Running processes (25): [C:\Documents and Settings\Doug Radcliffe\Desktop\Hijack This\StartupList.exe (35)] C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\asycfilt.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\system32\COMCTL32.dll C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\System32\ctagent.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\mscomctl.ocx C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msi.dll C:\WINDOWS\System32\mslbui.dll C:\WINDOWS\System32\MSVBVM60.DLL C:\WINDOWS\System32\MSVCP60.dll C:\WINDOWS\system32\MSVCRT.DLL C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\PSAPI.DLL C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SXS.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\wbem\fastprox.dll C:\WINDOWS\System32\wbem\wbemcomn.dll C:\WINDOWS\System32\wbem\wbemdisp.dll C:\WINDOWS\System32\wbem\wbemprox.dll C:\WINDOWS\System32\wbem\wbemsvc.dll C:\WINDOWS\System32\wbem\wmiutils.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll [C:\Documents and Settings\Doug Radcliffe\Desktop\Hotline\Hotline Client 1.8.5.exe (73)] C:\Program Files\QuickTime\QTSystem\CoreVideo.qtx C:\Program Files\QuickTime\QTSystem\QuickTime.qts C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qtx C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.qtx C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.qtx C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.qtx C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.qtx C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.qtx C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.qtx C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.qtx C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.qtx C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.qtx C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.qtx C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\system32\COMCTL32.dll C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\System32\ctagent.dll C:\WINDOWS\System32\DCIMAN32.dll C:\WINDOWS\System32\ddraw.dll C:\WINDOWS\System32\DNSAPI.dll C:\WINDOWS\System32\DSOUND.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\midimap.dll C:\WINDOWS\System32\MSACM32.dll C:\WINDOWS\System32\msacm32.drv C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\mslbui.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\System32\NETAPI32.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\OLE32.DLL C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\QuickTime.qts C:\WINDOWS\System32\rasadhlp.dll C:\WINDOWS\System32\RASAPI32.DLL C:\WINDOWS\System32\rasman.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\rsaenh.dll C:\WINDOWS\System32\rtutils.dll C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SXS.DLL C:\WINDOWS\System32\TAPI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\wdmaud.drv C:\WINDOWS\system32\WININET.DLL C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\winrnr.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\System32\WSOCK32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll [C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe (56)] C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtCli.dll C:\Program Files\Common Files\Symantec Shared\AntiVirus\AV.loc C:\Program Files\Common Files\Symantec Shared\AntiVirus\avDefMgr.dll C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVExclu.dll C:\Program Files\Common Files\Symantec Shared\AntiVirus\avModule.dll C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVScan.dll C:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll C:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll C:\Program Files\Common Files\Symantec Shared\ccL60U.dll C:\Program Files\Common Files\Symantec Shared\ccProSub.dll C:\Program Files\Common Files\Symantec Shared\ccScanw.dll C:\Program Files\Common Files\Symantec Shared\ccSvc.dll C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL C:\Program Files\Common Files\Symantec Shared\MSL\msl.dll C:\Program Files\Common Files\Symantec Shared\QBackup.dll C:\Program Files\Common Files\Symantec Shared\SRTSP\Srtsp32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\ATL71.DLL C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\System32\Crypt32.dll C:\WINDOWS\System32\DBGHELP.DLL C:\WINDOWS\System32\DNSAPI.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\System32\iphlpapi.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\msi.dll C:\WINDOWS\System32\MSVCP71.dll C:\WINDOWS\System32\MSVCR71.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\mswsock.dll C:\WINDOWS\System32\netapi32.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\rasadhlp.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\rsaenh.dll C:\WINDOWS\System32\secur32.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\WinTrust.dll C:\WINDOWS\System32\ws2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\WSOCK32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll [C:\Program Files\Common Files\Symantec Shared\ccApp.exe (78)] C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtCli.dll C:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll C:\PROGRA~1\NORTON~1\AVPAPP32.DLL C:\PROGRA~1\NORTON~1\AVPAPP32.loc C:\PROGRA~1\NORTON~1\DEFALERT.DLL C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVExclu.dll C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIfc.dll C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVMail.dll C:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll C:\Program Files\Common Files\Symantec Shared\AppCore\AppPlg32.dll C:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll C:\Program Files\Common Files\Symantec Shared\ccL60U.dll C:\Program Files\Common Files\Symantec Shared\ccProSub.dll C:\Program Files\Common Files\Symantec Shared\ccSet.dll C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll C:\Program Files\Common Files\Symantec Shared\ccSvc.dll C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll C:\Program Files\Common Files\Symantec Shared\CF\cfEPack.dll C:\Program Files\Common Files\Symantec Shared\CF\cfV2Pack.dll C:\Program Files\Common Files\Symantec Shared\CF\PEP2.dll C:\Program Files\Common Files\Symantec Shared\COH\sesHlp.dll C:\Program Files\Common Files\Symantec Shared\NPC\DataPvdr.dll C:\Program Files\Common Files\Symantec Shared\NPC\npcTRAY.dll C:\Program Files\Common Files\Symantec Shared\NPC\NSCHlpr2.dll C:\Program Files\Common Files\Symantec Shared\NPC\NSCWSCR2.DLL C:\Program Files\Common Files\Symantec Shared\NPC\pcStatus.dll C:\Program Files\Common Files\Symantec Shared\NPC\PEPEvnt.dll C:\Program Files\Common Files\Symantec Shared\NPC\uiLicPlg.dll C:\Program Files\Norton AntiVirus\fwAlert.dll C:\Program Files\Norton AntiVirus\fwAlRes.dll C:\Program Files\Norton AntiVirus\fwEvent.dll C:\Program Files\Norton AntiVirus\IMCfg.dll C:\Program Files\Norton AntiVirus\isDataCl.dll C:\Program Files\Norton AntiVirus\SetEvtHp.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\ATL71.DLL C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\System32\Crypt32.dll C:\WINDOWS\System32\ctagent.dll C:\WINDOWS\System32\DBGHELP.DLL C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\System32\iphlpapi.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msi.dll C:\WINDOWS\System32\MSVCP71.dll C:\WINDOWS\System32\MSVCR71.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\MSWSOCK.dll C:\WINDOWS\System32\NETAPI32.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\secur32.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SymNeti.dll C:\WINDOWS\System32\SymRedir.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\WINSPOOL.DRV C:\WINDOWS\System32\WINSTA.dll C:\WINDOWS\System32\WinTrust.dll C:\WINDOWS\System32\ws2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\System32\WSOCK32.dll C:\WINDOWS\System32\Wtsapi32.dll C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\COMCTL32.dll [C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (93)] C:\PROGRA~1\COMMON~1\SYMANT~1\CCEVTPLG.DLL C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETPLG.DLL C:\PROGRA~1\COMMON~1\SYMANT~1\FIREWALL\FWAGENT.DLL C:\PROGRA~1\COMMON~1\SYMANT~1\NPC\NPCWMIMN.DLL C:\PROGRA~1\COMMON~1\SYMANT~1\OPC\{31011~1\CLTNETCN.DLL C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSVC.DLL C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\TPROCPLG.DLL C:\PROGRA~1\COMMON~1\SYMANT~1\SRTSP\SRTSP32.DLL C:\PROGRA~1\COMMON~1\SYMANT~1\SUBMIS~1\SUBENG.DLL C:\PROGRA~1\COMMON~1\SYMANT~1\SUBMIS~1\SUBRES.loc C:\PROGRA~1\NORTON~1\AVPSVC32.DLL C:\PROGRA~1\NORTON~1\AVPSVC32.loc C:\PROGRA~1\NORTON~1\ISDATASV.DLL C:\PROGRA~1\NORTON~1\NAVEVENT.DLL C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIfc.dll C:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll C:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll C:\Program Files\Common Files\Symantec Shared\ccL60.dll C:\Program Files\Common Files\Symantec Shared\ccL60U.dll C:\Program Files\Common Files\Symantec Shared\ccProSub.dll C:\Program Files\Common Files\Symantec Shared\ccSet.dll C:\Program Files\Common Files\Symantec Shared\ccSvc.dll C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll C:\Program Files\Common Files\Symantec Shared\Firewall\FWHelper.dll C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll C:\Program Files\Norton AntiVirus\AVSubmit.dll C:\Program Files\Norton AntiVirus\AVSubmit.loc C:\Program Files\Norton AntiVirus\fwEvent.dll C:\Program Files\Norton AntiVirus\fwPlugin.dll C:\Program Files\Norton AntiVirus\IMCfg.dll C:\Program Files\Norton AntiVirus\isDataCl.dll C:\Program Files\Norton AntiVirus\SetEvtHp.dll C:\WINDOWS\System32\ACTIVEDS.dll C:\WINDOWS\System32\adsldpc.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\ATL.DLL C:\WINDOWS\System32\ATL71.DLL C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\System32\Crypt32.dll C:\WINDOWS\System32\DBGHELP.DLL C:\WINDOWS\System32\DHCPCSVC.DLL C:\WINDOWS\System32\DNSAPI.dll C:\WINDOWS\System32\ESENT.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\System32\iphlpapi.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\MPRAPI.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\msi.dll C:\WINDOWS\System32\MSVCP71.dll C:\WINDOWS\System32\MSVCR71.dll C:\WINDOWS\system32\MSVCRT.DLL C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\System32\NETAPI32.dll C:\WINDOWS\System32\netman.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\RASAPI32.DLL C:\WINDOWS\System32\rasman.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\rsaenh.dll C:\WINDOWS\System32\rtutils.dll C:\WINDOWS\System32\SAMLIB.dll C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\SYSTEM32\SYMNETI.DLL C:\WINDOWS\System32\TAPI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\userenv.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\wbem\wbemcomn.dll C:\WINDOWS\System32\wbem\wbemprox.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\WINSTA.dll C:\WINDOWS\System32\WinTrust.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\System32\WMI.dll C:\WINDOWS\System32\ws2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\System32\WSOCK32.dll C:\WINDOWS\System32\WTSAPI32.dll C:\WINDOWS\System32\WZCSvc.DLL C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll [C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe (37)] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\res_en.dll C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\swg.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msi.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\NETAPI32.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\OLE32.DLL C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\PSAPI.DLL C:\WINDOWS\System32\RASAPI32.DLL C:\WINDOWS\System32\rasman.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\rtutils.dll C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\System32\sensapi.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SXS.DLL C:\WINDOWS\System32\TAPI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\WINTRUST.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe (42)] C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\appHelp.dll C:\WINDOWS\System32\ATL.DLL C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\System32\CSCDLL.dll C:\WINDOWS\System32\cscui.dll C:\WINDOWS\System32\DNSAPI.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\iphlpapi.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LINKINFO.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\MSIMG32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\System32\NETAPI32.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\System32\ntshrui.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\PSAPI.DLL C:\WINDOWS\System32\rasadhlp.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\System32\SHFOLDER.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\winrnr.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\System32\WSOCK32.dll C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\COMCTL32.dll [C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe (19)] C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\System32\NTMARTA.DLL C:\WINDOWS\system32\ole32.dll C:\WINDOWS\System32\PSAPI.DLL C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\SAMLIB.dll C:\WINDOWS\System32\SHFOLDER.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll [C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe (33)] C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\Apphelp.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\NETAPI32.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\RASAPI32.DLL C:\WINDOWS\System32\rasman.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\rtutils.dll C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\System32\shdocvw.dll C:\WINDOWS\system32\shell32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\TAPI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll [C:\Program Files\Internet Explorer\iexplore.exe (100)] C:\PROGRA~1\SPYBOT~1\SDHelper.dll C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll c:\program files\google\googletoolbar5.dll C:\Program Files\Microsoft Money\System\misstub.dll C:\Program Files\Microsoft Money\System\mnyside.dll C:\Program Files\Microsoft Office\Office10\msohev.dll C:\WINDOWS\IME\SPGRMR.DLL C:\WINDOWS\ime\sptip.dll C:\WINDOWS\System32\ACTXPRXY.DLL C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\appHelp.dll C:\WINDOWS\System32\ATL.DLL C:\WINDOWS\System32\browselc.dll C:\WINDOWS\System32\BROWSEUI.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\System32\ctagent.dll C:\WINDOWS\System32\davclnt.dll C:\WINDOWS\System32\DBGHELP.DLL C:\WINDOWS\System32\DCIMAN32.dll C:\WINDOWS\System32\DDRAW.dll C:\WINDOWS\System32\ddrawex.dll C:\WINDOWS\System32\DNSAPI.dll C:\WINDOWS\System32\drprov.dll C:\WINDOWS\System32\dxtmsft.dll C:\WINDOWS\System32\dxtrans.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\imagehlp.dll C:\WINDOWS\System32\imgutil.dll C:\WINDOWS\System32\IMM32.dll C:\WINDOWS\System32\inetcomm.dll C:\WINDOWS\System32\inetres.dll c:\windows\system32\jscript.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\Macromed\Flash\Flash8.ocx C:\WINDOWS\System32\midimap.dll C:\WINDOWS\System32\mlang.dll C:\WINDOWS\system32\MPR.dll C:\WINDOWS\System32\MSACM32.dll C:\WINDOWS\System32\msacm32.drv C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\mshtml.dll C:\WINDOWS\System32\mshtmled.dll C:\WINDOWS\System32\msi.dll C:\WINDOWS\System32\MSIMG32.dll C:\WINDOWS\System32\msimtf.dll C:\WINDOWS\System32\mslbui.dll C:\WINDOWS\System32\MSLS31.DLL C:\WINDOWS\System32\MSOERT2.dll C:\WINDOWS\System32\MSVCP60.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\System32\msxml3.dll C:\WINDOWS\System32\netapi32.dll C:\WINDOWS\System32\NETRAP.dll C:\WINDOWS\System32\NETUI0.dll C:\WINDOWS\System32\NETUI1.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\System32\ntlanman.dll C:\WINDOWS\System32\ntshrui.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\System32\OLEACC.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\olepro32.dll C:\WINDOWS\System32\pngfilt.dll C:\WINDOWS\System32\rasadhlp.dll C:\WINDOWS\System32\RASAPI32.DLL C:\WINDOWS\System32\rasman.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\rtutils.dll C:\WINDOWS\System32\SAMLIB.dll C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\System32\shdoclc.dll C:\WINDOWS\System32\SHDOCVW.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SXS.DLL C:\WINDOWS\System32\TAPI32.dll C:\WINDOWS\system32\urlmon.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\wdmaud.drv C:\WINDOWS\System32\webcheck.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\winrnr.dll C:\WINDOWS\System32\WINTRUST.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\System32\WSOCK32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll [C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (35)] C:\Program Files\Common Files\Symantec Shared\ccL60U.dll C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll C:\Program Files\Symantec\LiveUpdate\MSVCP71.dll C:\Program Files\Symantec\LiveUpdate\MSVCR71.dll C:\Program Files\Symantec\LiveUpdate\PSLuComServer_3_1.DLL C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\System32\Crypt32.dll C:\WINDOWS\System32\DNSAPI.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\msi.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\netapi32.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\rasadhlp.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\rsaenh.dll C:\WINDOWS\System32\secur32.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\userenv.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\WinTrust.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\WSOCK32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll [C:\WINDOWS\Explorer.EXE (123)] C:\PROGRA~1\GlobalSCAPE\CuteFTP\CuteShell.dll C:\PROGRA~1\NORTON~1\NavShExt.dll C:\PROGRA~1\NORTON~1\NavShExt.loc C:\PROGRA~1\SPYBOT~1\SDHelper.dll C:\PROGRA~1\TROJAN~1.8\contmenu.dll C:\Program Files\7-Zip\7-zipn.dll C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll C:\Program Files\Aladdin Systems\StuffIt Standard\Aladdin.dll C:\Program Files\Aladdin Systems\StuffIt Standard\MFC70.DLL C:\Program Files\Aladdin Systems\StuffIt Standard\MSVCP60.dll C:\Program Files\Aladdin Systems\StuffIt Standard\MSVCP70.dll C:\Program Files\Aladdin Systems\StuffIt Standard\MSVCR70.dll C:\Program Files\Aladdin Systems\StuffIt Standard\StuffItMenu.dll C:\Program Files\Common Files\Symantec Shared\ccL60U.dll C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll C:\Program Files\Microsoft Money\System\misstub.dll C:\Program Files\Microsoft Money\System\mnyside.dll C:\Program Files\WS_FTP Pro\ipspgp.dll C:\Program Files\WS_FTP Pro\LIBEAY32.dll C:\Program Files\WS_FTP Pro\res0409.dll C:\Program Files\WS_FTP Pro\SSLEAY32.dll C:\Program Files\WS_FTP Pro\sslsvc.dll C:\Program Files\WS_FTP Pro\wsfirscr.dll C:\Program Files\WS_FTP Pro\wsftpext.dll C:\Program Files\WS_FTP Pro\wsftplib.dll C:\Program Files\WS_FTP Pro\wsftpsi.dll C:\Program Files\WS_FTP Pro\wshosts.dll C:\WINDOWS\System32\ACTIVEDS.dll C:\WINDOWS\System32\ACTXPRXY.DLL C:\WINDOWS\System32\adsldpc.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\appHelp.dll C:\WINDOWS\System32\ATL.DLL C:\WINDOWS\System32\AVIFIL32.dll C:\WINDOWS\System32\BatMeter.dll C:\WINDOWS\System32\browselc.dll C:\WINDOWS\System32\BROWSEUI.dll C:\WINDOWS\System32\CFGMGR32.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\credui.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\System32\CSCDLL.dll C:\WINDOWS\System32\cscui.dll C:\WINDOWS\System32\ctagent.dll C:\WINDOWS\System32\davclnt.dll C:\WINDOWS\System32\drprov.dll C:\WINDOWS\System32\DUSER.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\System32\IMM32.dll C:\WINDOWS\system32\iphlpapi.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\LINKINFO.dll C:\WINDOWS\System32\MFC42.DLL C:\WINDOWS\System32\midimap.dll C:\WINDOWS\system32\MPR.dll C:\WINDOWS\System32\MPRAPI.dll C:\WINDOWS\System32\MSACM32.dll C:\WINDOWS\System32\msacm32.drv C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\msi.dll C:\WINDOWS\System32\MSIMG32.dll C:\WINDOWS\System32\mslbui.dll C:\WINDOWS\System32\MSVCP71.dll C:\WINDOWS\System32\MSVCR71.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\MSVFW32.dll C:\WINDOWS\System32\NETAPI32.dll C:\WINDOWS\System32\NETRAP.dll C:\WINDOWS\system32\NETSHELL.dll C:\WINDOWS\System32\NETUI0.dll C:\WINDOWS\System32\NETUI1.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\System32\ntlanman.dll C:\WINDOWS\System32\ntshrui.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\System32\OLEACC.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\olepro32.dll C:\WINDOWS\System32\POWRPROF.dll C:\WINDOWS\System32\printui.dll C:\WINDOWS\System32\RASAPI32.dll C:\WINDOWS\System32\RASDLG.dll C:\WINDOWS\System32\rasman.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\rsaenh.dll C:\WINDOWS\System32\rtutils.dll C:\WINDOWS\System32\SAMLIB.dll C:\WINDOWS\System32\Secur32.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\System32\shdoclc.dll C:\WINDOWS\System32\SHDOCVW.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\shmedia.dll C:\WINDOWS\System32\stobject.dll C:\WINDOWS\System32\SXS.DLL C:\WINDOWS\System32\TAPI32.dll C:\WINDOWS\System32\themeui.dll C:\WINDOWS\System32\urlmon.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\UxTheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\wdmaud.drv C:\WINDOWS\System32\webcheck.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\WINSPOOL.DRV C:\WINDOWS\System32\WINSTA.dll C:\WINDOWS\System32\WINTRUST.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\System32\WSOCK32.dll C:\WINDOWS\System32\WTSAPI32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll [C:\WINDOWS\System32\ctfmon.exe (11)] C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\MSUTB.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\uxtheme.dll [C:\WINDOWS\System32\ctfmon.exe (12)] C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\MSUTB.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.DLL C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\uxtheme.dll [C:\WINDOWS\System32\CTHELPER.EXE (36)] C:\WINDOWS\CTDCRES.DLL C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\system32\COMCTL32.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\System32\ctagent.dll C:\WINDOWS\SYSTEM32\CTDC0001.DLL C:\WINDOWS\SYSTEM32\CTDCIFCE.DLL C:\WINDOWS\SYSTEM32\CTDPROXY.DLL C:\WINDOWS\SYSTEM32\ctosuser.dll C:\WINDOWS\System32\ctspkhlp.dll C:\WINDOWS\System32\DSOUND.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\KsUser.dll C:\WINDOWS\System32\MFC42.DLL C:\WINDOWS\System32\midimap.dll C:\WINDOWS\System32\MSACM32.dll C:\WINDOWS\System32\msacm32.drv C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\mslbui.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\System32\NTMARTA.DLL C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\SYSTEM32\PIAPROXY.DLL C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\SAMLIB.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\wdmaud.drv C:\WINDOWS\SYSTEM32\WINMM.dll C:\WINDOWS\system32\WLDAP32.dll [C:\WINDOWS\System32\CTsvcCDA.exe (6)] C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\USER32.dll [C:\WINDOWS\system32\lsass.exe (48)] C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\cryptdll.dll C:\WINDOWS\system32\DNSAPI.dll C:\WINDOWS\System32\dssenh.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\iphlpapi.dll C:\WINDOWS\system32\ipsecsvc.dll C:\WINDOWS\system32\kerberos.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\LSASRV.dll C:\WINDOWS\system32\MPR.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\msprivs.dll C:\WINDOWS\system32\msv1_0.dll C:\WINDOWS\system32\MSVCP60.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\system32\NETAPI32.dll C:\WINDOWS\system32\netlogon.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\NTDSAPI.dll C:\WINDOWS\system32\oakley.DLL C:\WINDOWS\system32\OLE32.DLL C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\psbase.dll C:\WINDOWS\system32\pstorsvc.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\rsaenh.dll C:\WINDOWS\system32\SAMLIB.dll C:\WINDOWS\system32\SAMSRV.dll C:\WINDOWS\system32\scecli.dll C:\WINDOWS\system32\schannel.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\SETUPAPI.dll C:\WINDOWS\system32\shell32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\w32time.dll C:\WINDOWS\system32\wdigest.dll C:\WINDOWS\system32\WINIPSEC.DLL C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll [C:\WINDOWS\System32\MsPMSPSv.exe (11)] C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\MSVCRT.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\System32\NTMARTA.DLL C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\SAMLIB.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\WLDAP32.dll [C:\WINDOWS\system32\services.exe (21)] C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\Apphelp.dll C:\WINDOWS\system32\AUTHZ.dll C:\WINDOWS\system32\eventlog.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\NCObjAPI.DLL C:\WINDOWS\system32\netapi32.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\PSAPI.DLL C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\SCESRV.dll C:\WINDOWS\system32\secur32.dll C:\WINDOWS\system32\umpnpmgr.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\WINSTA.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\system32\wtsapi32.dll [C:\WINDOWS\System32\smss.exe (1)] C:\WINDOWS\System32\ntdll.dll [C:\WINDOWS\system32\spoolsv.exe (39)] C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\cnbjmon.dll C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\DNSAPI.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\icmp.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\system32\inetpp.dll C:\WINDOWS\system32\iphlpapi.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\localspl.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\mswsock.dll C:\WINDOWS\system32\netapi32.dll C:\WINDOWS\system32\NETRAP.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\pjlmon.dll C:\WINDOWS\system32\rasadhlp.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\sfc_os.dll C:\WINDOWS\system32\SPOOLSS.DLL C:\WINDOWS\system32\tcpmon.dll C:\WINDOWS\system32\usbmon.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\win32spl.dll C:\WINDOWS\System32\winrnr.dll C:\WINDOWS\system32\winspool.drv C:\WINDOWS\system32\WINTRUST.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll [C:\WINDOWS\System32\svchost.exe (141)] c:\windows\pchealth\helpctr\binaries\pchsvc.dll C:\WINDOWS\System32\ACTIVEDS.dll C:\WINDOWS\System32\adsldpc.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\ADVPACK.dll C:\WINDOWS\System32\ATL.DLL c:\windows\system32\audiosrv.dll c:\windows\system32\AUTHZ.dll c:\windows\system32\browser.dll C:\WINDOWS\System32\Cabinet.dll c:\windows\system32\certcli.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\CLUSAPI.DLL C:\WINDOWS\system32\colbact.DLL C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\comsvcs.dll C:\WINDOWS\system32\credui.dll C:\WINDOWS\system32\CRYPT32.dll c:\windows\system32\cryptsvc.dll C:\WINDOWS\System32\CRYPTUI.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\DNSAPI.dll C:\WINDOWS\System32\dssenh.dll c:\windows\system32\ersvc.dll c:\windows\system32\es.dll c:\windows\system32\ESENT.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\h323.tsp C:\WINDOWS\System32\HID.DLL C:\WINDOWS\System32\hidphone.tsp C:\WINDOWS\System32\hnetcfg.dll c:\windows\system32\ICAAPI.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\System32\ipconf.tsp c:\windows\system32\iphlpapi.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\kmddsp.tsp C:\WINDOWS\System32\MPRAPI.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\msi.dll C:\WINDOWS\System32\MSIDLE.DLL C:\WINDOWS\System32\mspatcha.dll c:\windows\system32\mstlsapi.dll C:\WINDOWS\system32\msv1_0.dll c:\windows\system32\MSVCP60.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\system32\MTXCLU.DLL C:\WINDOWS\System32\mtxoci.dll C:\WINDOWS\System32\NCObjAPI.DLL C:\WINDOWS\System32\ndptsp.tsp c:\windows\system32\NETAPI32.dll c:\windows\system32\netcfgx.dll c:\windows\system32\netman.dll C:\WINDOWS\system32\NETSHELL.dll C:\WINDOWS\System32\ntdll.dll c:\windows\system32\NTDSAPI.dll C:\WINDOWS\System32\ntlsapi.dll C:\WINDOWS\System32\NTMARTA.DLL C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll c:\windows\system32\POWRPROF.dll c:\windows\system32\PSAPI.DLL C:\WINDOWS\System32\rasadhlp.dll C:\WINDOWS\System32\RASAPI32.dll C:\WINDOWS\System32\raschap.dll C:\WINDOWS\System32\RASDLG.dll C:\WINDOWS\System32\rasman.dll c:\windows\system32\rasmans.dll C:\WINDOWS\System32\rasppp.dll C:\WINDOWS\System32\rastapi.dll C:\WINDOWS\System32\rastls.dll C:\WINDOWS\System32\REGAPI.dll C:\WINDOWS\System32\RESUTILS.DLL C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\rsaenh.dll c:\windows\system32\rtutils.dll C:\WINDOWS\System32\SAMLIB.dll C:\WINDOWS\System32\SCHANNEL.dll c:\windows\system32\schedsvc.dll c:\windows\system32\seclogon.dll c:\windows\system32\Secur32.dll c:\windows\system32\sens.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\System32\sfc.dll C:\WINDOWS\System32\sfc_os.dll C:\WINDOWS\system32\shell32.dll C:\WINDOWS\System32\SHFOLDER.dll C:\WINDOWS\system32\SHLWAPI.dll c:\windows\system32\shsvcs.dll c:\windows\system32\srsvc.dll c:\windows\system32\srvsvc.dll C:\WINDOWS\System32\SSDPAPI.dll C:\WINDOWS\System32\SXS.DLL C:\WINDOWS\System32\TAPI32.dll c:\windows\system32\tapisrv.dll c:\windows\system32\termsrv.dll c:\windows\system32\trkwks.dll C:\WINDOWS\System32\unimdm.tsp C:\WINDOWS\System32\uniplat.dll C:\WINDOWS\System32\upnp.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\UxTheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\VSSAPI.DLL c:\windows\system32\w32time.dll C:\WINDOWS\System32\Wbem\esscli.dll C:\WINDOWS\System32\Wbem\FastProx.dll C:\WINDOWS\System32\wbem\ncprov.dll C:\WINDOWS\System32\wbem\repdrvfs.dll c:\windows\system32\wbem\wbemcomn.dll C:\WINDOWS\System32\Wbem\wbemcore.dll C:\WINDOWS\System32\wbem\wbemess.dll C:\WINDOWS\System32\wbem\wbemsvc.dll C:\WINDOWS\System32\wbem\wmiprvsd.dll c:\windows\system32\wbem\wmisvc.dll C:\WINDOWS\System32\wbem\wmiutils.dll C:\WINDOWS\System32\WINHTTP.dll C:\WINDOWS\system32\WININET.dll c:\windows\system32\WINIPSEC.DLL C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\WinSCard.dll C:\WINDOWS\System32\winspool.drv C:\WINDOWS\System32\WINSTA.dll C:\WINDOWS\System32\WINTRUST.dll c:\windows\system32\wkssvc.dll C:\WINDOWS\system32\WLDAP32.dll c:\windows\system32\WMI.dll c:\windows\system32\WS2_32.dll c:\windows\system32\WS2HELP.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\system32\WSOCK32.dll c:\windows\system32\WTSAPI32.dll C:\WINDOWS\System32\wuaueng.dll c:\windows\system32\wuauserv.dll C:\WINDOWS\System32\wups.dll C:\WINDOWS\System32\wups2.dll c:\windows\system32\wzcsvc.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll [C:\WINDOWS\system32\svchost.exe (25)] C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\DNSAPI.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\iphlpapi.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\rasadhlp.dll C:\WINDOWS\system32\RPCRT4.dll c:\windows\system32\rpcss.dll C:\WINDOWS\System32\rsaenh.dll c:\windows\system32\Secur32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\userenv.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\winrnr.dll C:\WINDOWS\system32\WLDAP32.dll c:\windows\system32\WS2_32.dll c:\windows\system32\WS2HELP.dll C:\WINDOWS\System32\wshtcpip.dll [C:\WINDOWS\system32\winlogon.exe (60)] C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\Apphelp.dll C:\WINDOWS\system32\Ati2evxx.dll C:\WINDOWS\system32\AUTHZ.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\system32\COMCTL32.dll C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\cscdll.dll C:\WINDOWS\System32\cscui.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\System32\midimap.dll C:\WINDOWS\system32\MPR.dll C:\WINDOWS\System32\MSACM32.dll C:\WINDOWS\System32\msacm32.drv C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSGINA.dll C:\WINDOWS\system32\msv1_0.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\NDdeApi.dll C:\WINDOWS\system32\NETAPI32.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\System32\NTMARTA.DLL C:\WINDOWS\System32\ODBC32.dll C:\WINDOWS\System32\odbcint.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\PROFMAP.dll C:\WINDOWS\system32\PSAPI.DLL C:\WINDOWS\system32\REGAPI.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\rsaenh.dll C:\WINDOWS\System32\SAMLIB.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\SETUPAPI.dll C:\WINDOWS\system32\sfc.dll C:\WINDOWS\System32\sfc_os.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\System32\SHSVCS.dll C:\WINDOWS\System32\sxs.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\wdmaud.drv C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\WINSCARD.DLL C:\WINDOWS\System32\WINSPOOL.DRV C:\WINDOWS\system32\WINSTA.dll C:\WINDOWS\System32\WINTRUST.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\system32\WlNotify.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\System32\WTSAPI32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll [C:\WINDOWS\System32\wuauclt.exe (43)] C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\System32\ADVPACK.dll C:\WINDOWS\System32\ATL.DLL C:\WINDOWS\System32\Cabinet.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\System32\ESENT.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\MSCTF.dll C:\WINDOWS\System32\MSIMG32.dll C:\WINDOWS\System32\mspatcha.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\ntdll.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\System32\sfc.dll C:\WINDOWS\System32\sfc_os.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\System32\SHFOLDER.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\uxtheme.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\System32\WINHTTP.dll C:\WINDOWS\System32\WINSPOOL.DRV C:\WINDOWS\System32\WINSTA.dll C:\WINDOWS\System32\WINTRUST.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\WTSAPI32.dll C:\WINDOWS\System32\wuaucpl.cpl C:\WINDOWS\System32\wuaueng.dll C:\WINDOWS\System32\wucltui.dll C:\WINDOWS\System32\wups.dll C:\WINDOWS\System32\wups2.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\COMCTL32.dll -------------------- Autostart folders: [Startup (1)] DESKTOP.INI [User Startup (1)] DESKTOP.INI [Common Startup (3)] Adobe Gamma Loader.lnk DESKTOP.INI Microsoft Office.lnk [User Common Startup (3)] Adobe Gamma Loader.lnk DESKTOP.INI Microsoft Office.lnk -------------------- Task Scheduler jobs (1): Norton AntiVirus - Run Full System Scan - Doug Radcliffe.job -------------------- IniMapping values: System NT shell = Explorer.exe User screensaver = C:\WINDOWS\System32\LOGON.SCR -------------------- Autostarting batch files: [autoexec.nt] @echo off lh %SystemRoot%\system32\mscdexnt.exe lh %SystemRoot%\system32\redir lh %SystemRoot%\system32\dosx SET BLASTER=A220 I5 D1 P330 T3 [config.nt] dos=high, umb device=%SystemRoot%\system32\himem.sys files=40 -------------------- On-reboot actions: [Wininit.ini] [Rename] NUL=C:\DOCUME~1\DOUGRA~1\LOCALS~1\Temp\bdl14025.exe BootExecute = autocheck autochk * -------------------- Shell commands: .bat - MS-DOS Batch File - "%1" %* .cmd - Windows NT Command Script - "%1" %* .com - MS-DOS Application - "%1" %* .exe - Application - "%1" %* .hta - HTML Application - C:\WINDOWS\System32\mshta.exe "%1" %* .js - JScript Script File - C:\WINDOWS\System32\WScript.exe "%1" %* .jse - JScript Encoded Script File - C:\WINDOWS\System32\WScript.exe "%1" %* .pif - Shortcut to MS-DOS Program - "%1" %* .scr - Screen Saver - "%1" /S .txt - Text Document - C:\WINDOWS\system32\NOTEPAD.EXE %1 .vbe - VBScript Encoded Script File - C:\WINDOWS\System32\WScript.exe "%1" %* .vbs - VBScript Script File - C:\WINDOWS\System32\WScript.exe "%1" %* .wsf - Windows Script File - C:\WINDOWS\System32\WScript.exe "%1" %* .wsh - Windows Script Host Settings File - C:\WINDOWS\System32\WScript.exe "%1" %* -------------------- Services: [NT Services (41)] Ati HotKey Poller = C:\WINDOWS\System32\Ati2evxx.exe ATI Smart = C:\WINDOWS\SYSTEM32\ati2sgag.exe Automatic LiveUpdate Scheduler = "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" Automatic Updates = C:\WINDOWS\system32\svchost.exe -k netsvcs AVG Anti-Spyware Guard = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe Computer Browser = C:\WINDOWS\System32\svchost.exe -k netsvcs Creative Service for CDROM Access = C:\WINDOWS\System32\CTsvcCDA.exe Cryptographic Services = C:\WINDOWS\system32\svchost.exe -k netsvcs DHCP Client = C:\WINDOWS\System32\svchost.exe -k netsvcs Distributed Link Tracking Client = C:\WINDOWS\system32\svchost.exe -k netsvcs DNS Client = C:\WINDOWS\System32\svchost.exe -k NetworkService Error Reporting Service = C:\WINDOWS\System32\svchost.exe -k netsvcs Event Log = C:\WINDOWS\system32\services.exe Help and Support = C:\WINDOWS\System32\svchost.exe -k netsvcs IPSEC Services = C:\WINDOWS\System32\lsass.exe Plug and Play = C:\WINDOWS\system32\services.exe Print Spooler = C:\WINDOWS\system32\spoolsv.exe Protected Storage = C:\WINDOWS\system32\lsass.exe Remote Procedure Call (RPC) = C:\WINDOWS\system32\svchost -k rpcss Secondary Logon = C:\WINDOWS\System32\svchost.exe -k netsvcs Security Accounts Manager = C:\WINDOWS\system32\lsass.exe Server = C:\WINDOWS\System32\svchost.exe -k netsvcs Shell Hardware Detection = C:\WINDOWS\System32\svchost.exe -k netsvcs Symantec AppCore Service = "C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe" Symantec Event Manager = "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon Symantec Lic NetConnect service = "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon Symantec Settings Manager = "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon System Event Notification = C:\WINDOWS\system32\svchost.exe -k netsvcs System Restore Service = C:\WINDOWS\System32\svchost.exe -k netsvcs Task Scheduler = C:\WINDOWS\System32\svchost.exe -k netsvcs TCP/IP NetBIOS Helper = C:\WINDOWS\System32\svchost.exe -k LocalService Themes = C:\WINDOWS\System32\svchost.exe -k netsvcs Upload Manager = C:\WINDOWS\System32\svchost.exe -k netsvcs WebClient = C:\WINDOWS\System32\svchost.exe -k LocalService Windows Audio = C:\WINDOWS\System32\svchost.exe -k netsvcs Windows Management Instrumentation = C:\WINDOWS\system32\svchost.exe -k netsvcs Windows Time = C:\WINDOWS\system32\svchost.exe -k netsvcs Windows User Mode Driver Framework = C:\WINDOWS\System32\wdfmgr.exe Wireless Zero Configuration = C:\WINDOWS\System32\svchost.exe -k netsvcs WMDM PMSP Service = C:\WINDOWS\System32\MsPMSPSv.exe Workstation = C:\WINDOWS\System32\svchost.exe -k netsvcs [VxD Services (1)] JAVASUP = JAVASUP.VXD [SafeBoot services (Minimal boot)] * CD-ROM Drive * {4D36E965-E325-11CE-BFC1-08002BE10318} * DiskDrive * {4D36E967-E325-11CE-BFC1-08002BE10318} * Driver * dmboot.sys dmio.sys dmload.sys sermouse.sys vga.sys vgasave.sys * Driver Group * Base Boot Bus Extender Boot file system File system Filter PCI Configuration PNP Filter Primary disk SCSI Class System Bus Extender * Floppy disk drive * {4D36E980-E325-11CE-BFC1-08002BE10318} * FSFilter System Recovery * sr.sys * Hdc * {4D36E96A-E325-11CE-BFC1-08002BE10318} * Human Interface Devices * {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} * Keyboard * {4D36E96B-E325-11CE-BFC1-08002BE10318} * Mouse * {4D36E96F-E325-11CE-BFC1-08002BE10318} * PCMCIA Adapters * {4D36E977-E325-11CE-BFC1-08002BE10318} * SCSIAdapter * {4D36E97B-E325-11CE-BFC1-08002BE10318} * Service * AppMgmt CryptSvc dmadmin dmserver EventLog HelpSvc Netlogon PlugPlay RpcSs SRService WinMgmt * Standard floppy disk controller * {4D36E969-E325-11CE-BFC1-08002BE10318} * System * {4D36E97D-E325-11CE-BFC1-08002BE10318} * Universal Serial Bus controllers * {36FC9E60-C465-11CF-8056-444553540000} * Volume * {71A27CDD-812A-11D0-BEC7-08002BE2092F} [SafeBoot services (Minimal boot + network support)] * CD-ROM Drive * {4D36E965-E325-11CE-BFC1-08002BE10318} * DiskDrive * {4D36E967-E325-11CE-BFC1-08002BE10318} * Driver * dmboot.sys dmio.sys dmload.sys rdpcdd.sys rdpdd.sys rdpwd.sys sermouse.sys tdpipe.sys tdtcp.sys vga.sys vgasave.sys * Driver Group * Base Boot Bus Extender Boot file system File system Filter NDIS NDIS Wrapper NetBIOSGroup NetDDEGroup Network NetworkProvider PCI Configuration PNP Filter PNP_TDI Primary disk SCSI Class Streams Drivers System Bus Extender TDI * Floppy disk drive * {4D36E980-E325-11CE-BFC1-08002BE10318} * FSFilter System Recovery * sr.sys * Hdc * {4D36E96A-E325-11CE-BFC1-08002BE10318} * Human Interface Devices * {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} * Keyboard * {4D36E96B-E325-11CE-BFC1-08002BE10318} * Mouse * {4D36E96F-E325-11CE-BFC1-08002BE10318} * Net * {4D36E972-E325-11CE-BFC1-08002BE10318} * NetClient * {4D36E973-E325-11CE-BFC1-08002BE10318} * NetService * {4D36E974-E325-11CE-BFC1-08002BE10318} * NetTrans * {4D36E975-E325-11CE-BFC1-08002BE10318} * PCMCIA Adapters * {4D36E977-E325-11CE-BFC1-08002BE10318} * SCSIAdapter * {4D36E97B-E325-11CE-BFC1-08002BE10318} * Service * AFD AppMgmt Browser CryptSvc Dhcp dmadmin dmserver DnsCache EventLog HelpSvc LanmanServer LanmanWorkstation LmHosts Messenger Ndisuio NetBIOS NetBT Netlogon NetMan NtLmSsp PlugPlay rdsessmgr RpcSs SRService Tcpip termservice UploadMgr WinMgmt WZCSVC * Standard floppy disk controller * {4D36E969-E325-11CE-BFC1-08002BE10318} * System * {4D36E97D-E325-11CE-BFC1-08002BE10318} * Universal Serial Bus controllers * {36FC9E60-C465-11CF-8056-444553540000} * Volume * {71A27CDD-812A-11D0-BEC7-08002BE2092F} [SafeBoot: Alternate shell] cmd.exe (not enabled) -------------------- Driver filters: [Class filters] * Disk drives * - Upper filters PartMgr.sys * DVD/CD-ROM drives * - Upper filters pwd_2k.sys Cdralw2k.sys GEARAspiWDM.sys - Lower filters PxHelp20.sys MxlW2k.sys Cdr4_xp.sys * Infrared devices * - Upper filters IRENUM.sys * Keyboards * - Upper filters kbdclass.sys * Mice and other pointing devices * - Upper filters mouclass.sys * Storage volumes * - Upper filters VolSnap.sys [Device filters] * CD-ROM Drive * - Upper filters redbook.sys * CD-ROM Drive * - Upper filters redbook.sys * CD-ROM Drive * - Upper filters redbook.sys - Lower filters imapi.sys * Communications Port * - Upper filters serenum.sys * Communications Port * - Upper filters serenum.sys * Direct Parallel * - Lower filters PtiLink.sys * Intel(R) 82875P Processor to AGP Controller - 2579 * - Upper filters AGP440.sys * Terminal Server Keyboard Driver * - Upper filters kbdclass.sys * Terminal Server Mouse Driver * - Upper filters mouclass.sys * WAN Miniport (IP) * - Lower filters NdisTapi.sys * WAN Miniport (PPPOE) * - Lower filters NdisTapi.sys * WAN Miniport (PPTP) * - Lower filters NdisTapi.sys -------------------- Print monitors (5): BJ Language Monitor - cnbjmon.dll Local Port - localspl.dll PJL Language Monitor - pjlmon.dll Standard TCP/IP Port - tcpmon.dll USB Monitor - usbmon.dll -------------------- WinLogon autoruns: UserInit = C:\WINDOWS\system32\userinit.exe, VmApplet = rundll32 shell32,Control_RunDLL "sysdm.cpl" [Notify (10)] AtiExtEvent = Ati2evxx.dll crypt32chain = crypt32.dll cryptnet = cryptnet.dll cscdll = cscdll.dll ScCertProp = wlnotify.dll Schedule = wlnotify.dll sclgntfy = sclgntfy.dll SensLogn = WlNotify.dll termsrv = wlnotify.dll wlballoon = wlnotify.dll [Group policy extensions (5)] Microsoft Disk Quota = dskquota.dll Security = scecli.dll Internet Explorer Branding = iedkcs32.dll EFS recovery = scecli.dll Software Installation = appmgmts.dll -------------------- Policies: [This user] * Alternate policies * - Software\Microsoft\Windows\CurrentVersion\policies\System (1) DisableRegistryTools = dword: 0 [All users] * Primary policies * - Software\Policies\Microsoft\Messenger\Client (1) PreventAutoRun = dword: 1 - Software\Policies\Microsoft\Windows\Installer (2) EnableAdminTSRemote = dword: 1 AllowLockdownMedia = dword: 1 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecFilter{72385235-70fa-11d1-864c-14a300000000} (7) ClassName = ipsecFilter description = Matches all ICMP packets between this computer and any other computer. name = ipsecFilter{72385235-70fa-11d1-864c-14a300000000} ipsecName = All ICMP Traffic ipsecID = {72385235-70fa-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecFilter{7238523a-70fa-11d1-864c-14a300000000} (7) ClassName = ipsecFilter description = Matches all IP packets from this computer to any other computer, except broadcast, multicast, Kerberos, RSVP and ISAKMP (IKE). name = ipsecFilter{7238523a-70fa-11d1-864c-14a300000000} ipsecName = All IP Traffic ipsecID = {7238523a-70fa-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385231-70fa-11d1-864c-14a300000000} (5) ClassName = ipsecISAKMPPolicy name = ipsecISAKMPPolicy{72385231-70fa-11d1-864c-14a300000000} ipsecID = {72385231-70fa-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385234-70fa-11d1-864c-14a300000000} (5) ClassName = ipsecISAKMPPolicy name = ipsecISAKMPPolicy{72385234-70fa-11d1-864c-14a300000000} ipsecID = {72385234-70fa-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385237-70fa-11d1-864c-14a300000000} (5) ClassName = ipsecISAKMPPolicy name = ipsecISAKMPPolicy{72385237-70fa-11d1-864c-14a300000000} ipsecID = {72385237-70fa-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{7238523d-70fa-11d1-864c-14a300000000} (5) ClassName = ipsecISAKMPPolicy name = ipsecISAKMPPolicy{7238523d-70fa-11d1-864c-14a300000000} ipsecID = {7238523d-70fa-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{11dfac47-27d3-4a36-9ddd-f2fa107c8693} (7) ClassName = ipsecNegotiationPolicy name = ipsecNegotiationPolicy{11dfac47-27d3-4a36-9ddd-f2fa107c8693} ipsecID = {11dfac47-27d3-4a36-9ddd-f2fa107c8693} ipsecNegotiationPolicyAction = {8a171dd3-77e3-11d1-8659-a04f00000000} ipsecNegotiationPolicyType = {62f49e13-6c37-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{29911e57-c362-45eb-b499-63b2319f2e9c} (7) ClassName = ipsecNegotiationPolicy name = ipsecNegotiationPolicy{29911e57-c362-45eb-b499-63b2319f2e9c} ipsecID = {29911e57-c362-45eb-b499-63b2319f2e9c} ipsecNegotiationPolicyAction = {8a171dd3-77e3-11d1-8659-a04f00000000} ipsecNegotiationPolicyType = {62f49e13-6c37-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{6c70debf-dfd5-4d8f-9b1e-4fbe4202d385} (7) ClassName = ipsecNegotiationPolicy name = ipsecNegotiationPolicy{6c70debf-dfd5-4d8f-9b1e-4fbe4202d385} ipsecID = {6c70debf-dfd5-4d8f-9b1e-4fbe4202d385} ipsecNegotiationPolicyAction = {8a171dd3-77e3-11d1-8659-a04f00000000} ipsecNegotiationPolicyType = {62f49e13-6c37-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{72385233-70fa-11d1-864c-14a300000000} (9) ClassName = ipsecNegotiationPolicy description = Accepts unsecured communication, but requests clients to establish trust and security methods. Will communicate insecurely to untrusted clients if they do not respond to request. name = ipsecNegotiationPolicy{72385233-70fa-11d1-864c-14a300000000} ipsecName = Request Security (Optional) ipsecID = {72385233-70fa-11d1-864c-14a300000000} ipsecNegotiationPolicyAction = {3f91a81a-7647-11d1-864d-d46a00000000} ipsecNegotiationPolicyType = {62f49e10-6c37-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{7238523b-70fa-11d1-864c-14a300000000} (9) ClassName = ipsecNegotiationPolicy description = Permit unsecured IP packets to pass through. name = ipsecNegotiationPolicy{7238523b-70fa-11d1-864c-14a300000000} ipsecName = Permit ipsecID = {7238523b-70fa-11d1-864c-14a300000000} ipsecNegotiationPolicyAction = {8a171dd2-77e3-11d1-8659-a04f00000000} ipsecNegotiationPolicyType = {62f49e10-6c37-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{7238523f-70fa-11d1-864c-14a300000000} (9) ClassName = ipsecNegotiationPolicy description = Accepts unsecured communication, but always requires clients to establish trust and security methods. Will NOT communicate with untrusted clients. name = ipsecNegotiationPolicy{7238523f-70fa-11d1-864c-14a300000000} ipsecName = Require Security ipsecID = {7238523f-70fa-11d1-864c-14a300000000} ipsecNegotiationPolicyAction = {3f91a81a-7647-11d1-864d-d46a00000000} ipsecNegotiationPolicyType = {62f49e10-6c37-11d1-864c-14a300000000} ipsecDataType = dword: 256 whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{19063139-c32a-422d-b8e8-c09da3c1e483} (8) ClassName = ipsecNFA name = ipsecNFA{19063139-c32a-422d-b8e8-c09da3c1e483} ipsecName = Require Security description = Accepts unsecured communication, but always requires clients to establish trust and security methods. Will NOT communicate with untrusted clients. ipsecID = {19063139-c32a-422d-b8e8-c09da3c1e483} ipsecDataType = dword: 256 ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{7238523f-70fa-11d1-864c-14a300000000} whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{53633ec0-5258-44e9-87d6-c03e73624b22} (8) ClassName = ipsecNFA name = ipsecNFA{53633ec0-5258-44e9-87d6-c03e73624b22} ipsecName = Permit unsecure ICMP packets to pass through. description = Permit unsecure ICMP packets to pass through. ipsecID = {53633ec0-5258-44e9-87d6-c03e73624b22} ipsecDataType = dword: 256 ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{7238523b-70fa-11d1-864c-14a300000000} whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{6d7fb14a-969c-48e7-b62c-4608988d71ee} (8) ClassName = ipsecNFA name = ipsecNFA{6d7fb14a-969c-48e7-b62c-4608988d71ee} ipsecName = Request Security (Optional) Rule description = For all IP traffic, always request security using Kerberos trust. Allow unsecured communication with clients that do not respond to request. ipsecID = {6d7fb14a-969c-48e7-b62c-4608988d71ee} ipsecDataType = dword: 256 ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{72385233-70fa-11d1-864c-14a300000000} whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{b6084394-15e0-4693-a2eb-eb4ab2aa969f} (6) ClassName = ipsecNFA name = ipsecNFA{b6084394-15e0-4693-a2eb-eb4ab2aa969f} ipsecID = {b6084394-15e0-4693-a2eb-eb4ab2aa969f} ipsecDataType = dword: 256 ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{11dfac47-27d3-4a36-9ddd-f2fa107c8693} whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{d05bf3b3-6019-4931-82d7-99a0cdc62cb4} (6) ClassName = ipsecNFA name = ipsecNFA{d05bf3b3-6019-4931-82d7-99a0cdc62cb4} ipsecID = {d05bf3b3-6019-4931-82d7-99a0cdc62cb4} ipsecDataType = dword: 256 ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{6c70debf-dfd5-4d8f-9b1e-4fbe4202d385} whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{d9b103a6-aac9-4f47-a798-3e2dec0cd6d3} (8) ClassName = ipsecNFA name = ipsecNFA{d9b103a6-aac9-4f47-a798-3e2dec0cd6d3} ipsecName = Permit unsecure ICMP packets to pass through. description = Permit unsecure ICMP packets to pass through. ipsecID = {d9b103a6-aac9-4f47-a798-3e2dec0cd6d3} ipsecDataType = dword: 256 ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{7238523b-70fa-11d1-864c-14a300000000} whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNFA{e561b969-abac-4cc4-957f-a038d0ead805} (6) ClassName = ipsecNFA name = ipsecNFA{e561b969-abac-4cc4-957f-a038d0ead805} ipsecID = {e561b969-abac-4cc4-957f-a038d0ead805} ipsecDataType = dword: 256 ipsecNegotiationPolicyReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecNegotiationPolicy{29911e57-c362-45eb-b499-63b2319f2e9c} whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecPolicy{72385230-70fa-11d1-864c-14a300000000} (8) ClassName = ipsecPolicy description = For all IP traffic, always request security using Kerberos trust. Allow unsecured communication with clients that do not respond to request. name = ipsecPolicy{72385230-70fa-11d1-864c-14a300000000} ipsecName = Server (Request Security) ipsecID = {72385230-70fa-11d1-864c-14a300000000} ipsecDataType = dword: 256 ipsecISAKMPReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385231-70fa-11d1-864c-14a300000000} whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecPolicy{72385236-70fa-11d1-864c-14a300000000} (8) ClassName = ipsecPolicy description = Communicate normally (unsecured). Use the default response rule to negotiate with servers that request security. Only the requested protocol and port traffic with that server is secured. name = ipsecPolicy{72385236-70fa-11d1-864c-14a300000000} ipsecName = Client (Respond Only) ipsecID = {72385236-70fa-11d1-864c-14a300000000} ipsecDataType = dword: 256 ipsecISAKMPReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{72385237-70fa-11d1-864c-14a300000000} whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecPolicy{7238523c-70fa-11d1-864c-14a300000000} (8) ClassName = ipsecPolicy description = For all IP traffic, always require security using Kerberos trust. Do NOT allow unsecured communication with untrusted clients. name = ipsecPolicy{7238523c-70fa-11d1-864c-14a300000000} ipsecName = Secure Server (Require Security) ipsecID = {7238523c-70fa-11d1-864c-14a300000000} ipsecDataType = dword: 256 ipsecISAKMPReference = SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\ipsecISAKMPPolicy{7238523d-70fa-11d1-864c-14a300000000} whenChanged = dword: 1031086446 - Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers (4) TransparentEnabled = dword: 1 DefaultLevel = dword: 262144 AuthenticodeEnabled = dword: 0 PolicyScope = dword: 0 - Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers\0\Paths\{dda3f824-d8cb-441b-834d-be2efd2c1a33} (2) Description = SaferFlags = dword: 0 * Alternate policies * - Software\Microsoft\Windows\CurrentVersion\policies\NonEnum (3) {BDEADF00-C265-11D0-BCED-00A0C90AB50F} = dword: 1 {6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} = dword: 1073741857 {0DF44EAA-FF21-4412-828E-260A8728E7F1} = dword: 32 - Software\Microsoft\Windows\CurrentVersion\policies\system (5) dontdisplaylastusername = dword: 0 legalnoticecaption = legalnoticetext = shutdownwithoutlogon = dword: 1 undockwithoutlogon = dword: 1 -------------------- Browser Helper Objects (4): (no name) = {243B17DE-77C7-46BF-B94B-0B5F309A0E64} = C:\Program Files\Microsoft Money\System\mnyside.dll (no name) = {53707962-6F74-2D53-2644-206D7942484F} = C:\PROGRA~1\SPYBOT~1\SDHelper.dll AcroIEHlprObj Class = {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} = C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll Google Toolbar Helper = {AA58ED58-01DD-4d91-8333-CF10577473F7} = c:\program files\google\googletoolbar5.dll -------------------- ActiveX objects (13): BASEIE40_W2K - {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe BRANDING.CAB - {60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP DOTNETFRAMEWORKS - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\System32\mscories.dll,Install IE4Shell_NT - {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll IEACCESS - {26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigIE MailNews - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install Messenger - {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.Install.PerUser Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub NetMeeting - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT OEACCESS - {881dd1c5-3dcf-431b-b061-f3f88e8be88a} - C:\WINDOWS\system32\shmgrate.exe OCInstallUserConfigOE Theme Component - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - C:\WINDOWS\system32\regsvr32.exe /s /n /i:/UserInstall C:\WINDOWS\system32\themeui.dll WAB - {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install WMPACCESS - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP -------------------- Internet Explorer toolbars: [This user] * ShellBrowser (3) * (no name) - {339BB23F-A864-48C0-A59F-29EA915965EC} - (no file) (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file) &Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll * WebBrowser (3) * &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll &Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll -------------------- Internet Explorer buttons/tools (4): Sun Java Console - {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe MoneySide - {DD6687B5-CB43-4211-BFC9-2942CCBDCB3E} - C:\Program Files\Microsoft Money\System\mnyside.dll Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE -------------------- Internet Explorer Bands (9): Search Band - {30D02401-6A81-11d0-8274-00C04FD5AE38} - C:\WINDOWS\System32\browseui.dll Media Band - {32683183-48a0-441b-a342-7c2a440a9478} - C:\WINDOWS\System32\browseui.dll &Tip of the Day - {4D5C8C25-D075-11d0-B416-00C04FB90376} - C:\WINDOWS\System32\shdocvw.dll &Discuss - {BDEADE7F-C265-11D0-BCED-00A0C90AB50F} - shdocvw.dll File Search Explorer Band - {C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1} - C:\WINDOWS\system32\SHELL32.dll MoneySide - {D6A116E7-5906-42E4-87F6-E7E15936415E} - C:\Program Files\Microsoft Money\System\mnyside.dll Favorites Band - {EFA24E61-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\System32\shdocvw.dll History Band - {EFA24E62-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\System32\shdocvw.dll Explorer Band - {EFA24E64-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\System32\shdocvw.dll -------------------- Downloaded Program Files (11): DirectAnimation Java Classes - DirectAnimation Java Classes - (no file) - file://C:\WINDOWS\Java\classes\dajava.cab Microsoft XML Parser for Java - Microsoft XML Parser for Java - (no file) - file://C:\WINDOWS\Java\classes\xmldso.cab (no name) - {00000075-9980-0010-8000-00AA00389B71} - (no file) - http://codecs.microsoft.com/codecs/i386/voxacm.CAB (no name) - {00000162-9980-0010-8000-00AA00389B71} - (no file) - http://codecs.microsoft.com/codecs/i386/wma9dmo.cab (no name) - {33564D57-9980-0010-8000-00AA00389B71} - (no file) - http://codecs.microsoft.com/codecs/i386/wmv9dmo.cab FilePlanet Download Control Class - {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - C:\Program Files\IGN\Download Manager\FPDC.dll - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.3.102.cab (no name) - {41F17733-B041-4099-A042-B518BB6A408C} - (no file) - http://a1540.g.akamai.net/7/1540/52/20030530/qtinstall.info.apple.com/bonnie/us/win/QuickTimeInstaller.exe Symantec Download Manager - {6A344D34-5231-452A-8A57-D064AC9B7862} - C:\Program Files\Symantec Technical Support\controls\symdlmgr.dll - https://webdl.symantec.com/activex/symdlmgr.cab Java Runtime Environment 1.5.0 - {8AD9C840-044E-11D1-B3E9-00805F499D93} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll - http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab Java Runtime Environment 1.5.0 - {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll - http://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab Shockwave Flash Object - {D27CDB6E-AE6D-11CF-96B8-444553540000} - C:\WINDOWS\System32\Macromed\Flash\Flash8.ocx - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab -------------------- URL search hooks: [This user (1)] Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\shdocvw.dll -------------------- Explorer clones: C:\WINDOWS\explorer.exe -------------------- Image File Execution Options (1): Your Image File Name Here without a path = ntsd -d -------------------- ContextMenuHandlers: [* (11)] 7-Zip = {23170F69-40C1-278A-1000-000100020000} = C:\Program Files\7-Zip\7-zipn.dll AVG Anti-Spyware = {8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll CuteFTP = {8f7261d0-d2b9-11d2-9909-00605205b24c} = C:\PROGRA~1\GlobalSCAPE\CuteFTP\CuteShell.dll Offline Files = {750fdf0e-2a26-11d1-a3ea-080036587f03} = C:\WINDOWS\System32\cscui.dll Open With = {09799AFB-AD67-11d1-ABCD-00C04FC30936} = C:\WINDOWS\system32\SHELL32.dll Open With EncryptionMenu = {A470F8CF-A1E8-4f65-8335-227475AA5C46} = C:\WINDOWS\system32\SHELL32.dll Start Menu Pin = {a2a9545d-a0c2-42b4-9708-a0b2badd77c8} = C:\WINDOWS\system32\SHELL32.dll StuffIt Context Menu = {2E336DC0-54F8-11D1-ABD5-447270537467} = C:\Program Files\Aladdin Systems\StuffIt Standard\StuffItMenu.dll Symantec.Norton.Antivirus.IEContextMenu = {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} = C:\PROGRA~1\NORTON~1\NavShExt.dll TrojanHunter = {EBDF1F20-C829-11D1-8233-FF20AF3E97A9} = C:\PROGRA~1\TROJAN~1.8\contmenu.dll WS_FTP = {797F3885-5429-11D4-8823-0050DA59922B} = C:\Program Files\WS_FTP Pro\wsftpsi.dll [Drive (10)] Adaptec DirectCD Shell Extension = {5E44E225-A408-11CF-B581-008029601108} = C:\PROGRA~1\Roxio\EASYCD~1\DirectCD\Shellex.dll AlcoholShellEx = {32020A01-506E-484D-A2A8-BE3CF17601C3} = C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll AVG Anti-Spyware = {8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll CuteFTP = {8f7261d0-d2b9-11d2-9909-00605205b24c} = C:\PROGRA~1\GlobalSCAPE\CuteFTP\CuteShell.dll Disk Copy Extension = {59099400-57FF-11CE-BD94-0020AF85B590} = diskcopy.dll Offline Files = {750fdf0e-2a26-11d1-a3ea-080036587f03} = C:\WINDOWS\System32\cscui.dll Portable Media Devices Menu = {cc86590a-b60a-48e6-996b-41d25ed39a1e} = C:\WINDOWS\System32\Audiodev.dll Sharing = {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll ShellFolder for CD Burning = {fbeb8a05-beee-4442-804e-409d6c4515e9} = C:\WINDOWS\system32\SHELL32.dll Symantec.Norton.Antivirus.IEContextMenu = {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} = C:\PROGRA~1\NORTON~1\NavShExt.dll [Folder (5)] 7-Zip = {23170F69-40C1-278A-1000-000100020000} = C:\Program Files\7-Zip\7-zipn.dll StuffIt Context Menu = {2E336DC0-54F8-11D1-ABD5-447270537467} = C:\Program Files\Aladdin Systems\StuffIt Standard\StuffItMenu.dll Symantec.Norton.Antivirus.IEContextMenu = {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} = C:\PROGRA~1\NORTON~1\NavShExt.dll TrojanHunter = {EBDF1F20-C829-11D1-8233-FF20AF3E97A9} = C:\PROGRA~1\TROJAN~1.8\contmenu.dll WS_FTP = {797F3885-5429-11D4-8823-0050DA59922B} = C:\Program Files\WS_FTP Pro\wsftpsi.dll [CompressedFolder (1)] Compressed (zipped) Folder Context Menu = {b8cdcb65-b1bf-4b42-9428-1dfdb7ee92af} = C:\WINDOWS\System32\zipfldr.dll [Directory (7)] 7-Zip = {23170F69-40C1-278A-1000-000100020000} = C:\Program Files\7-Zip\7-zipn.dll AVG Anti-Spyware = {8934FCEF-F5B8-468f-951F-78A921CD3920} = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll CuteFTP = {8f7261d0-d2b9-11d2-9909-00605205b24c} = C:\PROGRA~1\GlobalSCAPE\CuteFTP\CuteShell.dll EncryptionMenu = {A470F8CF-A1E8-4f65-8335-227475AA5C46} = C:\WINDOWS\system32\SHELL32.dll Offline Files = {750fdf0e-2a26-11d1-a3ea-080036587f03} = C:\WINDOWS\System32\cscui.dll Sharing = {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = ntshrui.dll TrojanHunter = {EBDF1F20-C829-11D1-8233-FF20AF3E97A9} = C:\PROGRA~1\TROJAN~1.8\contmenu.dll [Directory\Background (2)] ACE = {5E2121EE-0300-11D4-8D3B-444553540000} = C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll New = {D969A300-E7FF-11d0-A93B-00A0C90F2719} = C:\WINDOWS\system32\SHELL32.dll [file (1)] Symantec.Norton.Antivirus.IEContextMenu = {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} = C:\PROGRA~1\NORTON~1\NavShExt.dll [ChannelShortcut (1)] Channel Menu Handler Object = {f3da0dc0-9cc8-11d0-a599-00c04fd64437} = C:\WINDOWS\System32\cdfview.dll [InternetShortcut (1)] Internet Shortcut = {FBF23B40-E3F0-101B-8488-00AA003E56F8} = shdocvw.dll [AllFileSystemObjects (1)] Send To = {7BA4C740-9E81-11CF-99D3-00AA004AE837} = C:\WINDOWS\system32\SHELL32.dll -------------------- ColumnHandlers (4): (no name) - {0D2E74C4-3C34-11d2-A27E-00C04FC30871} - C:\WINDOWS\system32\SHELL32.dll (no name) - {24F14F01-7B1C-11d1-838f-0000F80461CF} - C:\WINDOWS\system32\SHELL32.dll (no name) - {24F14F02-7B1C-11d1-838f-0000F80461CF} - C:\WINDOWS\system32\SHELL32.dll (no name) - {66742402-F9B9-11D1-A202-0000F81FEDEE} - C:\WINDOWS\system32\SHELL32.dll -------------------- ShellExecuteHooks (2): AVG Anti-Spyware 7.5 = {57B86673-276A-48B2-BAE7-C6DBB3020EB8} = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll URL Exec Hook = {AEB6717E-7E19-11d0-97EE-00C04FD91972} = shell32.dll -------------------- Approved Shell Extensions: [All users (183)] %DESC_PublishDropTarget% - {60fd46de-f830-4894-a628-6fa81bc0190d} - C:\WINDOWS\System32\photowiz.dll &Address - {01E04581-4EEE-11d0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll .CAB file viewer - {0CD7A5C0-9F37-11CE-AE65-08002B2E1262} - cabview.dll Accessible - {7e653215-fa25-46bd-a339-34a2790f3cb7} - C:\WINDOWS\System32\browseui.dll ActiveX Cache Folder - {88C6C381-2E85-11D0-94DE-444553540000} - C:\WINDOWS\System32\occache.dll Adaptec DirectCD Shell Extension - {5E44E225-A408-11CF-B581-008029601108} - C:\PROGRA~1\Roxio\EASYCD~1\DirectCD\Shellex.dll Address Bar Parser - {E0E11A09-5CB8-4B6C-8332-E00720A168F2} - C:\WINDOWS\System32\browseui.dll Address EditBox - {A08C11D2-A228-11d0-825B-00AA005B4383} - C:\WINDOWS\System32\browseui.dll Administrative Tools - {D20EA4E1-3957-11d2-A40B-0C5020524153} - C:\WINDOWS\system32\shdocvw.dll AlcoholShellEx - {32020A01-506E-484D-A2A8-BE3CF17601C3} - C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll Audio Media Properties Handler - {875CB1A1-0F29-45de-A1AE-CFB4950D0B78} - C:\WINDOWS\System32\shmedia.dll Augmented Shell Folder - {91EA3F8B-C99B-11d0-9815-00C04FD91972} - C:\WINDOWS\System32\browseui.dll Augmented Shell Folder 2 - {6413BA2C-B461-11d1-A18A-080036B11A03} - C:\WINDOWS\System32\browseui.dll Auto Update Property Sheet Extension - {5F327514-6C5E-4d60-8F16-D07FA08A78ED} - C:\WINDOWS\System32\wuaucpl.cpl Avi Properties Handler - {87D62D94-71B3-4b9a-9489-5FE6850DC73E} - C:\WINDOWS\System32\shmedia.dll BandProxy - {F61FFEC1-754F-11d0-80CA-00AA005B4383} - C:\WINDOWS\System32\browseui.dll Briefcase - {85BBD920-42A0-1069-A2E4-08002B30309D} - syncui.dll Catalyst Context Menu extension - {5E2121EE-0300-11D4-8D3B-444553540000} - C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll CDF Extension Copy Hook - {67EA19A0-CCEF-11d0-8024-00C04FD75D13} - C:\WINDOWS\System32\shdocvw.dll Channel File - {f39a0dc0-9cc8-11d0-a599-00c04fd64433} - C:\WINDOWS\System32\cdfview.dll Channel Handler Object - {f3ba0dc0-9cc8-11d0-a599-00c04fd64435} - C:\WINDOWS\System32\cdfview.dll Channel Menu - {f3da0dc0-9cc8-11d0-a599-00c04fd64437} - C:\WINDOWS\System32\cdfview.dll Channel Properties - {f3ea0dc0-9cc8-11d0-a599-00c04fd64438} - C:\WINDOWS\System32\cdfview.dll Channel Shortcut - {f3aa0dc0-9cc8-11d0-a599-00c04fd64434} - C:\WINDOWS\System32\cdfview.dll Code Download Agent - {7D559C10-9FE9-11d0-93F7-00AA0059CE02} - C:\WINDOWS\System32\webcheck.dll Compatibility Page - {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} - SlayerXP.dll Compressed (zipped) Folder - {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} - C:\WINDOWS\System32\zipfldr.dll Compressed (zipped) Folder Right Drag Handler - {BD472F60-27FA-11cf-B8B4-444553540000} - C:\WINDOWS\System32\zipfldr.dll Compressed (zipped) Folder SendTo Target - {888DCA60-FC0A-11CF-8F0F-00C04FD7D062} - C:\WINDOWS\System32\zipfldr.dll ConnectionAgent - {E6CC6978-6B6E-11D0-BECA-00C04FD940BE} - C:\WINDOWS\System32\webcheck.dll Crypto PKO Extension - {7444C717-39BF-11D1-8CD9-00C04FC29D45} - C:\WINDOWS\system32\cryptext.dll Crypto Sign Extension - {7444C719-39BF-11D1-8CD9-00C04FC29D45} - C:\WINDOWS\system32\cryptext.dll Custom MRU AutoCompleted List - {6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} - C:\WINDOWS\System32\browseui.dll CuteFTP Shell Extension - {8f7261d0-d2b9-11d2-9909-00605205b24c} - C:\PROGRA~1\GlobalSCAPE\CuteFTP\CuteShell.dll Darwin App Publisher - {CFCCC7A0-A282-11D1-9082-006008059382} - C:\WINDOWS\System32\appwiz.cpl dBpowerAMP Music Converter - {2C49B5D0-ACE7-4D17-9DF0-A254A6C5A0C5} - C:\Program Files\Illustrate\dBpowerAMP\dMCShell.dll dBpowerAMP Music Converter 1 - {FED7043D-346A-414D-ACD7-550D052499A7} - C:\Program Files\Illustrate\dBpowerAMP\dBShell.dll DfsShell - {ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} - C:\WINDOWS\System32\dfsshlex.dll Directory Context Menu Verbs - {62AE1F9A-126A-11D0-A14B-0800361B1103} - C:\WINDOWS\System32\dsuiext.dll Directory Object Find - {163FDC20-2ABC-11d0-88F0-00A024AB2DBB} - C:\WINDOWS\System32\dsquery.dll Directory Property UI - {0D45D530-764B-11d0-A1CA-00AA00C16E65} - C:\WINDOWS\System32\dsuiext.dll Directory Query UI - {8A23E65E-31C2-11d0-891C-00A024AB2DBB} - C:\WINDOWS\System32\dsquery.dll Directory Start/Search Find - {F020E586-5264-11d1-A532-0000F8757D7E} - C:\WINDOWS\System32\dsquery.dll Disk Copy Extension - {59099400-57FF-11CE-BD94-0020AF85B590} - diskcopy.dll Disk Quota UI - {7988B573-EC89-11cf-9C00-00AA00A14F56} - dskquoui.dll Display Adapter CPL Extension - {42071712-76d4-11d1-8b24-00a0c9068ff3} - deskadp.dll Display Monitor CPL Extension - {42071713-76d4-11d1-8b24-00a0c9068ff3} - deskmon.dll Display Panning CPL Extension - {42071714-76d4-11d1-8b24-00a0c9068ff3} - deskpan.dll Display TroubleShoot CPL Extension - {f92e8c40-3d33-11d2-b1aa-080036a75b03} - deskperf.dll Download Status - {22BF0C20-6DA7-11D0-B373-00A0C9034938} - C:\WINDOWS\System32\browseui.dll DS Security Page - {4E40F770-369C-11d0-8922-00A024AB2DBB} - dssec.dll E-mail - {2559a1f5-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll Encryption Context Menu - {853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} - Explorer Band - {EFA24E64-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\System32\shdocvw.dll Favorites Band - {EFA24E61-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\System32\shdocvw.dll Fonts - {BD84B380-8CA2-1069-AB1D-08000948F534} - fontext.dll Fonts - {D20EA4E1-3957-11d2-A40B-0C5020524152} - C:\WINDOWS\system32\shdocvw.dll For &People... - {32714800-2E5F-11d0-8B85-00AA0044F941} - C:\Program Files\Outlook Express\wabfind.dll FTP Folders Webview - {63da6ec0-2e98-11cf-8d82-444553540000} - C:\WINDOWS\System32\msieftp.dll Fusion Cache - {1D2680C9-0E2A-469d-B787-065558BC7D43} - C:\WINDOWS\system32\mscoree.dll GDI+ file thumbnail extractor - {3F30C968-480A-4C6C-862D-EFC0897BB84B} - C:\WINDOWS\System32\shimgvw.dll Get a Passport Wizard - {58f1f272-9240-4f51-b6d4-fd63d1618591} - C:\WINDOWS\System32\netplwiz.dll Global Folder Settings - {EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} - C:\WINDOWS\System32\browseui.dll Help and Support - {2559a1f1-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll Help and Support - {2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll History - {FF393560-C2A7-11CF-BFF4-444553540000} - C:\WINDOWS\System32\shdocvw.dll HTML Thumbnail Extractor - {EAB841A0-9550-11cf-8C16-00805F1408F3} - C:\WINDOWS\System32\shimgvw.dll HyperTerminal Icon Ext - {88895560-9AA2-1069-930E-00AA0030EBC8} - C:\WINDOWS\System32\hticons.dll ICC Profile - {DBCE2480-C732-101B-BE72-BA78E9AD5B27} - C:\WINDOWS\system32\icmui.dll ICM Monitor Management - {5DB2625A-54DF-11D0-B6C4-0800091AA605} - C:\WINDOWS\System32\icmui.dll ICM Printer Management - {675F097E-4C4D-11D0-B6C1-0800091AA605} - C:\WINDOWS\system32\icmui.dll ICM Scanner Management - {176d6597-26d3-11d1-b350-080036a75b03} - icmui.dll IE4 Suite Splash Screen - {A2B0DD40-CC59-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\shdocvw.dll In-pane search - {169A0691-8DF9-11d1-A1C4-00C04FD75D13} - C:\WINDOWS\System32\browseui.dll Installed Apps Enumerator - {0B124F8F-91F0-11D1-B8B5-006008059382} - C:\WINDOWS\System32\appwiz.cpl Internet - {2559a1f4-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll Internet Name Space - {871C5380-42A0-1069-A2EA-08002B30309D} - C:\WINDOWS\System32\shdocvw.dll InternetShortcut - {FBF23B40-E3F0-101B-8488-00AA003E56F8} - shdocvw.dll ISFBand OC - {131A6951-7F78-11D0-A979-00C04FD705A2} - C:\WINDOWS\System32\shdocvw.dll iTunes - {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} - C:\Program Files\iTunes\iTunesMiniPlayer.dll Media Band - {32683183-48a0-441b-a342-7c2a440a9478} - C:\WINDOWS\System32\browseui.dll Microsoft Agent Character Property Sheet Handler - {143A62C8-C33B-11D1-84FE-00C04FA34A14} - C:\WINDOWS\msagent\agentpsh.dll Microsoft AutoComplete - {00BB2763-6A77-11D0-A535-00C04FD7D062} - C:\WINDOWS\System32\browseui.dll Microsoft Browser Architecture - {A5E46E3A-8849-11D1-9D8C-00C04FC99D61} - C:\WINDOWS\System32\shdocvw.dll Microsoft BrowserBand - {7BA4C742-9E81-11CF-99D3-00AA004AE837} - C:\WINDOWS\System32\browseui.dll Microsoft Data Link - {2206CDB2-19C1-11D1-89E0-00C04FD7A829} - C:\Program Files\Common Files\System\Ole DB\oledb32.dll Microsoft DocProp Inplace Calendar Control - {6A205B57-2567-4A2C-B881-F787FAB579A3} - C:\WINDOWS\System32\docprop2.dll Microsoft DocProp Inplace Droplist Combo Control - {0EEA25CC-4362-4A12-850B-86EE61B0D3EB} - C:\WINDOWS\System32\docprop2.dll Microsoft DocProp Inplace Edit Box Control - {A9CF0EAE-901A-4739-A481-E35B73E47F6D} - C:\WINDOWS\System32\docprop2.dll Microsoft DocProp Inplace ML Edit Box Control - {8EE97210-FD1F-4B19-91DA-67914005F020} - C:\WINDOWS\System32\docprop2.dll Microsoft DocProp Inplace Time Control - {28F8A4AC-BBB3-4D9B-B177-82BFC914FA33} - C:\WINDOWS\System32\docprop2.dll Microsoft DocProp Shell Ext - {883373C3-BF89-11D1-BE35-080036B11A03} - C:\WINDOWS\System32\docprop2.dll Microsoft History AutoComplete List - {00BB2764-6A77-11D0-A535-00C04FD7D062} - C:\WINDOWS\System32\browseui.dll Microsoft Internet Toolbar - {5E6AB780-7743-11CF-A12B-00AA004AE837} - C:\WINDOWS\System32\browseui.dll Microsoft Multiple AutoComplete List Container - {00BB2765-6A77-11D0-A535-00C04FD7D062} - C:\WINDOWS\System32\browseui.dll Microsoft Office HTML Icon Handler - {42042206-2D85-11D3-8CFF-005004838597} - C:\Program Files\Microsoft Office\Office10\msohev.dll Microsoft Outlook Custom Icon Handler - {0006F045-0000-0000-C000-000000000046} - C:\PROGRA~1\MICROS~4\Office\OLKFSTUB.DLL Microsoft Shell Folder AutoComplete List - {03C036F1-A186-11D0-824A-00AA005B4383} - C:\WINDOWS\System32\browseui.dll Microsoft Url History Service - {3C374A40-BAE4-11CF-BF7D-00AA006946EE} - C:\WINDOWS\System32\shdocvw.dll Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\System32\shdocvw.dll Midi Properties Handler - {A6FD9E45-6E44-43f9-8644-08598F5A74D9} - C:\WINDOWS\System32\shmedia.dll MMC Icon Handler - {7A80E4A8-8005-11D2-BCF8-00C04F72C717} - C:\WINDOWS\System32\mmcshext.dll MRU AutoComplete List - {6756A641-DE71-11d0-831B-00AA005B4383} - C:\WINDOWS\System32\browseui.dll Multimedia File Property Sheet - {00022613-0000-0000-C000-000000000046} - mmsys.cpl MyDocs Copy Hook - {ECF03A33-103D-11d2-854D-006008059367} - C:\WINDOWS\System32\mydocs.dll MyDocs Drop Target - {ECF03A32-103D-11d2-854D-006008059367} - C:\WINDOWS\System32\mydocs.dll MyDocs Properties - {4a7ded0a-ad25-11d0-98a8-0800361b1103} - C:\WINDOWS\System32\mydocs.dll Network Connections - {7007ACC7-3202-11D1-AAD2-00805FC1270E} - C:\WINDOWS\system32\NETSHELL.dll Network Connections - {992CFFA0-F557-101A-88EC-00DD010CCC48} - C:\WINDOWS\system32\NETSHELL.dll NTFS Security Page - {1F2E5C40-9550-11CE-99D2-00AA006E086C} - rshx32.dll Offline Files Folder - {AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} - C:\WINDOWS\System32\cscui.dll Offline Files Folder Options - {10CFC467-4392-11d2-8DB4-00C04FA31A66} - C:\WINDOWS\System32\cscui.dll Offline Files Menu - {750fdf0e-2a26-11d1-a3ea-080036587f03} - C:\WINDOWS\System32\cscui.dll OLE Docfile Property Page - {3EA48300-8CF6-101B-84FB-666CCB9BCD32} - docprop.dll PlusPack CPL Extension - {41E300E0-78B6-11ce-849B-444553540000} - C:\WINDOWS\System32\themeui.dll Portable Media Devices - {640167b4-59b0-47a6-b335-a6b3c0695aea} - C:\WINDOWS\System32\Audiodev.dll Portable Media Devices Menu - {cc86590a-b60a-48e6-996b-41d25ed39a1e} - C:\WINDOWS\System32\Audiodev.dll PostAgent - {D8BD2030-6FC9-11D0-864F-00AA006809D9} - C:\WINDOWS\System32\webcheck.dll Print Ordering via the Web - {add36aa8-751a-4579-a266-d66f5202ccbb} - C:\WINDOWS\System32\netplwiz.dll Printers Security Page - {F37C5810-4D3F-11d0-B4BF-00AA00BBB723} - rshx32.dll Registry Tree Options Utility - {AF4F6510-F982-11d0-8595-00AA004CD6D8} - C:\WINDOWS\System32\browseui.dll Remote Sessions CPL Extension - {F0152790-D56E-4445-850E-4F3117DB740C} - C:\WINDOWS\System32\remotepg.dll Run... - {2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll Scanners & Cameras - {3F953603-1008-4f6e-A73A-04AAC7A992F1} - wiashext.dll Scanners & Cameras - {83bbcbf3-b28a-4919-a5aa-73027445d672} - wiashext.dll Scanners & Cameras - {905667aa-acd6-11d2-8080-00805f6596d2} - wiashext.dll Scanners & Cameras - {E211B736-43FD-11D1-9EFB-0000F8757FCD} - wiashext.dll Scanners & Cameras - {FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD} - wiashext.dll Scheduled Tasks - {D6277990-4C6A-11CF-8D87-00AA0060F5BF} - C:\WINDOWS\System32\mstask.dll Search - {2559a1f0-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll Search Assistant OC - {9461b922-3c5a-11d2-bf8b-00c04fb93661} - C:\WINDOWS\System32\shdocvw.dll Search Band - {30D02401-6A81-11d0-8274-00C04FD5AE38} - C:\WINDOWS\System32\browseui.dll Sendmail service - {9E56BE60-C50F-11CF-9A2C-00A0C90A90CE} - C:\WINDOWS\System32\sendmail.dll Sendmail service - {9E56BE61-C50F-11CF-9A2C-00A0C90A90CE} - C:\WINDOWS\System32\sendmail.dll Shell Application Manager - {352EC2B7-8B9A-11D1-B8AE-006008059382} - C:\WINDOWS\System32\appwiz.cpl Shell Automation Inproc Service - {0A89A860-D7B1-11CE-8350-444553540000} - C:\WINDOWS\System32\shdocvw.dll Shell Band Site Menu - {ECD4FC4E-521C-11D0-B792-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll Shell DeskBar - {ECD4FC4C-521C-11D0-B792-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll Shell DeskBarApp - {3CCF8A41-5C85-11d0-9796-00AA00B90ADF} - C:\WINDOWS\System32\browseui.dll Shell DocObject Viewer - {E7E4BC40-E76A-11CE-A9BB-00AA004AE837} - C:\WINDOWS\System32\shdocvw.dll Shell extensions for file compression - {764BF0E1-F219-11ce-972D-00AA00A14F56} - Shell extensions for Microsoft Windows Network objects - {59be4990-f85c-11ce-aff7-00aa003ca9f6} - ntlanui2.dll Shell Extensions for RealOne Player - {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - C:\Program Files\Real\RealOne Player\rpshellext.dll Shell extensions for sharing - {40dd6e20-7c17-11ce-a804-00aa003ca9f6} - ntshrui.dll Shell extensions for sharing - {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} - ntshrui.dll Shell extensions for Windows Script Host - {60254CA5-953B-11CF-8C96-00AA00B8708C} - C:\WINDOWS\System32\wshext.dll Shell Image Data Factory - {66e4e4fb-f385-4dd0-8d74-a2efd1bc6178} - C:\WINDOWS\System32\shimgvw.dll Shell Image Property Handler - {eb9b1153-3b57-4e68-959a-a3266bc3d7fe} - C:\WINDOWS\System32\shimgvw.dll Shell Image Verbs - {e84fda7c-1d6a-45f6-b725-cb260c236066} - C:\WINDOWS\System32\shimgvw.dll Shell properties for a DS object - {9E51E0D0-6E0F-11d2-9601-00C04FA31A86} - C:\WINDOWS\System32\dsquery.dll Shell Publishing Wizard Object - {6b33163c-76a5-4b6c-bf21-45de9cd503a1} - C:\WINDOWS\System32\netplwiz.dll Shell Rebar BandSite - {ECD4FC4D-521C-11D0-B792-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll Shell Scrap DataHandler - {56117100-C0CD-101B-81E2-00AA004AE837} - shscrap.dll Subscription Folder - {F5175861-2688-11d0-9C5E-00AA00A45957} - C:\WINDOWS\System32\webcheck.dll Subscription Mgr - {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} - C:\WINDOWS\System32\webcheck.dll Summary Info Thumbnail handler (DOCFILES) - {9DBD2C50-62AD-11d0-B806-00C04FD706EC} - C:\WINDOWS\System32\shimgvw.dll Taskbar and Start Menu - {0DF44EAA-FF21-4412-828E-260A8728E7F1} - Tasks Folder Icon Handler - {DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF} - C:\WINDOWS\System32\mstask.dll Tasks Folder Shell Extension - {797F1E90-9EDD-11cf-8D8E-00AA0060F5BF} - C:\WINDOWS\System32\mstask.dll Temporary Internet Files - {7BD29E00-76C1-11CF-9DD0-00A0C9034933} - C:\WINDOWS\System32\shdocvw.dll Temporary Internet Files - {7BD29E01-76C1-11CF-9DD0-00A0C9034933} - C:\WINDOWS\System32\shdocvw.dll The Internet - {3DC7A020-0ACD-11CF-A9BB-00AA004AE837} - C:\WINDOWS\System32\shdocvw.dll Track Popup Bar - {acf35015-526e-4230-9596-becbe19f0ac9} - C:\WINDOWS\System32\browseui.dll TrayAgent - {E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7} - C:\WINDOWS\System32\webcheck.dll TridentImageExtractor - {7376D660-C583-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\browseui.dll Trojan Remover Shell Extension - {52B87208-9CCF-42C9-B88E-069281105805} - TrojanHunter Menu Shell Extension - {EBDF1F20-C829-11D1-8233-FF20AF3E97A9} - C:\PROGRA~1\TROJAN~1.8\contmenu.dll User Accounts - {7A9D77BD-5403-11d2-8785-2E0420524153} - User Assist - {DD313E04-FEFF-11d1-8ECD-0000F87A470C} - C:\WINDOWS\System32\browseui.dll Video Media Properties Handler - {40C3D757-D6E4-4b49-BB41-0E5BBEA28817} - C:\WINDOWS\System32\shmedia.dll Video Thumbnail Extractor - {c5a40261-cd64-4ccf-84cb-c394da41d590} - C:\WINDOWS\System32\shmedia.dll Wav Properties Handler - {E4B29F9D-D390-480b-92FD-7DDB47101D71} - C:\WINDOWS\System32\shmedia.dll Web Folders - {BDEADF00-C265-11D0-BCED-00A0C90AB50F} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL Web Printer Shell Extension - {77597368-7b15-11d0-a0c2-080036af3f03} - printui.dll Web Publishing Wizard - {CC6EEFFB-43F6-46c5-9619-51D571967F7D} - C:\WINDOWS\System32\netplwiz.dll Web Search - {07798131-AF23-11d1-9111-00A0C98BA67D} - C:\WINDOWS\System32\browseui.dll WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\System32\webcheck.dll WebCheck SyncMgr Handler - {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} - C:\WINDOWS\System32\webcheck.dll WebCheckChannelAgent - {E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB} - C:\WINDOWS\System32\webcheck.dll WebCheckWebCrawler - {08165EA0-E946-11CF-9C87-00AA005127ED} - C:\WINDOWS\System32\webcheck.dll Windows Media Player Add to Playlist Context Menu Handler - {F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} - C:\WINDOWS\System32\wmpshell.dll Windows Media Player Burn Audio CD Context Menu Handler - {CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} - C:\WINDOWS\System32\wmpshell.dll Windows Media Player Play as Playlist Context Menu Handler - {8DD448E6-C188-4aed-AF92-44956194EB1F} - C:\WINDOWS\System32\wmpshell.dll [This user (1)] Web Folders - {BDEADF00-C265-11d0-BCED-00A0C90AB50F} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL -------------------- Registry 'Run' keys: [User Run] ctfmon.exe = C:\WINDOWS\System32\ctfmon.exe Steam = [System Run] !AVG Anti-Spyware = "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized AdaptecDirectCD = "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe" AsioReg = REGSVR32.EXE /S CTASIO.DLL ATICCC = "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay ATIPTA = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe ccApp = "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" CTDVDDet = C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE CTHelper = CTHELPER.EXE CTSysVol = C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe DVDSentry = C:\WINDOWS\System32\DSentry.exe DXDllRegExe = C:\WINDOWS\System32\dxdllreg.exe Microsoft Works Update Detection = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe mmtask = C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe MMTray = C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe osCheck = "C:\Program Files\Norton AntiVirus\osCheck.exe" PRONoMgr.exe = C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe QuickTime Task = "C:\Program Files\QuickTime\qttask.exe" -atboottime SunJavaUpdateSched = C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot UpdReg = C:\WINDOWS\UpdReg.EXE -------------------- Protocols: [Pluggable MIME filters (8)] application/octet-stream = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} = C:\WINDOWS\System32\mscoree.dll application/x-complus = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} = C:\WINDOWS\System32\mscoree.dll application/x-msdownload = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} = C:\WINDOWS\System32\mscoree.dll Class Install Handler = {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} = C:\WINDOWS\System32\urlmon.dll deflate = {8f6b0360-b80d-11d0-a9b3-006097942311} = C:\WINDOWS\System32\urlmon.dll gzip = {8f6b0360-b80d-11d0-a9b3-006097942311} = C:\WINDOWS\System32\urlmon.dll lzdhtml = {8f6b0360-b80d-11d0-a9b3-006097942311} = C:\WINDOWS\System32\urlmon.dll text/webviewhtml = {733AC4CB-F1A4-11d0-B951-00A0C90312E1} = C:\WINDOWS\system32\SHELL32.dll [Protocol handlers (23)] about = {3050F406-98B5-11CF-BB82-00AA00BDCE0B} = C:\WINDOWS\System32\mshtml.dll cdl = {3dd53d40-7b8b-11D0-b013-00aa0059ce02} = C:\WINDOWS\System32\urlmon.dll cdo = {CD00020A-8B95-11D1-82DB-00C04FB1625D} = C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL dvd = {12D51199-0DB5-46FE-A120-47A3D7D937CC} = C:\WINDOWS\System32\msvidctl.dll file = {79eac9e7-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\System32\urlmon.dll ftp = {79eac9e3-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\System32\urlmon.dll gopher = {79eac9e4-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\System32\urlmon.dll http = {79eac9e2-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\System32\urlmon.dll https = {79eac9e5-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\System32\urlmon.dll its = {9D148291-B9C8-11D0-A4CC-0000F80149F6} = C:\WINDOWS\System32\itss.dll javascript = {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} = C:\WINDOWS\System32\mshtml.dll local = {79eac9e7-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\System32\urlmon.dll mailto = {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} = C:\WINDOWS\System32\mshtml.dll mhtml = {05300401-BCBC-11d0-85E3-00C04FD85AB4} = C:\WINDOWS\System32\inetcomm.dll mk = {79eac9e6-baf9-11ce-8c82-00aa004ba90b} = C:\WINDOWS\System32\urlmon.dll ms-its = {9D148291-B9C8-11D0-A4CC-0000F80149F6} = C:\WINDOWS\System32\itss.dll ms-itss = {0A9007C0-4076-11D3-8789-0000F8105754} = C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll res = {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} = C:\WINDOWS\System32\mshtml.dll sysimage = {76E67A63-06E9-11D2-A840-006008059382} = C:\WINDOWS\System32\mshtml.dll tv = {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} = C:\WINDOWS\System32\msvidctl.dll vbscript = {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} = C:\WINDOWS\System32\mshtml.dll vnd.ms.radio = {3DA2AA3B-3D96-11D2-9BD2-204C4F4F5020} = C:\WINDOWS\System32\msdxm.ocx wia = {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} = C:\WINDOWS\System32\wiascr.dll -------------------- WOW compatibility: cmdline = C:\WINDOWS\system32\ntvdm.exe wowcmdline = C:\WINDOWS\system32\ntvdm.exe -a C:\WINDOWS\system32\krnl386 [KnownDlls (16-bit) (40)] avicap.dll avifile.dll comm.drv commdlg.dll compobj.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mapi.dll mciavi.drv mciseq.drv mciwave.drv mmsystem.dll mouse.drv msacm.dll msvideo.dll netapi.dll ole2.dll ole2disp.dll ole2nls.dll olecli.dll olesvr.dll pmspl.dll progman.exe rasapi16.dll shell.dll sound.drv storage.dll system.drv timer.drv toolhelp.dll typelib.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe [KnownDlls (32-bit) (20)] advapi32.dll comdlg32.dll gdi32.dll imagehlp.dll kernel32.dll lz32.dll ole32.dll oleaut32.dll olecli32.dll olecnv32.dll olesvr32.dll olethk32.dll rpcrt4.dll shell32.dll url.dll urlmon.dll user32.dll version.dll wininet.dll wldap32.dll -------------------- ShellServiceObjectDelayLoad: [All users (4)] CDBurn = {fbeb8a05-beee-4442-804e-409d6c4515e9} = C:\WINDOWS\system32\SHELL32.dll PostBootReminder = {7849596a-48ea-486e-8937-a2a3009f31a9} = C:\WINDOWS\system32\SHELL32.dll SysTray = {35CEC8A3-2BE6-11D2-8773-92E220524153} = C:\WINDOWS\System32\stobject.dll WebCheck = {E6FB5E20-DE35-11CF-9C87-00AA005127ED} = C:\WINDOWS\System32\webcheck.dll -------------------- SharedTaskScheduler (2): Browseui preloader = {438755C2-A8BA-11D1-B96B-00A0C90312E1} = C:\WINDOWS\System32\browseui.dll Component Categories cache daemon = {8C7461EF-2B13-11d2-BE35-3078302C2030} = C:\WINDOWS\System32\browseui.dll -------------------- Winsock LSP: [Protocols (18)] MSAFD Tcpip [TCP/IP] - {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD Tcpip [UDP/IP] - {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} - C:\WINDOWS\system32\mswsock.dll RSVP UDP Service Provider - {9D60A9E0-337A-11D0-BD88-0000C082E69A} - C:\WINDOWS\system32\rsvpsp.dll RSVP TCP Service Provider - {9D60A9E0-337A-11D0-BD88-0000C082E69A} - C:\WINDOWS\system32\rsvpsp.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{D8FD4264-F0CC-43EE-86F2-F9E2A7DCFC47}] SEQPACKET 6 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{D8FD4264-F0CC-43EE-86F2-F9E2A7DCFC47}] DATAGRAM 6 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{52689E74-15A6-4DD0-A158-77464C215EDC}] SEQPACKET 1 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{52689E74-15A6-4DD0-A158-77464C215EDC}] DATAGRAM 1 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{6B3F6CBB-0727-4B68-BE91-A40552D24CC0}] SEQPACKET 0 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{6B3F6CBB-0727-4B68-BE91-A40552D24CC0}] DATAGRAM 0 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{61820C7F-1F2D-4EC6-AC52-4AA4C5CE956B}] SEQPACKET 2 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{61820C7F-1F2D-4EC6-AC52-4AA4C5CE956B}] DATAGRAM 2 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{E5EC0A67-7EEA-48D6-BF30-90F5C13ABCA3}] SEQPACKET 3 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{E5EC0A67-7EEA-48D6-BF30-90F5C13ABCA3}] DATAGRAM 3 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{FD1D092D-CB83-4A83-A3D2-6CD2BDA2527B}] SEQPACKET 4 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{FD1D092D-CB83-4A83-A3D2-6CD2BDA2527B}] DATAGRAM 4 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{5968C159-7F94-4201-BE42-A88A8F5DF472}] SEQPACKET 5 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll MSAFD NetBIOS [\Device\NetBT_Tcpip_{5968C159-7F94-4201-BE42-A88A8F5DF472}] DATAGRAM 5 - {8D5F1830-C273-11CF-95C8-00805F48A192} - C:\WINDOWS\system32\mswsock.dll [Namespace Providers (3)] Tcpip - {22059D40-7E9E-11CF-AE5A-00AA00A7112B} - C:\WINDOWS\System32\mswsock.dll NTDS - {3B2637EE-E580-11CF-A555-00C04FD8D4AC} - C:\WINDOWS\System32\winrnr.dll Network Location Awareness (NLA) Namespace - {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83} - C:\WINDOWS\System32\mswsock.dll -------------------- 3rd-Party autostarts: [mIRC] * mirc.ini * Remote: remote.ini Remote: remote.ini - Aliases: aliases.ini (13) [aliases] n0=/op /mode # +ooo $$1 $2 $3 n1=/dop /mode # -ooo $$1 $2 $3 n2=/j /join #$$1 $2- n3=/p /part # n4=/n /names #$$1 n5=/w /whois $$1 n6=/k /kick # $$1 $2- n7=/q /query $$1 n8=/send /dcc send $1 $2 n9=/chat /dcc chat $1 n10=/ping /ctcp $$1 ping n11=/s /server $$1- -------------------- Hijack points: [Reset web settings URLs] SearchAssistant = CustomizeSearch = START_PAGE_URL = SEARCH_PAGE_URL = MS_START_PAGE_URL = [Internet Explorer URLs] * This user * - Internet Explorer\Main (5) Default_Page_Url = http://www.dellnet.com Local Page = C:\WINDOWS\System32\blank.htm Search Bar = http://www.google.com/ie Search Page = http://www.google.com Start Page = http://www.bluesnews.com/ - Internet Explorer\Search (1) SearchAssistant = http://www.google.com/ie - Internet Explorer\SearchURL (1) (Default) = http://www.google.com/search?q=%s - Internet Explorer\Desktop\General (2) BackupWallpaper = %USERPROFILE%\Local Settings\Application Data\Microsoft\Wallpaper1.bmp Wallpaper = %USERPROFILE%\Local Settings\Application Data\Microsoft\Wallpaper1.bmp * All users * - Internet Explorer\Main (7) CustomizeSearch = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Default_Page_Url = http://www.dellnet.com Default_Search_Url = http://www.google.com/ie Local Page = %SystemRoot%\system32\blank.htm Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchAssistant = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page = http://www.msn.com/ - Internet Explorer\Search (3) CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm Default_Search_Url = http://www.google.com/ie SearchAssistant = http://www.google.com/ie - Internet Explorer\AboutURLs (6) blank = res://mshtml.dll/blank.htm DesktopItemNavigationFailure = res://shdoclc.dll/navcancl.htm NavigationCanceled = res://shdoclc.dll/navcancl.htm NavigationFailure = res://shdoclc.dll/navcancl.htm OfflineInformation = res://shdoclc.dll/offcancl.htm PostNotCached = res://mshtml.dll/repost.htm [Default URL prefixes] default = http:// ftp = ftp:// gopher = gopher:// home = http:// mosaic = http:// www = http:// [Hosts file location] DatabasePath = C:\WINDOWS\System32\drivers\etc\hosts -------------------- Protection & disabled items: [Hosts file (1)] * 127.0.0.1 * localhost [ActiveX killbits (7)] &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar5.dll ActiveXPlugin Object - {06DD38D3-D187-11CF-A80D-00C04FD74AD8} - C:\WINDOWS\System32\plugin.ocx CEnroll Class - {43F8F289-7A20-11D0-8F06-00C04FC295E1} - C:\WINDOWS\system32\xenroll.dll HHCtrl Object - {ADB880A6-D8FF-11CF-9377-00AA003B7A11} - C:\WINDOWS\System32\hhctrl.ocx LM Runtime Control - {183C259A-0480-11d1-87EA-00C04FC29D46} - C:\WINDOWS\System32\lmrt.dll Microsoft Rich Textbox Control 6.0 (SP4) - {3B7C8860-D78F-101B-B9B5-04021C009402} - C:\WINDOWS\System32\richtx32.ocx RegWizCtrl - {50E5E3D1-C07E-11D0-B9FD-00A0249F6B00} - C:\WINDOWS\System32\regwizc.dll [MSConfig XP (23)] Aida = C:\Documents and Settings\Doug Radcliffe\Application Data\eetu.exe ap9h4qmo = C:\WINDOWS\System32\ap9h4qmo.exe BDAZEK = C:\WINDOWS\System32\BDAZEK.exe BullsEye Network = C:\Program Files\BullsEye Network\bin\bargains.exe ControlPanel = C:\WINDOWS\System32\cmd32.exe internat.dll,LoadKeyboardProfile Desktop Search = C:\WINDOWS\isrvs\desktop.exe dx4.exe = C:\documents and settings\doug radcliffe\local settings\temp\dx4.exe igndlm.exe = C:\Program Files\IGN\Download Manager\DLM.exe /windowsstart /startifwork iTunesHelper = "C:\Program Files\iTunes\iTunesHelper.exe" kdx = C:\WINDOWS\kdx\KHost.exe Media Access = C:\Program Files\Media Access\MediaAccK.exe Microsoft Update = Microsoft.exe mswspl = C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe RunDLL = rundll32.exe "C:\WINDOWS\System32\bridge.dll",Load saap = c:\windows\saap.exe Security iGuard = C:\Program Files\Security iGuard\Security iGuard.exe SurfSideKick 2 = C:\Program Files\SurfSideKick 2\Ssk.exe TBPS = C:\PROGRA~1\Toolbar\TBPS.exe Tcvhk = C:\WINDOWS\System32\??erinit.exe tilglej = C:\WINDOWS\tilglej.exe ViewMgr = C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe WinTools = C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe xlktrjjk = c:\windows\system32\xlktrjjk.exe [Stopped/disabled NT Services] * Stopped (48) * Alerter = C:\WINDOWS\System32\svchost.exe -k LocalService Application Layer Gateway Service = C:\WINDOWS\System32\alg.exe ASP.NET State Service = C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe Background Intelligent Transfer Service = C:\WINDOWS\System32\svchost.exe -k netsvcs ClipBook = C:\WINDOWS\system32\clipsrv.exe COM+ Event System = C:\WINDOWS\System32\svchost.exe -k netsvcs COM+ System Application = C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} Distributed Transaction Coordinator = C:\WINDOWS\System32\msdtc.exe Fast User Switching Compatibility = C:\WINDOWS\System32\svchost.exe -k netsvcs IMAPI CD-Burning COM Service = C:\WINDOWS\System32\imapi.exe Indexing Service = C:\WINDOWS\system32\cisvc.exe InstallDriver Table Manager = "C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe" Intel NCS NetService = C:\Program Files\Intel\NCS\Sync\NetSvc.exe Internet Connection Firewall (ICF) / Internet Connection Sharing (ICS) = C:\WINDOWS\System32\svchost.exe -k netsvcs iPodService = C:\Program Files\iPod\bin\iPodService.exe LiveUpdate = "C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE" Logical Disk Manager = C:\WINDOWS\System32\svchost.exe -k netsvcs Logical Disk Manager Administrative Service = C:\WINDOWS\System32\dmadmin.exe /com Messenger = C:\WINDOWS\System32\svchost.exe -k netsvcs MS Software Shadow Copy Provider = C:\WINDOWS\System32\dllhost.exe /Processid:{F79A1568-D6C5-4C69-A086-936CF52DBBE3} Net Logon = C:\WINDOWS\System32\lsass.exe NetMeeting Remote Desktop Sharing = C:\WINDOWS\System32\mnmsrvc.exe Network Connections = C:\WINDOWS\System32\svchost.exe -k netsvcs Network DDE = C:\WINDOWS\system32\netdde.exe Network DDE DSDM = C:\WINDOWS\system32\netdde.exe Network Location Awareness (NLA) = C:\WINDOWS\System32\svchost.exe -k netsvcs NT LM Security Support Provider = C:\WINDOWS\System32\lsass.exe Performance Logs and Alerts = C:\WINDOWS\system32\smlogsvc.exe Portable Media Serial Number Service = C:\WINDOWS\System32\svchost.exe -k netsvcs QoS RSVP = C:\WINDOWS\System32\rsvp.exe Remote Access Auto Connection Manager = C:\WINDOWS\System32\svchost.exe -k netsvcs Remote Access Connection Manager = C:\WINDOWS\System32\svchost.exe -k netsvcs Remote Desktop Help Session Manager = C:\WINDOWS\system32\sessmgr.exe Remote Procedure Call (RPC) Locator = C:\WINDOWS\System32\locator.exe Removable Storage = C:\WINDOWS\system32\svchost.exe -k netsvcs Smart Card = C:\WINDOWS\System32\SCardSvr.exe Smart Card Helper = C:\WINDOWS\System32\SCardSvr.exe SSDP Discovery Service = C:\WINDOWS\System32\svchost.exe -k LocalService Symantec Core LC = "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe" Symantec IS Password Validation = "C:\Program Files\Norton AntiVirus\isPwdSvc.exe" Telephony = C:\WINDOWS\System32\svchost.exe -k netsvcs Terminal Services = C:\WINDOWS\System32\svchost.exe -k netsvcs Uninterruptible Power Supply = C:\WINDOWS\System32\ups.exe Universal Plug and Play Device Host = C:\WINDOWS\System32\svchost.exe -k LocalService Volume Shadow Copy = C:\WINDOWS\System32\vssvc.exe Windows Image Acquisition (WIA) = C:\WINDOWS\System32\svchost.exe -k imgsvc Windows Installer = C:\WINDOWS\System32\msiexec.exe /V WMI Performance Adapter = C:\WINDOWS\System32\wbem\wmiapsrv.exe * Stopped & disabled (3) * Application Management = C:\WINDOWS\system32\svchost.exe -k netsvcs Human Interface Device Access = C:\WINDOWS\System32\svchost.exe -k netsvcs Routing and Remote Access = C:\WINDOWS\System32\svchost.exe -k netsvcs [Windows XP Security] * System Restore * - All users DisableSR = dword: 0 CreateFirstRunRp = dword: 1 DSMin = dword: 200 DSMax = dword: 400 RPSessionInterval = dword: 0 RPGlobalInterval = dword: 86400 RPLifeInterval = dword: 7776000 CompressionBurst = dword: 60 TimerInterval = dword: 120 DiskPercent = dword: 12 ThawInterval = dword: 900 RestoreDiskSpaceError = dword: 0 RestoreStatus = dword: 1 RestoreSafeModeStatus = dword: 0 ================================================== = Other users on this computer: Default user = ================================================== -------------------- Autostart folders: [User Startup] DESKTOP.INI -------------------- IniMapping values: User screensaver = logon.scr -------------------- Policies: [Alternate policies] * Software\Microsoft\Windows\CurrentVersion\policies\Explorer (2) * NoDriveTypeAutoRun = dword: 145 CDRAutoRun = dword: 0 -------------------- Hijack points: [Internet Explorer URLs] * Internet Explorer\Main (5) * Default_Page_Url = http://www.dellnet.com First Home Page = http://www.dellnet.com Search Bar = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page = http://www.dellnet.com ================================================== = Other users on this computer: LOCAL SERVICE = ================================================== -------------------- Autostart folders: [User Startup] DESKTOP.INI -------------------- IniMapping values: User screensaver = C:\WINDOWS\System32\logon.scr -------------------- Policies: [Alternate policies] * Software\Microsoft\Windows\CurrentVersion\policies\Explorer (1) * NoDriveTypeAutoRun = dword: 145 -------------------- Hijack points: [Internet Explorer URLs] * Internet Explorer\Main (2) * Search Bar = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ================================================== = Other users on this computer: NETWORK SERVICE = ================================================== -------------------- Autostart folders: [User Startup] DESKTOP.INI -------------------- IniMapping values: User screensaver = C:\WINDOWS\System32\logon.scr -------------------- Policies: [Alternate policies] * Software\Microsoft\Windows\CurrentVersion\policies\Explorer (1) * NoDriveTypeAutoRun = dword: 145 -------------------- Hijack points: [Internet Explorer URLs] * Internet Explorer\Main (2) * Search Bar = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ================================================== = Other users on this computer: SYSTEM = ================================================== -------------------- Autostart folders: [User Startup] DESKTOP.INI -------------------- IniMapping values: User screensaver = logon.scr -------------------- Policies: [Alternate policies] * Software\Microsoft\Windows\CurrentVersion\policies\Explorer (2) * NoDriveTypeAutoRun = dword: 145 CDRAutoRun = dword: 0 -------------------- Hijack points: [Internet Explorer URLs] * Internet Explorer\Main (5) * Default_Page_Url = http://www.dellnet.com First Home Page = http://www.dellnet.com Search Bar = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch Start Page = http://www.dellnet.com ================================================== = Other hardware configurations: Last known good = ================================================== -------------------- On-reboot actions: BootExecute = autocheck autochk * -------------------- Services: [NT Services (41)] Ati HotKey Poller = C:\WINDOWS\System32\Ati2evxx.exe ATI Smart = C:\WINDOWS\SYSTEM32\ati2sgag.exe Automatic LiveUpdate Scheduler = "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe" Automatic Updates = C:\WINDOWS\system32\svchost.exe -k netsvcs AVG Anti-Spyware Guard = C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe Computer Browser = C:\WINDOWS\System32\svchost.exe -k netsvcs Creative Service for CDROM Access = C:\WINDOWS\System32\CTsvcCDA.exe Cryptographic Services = C:\WINDOWS\system32\svchost.exe -k netsvcs DHCP Client = C:\WINDOWS\System32\svchost.exe -k netsvcs Distributed Link Tracking Client = C:\WINDOWS\system32\svchost.exe -k netsvcs DNS Client = C:\WINDOWS\System32\svchost.exe -k NetworkService Error Reporting Service = C:\WINDOWS\System32\svchost.exe -k netsvcs Event Log = C:\WINDOWS\system32\services.exe Help and Support = C:\WINDOWS\System32\svchost.exe -k netsvcs IPSEC Services = C:\WINDOWS\System32\lsass.exe Plug and Play = C:\WINDOWS\system32\services.exe Print Spooler = C:\WINDOWS\system32\spoolsv.exe Protected Storage = C:\WINDOWS\system32\lsass.exe Remote Procedure Call (RPC) = C:\WINDOWS\system32\svchost -k rpcss Secondary Logon = C:\WINDOWS\System32\svchost.exe -k netsvcs Security Accounts Manager = C:\WINDOWS\system32\lsass.exe Server = C:\WINDOWS\System32\svchost.exe -k netsvcs Shell Hardware Detection = C:\WINDOWS\System32\svchost.exe -k netsvcs Symantec AppCore Service = "C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe" Symantec Event Manager = "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon Symantec Lic NetConnect service = "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon Symantec Settings Manager = "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon System Event Notification = C:\WINDOWS\system32\svchost.exe -k netsvcs System Restore Service = C:\WINDOWS\System32\svchost.exe -k netsvcs Task Scheduler = C:\WINDOWS\System32\svchost.exe -k netsvcs TCP/IP NetBIOS Helper = C:\WINDOWS\System32\svchost.exe -k LocalService Themes = C:\WINDOWS\System32\svchost.exe -k netsvcs Upload Manager = C:\WINDOWS\System32\svchost.exe -k netsvcs WebClient = C:\WINDOWS\System32\svchost.exe -k LocalService Windows Audio = C:\WINDOWS\System32\svchost.exe -k netsvcs Windows Management Instrumentation = C:\WINDOWS\system32\svchost.exe -k netsvcs Windows Time = C:\WINDOWS\system32\svchost.exe -k netsvcs Windows User Mode Driver Framework = C:\WINDOWS\System32\wdfmgr.exe Wireless Zero Configuration = C:\WINDOWS\System32\svchost.exe -k netsvcs WMDM PMSP Service = C:\WINDOWS\System32\MsPMSPSv.exe Workstation = C:\WINDOWS\System32\svchost.exe -k netsvcs [VxD Services (1)] JAVASUP = JAVASUP.VXD [SafeBoot services (Minimal boot)] * CD-ROM Drive * {4D36E965-E325-11CE-BFC1-08002BE10318} * DiskDrive * {4D36E967-E325-11CE-BFC1-08002BE10318} * Driver * dmboot.sys dmio.sys dmload.sys sermouse.sys vga.sys vgasave.sys * Driver Group * Base Boot Bus Extender Boot file system File system Filter PCI Configuration PNP Filter Primary disk SCSI Class System Bus Extender * Floppy disk drive * {4D36E980-E325-11CE-BFC1-08002BE10318} * FSFilter System Recovery * sr.sys * Hdc * {4D36E96A-E325-11CE-BFC1-08002BE10318} * Human Interface Devices * {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} * Keyboard * {4D36E96B-E325-11CE-BFC1-08002BE10318} * Mouse * {4D36E96F-E325-11CE-BFC1-08002BE10318} * PCMCIA Adapters * {4D36E977-E325-11CE-BFC1-08002BE10318} * SCSIAdapter * {4D36E97B-E325-11CE-BFC1-08002BE10318} * Service * AppMgmt CryptSvc dmadmin dmserver EventLog HelpSvc Netlogon PlugPlay RpcSs SRService WinMgmt * Standard floppy disk controller * {4D36E969-E325-11CE-BFC1-08002BE10318} * System * {4D36E97D-E325-11CE-BFC1-08002BE10318} * Universal Serial Bus controllers * {36FC9E60-C465-11CF-8056-444553540000} * Volume * {71A27CDD-812A-11D0-BEC7-08002BE2092F} [SafeBoot services (Minimal boot + network support)] * CD-ROM Drive * {4D36E965-E325-11CE-BFC1-08002BE10318} * DiskDrive * {4D36E967-E325-11CE-BFC1-08002BE10318} * Driver * dmboot.sys dmio.sys dmload.sys rdpcdd.sys rdpdd.sys rdpwd.sys sermouse.sys tdpipe.sys tdtcp.sys vga.sys vgasave.sys * Driver Group * Base Boot Bus Extender Boot file system File system Filter NDIS NDIS Wrapper NetBIOSGroup NetDDEGroup Network NetworkProvider PCI Configuration PNP Filter PNP_TDI Primary disk SCSI Class Streams Drivers System Bus Extender TDI * Floppy disk drive * {4D36E980-E325-11CE-BFC1-08002BE10318} * FSFilter System Recovery * sr.sys * Hdc * {4D36E96A-E325-11CE-BFC1-08002BE10318} * Human Interface Devices * {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} * Keyboard * {4D36E96B-E325-11CE-BFC1-08002BE10318} * Mouse * {4D36E96F-E325-11CE-BFC1-08002BE10318} * Net * {4D36E972-E325-11CE-BFC1-08002BE10318} * NetClient * {4D36E973-E325-11CE-BFC1-08002BE10318} * NetService * {4D36E974-E325-11CE-BFC1-08002BE10318} * NetTrans * {4D36E975-E325-11CE-BFC1-08002BE10318} * PCMCIA Adapters * {4D36E977-E325-11CE-BFC1-08002BE10318} * SCSIAdapter * {4D36E97B-E325-11CE-BFC1-08002BE10318} * Service * AFD AppMgmt Browser CryptSvc Dhcp dmadmin dmserver DnsCache EventLog HelpSvc LanmanServer LanmanWorkstation LmHosts Messenger Ndisuio NetBIOS NetBT Netlogon NetMan NtLmSsp PlugPlay rdsessmgr RpcSs SRService Tcpip termservice UploadMgr WinMgmt WZCSVC * Standard floppy disk controller * {4D36E969-E325-11CE-BFC1-08002BE10318} * System * {4D36E97D-E325-11CE-BFC1-08002BE10318} * Universal Serial Bus controllers * {36FC9E60-C465-11CF-8056-444553540000} * Volume * {71A27CDD-812A-11D0-BEC7-08002BE2092F} [SafeBoot: Alternate shell] cmd.exe (not enabled) -------------------- Driver filters: [Class filters] * Infrared devices * - Upper filters IRENUM.sys * Storage volumes * - Upper filters VolSnap.sys [Device filters] * CD-ROM Drive * - Upper filters redbook.sys * CD-ROM Drive * - Upper filters redbook.sys * CD-ROM Drive * - Upper filters redbook.sys - Lower filters imapi.sys * Communications Port * - Upper filters serenum.sys * Communications Port * - Upper filters serenum.sys * Direct Parallel * - Lower filters PtiLink.sys * Intel(R) 82875P Processor to AGP Controller - 2579 * - Upper filters AGP440.sys * Terminal Server Keyboard Driver * - Upper filters kbdclass.sys * Terminal Server Mouse Driver * - Upper filters mouclass.sys * WAN Miniport (IP) * - Lower filters NdisTapi.sys * WAN Miniport (PPPOE) * - Lower filters NdisTapi.sys * WAN Miniport (PPTP) * - Lower filters NdisTapi.sys -------------------- Print monitors (5): BJ Language Monitor - cnbjmon.dll Local Port - localspl.dll PJL Language Monitor - pjlmon.dll Standard TCP/IP Port - tcpmon.dll USB Monitor - usbmon.dll -------------------- WOW compatibility: cmdline = C:\WINDOWS\system32\ntvdm.exe wowcmdline = C:\WINDOWS\system32\ntvdm.exe -a C:\WINDOWS\system32\krnl386 [KnownDlls (16-bit) (40)] avicap.dll avifile.dll comm.drv commdlg.dll compobj.dll ctl3dv2.dll ddeml.dll keyboard.drv lanman.drv mapi.dll mciavi.drv mciseq.drv mciwave.drv mmsystem.dll mouse.drv msacm.dll msvideo.dll netapi.dll ole2.dll ole2disp.dll ole2nls.dll olecli.dll olesvr.dll pmspl.dll progman.exe rasapi16.dll shell.dll sound.drv storage.dll system.drv timer.drv toolhelp.dll typelib.dll vga.drv wfwnet.drv win87em.dll winoldap.mod winsock.dll winspool.exe wowdeb.exe [KnownDlls (32-bit) (20)] advapi32.dll comdlg32.dll gdi32.dll imagehlp.dll kernel32.dll lz32.dll ole32.dll oleaut32.dll olecli32.dll olecnv32.dll olesvr32.dll olethk32.dll rpcrt4.dll shell32.dll url.dll urlmon.dll user32.dll version.dll wininet.dll wldap32.dll -------------------------------------------------- End of report, 126,325 bytes Commandline options: /showempty - Show empty sections /showcmts - Show comments in .bat files /noshowclsids - Hide class IDs /noshowprivate - Hide usernames and computer name /noshowusers - Hide entries from other users /noshowhardware - Hide entries from other hardware configurations /showlargehosts - Show hosts file even when more than 1000 lines are in it /showlargezones - Show Zones even when more than 1000 domains are in them /autosave - Run hidden, automatically save a report and quit /autosavepath: - Specify where to save log, when using /autosave. Use surrounding quotes for paths with spaces.