StartupList report, 15/10/2006, 19:56:42 StartupList version 2.01.0 Started from: C:\Documents and Settings\dam\Desktop\StartupList.EXE Detected: Windows XP SP1 (WinNT 5.01.2600) Logged on as 'dam' to 'FOSROC-3YS4AJGZ' * Using default options (see end of log for possible options) ================================================== Running processes (31): [C:\Documents and Settings\dam\Desktop\StartupList.exe (49)] C:\Program Files\Internet Explorer\PLUGINS\system3.sys C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\asycfilt.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\system32\COMCTL32.dll C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\haotian.dLL C:\WINDOWS\system32\IMAGEHLP.DLL C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\mscomctl.ocx C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\msi.dll C:\WINDOWS\System32\Msimtf.dll C:\WINDOWS\System32\MSVBVM60.DLL C:\WINDOWS\System32\MSVCP60.dll C:\WINDOWS\system32\MSVCRT.DLL C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\PSAPI.DLL C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SSSensor.dll C:\WINDOWS\System32\SXS.DLL C:\WINDOWS\system32\URLMON.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\wbem\fastprox.dll C:\WINDOWS\System32\wbem\wbemcomn.dll C:\WINDOWS\System32\wbem\wbemdisp.dll C:\WINDOWS\System32\wbem\wbemprox.dll C:\WINDOWS\System32\wbem\wbemsvc.dll C:\WINDOWS\System32\wbem\wmiutils.dll C:\WINDOWS\system32\wininet.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\WSOCK32.DLL C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll [C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe (11)] C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\system32\MSVCRT.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\USP10.dll [C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe (31)] C:\Program Files\Internet Explorer\PLUGINS\system3.sys C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\haotian.dLL C:\WINDOWS\system32\IMAGEHLP.DLL C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\OLE32.DLL C:\WINDOWS\system32\oleaut32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SSSensor.dll C:\WINDOWS\system32\URLMON.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\wininet.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\WSOCK32.DLL C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll [C:\Program Files\Common Files\Real\Update_OB\realsched.exe (37)] C:\Program Files\Internet Explorer\PLUGINS\system3.sys C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\haotian.dLL C:\WINDOWS\system32\IMAGEHLP.DLL C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\System32\NTMARTA.DLL C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\oleaut32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\SAMLIB.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\system32\shell32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SSSensor.dll C:\WINDOWS\system32\URLMON.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\wininet.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\WSOCK32.DLL C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll [C:\Program Files\D-Link AirPlus\AirPlus.exe (34)] C:\Program Files\Internet Explorer\PLUGINS\system3.sys C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\COMCTL32.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\haotian.dLL C:\WINDOWS\system32\IMAGEHLP.DLL C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\MFC42.DLL C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\OLEPRO32.DLL C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SSSensor.dll C:\WINDOWS\system32\URLMON.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\wininet.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\WSOCK32.DLL C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll [C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.4884\GoogleToolbarNotifier.exe (46)] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.4884\res_en.dll C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.4884\swg.dll C:\Program Files\Internet Explorer\PLUGINS\system3.sys C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\haotian.dLL C:\WINDOWS\system32\IMAGEHLP.DLL C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\msi.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\NETAPI32.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\OLE32.DLL C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\PSAPI.DLL C:\WINDOWS\System32\RASAPI32.DLL C:\WINDOWS\System32\rasman.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\rtutils.dll C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\System32\sensapi.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SSSensor.dll C:\WINDOWS\System32\SXS.DLL C:\WINDOWS\System32\TAPI32.dll C:\WINDOWS\system32\URLMON.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\WINTRUST.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\WSOCK32.DLL C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe (55)] C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll C:\Program Files\Internet Explorer\PLUGINS\system3.sys C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\appHelp.dll C:\WINDOWS\System32\ATL.DLL C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\System32\CSCDLL.dll C:\WINDOWS\System32\cscui.dll C:\WINDOWS\System32\DNSAPI.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\haotian.dLL C:\WINDOWS\system32\IMAGEHLP.DLL C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\System32\iphlpapi.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LINKINFO.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\MSIMG32.dll C:\WINDOWS\System32\Msimtf.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\System32\NETAPI32.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\System32\ntshrui.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\oleaut32.dll C:\WINDOWS\System32\PSAPI.DLL C:\WINDOWS\System32\rasadhlp.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\System32\SHFOLDER.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SSSensor.dll C:\WINDOWS\system32\URLMON.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\wininet.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\winrnr.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\System32\WSOCK32.dll C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\COMCTL32.dll [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (22)] C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\System32\NTMARTA.DLL C:\WINDOWS\system32\ole32.dll C:\WINDOWS\System32\PSAPI.DLL C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\SAMLIB.dll C:\WINDOWS\System32\SHFOLDER.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll [C:\Program Files\iPod\bin\iPodService.exe (26)] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL C:\Program Files\iPod\bin\iPodService.Resources\zh_TW.lproj\iPodServiceLocalized.DLL C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\ATL.DLL C:\WINDOWS\System32\CFGMGR32.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\msi.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\NETAPI32.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\setupapi.dll C:\WINDOWS\System32\SXS.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\WINSTA.dll C:\WINDOWS\System32\Wtsapi32.dll [C:\Program Files\iTunes\iTunesHelper.exe (37)] C:\Program Files\Internet Explorer\PLUGINS\system3.sys C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\ATL.DLL C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\haotian.dLL C:\WINDOWS\system32\IMAGEHLP.DLL C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\msi.dll C:\WINDOWS\system32\MSVCRT.DLL C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SSSensor.dll C:\WINDOWS\System32\SXS.DLL C:\WINDOWS\system32\URLMON.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\WSOCK32.DLL C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll [C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe (27)] C:\Program Files\Internet Explorer\PLUGINS\system3.sys C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\Apphelp.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\haotian.dLL C:\WINDOWS\system32\IMAGEHLP.DLL C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\OLE32.DLL C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\URLMON.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\WSOCK32.DLL C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll [C:\Program Files\Mozilla Firefox\firefox.exe (63)] C:\PROGRA~1\MOZILL~1\nssckbi.dll C:\Program Files\Internet Explorer\PLUGINS\system3.sys C:\Program Files\Mozilla Firefox\components\jar50.dll C:\Program Files\Mozilla Firefox\js3250.dll C:\Program Files\Mozilla Firefox\nspr4.dll C:\Program Files\Mozilla Firefox\nss3.dll C:\Program Files\Mozilla Firefox\plc4.dll C:\Program Files\Mozilla Firefox\plds4.dll C:\Program Files\Mozilla Firefox\smime3.dll C:\Program Files\Mozilla Firefox\softokn3.dll C:\Program Files\Mozilla Firefox\ssl3.dll C:\Program Files\Mozilla Firefox\xpcom_compat.dll C:\Program Files\Mozilla Firefox\xpcom_core.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\appHelp.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\System32\CSCDLL.dll C:\WINDOWS\System32\cscui.dll C:\WINDOWS\System32\DNSAPI.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\haotian.dLL C:\WINDOWS\system32\IMAGEHLP.DLL C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\midimap.dll C:\WINDOWS\System32\MSACM32.dll C:\WINDOWS\System32\msacm32.drv C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\msimg32.dll C:\WINDOWS\System32\msimtf.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\rasadhlp.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SSSensor.dll C:\WINDOWS\system32\URLMON.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\wdmaud.drv C:\WINDOWS\system32\wininet.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\winrnr.dll C:\WINDOWS\System32\WINSPOOL.DRV C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\System32\WSOCK32.dll C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\COMCTL32.dll [C:\Program Files\MSN Messenger\MsnMsgr.Exe (65)] C:\Program Files\Internet Explorer\PLUGINS\system3.sys C:\Program Files\MSN Messenger\MSGSLANG.DLL C:\Program Files\MSN Messenger\msidcrl.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\System32\CRYPTNET.dll C:\WINDOWS\System32\devenum.dll C:\WINDOWS\System32\DNSAPI.dll C:\WINDOWS\System32\DSOUND.dll C:\WINDOWS\System32\es.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\haotian.dLL C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\System32\iphlpapi.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\MSACM32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\msdmo.dll C:\WINDOWS\System32\msi.dll C:\WINDOWS\System32\Msimtf.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\mswsock.dll C:\WINDOWS\System32\netapi32.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\PSAPI.DLL C:\WINDOWS\System32\rasadhlp.dll C:\WINDOWS\System32\RASAPI32.DLL C:\WINDOWS\System32\rasman.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\rsaenh.dll C:\WINDOWS\System32\rtutils.dll C:\WINDOWS\System32\secur32.dll C:\WINDOWS\System32\SensApi.dll C:\WINDOWS\System32\setupapi.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SSSensor.dll C:\WINDOWS\System32\SXS.DLL C:\WINDOWS\System32\TAPI32.dll C:\WINDOWS\system32\URLMON.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\userenv.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\winrnr.dll C:\WINDOWS\System32\WINSTA.dll C:\WINDOWS\System32\WINTRUST.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\System32\WSOCK32.DLL C:\WINDOWS\System32\wtsapi32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll [C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe (40)] C:\Program Files\Internet Explorer\PLUGINS\system3.sys C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\CoreDll.dll C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\Enforce.dll C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\FileAssoc.dll C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMC70U.DLL C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMReg.dll C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMVCP70.dll C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMVCR70.dll C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\TrackUtils.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\COMCTL32.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\haotian.dLL C:\WINDOWS\system32\IMAGEHLP.DLL C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\MFC70ENU.DLL C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\system32\MSVCRT.DLL C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SSSensor.dll C:\WINDOWS\system32\URLMON.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\wininet.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\WSOCK32.DLL C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll [C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe (32)] C:\Program Files\Internet Explorer\PLUGINS\system3.sys C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMVCP70.dll C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMVCR70.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\haotian.dLL C:\WINDOWS\system32\IMAGEHLP.DLL C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SSSensor.dll C:\WINDOWS\system32\URLMON.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\wininet.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\WSOCK32.DLL C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll [C:\Program Files\QuickTime\qttask.exe (31)] C:\Program Files\Internet Explorer\PLUGINS\system3.sys C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\haotian.dLL C:\WINDOWS\system32\IMAGEHLP.DLL C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\OLE32.DLL C:\WINDOWS\system32\oleaut32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SSSensor.dll C:\WINDOWS\system32\URLMON.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\wininet.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\WSOCK32.DLL C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll [C:\Program Files\Sygate\SPF\smc.exe (71)] C:\Program Files\Sygate\SPF\DataMan.dll C:\Program Files\Sygate\SPF\IdsTrafficPipe.dll C:\Program Files\Sygate\SPF\Netport.dll C:\Program Files\Sygate\SPF\PSSensor.dll C:\Program Files\Sygate\SPF\SpNet.dll C:\Program Files\Sygate\SPF\SyLink.dll C:\Program Files\Sygate\SPF\SyLog.dll C:\Program Files\Sygate\SPF\tfman.dll C:\Program Files\Sygate\SPF\Trident.dll C:\Program Files\Sygate\SPF\tse.dll C:\Program Files\Sygate\SPF\wgman.dll C:\Program Files\Sygate\SPF\wpsman.dll C:\Program Files\Sygate\SPF\wsman.dll C:\WINDOWS\System32\ACTIVEDS.dll C:\WINDOWS\System32\adsldpc.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\ATL.DLL C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\System32\DNSAPI.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\System32\iphlpapi.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\MPRAPI.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\mswsock.dll C:\WINDOWS\System32\NETAPI32.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\oledlg.dll C:\WINDOWS\System32\OLEPRO32.DLL C:\WINDOWS\System32\PsApi.dll C:\WINDOWS\System32\rasadhlp.dll C:\WINDOWS\System32\rasapi32.dll C:\WINDOWS\System32\rasman.dll C:\WINDOWS\System32\RICHED20.dll C:\WINDOWS\System32\RICHED32.DLL C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\rsaenh.dll C:\WINDOWS\System32\rtutils.dll C:\WINDOWS\System32\SAMLIB.dll C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\snmpapi.dll C:\WINDOWS\System32\SSSensor.dll C:\WINDOWS\System32\TAPI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\System32\VDMDBG.DLL C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\winrnr.dll C:\WINDOWS\System32\WINSPOOL.DRV C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\System32\WSOCK32.dll C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\COMCTL32.dll [C:\WINDOWS\Explorer.EXE (108)] C:\PROGRA~1\WINZIP\WZSHLSTB.DLL C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll C:\Program Files\Internet Explorer\PLUGINS\system3.sys C:\Program Files\Sony Ericsson\Mobile\File Manager\fmgrgui.dll C:\Program Files\Sony Ericsson\Mobile\File Manager\fmgrguil.dll C:\Program Files\WinRAR\rarext.dll C:\WINDOWS\System32\ACTIVEDS.dll C:\WINDOWS\System32\adsldpc.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\appHelp.dll C:\WINDOWS\System32\ATL.DLL C:\WINDOWS\System32\BatMeter.dll C:\WINDOWS\System32\browselc.dll C:\WINDOWS\System32\BROWSEUI.dll C:\WINDOWS\System32\CFGMGR32.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\credui.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\System32\CSCDLL.dll C:\WINDOWS\System32\cscui.dll C:\WINDOWS\System32\davclnt.dll C:\WINDOWS\System32\DNSAPI.dll C:\WINDOWS\System32\drprov.dll C:\WINDOWS\System32\DUSER.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\haotian.dLL C:\WINDOWS\system32\IMAGEHLP.DLL C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\iphlpapi.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LINKINFO.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\MFC71.DLL C:\WINDOWS\System32\midimap.dll C:\WINDOWS\system32\MPR.dll C:\WINDOWS\System32\MSACM32.dll C:\WINDOWS\System32\msacm32.drv C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\MSGINA.dll C:\WINDOWS\System32\msi.dll C:\WINDOWS\System32\MSIMG32.dll C:\WINDOWS\System32\Msimtf.dll C:\WINDOWS\System32\msutb.dll C:\WINDOWS\System32\MSVCP71.dll C:\WINDOWS\System32\MSVCR71.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\mswsock.dll C:\WINDOWS\System32\mydocs.dll C:\WINDOWS\System32\netapi32.dll C:\WINDOWS\System32\NETRAP.dll C:\WINDOWS\system32\NETSHELL.dll C:\WINDOWS\System32\NETUI0.dll C:\WINDOWS\System32\NETUI1.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\System32\ntlanman.dll C:\WINDOWS\System32\ntshrui.dll C:\WINDOWS\System32\ODBC32.dll C:\WINDOWS\System32\odbcint.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\POWRPROF.dll C:\WINDOWS\System32\printui.dll C:\WINDOWS\System32\rasadhlp.dll C:\WINDOWS\System32\RASAPI32.DLL C:\WINDOWS\System32\rasman.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\rsaenh.dll C:\WINDOWS\System32\rtutils.dll C:\WINDOWS\System32\SAMLIB.dll C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\System32\sensapi.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\System32\shdoclc.dll C:\WINDOWS\System32\SHDOCVW.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SSSensor.dll C:\WINDOWS\System32\sti.dll C:\WINDOWS\System32\stobject.dll C:\WINDOWS\System32\SXS.DLL C:\WINDOWS\System32\TAPI32.dll C:\WINDOWS\System32\themeui.dll C:\WINDOWS\system32\URLMON.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\UxTheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\wdmaud.drv C:\WINDOWS\System32\webcheck.dll C:\WINDOWS\system32\wininet.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\winrnr.dll C:\WINDOWS\System32\WINSPOOL.DRV C:\WINDOWS\System32\WINSTA.dll C:\WINDOWS\System32\WINTRUST.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\System32\WSOCK32.DLL C:\WINDOWS\System32\WTSAPI32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll [C:\WINDOWS\LTSMMSG.exe (32)] C:\Program Files\Internet Explorer\PLUGINS\system3.sys C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\haotian.dLL C:\WINDOWS\system32\IMAGEHLP.DLL C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\OLE32.DLL C:\WINDOWS\system32\oleaut32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SSSensor.dll C:\WINDOWS\system32\URLMON.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\wininet.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\WSOCK32.DLL C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll [C:\WINDOWS\System32\Ati2evxx.exe (15)] C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\System32\ole32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\System32\SSSensor.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll [C:\WINDOWS\System32\atiptaxx.exe (35)] C:\Program Files\Internet Explorer\PLUGINS\system3.sys C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\atipdsxx.dll C:\WINDOWS\System32\ATRPUIXX.ENU C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\haotian.dLL C:\WINDOWS\system32\IMAGEHLP.DLL C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\oleaut32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SSSensor.dll C:\WINDOWS\system32\URLMON.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\wininet.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\WSOCK32.DLL C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll [C:\WINDOWS\System32\ctfmon.exe (30)] C:\Program Files\Internet Explorer\PLUGINS\system3.sys C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\haotian.dLL C:\WINDOWS\system32\IMAGEHLP.DLL C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\MSUTB.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\oleaut32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SSSensor.dll C:\WINDOWS\system32\URLMON.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\wininet.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\WSOCK32.DLL C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll [C:\WINDOWS\system32\lsass.exe (51)] C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\cryptdll.dll C:\WINDOWS\system32\DNSAPI.dll C:\WINDOWS\System32\dssenh.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\iphlpapi.dll C:\WINDOWS\system32\ipsecsvc.dll C:\WINDOWS\system32\kerberos.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\LSASRV.dll C:\WINDOWS\system32\MPR.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\msprivs.dll C:\WINDOWS\system32\msv1_0.dll C:\WINDOWS\system32\MSVCP60.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\system32\NETAPI32.dll C:\WINDOWS\system32\netlogon.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\NTDSAPI.dll C:\WINDOWS\system32\oakley.DLL C:\WINDOWS\system32\OLE32.DLL C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\psbase.dll C:\WINDOWS\system32\pstorsvc.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\rsaenh.dll C:\WINDOWS\system32\SAMLIB.dll C:\WINDOWS\system32\SAMSRV.dll C:\WINDOWS\system32\scecli.dll C:\WINDOWS\system32\schannel.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\SETUPAPI.dll C:\WINDOWS\system32\shell32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\USP10.dll C:\WINDOWS\system32\w32time.dll C:\WINDOWS\system32\wdigest.dll C:\WINDOWS\system32\WINIPSEC.DLL C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll [C:\WINDOWS\system32\services.exe (24)] C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\Apphelp.dll C:\WINDOWS\system32\AUTHZ.dll C:\WINDOWS\system32\eventlog.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\NCObjAPI.DLL C:\WINDOWS\system32\netapi32.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\PSAPI.DLL C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\SCESRV.dll C:\WINDOWS\system32\secur32.dll C:\WINDOWS\system32\umpnpmgr.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\USP10.dll C:\WINDOWS\system32\WINSTA.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\system32\wtsapi32.dll [C:\WINDOWS\System32\smss.exe (1)] C:\WINDOWS\System32\ntdll.dll [C:\WINDOWS\system32\spoolsv.exe (51)] C:\Program Files\Adobe\Acrobat 5.0\Distillr\adistres.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\cnbjmon.dll C:\WINDOWS\system32\CNMLM5m.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\DNSAPI.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\hpzlnt10.dll C:\WINDOWS\system32\icmp.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\inetpp.dll C:\WINDOWS\system32\iphlpapi.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\localspl.dll C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\mdimon.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\msi.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\mswsock.dll C:\WINDOWS\system32\netapi32.dll C:\WINDOWS\system32\NETRAP.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\pdfports.dll C:\WINDOWS\system32\pjlmon.dll C:\WINDOWS\system32\PSAPI.DLL C:\WINDOWS\system32\rasadhlp.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\sfc_os.dll C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD5m.DLL C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll C:\WINDOWS\system32\SPOOLSS.DLL C:\WINDOWS\system32\tcpmon.dll C:\WINDOWS\system32\usbmon.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\USP10.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\win32spl.dll C:\WINDOWS\System32\winrnr.dll C:\WINDOWS\system32\winspool.drv C:\WINDOWS\system32\WINTRUST.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll [C:\WINDOWS\System32\svchost.exe (155)] c:\windows\pchealth\helpctr\binaries\pchsvc.dll C:\WINDOWS\System32\ACTIVEDS.dll C:\WINDOWS\System32\adsldpc.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\ADVPACK.dll C:\WINDOWS\system32\Apphelp.dll C:\WINDOWS\System32\ATL.DLL c:\windows\system32\audiosrv.dll c:\windows\system32\AUTHZ.dll c:\windows\system32\browser.dll C:\WINDOWS\System32\Cabinet.dll c:\windows\system32\certcli.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\CLUSAPI.DLL C:\WINDOWS\system32\colbact.DLL C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\comsvcs.dll C:\WINDOWS\system32\credui.dll C:\WINDOWS\system32\CRYPT32.dll c:\windows\system32\cryptsvc.dll C:\WINDOWS\System32\CRYPTUI.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\DNSAPI.dll C:\WINDOWS\System32\dssenh.dll c:\windows\system32\ersvc.dll c:\windows\system32\es.dll c:\windows\system32\ESENT.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\h323.tsp C:\WINDOWS\System32\HID.DLL C:\WINDOWS\System32\hidphone.tsp C:\WINDOWS\System32\hnetcfg.dll c:\windows\system32\ICAAPI.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\System32\ipconf.tsp c:\windows\system32\iphlpapi.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\kmddsp.tsp C:\WINDOWS\System32\licdll.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\mlang.dll C:\WINDOWS\System32\modemui.dll C:\WINDOWS\system32\MPR.dll C:\WINDOWS\System32\MPRAPI.dll C:\WINDOWS\system32\MSASN1.dll c:\windows\system32\msgsvc.dll C:\WINDOWS\System32\msi.dll C:\WINDOWS\System32\MSIDLE.DLL C:\WINDOWS\System32\mspatcha.dll c:\windows\system32\mstlsapi.dll C:\WINDOWS\system32\msv1_0.dll c:\windows\system32\MSVCP60.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\mswsock.dll C:\WINDOWS\System32\msxml3.dll C:\WINDOWS\system32\MTXCLU.DLL C:\WINDOWS\System32\NCObjAPI.DLL C:\WINDOWS\System32\ndptsp.tsp c:\windows\system32\NETAPI32.dll c:\windows\system32\netcfgx.dll c:\windows\system32\netman.dll C:\WINDOWS\System32\NETRAP.dll C:\WINDOWS\system32\NETSHELL.dll C:\WINDOWS\System32\ntdll.dll c:\windows\system32\NTDSAPI.dll C:\WINDOWS\System32\ntlsapi.dll C:\WINDOWS\System32\NTMARTA.DLL C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll c:\windows\system32\POWRPROF.dll c:\windows\system32\PSAPI.DLL c:\windows\system32\qmgr.dll C:\WINDOWS\System32\rasadhlp.dll C:\WINDOWS\System32\RASAPI32.dll C:\WINDOWS\System32\raschap.dll C:\WINDOWS\System32\RASDLG.dll C:\WINDOWS\System32\rasman.dll c:\windows\system32\rasmans.dll C:\WINDOWS\System32\rasppp.dll C:\WINDOWS\System32\rastapi.dll C:\WINDOWS\System32\rastls.dll C:\WINDOWS\System32\REGAPI.dll C:\WINDOWS\System32\RESUTILS.DLL C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\rsaenh.dll c:\windows\system32\rtutils.dll C:\WINDOWS\System32\SAMLIB.dll C:\WINDOWS\System32\SCHANNEL.dll c:\windows\system32\schedsvc.dll c:\windows\system32\seclogon.dll c:\windows\system32\Secur32.dll c:\windows\system32\sens.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\System32\sfc.dll C:\WINDOWS\System32\sfc_os.dll C:\WINDOWS\system32\shell32.dll c:\windows\system32\SHFOLDER.dll C:\WINDOWS\system32\SHLWAPI.dll c:\windows\system32\shsvcs.dll c:\windows\system32\srsvc.dll c:\windows\system32\srvsvc.dll C:\WINDOWS\System32\SSDPAPI.dll C:\WINDOWS\System32\SXS.DLL C:\WINDOWS\System32\TAPI32.dll c:\windows\system32\tapisrv.dll c:\windows\system32\termsrv.dll c:\windows\system32\trkwks.dll C:\WINDOWS\System32\unimdm.tsp C:\WINDOWS\System32\unimdmat.dll C:\WINDOWS\System32\uniplat.dll C:\WINDOWS\System32\upnp.dll C:\WINDOWS\system32\urlmon.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\UxTheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\VSSAPI.DLL c:\windows\system32\w32time.dll C:\WINDOWS\System32\Wbem\esscli.dll C:\WINDOWS\System32\Wbem\FastProx.dll C:\WINDOWS\System32\wbem\ncprov.dll C:\WINDOWS\System32\wbem\repdrvfs.dll c:\windows\system32\wbem\wbemcomn.dll C:\WINDOWS\System32\Wbem\wbemcore.dll C:\WINDOWS\System32\wbem\wbemess.dll C:\WINDOWS\System32\wbem\wbemsvc.dll C:\WINDOWS\System32\wbem\wmiprvsd.dll c:\windows\system32\wbem\wmisvc.dll C:\WINDOWS\System32\wbem\wmiutils.dll c:\windows\system32\WINHTTP.dll C:\WINDOWS\system32\WININET.dll c:\windows\system32\WINIPSEC.DLL C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\winrnr.dll C:\WINDOWS\System32\WinSCard.dll C:\WINDOWS\System32\WINSPOOL.DRV C:\WINDOWS\System32\WINSTA.dll C:\WINDOWS\System32\WINTRUST.dll c:\windows\system32\wkssvc.dll C:\WINDOWS\system32\WLDAP32.dll c:\windows\system32\WMI.dll c:\windows\system32\WS2_32.dll c:\windows\system32\WS2HELP.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\system32\WSOCK32.dll c:\windows\system32\WTSAPI32.dll C:\WINDOWS\System32\wuaueng.dll c:\windows\system32\wuauserv.dll C:\WINDOWS\System32\wups.dll C:\WINDOWS\System32\wups2.dll c:\windows\system32\wzcsvc.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll [C:\WINDOWS\System32\svchost.exe (25)] C:\WINDOWS\System32\actxprxy.dll C:\WINDOWS\system32\ADVAPI32.dll c:\windows\system32\CFGMGR32.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL c:\windows\system32\mscms.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\OLE32.DLL C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\setupapi.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\sti.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\system32\VERSION.dll c:\windows\system32\wiaservc.dll c:\windows\system32\WINSPOOL.DRV c:\windows\system32\WINSTA.dll [C:\WINDOWS\system32\svchost.exe (32)] C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\DNSAPI.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\iphlpapi.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\msi.dll C:\WINDOWS\system32\msv1_0.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\rasadhlp.dll C:\WINDOWS\system32\RPCRT4.dll c:\windows\system32\rpcss.dll C:\WINDOWS\System32\rsaenh.dll c:\windows\system32\Secur32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\userenv.dll C:\WINDOWS\system32\USP10.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\winrnr.dll C:\WINDOWS\system32\WINSTA.dll C:\WINDOWS\system32\WLDAP32.dll c:\windows\system32\WS2_32.dll c:\windows\system32\WS2HELP.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\system32\WTSAPI32.dll [C:\WINDOWS\system32\winlogon.exe (68)] C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\AUTHZ.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\system32\COMCTL32.dll C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\cscdll.dll C:\WINDOWS\System32\cscui.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\midimap.dll C:\WINDOWS\system32\MPR.dll C:\WINDOWS\System32\MSACM32.dll C:\WINDOWS\System32\msacm32.drv C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\MSGINA.dll C:\WINDOWS\system32\msv1_0.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\NavLogon.dll C:\WINDOWS\system32\NDdeApi.dll C:\WINDOWS\system32\NETAPI32.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\System32\NTMARTA.DLL C:\WINDOWS\System32\ODBC32.dll C:\WINDOWS\System32\odbcint.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\PROFMAP.dll C:\WINDOWS\system32\PSAPI.DLL C:\WINDOWS\System32\RASAPI32.dll C:\WINDOWS\System32\rasman.dll C:\WINDOWS\system32\REGAPI.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\rsaenh.dll C:\WINDOWS\System32\rtutils.dll C:\WINDOWS\System32\SAMLIB.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\SETUPAPI.dll C:\WINDOWS\system32\sfc.dll C:\WINDOWS\System32\sfc_os.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SHSVCS.dll C:\WINDOWS\System32\SSSensor.dll C:\WINDOWS\System32\sxs.dll C:\WINDOWS\System32\TAPI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\wdmaud.drv C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\WINSCARD.DLL C:\WINDOWS\System32\WINSPOOL.DRV C:\WINDOWS\system32\WINSTA.dll C:\WINDOWS\System32\WINTRUST.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\system32\WlNotify.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\System32\WTSAPI32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\comctl32.dll [C:\WINDOWS\System32\wuauclt.exe (54)] C:\Program Files\Internet Explorer\PLUGINS\system3.sys C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\ADVPACK.dll C:\WINDOWS\System32\ATL.DLL C:\WINDOWS\System32\Cabinet.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\System32\ESENT.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\haotian.dLL C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\System32\IMM32.DLL C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msctfime.ime C:\WINDOWS\System32\MSIMG32.dll C:\WINDOWS\System32\Msimtf.dll C:\WINDOWS\System32\mspatcha.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\System32\sfc.dll C:\WINDOWS\System32\sfc_os.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\System32\SHFOLDER.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SSSensor.dll C:\WINDOWS\system32\URLMON.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\USP10.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\WINHTTP.dll C:\WINDOWS\system32\wininet.dll C:\WINDOWS\System32\WINSPOOL.DRV C:\WINDOWS\System32\WINSTA.dll C:\WINDOWS\System32\WINTRUST.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\WSOCK32.DLL C:\WINDOWS\System32\WTSAPI32.dll C:\WINDOWS\System32\wuaucpl.cpl C:\WINDOWS\System32\wuaueng.dll C:\WINDOWS\System32\wucltui.dll C:\WINDOWS\System32\wups.dll C:\WINDOWS\System32\wups2.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.1515_x-ww_7bb98b8a\COMCTL32.dll -------------------- Autostart folders: [Startup (1)] desktop.ini [User Startup (1)] desktop.ini [Common Startup (4)] Acrobat Assistant.lnk Adobe Gamma Loader.lnk D-Link AirPlus.lnk desktop.ini [User Common Startup (4)] Acrobat Assistant.lnk Adobe Gamma Loader.lnk D-Link AirPlus.lnk desktop.ini -------------------- IniMapping values: System NT shell = Explorer.exe -------------------- Autostarting batch files: [autoexec.nt] @echo off lh %SystemRoot%\system32\mscdexnt.exe lh %SystemRoot%\system32\redir lh %SystemRoot%\system32\dosx SET BLASTER=A220 I5 D1 P330 T3 [config.nt] dos=high, umb device=%SystemRoot%\system32\himem.sys files=40 -------------------- On-reboot actions: BootExecute = autocheck autochk * [PendingFileRenameOperations] C:\Documents and Settings\dam\Local Settings\temp\~DF1655.tmp -> NULL C:\Documents and Settings\dam\Cookies\index.dat -> NULL C:\Documents and Settings\dam\Local Settings\temp\~DF1655.tmp -> NULL C:\Documents and Settings\dam\cookies\index.dat -> NULL C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\content.ie5\index.dat -> NULL C:\Documents and Settings\LocalService\cookies\index.dat -> NULL -------------------- Shell commands: .bat - MS-DOS Batch File - "%1" %* .cmd - Windows NT Command Script - "%1" %* .com - MS-DOS Application - "%1" %* .exe - Application - "%1" %* .hta - HTML Application - C:\WINDOWS\System32\mshta.exe "%1" %* .js - JScript Script File - C:\WINDOWS\System32\WScript.exe "%1" %* .jse - JScript Encoded Script File - C:\WINDOWS\System32\WScript.exe "%1" %* .pif - Shortcut to MS-DOS Program - "%1" %* .scr - Screen Saver - "%1" /S .txt - Text Document - C:\WINDOWS\system32\NOTEPAD.EXE %1 .vbe - VBScript Encoded Script File - C:\WINDOWS\System32\WScript.exe "%1" %* .vbs - VBScript Script File - C:\WINDOWS\System32\WScript.exe "%1" %* .wsf - Windows Script File - C:\WINDOWS\System32\WScript.exe "%1" %* .wsh - Windows Script Host Settings File - C:\WINDOWS\System32\WScript.exe "%1" %* -------------------- Services: [NT Services (39)] Ati HotKey Poller = C:\WINDOWS\System32\Ati2evxx.exe Automatic Updates = C:\WINDOWS\system32\svchost.exe -k netsvcs AVG Anti-Spyware Guard = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe Background Intelligent Transfer Service = C:\WINDOWS\System32\svchost.exe -k netsvcs Computer Browser = C:\WINDOWS\System32\svchost.exe -k netsvcs Cryptographic Services = C:\WINDOWS\system32\svchost.exe -k netsvcs DefWatch = C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe DHCP Client = C:\WINDOWS\System32\svchost.exe -k netsvcs Distributed Link Tracking Client = C:\WINDOWS\system32\svchost.exe -k netsvcs DNS Client = C:\WINDOWS\System32\svchost.exe -k NetworkService Error Reporting Service = C:\WINDOWS\System32\svchost.exe -k netsvcs Event Log = C:\WINDOWS\system32\services.exe Help and Support = C:\WINDOWS\System32\svchost.exe -k netsvcs IPSEC Services = C:\WINDOWS\System32\lsass.exe Messenger = C:\WINDOWS\System32\svchost.exe -k netsvcs Plug and Play = C:\WINDOWS\system32\services.exe Print Spooler = C:\WINDOWS\system32\spoolsv.exe Protected Storage = C:\WINDOWS\system32\lsass.exe Remote Procedure Call (RPC) = C:\WINDOWS\system32\svchost -k rpcss Remote Registry Protect = C:\WINDOWS\System32\svchost.exe -k netsvcs Secondary Logon = C:\WINDOWS\System32\svchost.exe -k netsvcs Security Accounts Manager = C:\WINDOWS\system32\lsass.exe Server = C:\WINDOWS\System32\svchost.exe -k netsvcs Shell Hardware Detection = C:\WINDOWS\System32\svchost.exe -k netsvcs Sygate Personal Firewall Pro = C:\Program Files\Sygate\SPF\smc.exe System Event Notification = C:\WINDOWS\system32\svchost.exe -k netsvcs System Restore Service = C:\WINDOWS\System32\svchost.exe -k netsvcs Task Scheduler = C:\WINDOWS\System32\svchost.exe -k netsvcs TCP/IP NetBIOS Helper = C:\WINDOWS\System32\svchost.exe -k LocalService Themes = C:\WINDOWS\System32\svchost.exe -k netsvcs Upload Manager = C:\WINDOWS\System32\svchost.exe -k netsvcs WebClient = C:\WINDOWS\System32\svchost.exe -k LocalService Windows Audio = C:\WINDOWS\System32\svchost.exe -k netsvcs Windows Image Acquisition (WIA) = C:\WINDOWS\System32\svchost.exe -k imgsvc Windows Management Instrumentation = C:\WINDOWS\system32\svchost.exe -k netsvcs Windows Time = C:\WINDOWS\System32\svchost.exe -k netsvcs Windows User Mode Driver Framework = C:\WINDOWS\System32\wdfmgr.exe Wireless Zero Configuration = C:\WINDOWS\System32\svchost.exe -k netsvcs Workstation = C:\WINDOWS\System32\svchost.exe -k netsvcs [SafeBoot services (Minimal boot)] * CD-ROM Drive * {4D36E965-E325-11CE-BFC1-08002BE10318} * DiskDrive * {4D36E967-E325-11CE-BFC1-08002BE10318} * Driver * dmboot.sys dmio.sys dmload.sys sermouse.sys vga.sys vgasave.sys * Driver Group * Base Boot Bus Extender Boot file system File system Filter PCI Configuration PNP Filter Primary disk SCSI Class System Bus Extender * Floppy disk drive * {4D36E980-E325-11CE-BFC1-08002BE10318} * FSFilter System Recovery * sr.sys * Hdc * {4D36E96A-E325-11CE-BFC1-08002BE10318} * Human Interface Devices * {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} * Keyboard * {4D36E96B-E325-11CE-BFC1-08002BE10318} * Mouse * {4D36E96F-E325-11CE-BFC1-08002BE10318} * PCMCIA Adapters * {4D36E977-E325-11CE-BFC1-08002BE10318} * SCSIAdapter * {4D36E97B-E325-11CE-BFC1-08002BE10318} * Service * AppMgmt CryptSvc dmadmin dmserver EventLog HelpSvc Netlogon PlugPlay RpcSs SRService vds WinMgmt * Standard floppy disk controller * {4D36E969-E325-11CE-BFC1-08002BE10318} * System * {4D36E97D-E325-11CE-BFC1-08002BE10318} * Universal Serial Bus controllers * {36FC9E60-C465-11CF-8056-444553540000} * Volume * {71A27CDD-812A-11D0-BEC7-08002BE2092F} * Volume shadow copy * {533C5B84-EC70-11D2-9505-00C04F79DEAF} [SafeBoot services (Minimal boot + network support)] * CD-ROM Drive * {4D36E965-E325-11CE-BFC1-08002BE10318} * DiskDrive * {4D36E967-E325-11CE-BFC1-08002BE10318} * Driver * dmboot.sys dmio.sys dmload.sys rdpcdd.sys rdpdd.sys rdpwd.sys sermouse.sys tdpipe.sys tdtcp.sys vga.sys vgasave.sys * Driver Group * Base Boot Bus Extender Boot file system File system Filter NDIS NDIS Wrapper NetBIOSGroup NetDDEGroup Network NetworkProvider PCI Configuration PNP Filter PNP_TDI Primary disk SCSI Class Streams Drivers System Bus Extender TDI * Floppy disk drive * {4D36E980-E325-11CE-BFC1-08002BE10318} * FSFilter System Recovery * sr.sys * Hdc * {4D36E96A-E325-11CE-BFC1-08002BE10318} * Human Interface Devices * {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} * Keyboard * {4D36E96B-E325-11CE-BFC1-08002BE10318} * Mouse * {4D36E96F-E325-11CE-BFC1-08002BE10318} * Net * {4D36E972-E325-11CE-BFC1-08002BE10318} * NetClient * {4D36E973-E325-11CE-BFC1-08002BE10318} * NetService * {4D36E974-E325-11CE-BFC1-08002BE10318} * NetTrans * {4D36E975-E325-11CE-BFC1-08002BE10318} * PCMCIA Adapters * {4D36E977-E325-11CE-BFC1-08002BE10318} * SCSIAdapter * {4D36E97B-E325-11CE-BFC1-08002BE10318} * Service * AFD AppMgmt Browser CryptSvc Dhcp dmadmin dmserver DnsCache EventLog HelpSvc LanmanServer LanmanWorkstation LmHosts Messenger Ndisuio NetBIOS NetBT Netlogon NetMan NtLmSsp PlugPlay rdsessmgr RpcSs SRService Tcpip termservice UploadMgr WinMgmt WZCSVC * Standard floppy disk controller * {4D36E969-E325-11CE-BFC1-08002BE10318} * System * {4D36E97D-E325-11CE-BFC1-08002BE10318} * Universal Serial Bus controllers * {36FC9E60-C465-11CF-8056-444553540000} * Volume * {71A27CDD-812A-11D0-BEC7-08002BE2092F} [SafeBoot: Alternate shell] cmd.exe (not enabled) -------------------- Driver filters: [Class filters] * Disk drives * - Upper filters PartMgr.sys * DVD/CD-ROM drives * - Upper filters GEARAspiWDM.sys - Lower filters PxHelp20.sys MxlW2k.sys * Infrared devices * - Upper filters IRENUM.sys * Keyboards * - Upper filters kbdclass.sys * Mice and other pointing devices * - Upper filters mouclass.sys * Storage volumes * - Upper filters VolSnap.sys [Device filters] * CD-ROM Drive * - Upper filters redbook.sys - Lower filters imapi.sys * Communications Port * - Upper filters serenum.sys * Direct Parallel * - Lower filters PtiLink.sys * Intel(R) 82845 Processor to AGP Controller * - Upper filters AGP440.sys * SENS LT56ADW Modem * - Lower filters LucentSoftModem.sys * Sony Ericsson 750 USB WMC Data Modem * - Upper filters k750mdfl.sys - Lower filters k750mdm.sys * Sony Ericsson 750 USB WMC Modem * - Upper filters k750mdfl.sys - Lower filters k750mdm.sys * Terminal Server Keyboard Driver * - Upper filters kbdclass.sys * Terminal Server Mouse Driver * - Upper filters mouclass.sys * WAN Miniport (IP) * - Lower filters NdisTapi.sys * WAN Miniport (PPPOE) * - Lower filters NdisTapi.sys * WAN Miniport (PPTP) * - Lower filters NdisTapi.sys -------------------- Print monitors (9): BJ Language Monitor - cnbjmon.dll Canon BJ Language Monitor i865 - CNMLM5m.DLL hpzlnt10 - hpzlnt10.dll Local Port - localspl.dll Microsoft Document Imaging Writer Monitor - mdimon.dll PDF Port - C:\WINDOWS\System32\pdfports.dll PJL Language Monitor - pjlmon.dll Standard TCP/IP Port - tcpmon.dll USB Monitor - usbmon.dll -------------------- WinLogon autoruns: UserInit = C:\WINDOWS\System32\Userinit.exe VmApplet = rundll32 shell32,Control_RunDLL "sysdm.cpl" [Notify (10)] crypt32chain = crypt32.dll cryptnet = cryptnet.dll cscdll = cscdll.dll NavLogon = C:\WINDOWS\System32\NavLogon.dll ScCertProp = wlnotify.dll Schedule = wlnotify.dll sclgntfy = sclgntfy.dll SensLogn = WlNotify.dll termsrv = wlnotify.dll wlballoon = wlnotify.dll [Group policy extensions (5)] Microsoft Disk Quota = dskquota.dll Security = scecli.dll Internet Explorer Branding = iedkcs32.dll EFS recovery = scecli.dll Software Installation = appmgmts.dll -------------------- Policies: [This user] * Primary policies * - (1) Update = mqqu?**vmdkad+lhwr5wiarla`+fjh*pu===+`}` * Alternate policies * - Software\Microsoft\Windows\CurrentVersion\policies\Explorer (1) NoDriveTypeAutoRun = dword: 145 - Software\Microsoft\Windows\CurrentVersion\policies\System (1) DisableRegistryTools = dword: 0 - (1) Update = mqqu?**vmdkad+lhwr5wiarla`+fjh*pu===+`}` [All users] * Primary policies * - Software\Policies\Microsoft\Windows\Installer (1) EnableAdminTSRemote = dword: 1 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecFilter{72385235-70fa-11d1-864c-14a300000000} (7) ClassName = ipsecFilter description = Matches all ICMP packets between this computer and any other computer. name = ipsecFilter{72385235-70fa-11d1-864c-14a300000000} ipsecName = All ICMP Traffic ipsecID = {72385235-70fa-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecFilter{7238523a-70fa-11d1-864c-14a300000000} (7) ClassName = ipsecFilter description = Matches all IP packets from this computer to any other computer, except broadcast, multicast, Kerberos, RSVP and ISAKMP (IKE). name = ipsecFilter{7238523a-70fa-11d1-864c-14a300000000} ipsecName = All IP Traffic ipsecID = {7238523a-70fa-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385231-70fa-11d1-864c-14a300000000} (5) ClassName = ipsecISAKMPPolicy name = ipsecISAKMPPolicy{72385231-70fa-11d1-864c-14a300000000} ipsecID = {72385231-70fa-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385234-70fa-11d1-864c-14a300000000} (5) ClassName = ipsecISAKMPPolicy name = ipsecISAKMPPolicy{72385234-70fa-11d1-864c-14a300000000} ipsecID = {72385234-70fa-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385237-70fa-11d1-864c-14a300000000} (5) ClassName = ipsecISAKMPPolicy name = ipsecISAKMPPolicy{72385237-70fa-11d1-864c-14a300000000} ipsecID = {72385237-70fa-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{7238523d-70fa-11d1-864c-14a300000000} (5) ClassName = ipsecISAKMPPolicy name = ipsecISAKMPPolicy{7238523d-70fa-11d1-864c-14a300000000} ipsecID = {7238523d-70fa-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{28c6a879-4ce2-4119-b57d-ee9dafbec9a3} (7) ClassName = ipsecNegotiationPolicy name = ipsecNegotiationPolicy{28c6a879-4ce2-4119-b57d-ee9dafbec9a3} ipsecID = {28c6a879-4ce2-4119-b57d-ee9dafbec9a3} ipsecNegotiationPolicyAction = {8a171dd3-77e3-11d1-8659-a04f00000000} ipsecNegotiationPolicyType = {62f49e13-6c37-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{72385233-70fa-11d1-864c-14a300000000} (9) ClassName = ipsecNegotiationPolicy description = Accepts unsecured communication, but requests clients to establish trust and security methods. Will communicate insecurely to untrusted clients if they do not respond to request. name = ipsecNegotiationPolicy{72385233-70fa-11d1-864c-14a300000000} ipsecName = Request Security (Optional) ipsecID = {72385233-70fa-11d1-864c-14a300000000} ipsecNegotiationPolicyAction = {3f91a81a-7647-11d1-864d-d46a00000000} ipsecNegotiationPolicyType = {62f49e10-6c37-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{7238523b-70fa-11d1-864c-14a300000000} (9) ClassName = ipsecNegotiationPolicy description = Permit unsecured IP packets to pass through. name = ipsecNegotiationPolicy{7238523b-70fa-11d1-864c-14a300000000} ipsecName = Permit ipsecID = {7238523b-70fa-11d1-864c-14a300000000} ipsecNegotiationPolicyAction = {8a171dd2-77e3-11d1-8659-a04f00000000} ipsecNegotiationPolicyType = {62f49e10-6c37-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{7238523f-70fa-11d1-864c-14a300000000} (9) ClassName = ipsecNegotiationPolicy description = Accepts unsecured communication, but always requires clients to establish trust and security methods. Will NOT communicate with untrusted clients. name = ipsecNegotiationPolicy{7238523f-70fa-11d1-864c-14a300000000} ipsecName = Require Security ipsecID = {7238523f-70fa-11d1-864c-14a300000000} ipsecNegotiationPolicyAction = {3f91a81a-7647-11d1-864d-d46a00000000} ipsecNegotiationPolicyType = {62f49e10-6c37-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{e6f46b4b-82f5-49a0-be08-cb7a09dff2c6} (7) ClassName = ipsecNegotiationPolicy name = ipsecNegotiationPolicy{e6f46b4b-82f5-49a0-be08-cb7a09dff2c6} ipsecID = {e6f46b4b-82f5-49a0-be08-cb7a09dff2c6} ipsecNegotiationPolicyAction = {8a171dd3-77e3-11d1-8659-a04f00000000} ipsecNegotiationPolicyType = {62f49e13-6c37-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{f7f89312-f11d-4393-b9c3-91288fe38a0c} (7) ClassName = ipsecNegotiationPolicy name = ipsecNegotiationPolicy{f7f89312-f11d-4393-b9c3-91288fe38a0c} ipsecID = {f7f89312-f11d-4393-b9c3-91288fe38a0c} ipsecNegotiationPolicyAction = {8a171dd3-77e3-11d1-8659-a04f00000000} ipsecNegotiationPolicyType = {62f49e13-6c37-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{05bbc932-9b3d-4b8b-be61-b05f9119e0b6} (8) ClassName = ipsecNFA name = ipsecNFA{05bbc932-9b3d-4b8b-be61-b05f9119e0b6} ipsecName = Permit unsecure ICMP packets to pass through. description = Permit unsecure ICMP packets to pass through. ipsecID = {05bbc932-9b3d-4b8b-be61-b05f9119e0b6} ipsecDataType = dword: 256 ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{7238523b-70fa-11d1-864c-14a300000000} whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{7363e168-2e23-4876-945f-c58ec13bf3eb} (6) ClassName = ipsecNFA name = ipsecNFA{7363e168-2e23-4876-945f-c58ec13bf3eb} ipsecID = {7363e168-2e23-4876-945f-c58ec13bf3eb} ipsecDataType = dword: 256 ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{e6f46b4b-82f5-49a0-be08-cb7a09dff2c6} whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{8a66c4df-b280-4117-9305-fa1a3445b3e3} (8) ClassName = ipsecNFA name = ipsecNFA{8a66c4df-b280-4117-9305-fa1a3445b3e3} ipsecName = Permit unsecure ICMP packets to pass through. description = Permit unsecure ICMP packets to pass through. ipsecID = {8a66c4df-b280-4117-9305-fa1a3445b3e3} ipsecDataType = dword: 256 ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{7238523b-70fa-11d1-864c-14a300000000} whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{acecf3fd-3770-4d3f-8cd4-8f093ed8aaa6} (8) ClassName = ipsecNFA name = ipsecNFA{acecf3fd-3770-4d3f-8cd4-8f093ed8aaa6} ipsecName = Require Security description = Accepts unsecured communication, but always requires clients to establish trust and security methods. Will NOT communicate with untrusted clients. ipsecID = {acecf3fd-3770-4d3f-8cd4-8f093ed8aaa6} ipsecDataType = dword: 256 ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{7238523f-70fa-11d1-864c-14a300000000} whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{c38fe308-33b5-4630-99c8-9bcb6b89f296} (8) ClassName = ipsecNFA name = ipsecNFA{c38fe308-33b5-4630-99c8-9bcb6b89f296} ipsecName = Request Security (Optional) Rule description = For all IP traffic, always request security using Kerberos trust. Allow unsecured communication with clients that do not respond to request. ipsecID = {c38fe308-33b5-4630-99c8-9bcb6b89f296} ipsecDataType = dword: 256 ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{72385233-70fa-11d1-864c-14a300000000} whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{c5703287-058b-4aa2-a3be-0482d22d32ae} (6) ClassName = ipsecNFA name = ipsecNFA{c5703287-058b-4aa2-a3be-0482d22d32ae} ipsecID = {c5703287-058b-4aa2-a3be-0482d22d32ae} ipsecDataType = dword: 256 ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{28c6a879-4ce2-4119-b57d-ee9dafbec9a3} whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{d6dfa6c5-f698-4611-851e-f994dc600261} (6) ClassName = ipsecNFA name = ipsecNFA{d6dfa6c5-f698-4611-851e-f994dc600261} ipsecID = {d6dfa6c5-f698-4611-851e-f994dc600261} ipsecDataType = dword: 256 ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{f7f89312-f11d-4393-b9c3-91288fe38a0c} whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecPolicy{72385230-70fa-11d1-864c-14a300000000} (8) ClassName = ipsecPolicy description = For all IP traffic, always request security using Kerberos trust. Allow unsecured communication with clients that do not respond to request. name = ipsecPolicy{72385230-70fa-11d1-864c-14a300000000} ipsecName = Server (Request Security) ipsecID = {72385230-70fa-11d1-864c-14a300000000} ipsecDataType = dword: 256 ipsecISAKMPReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385231-70fa-11d1-864c-14a300000000} whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecPolicy{72385236-70fa-11d1-864c-14a300000000} (8) ClassName = ipsecPolicy description = Communicate normally (unsecured). Use the default response rule to negotiate with servers that request security. Only the requested protocol and port traffic with that server is secured. name = ipsecPolicy{72385236-70fa-11d1-864c-14a300000000} ipsecName = Client (Respond Only) ipsecID = {72385236-70fa-11d1-864c-14a300000000} ipsecDataType = dword: 256 ipsecISAKMPReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385237-70fa-11d1-864c-14a300000000} whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecPolicy{7238523c-70fa-11d1-864c-14a300000000} (8) ClassName = ipsecPolicy description = For all IP traffic, always require security using Kerberos trust. Do NOT allow unsecured communication with untrusted clients. name = ipsecPolicy{7238523c-70fa-11d1-864c-14a300000000} ipsecName = Secure Server (Require Security) ipsecID = {7238523c-70fa-11d1-864c-14a300000000} ipsecDataType = dword: 256 ipsecISAKMPReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{7238523d-70fa-11d1-864c-14a300000000} whenChanged = dword: 1098340902 - Software\Policies\Microsoft\Windows\RTC\PortRange (1) Enabled = dword: 0 - Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers (4) TransparentEnabled = dword: 1 DefaultLevel = dword: 262144 AuthenticodeEnabled = dword: 0 PolicyScope = dword: 0 - Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33} (2) Description = SaferFlags = dword: 0 * Alternate policies * - Software\Microsoft\Windows\CurrentVersion\policies\NonEnum (3) {BDEADF00-C265-11D0-BCED-00A0C90AB50F} = dword: 1 {6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} = dword: 1073741857 {0DF44EAA-FF21-4412-828E-260A8728E7F1} = dword: 32 - Software\Microsoft\Windows\CurrentVersion\policies\system (5) dontdisplaylastusername = dword: 0 legalnoticecaption = legalnoticetext = shutdownwithoutlogon = dword: 1 undockwithoutlogon = dword: 1 -------------------- Browser Helper Objects (3): (no name) = {53707962-6F74-2D53-2644-206D7942484F} = C:\Program Files\Spybot - Search & Destroy\SDHelper.dll AcroIEHlprObj Class = {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx Google Toolbar Helper = {AA58ED58-01DD-4d91-8333-CF10577473F7} = c:\program files\google\googletoolbar2.dll -------------------- ActiveX objects (14): (no name) - {306D6C21-C1B6-4629-986C-E59E1875B8AF} - "C:\WINDOWS\System32\rundll32.exe" "C:\Program Files\Messenger\msgsc.dll",ShowIconsUser BASEIE40_W2K - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe BRANDING.CAB - {60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP DOTNETFRAMEWORKS - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install IE4Shell_NT - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll IEACCESS - {26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE MailNews - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install Messenger - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.Install.PerUser Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub NetMeeting - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT OEACCESS - {881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE Theme Component - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll WAB - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install WMPACCESS - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\INF\unregmp2.exe /ShowWMP -------------------- Internet Explorer toolbars: [This user] * ShellBrowser (1) * &Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll * WebBrowser (3) * &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll &Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll -------------------- Internet Explorer buttons/tools (3): Sun Java Console - {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll Research - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE -------------------- Internet Explorer menu extensions: [This user (1)] E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 -------------------- Internet Explorer Bands (9): Search Band - {30D02401-6A81-11d0-8274-00C04FD5AE38} - C:\WINDOWS\System32\browseui.dll Media Band - {32683183-48a0-441b-a342-7c2a440a9478} - C:\WINDOWS\System32\browseui.dll &Tip of the Day - {4D5C8C25-D075-11d0-B416-00C04FB90376} - C:\WINDOWS\System32\shdocvw.dll &Discuss - {BDEADE7F-C265-11D0-BCED-00A0C90AB50F} - shdocvw.dll File Search Explorer Band - {C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} - C:\WINDOWS\system32\SHELL32.dll Favorites Band - {EFA24E61-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\System32\shdocvw.dll History Band - {EFA24E62-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\System32\shdocvw.dll Explorer Band - {EFA24E64-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\System32\shdocvw.dll &Research - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL -------------------- Downloaded Program Files (5): CKAVWebScan Object - {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} - C:\WINDOWS\System32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab Java Runtime Environment 1.5.0 - {8AD9C840-044E-11D1-B3E9-00805F499D93} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll - http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab Update Class - {9F1C11AA-197B-4942-BA54-47A8489BB47F} - C:\WINDOWS\System32\iuctl.dll - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?39002.6131712963 Java Runtime Environment 1.5.0 - {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll - http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab Shockwave Flash Object - {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\WINDOWS\System32\Macromed\Flash\Flash8a.ocx - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab -------------------- URL search hooks: [This user (1)] Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\shdocvw.dll -------------------- Explorer clones: C:\WINDOWS\explorer.exe -------------------- Image File Execution Options (1): Your Image File Name Here without a path = ntsd -d -------------------- ContextMenuHandlers: [* (9)] AVG Anti-Spyware = {8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll BriefcaseMenu = {85BBD920-42A0-1069-A2E4-08002B30309D} = syncui.dll LDVPMenu = {BDA77241-42F6-11d0-85E2-00AA001FE28C} = C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll Offline Files = {750fdf0e-2a26-11d1-a3ea-080036587f03} = C:\WINDOWS\System32\cscui.dll Open With = {09799AFB-AD67-11d1-ABCD-00C04FC30936} = C:\WINDOWS\system32\SHELL32.dll Open With EncryptionMenu = {A470F8CF-A1E8-4f65-8335-227475AA5C46} = C:\WINDOWS\system32\SHELL32.dll Start Menu Pin = {a2a9545d-a0c2-42b4-9708-a0b2badd77c8} = C:\WINDOWS\system32\SHELL32.dll WinRAR = {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll WinZip = {E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL [Drive (7)] AVG Anti-Spyware = {8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll Disk Copy Extension = {59099400-57FF-11CE-BD94-0020AF85B590} = diskcopy.dll LDVPMenu = {BDA77241-42F6-11d0-85E2-00AA001FE28C} = C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll Offline Files = {750fdf0e-2a26-11d1-a3ea-080036587f03} = C:\WINDOWS\System32\cscui.dll Portable Media Devices Menu = {cc86590a-b60a-48e6-996b-41d25ed39a1e} = C:\WINDOWS\System32\Audiodev.dll Sharing = {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll ShellFolder for CD Burning = {fbeb8a05-beee-4442-804e-409d6c4515e9} = C:\WINDOWS\system32\SHELL32.dll [Folder (4)] BriefcaseMenu = {85BBD920-42A0-1069-A2E4-08002B30309D} = syncui.dll LDVPMenu = {BDA77241-42F6-11d0-85E2-00AA001FE28C} = C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll WinRAR = {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll WinZip = {E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL [CompressedFolder (1)] Compressed (zipped) Folder Context Menu = {b8cdcb65-b1bf-4b42-9428-1dfdb7ee92af} = C:\WINDOWS\System32\zipfldr.dll [Directory (6)] AVG Anti-Spyware = {8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll EncryptionMenu = {A470F8CF-A1E8-4f65-8335-227475AA5C46} = C:\WINDOWS\system32\SHELL32.dll Offline Files = {750fdf0e-2a26-11d1-a3ea-080036587f03} = C:\WINDOWS\System32\cscui.dll Sharing = {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll WinRAR = {B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll WinZip = {E0D79304-84BE-11CE-9641-444553540000} = C:\PROGRA~1\WINZIP\WZSHLSTB.DLL [Directory\Background (1)] New = {D969A300-E7FF-11d0-A93B-00A0C90F2719} = C:\WINDOWS\system32\SHELL32.dll [ChannelShortcut (1)] Channel Menu Handler Object = {f3da0dc0-9cc8-11d0-a599-00c04fd64437} = C:\WINDOWS\System32\cdfview.dll [InternetShortcut (1)] Internet Shortcut = {FBF23B40-E3F0-101B-8488-00AA003E56F8} = shdocvw.dll [AllFileSystemObjects (1)] Send To = {7BA4C740-9E81-11CF-99D3-00AA004AE837} = C:\WINDOWS\system32\SHELL32.dll -------------------- ColumnHandlers (4): (no name) - {0D2E74C4-3C34-11d2-A27E-00C04FC30871} - C:\WINDOWS\system32\SHELL32.dll (no name) - {24F14F01-7B1C-11d1-838f-0000F80461CF} - C:\WINDOWS\system32\SHELL32.dll (no name) - {24F14F02-7B1C-11d1-838f-0000F80461CF} - C:\WINDOWS\system32\SHELL32.dll (no name) - {66742402-F9B9-11D1-A202-0000F81FEDEE} - C:\WINDOWS\system32\SHELL32.dll -------------------- ShellExecuteHooks (12): AVG Anti-Spyware 7.5 = {57B86673-276A-48B2-BAE7-C6DBB3020EB8} = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll URL Exec Hook = {11760322-2400-4AC3-9605-6CAF086E809E} = C:\Program Files\Internet Explorer\PLUGINS\Windows.sys URL Exec Hook = {6E44887F-5214-41F2-AB46-4728735C4CC6} = C:\Program Files\Internet Explorer\PLUGINS\system3.sys URL Exec Hook = {8A238B14-A6FF-11E0-9A84-00C04FD8DBD8} = C:\WINDOWS\System32\sysldr.dll URL Exec Hook = {99F1D023-7CEB-4586-80F7-BB1A98DB7602} = C:\Program Files\Internet Explorer\IEXPLORE.Sys URL Exec Hook = {9A0CFC58-5A6F-41ba-9FFE-4320F4F62111} = C:\WINDOWS\System32\cnscheck.dll URL Exec Hook = {9A0CFC58-5A6F-41ba-9FFE-4320F4F621BA} = C:\WINDOWS\System32\cnscheck001.dll URL Exec Hook = {9A0CFC58-5A6F-41ba-9FFE-4320F4F62F1A} = C:\WINDOWS\System32\cnscheck010.dll URL Exec Hook = {9A0CFC58-5A6F-41ba-9FFE-4320F4F62FB1} = C:\WINDOWS\System32\cnscheck.dll URL Exec Hook = {AEB6717E-7E19-11d0-97EE-00C04FD91972} = shell32.dll URL Exec Hook = {E4C3C044-CE6A-4117-9D18-C1EBEC80D2C9} = C:\WINDOWS\System32\haotian.dLL URL Exec Hook = {FEB94F5A-69F3-4645-8C2B-9E71D270AF2E} = C:\Program Files\Internet Explorer\IEXPLORE.Dat -------------------- Approved Shell Extensions: [All users (185)] %DESC_PublishDropTarget% - {60fd46de-f830-4894-a628-6fa81bc0190d} - C:\WINDOWS\System32\photowiz.dll &Address - {01E04581-4EEE-11d0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll .CAB file viewer - {0CD7A5C0-9F37-11CE-AE65-08002B2E1262} - cabview.dll Accessible - {7e653215-fa25-46bd-a339-34a2790f3cb7} - C:\WINDOWS\System32\browseui.dll ActiveX Cache Folder - {88C6C381-2E85-11D0-94DE-444553540000} - C:\WINDOWS\System32\occache.dll Address Bar Parser - {E0E11A09-5CB8-4B6C-8332-E00720A168F2} - C:\WINDOWS\System32\browseui.dll Address EditBox - {A08C11D2-A228-11d0-825B-00AA005B4383} - C:\WINDOWS\System32\browseui.dll Administrative Tools - {D20EA4E1-3957-11d2-A40B-0C5020524153} - C:\WINDOWS\system32\shdocvw.dll AlcoholShellEx - {32020A01-506E-484D-A2A8-BE3CF17601C3} - Audio Media Properties Handler - {875CB1A1-0F29-45de-A1AE-CFB4950D0B78} - C:\WINDOWS\System32\shmedia.dll Augmented Shell Folder - {91EA3F8B-C99B-11d0-9815-00C04FD91972} - C:\WINDOWS\System32\browseui.dll Augmented Shell Folder 2 - {6413BA2C-B461-11d1-A18A-080036B11A03} - C:\WINDOWS\System32\browseui.dll Auto Update Property Sheet Extension - {5F327514-6C5E-4d60-8F16-D07FA08A78ED} - C:\WINDOWS\System32\wuaucpl.cpl Avi Properties Handler - {87D62D94-71B3-4b9a-9489-5FE6850DC73E} - C:\WINDOWS\System32\shmedia.dll BandProxy - {F61FFEC1-754F-11d0-80CA-00AA005B4383} - C:\WINDOWS\System32\browseui.dll Briefcase - {85BBD920-42A0-1069-A2E4-08002B30309D} - syncui.dll CDF Extension Copy Hook - {67EA19A0-CCEF-11d0-8024-00C04FD75D13} - C:\WINDOWS\System32\shdocvw.dll Channel File - {f39a0dc0-9cc8-11d0-a599-00c04fd64433} - C:\WINDOWS\System32\cdfview.dll Channel Handler Object - {f3ba0dc0-9cc8-11d0-a599-00c04fd64435} - C:\WINDOWS\System32\cdfview.dll Channel Menu - {f3da0dc0-9cc8-11d0-a599-00c04fd64437} - C:\WINDOWS\System32\cdfview.dll Channel Properties - {f3ea0dc0-9cc8-11d0-a599-00c04fd64438} - C:\WINDOWS\System32\cdfview.dll Channel Shortcut - {f3aa0dc0-9cc8-11d0-a599-00c04fd64434} - C:\WINDOWS\System32\cdfview.dll Code Download Agent - {7D559C10-9FE9-11d0-93F7-00AA0059CE02} - C:\WINDOWS\System32\webcheck.dll Compatibility Page - {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} - SlayerXP.dll Compressed (zipped) Folder - {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} - C:\WINDOWS\System32\zipfldr.dll Compressed (zipped) Folder Right Drag Handler - {BD472F60-27FA-11cf-B8B4-444553540000} - C:\WINDOWS\System32\zipfldr.dll Compressed (zipped) Folder SendTo Target - {888DCA60-FC0A-11CF-8F0F-00C04FD7D062} - C:\WINDOWS\System32\zipfldr.dll ConnectionAgent - {E6CC6978-6B6E-11D0-BECA-00C04FD940BE} - C:\WINDOWS\System32\webcheck.dll Crypto PKO Extension - {7444C717-39BF-11D1-8CD9-00C04FC29D45} - C:\WINDOWS\system32\cryptext.dll Crypto Sign Extension - {7444C719-39BF-11D1-8CD9-00C04FC29D45} - C:\WINDOWS\system32\cryptext.dll Custom MRU AutoCompleted List - {6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} - C:\WINDOWS\System32\browseui.dll Darwin App Publisher - {CFCCC7A0-A282-11D1-9082-006008059382} - C:\WINDOWS\System32\appwiz.cpl DfsShell - {ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} - C:\WINDOWS\System32\dfsshlex.dll Directory Context Menu Verbs - {62AE1F9A-126A-11D0-A14B-0800361B1103} - C:\WINDOWS\System32\dsuiext.dll Directory Object Find - {163FDC20-2ABC-11d0-88F0-00A024AB2DBB} - C:\WINDOWS\System32\dsquery.dll Directory Property UI - {0D45D530-764B-11d0-A1CA-00AA00C16E65} - C:\WINDOWS\System32\dsuiext.dll Directory Query UI - {8A23E65E-31C2-11d0-891C-00A024AB2DBB} - C:\WINDOWS\System32\dsquery.dll Directory Start/Search Find - {F020E586-5264-11d1-A532-0000F8757D7E} - C:\WINDOWS\System32\dsquery.dll Disk Copy Extension - {59099400-57FF-11CE-BD94-0020AF85B590} - diskcopy.dll Disk Quota UI - {7988B573-EC89-11cf-9C00-00AA00A14F56} - dskquoui.dll Display Adapter CPL Extension - {42071712-76d4-11d1-8b24-00a0c9068ff3} - deskadp.dll Display Monitor CPL Extension - {42071713-76d4-11d1-8b24-00a0c9068ff3} - deskmon.dll Display Panning CPL Extension - {42071714-76d4-11d1-8b24-00a0c9068ff3} - deskpan.dll Display TroubleShoot CPL Extension - {f92e8c40-3d33-11d2-b1aa-080036a75b03} - deskperf.dll Download Status - {22BF0C20-6DA7-11D0-B373-00A0C9034938} - C:\WINDOWS\System32\browseui.dll DS Security Page - {4E40F770-369C-11d0-8922-00A024AB2DBB} - dssec.dll E-mail - {2559a1f5-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll Encryption Context Menu - {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} - Explorer Band - {EFA24E64-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\System32\shdocvw.dll Favorites Band - {EFA24E61-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\System32\shdocvw.dll Fonts - {BD84B380-8CA2-1069-AB1D-08000948F534} - fontext.dll Fonts - {D20EA4E1-3957-11d2-A40B-0C5020524152} - C:\WINDOWS\system32\shdocvw.dll For &People... - {32714800-2E5F-11d0-8B85-00AA0044F941} - C:\Program Files\Outlook Express\wabfind.dll FTP Folders Webview - {63da6ec0-2e98-11cf-8d82-444553540000} - C:\WINDOWS\System32\msieftp.dll Fusion Cache - {1D2680C9-0E2A-469d-B787-065558BC7D43} - C:\WINDOWS\system32\mscoree.dll GDI+ file thumbnail extractor - {3F30C968-480A-4C6C-862D-EFC0897BB84B} - C:\WINDOWS\system32\shimgvw.dll Get a Passport Wizard - {58f1f272-9240-4f51-b6d4-fd63d1618591} - C:\WINDOWS\System32\netplwiz.dll Global Folder Settings - {EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} - C:\WINDOWS\System32\browseui.dll Help and Support - {2559a1f1-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll Help and Support - {2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll History - {FF393560-C2A7-11CF-BFF4-444553540000} - C:\WINDOWS\System32\shdocvw.dll HTML Thumbnail Extractor - {EAB841A0-9550-11cf-8C16-00805F1408F3} - C:\WINDOWS\system32\shimgvw.dll HyperTerminal Icon Ext - {88895560-9AA2-1069-930E-00AA0030EBC8} - C:\WINDOWS\System32\hticons.dll ICC Profile - {DBCE2480-C732-101B-BE72-BA78E9AD5B27} - C:\WINDOWS\system32\icmui.dll ICM Monitor Management - {5DB2625A-54DF-11D0-B6C4-0800091AA605} - C:\WINDOWS\System32\icmui.dll ICM Printer Management - {675F097E-4C4D-11D0-B6C1-0800091AA605} - C:\WINDOWS\system32\icmui.dll ICM Scanner Management - {176d6597-26d3-11d1-b350-080036a75b03} - icmui.dll IE4 Suite Splash Screen - {A2B0DD40-CC59-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\shdocvw.dll In-pane search - {169A0691-8DF9-11d1-A1C4-00C04FD75D13} - C:\WINDOWS\System32\browseui.dll Installed Apps Enumerator - {0B124F8F-91F0-11D1-B8B5-006008059382} - C:\WINDOWS\System32\appwiz.cpl Internet - {2559a1f4-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll Internet Name Space - {871C5380-42A0-1069-A2EA-08002B30309D} - C:\WINDOWS\System32\shdocvw.dll InternetShortcut - {FBF23B40-E3F0-101B-8488-00AA003E56F8} - shdocvw.dll ISFBand OC - {131A6951-7F78-11D0-A979-00C04FD705A2} - C:\WINDOWS\System32\shdocvw.dll iTunes - {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} - C:\Program Files\iTunes\iTunesMiniPlayer.dll LDVP Shell Extensions - {BDA77241-42F6-11d0-85E2-00AA001FE28C} - C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll Media Band - {32683183-48a0-441b-a342-7c2a440a9478} - C:\WINDOWS\System32\browseui.dll Microsoft Agent Character Property Sheet Handler - {143A62C8-C33B-11D1-84FE-00C04FA34A14} - C:\WINDOWS\msagent\agentpsh.dll Microsoft AutoComplete - {00BB2763-6A77-11D0-A535-00C04FD7D062} - C:\WINDOWS\System32\browseui.dll Microsoft Browser Architecture - {A5E46E3A-8849-11D1-9D8C-00C04FC99D61} - C:\WINDOWS\System32\shdocvw.dll Microsoft BrowserBand - {7BA4C742-9E81-11CF-99D3-00AA004AE837} - C:\WINDOWS\System32\browseui.dll Microsoft Data Link - {2206CDB2-19C1-11D1-89E0-00C04FD7A829} - C:\Program Files\Common Files\System\Ole DB\oledb32.dll Microsoft DocProp Inplace Calendar Control - {6A205B57-2567-4A2C-B881-F787FAB579A3} - C:\WINDOWS\System32\docprop2.dll Microsoft DocProp Inplace Droplist Combo Control - {0EEA25CC-4362-4A12-850B-86EE61B0D3EB} - C:\WINDOWS\System32\docprop2.dll Microsoft DocProp Inplace Edit Box Control - {A9CF0EAE-901A-4739-A481-E35B73E47F6D} - C:\WINDOWS\System32\docprop2.dll Microsoft DocProp Inplace ML Edit Box Control - {8EE97210-FD1F-4B19-91DA-67914005F020} - C:\WINDOWS\System32\docprop2.dll Microsoft DocProp Inplace Time Control - {28F8A4AC-BBB3-4D9B-B177-82BFC914FA33} - C:\WINDOWS\System32\docprop2.dll Microsoft DocProp Shell Ext - {883373C3-BF89-11D1-BE35-080036B11A03} - C:\WINDOWS\System32\docprop2.dll Microsoft History AutoComplete List - {00BB2764-6A77-11D0-A535-00C04FD7D062} - C:\WINDOWS\System32\browseui.dll Microsoft Internet Toolbar - {5E6AB780-7743-11CF-A12B-00AA004AE837} - C:\WINDOWS\System32\browseui.dll Microsoft Multiple AutoComplete List Container - {00BB2765-6A77-11D0-A535-00C04FD7D062} - C:\WINDOWS\System32\browseui.dll Microsoft Office HTML Icon Handler - {42042206-2D85-11D3-8CFF-005004838597} - C:\Program Files\Microsoft Office\OFFICE11\msohev.dll Microsoft Office Outlook Custom Icon Handler - {0006F045-0000-0000-C000-000000000046} - C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL Microsoft Office Outlook Desktop Icon Handler - {00020D75-0000-0000-C000-000000000046} - C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL Microsoft Shell Folder AutoComplete List - {03C036F1-A186-11D0-824A-00AA005B4383} - C:\WINDOWS\System32\browseui.dll Microsoft Url History Service - {3C374A40-BAE4-11CF-BF7D-00AA006946EE} - C:\WINDOWS\System32\shdocvw.dll Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\shdocvw.dll Midi Properties Handler - {A6FD9E45-6E44-43f9-8644-08598F5A74D9} - C:\WINDOWS\System32\shmedia.dll MMC Icon Handler - {7A80E4A8-8005-11D2-BCF8-00C04F72C717} - C:\WINDOWS\System32\mmcshext.dll MRU AutoComplete List - {6756A641-DE71-11d0-831B-00AA005B4383} - C:\WINDOWS\System32\browseui.dll Multimedia File Property Sheet - {00022613-0000-0000-C000-000000000046} - mmsys.cpl MyDocs Copy Hook - {ECF03A33-103D-11d2-854D-006008059367} - C:\WINDOWS\System32\mydocs.dll MyDocs Drop Target - {ECF03A32-103D-11d2-854D-006008059367} - C:\WINDOWS\System32\mydocs.dll MyDocs Properties - {4a7ded0a-ad25-11d0-98a8-0800361b1103} - C:\WINDOWS\System32\mydocs.dll Network Connections - {7007ACC7-3202-11D1-AAD2-00805FC1270E} - C:\WINDOWS\system32\NETSHELL.dll Network Connections - {992CFFA0-F557-101A-88EC-00DD010CCC48} - C:\WINDOWS\system32\NETSHELL.dll NTFS Security Page - {1F2E5C40-9550-11CE-99D2-00AA006E086C} - rshx32.dll Offline Files Folder - {AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} - C:\WINDOWS\System32\cscui.dll Offline Files Folder Options - {10CFC467-4392-11d2-8DB4-00C04FA31A66} - C:\WINDOWS\System32\cscui.dll Offline Files Menu - {750fdf0e-2a26-11d1-a3ea-080036587f03} - C:\WINDOWS\System32\cscui.dll OLE Docfile Property Page - {3EA48300-8CF6-101B-84FB-666CCB9BCD32} - docprop.dll PlusPack CPL Extension - {41E300E0-78B6-11ce-849B-444553540000} - C:\WINDOWS\System32\themeui.dll Portable Media Devices - {640167b4-59b0-47a6-b335-a6b3c0695aea} - C:\WINDOWS\System32\Audiodev.dll Portable Media Devices Menu - {cc86590a-b60a-48e6-996b-41d25ed39a1e} - C:\WINDOWS\System32\Audiodev.dll PostAgent - {D8BD2030-6FC9-11D0-864F-00AA006809D9} - C:\WINDOWS\System32\webcheck.dll Print Ordering via the Web - {add36aa8-751a-4579-a266-d66f5202ccbb} - C:\WINDOWS\System32\netplwiz.dll Printers Security Page - {F37C5810-4D3F-11d0-B4BF-00AA00BBB723} - rshx32.dll Registry Tree Options Utility - {AF4F6510-F982-11d0-8595-00AA004CD6D8} - C:\WINDOWS\System32\browseui.dll Remote Sessions CPL Extension - {F0152790-D56E-4445-850E-4F3117DB740C} - C:\WINDOWS\System32\remotepg.dll Run... - {2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll Scanners & Cameras - {3F953603-1008-4f6e-A73A-04AAC7A992F1} - wiashext.dll Scanners & Cameras - {83bbcbf3-b28a-4919-a5aa-73027445d672} - wiashext.dll Scanners & Cameras - {905667aa-acd6-11d2-8080-00805f6596d2} - wiashext.dll Scanners & Cameras - {E211B736-43FD-11D1-9EFB-0000F8757FCD} - wiashext.dll Scanners & Cameras - {FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD} - wiashext.dll Scheduled Tasks - {D6277990-4C6A-11CF-8D87-00AA0060F5BF} - C:\WINDOWS\System32\mstask.dll Search - {2559a1f0-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll Search Assistant OC - {9461b922-3c5a-11d2-bf8b-00c04fb93661} - C:\WINDOWS\System32\shdocvw.dll Search Band - {30D02401-6A81-11d0-8274-00C04FD5AE38} - C:\WINDOWS\System32\browseui.dll Sendmail service - {9E56BE60-C50F-11CF-9A2C-00A0C90A90CE} - C:\WINDOWS\System32\sendmail.dll Sendmail service - {9E56BE61-C50F-11CF-9A2C-00A0C90A90CE} - C:\WINDOWS\System32\sendmail.dll Set Program Access and Defaults - {2559a1f7-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll Shell Application Manager - {352EC2B7-8B9A-11D1-B8AE-006008059382} - C:\WINDOWS\System32\appwiz.cpl Shell Automation Inproc Service - {0A89A860-D7B1-11CE-8350-444553540000} - C:\WINDOWS\System32\shdocvw.dll Shell Band Site Menu - {ECD4FC4E-521C-11D0-B792-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll Shell DeskBar - {ECD4FC4C-521C-11D0-B792-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll Shell DeskBarApp - {3CCF8A41-5C85-11d0-9796-00AA00B90ADF} - C:\WINDOWS\System32\browseui.dll Shell DocObject Viewer - {E7E4BC40-E76A-11CE-A9BB-00AA004AE837} - C:\WINDOWS\System32\shdocvw.dll Shell extensions for file compression - {764BF0E1-F219-11ce-972D-00AA00A14F56} - Shell extensions for Microsoft Windows Network objects - {59be4990-f85c-11ce-aff7-00aa003ca9f6} - ntlanui2.dll Shell Extensions for RealOne Player - {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - C:\Program Files\Real\RealPlayer\rpshell.dll Shell extensions for sharing - {40dd6e20-7c17-11ce-a804-00aa003ca9f6} - ntshrui.dll Shell extensions for sharing - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} - ntshrui.dll Shell extensions for Windows Script Host - {60254CA5-953B-11CF-8C96-00AA00B8708C} - C:\WINDOWS\System32\wshext.dll Shell Image Data Factory - {66e4e4fb-f385-4dd0-8d74-a2efd1bc6178} - C:\WINDOWS\system32\shimgvw.dll Shell Image Property Handler - {eb9b1153-3b57-4e68-959a-a3266bc3d7fe} - C:\WINDOWS\system32\shimgvw.dll Shell Image Verbs - {e84fda7c-1d6a-45f6-b725-cb260c236066} - C:\WINDOWS\system32\shimgvw.dll Shell properties for a DS object - {9E51E0D0-6E0F-11d2-9601-00C04FA31A86} - C:\WINDOWS\System32\dsquery.dll Shell Publishing Wizard Object - {6b33163c-76a5-4b6c-bf21-45de9cd503a1} - C:\WINDOWS\System32\netplwiz.dll Shell Rebar BandSite - {ECD4FC4D-521C-11D0-B792-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll Shell Scrap DataHandler - {56117100-C0CD-101B-81E2-00AA004AE837} - shscrap.dll Sony Ericsson File Manager - {A5110426-177D-4e08-AB3F-785F10B4439C} - C:\Program Files\Sony Ericsson\Mobile\File Manager\fmgrgui.dll Subscription Folder - {F5175861-2688-11d0-9C5E-00AA00A45957} - C:\WINDOWS\System32\webcheck.dll Subscription Mgr - {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} - C:\WINDOWS\System32\webcheck.dll Summary Info Thumbnail handler (DOCFILES) - {9DBD2C50-62AD-11d0-B806-00C04FD706EC} - C:\WINDOWS\system32\shimgvw.dll Taskbar and Start Menu - {0DF44EAA-FF21-4412-828E-260A8728E7F1} - Tasks Folder Icon Handler - {DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF} - C:\WINDOWS\System32\mstask.dll Tasks Folder Shell Extension - {797F1E90-9EDD-11cf-8D8E-00AA0060F5BF} - C:\WINDOWS\System32\mstask.dll Temporary Internet Files - {7BD29E00-76C1-11CF-9DD0-00A0C9034933} - C:\WINDOWS\System32\shdocvw.dll Temporary Internet Files - {7BD29E01-76C1-11CF-9DD0-00A0C9034933} - C:\WINDOWS\System32\shdocvw.dll The Internet - {3DC7A020-0ACD-11CF-A9BB-00AA004AE837} - C:\WINDOWS\System32\shdocvw.dll Track Popup Bar - {acf35015-526e-4230-9596-becbe19f0ac9} - C:\WINDOWS\System32\browseui.dll TrayAgent - {E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7} - C:\WINDOWS\System32\webcheck.dll TridentImageExtractor - {7376D660-C583-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\browseui.dll User Accounts - {7A9D77BD-5403-11d2-8785-2E0420524153} - User Assist - {DD313E04-FEFF-11d1-8ECD-0000F87A470C} - C:\WINDOWS\System32\browseui.dll Video Media Properties Handler - {40C3D757-D6E4-4b49-BB41-0E5BBEA28817} - C:\WINDOWS\System32\shmedia.dll Video Thumbnail Extractor - {c5a40261-cd64-4ccf-84cb-c394da41d590} - C:\WINDOWS\System32\shmedia.dll Wav Properties Handler - {E4B29F9D-D390-480b-92FD-7DDB47101D71} - C:\WINDOWS\System32\shmedia.dll Web Folders - {BDEADF00-C265-11D0-BCED-00A0C90AB50F} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL Web Printer Shell Extension - {77597368-7b15-11d0-a0c2-080036af3f03} - printui.dll Web Publishing Wizard - {CC6EEFFB-43F6-46c5-9619-51D571967F7D} - C:\WINDOWS\System32\netplwiz.dll Web Search - {07798131-AF23-11d1-9111-00A0C98BA67D} - C:\WINDOWS\System32\browseui.dll WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\System32\webcheck.dll WebCheck SyncMgr Handler - {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} - C:\WINDOWS\System32\webcheck.dll WebCheckChannelAgent - {E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB} - C:\WINDOWS\System32\webcheck.dll WebCheckWebCrawler - {08165EA0-E946-11CF-9C87-00AA005127ED} - C:\WINDOWS\System32\webcheck.dll Windows Media Player Add to Playlist Context Menu Handler - {F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} - C:\WINDOWS\System32\wmpshell.dll Windows Media Player Burn Audio CD Context Menu Handler - {CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} - C:\WINDOWS\System32\wmpshell.dll Windows Media Player Play as Playlist Context Menu Handler - {8DD448E6-C188-4aed-AF92-44956194EB1F} - C:\WINDOWS\System32\wmpshell.dll WinRAR shell extension - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll WinZip - {E0D79304-84BE-11CE-9641-444553540000} - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL WinZip - {E0D79305-84BE-11CE-9641-444553540000} - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL WinZip - {E0D79306-84BE-11CE-9641-444553540000} - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL WinZip - {E0D79307-84BE-11CE-9641-444553540000} - C:\PROGRA~1\WINZIP\WZSHLSTB.DLL [This user (1)] Web Folders - {BDEADF00-C265-11d0-BCED-00A0C90AB50F} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL -------------------- Registry 'Run' keys: [User Run] ctfmon.exe = C:\WINDOWS\System32\ctfmon.exe MsnMsgr = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background swg = C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.4884\GoogleToolbarNotifier.exe [System Run] !AVG Anti-Spyware = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized AtiPTA = atiptaxx.exe IMJPMIG8.1 = C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32 iPodManager = C:\Program Files\iPod\bin\iPodManager.exe iTunesHelper = C:\Program Files\iTunes\iTunesHelper.exe LTSMMSG = LTSMMSG.exe mmtask = C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe MMTray = C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe NeroCheck = C:\WINDOWS\system32\NeroCheck.exe PHIME2002A = C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName PHIME2002ASync = C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime SmcService = C:\PROGRA~1\Sygate\SPF\smc.exe -startgui SunJavaUpdateSched = C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot -------------------- Protocols: [Pluggable MIME filters (9)] application/octet-stream = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} = C:\WINDOWS\System32\mscoree.dll application/x-complus = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} = C:\WINDOWS\System32\mscoree.dll application/x-msdownload = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} = C:\WINDOWS\System32\mscoree.dll Class Install Handler = {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} = C:\WINDOWS\system32\urlmon.dll deflate = {8f6b0360-b80d-11d0-a9b3-006097942311} = C:\WINDOWS\system32\urlmon.dll gzip = {8f6b0360-b80d-11d0-a9b3-006097942311} = C:\WINDOWS\system32\urlmon.dll lzdhtml = {8f6b0360-b80d-11d0-a9b3-006097942311} = C:\WINDOWS\system32\urlmon.dll text/webviewhtml = {733AC4CB-F1A4-11d0-B951-00A0C90312E1} = C:\WINDOWS\system32\SHELL32.dll text/xml = {807553E5-5146-11D5-A672-00B0D022E945} = C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL [Protocol handlers (25)] about = {3050F406-98B5-11CF-BB82-00AA00BDCE0B} = C:\WINDOWS\System32\mshtml.dll cdl = {3dd53d40-7b8b-11D0-b013-00aa0059ce02} = C:\WINDOWS\system32\urlmon.dll dvd = {12D51199-0DB5-46FE-A120-47A3D7D937CC} = C:\WINDOWS\System32\msvidctl.dll file = {79eac9e7-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\system32\urlmon.dll ftp = {79eac9e3-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\system32\urlmon.dll gopher = {79eac9e4-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\system32\urlmon.dll http = {79eac9e2-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\system32\urlmon.dll https = {79eac9e5-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\system32\urlmon.dll its = {9D148291-B9C8-11D0-A4CC-0000F80149F6} = C:\WINDOWS\System32\itss.dll javascript = {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} = C:\WINDOWS\System32\mshtml.dll lid = {5C135180-9973-46D9-ABF4-148267CBB8BF} = C:\WINDOWS\System32\msvidctl.dll local = {79eac9e7-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\system32\urlmon.dll mailto = {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} = C:\WINDOWS\System32\mshtml.dll mhtml = {05300401-BCBC-11d0-85E3-00C04FD85AB4} = C:\WINDOWS\System32\inetcomm.dll mk = {79eac9e6-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\system32\urlmon.dll ms-its = {9D148291-B9C8-11D0-A4CC-0000F80149F6} = C:\WINDOWS\System32\itss.dll msnim = {828030A1-22C1-4009-854F-8E305202313F} = "C:\PROGRA~1\MSNMES~1\msgrapp.dll" mso-offdap = {3D9F03FA-7A94-11D3-BE81-0050048385D1} = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL mso-offdap11 = {32505114-5902-49B2-880A-1F7738E5A384} = C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL res = {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} = C:\WINDOWS\System32\mshtml.dll sysimage = {76E67A63-06E9-11D2-A840-006008059382} = C:\WINDOWS\System32\mshtml.dll tv = {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} = C:\WINDOWS\System32\msvidctl.dll vbscript = {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} = C:\WINDOWS\System32\mshtml.dll vnd.ms.radio = {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} = C:\WINDOWS\System32\msdxm.ocx wia = {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} = C:\WINDOWS\System32\wiascr.dll -------------------- WOW compatibility: cmdline = C:\WINDOWS\system32\ntvdm.exe wowcmdline = C:\WINDOWS\system32\ntvdm.exe -a C:\WINDOWS\system32\krnl386 [KnownDlls (16-bit) (40)] avicap.dll avifile.dll comm.drv commdlg.dll compobj.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mapi.dll mciavi.drv mciseq.drv mciwave.drv mmsystem.dll mouse.drv msacm.dll msvideo.dll netapi.dll ole2.dll ole2disp.dll ole2nls.dll olecli.dll olesvr.dll pmspl.dll progman.exe rasapi16.dll shell.dll sound.drv storage.dll system.drv timer.drv toolhelp.dll typelib.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe [KnownDlls (32-bit) (20)] advapi32.dll comdlg32.dll gdi32.dll imagehlp.dll kernel32.dll lz32.dll ole32.dll oleaut32.dll olecli32.dll olecnv32.dll olesvr32.dll olethk32.dll rpcrt4.dll shell32.dll url.dll urlmon.dll user32.dll version.dll wininet.dll wldap32.dll -------------------- ShellServiceObjectDelayLoad: [All users (4)] CDBurn = {fbeb8a05-beee-4442-804e-409d6c4515e9} = C:\WINDOWS\system32\SHELL32.dll PostBootReminder = {7849596a-48ea-486e-8937-a2a3009f31a9} = C:\WINDOWS\system32\SHELL32.dll SysTray = {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\System32\stobject.dll WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = C:\WINDOWS\System32\webcheck.dll -------------------- Winsock LSP: [Protocols (18)] MSAFD Tcpip [TCP/IP] - {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD Tcpip [UDP/IP] - {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} - C:\WINDOWS\system32\mswsock.dll RSVP UDP Service Provider - {9D60A9E0-337A-11D0-BD88-0000C082E69A} - C:\WINDOWS\system32\rsvpsp.dll RSVP TCP Service Provider - {9D60A9E0-337A-11D0-BD88-0000C082E69A} - C:\WINDOWS\system32\rsvpsp.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{8D4B7C0A-FDB3-4B8F-B526-7CFC51DBFFF1}] SEQPACKET 4 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{8D4B7C0A-FDB3-4B8F-B526-7CFC51DBFFF1}] DATAGRAM 4 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{24DC7117-E1CC-474C-AA4A-5CEC2387C758}] SEQPACKET 0 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{24DC7117-E1CC-474C-AA4A-5CEC2387C758}] DATAGRAM 0 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{FB6EDB42-1E2A-4C98-8A2E-F40D6643467E}] SEQPACKET 1 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{FB6EDB42-1E2A-4C98-8A2E-F40D6643467E}] DATAGRAM 1 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{B17F54C6-4836-4708-AC7D-C3229FC3512B}] SEQPACKET 2 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{B17F54C6-4836-4708-AC7D-C3229FC3512B}] DATAGRAM 2 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{50564BA7-D329-46CA-A5A5-9F131481E66C}] SEQPACKET 3 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{50564BA7-D329-46CA-A5A5-9F131481E66C}] DATAGRAM 3 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{35DD9050-2391-443B-B9E3-FA795EC20716}] SEQPACKET 5 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{35DD9050-2391-443B-B9E3-FA795EC20716}] DATAGRAM 5 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{59BD2C6A-E9E9-4557-8FFD-C8C1A325ACD6}] SEQPACKET 6 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{59BD2C6A-E9E9-4557-8FFD-C8C1A325ACD6}] DATAGRAM 6 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll [Namespace Providers (3)] Tcpip - {22059D40-7E9E-11CF-AE5A-00AA00A7112B} - C:\WINDOWS\System32\mswsock.dll NTDS - {3B2637EE-E580-11CF-A555-00C04FD8D4AC} - C:\WINDOWS\System32\winrnr.dll Network Location Awareness (NLA) Namespace - {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83} - C:\WINDOWS\System32\mswsock.dll -------------------- Hijack points: [Reset web settings URLs] SearchAssistant = CustomizeSearch = START_PAGE_URL = SEARCH_PAGE_URL = MS_START_PAGE_URL = [Internet Explorer URLs] * This user * - Internet Explorer\Main (4) Local Page = C:\WINDOWS\System32\blank.htm Search Bar = http://www.google.com/ie Search Page = http://www.google.com Start Page = http://www.google.co.uk/ - Internet Explorer\Search (1) SearchAssistant = http://www.google.com/ie - Internet Explorer\SearchURL (1) (Default) = http://www.google.com/search?q=%s - Internet Explorer\Desktop\General (2) BackupWallpaper = %USERPROFILE%\Local Settings\Application Data\Microsoft\Wallpaper1.bmp Wallpaper = %USERPROFILE%\Local Settings\Application Data\Microsoft\Wallpaper1.bmp * All users * - Internet Explorer\Main (5) Default_Page_Url = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome Default_Search_Url = http://www.google.com/ie Local Page = %SystemRoot%\system32\blank.htm Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home - Internet Explorer\Search (3) CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm Default_Search_Url = http://www.google.com/ie SearchAssistant = http://www.google.com/ie - Internet Explorer\AboutURLs (6) blank = res://mshtml.dll/blank.htm DesktopItemNavigationFailure = res://shdoclc.dll/navcancl.htm NavigationCanceled = res://shdoclc.dll/navcancl.htm NavigationFailure = res://shdoclc.dll/navcancl.htm OfflineInformation = res://shdoclc.dll/offcancl.htm PostNotCached = res://mshtml.dll/repost.htm [Default URL prefixes] default = http:// ftp = ftp:// gopher = gopher:// home = http:// mosaic = http:// www = http:// [Hosts file location] DatabasePath = C:\WINDOWS\System32\drivers\etc\hosts -------------------- Protection & disabled items: [Hosts file (1)] * 127.0.0.1 * localhost [ActiveX killbits (13)] &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll (no name) - {111C85E9-BB62-4528-A806-F0BE908E02F0} - "C:\PROGRA~1\MSNMES~1\msgsc.dll" (no name) - {323C0F99-820A-4e0b-B714-57942C6D9678} - "C:\PROGRA~1\MSNMES~1\msgsc.dll" (no name) - {6FBF8DD5-9E03-4af5-B779-FEBEF6754712} - "C:\PROGRA~1\MSNMES~1\msgsc.dll" (no name) - {F4C30BB5-D7FC-4d60-9D49-7C6B67C3592D} - "C:\PROGRA~1\MSNMES~1\msgsc.dll" (no name) - {F5F545A6-39C4-40b5-814D-B45040A89FB5} - "C:\PROGRA~1\MSNMES~1\msgsc.dll" (no name) - {F81CD990-910B-4bbf-9CB3-6A77F3D697B3} - "C:\PROGRA~1\MSNMES~1\msgsc.dll" ActiveXPlugin Object - {06DD38D3-D187-11CF-A80D-00C04FD74AD8} - C:\WINDOWS\System32\plugin.ocx ADODB.Stream - {00000566-0000-0010-8000-00AA006D2EA4} - C:\Program Files\Common Files\System\ado\msado15.dll CEnroll Class - {43F8F289-7A20-11D0-8F06-00C04FC295E1} - C:\WINDOWS\system32\xenroll.dll HHCtrl Object - {ADB880A6-D8FF-11CF-9377-00AA003B7A11} - C:\WINDOWS\System32\hhctrl.ocx LM Runtime Control - {183C259A-0480-11d1-87EA-00C04FC29D46} - C:\WINDOWS\System32\lmrt.dll RegWizCtrl - {50E5E3D1-C07E-11D0-B9FD-00A0249F6B00} - C:\WINDOWS\System32\regwizc.dll [Zones] * This user * - Restricted sites (1056) .00hq.com .75tz.com .aavc.com .acjp.com .count.cc .ebav.com .ebaw.com .ebch.com .ebdv.com .ebdw.com .ebgo.com .ebjp.com .ebkb.com .ebkn.com .ebky.com .eblv.com .ebmu.com .ebvr.com .ecmh.com .ecmp.com .ecpm.com .ecwz.com .ecyb.com .edhq.com .edty.com .eduy.com .eeev.com .emch.com .farse.com .ibmx.com .icwb.com .icwo.com .icwp.com .iddh.com .idhh.com .iefeadsl.com .ifiz.com .iguu.com .lop.com .rf104.com .roar.com .samz.com .saoe.com .sbee.com .sbjr.com .sbnl.com .sbnt.com .sbvr.com .scbm.com .sckr.com .scrk.com .sdry.com .seld.com .sfux.com .sheat.com .sipo.com .smds.com .srib.com .srox.com .srsf.com .ssaw.com .ssby.com .surj.com .tbvg.com .tdak.com .tdko.com .tdmy.com .tefs.com .tfil.com .thko.com .tjar.com .tjaw.com .tjdo.com .tjem.com .tjgo.com .topx.cc .torc.com .wabq.com .wabu.com .wbkb.com .wfix.com .wflu.com 008i.com 008k.com 00hq.com 100sexlinks.com 157.238.62.14 171203.com 17-plus.com 193.125.201.50 1-domains-registrations.com 1sexparty.com 1stpagehere.com 2020search.com 209.66.114.130 213.131.225.2 216.65.3.68 24teen.com 2ndpower.com 36site.com 39-93.com 4corn.net 66.117.14.138 66.197.100.83 66.197.138.235 66.250.107.100 66.250.107.101 66.250.107.99 66.250.130.194 66.250.170.107 66.250.57.26 66.250.57.27 66.250.57.28 66.250.74.150 66.40.16.198 777search.com 777top.com 7search.com 8ad.com aboutclicker.com abrp.net accessthefuture.net acemedic.com ace-webmaster.com actionbreastcancer.org activexupdate.com adamsupportgroup.org adasearch.com adipics.com ads.centralmedia.ws adspics.com adult-engine-search.com adult-erotic-guide.net adult-friends-finder.net adulthyperlinks.com adult-personal.us adulttds.com advert.exaccess.ru africaspromise.org agentstudio.com aifind.info akril.com alcatel.ws alfa-search.com allabtcars.com allabtjeeps.com allcybersearch.com allhyperlinks.com all-inet.com allinternetbusiness.com almarvideos.com amandamountains.com amateurliveshow.com amigeek.com amisbusiness.com analmovi.com anarchylolita.com anarchyporn.com anin.org annaromeo.com antrocity.com anything4health.com approvedlinks.com apps.webservicehost.com apsua.com aregay.com arheo.com arizonaweb.org armitageinn.com artachnid.com art-func.com art-xxx.com asiankingkong.com ass-gals.com athenrye.com avian-ads.com ayakawamura.com ayumitaniguchi.com babe.k-lined.com babe.the-killer.bz babeweb.de bannedhost.net barbudafarms.com barnandfence.com batsearch.com baygraphicsllc.com bbbsearch.com bb-search.com bedhome.com bediadance.com bellabasketsfl.com bernaolatwin.com best-counter.com bestcrawler.com bestfor.ru best-hardpics.com bestporngate.com best-winning-casino.com bestxporno.com blackjack-free.net blazefind.com blender.xu.pl blondetgp.com bodaciousbabette.com boobdoll.com boobsandtits.com boobsclub.com boredlife.com bowlofogumbo.com bradcoem.org brandiyoung.com brookeburn.com bucps.com burgerkingbigscreen.com buscards.net bustyrussell.com buttejazz.org buyselldomain.net buz.ru c.centralmedia.ws calcioturris.com cameup.com canberracricketcoaching.com candycantaloupes.com cantfind.com careers.dulcineasystems.net carsands.com carsrentals.net cashsearch.biz casino.com.free.game.pogo.gratisdownloads.nl casino2win.net casino-gambling-1.net casino-gambling-2.net casinomidas.net casinonline.net casino-onlines.net castingsamateur.com catallogue.com categories.mygeek.com catsss.da.ru caxa.ru cclebali.org ceewawires.org certumgroup.com chelancatering.com childrenvilla.com chips-4-free.com chrisswasey.com chriswallace.net ckick4thumbs.com cl55.biz clackamasliteraryreview.com clearsearch.cc clearsearch.net clickaire.com clickyestoenter.net clrsch.com cmtapestry.com coolfetishsite.com coolfreehost.com coolfreepage.com coolfreepages.com cool-homepage.co cool-homepage.com coolmoneysearch.com coolpornsearch.com cool-search.net cool-search.netfartpost.com coolsearcher.info coolwebsearch. coolwebsearch.com cool-web-search.com coolwebsearsh.com coolwwwsearch. coolwwwsearch.com cool-xxx.net copmtraine.com couldnotfind.com count-all.com cracks.me.uk creamedcutties.com creditsearchonline.com crestring.com crooder.com curvedspaces.com cvs.jps.ru cvsymphony.com cyberrape.com cydom.com daily-gals.com dailyteenspic.com dancingbabycd.com datanotary.com datareco.com dating-search.net davemarshall.org dcfitusa.com defaultsearch.net desarrollocreativo.com dev.ntcor.com develip.com dewis.spb.ru dewis.us df809jow4wj2304lfd0sf9fsd0a2t4ldf809jow4wj2304lfd0sf9fsd0a2t4ld.biz dialer2004.com dialerclub.com did.i-used.cc dietpills4free.com dietpussy.com digistreamsa.com digital-pornography.com dionforvalleycouncil.org doctorwaldron.com document-not-found.pornpic.org doggyaction.com domains2003.net domains-for-you-online.com domain-your-registration.com domkrat.com dp-host.com dragqueen.gay-clan.com drug-sources-exposed.com drvvv.com duolaimi.net dutch-sex.com dvdbank.org eager-sex.com eases.net easycategories.com easy-search.net ecosrioplatenses.org ecstasyporn.net eikokoike.com e-localad.com e-plus.cc epornsex.com ergosites.com euuu.com evidence-detector.biz evilspidercomics.com ewebsearch.net e-websitesolutions.com excellentsckin.com exit.megago.com extremeseek.net ez-searching.com faithstevens.com fantasiewelten.com farmsteadbandb.com fartpost.com fastmetasearch.com fastwebfinder.com faxporn.com featured-results.com fickenisgeil.de finance-loans.com find4u.net find-itnow.com findit-now.com findloss.com findthesite.com findthewebsiteyouneed.com find-uk-health.co.uk findwhat.com findwhatevernow.com fionasteel.com firstbookmark.net fitness-free.com foodvacations.net forex.jps.ru forexcredit.com forexcredit.ru formingfusions.com forsythfire.net forthline.com free4porno.net free64all.com freebookmark.net freebookmarks.net freecategories.com free-chipes.com freecj.com freecoolhost.com free-hit.com freehqmovies.com free-pics-and-movies.com freerbhost.com freescratchandwin.com free-sex-movie-clips.net freeshemalepics.net freeyaho.com freshseek.com freshteensite.com gabrielscott.com galpostgirls.com gals-for-free.com gambling-online4you.com gameterror.net gay50.com generalsmeltingofcanada.com germany.rub.to geteens.com getpicshere.com gimmezamore.com gimnasiaer.com girls-porn-life.com glbdf.org global-finder.com globalwebsearch.com globe-finder.cc globe-finder.com globesearch.com gocybersearch.com golftennis.net good-mortgages.net good-mortgages-calculator.com goodsexs.com google123.web1000.com googlebar.jps.ru googlf.com gradforum.org gratis-porn-movie.com gratis-pornopics.com greg-search.com gtawarehouse.com gueb.com guzzycats.com gzphoenix.com H24413.tfil.com hallnetaccolade.com hand-book.com happyanal.com hardbodytgp.com hardcoreover.com hard-gals.com hardloved.com hardwareseek.net harukaigawa.com hccsolanonapa.org health-protein.com hentai4u.net here4search.com heyrichy.com hi.studioaperto.net hiddenguides.com hi-search.com hitlistlyrics.com holidayautostr.com homemortage.ws hostssp.com hotbar.com hotbookmark.com hot-cartoon-sex.anime.american-teens.net hotels-list.net hotelxxxcams.com hotfreebies.com hotlolitas.underagehost.com hotpopup.com hotsearchbox.com hotsex-series.com hotstartpage.com hqsex.biz hugeporn4u.net hunacsa.com hupacasath.com hzsx.com icansearch.net idgsearch.com ie.marketdart.com ie-search.com i-lookup.com incest-host.com incestporngate.com infodigger.net infoglobus.com inherhole.com insertthiscock.com insuranceall.net insurance-flood.net internetsearch.ru ionichost.com ionomist.com ipsex.net ironcarteam.com is-best.com istarthere.com itsanal.com itseasy.us iweb-commerce.com iwebland.com iwon.com jeannineoldfield.com jethomepage.com jetseeker.com jmhgallery.org joannelatham.com judin.ru junkysex.com kabex.com karleyt.narod.ru kathisomers.com kazaa-lite.ws keithgreenpro.com kenmccaul.com killerpornstars.com kilosex.com kimhines.com kinoru.com kliksearch.com krankin.com ksdspups.org landrape.com lauraroebuck.com leannalovelace.com lesobank.ru libertyonlinehosting.com lingerie-mania.com linksummary.com lisamatthew.com live.sex-explorer.com liveholio.com livenewspaper.com loading-lolita.com lolita4all1.xrensmagpost.com lollitop.com louiseleeds.com loveadot.com love-host.com lovelas.com lovelysearch.com love-pix.com low-taxes.com luckysearch.net lunitaweb.net lustful-porno.com mackinnonsbrook.org madfinder.com madisonmoons.com madisonoilco.com madonalive.com mafiapics.com majuozawa.com makin-do.com male4free.com map-quest.org marilynchamber.com martfinder.com massearch.com masterbar.com matetrava.com mature50.com matureporngate.com maxdzines.com mayancasino.com mcgeeforlabor.com mdstunisie.org medicare-insurance.net medicare-supplemental.com mega-dating-tips.com megaseek.net megumikanzaki.com meshalynn.com meta-adult.com meta-casino.com metafora.ru meta-mobile.com metapoisk.ru meta-porn.com michiyonakajima.com miconsultamedica.com mikasakamoto.com mikoni.com militarygods.porn4porn.net millennialpeople.org miosearch.com mipham.org missingcommand.com mixsearch.com mommykiss.com moneyhunters.com montgomeryhospitalanesthesia.com morflot.com mortgage-debt.net mortismaximus.com moscowwhores.com moviecategories.com mp3-pix.com mrtg.jps.ru msn-info.net multipussy.com mundopolar.com munky.com mustv.com myexexex.com my-finder.com mywebsearch.net nativehardcore.com naturalspy.com nbasportsbook.net nellyslyrics.com nepgyan.com nesrecords.com netshastra.net nettime.ru nettracker.jps.ru netyellowpages.info newcategories.com newcracks.com newcracks.net new-incest.com newlife-lajolla.com newsexgate.com newtonknows.com newtonsracks.com newtopsites.com newxpics.com nhlsportsbook.net niagaracapital.com niche-tv.com nmrba.com noblindlinks.com nocalories.net nocensor.com nsbabes.com nuclearwitness.org nursemania.com nvntour.com nvphall.org oborot.com ocalalivestockmarket.com ocsff.com oeatlanta.com oharrowsearch.com okmmm.com ok-search.com okulta.com omegabrains.net omega-search.com online-casino-1.net online-casino-bonus.info online-casinos-x.com onlineclick.net onlineserverz.com onlinetradings.net online-winning.net onlycunt.com onlyinsured.com onlysex.ws only-virgins.com operanabuco.com opsex.com orbitexplorer.com oregoncharters.org ormandcompany.com otrlives.com out.true-counter.com ozawamadoka.com paigesummer.com pamelacollections.com panamcup.com pantygirls4u.com pantyhoserealm.com pantyplace.com partner23.firehunt.com passthison.com pastubes.com paulapage.com paulhoover.com payfortraffic.net pedo.ws people.1gb.ru pervertbot.com pharmacy2003.com pharma-diet-pills.com pharmalocator.com phendimetrazine-tenuate-adipex.com picsdir.com picsforbucks.com picsofseductiveladies.com pics-videos.com pills-birth-control.com pillsmall.com pilotronix.com pixpox.com planemusic.com poiska.net poker-casino-free.com poker-games-free.net polradiologia.com pooi.net porncamz.com pornfree.info pornnightdreams.com pornokopec.com porn-teacher.com porntetris.com porntwist.com powerwebsearch.com prblitz.com pretypics.com pribalt.com privacy-support.biz privateporn.net prolivation.com prostactive.com prostol.com protect-yourself.biz prsainlandempire.org put-your-link-here.com pyrocorp.com quicklaunch.com quick-search.ws quiksearchgenealogy.com r.babenet.com radfrall.org ramgo.com ranafrog.ne rapegate.com rawtocash.net realphx.com redbudbmx.com refinance-help.com regfreeze.com removeearthkeepers.org revolto3.da.ru rightfinder.net robbsproshop.com robertferencz.com rocketsearch.com rotocasters.com royalsearch.net runsearch.com russiansponsor.com russogay.com ruworld.com s2.exocrew.com sacitylife.com samplegals.com sb.htm sbssurvivor.com scarypix.com sccdnet.com schoolforest.com screensaver.it search.ieplugin.com search.imiserver.com search.netzany.co search.psn.cn search.rub.to search.shopnav.com search.xrenoder.com search-1.net search-2003.com search-about.net searchaccurate.com searchadultweb.com searchalot.com searchandbrowse.com searchandclick.com searchbutler.com searchbutler.org searchbuttler.com searchby.net searchcentrix.com searchcomplete.com searchdesire.com searchdot.com searchdot.net searchenhancement.com search-exe.com searchexpander.com search-explorer.net searchfastnet.com searchforge.com searchgateway.net search-hawk.com searching-the-net.com search-log.com searchmadesafe.net search-meta.com searchmeta.md searchmeta.net searchmeta.ru searchmeta.webhost.ru searchmeup.com searchnow.ws searchonfly.com searchresult.net search-safe.com searchsquire.com searchv.com searchxl.com searchxp.com sebot.com secondpower.com secret-crush.com securenp.org security-warning.biz seehardcore.com seekseek.com seekwell.net selfbookmark.com selfbookmark.info selfbookmark.net selltraffic.biz server-au.imrworldwide.com sex.free4porno.net sexarena.com sexarena.org sex-coach.com sex-festival.com sexgalleries4all.com sexmoviesnet.com sexocean.play-lolita.com sexolymp.com sexpatriot.net sexunique.net sex-video-galleries.com sexy18.cc sexycat.adult-host.org sfbayfolkboats.com sgirls.net sharempeg.com shopcards.net shopknights.com sic02.com sinpussy.com sintrader.com site1.ru sites-in-web.com sitevictoria.com sixroads.com skakalka.ru skeech.com slawsearch.com slotch.com smartsumo.com smutarchive.net smutserver.com solongas.com sonomaevents.com spermatrix.com spidersearch.com sportbooks-free4you.com spros.com spyass.com spyorgy.net sqwire.com srng.net staceyowens.com stacistaxx.com stacystaxx.com startium.com start-seite.com start-space.com startsurfing.com steamycock.com sterva.com stevecashdollar.com stop-tracking.biz stopvotefraud.com stopxxxpics.com strekoza.com stuffstore.com styleclickink.com summercollins.com summitcross.com supersexmachine.com super-spider.com superwebsearch.com super-websearch.com superwp.by.ru supret.com sureseeker.com surferbar.com suzannebrecht.com sweeteenz.com t.rack.cc tacil.org tangounion.com tastethemusic.com tax-refund4you.com tech-jobs.ws technology-related.com teen-biz.com teenhost.net teen-pic-post.com teenpornosex.com teens4free.net teensact.com teensgate.com teensguru.com teenswamp.com terafinder.com testosterone-birth-control.com the-exit.com thefakejournal.com the-huns-yellow-pages.com thehuy.net theproxy.org therealsearch.com thesten.com thornleygroup.com tings.org tinybar.com titanvision.com titsianna.com tit-x.com toddhayes.com tooncomics.com toon-comics.com topsearcher.com topsite.us topsites.us topsitez.us toriii.cc trafficback.com trafficswitcher.com travel.picture-posters.com true-counter.com true-portal.com trytechnical.com ufindall.click-now.net ultraload.net umaxsearch.com une-autre-france.com unigays.com unipages.cc unitedstates.rub.to up2you.ru uralitel.ru urawa.cool.ne.jp urlstat.com urlstat.ru ursie.net utahsweet.com utopicportal.com uusocialjustice.org v61.com vaginpics.com valmyers.com vegas-free.com vegbuy.com veloventures.com verzila.com victoriaadam.com videocategories.com vitamins-for-each.com votehowe.org vse-moe.biz vxebony.com wakeupdick.com warnomore.org watersport-specialties.com wazzupnet.com webcoolsearch.com web-entrance.co web-homepage.net web-search.tk websearchdot.com weekend-movies.com wethere.com wetpornostars.com whatsyoursearch.com whazit.com white-pages.ws whittierblvd.com windowenhancer.com win-in-casino.com wiresearch.com wish7.com wolfpacracing.com wordlist.jps.ru worldusa.com wowsearch.org wpc2001.org wspzone.sexpornonline.com www.139mm.com www.allcybersearch.com www.blue-elefant.com www.bonzi.com www.browserwise.com www.cashsurfers.com www.cnetadd.com www.commonname.com www.digitalfan.com www.ezcybersearch.com www.free-popup-killer.com www.gocybersearch.com www.gohip.com www.hastalavista.com www.hityou.com www.huntbar.com www.jethomepage.com www.seekporn.org www.sidefind.com www.supersexpass.com www.teenmonster.com www.tinybar.com www.topsearcher.com www.v61.com www.wazzupnet.com www.webbrowser.tv www.websearch.com www.xjupiter.com www.xtipp.de www.xupiter.com www.xxx.com wwwbet.net wwwbetting.net wwwpokergames.com wwwpokerplayers.com wwwroulette.net xads.cliks.org xcomics4u.com xic-bs.com xjupiter.com xldr.com x-library.com xlola.underagehost.com xp18.com xrenosearch.com xsex.ws xtragay.com xu.xu.pl x-webdesign.com xwebsearch.biz xxxcategories.com xxxemailxxx.com xxxtoolbar.com xzoomy.com y-e-l-l-o-w.com yellow500.com yezol.com youfindall.com youfindall.net yourbookmarks.info yourbookmarks.ws your-prescriptions.net you-search.com you-search.com.ru ypir.com ysa-info.net yukohamano.com ywebsearch.info zapros.com zesearch.com zestyfind.com ziportal.com zipportal.com znext.com zoneoffreeporn.com zoofil.com zoomegasite.com zvimigdal.com zyban-zocor-levitra.com [Stopped/disabled NT Services] * Stopped (46) * Adobe LM Service = "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe" Alerter = C:\WINDOWS\System32\svchost.exe -k LocalService Application Layer Gateway Service = C:\WINDOWS\System32\alg.exe Application Management = C:\WINDOWS\system32\svchost.exe -k netsvcs ASP.NET State Service = C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe ClipBook = C:\WINDOWS\system32\clipsrv.exe COM+ Event System = C:\WINDOWS\System32\svchost.exe -k netsvcs COM+ System Application = C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} Distributed Transaction Coordinator = C:\WINDOWS\System32\msdtc.exe Fast User Switching Compatibility = C:\WINDOWS\System32\svchost.exe -k netsvcs IMAPI CD-Burning COM Service = C:\WINDOWS\System32\imapi.exe Indexing Service = C:\WINDOWS\System32\cisvc.exe Internet Connection Firewall (ICF) / Internet Connection Sharing (ICS) = C:\WINDOWS\System32\svchost.exe -k netsvcs iPod Service = C:\Program Files\iPod\bin\iPodService.exe IPv6 Internet Connection Firewall = C:\WINDOWS\System32\svchost.exe -k netsvcs Logical Disk Manager = C:\WINDOWS\System32\svchost.exe -k netsvcs Logical Disk Manager Administrative Service = C:\WINDOWS\System32\dmadmin.exe /com Macromedia Licensing Service = "C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe" MS Software Shadow Copy Provider = C:\WINDOWS\System32\dllhost.exe /Processid:{20494B39-F3F4-43D5-8274-0236DBA05F37} Net Logon = C:\WINDOWS\System32\lsass.exe NetMeeting Remote Desktop Sharing = C:\WINDOWS\System32\mnmsrvc.exe Network Connections = C:\WINDOWS\System32\svchost.exe -k netsvcs Network DDE = C:\WINDOWS\system32\netdde.exe Network DDE DSDM = C:\WINDOWS\system32\netdde.exe Network Location Awareness (NLA) = C:\WINDOWS\System32\svchost.exe -k netsvcs NT LM Security Support Provider = C:\WINDOWS\System32\lsass.exe Office Source Engine = C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE Performance Logs and Alerts = C:\WINDOWS\system32\smlogsvc.exe Portable Media Serial Number Service = C:\WINDOWS\System32\svchost.exe -k netsvcs QoS RSVP = C:\WINDOWS\System32\rsvp.exe Remote Access Auto Connection Manager = C:\WINDOWS\System32\svchost.exe -k netsvcs Remote Access Connection Manager = C:\WINDOWS\System32\svchost.exe -k netsvcs Remote Desktop Help Session Manager = C:\WINDOWS\system32\sessmgr.exe Remote Procedure Call (RPC) Locator = C:\WINDOWS\System32\locator.exe Removable Storage = C:\WINDOWS\system32\svchost.exe -k netsvcs Smart Card = C:\WINDOWS\System32\SCardSvr.exe Smart Card Helper = C:\WINDOWS\System32\SCardSvr.exe SSDP Discovery Service = C:\WINDOWS\System32\svchost.exe -k LocalService Symantec AntiVirus Client = C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe Telephony = C:\WINDOWS\System32\svchost.exe -k netsvcs Terminal Services = C:\WINDOWS\System32\svchost.exe -k netsvcs Uninterruptible Power Supply = C:\WINDOWS\System32\ups.exe Universal Plug and Play Device Host = C:\WINDOWS\System32\svchost.exe -k LocalService Volume Shadow Copy = C:\WINDOWS\System32\vssvc.exe Windows Installer = C:\WINDOWS\System32\msiexec.exe /V WMI Performance Adapter = C:\WINDOWS\System32\wbem\wmiapsrv.exe * Stopped & disabled (2) * Human Interface Device Access = C:\WINDOWS\System32\svchost.exe -k netsvcs Routing and Remote Access = C:\WINDOWS\System32\svchost.exe -k netsvcs [Windows XP Security] * System Restore * - All users DisableSR = dword: 0 CreateFirstRunRp = dword: 1 DSMin = dword: 200 DSMax = dword: 400 RPSessionInterval = dword: 0 RPGlobalInterval = dword: 86400 RPLifeInterval = dword: 7776000 CompressionBurst = dword: 60 TimerInterval = dword: 120 DiskPercent = dword: 12 ThawInterval = dword: 900 RestoreDiskSpaceError = dword: 0 ================================================== = Other users on this computer: Default user = ================================================== -------------------- Autostart folders: [User Startup] desktop.ini -------------------- IniMapping values: User screensaver = logon.scr -------------------- Policies: [Alternate policies] * Software\Microsoft\Windows\CurrentVersion\policies\Explorer (1) * NoDriveTypeAutoRun = dword: 145 -------------------- Internet Explorer toolbars: [WebBrowser (3)] &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll &Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll -------------------- Registry 'Run' keys: [User Run] CTFMON.EXE = C:\WINDOWS\System32\CTFMON.EXE ================================================== = Other users on this computer: LOCAL SERVICE = ================================================== -------------------- Autostart folders: [User Startup] desktop.ini -------------------- IniMapping values: User screensaver = C:\WINDOWS\System32\logon.scr -------------------- Policies: [Alternate policies] * Software\Microsoft\Windows\CurrentVersion\policies\Explorer (1) * NoDriveTypeAutoRun = dword: 145 -------------------- Registry 'Run' keys: [User Run] CTFMON.EXE = C:\WINDOWS\System32\CTFMON.EXE ================================================== = Other users on this computer: NETWORK SERVICE = ================================================== -------------------- Autostart folders: [User Startup] desktop.ini -------------------- IniMapping values: User screensaver = C:\WINDOWS\System32\logon.scr -------------------- Policies: [Alternate policies] * Software\Microsoft\Windows\CurrentVersion\policies\Explorer (1) * NoDriveTypeAutoRun = dword: 145 -------------------- Registry 'Run' keys: [User Run] CTFMON.EXE = C:\WINDOWS\System32\CTFMON.EXE ================================================== = Other users on this computer: SYSTEM = ================================================== -------------------- Autostart folders: [User Startup] desktop.ini -------------------- IniMapping values: User screensaver = logon.scr -------------------- Policies: [Alternate policies] * Software\Microsoft\Windows\CurrentVersion\policies\Explorer (1) * NoDriveTypeAutoRun = dword: 145 -------------------- Internet Explorer toolbars: [WebBrowser (3)] &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll &Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll -------------------- Registry 'Run' keys: [User Run] CTFMON.EXE = C:\WINDOWS\System32\CTFMON.EXE ================================================== = Other hardware configurations: Last known good = ================================================== -------------------- On-reboot actions: BootExecute = autocheck autochk * -------------------- Services: [NT Services (39)] Ati HotKey Poller = C:\WINDOWS\System32\Ati2evxx.exe Automatic Updates = C:\WINDOWS\system32\svchost.exe -k netsvcs AVG Anti-Spyware Guard = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe Background Intelligent Transfer Service = C:\WINDOWS\System32\svchost.exe -k netsvcs Computer Browser = C:\WINDOWS\System32\svchost.exe -k netsvcs Cryptographic Services = C:\WINDOWS\system32\svchost.exe -k netsvcs DefWatch = C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe DHCP Client = C:\WINDOWS\System32\svchost.exe -k netsvcs Distributed Link Tracking Client = C:\WINDOWS\system32\svchost.exe -k netsvcs DNS Client = C:\WINDOWS\System32\svchost.exe -k NetworkService Error Reporting Service = C:\WINDOWS\System32\svchost.exe -k netsvcs Event Log = C:\WINDOWS\system32\services.exe Help and Support = C:\WINDOWS\System32\svchost.exe -k netsvcs IPSEC Services = C:\WINDOWS\System32\lsass.exe Messenger = C:\WINDOWS\System32\svchost.exe -k netsvcs Plug and Play = C:\WINDOWS\system32\services.exe Print Spooler = C:\WINDOWS\system32\spoolsv.exe Protected Storage = C:\WINDOWS\system32\lsass.exe Remote Procedure Call (RPC) = C:\WINDOWS\system32\svchost -k rpcss Remote Registry Protect = C:\WINDOWS\System32\svchost.exe -k netsvcs Secondary Logon = C:\WINDOWS\System32\svchost.exe -k netsvcs Security Accounts Manager = C:\WINDOWS\system32\lsass.exe Server = C:\WINDOWS\System32\svchost.exe -k netsvcs Shell Hardware Detection = C:\WINDOWS\System32\svchost.exe -k netsvcs Sygate Personal Firewall Pro = C:\Program Files\Sygate\SPF\smc.exe System Event Notification = C:\WINDOWS\system32\svchost.exe -k netsvcs System Restore Service = C:\WINDOWS\System32\svchost.exe -k netsvcs Task Scheduler = C:\WINDOWS\System32\svchost.exe -k netsvcs TCP/IP NetBIOS Helper = C:\WINDOWS\System32\svchost.exe -k LocalService Themes = C:\WINDOWS\System32\svchost.exe -k netsvcs Upload Manager = C:\WINDOWS\System32\svchost.exe -k netsvcs WebClient = C:\WINDOWS\System32\svchost.exe -k LocalService Windows Audio = C:\WINDOWS\System32\svchost.exe -k netsvcs Windows Image Acquisition (WIA) = C:\WINDOWS\System32\svchost.exe -k imgsvc Windows Management Instrumentation = C:\WINDOWS\system32\svchost.exe -k netsvcs Windows Time = C:\WINDOWS\System32\svchost.exe -k netsvcs Windows User Mode Driver Framework = C:\WINDOWS\System32\wdfmgr.exe Wireless Zero Configuration = C:\WINDOWS\System32\svchost.exe -k netsvcs Workstation = C:\WINDOWS\System32\svchost.exe -k netsvcs [SafeBoot services (Minimal boot)] * CD-ROM Drive * {4D36E965-E325-11CE-BFC1-08002BE10318} * DiskDrive * {4D36E967-E325-11CE-BFC1-08002BE10318} * Driver * dmboot.sys dmio.sys dmload.sys sermouse.sys vga.sys vgasave.sys * Driver Group * Base Boot Bus Extender Boot file system File system Filter PCI Configuration PNP Filter Primary disk SCSI Class System Bus Extender * Floppy disk drive * {4D36E980-E325-11CE-BFC1-08002BE10318} * FSFilter System Recovery * sr.sys * Hdc * {4D36E96A-E325-11CE-BFC1-08002BE10318} * Human Interface Devices * {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} * Keyboard * {4D36E96B-E325-11CE-BFC1-08002BE10318} * Mouse * {4D36E96F-E325-11CE-BFC1-08002BE10318} * PCMCIA Adapters * {4D36E977-E325-11CE-BFC1-08002BE10318} * SCSIAdapter * {4D36E97B-E325-11CE-BFC1-08002BE10318} * Service * AppMgmt CryptSvc dmadmin dmserver EventLog HelpSvc Netlogon PlugPlay RpcSs SRService vds WinMgmt * Standard floppy disk controller * {4D36E969-E325-11CE-BFC1-08002BE10318} * System * {4D36E97D-E325-11CE-BFC1-08002BE10318} * Universal Serial Bus controllers * {36FC9E60-C465-11CF-8056-444553540000} * Volume * {71A27CDD-812A-11D0-BEC7-08002BE2092F} * Volume shadow copy * {533C5B84-EC70-11D2-9505-00C04F79DEAF} [SafeBoot services (Minimal boot + network support)] * CD-ROM Drive * {4D36E965-E325-11CE-BFC1-08002BE10318} * DiskDrive * {4D36E967-E325-11CE-BFC1-08002BE10318} * Driver * dmboot.sys dmio.sys dmload.sys rdpcdd.sys rdpdd.sys rdpwd.sys sermouse.sys tdpipe.sys tdtcp.sys vga.sys vgasave.sys * Driver Group * Base Boot Bus Extender Boot file system File system Filter NDIS NDIS Wrapper NetBIOSGroup NetDDEGroup Network NetworkProvider PCI Configuration PNP Filter PNP_TDI Primary disk SCSI Class Streams Drivers System Bus Extender TDI * Floppy disk drive * {4D36E980-E325-11CE-BFC1-08002BE10318} * FSFilter System Recovery * sr.sys * Hdc * {4D36E96A-E325-11CE-BFC1-08002BE10318} * Human Interface Devices * {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} * Keyboard * {4D36E96B-E325-11CE-BFC1-08002BE10318} * Mouse * {4D36E96F-E325-11CE-BFC1-08002BE10318} * Net * {4D36E972-E325-11CE-BFC1-08002BE10318} * NetClient * {4D36E973-E325-11CE-BFC1-08002BE10318} * NetService * {4D36E974-E325-11CE-BFC1-08002BE10318} * NetTrans * {4D36E975-E325-11CE-BFC1-08002BE10318} * PCMCIA Adapters * {4D36E977-E325-11CE-BFC1-08002BE10318} * SCSIAdapter * {4D36E97B-E325-11CE-BFC1-08002BE10318} * Service * AFD AppMgmt Browser CryptSvc Dhcp dmadmin dmserver DnsCache EventLog HelpSvc LanmanServer LanmanWorkstation LmHosts Messenger Ndisuio NetBIOS NetBT Netlogon NetMan NtLmSsp PlugPlay rdsessmgr RpcSs SRService Tcpip termservice UploadMgr WinMgmt WZCSVC * Standard floppy disk controller * {4D36E969-E325-11CE-BFC1-08002BE10318} * System * {4D36E97D-E325-11CE-BFC1-08002BE10318} * Universal Serial Bus controllers * {36FC9E60-C465-11CF-8056-444553540000} * Volume * {71A27CDD-812A-11D0-BEC7-08002BE2092F} [SafeBoot: Alternate shell] cmd.exe (not enabled) -------------------- Driver filters: [Class filters] * Infrared devices * - Upper filters IRENUM.sys * Storage volumes * - Upper filters VolSnap.sys [Device filters] * CD-ROM Drive * - Upper filters redbook.sys - Lower filters imapi.sys * Communications Port * - Upper filters serenum.sys * Direct Parallel * - Lower filters PtiLink.sys * Intel(R) 82845 Processor to AGP Controller * - Upper filters AGP440.sys * SENS LT56ADW Modem * - Lower filters LucentSoftModem.sys * Sony Ericsson 750 USB WMC Data Modem * - Upper filters k750mdfl.sys - Lower filters k750mdm.sys * Sony Ericsson 750 USB WMC Modem * - Upper filters k750mdfl.sys - Lower filters k750mdm.sys * Terminal Server Keyboard Driver * - Upper filters kbdclass.sys * Terminal Server Mouse Driver * - Upper filters mouclass.sys * WAN Miniport (IP) * - Lower filters NdisTapi.sys * WAN Miniport (PPPOE) * - Lower filters NdisTapi.sys * WAN Miniport (PPTP) * - Lower filters NdisTapi.sys -------------------- Print monitors (9): BJ Language Monitor - cnbjmon.dll Canon BJ Language Monitor i865 - CNMLM5m.DLL hpzlnt10 - hpzlnt10.dll Local Port - localspl.dll Microsoft Document Imaging Writer Monitor - mdimon.dll PDF Port - C:\WINDOWS\System32\pdfports.dll PJL Language Monitor - pjlmon.dll Standard TCP/IP Port - tcpmon.dll USB Monitor - usbmon.dll -------------------- WOW compatibility: cmdline = C:\WINDOWS\system32\ntvdm.exe wowcmdline = C:\WINDOWS\system32\ntvdm.exe -a C:\WINDOWS\system32\krnl386 [KnownDlls (16-bit) (40)] avicap.dll avifile.dll comm.drv commdlg.dll compobj.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mapi.dll mciavi.drv mciseq.drv mciwave.drv mmsystem.dll mouse.drv msacm.dll msvideo.dll netapi.dll ole2.dll ole2disp.dll ole2nls.dll olecli.dll olesvr.dll pmspl.dll progman.exe rasapi16.dll shell.dll sound.drv storage.dll system.drv timer.drv toolhelp.dll typelib.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe [KnownDlls (32-bit) (20)] advapi32.dll comdlg32.dll gdi32.dll imagehlp.dll kernel32.dll lz32.dll ole32.dll oleaut32.dll olecli32.dll olecnv32.dll olesvr32.dll olethk32.dll rpcrt4.dll shell32.dll url.dll urlmon.dll user32.dll version.dll wininet.dll wldap32.dll ================================================== = Other hardware configurations: Failed = ================================================== -------------------- On-reboot actions: BootExecute = autocheck autochk * -------------------- Services: [NT Services (39)] Ati HotKey Poller = C:\WINDOWS\System32\Ati2evxx.exe Automatic Updates = C:\WINDOWS\system32\svchost.exe -k netsvcs AVG Anti-Spyware Guard = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe Background Intelligent Transfer Service = C:\WINDOWS\System32\svchost.exe -k netsvcs Computer Browser = C:\WINDOWS\System32\svchost.exe -k netsvcs Cryptographic Services = C:\WINDOWS\system32\svchost.exe -k netsvcs DefWatch = C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe DHCP Client = C:\WINDOWS\System32\svchost.exe -k netsvcs Distributed Link Tracking Client = C:\WINDOWS\system32\svchost.exe -k netsvcs DNS Client = C:\WINDOWS\System32\svchost.exe -k NetworkService Error Reporting Service = C:\WINDOWS\System32\svchost.exe -k netsvcs Event Log = C:\WINDOWS\system32\services.exe Help and Support = C:\WINDOWS\System32\svchost.exe -k netsvcs IPSEC Services = C:\WINDOWS\System32\lsass.exe Messenger = C:\WINDOWS\System32\svchost.exe -k netsvcs Plug and Play = C:\WINDOWS\system32\services.exe Print Spooler = C:\WINDOWS\system32\spoolsv.exe Protected Storage = C:\WINDOWS\system32\lsass.exe Remote Procedure Call (RPC) = C:\WINDOWS\system32\svchost -k rpcss Remote Registry Protect = C:\WINDOWS\System32\svchost.exe -k netsvcs Secondary Logon = C:\WINDOWS\System32\svchost.exe -k netsvcs Security Accounts Manager = C:\WINDOWS\system32\lsass.exe Server = C:\WINDOWS\System32\svchost.exe -k netsvcs Shell Hardware Detection = C:\WINDOWS\System32\svchost.exe -k netsvcs Sygate Personal Firewall Pro = C:\Program Files\Sygate\SPF\smc.exe System Event Notification = C:\WINDOWS\system32\svchost.exe -k netsvcs System Restore Service = C:\WINDOWS\System32\svchost.exe -k netsvcs Task Scheduler = C:\WINDOWS\System32\svchost.exe -k netsvcs TCP/IP NetBIOS Helper = C:\WINDOWS\System32\svchost.exe -k LocalService Themes = C:\WINDOWS\System32\svchost.exe -k netsvcs Upload Manager = C:\WINDOWS\System32\svchost.exe -k netsvcs WebClient = C:\WINDOWS\System32\svchost.exe -k LocalService Windows Audio = C:\WINDOWS\System32\svchost.exe -k netsvcs Windows Image Acquisition (WIA) = C:\WINDOWS\System32\svchost.exe -k imgsvc Windows Management Instrumentation = C:\WINDOWS\system32\svchost.exe -k netsvcs Windows Time = C:\WINDOWS\System32\svchost.exe -k netsvcs Windows User Mode Driver Framework = C:\WINDOWS\System32\wdfmgr.exe Wireless Zero Configuration = C:\WINDOWS\System32\svchost.exe -k netsvcs Workstation = C:\WINDOWS\System32\svchost.exe -k netsvcs [SafeBoot services (Minimal boot)] * CD-ROM Drive * {4D36E965-E325-11CE-BFC1-08002BE10318} * DiskDrive * {4D36E967-E325-11CE-BFC1-08002BE10318} * Driver * dmboot.sys dmio.sys dmload.sys sermouse.sys vga.sys vgasave.sys * Driver Group * Base Boot Bus Extender Boot file system File system Filter PCI Configuration PNP Filter Primary disk SCSI Class System Bus Extender * Floppy disk drive * {4D36E980-E325-11CE-BFC1-08002BE10318} * FSFilter System Recovery * sr.sys * Hdc * {4D36E96A-E325-11CE-BFC1-08002BE10318} * Human Interface Devices * {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} * Keyboard * {4D36E96B-E325-11CE-BFC1-08002BE10318} * Mouse * {4D36E96F-E325-11CE-BFC1-08002BE10318} * PCMCIA Adapters * {4D36E977-E325-11CE-BFC1-08002BE10318} * SCSIAdapter * {4D36E97B-E325-11CE-BFC1-08002BE10318} * Service * AppMgmt CryptSvc dmadmin dmserver EventLog HelpSvc Netlogon PlugPlay RpcSs SRService vds WinMgmt * Standard floppy disk controller * {4D36E969-E325-11CE-BFC1-08002BE10318} * System * {4D36E97D-E325-11CE-BFC1-08002BE10318} * Universal Serial Bus controllers * {36FC9E60-C465-11CF-8056-444553540000} * Volume * {71A27CDD-812A-11D0-BEC7-08002BE2092F} * Volume shadow copy * {533C5B84-EC70-11D2-9505-00C04F79DEAF} [SafeBoot services (Minimal boot + network support)] * CD-ROM Drive * {4D36E965-E325-11CE-BFC1-08002BE10318} * DiskDrive * {4D36E967-E325-11CE-BFC1-08002BE10318} * Driver * dmboot.sys dmio.sys dmload.sys rdpcdd.sys rdpdd.sys rdpwd.sys sermouse.sys tdpipe.sys tdtcp.sys vga.sys vgasave.sys * Driver Group * Base Boot Bus Extender Boot file system File system Filter NDIS NDIS Wrapper NetBIOSGroup NetDDEGroup Network NetworkProvider PCI Configuration PNP Filter PNP_TDI Primary disk SCSI Class Streams Drivers System Bus Extender TDI * Floppy disk drive * {4D36E980-E325-11CE-BFC1-08002BE10318} * FSFilter System Recovery * sr.sys * Hdc * {4D36E96A-E325-11CE-BFC1-08002BE10318} * Human Interface Devices * {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} * Keyboard * {4D36E96B-E325-11CE-BFC1-08002BE10318} * Mouse * {4D36E96F-E325-11CE-BFC1-08002BE10318} * Net * {4D36E972-E325-11CE-BFC1-08002BE10318} * NetClient * {4D36E973-E325-11CE-BFC1-08002BE10318} * NetService * {4D36E974-E325-11CE-BFC1-08002BE10318} * NetTrans * {4D36E975-E325-11CE-BFC1-08002BE10318} * PCMCIA Adapters * {4D36E977-E325-11CE-BFC1-08002BE10318} * SCSIAdapter * {4D36E97B-E325-11CE-BFC1-08002BE10318} * Service * AFD AppMgmt Browser CryptSvc Dhcp dmadmin dmserver DnsCache EventLog HelpSvc LanmanServer LanmanWorkstation LmHosts Messenger Ndisuio NetBIOS NetBT Netlogon NetMan NtLmSsp PlugPlay rdsessmgr RpcSs SRService Tcpip termservice UploadMgr WinMgmt WZCSVC * Standard floppy disk controller * {4D36E969-E325-11CE-BFC1-08002BE10318} * System * {4D36E97D-E325-11CE-BFC1-08002BE10318} * Universal Serial Bus controllers * {36FC9E60-C465-11CF-8056-444553540000} * Volume * {71A27CDD-812A-11D0-BEC7-08002BE2092F} [SafeBoot: Alternate shell] cmd.exe (not enabled) -------------------- Driver filters: [Class filters] * Infrared devices * - Upper filters IRENUM.sys * Storage volumes * - Upper filters VolSnap.sys [Device filters] * CD-ROM Drive * - Upper filters redbook.sys - Lower filters imapi.sys * Communications Port * - Upper filters serenum.sys * Direct Parallel * - Lower filters PtiLink.sys * Intel(R) 82845 Processor to AGP Controller * - Upper filters AGP440.sys * SENS LT56ADW Modem * - Lower filters LucentSoftModem.sys * Sony Ericsson 750 USB WMC Data Modem * - Upper filters k750mdfl.sys - Lower filters k750mdm.sys * Sony Ericsson 750 USB WMC Modem * - Upper filters k750mdfl.sys - Lower filters k750mdm.sys * Terminal Server Keyboard Driver * - Upper filters kbdclass.sys * Terminal Server Mouse Driver * - Upper filters mouclass.sys * WAN Miniport (IP) * - Lower filters NdisTapi.sys * WAN Miniport (PPPOE) * - Lower filters NdisTapi.sys * WAN Miniport (PPTP) * - Lower filters NdisTapi.sys -------------------- Print monitors (9): BJ Language Monitor - cnbjmon.dll Canon BJ Language Monitor i865 - CNMLM5m.DLL hpzlnt10 - hpzlnt10.dll Local Port - localspl.dll Microsoft Document Imaging Writer Monitor - mdimon.dll PDF Port - C:\WINDOWS\System32\pdfports.dll PJL Language Monitor - pjlmon.dll Standard TCP/IP Port - tcpmon.dll USB Monitor - usbmon.dll -------------------- WOW compatibility: cmdline = C:\WINDOWS\system32\ntvdm.exe wowcmdline = C:\WINDOWS\system32\ntvdm.exe -a C:\WINDOWS\system32\krnl386 [KnownDlls (16-bit) (40)] avicap.dll avifile.dll comm.drv commdlg.dll compobj.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mapi.dll mciavi.drv mciseq.drv mciwave.drv mmsystem.dll mouse.drv msacm.dll msvideo.dll netapi.dll ole2.dll ole2disp.dll ole2nls.dll olecli.dll olesvr.dll pmspl.dll progman.exe rasapi16.dll shell.dll sound.drv storage.dll system.drv timer.drv toolhelp.dll typelib.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe [KnownDlls (32-bit) (20)] advapi32.dll comdlg32.dll gdi32.dll imagehlp.dll kernel32.dll lz32.dll ole32.dll oleaut32.dll olecli32.dll olecnv32.dll olesvr32.dll olethk32.dll rpcrt4.dll shell32.dll url.dll urlmon.dll user32.dll version.dll wininet.dll wldap32.dll -------------------------------------------------- End of report, 154,462 bytes Commandline options: /showempty - Show empty sections /showcmts - Show comments in .bat files /noshowclsids - Hide class IDs /noshowprivate - Hide usernames and computer name /noshowusers - Hide entries from other users /noshowhardware - Hide entries from other hardware configurations /showlargehosts - Show hosts file even when more than 1000 lines are in it /showlargezones - Show Zones even when more than 1000 domains are in them /autosave - Run hidden, automatically save a report and quit