Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Have "new" rootkit variant... who wants a challenge?


  • This topic is locked This topic is locked
3 replies to this topic

#1 pjvex86

pjvex86

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:10:17 AM

Posted 09 September 2009 - 06:54 PM

The only diagnostic/scanner that I was able to run was the System Repair Engineer. The link to my "triage" post is as follows:

http://www.bleepingcomputer.com/forums/t/255754/returned-still-infected-starting-over/

Hoping we can eradicate this. And I am hoping the worse case scenario is a new OS install (because I have tried that already 50 times). And if it comes to that, perhaps a step by step procedure to ensure an infection-free install might help. In the past I have wiped the drive and installed factory HP disks.... but the disk wipe utility either came from a CD I burned from an ISO (so therefore the CD might have been infected), or downloaded from the internet, which also it, too could have become infected. In either case this could presumably wipe the drive in part yet keep key boot secotr code or other things which basically allow the rootkit to remain.

Hoping for a good outcome to this since it has been 6 months of hell.

Pasting in aforementioned log. ~ OB

2009-09-09,12:34:49

System Repair Engineer 2.8.1.1279
Smallfrogs (http://www.KZTechs.com)

Windows Vista Ultimate Edition Service Pack 2 (Build 6002) - Administrative User - Completed Functions Allowed

Follow item(s) have been selected:
All Boot Items (Including Registry, Startup Folders, Services and so on)
Browser Add-ons
Running Processes (Including process model information)
File Associations
Winsock Provider
Autorun.Inf
HOSTS File
Process Privileges Scan
Scheduled Tasks
Windows Security Update Check
API HOOK
Hidden Process


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
[(Verified)Microsoft Windows]
<"C:\Program Files\uTorrent\uTorrent.exe"> [(Verified)BitTorrent Inc]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<"C:\Program Files\Update Checker\UpdateChecker.exe" /background> [FileHippo.com]
[]
<"C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun> [File is missing]
<%ProgramFiles%\IDT\WDM\sttray.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
[Microsoft Corporation]
[(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
[(Verified)Microsoft Windows]
[(Verified)Stardock Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [Microsoft Corporation]
<{E31004D1-A431-41B8-826F-E902F9D95C81}><%SystemRoot%\System32\DreamScene.dll> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
[(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
[(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
<"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
<%SystemRoot%\system32\soundschemes.exe /AddRegistration> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
[(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
[(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
[(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
<%SystemRoot%\system32\soundschemes2.exe /AddRegistration> [Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
[(Verified)Microsoft Windows]

==================================
Startup Folders
[3duserpic.exe]
C:\Windows\GLOBAL~1\ANIMAT~1\3DUSER~1.EXE [Andreas Verhoeven]>
[ram]
[File is missing]>
[3duserpic.exe]
C:\Windows\GLOBAL~1\ANIMAT~1\3DUSER~1.EXE [Andreas Verhoeven]>
[ram]
[File is missing]>

==================================
Services
[Andrea ST Filters Service / AESTFilters][Running/Auto Start]

[AMD External Events Utility / AMD External Events Utility][Running/Auto Start]

[Diskeeper / Diskeeper][Running/Auto Start]
<"C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe">
[Shell Hardware Detection / ShellHWDetection][Running/Auto Start]
%SystemRoot%\System32\shsvcs.dll>
[Audio Service / STacSV][Running/Auto Start]

[Themes / Themes][Running/Auto Start]
%SystemRoot%\system32\shsvcs.dll>

==================================
Drivers
[adp94xx / adp94xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\adp94xx.sys>
[adpahci / adpahci][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpahci.sys>
[adpu160m / adpu160m][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpu160m.sys>
[adpu320 / adpu320][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpu320.sys>
[aic78xx / aic78xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\djsvs.sys>
[aliide / aliide][Stopped/Disabled]
<\SystemRoot\system32\drivers\aliide.sys>
[arc / arc][Stopped/Disabled]
<\SystemRoot\system32\drivers\arc.sys>
[arcsas / arcsas][Stopped/Disabled]
<\SystemRoot\system32\drivers\arcsas.sys>
[ATI Function Driver for HDMI Service / AtiHdmiService][Running/Manual Start]

[atikmdag / atikmdag][Running/Manual Start]

[Broadcom 802.11 Network Adapter Driver / BCM43XX][Running/Manual Start]

[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brfiltlo.sys>
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brfiltup.sys>
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled]
<\SystemRoot\system32\drivers\brserid.sys>
[Brother WDM Serial driver / BrSerWdm][Stopped/Disabled]
<\SystemRoot\system32\drivers\brserwdm.sys>
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled]
<\SystemRoot\system32\drivers\brusbmdm.sys>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brusbser.sys>
[cmdide / cmdide][Stopped/Disabled]
<\SystemRoot\system32\drivers\cmdide.sys>
[Intel® PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start]

[elxstor / elxstor][Stopped/Disabled]
<\SystemRoot\system32\drivers\elxstor.sys>
[HpCISSs / HpCISSs][Stopped/Disabled]
<\SystemRoot\system32\drivers\hpcisss.sys>
[Intel RAID Controller Vista / iaStorV][Stopped/Disabled]
<\SystemRoot\system32\drivers\iastorv.sys>
[iirsp / iirsp][Stopped/Disabled]
<\SystemRoot\system32\drivers\iirsp.sys>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]

[ISO DVD/CD-ROM Device Driver / ISODrive][Running/System Start]
<\??\C:\Program Files\UltraISO\drivers\ISODrive.sys>
[ITEATAPI_Service_Install / iteatapi][Stopped/Disabled]
<\SystemRoot\system32\drivers\iteatapi.sys>
[ITERAID_Service_Install / iteraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\iteraid.sys>
[JMCR / JMCR][Running/Manual Start]

[LSI_FC / LSI_FC][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_fc.sys>
[LSI_SAS / LSI_SAS][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_sas.sys>
[LSI_SCSI / LSI_SCSI][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_scsi.sys>
[megasas / megasas][Stopped/Disabled]
<\SystemRoot\system32\drivers\megasas.sys>
[MegaSR / MegaSR][Stopped/Disabled]
<\SystemRoot\system32\drivers\megasr.sys>
[Mraid35x / Mraid35x][Stopped/Disabled]
<\SystemRoot\system32\drivers\mraid35x.sys>
[nfrd960 / nfrd960][Stopped/Disabled]
<\SystemRoot\system32\drivers\nfrd960.sys>
[N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled]
<\SystemRoot\system32\drivers\ntrigdigi.sys>
[NVIDIA nForce RAID Driver / nvraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\nvraid.sys>
[nvstor / nvstor][Stopped/Disabled]
<\SystemRoot\system32\drivers\nvstor.sys>
[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]

[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]

[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys>
[QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled]
<\SystemRoot\system32\drivers\ql2300.sys>
[QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\ql40xx.sys>
[Realtek 8169 NT Driver / RTL8169][Running/Manual Start]

[SiSRaid4 / SiSRaid4][Stopped/Disabled]
<\SystemRoot\system32\drivers\sisraid4.sys>
[IDT High Definition Audio CODEC / STHDA][Running/Manual Start]

[Symc8xx / Symc8xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\symc8xx.sys>
[Sym_hi / Sym_hi][Stopped/Disabled]
<\SystemRoot\system32\drivers\sym_hi.sys>
[Sym_u3 / Sym_u3][Stopped/Disabled]
<\SystemRoot\system32\drivers\sym_u3.sys>
[uliahci / uliahci][Stopped/Disabled]
<\SystemRoot\system32\drivers\uliahci.sys>
[UlSata / UlSata][Stopped/Disabled]
<\SystemRoot\system32\drivers\ulsata.sys>
[ulsata2 / ulsata2][Stopped/Disabled]
<\SystemRoot\system32\drivers\ulsata2.sys>
[AMD USB Filter Driver / usbfilter][Running/Manual Start]

[viaide / viaide][Stopped/Disabled]
<\SystemRoot\system32\drivers\viaide.sys>
[vsmraid / vsmraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\vsmraid.sys>

==================================
Browser Add-ons
[]
{02478D38-C3F9-4efb-9B51-7695ECA05670} <, >
[Java™ Plug-In 2 SSV Helper]
{DBC80044-A445-435b-BC74-9C25C1C588A9}
[&Research]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}
[Java Plug-in 1.6.0_13]
{8AD9C840-044E-11D1-B3E9-00805F499D93}
[Java Plug-in 1.6.0_13]
{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[Java Plug-in 1.6.0_13]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
[]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} <, >
[]
{5C255C8A-E604-49B4-9D64-90988571CECB} <, >
[]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <, >
[]
{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} <, >
[E&xport to Microsoft Excel]


==================================
Running Processes
[PID: 536 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 6.0.6002.18005 (lh_sp2rtm.090410-1830)]
[PID: 668 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 700 / SYSTEM][C:\Windows\system32\wininit.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 720 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 752 / SYSTEM][C:\Windows\system32\services.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 764 / SYSTEM][C:\Windows\system32\lsass.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 776 / SYSTEM][C:\Windows\system32\lsm.exe] [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 900 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 956 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 988 / SYSTEM][C:\Windows\system32\atiesrxx.exe] [AMD, 6.14.11.1033]
[PID: 1044 / SYSTEM][C:\Windows\system32\winlogon.exe] [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[C:\Windows\system32\SHSVCS.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\uxtheme.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1080 / LOCAL SERVICE][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\stapo.dll] [IDT, Inc., 1.0.6087.0]
[C:\Windows\system32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo32.dll] [SRS Labs, Inc., 1, 2, 2, 0]
[C:\Windows\system32\SHELL32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 1104 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\SHELL32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[c:\windows\system32\UxTheme.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1120 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[c:\windows\system32\shsvcs.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\UxTheme.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\SHELL32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 1220 / SYSTEM][C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e7ea6efc\STacSV.exe] [IDT, Inc., 1.0.6087.0]
[C:\Windows\system32\stapi32.dll] [IDT, Inc., 1.0.6087.0]
[PID: 1444 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1460 / NETWORK SERVICE][C:\Windows\system32\SLsvc.exe] [(Verified) Microsoft Corporation, 6.0.6002.18005 (lh_sp2rtm.090410-1830)]
[PID: 1496 / SYSTEM][C:\Windows\system32\atieclxx.exe] [AMD, 6.14.11.1033]
[C:\Windows\system32\atiadlxx.dll] [Advanced Micro Devices, Inc., 6.14.10.1050]
[C:\Windows\system32\uxtheme.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1516 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\SHELL32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 1596 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\SHELL32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 1780 / SYSTEM][C:\Windows\system32\WLANExt.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\System32\bcmihvsrv.dll] [Broadcom Corporation, 5.10.79.5]
[C:\Windows\system32\UxTheme.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1812 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\SHELL32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 1952 / SYSTEM][C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_e7ea6efc\aestsrv.exe] [Andrea Electronics Corporation, 1.0.32.3]
[PID: 1972 / SYSTEM][C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe] [Diskeeper Corporation, 13.0.835.0]
[C:\Program Files\Diskeeper Corporation\Diskeeper\MJS.dll] [Diskeeper Corporation, 2.0.93.0]
[C:\Windows\system32\SHELL32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[C:\Program Files\Diskeeper Corporation\Diskeeper\PrFacade.dll] [Diskeeper Corporation, 13.0.835.0]
[C:\Program Files\Diskeeper Corporation\Diskeeper\DKLib.dll] [Diskeeper Corporation, 13.0.835.0]
[C:\Program Files\Diskeeper Corporation\Diskeeper\Tab.dll] [Diskeeper Corporation, 3.0.39.0]
[C:\Program Files\Diskeeper Corporation\Diskeeper\1033\DkRes.dll] [Diskeeper Corporation, 13.0.835.0]
[C:\Program Files\Diskeeper Corporation\Diskeeper\DkTabProvider.dll] [Diskeeper Corporation, 13.0.835.0]
[C:\Program Files\Common Files\Diskeeper Corporation\MJS\MJSCR.dll] [Diskeeper Corporation, 2.0.93.0]
[C:\Program Files\Diskeeper Corporation\Diskeeper\NsIfaastMeas.dll] [Diskeeper Corporation, 13.0.835.0]
[C:\Program Files\Diskeeper Corporation\Diskeeper\NsNtfsAutoAnalyze.dll] [Diskeeper Corporation, 13.0.835.0]
[C:\Program Files\Diskeeper Corporation\Diskeeper\NsFatAutoAnalyze.dll] [Diskeeper Corporation, 13.0.835.0]
[C:\Program Files\Diskeeper Corporation\Diskeeper\NsFatStd.dll] [Diskeeper Corporation, 13.0.835.0]
[PID: 644 / Administrator][C:\Windows\system32\taskeng.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\SHELL32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[C:\Windows\system32\uxtheme.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\atitmmxx.dll] [AMD, 6, 14, 11, 22]
[C:\Windows\system32\atipdlxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2556]
[PID: 2088 / Administrator][C:\Windows\system32\Dwm.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\UxTheme.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2120 / Administrator][C:\Windows\Explorer.EXE] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\SHELL32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[C:\Windows\system32\UxTheme.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\BROWSEUI.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\authui.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[C:\Windows\Globalization\Animated User Pic\starthook.dll] [Andreas Verhoeven, 2, 4, 0, 0]
[C:\Program Files\LClock\LC.dll] [N/A, ]
[C:\Windows\System32\l3codeca.acm] [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0401]
[C:\Windows\system32\ac3acm.acm] [fccHandler, 1, 40, 0, 0]
[C:\Windows\system32\lameACM.acm] [http://www.mp3dev.org/, 0.9.2]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\Program Files\Notepad++\nppcm.dll] [Burgaud.com, 1.3]
[C:\Program Files\Stardock\Object Desktop\IconPackager\shellext.dll] [Stardock Corporation, 3.20.00]
[C:\Program Files\7-Zip\7-zip.dll] [Igor Pavlov, 4.65]
[C:\Windows\system32\atiumdag.dll] [ATI Technologies Inc. , 8.14.10.0678]
[C:\Windows\system32\atiumdva.dll] [ATI Technologies Inc. , 8.14.10.0228]
[C:\Windows\system32\stapi32.dll] [IDT, Inc., 1.0.6087.0]
[PID: 2160 / SYSTEM][C:\Windows\system32\taskeng.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\SHELL32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 2308 / Administrator][C:\Program Files\Update Checker\UpdateChecker.exe] [FileHippo.com, 1.031.0.0]
[C:\Windows\system32\UxTheme.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\SHELL32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3aac7b97549d4ccf0c7dca3d1777f9b4\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System\34942db56010e4225825bfae8a27559f\System.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\e13c52c87b2fa9db839dfac3012dadd5\Microsoft.VisualBasic.ni.dll] [Microsoft Corporation, 8.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\07e39e61fd6133a92333a2c98f2ffeb7\System.Drawing.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\b0be4ac8da47fbf783dabd1505e6c55e\System.Windows.Forms.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e515919524c6be56f55ad12fbdd23c19\System.Runtime.Remoting.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\207b1e1e2254c7a308efe4f903e52ce2\System.Configuration.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\49431ce6d568de0bafdb1b25d3942723\System.Xml.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\27b0a88bfa56a9390f516b0fa55f3dcb\System.Web.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[PID: 2316 / Administrator][C:\Program Files\LClock\LClock.exe] [, 1, 0, 0, 1]
[C:\Windows\system32\SHELL32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[C:\Program Files\LClock\LC.dll] [N/A, ]
[C:\Windows\system32\UxTheme.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Program Files\LClock\Calendar.dll] [N/A, ]
[PID: 2352 / Administrator][C:\Program Files\IDT\WDM\sttray.exe] [IDT, Inc., 1.0.6087.0]
[C:\Program Files\IDT\WDM\STLang.dll] [IDT, Inc., 1.0.6087.0]
[C:\Windows\system32\SHELL32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[C:\Windows\system32\uxtheme.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\stapi32.dll] [IDT, Inc., 1.0.6087.0]
[PID: 2416 / Administrator][C:\Windows\Globalization\Animated User Pic\3duserpic.exe] [Andreas Verhoeven, 1, 0, 0, 1]
[C:\Windows\system32\uxtheme.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\Globalization\Animated User Pic\starthook.dll] [Andreas Verhoeven, 2, 4, 0, 0]
[C:\Windows\system32\SHELL32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 2444 / Administrator][C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe] [Advanced Micro Devices Inc., 2.0.0.0]
[C:\Windows\system32\shell32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3aac7b97549d4ccf0c7dca3d1777f9b4\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\system32\uxtheme.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System\34942db56010e4225825bfae8a27559f\System.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\07e39e61fd6133a92333a2c98f2ffeb7\System.Drawing.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\b0be4ac8da47fbf783dabd1505e6c55e\System.Windows.Forms.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3470.20910__90ba9c70f846762e\MOM.Implementation.dll] [Advanced Micro Devices Inc., 2.0.3470.20910]
[C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3428.28296__90ba9c70f846762e\LOG.Foundation.dll] [Advanced Micro Devices Inc., 2.0.3428.28296]
[C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\LOG.Foundation.Private.dll] [Advanced Micro Devices Inc., 2.0.3428.28303]
[C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3470.20908__90ba9c70f846762e\LOG.Foundation.Implementation.dll] [Advanced Micro Devices Inc., 2.0.3470.20908]
[C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3428.28310__90ba9c70f846762e\MOM.Foundation.dll] [Advanced Micro Devices Inc., 2.0.3428.28310]
[C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3428.28310__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll] [Advanced Micro Devices Inc., 2.0.3428.28310]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e515919524c6be56f55ad12fbdd23c19\System.Runtime.Remoting.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\27b0a88bfa56a9390f516b0fa55f3dcb\System.Web.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3470.20910__90ba9c70f846762e\CCC.Implementation.dll] [Advanced Micro Devices Inc., 2.0.3470.20910]
[C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3428.28297__90ba9c70f846762e\NEWAEM.Foundation.dll] [Advanced Micro Devices Inc., 2.0.3428.28297]
[PID: 3040 / Administrator][C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe] [ATI Technologies Inc., 2.0.0.0]
[C:\Windows\system32\shell32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3aac7b97549d4ccf0c7dca3d1777f9b4\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\system32\uxtheme.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System\34942db56010e4225825bfae8a27559f\System.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\07e39e61fd6133a92333a2c98f2ffeb7\System.Drawing.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\b0be4ac8da47fbf783dabd1505e6c55e\System.Windows.Forms.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3470.20910__90ba9c70f846762e\CCC.Implementation.dll] [Advanced Micro Devices Inc., 2.0.3470.20910]
[C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3428.28296__90ba9c70f846762e\LOG.Foundation.dll] [Advanced Micro Devices Inc., 2.0.3428.28296]
[C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3428.28310__90ba9c70f846762e\MOM.Foundation.dll] [Advanced Micro Devices Inc., 2.0.3428.28310]
[C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3428.28298__90ba9c70f846762e\CLI.Foundation.dll] [Advanced Micro Devices Inc., 2.0.3428.28298]
[C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3428.28310__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll] [Advanced Micro Devices Inc., 2.0.3428.28310]
[C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3470.20908__90ba9c70f846762e\LOG.Foundation.Implementation.dll] [Advanced Micro Devices Inc., 2.0.3470.20908]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e515919524c6be56f55ad12fbdd23c19\System.Runtime.Remoting.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\LOG.Foundation.Private.dll] [Advanced Micro Devices Inc., 2.0.3428.28303]
[C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3470.20910__90ba9c70f846762e\MOM.Implementation.dll] [Advanced Micro Devices Inc., 2.0.3470.20910]
[C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3470.20825__90ba9c70f846762e\CLI.Component.SkinFactory.dll] [Advanced Micro Devices Inc., 2.0.3470.20825]
[C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3428.28354__90ba9c70f846762e\CLI.Foundation.XManifest.dll] [Advanced Micro Devices Inc., 2.0.3428.28354]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\49431ce6d568de0bafdb1b25d3942723\System.Xml.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3470.20824__90ba9c70f846762e\CLI.Component.Runtime.dll] [Advanced Micro Devices, Inc., 2.0.3470.20824]
[C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll] [Advanced Micro Devices Inc., 2.0.3428.28311]
[C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3428.28301__90ba9c70f846762e\CLI.Foundation.Private.dll] [Advanced Micro Devices Inc., 2.0.3428.28301]
[C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3428.28303__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28303]
[C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll] [Advanced Micro Devices Inc., 2.0.0.0]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll] [Advanced Micro Devices, Inc., 2.0.3299.28586]
[C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3470.20822__90ba9c70f846762e\AEM.Server.dll] [Advanced Micro Devices Inc., 2.0.3470.20822]
[C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3428.28297__90ba9c70f846762e\NEWAEM.Foundation.dll] [Advanced Micro Devices Inc., 2.0.3428.28297]
[C:\Windows\system32\atiadlxx.dll] [Advanced Micro Devices, Inc., 6.14.10.1050]
[C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Server.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28304]
[C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3470.20921__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll] [Advanced Micro Devices Inc., 2.0.3470.20921]
[C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28327]
[C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28304]
[C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28311]
[C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll] [ATI Technologies Inc., 2.0.2573.17685]
[C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll] [ATI Technologies Inc., 2.0.2573.17684]
[C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3428.28324__90ba9c70f846762e\DEM.Graphics.dll] [Advanced Micro Devices Inc., 2.0.3428.28324]
[C:\Windows\system32\ATIDEMGX.dll] [Advanced Micro Devices, Inc., 2.0.3470.22105]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\207b1e1e2254c7a308efe4f903e52ce2\System.Configuration.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\system32\atipdlxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2556]
[C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3470.20928__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll] [Advanced Micro Devices Inc., 2.0.3470.20928]
[C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3470.20927__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll] [Advanced Micro Devices Inc., 2.0.3470.20927]
[C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3428.28302__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28302]
[C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3428.28305__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll] [Advanced Mirco Devices, Inc., 2.0.3428.28305]
[C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3470.20826__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll] [Advanced Mirco Devices, Inc., 2.0.3470.20826]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll] [Advanced Micro Devices, Inc., 2.0.2743.23304]
[C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28327]
[C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll] [Advanced Micro Devices, Inc., 2.0.3428.28303]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll] [Advanced Micro Devices, Inc., 2.0.3015.27871]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3470.20878__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll] [Advanced Micro Devices Inc., 2.0.3470.20878]
[C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3428.28316__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll] [Advanced Micro Devices Inc., 2.0.3428.28316]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28315]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3428.28311__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28311]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll] [Advanced Micro Devices, Inc., 2.0.3057.24943]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3470.20896__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll] [Advanced Micro Devices Inc., 2.0.3470.20896]
[C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll] [Advanced Micro Devices, Inc., 2.0.2743.23304]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3428.28316__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28316]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3428.28309__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28309]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3470.20835__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll] [Advanced Micro Devices Inc., 2.0.3470.20835]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28312]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3470.20850__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll] [Advanced Micro Devices Inc., 2.0.3470.20850]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28313]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3470.20875__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll] [Advanced Micro Devices Inc., 2.0.3470.20875]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28314]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3470.20870__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll] [Advanced Micro Devices Inc., 2.0.3470.20870]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28314]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3470.20876__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll] [Advanced Micro Devices, Inc., 2.0.3470.20876]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28312]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3470.20869__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll] [Advanced Micro Devices, Inc., 2.0.3470.20869]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28314]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3470.20882__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll] [Advanced Micro Devices Inc., 2.0.3470.20882]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28315]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3470.20870__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll] [Advanced Micro Devices Inc., 2.0.3470.20870]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28314]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3470.20869__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll] [Advanced Micro Devices, Inc., 2.0.3470.20869]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3470.20914__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll] [Advanced Micro Devices Inc., 2.0.3470.20914]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3428.28323__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28323]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll] [Advanced Micro Devices, Inc., 2.0.2939.20866]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll] [Advanced Micro Devices, Inc., 2.0.3286.19924]
[C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3470.20824__90ba9c70f846762e\APM.Server.dll] [Advanced Micro Devices, Inc., 2.0.3470.20824]
[C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3428.28310__90ba9c70f846762e\APM.Foundation.dll] [Advanced Micro Devices Inc., 2.0.3428.28310]
[C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\27b0a88bfa56a9390f516b0fa55f3dcb\System.Web.ni.dll] [Microsoft Corporation, 2.0.50727.4016 (NetFxQFE.050727-4000)]
[C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3470.20822__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll] [Advanced Micro Devices Inc., 2.0.3470.20822]
[C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3428.28329__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28329]
[C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28311]
[C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3470.20904__90ba9c70f846762e\CLI.Component.Systemtray.dll] [Advanced Micro Devices Inc., 2.0.3470.20904]
[C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll] [Advanced Micro Devices, Inc., 2.0.3428.28308]
[C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3470.20840__90ba9c70f846762e\CLI.Component.Wizard.dll] [Advanced Micro Devices, Inc., 2.0.3470.20840]
[C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3428.28302__90ba9c70f846762e\CLI.Component.Client.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28302]
[C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28308]
[C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll] [Advanced Micro Devices Inc., 2.0.3428.28311]
[C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3470.20840__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll] [Advanced Micro Devices Inc., 2.0.3470.20840]
[C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28313]
[C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3470.20939__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll] [Advanced Micro Devices, Inc., 2.0.3470.20939]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3470.20915__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll] [Advanced Micro Devices Inc., 2.0.3470.20915]
[C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll] [, 2.0.2477.16262]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3428.28324__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28324]
[C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll] [ , 1.0.0.0]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3470.20883__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll] [Advanced Micro Devices Inc., 2.0.3470.20883]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3470.20891__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll] [Advanced Micro Devices Inc., 2.0.3470.20891]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3470.20851__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll] [Advanced Micro Devices Inc., 2.0.3470.20851]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3470.20845__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll] [Advanced Micro Devices Inc., 2.0.3470.20845]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3470.20846__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll] [Advanced Micro Devices Inc., 2.0.3470.20846]
[C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3470.20931__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll] [Advanced Micro Devices Inc., 2.0.3470.20931]
[C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3470.20831__90ba9c70f846762e\CLI.Component.Dashboard.dll] [Advanced Micro Devices, Inc., 2.0.3470.20831]
[C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3428.28304__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28304]
[C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3428.28309__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll] [Advanced Micro Devices Inc., 2.0.3428.28309]
[C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3470.20835__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll] [Advanced Micro Devices Inc., 2.0.3470.20835]
[C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll] [Advanced Micro Devices Inc., 2.0.3428.28312]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3470.20916__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll] [Advanced Mirco Devices, Inc., 2.0.3470.20916]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3470.20846__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll] [Advanced Micro Devices Inc., 2.0.3470.20846]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3470.20941__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll] [Advanced Micro Devices, Inc., 2.0.3470.20941]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll] [, 1.0.0.0]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3470.20876__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll] [Advanced Micro Devices Inc., 2.0.3470.20876]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3470.20870__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll] [Advanced Micro Devices Inc., 2.0.3470.20870]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3470.20877__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll] [Advanced Micro Devices, Inc., 2.0.3470.20877]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3470.20865__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll] [Advanced Micro Devices, Inc., 2.0.3470.20865]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3470.20883__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll] [Advanced Micro Devices Inc., 2.0.3470.20883]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3470.20847__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll] [Advanced Micro Devices Inc., 2.0.3470.20847]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3470.20871__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll] [Advanced Micro Devices Inc., 2.0.3470.20871]
[C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3470.20915__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll] [Advanced Micro Devices Inc., 2.0.3470.20915]
[C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3470.20927__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll] [Advanced Micro Devices Inc., 2.0.3470.20927]
[PID: 3804 / Administrator][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.9.0.10]
[C:\Program Files\Mozilla Firefox\xul.dll] [Mozilla Foundation, 1.9.0.10]
[C:\Program Files\Mozilla Firefox\sqlite3.dll] [sqlite.org, 3.5.9]
[C:\Program Files\Mozilla Firefox\MOZCRT19.dll] [Mozilla Foundation, 8.00.0000]
[C:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0]
[C:\Program Files\Mozilla Firefox\nspr4.dll] [Mozilla Foundation, 4.7.3]
[C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.12.2.0 Basic ECC]
[C:\Program Files\Mozilla Firefox\nss3.dll] [Mozilla Foundation, 3.12.2.0 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssutil3.dll] [Mozilla Foundation, 3.12.2.0 Basic ECC]
[C:\Program Files\Mozilla Firefox\plc4.dll] [Mozilla Foundation, 4.7.3]
[C:\Program Files\Mozilla Firefox\plds4.dll] [Mozilla Foundation, 4.7.3]
[C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.12.2.0 Basic ECC]
[C:\Windows\system32\SHELL32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[C:\Program Files\Mozilla Firefox\xpcom.dll] [Mozilla Foundation, 1.9.0.10]
[C:\Windows\system32\uxtheme.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll] [Mozilla Foundation, 1.9.0.10]
[C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\jo4vzswd.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metricsloader.dll] [N/A, ]
[C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\jo4vzswd.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\metrics-ff3.dll] [N/A, ]
[C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll] [Mozilla Foundation, 1.9.0.10]
[C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\jo4vzswd.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll] [N/A, ]
[C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\jo4vzswd.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll] [N/A, ]
[C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.12.2.0 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssdbm3.dll] [Mozilla Foundation, 3.12.2.0 Basic ECC]
[C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.12.2.0 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssckbi.dll] [Mozilla Foundation, 1.73]
[C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll] [Sun Microsystems, Inc., 6.0.130.3]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\PROGRA~1\Java\jre6\bin\client\jvm.dll] [Sun Microsystems, Inc., 11.3.0.02]
[C:\PROGRA~1\Java\jre6\bin\hpi.dll] [Sun Microsystems, Inc., 6.0.130.3]
[C:\PROGRA~1\Java\jre6\bin\verify.dll] [Sun Microsystems, Inc., 6.0.130.3]
[C:\PROGRA~1\Java\jre6\bin\java.dll] [Sun Microsystems, Inc., 6.0.130.3]
[C:\PROGRA~1\Java\jre6\bin\zip.dll] [Sun Microsystems, Inc., 6.0.130.3]
[C:\Program Files\Java\jre6\bin\jp2native.dll] [, ]
[C:\Program Files\Java\jre6\bin\deploy.dll] [Sun Microsystems, Inc., 6.0.130.3]
[C:\Program Files\Java\jre6\bin\msvcr71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Java\jre6\bin\net.dll] [Sun Microsystems, Inc., 6.0.130.3]
[C:\Program Files\Java\jre6\bin\nio.dll] [Sun Microsystems, Inc., 6.0.130.3]
[C:\Program Files\Java\jre6\bin\regutils.dll] [Sun Microsystems, Inc., 6.0.130.3]
[C:\Windows\system32\BROWSEUI.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 4060 / Administrator][C:\PROGRA~1\Java\jre6\bin\jp2launcher.exe] [Sun Microsystems, Inc., 6.0.130.3]
[C:\PROGRA~1\Java\jre6\bin\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Windows\system32\SHELL32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 4084 / Administrator][C:\Program Files\Java\jre6\bin\java.exe] [Sun Microsystems, Inc., 6.0.130.3]
[C:\Windows\system32\SHELL32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[C:\Program Files\Java\jre6\bin\msvcr71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Java\jre6\bin\client\jvm.dll] [Sun Microsystems, Inc., 11.3.0.02]
[C:\Program Files\Java\jre6\bin\hpi.dll] [Sun Microsystems, Inc., 6.0.130.3]
[C:\Program Files\Java\jre6\bin\verify.dll] [Sun Microsystems, Inc., 6.0.130.3]
[C:\Program Files\Java\jre6\bin\java.dll] [Sun Microsystems, Inc., 6.0.130.3]
[C:\Program Files\Java\jre6\bin\zip.dll] [Sun Microsystems, Inc., 6.0.130.3]
[C:\Program Files\Java\jre6\bin\jp2native.dll] [, ]
[C:\Program Files\Java\jre6\bin\deploy.dll] [Sun Microsystems, Inc., 6.0.130.3]
[C:\Program Files\Java\jre6\bin\regutils.dll] [Sun Microsystems, Inc., 6.0.130.3]
[C:\Program Files\Java\jre6\bin\net.dll] [Sun Microsystems, Inc., 6.0.130.3]
[C:\Program Files\Java\jre6\bin\nio.dll] [Sun Microsystems, Inc., 6.0.130.3]
[C:\Program Files\Java\jre6\bin\awt.dll] [Sun Microsystems, Inc., 6.0.130.3]
[C:\Windows\system32\uxtheme.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2660 / SYSTEM][C:\Windows\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 6.0.6002.18005 (lh_sp2rtm.090410-1830)]
[PID: 2328 / Administrator][C:\Program Files\WinRAR\WinRAR.exe] [N/A, ]
[C:\Windows\system32\SHELL32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[C:\Windows\system32\uxtheme.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\browseui.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1820 / Administrator][C:\Users\Administrator\Desktop\sre\SREngLdr.EXE] [Smallfrogs Studio, 2.8.1.1279]
[PID: 3872 / Administrator][C:\Users\Administrator\Desktop\sre\SRE8bd9c9ea.EXE] [Smallfrogs Studio, 2.8.1.1279]
[C:\Windows\system32\SHELL32.dll] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[C:\Windows\system32\uxtheme.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Users\Administrator\Desktop\sre\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]

==================================
File Associations
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["%SystemRoot%\hh.exe" %1]
.HLP OK. [%SystemRoot%\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*]
.JS Error. [C:\Windows\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1 localhost
::1 localhost
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com

==================================
Process Privileges Scan
Special Privileges Enabled: SeDebugPrivilege [PID = 2444, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE]
Special Privileges Enabled: SeDebugPrivilege [PID = 3040, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE]

==================================
Scheduled Tasks
[Disabled] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
N/A
[Enabled] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
N/A
[Enabled] \Microsoft\Windows\Bluetooth\UninstallDeviceTask
BthUdTask.exe $(Arg0)
[Enabled] \Microsoft\Windows\CertificateServicesClient\SystemTask
N/A
[Enabled] \Microsoft\Windows\CertificateServicesClient\UserTask
N/A
[Enabled] \Microsoft\Windows\CertificateServicesClient\UserTask-Roam
N/A
[Enabled] \Microsoft\Windows\Customer Experience Improvement Program\Consolidator
%SystemRoot%\System32\wsqmcons.exe
[Enabled] \Microsoft\Windows\Customer Experience Improvement Program\OptinNotification
%SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0
[Enabled] \Microsoft\Windows\Media Center\ehDRMInit
%SystemRoot%\ehome\ehPrivJob.exe /DRMInit
[Enabled] \Microsoft\Windows\Media Center\mcupdate
%SystemRoot%\ehome\mcupdate $(Arg0) -gc
[Enabled] \Microsoft\Windows\Media Center\OCURActivate
%SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
[Enabled] \Microsoft\Windows\Media Center\OCURDiscovery
%SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery
[Enabled] \Microsoft\Windows\Media Center\UpdateRecordPath
%SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
[Enabled] \Microsoft\Windows\MobilePC\HotStart
N/A
[Enabled] \Microsoft\Windows\MobilePC\TMM
N/A
[Enabled] \Microsoft\Windows\MUI\LPRemove
%windir%\system32\lpremove.exe
[Enabled] \Microsoft\Windows\Multimedia\SystemSoundsService
N/A
[Enabled] \Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
N/A
[Enabled] \Microsoft\Windows\Shell\CrawlStartPages
N/A
[Disabled] \Microsoft\Windows\SideShow\AutoWake
N/A
[Enabled] \Microsoft\Windows\SideShow\GadgetManager
N/A
[Disabled] \Microsoft\Windows\SideShow\SessionAgent
N/A
[Disabled] \Microsoft\Windows\SideShow\SystemDataProviders
N/A
[Enabled] \Microsoft\Windows\SystemRestore\SR
%windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
[Enabled] \Microsoft\Windows\Tcpip\IpAddressConflict1
rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
[Enabled] \Microsoft\Windows\Tcpip\IpAddressConflict2
rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
[Enabled] \Microsoft\Windows\UPnP\UPnPHostConfig
sc.exe config upnphost start= auto
[Enabled] \Microsoft\Windows\Windows Error Reporting\QueueReporting
%windir%\system32\wermgr.exe -queuereporting
[Enabled] \Microsoft\Windows\Wired\GatherWiredInfo
%windir%\system32\gatherWiredInfo.vbs
[Enabled] \Microsoft\Windows\Wireless\GatherWirelessInfo
%windir%\system32\gatherWirelessInfo.vbs

==================================
Windows Security Update Check
KB932926, BitLocker and EFS enhancements
KB932925, Hold Em Poker Game
KB941236, Windows DreamScene Content Pack Favorites
KB931133, Windows DreamScene Content Pack
KB944427, Windows DreamScene Content Pack #3
KB954955, Microsoft Tinker
KB944428, Windows DreamScene Content Pack #4
KB928439, Windows PowerShell 1.0 for Windows Vista (KB928439)
KB961501, Security Update for Windows Vista (KB961501) MS09-022
KB968537, Security Update for Windows Vista (KB968537) MS09-025
KB970238, Security Update for Windows Vista (KB970238) MS09-026
KB967632, Cumulative Update for Media Center for Windows Vista (KB967632)
KB943729, Group Policy Preference Client Side Extensions for Windows Vista (KB943729)
KB951847, Microsoft .NET Framework 3.5 Service Pack 1 and .NET Framework 3.5 Family Update (KB951847) x86
KB971183, Arabic Language Pack
KB971183, Bulgarian Language Pack
KB971183, Croatian Language Pack
KB971183, Czech Language Pack
KB971183, Danish Language Pack
KB971183, Estonian Language Pack
KB971183, Finnish Language Pack
KB971183, French Language Pack
KB971183, German Language Pack
KB971183, Greek Language Pack
KB971183, Hebrew Language Pack
KB971183, Hungarian Language Pack
KB971183, Italian Language Pack
KB971183, Spanish Language Pack
KB971183, Chinese (Simplified) Language Pack
KB971183, Chinese (Traditional) Language Pack
KB971183, Dutch Language Pack
KB971183, Japanese Language Pack
KB971183, Korean Language Pack
KB971183, Latvian Language Pack
KB971183, Lithuanian Language Pack
KB971183, Norwegian Language Pack
KB971183, Polish Language Pack
KB971183, Portuguese (Brazil) Language Pack
KB971183, Portuguese (Portugal) Language Pack
KB971183, Romanian Language Pack
KB971183, Russian Language Pack
KB971183, Serbian (Latin) Language Pack
KB971183, Slovak Language Pack
KB971183, Slovenian Language Pack
KB971183, Swedish Language Pack
KB971183, Thai Language Pack
KB971183, Turkish Language Pack
KB971183, Ukrainian Language Pack
KB961371, Security Update for Windows Vista (KB961371) MS09-029
KB973346, Cumulative Security Update for ActiveX Killbits for Windows Vista (KB973346) MS09-032
KB972260, Cumulative Security Update for Internet Explorer 8 for Windows Vista (KB972260) MS09-034
KB968389, Update for Windows Vista (KB968389)
KB971557, Security Update for Windows Vista (KB971557) MS09-038
KB973540, Security Update for Windows Vista (KB973540) MS09-037
KB956744, Security Update for Windows Vista (KB956744) MS09-044
KB973507, Security Update for Windows Vista (KB973507) MS09-037
KB971657, Security Update for Windows Vista (KB971657) MS09-041
KB970653, Update for Windows Vista (KB970653)
KB973768, Security Update for Windows Vista (KB973768) MS09-037
KB973874, Update for Internet Explorer 8 Compatibility View List for Windows Vista (KB973874)
KB972036, Update for Windows Vista (KB972036)
KB905866, Update for Windows Mail Junk E-mail Filter [September 2009] (KB905866)
KB967723, Security Update for Windows Vista (KB967723) MS09-048
KB970710, Security Update for Windows Vista (KB970710) MS09-049
KB890830, Windows Malicious Software Removal Tool - September 2009 (KB890830)
KB971961, Security Update for Jscript 5.8 for Windows Vista (KB971961) MS09-045
KB968816, Security Update for Windows Media Format Runtime 11 for Windows Vista (KB968816) MS09-047

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================

Edited by Orange Blossom, 09 September 2009 - 07:40 PM.


BC AdBot (Login to Remove)

 


#2 pjvex86

pjvex86
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:10:17 AM

Posted 15 September 2009 - 07:11 PM

I do not want to be rude or disobey any rules, but no one has given any initial reply to this thread in 8 days. Can someone help me?

#3 sempai

sempai

    noypi


  • Malware Response Team
  • 5,288 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:3 stars and a sun
  • Local time:12:17 AM

Posted 24 September 2009 - 08:24 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.  

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine.  Please perform the following scan:
  • Download DDS by sUBs from one of the following links.  Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool.  No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note:  You may have to disable any script protection running if the scan fails to run.  After downloading the tool, disconnect from the internet and disable all antivirus protection.  Run the scan, enable your A/V and reconnect to the internet.  

Information on A/V control HERE

~Semp

btn_donate_LG.gif
You can help me continue the fight against malware by making a donation, Thank you.

If I am helping you and I didn't reply within 48 hours... Please send me a private message.
Topics that are not replied within 5 days will be close. Please don't PM asking for support, post on the Forums instead.

Member of UNITE (Unified Network of Instructors and Trained Eliminators) 


#4 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:11:17 AM

Posted 30 September 2009 - 12:39 PM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users