetDefaultHardErrorPort

Status: Not hooked

 

#: 216 Function Name: NtSetDefaultLocale

Status: Not hooked

 

#: 217 Function Name: NtSetDefaultUILanguage

Status: Not hooked

 

#: 218 Function Name: NtSetEaFile

Status: Not hooked

 

#: 219 Function Name: NtSetEvent

Status: Not hooked

 

#: 220 Function Name: NtSetEventBoostPriority

Status: Not hooked

 

#: 221 Function Name: NtSetHighEventPair

Status: Not hooked

 

#: 222 Function Name: NtSetHighWaitLowEventPair

Status: Not hooked

 

#: 223 Function Name: NtSetInformationDebugObject

Status: Not hooked

 

#: 224 Function Name: NtSetInformationFile

Status: Not hooked

 

#: 225 Function Name: NtSetInformationJobObject

Status: Not hooked

 

#: 226 Function Name: NtSetInformationKey

Status: Not hooked

 

#: 227 Function Name: NtSetInformationObject

Status: Not hooked

 

#: 228 Function Name: NtSetInformationProcess

Status: Not hooked

 

#: 229 Function Name: NtSetInformationThread

Status: Not hooked

 

#: 230 Function Name: NtSetInformationToken

Status: Not hooked

 

#: 231 Function Name: NtSetIntervalProfile

Status: Not hooked

 

#: 232 Function Name: NtSetIoCompletion

Status: Not hooked

 

#: 233 Function Name: NtSetLdtEntries

Status: Not hooked

 

#: 234 Function Name: NtSetLowEventPair

Status: Not hooked

 

#: 235 Function Name: NtSetLowWaitHighEventPair

Status: Not hooked

 

#: 236 Function Name: NtSetQuotaInformationFile

Status: Not hooked

 

#: 237 Function Name: NtSetSecurityObject

Status: Not hooked

 

#: 238 Function Name: NtSetSystemEnvironmentValue

Status: Not hooked

 

#: 239 Function Name: NtSetSystemEnvironmentValueEx

Status: Not hooked

 

#: 240 Function Name: NtSetSystemInformation

Status: Not hooked

 

#: 241 Function Name: NtSetSystemPowerState

Status: Not hooked

 

#: 242 Function Name: NtSetSystemTime

Status: Not hooked

 

#: 243 Function Name: NtSetThreadExecutionState

Status: Not hooked

 

#: 244 Function Name: NtSetTimer

Status: Not hooked

 

#: 245 Function Name: NtSetTimerResolution

Status: Not hooked

 

#: 246 Function Name: NtSetUuidSeed

Status: Not hooked

 

#: 247 Function Name: NtSetValueKey

Status: Hooked by "Lbd.sys" at address 0xf789ebfe

 

#: 248 Function Name: NtSetVolumeInformationFile

Status: Not hooked

 

#: 249 Function Name: NtShutdownSystem

Status: Not hooked

 

#: 250 Function Name: NtSignalAndWaitForSingleObject

Status: Not hooked

 

#: 251 Function Name: NtStartProfile

Status: Not hooked

 

#: 252 Function Name: NtStopProfile

Status: Not hooked

 

#: 253 Function Name: NtSuspendProcess

Status: Not hooked

 

#: 254 Function Name: NtSuspendThread

Status: Not hooked

 

#: 255 Function Name: NtSystemDebugControl

Status: Not hooked

 

#: 256 Function Name: NtTerminateJobObject

Status: Not hooked

 

#: 257 Function Name: NtTerminateProcess

Status: Not hooked

 

#: 258 Function Name: NtTerminateThread

Status: Not hooked

 

#: 259 Function Name: NtTestAlert

Status: Not hooked

 

#: 260 Function Name: NtTraceEvent

Status: Not hooked

 

#: 261 Function Name: NtTranslateFilePath

Status: Not hooked

 

#: 262 Function Name: NtUnloadDriver

Status: Not hooked

 

#: 263 Function Name: NtUnloadKey

Status: Not hooked

 

#: 264 Function Name: NtUnloadKeyEx

Status: Not hooked

 

#: 265 Function Name: NtUnlockFile

Status: Not hooked

 

#: 266 Function Name: NtUnlockVirtualMemory

Status: Not hooked

 

#: 267 Function Name: NtUnmapViewOfSection

Status: Not hooked

 

#: 268 Function Name: NtVdmControl

Status: Not hooked

 

#: 269 Function Name: NtWaitForDebugEvent

Status: Not hooked

 

#: 270 Function Name: NtWaitForMultipleObjects

Status: Not hooked

 

#: 271 Function Name: NtWaitForSingleObject

Status: Not hooked

 

#: 272 Function Name: NtWaitHighEventPair

Status: Not hooked

 

#: 273 Function Name: NtWaitLowEventPair

Status: Not hooked

 

#: 274 Function Name: NtWriteFile

Status: Not hooked

 

#: 275 Function Name: NtWriteFileGather

Status: Not hooked

 

#: 276 Function Name: NtWriteRequestData

Status: Not hooked

 

#: 277 Function Name: NtWriteVirtualMemory

Status: Not hooked

 

#: 278 Function Name: NtYieldExecution

Status: Not hooked

 

#: 279 Function Name: NtCreateKeyedEvent

Status: Not hooked

 

#: 280 Function Name: NtOpenKeyedEvent

Status: Not hooked

 

#: 281 Function Name: NtReleaseKeyedEvent

Status: Not hooked

 

#: 282 Function Name: NtWaitForKeyedEvent

Status: Not hooked

 

#: 283 Function Name: NtQueryPortInformationProcess

Status: Not hooked

Share this post


Link to post
Share on other sites

and the next

 

ROOTREPEAL © AD, 2007-2009

==================================================

Scan Start Time: 2010/02/02 22:55

Program Version: Version 1.3.5.0

Windows Version: Windows XP SP3

==================================================

 

Shadow SSDT

-------------------

#: 000 Function Name: NtGdiAbortDoc

Status: Not hooked

 

#: 001 Function Name: NtGdiAbortPath

Status: Not hooked

 

#: 002 Function Name: NtGdiAddFontResourceW

Status: Not hooked

 

#: 003 Function Name: NtGdiAddRemoteFontToDC

Status: Not hooked

 

#: 004 Function Name: NtGdiAddFontMemResourceEx

Status: Not hooked

 

#: 005 Function Name: NtGdiRemoveMergeFont

Status: Not hooked

 

#: 006 Function Name: NtGdiAddRemoteMMInstanceToDC

Status: Not hooked

 

#: 007 Function Name: NtGdiAlphaBlend

Status: Not hooked

 

#: 008 Function Name: NtGdiAngleArc

Status: Not hooked

 

#: 009 Function Name: NtGdiAnyLinkedFonts

Status: Not hooked

 

#: 010 Function Name: NtGdiFontIsLinked

Status: Not hooked

 

#: 011 Function Name: NtGdiArcInternal

Status: Not hooked

 

#: 012 Function Name: NtGdiBeginPath

Status: Not hooked

 

#: 013 Function Name: NtGdiBitBlt

Status: Not hooked

 

#: 014 Function Name: NtGdiCancelDC

Status: Not hooked

 

#: 015 Function Name: NtGdiCheckBitmapBits

Status: Not hooked

 

#: 016 Function Name: NtGdiCloseFigure

Status: Not hooked

 

#: 017 Function Name: NtGdiClearBitmapAttributes

Status: Not hooked

 

#: 018 Function Name: NtGdiClearBrushAttributes

Status: Not hooked

 

#: 019 Function Name: NtGdiColorCorrectPalette

Status: Not hooked

 

#: 020 Function Name: NtGdiCombineRgn

Status: Not hooked

 

#: 021 Function Name: NtGdiCombineTransform

Status: Not hooked

 

#: 022 Function Name: NtGdiComputeXformCoefficients

Status: Not hooked

 

#: 023 Function Name: NtGdiConsoleTextOut

Status: Not hooked

 

#: 024 Function Name: NtGdiConvertMetafileRect

Status: Not hooked

 

#: 025 Function Name: NtGdiCreateBitmap

Status: Not hooked

 

#: 026 Function Name: NtGdiCreateClientObj

Status: Not hooked

 

#: 027 Function Name: NtGdiCreateColorSpace

Status: Not hooked

 

#: 028 Function Name: NtGdiCreateColorTransform

Status: Not hooked

 

#: 029 Function Name: NtGdiCreateCompatibleBitmap

Status: Not hooked

 

#: 030 Function Name: NtGdiCreateCompatibleDC

Status: Not hooked

 

#: 031 Function Name: NtGdiCreateDIBBrush

Status: Not hooked

 

#: 032 Function Name: NtGdiCreateDIBitmapInternal

Status: Not hooked

 

#: 033 Function Name: NtGdiCreateDIBSection

Status: Not hooked

 

#: 034 Function Name: NtGdiCreateEllipticRgn

Status: Not hooked

 

#: 035 Function Name: NtGdiCreateHalftonePalette

Status: Not hooked

 

#: 036 Function Name: NtGdiCreateHatchBrushInternal

Status: Not hooked

 

#: 037 Function Name: NtGdiCreateMetafileDC

Status: Not hooked

 

#: 038 Function Name: NtGdiCreatePaletteInternal

Status: Not hooked

 

#: 039 Function Name: NtGdiCreatePatternBrushInternal

Status: Not hooked

 

#: 040 Function Name: NtGdiCreatePen

Status: Not hooked

 

#: 041 Function Name: NtGdiCreateRectRgn

Status: Not hooked

 

#: 042 Function Name: NtGdiCreateRoundRectRgn

Status: Not hooked

 

#: 043 Function Name: NtGdiCreateServerMetaFile

Status: Not hooked

 

#: 044 Function Name: NtGdiCreateSolidBrush

Status: Not hooked

 

#: 045 Function Name: NtGdiD3dContextCreate

Status: Not hooked

 

#: 046 Function Name: NtGdiD3dContextDestroy

Status: Not hooked

 

#: 047 Function Name: NtGdiD3dContextDestroyAll

Status: Not hooked

 

#: 048 Function Name: NtGdiD3dValidateTextureStageState

Status: Not hooked

 

#: 049 Function Name: NtGdiD3dDrawPrimitives2

Status: Not hooked

 

#: 050 Function Name: NtGdiDdGetDriverState

Status: Not hooked

 

#: 051 Function Name: NtGdiDdAddAttachedSurface

Status: Not hooked

 

#: 052 Function Name: NtGdiDdAlphaBlt

Status: Not hooked

 

#: 053 Function Name: NtGdiDdAttachSurface

Status: Not hooked

 

#: 054 Function Name: NtGdiDdBeginMoCompFrame

Status: Not hooked

 

#: 055 Function Name: NtGdiDdBlt

Status: Not hooked

 

#: 056 Function Name: NtGdiDdCanCreateSurface

Status: Not hooked

 

#: 057 Function Name: NtGdiDdCanCreateD3DBuffer

Status: Not hooked

 

#: 058 Function Name: NtGdiDdColorControl

Status: Not hooked

 

#: 059 Function Name: NtGdiDdCreateDirectDrawObject

Status: Not hooked

 

#: 060 Function Name: NtGdiDdCreateSurface

Status: Not hooked

 

#: 061 Function Name: NtGdiDdCreateD3DBuffer

Status: Not hooked

 

#: 062 Function Name: NtGdiDdCreateMoComp

Status: Not hooked

 

#: 063 Function Name: NtGdiDdCreateSurfaceObject

Status: Not hooked

 

#: 064 Function Name: NtGdiDdDeleteDirectDrawObject

Status: Not hooked

 

#: 065 Function Name: NtGdiDdDeleteSurfaceObject

Status: Not hooked

 

#: 066 Function Name: NtGdiDdDestroyMoComp

Status: Not hooked

 

#: 067 Function Name: NtGdiDdDestroySurface

Status: Not hooked

 

#: 068 Function Name: NtGdiDdDestroyD3DBuffer

Status: Not hooked

 

#: 069 Function Name: NtGdiDdEndMoCompFrame

Status: Not hooked

 

#: 070 Function Name: NtGdiDdFlip

Status: Not hooked

 

#: 071 Function Name: NtGdiDdFlipToGDISurface

Status: Not hooked

 

#: 072 Function Name: NtGdiDdGetAvailDriverMemory

Status: Not hooked

 

#: 073 Function Name: NtGdiDdGetBltStatus

Status: Not hooked

 

#: 074 Function Name: NtGdiDdGetDC

Status: Not hooked

 

#: 075 Function Name: NtGdiDdGetDriverInfo

Status: Not hooked

 

#: 076 Function Name: NtGdiDdGetDxHandle

Status: Not hooked

 

#: 077 Function Name: NtGdiDdGetFlipStatus

Status: Not hooked

 

#: 078 Function Name: NtGdiDdGetInternalMoCompInfo

Status: Not hooked

 

#: 079 Function Name: NtGdiDdGetMoCompBuffInfo

Status: Not hooked

 

#: 080 Function Name: NtGdiDdGetMoCompGuids

Status: Not hooked

 

#: 081 Function Name: NtGdiDdGetMoCompFormats

Status: Not hooked

 

#: 082 Function Name: NtGdiDdGetScanLine

Status: Not hooked

 

#: 083 Function Name: NtGdiDdLock

Status: Not hooked

 

#: 084 Function Name: NtGdiDdLockD3D

Status: Not hooked

 

#: 085 Function Name: NtGdiDdQueryDirectDrawObject

Status: Not hooked

 

#: 086 Function Name: NtGdiDdQueryMoCompStatus

Status: Not hooked

 

#: 087 Function Name: NtGdiDdReenableDirectDrawObject

Status: Not hooked

 

#: 088 Function Name: NtGdiDdReleaseDC

Status: Not hooked

 

#: 089 Function Name: NtGdiDdRenderMoComp

Status: Not hooked

 

#: 090 Function Name: NtGdiDdResetVisrgn

Status: Not hooked

 

#: 091 Function Name: NtGdiDdSetColorKey

Status: Not hooked

 

#: 092 Function Name: NtGdiDdSetExclusiveMode

Status: Not hooked

 

#: 093 Function Name: NtGdiDdSetGammaRamp

Status: Not hooked

 

#: 094 Function Name: NtGdiDdCreateSurfaceEx

Status: Not hooked

 

#: 095 Function Name: NtGdiDdSetOverlayPosition

Status: Not hooked

 

#: 096 Function Name: NtGdiDdUnattachSurface

Status: Not hooked

 

#: 097 Function Name: NtGdiDdUnlock

Status: Not hooked

 

#: 098 Function Name: NtGdiDdUnlockD3D

Status: Not hooked

 

#: 099 Function Name: NtGdiDdUpdateOverlay

Status: Not hooked

 

#: 100 Function Name: NtGdiDdWaitForVerticalBlank

Status: Not hooked

 

#: 101 Function Name: NtGdiDvpCanCreateVideoPort

Status: Not hooked

 

#: 102 Function Name: NtGdiDvpColorControl

Status: Not hooked

 

#: 103 Function Name: NtGdiDvpCreateVideoPort

Status: Not hooked

 

#: 104 Function Name: NtGdiDvpDestroyVideoPort

Status: Not hooked

 

#: 105 Function Name: NtGdiDvpFlipVideoPort

Status: Not hooked

 

#: 106 Function Name: NtGdiDvpGetVideoPortBandwidth

Status: Not hooked

 

#: 107 Function Name: NtGdiDvpGetVideoPortField

Status: Not hooked

 

#: 108 Function Name: NtGdiDvpGetVideoPortFlipStatus

Status: Not hooked

 

#: 109 Function Name: NtGdiDvpGetVideoPortInputFormats

Status: Not hooked

 

#: 110 Function Name: NtGdiDvpGetVideoPortLine

Status: Not hooked

 

#: 111 Function Name: NtGdiDvpGetVideoPortOutputFormats

Status: Not hooked

 

#: 112 Function Name: NtGdiDvpGetVideoPortConnectInfo

Status: Not hooked

 

#: 113 Function Name: NtGdiDvpGetVideoSignalStatus

Status: Not hooked

 

#: 114 Function Name: NtGdiDvpUpdateVideoPort

Status: Not hooked

 

#: 115 Function Name: NtGdiDvpWaitForVideoPortSync

Status: Not hooked

 

#: 116 Function Name: NtGdiDvpAcquireNotification

Status: Not hooked

 

#: 117 Function Name: NtGdiDvpReleaseNotification

Status: Not hooked

 

#: 118 Function Name: NtGdiDxgGenericThunk

Status: Not hooked

 

#: 119 Function Name: NtGdiDeleteClientObj

Status: Not hooked

 

#: 120 Function Name: NtGdiDeleteColorSpace

Status: Not hooked

 

#: 121 Function Name: NtGdiDeleteColorTransform

Status: Not hooked

 

#: 122 Function Name: NtGdiDeleteObjectApp

Status: Not hooked

 

#: 123 Function Name: NtGdiDescribePixelFormat

Status: Not hooked

 

#: 124 Function Name: NtGdiGetPerBandInfo

Status: Not hooked

 

#: 125 Function Name: NtGdiDoBanding

Status: Not hooked

 

#: 126 Function Name: NtGdiDoPalette

Status: Not hooked

 

#: 127 Function Name: NtGdiDrawEscape

Status: Not hooked

 

#: 128 Function Name: NtGdiEllipse

Status: Not hooked

 

#: 129 Function Name: NtGdiEnableEudc

Status: Not hooked

 

#: 130 Function Name: NtGdiEndDoc

Status: Not hooked

 

#: 131 Function Name: NtGdiEndPage

Status: Not hooked

 

#: 132 Function Name: NtGdiEndPath

Status: Not hooked

 

#: 133 Function Name: NtGdiEnumFontChunk

Status: Not hooked

 

#: 134 Function Name: NtGdiEnumFontClose

Status: Not hooked

 

#: 135 Function Name: NtGdiEnumFontOpen

Status: Not hooked

 

#: 136 Function Name: NtGdiEnumObjects

Status: Not hooked

 

#: 137 Function Name: NtGdiEqualRgn

Status: Not hooked

 

#: 138 Function Name: NtGdiEudcLoadUnloadLink

Status: Not hooked

 

#: 139 Function Name: NtGdiExcludeClipRect

Status: Not hooked

 

#: 140 Function Name: NtGdiExtCreatePen

Status: Not hooked

 

#: 141 Function Name: NtGdiExtCreateRegion

Status: Not hooked

 

#: 142 Function Name: NtGdiExtEscape

Status: Not hooked

 

#: 143 Function Name: NtGdiExtFloodFill

Status: Not hooked

 

#: 144 Function Name: NtGdiExtGetObjectW

Status: Not hooked

 

#: 145 Function Name: NtGdiExtSelectClipRgn

Status: Not hooked

 

#: 146 Function Name: NtGdiExtTextOutW

Status: Not hooked

 

#: 147 Function Name: NtGdiFillPath

Status: Not hooked

 

#: 148 Function Name: NtGdiFillRgn

Status: Not hooked

 

#: 149 Function Name: NtGdiFlattenPath

Status: Not hooked

 

#: 150 Function Name: NtGdiFlushUserBatch

Status: Not hooked

 

#: 151 Function Name: NtGdiFlush

Status: Not hooked

 

#: 152 Function Name: NtGdiForceUFIMapping

Status: Not hooked

 

#: 153 Function Name: NtGdiFrameRgn

Status: Not hooked

 

#: 154 Function Name: NtGdiFullscreenControl

Status: Not hooked

 

#: 155 Function Name: NtGdiGetAndSetDCDword

Status: Not hooked

 

#: 156 Function Name: NtGdiGetAppClipBox

Status: Not hooked

 

#: 157 Function Name: NtGdiGetBitmapBits

Status: Not hooked

 

#: 158 Function Name: NtGdiGetBitmapDimension

Status: Not hooked

 

#: 159 Function Name: NtGdiGetBoundsRect

Status: Not hooked

 

#: 160 Function Name: NtGdiGetCharABCWidthsW

Status: Not hooked

 

#: 161 Function Name: NtGdiGetCharacterPlacementW

Status: Not hooked

 

#: 162 Function Name: NtGdiGetCharSet

Status: Not hooked

 

#: 163 Function Name: NtGdiGetCharWidthW

Status: Not hooked

 

#: 164 Function Name: NtGdiGetCharWidthInfo

Status: Not hooked

 

#: 165 Function Name: NtGdiGetColorAdjustment

Status: Not hooked

 

#: 166 Function Name: NtGdiGetColorSpaceforBitmap

Status: Not hooked

 

#: 167 Function Name: NtGdiGetDCDword

Status: Not hooked

 

#: 168 Function Name: NtGdiGetDCforBitmap

Status: Not hooked

 

#: 169 Function Name: NtGdiGetDCObject

Status: Not hooked

 

#: 170 Function Name: NtGdiGetDCPoint

Status: Not hooked

 

#: 171 Function Name: NtGdiGetDeviceCaps

Status: Not hooked

 

#: 172 Function Name: NtGdiGetDeviceGammaRamp

Status: Not hooked

 

#: 173 Function Name: NtGdiGetDeviceCapsAll

Status: Not hooked

 

#: 174 Function Name: NtGdiGetDIBitsInternal

Status: Not hooked

 

#: 175 Function Name: NtGdiGetETM

Status: Not hooked

 

#: 176 Function Name: NtGdiGetEudcTimeStampEx

Status: Not hooked

 

#: 177 Function Name: NtGdiGetFontData

Status: Not hooked

 

#: 178 Function Name: NtGdiGetFontResourceInfoInternalW

Status: Not hooked

 

#: 179 Function Name: NtGdiGetGlyphIndicesW

Status: Not hooked

 

#: 180 Function Name: NtGdiGetGlyphIndicesWInternal

Status: Not hooked

 

#: 181 Function Name: NtGdiGetGlyphOutline

Status: Not hooked

 

#: 182 Function Name: NtGdiGetKerningPairs

Status: Not hooked

 

#: 183 Function Name: NtGdiGetLinkedUFIs

Status: Not hooked

 

#: 184 Function Name: NtGdiGetMiterLimit

Status: Not hooked

 

#: 185 Function Name: NtGdiGetMonitorID

Status: Not hooked

 

#: 186 Function Name: NtGdiGetNearestColor

Status: Not hooked

 

#: 187 Function Name: NtGdiGetNearestPaletteIndex

Status: Not hooked

 

#: 188 Function Name: NtGdiGetObjectBitmapHandle

Status: Not hooked

 

#: 189 Function Name: NtGdiGetOutlineTextMetricsInternalW

Status: Not hooked

 

#: 190 Function Name: NtGdiGetPath

Status: Not hooked

 

#: 191 Function Name: NtGdiGetPixel

Status: Not hooked

 

#: 192 Function Name: NtGdiGetRandomRgn

Status: Not hooked

 

#: 193 Function Name: NtGdiGetRasterizerCaps

Status: Not hooked

 

#: 194 Function Name: NtGdiGetRealizationInfo

Status: Not hooked

 

#: 195 Function Name: NtGdiGetRegionData

Status: Not hooked

 

#: 196 Function Name: NtGdiGetRgnBox

Status: Not hooked

 

#: 197 Function Name: NtGdiGetServerMetaFileBits

Status: Not hooked

 

#: 198 Function Name: NtGdiGetSpoolMessage

Status: Not hooked

 

#: 199 Function Name: NtGdiGetStats

Status: Not hooked

 

#: 200 Function Name: NtGdiGetStockObject

Status: Not hooked

 

#: 201 Function Name: NtGdiGetStringBitmapW

Status: Not hooked

 

#: 202 Function Name: NtGdiGetSystemPaletteUse

Status: Not hooked

 

#: 203 Function Name: NtGdiGetTextCharsetInfo

Status: Not hooked

 

#: 204 Function Name: NtGdiGetTextExtent

Status: Not hooked

 

#: 205 Function Name: NtGdiGetTextExtentExW

Status: Not hooked

 

#: 206 Function Name: NtGdiGetTextFaceW

Status: Not hooked

 

#: 207 Function Name: NtGdiGetTextMetricsW

Status: Not hooked

 

#: 208 Function Name: NtGdiGetTransform

Status: Not hooked

 

#: 209 Function Name: NtGdiGetUFI

Status: Not hooked

 

#: 210 Function Name: NtGdiGetEmbUFI

Status: Not hooked

 

#: 211 Function Name: NtGdiGetUFIPathname

Status: Not hooked

 

#: 212 Function Name: NtGdiGetEmbedFonts

Status: Not hooked

 

#: 213 Function Name: NtGdiChangeGhostFont

Status: Not hooked

 

#: 214 Function Name: NtGdiAddEmbFontToDC

Status: Not hooked

 

#: 215 Function Name: NtGdiGetFontUnicodeRanges

Status: Not hooked

 

#: 216 Function Name: NtGdiGetWidthTable

Status: Not hooked

 

#: 217 Function Name: NtGdiGradientFill

Status: Not hooked

 

#: 218 Function Name: NtGdiHfontCreate

Status: Not hooked

 

#: 219 Function Name: NtGdiIcmBrushInfo

Status: Not hooked

 

#: 220 Function Name: NtGdiInit

Status: Not hooked

 

#: 221 Function Name: NtGdiInitSpool

Status: Not hooked

 

#: 222 Function Name: NtGdiIntersectClipRect

Status: Not hooked

 

#: 223 Function Name: NtGdiInvertRgn

Status: Not hooked

 

#: 224 Function Name: NtGdiLineTo

Status: Not hooked

 

#: 225 Function Name: NtGdiMakeFontDir

Status: Not hooked

 

#: 226 Function Name: NtGdiMakeInfoDC

Status: Not hooked

 

#: 227 Function Name: NtGdiMaskBlt

Status: Not hooked

 

#: 228 Function Name: NtGdiModifyWorldTransform

Status: Not hooked

 

#: 229 Function Name: NtGdiMonoBitmap

Status: Not hooked

 

#: 230 Function Name: NtGdiMoveTo

Status: Not hooked

 

#: 231 Function Name: NtGdiOffsetClipRgn

Status: Not hooked

 

#: 232 Function Name: NtGdiOffsetRgn

Status: Not hooked

 

#: 233 Function Name: NtGdiOpenDCW

Status: Not hooked

 

#: 234 Function Name: NtGdiPatBlt

Status: Not hooked

 

#: 235 Function Name: NtGdiPolyPatBlt

Status: Not hooked

 

#: 236 Function Name: NtGdiPathToRegion

Status: Not hooked

 

#: 237 Function Name: NtGdiPlgBlt

Status: Not hooked

 

#: 238 Function Name: NtGdiPolyDraw

Status: Not hooked

 

#: 239 Function Name: NtGdiPolyPolyDraw

Status: Not hooked

 

#: 240 Function Name: NtGdiPolyTextOutW

Status: Not hooked

 

#: 241 Function Name: NtGdiPtInRegion

Status: Not hooked

 

#: 242 Function Name: NtGdiPtVisible

Status: Not hooked

 

#: 243 Function Name: NtGdiQueryFonts

Status: Not hooked

 

#: 244 Function Name: NtGdiQueryFontAssocInfo

Status: Not hooked

 

#: 245 Function Name: NtGdiRectangle

Status: Not hooked

 

#: 246 Function Name: NtGdiRectInRegion

Status: Not hooked

 

#: 247 Function Name: NtGdiRectVisible

Status: Not hooked

 

#: 248 Function Name: NtGdiRemoveFontResourceW

Status: Not hooked

 

#: 249 Function Name: NtGdiRemoveFontMemResourceEx

Status: Not hooked

 

#: 250 Function Name: NtGdiResetDC

Status: Not hooked

 

#: 251 Function Name: NtGdiResizePalette

Status: Not hooked

 

#: 252 Function Name: NtGdiRestoreDC

Status: Not hooked

 

#: 253 Function Name: NtGdiRoundRect

Status: Not hooked

 

#: 254 Function Name: NtGdiSaveDC

Status: Not hooked

 

#: 255 Function Name: NtGdiScaleViewportExtEx

Status: Not hooked

 

#: 256 Function Name: NtGdiScaleWindowExtEx

Status: Not hooked

 

#: 257 Function Name: NtGdiSelectBitmap

Status: Not hooked

 

#: 258 Function Name: NtGdiSelectBrush

Status: Not hooked

 

#: 259 Function Name: NtGdiSelectClipPath

Status: Not hooked

 

#: 260 Function Name: NtGdiSelectFont

Status: Not hooked

 

#: 261 Function Name: NtGdiSelectPen

Status: Not hooked

 

#: 262 Function Name: NtGdiSetBitmapAttributes

Status: Not hooked

 

#: 263 Function Name: NtGdiSetBitmapBits

Status: Not hooked

 

#: 264 Function Name: NtGdiSetBitmapDimension

Status: Not hooked

 

#: 265 Function Name: NtGdiSetBoundsRect

Status: Not hooked

 

#: 266 Function Name: NtGdiSetBrushAttributes

Status: Not hooked

 

#: 267 Function Name: NtGdiSetBrushOrg

Status: Not hooked

 

#: 268 Function Name: NtGdiSetColorAdjustment

Status: Not hooked

 

#: 269 Function Name: NtGdiSetColorSpace

Status: Not hooked

 

#: 270 Function Name: NtGdiSetDeviceGammaRamp

Status: Not hooked

 

#: 271 Function Name: NtGdiSetDIBitsToDeviceInternal

Status: Not hooked

 

#: 272 Function Name: NtGdiSetFontEnumeration

Status: Not hooked

 

#: 273 Function Name: NtGdiSetFontXform

Status: Not hooked

 

#: 274 Function Name: NtGdiSetIcmMode

Status: Not hooked

 

#: 275 Function Name: NtGdiSetLinkedUFIs

Status: Not hooked

 

#: 276 Function Name: NtGdiSetMagicColors

Status: Not hooked

 

#: 277 Function Name: NtGdiSetMetaRgn

Status: Not hooked

 

#: 278 Function Name: NtGdiSetMiterLimit

Status: Not hooked

 

#: 279 Function Name: NtGdiGetDeviceWidth

Status: Not hooked

 

#: 280 Function Name: NtGdiMirrorWindowOrg

Status: Not hooked

 

#: 281 Function Name: NtGdiSetLayout

Status: Not hooked

 

#: 282 Function Name: NtGdiSetPixel

Status: Not hooked

 

#: 283 Function Name: NtGdiSetPixelFormat

Status: Not hooked

 

#: 284 Function Name: NtGdiSetRectRgn

Status: Not hooked

 

#: 285 Function Name: NtGdiSetSystemPaletteUse

Status: Not hooked

 

#: 286 Function Name: NtGdiSetTextJustification

Status: Not hooked

 

#: 287 Function Name: NtGdiSetupPublicCFONT

Status: Not hooked

 

#: 288 Function Name: NtGdiSetVirtualResolution

Status: Not hooked

 

#: 289 Function Name: NtGdiSetSizeDevice

Status: Not hooked

 

#: 290 Function Name: NtGdiStartDoc

Status: Not hooked

 

#: 291 Function Name: NtGdiStartPage

Status: Not hooked

 

#: 292 Function Name: NtGdiStretchBlt

Status: Not hooked

 

#: 293 Function Name: NtGdiStretchDIBitsInternal

Status: Not hooked

 

#: 294 Function Name: NtGdiStrokeAndFillPath

Status: Not hooked

 

#: 295 Function Name: NtGdiStrokePath

Status: Not hooked

 

#: 296 Function Name: NtGdiSwapBuffers

Status: Not hooked

 

#: 297 Function Name: NtGdiTransformPoints

Status: Not hooked

 

#: 298 Function Name: NtGdiTransparentBlt

Status: Not hooked

 

#: 299 Function Name: NtGdiUnloadPrinterDriver

Status: Not hooked

 

#: 300 Function Name: NtGdiUnmapMemFont

Status: Not hooked

 

#: 301 Function Name: NtGdiUnrealizeObject

Status: Not hooked

 

#: 302 Function Name: NtGdiUpdateColors

Status: Not hooked

 

#: 303 Function Name: NtGdiWidenPath

Status: Not hooked

 

#: 304 Function Name: NtUserActivateKeyboardLayout

Status: Not hooked

 

#: 305 Function Name: NtUserAlterWindowStyle

Status: Not hooked

 

#: 306 Function Name: NtUserAssociateInputContext

Status: Not hooked

 

#: 307 Function Name: NtUserAttachThreadInput

Status: Not hooked

 

#: 308 Function Name: NtUserBeginPaint

Status: Not hooked

 

#: 309 Function Name: NtUserBitBltSysBmp

Status: Not hooked

 

#: 310 Function Name: NtUserBlockInput

Status: Not hooked

 

#: 311 Function Name: NtUserBuildHimcList

Status: Not hooked

 

#: 312 Function Name: NtUserBuildHwndList

Status: Not hooked

 

#: 313 Function Name: NtUserBuildNameList

Status: Not hooked

 

#: 314 Function Name: NtUserBuildPropList

Status: Not hooked

 

#: 315 Function Name: NtUserCallHwnd

Status: Not hooked

 

#: 316 Function Name: NtUserCallHwndLock

Status: Not hooked

 

#: 317 Function Name: NtUserCallHwndOpt

Status: Not hooked

 

#: 318 Function Name: NtUserCallHwndParam

Status: Not hooked

 

#: 319 Function Name: NtUserCallHwndParamLock

Status: Not hooked

 

#: 320 Function Name: NtUserCallMsgFilter

Status: Not hooked

 

#: 321 Function Name: NtUserCallNextHookEx

Status: Not hooked

 

#: 322 Function Name: NtUserCallNoParam

Status: Not hooked

 

#: 323 Function Name: NtUserCallOneParam

Status: Not hooked

 

#: 324 Function Name: NtUserCallTwoParam

Status: Not hooked

 

#: 325 Function Name: NtUserChangeClipboardChain

Status: Not hooked

 

#: 326 Function Name: NtUserChangeDisplaySettings

Status: Not hooked

 

#: 327 Function Name: NtUserCheckImeHotKey

Status: Not hooked

 

#: 328 Function Name: NtUserCheckMenuItem

Status: Not hooked

 

#: 329 Function Name: NtUserChildWindowFromPointEx

Status: Not hooked

 

#: 330 Function Name: NtUserClipCursor

Status: Not hooked

 

#: 331 Function Name: NtUserCloseClipboard

Status: Not hooked

 

#: 332 Function Name: NtUserCloseDesktop

Status: Not hooked

 

#: 333 Function Name: NtUserCloseWindowStation

Status: Not hooked

 

#: 334 Function Name: NtUserConsoleControl

Status: Not hooked

 

#: 335 Function Name: NtUserConvertMemHandle

Status: Not hooked

 

#: 336 Function Name: NtUserCopyAcceleratorTable

Status: Not hooked

 

#: 337 Function Name: NtUserCountClipboardFormats

Status: Not hooked

 

#: 338 Function Name: NtUserCreateAcceleratorTable

Status: Not hooked

 

#: 339 Function Name: NtUserCreateCaret

Status: Not hooked

 

#: 340 Function Name: NtUserCreateDesktop

Status: Not hooked

 

#: 341 Function Name: NtUserCreateInputContext

Status: Not hooked

 

#: 342 Function Name: NtUserCreateLocalMemHandle

Status: Not hooked

 

#: 343 Function Name: NtUserCreateWindowEx

Status: Not hooked

 

#: 344 Function Name: NtUserCreateWindowStation

Status: Not hooked

 

#: 345 Function Name: NtUserDdeGetQualityOfService

Status: Not hooked

 

#: 346 Function Name: NtUserDdeInitialize

Status: Not hooked

 

#: 347 Function Name: NtUserDdeSetQualityOfService

Status: Not hooked

 

#: 348 Function Name: NtUserDeferWindowPos

Status: Not hooked

 

#: 349 Function Name: NtUserDefSetText

Status: Not hooked

 

#: 350 Function Name: NtUserDeleteMenu

Status: Not hooked

 

#: 351 Function Name: NtUserDestroyAcceleratorTable

Status: Not hooked

 

#: 352 Function Name: NtUserDestroyCursor

Status: Not hooked

 

#: 353 Function Name: NtUserDestroyInputContext

Status: Not hooked

 

#: 354 Function Name: NtUserDestroyMenu

Status: Not hooked

 

#: 355 Function Name: NtUserDestroyWindow

Status: Not hooked

 

#: 356 Function Name: NtUserDisableThreadIme

Status: Not hooked

 

#: 357 Function Name: NtUserDispatchMessage

Status: Not hooked

 

#: 358 Function Name: NtUserDragDetect

Status: Not hooked

 

#: 359 Function Name: NtUserDragObject

Status: Not hooked

 

#: 360 Function Name: NtUserDrawAnimatedRects

Status: Not hooked

 

#: 361 Function Name: NtUserDrawCaption

Status: Not hooked

 

#: 362 Function Name: NtUserDrawCaptionTemp

Status: Not hooked

 

#: 363 Function Name: NtUserDrawIconEx

Status: Not hooked

 

#: 364 Function Name: NtUserDrawMenuBarTemp

Status: Not hooked

 

#: 365 Function Name: NtUserEmptyClipboard

Status: Not hooked

 

#: 366 Function Name: NtUserEnableMenuItem

Status: Not hooked

 

#: 367 Function Name: NtUserEnableScrollBar

Status: Not hooked

 

#: 368 Function Name: NtUserEndDeferWindowPosEx

Status: Not hooked

 

#: 369 Function Name: NtUserEndMenu

Status: Not hooked

 

#: 370 Function Name: NtUserEndPaint

Status: Not hooked

 

#: 371 Function Name: NtUserEnumDisplayDevices

Status: Not hooked

 

#: 372 Function Name: NtUserEnumDisplayMonitors

Status: Not hooked

 

#: 373 Function Name: NtUserEnumDisplaySettings

Status: Not hooked

 

#: 374 Function Name: NtUserEvent

Status: Not hooked

 

#: 375 Function Name: NtUserExcludeUpdateRgn

Status: Not hooked

 

#: 376 Function Name: NtUserFillWindow

Status: Not hooked

 

#: 377 Function Name: NtUserFindExistingCursorIcon

Status: Not hooked

 

#: 378 Function Name: NtUserFindWindowEx

Status: Not hooked

 

#: 379 Function Name: NtUserFlashWindowEx

Status: Not hooked

 

#: 380 Function Name: NtUserGetAltTabInfo

Status: Not hooked

 

#: 381 Function Name: NtUserGetAncestor

Status: Not hooked

 

#: 382 Function Name: NtUserGetAppImeLevel

Status: Not hooked

 

#: 383 Function Name: NtUserGetAsyncKeyState

Status: Not hooked

 

#: 384 Function Name: NtUserGetAtomName

Status: Not hooked

 

#: 385 Function Name: NtUserGetCaretBlinkTime

Status: Not hooked

 

#: 386 Function Name: NtUserGetCaretPos

Status: Not hooked

 

#: 387 Function Name: NtUserGetClassInfo

Status: Not hooked

 

#: 388 Function Name: NtUserGetClassName

Status: Not hooked

 

#: 389 Function Name: NtUserGetClipboardData

Status: Not hooked

 

#: 390 Function Name: NtUserGetClipboardFormatName

Status: Not hooked

 

#: 391 Function Name: NtUserGetClipboardOwner

Status: Not hooked

 

#: 392 Function Name: NtUserGetClipboardSequenceNumber

Status: Not hooked

 

#: 393 Function Name: NtUserGetClipboardViewer

Status: Not hooked

 

#: 394 Function Name: NtUserGetClipCursor

Status: Not hooked

 

#: 395 Function Name: NtUserGetComboBoxInfo

Status: Not hooked

 

#: 396 Function Name: NtUserGetControlBrush

Status: Not hooked

 

#: 397 Function Name: NtUserGetControlColor

Status: Not hooked

 

#: 398 Function Name: NtUserGetCPD

Status: Not hooked

 

#: 399 Function Name: NtUserGetCursorFrameInfo

Status: Not hooked

 

#: 400 Function Name: NtUserGetCursorInfo

Status: Not hooked

 

#: 401 Function Name: NtUserGetDC

Status: Not hooked

 

#: 402 Function Name: NtUserGetDCEx

Status: Not hooked

 

#: 403 Function Name: NtUserGetDoubleClickTime

Status: Not hooked

 

#: 404 Function Name: NtUserGetForegroundWindow

Status: Not hooked

 

#: 405 Function Name: NtUserGetGuiResources

Status: Not hooked

 

#: 406 Function Name: NtUserGetGUIThreadInfo

Status: Not hooked

 

#: 407 Function Name: NtUserGetIconInfo

Status: Not hooked

 

#: 408 Function Name: NtUserGetIconSize

Status: Not hooked

 

#: 409 Function Name: NtUserGetImeHotKey

Status: Not hooked

 

#: 410 Function Name: NtUserGetImeInfoEx

Status: Not hooked

 

#: 411 Function Name: NtUserGetInternalWindowPos

Status: Not hooked

 

#: 412 Function Name: NtUserGetKeyboardLayoutList

Status: Not hooked

 

#: 413 Function Name: NtUserGetKeyboardLayoutName

Status: Not hooked

 

#: 414 Function Name: NtUserGetKeyboardState

Status: Not hooked

 

#: 415 Function Name: NtUserGetKeyNameText

Status: Not hooked

 

#: 416 Function Name: NtUserGetKeyState

Status: Not hooked

 

#: 417 Function Name: NtUserGetListBoxInfo

Status: Not hooked

 

#: 418 Function Name: NtUserGetMenuBarInfo

Status: Not hooked

 

#: 419 Function Name: NtUserGetMenuIndex

Status: Not hooked

 

#: 420 Function Name: NtUserGetMenuItemRect

Status: Not hooked

 

#: 421 Function Name: NtUserGetMessage

Status: Not hooked

 

#: 422 Function Name: NtUserGetMouseMovePointsEx

Status: Not hooked

 

#: 423 Function Name: NtUserGetObjectInformation

Status: Not hooked

 

#: 424 Function Name: NtUserGetOpenClipboardWindow

Status: Not hooked

 

#: 425 Function Name: NtUserGetPriorityClipboardFormat

Status: Not hooked

 

#: 426 Function Name: NtUserGetProcessWindowStation

Status: Not hooked

 

#: 427 Function Name: NtUserGetRawInputBuffer

Status: Not hooked

 

#: 428 Function Name: NtUserGetRawInputData

Status: Not hooked

 

#: 429 Function Name: NtUserGetRawInputDeviceInfo

Status: Not hooked

 

#: 430 Function Name: NtUserGetRawInputDeviceList

Status: Not hooked

 

#: 431 Function Name: NtUserGetRegisteredRawInputDevices

Status: Not hooked

 

#: 432 Function Name: NtUserGetScrollBarInfo

Status: Not hooked

 

#: 433 Function Name: NtUserGetSystemMenu

Status: Not hooked

 

#: 434 Function Name: NtUserGetThreadDesktop

Status: Not hooked

 

#: 435 Function Name: NtUserGetThreadState

Status: Not hooked

 

#: 436 Function Name: NtUserGetTitleBarInfo

Status: Not hooked

 

#: 437 Function Name: NtUserGetUpdateRect

Status: Not hooked

 

#: 438 Function Name: NtUserGetUpdateRgn

Status: Not hooked

 

#: 439 Function Name: NtUserGetWindowDC

Status: Not hooked

 

#: 440 Function Name: NtUserGetWindowPlacement

Status: Not hooked

 

#: 441 Function Name: NtUserGetWOWClass

Status: Not hooked

 

#: 442 Function Name: NtUserHardErrorControl

Status: Not hooked

 

#: 443 Function Name: NtUserHideCaret

Status: Not hooked

 

#: 444 Function Name: NtUserHiliteMenuItem

Status: Not hooked

 

#: 445 Function Name: NtUserImpersonateDdeClientWindow

Status: Not hooked

 

#: 446 Function Name: NtUserInitialize

Status: Not hooked

 

#: 447 Function Name: NtUserInitializeClientPfnArrays

Status: Not hooked

 

#: 448 Function Name: NtUserInitTask

Status: Not hooked

 

#: 449 Function Name: NtUserInternalGetWindowText

Status: Not hooked

 

#: 450 Function Name: NtUserInvalidateRect

Status: Not hooked

 

#: 451 Function Name: NtUserInvalidateRgn

Status: Not hooked

 

#: 452 Function Name: NtUserIsClipboardFormatAvailable

Status: Not hooked

 

#: 453 Function Name: NtUserKillTimer

Status: Not hooked

 

#: 454 Function Name: NtUserLoadKeyboardLayoutEx

Status: Not hooked

 

#: 455 Function Name: NtUserLockWindowStation

Status: Not hooked

 

#: 456 Function Name: NtUserLockWindowUpdate

Status: Not hooked

 

#: 457 Function Name: NtUserLockWorkStation

Status: Not hooked

 

#: 458 Function Name: NtUserMapVirtualKeyEx

Status: Not hooked

 

#: 459 Function Name: NtUserMenuItemFromPoint

Status: Not hooked

 

#: 460 Function Name: NtUserMessageCall

Status: Not hooked

 

#: 461 Function Name: NtUserMinMaximize

Status: Not hooked

 

#: 462 Function Name: NtUserMNDragLeave

Status: Not hooked

 

#: 463 Function Name: NtUserMNDragOver

Status: Not hooked

 

#: 464 Function Name: NtUserModifyUserStartupInfoFlags

Status: Not hooked

 

#: 465 Function Name: NtUserMoveWindow

Status: Not hooked

 

#: 466 Function Name: NtUserNotifyIMEStatus

Status: Not hooked

 

#: 467 Function Name: NtUserNotifyProcessCreate

Status: Not hooked

 

#: 468 Function Name: NtUserNotifyWinEvent

Status: Not hooked

 

#: 469 Function Name: NtUserOpenClipboard

Status: Not hooked

 

#: 470 Function Name: NtUserOpenDesktop

Status: Not hooked

 

#: 471 Function Name: NtUserOpenInputDesktop

Status: Not hooked

 

#: 472 Function Name: NtUserOpenWindowStation

Status: Not hooked

 

#: 473 Function Name: NtUserPaintDesktop

Status: Not hooked

 

#: 474 Function Name: NtUserPeekMessage

Status: Not hooked

 

#: 475 Function Name: NtUserPostMessage

Status: Not hooked

 

#: 476 Function Name: NtUserPostThreadMessage

Status: Not hooked

 

#: 477 Function Name: NtUserPrintWindow

Status: Not hooked

 

#: 478 Function Name: NtUserProcessConnect

Status: Not hooked

 

#: 479 Function Name: NtUserQueryInformationThread

Status: Not hooked

 

#: 480 Function Name: NtUserQueryInputContext

Status: Not hooked

 

#: 481 Function Name: NtUserQuerySendMessage

Status: Not hooked

 

#: 482 Function Name: NtUserQueryUserCounters

Status: Not hooked

 

#: 483 Function Name: NtUserQueryWindow

Status: Not hooked

 

#: 484 Function Name: NtUserRealChildWindowFromPoint

Status: Not hooked

 

#: 485 Function Name: NtUserRealInternalGetMessage

Status: Not hooked

 

#: 486 Function Name: NtUserRealWaitMessageEx

Status: Not hooked

 

#: 487 Function Name: NtUserRedrawWindow

Status: Not hooked

 

#: 488 Function Name: NtUserRegisterClassExWOW

Status: Not hooked

 

#: 489 Function Name: NtUserRegisterUserApiHook

Status: Not hooked

 

#: 490 Function Name: NtUserRegisterHotKey

Status: Not hooked

 

#: 491 Function Name: NtUserRegisterRawInputDevices

Status: Not hooked

 

#: 492 Function Name: NtUserRegisterTasklist

Status: Not hooked

 

#: 493 Function Name: NtUserRegisterWindowMessage

Status: Not hooked

 

#: 494 Function Name: NtUserRemoveMenu

Status: Not hooked

 

#: 495 Function Name: NtUserRemoveProp

Status: Not hooked

 

#: 496 Function Name: NtUserResolveDesktop

Status: Not hooked

 

#: 497 Function Name: NtUserResolveDesktopForWOW

Status: Not hooked

 

#: 498 Function Name: NtUserSBGetParms

Status: Not hooked

 

#: 499 Function Name: NtUserScrollDC

Status: Not hooked

 

#: 500 Function Name: NtUserScrollWindowEx

Status: Not hooked

 

#: 501 Function Name: NtUserSelectPalette

Status: Not hooked

 

#: 502 Function Name: NtUserSendInput

Status: Not hooked

 

#: 503 Function Name: NtUserSetActiveWindow

Status: Not hooked

 

#: 504 Function Name: NtUserSetAppImeLevel

Status: Not hooked

 

#: 505 Function Name: NtUserSetCapture

Status: Not hooked

 

#: 506 Function Name: NtUserSetClassLong

Status: Not hooked

 

#: 507 Function Name: NtUserSetClassWord

Status: Not hooked

 

#: 508 Function Name: NtUserSetClipboardData

Status: Not hooked

 

#: 509 Function Name: NtUserSetClipboardViewer

Status: Not hooked

 

#: 510 Function Name: NtUserSetConsoleReserveKeys

Status: Not hooked

 

#: 511 Function Name: NtUserSetCursor

Status: Not hooked

 

#: 512 Function Name: NtUserSetCursorContents

Status: Not hooked

 

#: 513 Function Name: NtUserSetCursorIconData

Status: Not hooked

 

#: 514 Function Name: NtUserSetDbgTag

Status: Not hooked

 

#: 515 Function Name: NtUserSetFocus

Status: Not hooked

 

#: 516 Function Name: NtUserSetImeHotKey

Status: Not hooked

 

#: 517 Function Name: NtUserSetImeInfoEx

Status: Not hooked

 

#: 518 Function Name: NtUserSetImeOwnerWindow

Status: Not hooked

 

#: 519 Function Name: NtUserSetInformationProcess

Status: Not hooked

 

#: 520 Function Name: NtUserSetInformationThread

Status: Not hooked

 

#: 521 Function Name: NtUserSetInternalWindowPos

Status: Not hooked

 

#: 522 Function Name: NtUserSetKeyboardState

Status: Not hooked

 

#: 523 Function Name: NtUserSetLogonNotifyWindow

Status: Not hooked

 

#: 524 Function Name: NtUserSetMenu

Status: Not hooked

 

#: 525 Function Name: NtUserSetMenuContextHelpId

Status: Not hooked

 

#: 526 Function Name: NtUserSetMenuDefaultItem

Status: Not hooked

 

#: 527 Function Name: NtUserSetMenuFlagRtoL

Status: Not hooked

 

#: 528 Function Name: NtUserSetObjectInformation

Status: Not hooked

 

#: 529 Function Name: NtUserSetParent

Status: Not hooked

 

#: 530 Function Name: NtUserSetProcessWindowStation

Status: Not hooked

 

#: 531 Function Name: NtUserSetProp

Status: Not hooked

 

#: 532 Function Name: NtUserSetRipFlags

Status: Not hooked

 

#: 533 Function Name: NtUserSetScrollInfo

Status: Not hooked

 

#: 534 Function Name: NtUserSetShellWindowEx

Status: Not hooked

 

#: 535 Function Name: NtUserSetSysColors

Status: Not hooked

 

#: 536 Function Name: NtUserSetSystemCursor

Status: Not hooked

 

#: 537 Function Name: NtUserSetSystemMenu

Status: Not hooked

 

#: 538 Function Name: NtUserSetSystemTimer

Status: Not hooked

 

#: 539 Function Name: NtUserSetThreadDesktop

Status: Not hooked

 

#: 540 Function Name: NtUserSetThreadLayoutHandles

Status: Not hooked

 

#: 541 Function Name: NtUserSetThreadState

Status: Not hooked

 

#: 542 Function Name: NtUserSetTimer

Status: Not hooked

 

#: 543 Function Name: NtUserSetWindowFNID

Status: Not hooked

 

#: 544 Function Name: NtUserSetWindowLong

Status: Not hooked

 

#: 545 Function Name: NtUserSetWindowPlacement

Status: Not hooked

 

#: 546 Function Name: NtUserSetWindowPos

Status: Not hooked

 

#: 547 Function Name: NtUserSetWindowRgn

Status: Not hooked

 

#: 548 Function Name: NtUserSetWindowsHookAW

Status: Not hooked

 

#: 549 Function Name: NtUserSetWindowsHookEx

Status: Not hooked

 

#: 550 Function Name: NtUserSetWindowStationUser

Status: Not hooked

 

#: 551 Function Name: NtUserSetWindowWord

Status: Not hooked

 

#: 552 Function Name: NtUserSetWinEventHook

Status: Not hooked

 

#: 553 Function Name: NtUserShowCaret

Status: Not hooked

 

#: 554 Function Name: NtUserShowScrollBar

Status: Not hooked

 

#: 555 Function Name: NtUserShowWindow

Status: Not hooked

 

#: 556 Function Name: NtUserShowWindowAsync

Status: Not hooked

 

#: 557 Function Name: NtUserSoundSentry

Status: Not hooked

 

#: 558 Function Name: NtUserSwitchDesktop

Status: Not hooked

 

#: 559 Function Name: NtUserSystemParametersInfo

Status: Not hooked

 

#: 560 Function Name: NtUserTestForInteractiveUser

Status: Not hooked

 

#: 561 Function Name: NtUserThunkedMenuInfo

Status: Not hooked

 

#: 562 Function Name: NtUserThunkedMenuItemInfo

Status: Not hooked

 

#: 563 Function Name: NtUserToUnicodeEx

Status: Not hooked

 

#: 564 Function Name: NtUserTrackMouseEvent

Status: Not hooked

 

#: 565 Function Name: NtUserTrackPopupMenuEx

Status: Not hooked

 

#: 566 Function Name: NtUserCalcMenuBar

Status: Not hooked

 

#: 567 Function Name: NtUserPaintMenuBar

Status: Not hooked

 

#: 568 Function Name: NtUserTranslateAccelerator

Status: Not hooked

 

#: 569 Function Name: NtUserTranslateMessage

Status: Not hooked

 

#: 570 Function Name: NtUserUnhookWindowsHookEx

Status: Not hooked

 

#: 571 Function Name: NtUserUnhookWinEvent

Status: Not hooked

 

#: 572 Function Name: NtUserUnloadKeyboardLayout

Status: Not hooked

 

#: 573 Function Name: NtUserUnlockWindowStation

Status: Not hooked

 

#: 574 Function Name: NtUserUnregisterClass

Status: Not hooked

 

#: 575 Function Name: NtUserUnregisterUserApiHook

Status: Not hooked

 

#: 576 Function Name: NtUserUnregisterHotKey

Status: Not hooked

 

#: 577 Function Name: NtUserUpdateInputContext

Status: Not hooked

 

#: 578 Function Name: NtUserUpdateInstance

Status: Not hooked

 

#: 579 Function Name: NtUserUpdateLayeredWindow

Status: Not hooked

 

#: 580 Function Name: NtUserGetLayeredWindowAttributes

Status: Not hooked

 

#: 581 Function Name: NtUserSetLayeredWindowAttributes

Status: Not hooked

 

#: 582 Function Name: NtUserUpdatePerUserSystemParameters

Status: Not hooked

 

#: 583 Function Name: NtUserUserHandleGrantAccess

Status: Not hooked

 

#: 584 Function Name: NtUserValidateHandleSecure

Status: Not hooked

 

#: 585 Function Name: NtUserValidateRect

Status: Not hooked

 

#: 586 Function Name: NtUserValidateTimerCallback

Status: Not hooked

 

#: 587 Function Name: NtUserVkKeyScanEx

Status: Not hooked

 

#: 588 Function Name: NtUserWaitForInputIdle

Status: Not hooked

 

#: 589 Function Name: NtUserWaitForMsgAndEvent

Status: Not hooked

 

#: 590 Function Name: NtUserWaitMessage

Status: Not hooked

 

#: 591 Function Name: NtUserWin32PoolAllocationStats

Status: Not hooked

 

#: 592 Function Name: NtUserWindowFromPoint

Status: Not hooked

 

#: 593 Function Name: NtUserYieldTask

Status: Not hooked

 

#: 594 Function Name: NtUserRemoteConnect

Status: Not hooked

 

#: 595 Function Name: NtUserRemoteRedrawRectangle

Status: Not hooked

 

#: 596 Function Name: NtUserRemoteRedrawScreen

Status: Not hooked

 

#: 597 Function Name: NtUserRemoteStopScreenUpdates

Status: Not hooked

 

#: 598 Function Name: NtUserCtxDisplayIOCtl

Status: Not hooked

 

#: 599 Function Name: NtGdiEngAssociateSurface

Status: Not hooked

 

#: 600 Function Name: NtGdiEngCreateBitmap

Status: Not hooked

 

#: 601 Function Name: NtGdiEngCreateDeviceSurface

Status: Not hooked

 

#: 602 Function Name: NtGdiEngCreateDeviceBitmap

Status: Not hooked

 

#: 603 Function Name: NtGdiEngCreatePalette

Status: Not hooked

 

#: 604 Function Name: NtGdiEngComputeGlyphSet

Status: Not hooked

 

#: 605 Function Name: NtGdiEngCopyBits

Status: Not hooked

 

#: 606 Function Name: NtGdiEngDeletePalette

Status: Not hooked

 

#: 607 Function Name: NtGdiEngDeleteSurface

Status: Not hooked

 

#: 608 Function Name: NtGdiEngEraseSurface

Status: Not hooked

 

#: 609 Function Name: NtGdiEngUnlockSurface

Status: Not hooked

 

#: 610 Function Name: NtGdiEngLockSurface

Status: Not hooked

 

#: 611 Function Name: NtGdiEngBitBlt

Status: Not hooked

 

#: 612 Function Name: NtGdiEngStretchBlt

Status: Not hooked

 

#: 613 Function Name: NtGdiEngPlgBlt

Status: Not hooked

 

#: 614 Function Name: NtGdiEngMarkBandingSurface

Status: Not hooked

 

#: 615 Function Name: NtGdiEngStrokePath

Status: Not hooked

 

#: 616 Function Name: NtGdiEngFillPath

Status: Not hooked

 

#: 617 Function Name: NtGdiEngStrokeAndFillPath

Status: Not hooked

 

#: 618 Function Name: NtGdiEngPaint

Status: Not hooked

 

#: 619 Function Name: NtGdiEngLineTo

Status: Not hooked

 

#: 620 Function Name: NtGdiEngAlphaBlend

Status: Not hooked

 

#: 621 Function Name: NtGdiEngGradientFill

Status: Not hooked

 

#: 622 Function Name: NtGdiEngTransparentBlt

Status: Not hooked

 

#: 623 Function Name: NtGdiEngTextOut

Status: Not hooked

 

#: 624 Function Name: NtGdiEngStretchBltROP

Status: Not hooked

 

#: 625 Function Name: NtGdiXLATEOBJ_cGetPalette

Status: Not hooked

 

#: 626 Function Name: NtGdiXLATEOBJ_iXlate

Status: Not hooked

 

#: 627 Function Name: NtGdiXLATEOBJ_hGetColorTransform

Status: Not hooked

 

#: 628 Function Name: NtGdiCLIPOBJ_bEnum

Status: Not hooked

 

#: 629 Function Name: NtGdiCLIPOBJ_cEnumStart

Status: Not hooked

 

#: 630 Function Name: NtGdiCLIPOBJ_ppoGetPath

Status: Not hooked

 

#: 631 Function Name: NtGdiEngDeletePath

Status: Not hooked

 

#: 632 Function Name: NtGdiEngCreateClip

Status: Not hooked

 

#: 633 Function Name: NtGdiEngDeleteClip

Status: Not hooked

 

#: 634 Function Name: NtGdiBRUSHOBJ_ulGetBrushColor

Status: Not hooked

 

#: 635 Function Name: NtGdiBRUSHOBJ_pvAllocRbrush

Status: Not hooked

 

#: 636 Function Name: NtGdiBRUSHOBJ_pvGetRbrush

Status: Not hooked

 

#: 637 Function Name: NtGdiBRUSHOBJ_hGetColorTransform

Status: Not hooked

 

#: 638 Function Name: NtGdiXFORMOBJ_bApplyXform

Status: Not hooked

 

#: 639 Function Name: NtGdiXFORMOBJ_iGetXform

Status: Not hooked

 

#: 640 Function Name: NtGdiFONTOBJ_vGetInfo

Status: Not hooked

 

#: 641 Function Name: NtGdiFONTOBJ_pxoGetXform

Status: Not hooked

 

#: 642 Function Name: NtGdiFONTOBJ_cGetGlyphs

Status: Not hooked

 

#: 643 Function Name: NtGdiFONTOBJ_pifi

Status: Not hooked

 

#: 644 Function Name: NtGdiFONTOBJ_pfdg

Status: Not hooked

 

#: 645 Function Name: NtGdiFONTOBJ_pQueryGlyphAttrs

Status: Not hooked

 

#: 646 Function Name: NtGdiFONTOBJ_pvTrueTypeFontFile

Status: Not hooked

 

#: 647 Function Name: NtGdiFONTOBJ_cGetAllGlyphHandles

Status: Not hooked

 

#: 648 Function Name: NtGdiSTROBJ_bEnum

Status: Not hooked

 

#: 649 Function Name: NtGdiSTROBJ_bEnumPositionsOnly

Status: Not hooked

 

#: 650 Function Name: NtGdiSTROBJ_bGetAdvanceWidths

Status: Not hooked

 

#: 651 Function Name: NtGdiSTROBJ_vEnumStart

Status: Not hooked

 

#: 652 Function Name: NtGdiSTROBJ_dwGetCodePage

Status: Not hooked

 

#: 653 Function Name: NtGdiPATHOBJ_vGetBounds

Status: Not hooked

 

#: 654 Function Name: NtGdiPATHOBJ_bEnum

Status: Not hooked

 

#: 655 Function Name: NtGdiPATHOBJ_vEnumStart

Status: Not hooked

 

#: 656 Function Name: NtGdiPATHOBJ_vEnumStartClipLines

Status: Not hooked

 

#: 657 Function Name: NtGdiPATHOBJ_bEnumClipLines

Status: Not hooked

 

#: 658 Function Name: NtGdiGetDhpdev

Status: Not hooked

 

#: 659 Function Name: NtGdiEngCheckAbort

Status: Not hooked

 

#: 660 Function Name: NtGdiHT_Get8BPPFormatPalette

Status: Not hooked

 

#: 661 Function Name: NtGdiHT_Get8BPPMaskPalette

Status: Not hooked

 

#: 662 Function Name: NtGdiUpdateTransform

Status: Not hooked

 

#: 663 Function Name: NtGdiSetPUMPDOBJ

Status: Not hooked

 

#: 664 Function Name: NtGdiBRUSHOBJ_DeleteRbrush

Status: Not hooked

 

#: 665 Function Name: NtGdiUnmapMemFont

Status: Not hooked

 

#: 666 Function Name: NtGdiDrawStream

Status: Not hooked

Share this post


Link to post
Share on other sites

Thats all of them Nasdaq as the stealth objects and hidden services came up with a blank screen.

Thanks again regards Gary.

 

P.S. just one question; None of my media players will play wmv or mpeg 4 at the moment. Will the work we are doing fix this problem or have i not got the correct codecs for these files??

Share this post


Link to post
Share on other sites
P.S. just one question; None of my media players will play wmv or mpeg 4 at the moment. Will the work we are doing fix this problem or have i not got the correct codecs for these files??

 

Update you Media player. If still having difficulties then look for the codecs. Make sure you get it from a safe place.

Share this post


Link to post
Share on other sites

Hi Nasdaq, thank you for your reply.I only reinstalled vlc player very recently and have the most up to date version.

The problem may be codecs as its happening with all my players [windows media player, vlc and windows media classic].

The trouble is that i dont know what codecs i need. I have installed k-lite, direct show and have installed an update for win media player codecs [windows media video 9 vcm] but the problems persists.regards Gary.

Share this post


Link to post
Share on other sites

Glad we could help. :)

 

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  
Followers 0