StartupList report, 15/4/13, 2:47:55 AM StartupList version 2.02.0 Started from: C:\Users\CJC\Desktop\startuplist\StartupList.EXE Detected: Windows Vista (WinNT 6.02.9200) Logged on as 'CJC' to 'CANTERBURY' * Using default options (see end of log for possible options) ================================================== Running processes (10): [C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\remoterm.exe (34)] C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\Remot001.dll C:\Program Files (x86)\SplashKiller\SplashKiller.dll C:\windows\SYSTEM32\ADVAPI32.dll C:\windows\SYSTEM32\bcryptPrimitives.dll C:\windows\SYSTEM32\CFGMGR32.dll C:\windows\SYSTEM32\combase.dll C:\windows\SYSTEM32\CRYPTBASE.dll C:\windows\SYSTEM32\DEVOBJ.dll C:\windows\SYSTEM32\dwmapi.dll C:\windows\SYSTEM32\GDI32.dll C:\windows\SYSTEM32\HID.DLL C:\windows\system32\IMM32.DLL C:\windows\SYSTEM32\KERNEL32.DLL C:\windows\SYSTEM32\KERNELBASE.dll C:\windows\SYSTEM32\MSCTF.dll C:\windows\SYSTEM32\msvcrt.dll C:\windows\SYSTEM32\ntdll.dll C:\windows\SYSTEM32\ole32.dll C:\windows\SYSTEM32\OLEAUT32.dll C:\windows\SYSTEM32\profapi.dll C:\windows\SYSTEM32\RPCRT4.dll C:\windows\SYSTEM32\sechost.dll C:\windows\SYSTEM32\SETUPAPI.dll C:\windows\SYSTEM32\SHCORE.dll C:\windows\SYSTEM32\SHELL32.dll C:\windows\SYSTEM32\SHLWAPI.dll C:\windows\SYSTEM32\SspiCli.dll C:\windows\SYSTEM32\USER32.dll C:\windows\system32\uxtheme.dll C:\windows\SYSTEM32\WINMM.dll C:\windows\SYSTEM32\WINMMBASE.dll C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6871_none_50944e7cbcb706e5\MSVCP90.dll C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6871_none_50944e7cbcb706e5\MSVCR90.dll C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985\COMCTL32.dll [C:\Program Files (x86)\FireTrust\MailWasher Pro\MailWasher.exe (97)] C:\Program Files (x86)\Common Files\System\wab32.dll C:\Program Files (x86)\FireTrust\MailWasher Pro\ContactsLib.dll C:\Program Files (x86)\FireTrust\MailWasher Pro\libeay32.dll C:\Program Files (x86)\FireTrust\MailWasher Pro\MailAnalysis.DLL C:\Program Files (x86)\FireTrust\MailWasher Pro\MailPrefs.dll C:\Program Files (x86)\FireTrust\MailWasher Pro\mapi32.dll C:\Program Files (x86)\FireTrust\MailWasher Pro\MCORE.DLL C:\Program Files (x86)\FireTrust\MailWasher Pro\sqlite3.dll C:\Program Files (x86)\FireTrust\MailWasher Pro\ssleay32.dll C:\Program Files (x86)\RocketDock\RocketDock.dll C:\Program Files (x86)\SplashKiller\SplashKiller.dll C:\windows\SYSTEM32\advapi32.dll C:\windows\SYSTEM32\AUDIOSES.DLL C:\windows\SYSTEM32\AVRT.dll C:\windows\SYSTEM32\bcryptPrimitives.dll C:\windows\SYSTEM32\CFGMGR32.dll C:\windows\SYSTEM32\clbcatq.dll C:\windows\SYSTEM32\combase.dll C:\windows\SYSTEM32\comdlg32.dll C:\windows\SYSTEM32\CRYPT32.dll C:\windows\SYSTEM32\CRYPTBASE.dll C:\windows\SYSTEM32\CRYPTDLG.dll C:\windows\SYSTEM32\CRYPTSP.dll C:\windows\SYSTEM32\CRYPTUI.dll C:\windows\SYSTEM32\DEVOBJ.dll C:\windows\SYSTEM32\dhcpcsvc.DLL C:\windows\SYSTEM32\dhcpcsvc6.DLL C:\windows\SYSTEM32\DNSAPI.dll C:\windows\SYSTEM32\dwmapi.dll C:\windows\System32\fwpuclnt.dll C:\windows\SYSTEM32\gdi32.dll C:\Windows\SYSTEM32\hhctrl.ocx C:\Windows\SYSTEM32\ieframe.dll C:\windows\SYSTEM32\iertutil.dll C:\windows\SYSTEM32\imagehlp.dll C:\windows\SYSTEM32\imm32.dll C:\windows\SYSTEM32\IPHLPAPI.DLL C:\windows\SYSTEM32\KERNEL32.DLL C:\windows\SYSTEM32\KERNELBASE.dll C:\windows\SYSTEM32\ksuser.dll C:\windows\SYSTEM32\midimap.dll C:\windows\system32\mlang.dll C:\windows\SYSTEM32\MMDevAPI.DLL C:\windows\SYSTEM32\MSACM32.dll C:\windows\SYSTEM32\msacm32.drv C:\windows\SYSTEM32\MSASN1.dll C:\windows\SYSTEM32\MSCTF.dll C:\windows\SYSTEM32\msftedit.dll C:\windows\SYSTEM32\msimg32.dll C:\windows\SYSTEM32\msls31.dll C:\windows\SYSTEM32\MSOERT2.dll C:\windows\SYSTEM32\msvcrt.dll C:\windows\system32\mswsock.dll C:\windows\system32\napinsp.dll C:\windows\system32\NLAapi.dll C:\windows\SYSTEM32\NSI.dll C:\windows\SYSTEM32\ntdll.dll C:\windows\SYSTEM32\ntmarta.dll C:\windows\SYSTEM32\ole32.dll C:\windows\SYSTEM32\oleaut32.dll C:\windows\SYSTEM32\olepro32.dll C:\windows\system32\pnrpnsp.dll C:\windows\SYSTEM32\powrprof.dll C:\windows\SYSTEM32\profapi.dll C:\windows\system32\propsys.dll C:\windows\SYSTEM32\PSAPI.DLL C:\windows\SYSTEM32\pstorec.dll C:\Windows\System32\rasadhlp.dll C:\windows\SYSTEM32\RICHED20.dll C:\windows\SYSTEM32\RICHED32.DLL C:\windows\SYSTEM32\RPCRT4.dll C:\windows\system32\rsaenh.dll C:\windows\SYSTEM32\sechost.dll C:\windows\SYSTEM32\Secur32.dll C:\windows\SYSTEM32\SETUPAPI.dll C:\windows\SYSTEM32\SHCORE.DLL C:\windows\SYSTEM32\shell32.dll C:\windows\SYSTEM32\SHLWAPI.dll C:\windows\SYSTEM32\SspiCli.dll C:\windows\SYSTEM32\sxs.dll C:\windows\SYSTEM32\user32.dll C:\windows\SYSTEM32\USP10.dll C:\windows\system32\uxtheme.dll C:\windows\SYSTEM32\version.dll C:\windows\SYSTEM32\wdmaud.drv C:\windows\SYSTEM32\winhttp.dll C:\windows\SYSTEM32\wininet.dll C:\windows\SYSTEM32\winmm.dll C:\windows\SYSTEM32\WINMMBASE.dll C:\windows\SYSTEM32\WINNSI.DLL C:\windows\System32\winrnr.dll C:\windows\SYSTEM32\winspool.drv C:\windows\SYSTEM32\WINTRUST.dll C:\windows\SYSTEM32\WS2_32.dll C:\windows\system32\wshbth.dll C:\windows\SYSTEM32\wsock32.dll C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985\comctl32.dll [C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (123)] C:\Program Files (x86)\Intel\IntelAppStore\bin\agentInfo.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\channelAdapter.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\configurationManager.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\corePersistenceAPI.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\dispatcher.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\LIBEAY32.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\liveUpdateUtility.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\localMessage.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\logger.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\network.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\orchestrator.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\payload.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\actionManager.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\BackendService.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\DeviceProfileService.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\dispatcherServer.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\DownloadManager.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\EventManager.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\internetMonitor.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\libbizlplugin.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\libloggerplugin.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\libpserverplugin.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\LiveUpdate.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\PersistenceAPI.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\Provisioning.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\plugin\SystemMonitor.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\sealing.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\serializer.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceOfferingManager.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\sm_uuid.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\SSLEAY32.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\systemInfo.dll C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll C:\Program Files (x86)\RocketDock\RocketDock.dll C:\Program Files (x86)\SplashKiller\SplashKiller.dll C:\windows\SYSTEM32\ADVAPI32.dll C:\windows\SYSTEM32\apphelp.dll C:\windows\SYSTEM32\bcrypt.dll C:\windows\SYSTEM32\bcryptPrimitives.dll C:\windows\SYSTEM32\CFGMGR32.dll C:\windows\SYSTEM32\clbcatq.dll C:\windows\SYSTEM32\combase.dll C:\windows\SYSTEM32\CRYPT32.dll C:\windows\SYSTEM32\CRYPTBASE.dll C:\Windows\SYSTEM32\cryptnet.dll C:\windows\SYSTEM32\CRYPTSP.dll C:\windows\SYSTEM32\dbghelp.dll C:\Windows\System32\DevDispItemProvider.dll C:\windows\SYSTEM32\DEVOBJ.dll C:\windows\SYSTEM32\dhcpcsvc.DLL C:\windows\SYSTEM32\dhcpcsvc6.DLL C:\windows\SYSTEM32\DNSAPI.dll C:\windows\SYSTEM32\DPAPI.dll C:\windows\SYSTEM32\DSROLE.dll C:\windows\SYSTEM32\dwmapi.dll C:\windows\System32\fwpuclnt.dll C:\windows\SYSTEM32\GDI32.dll C:\windows\SYSTEM32\gpapi.dll C:\windows\SYSTEM32\iertutil.dll C:\windows\SYSTEM32\imagehlp.dll C:\windows\system32\IMM32.DLL C:\windows\SYSTEM32\IPHLPAPI.DLL C:\windows\SYSTEM32\KERNEL32.DLL C:\windows\SYSTEM32\KERNELBASE.dll C:\windows\SYSTEM32\logoncli.dll C:\windows\SYSTEM32\MSASN1.dll C:\windows\SYSTEM32\MSCTF.dll C:\windows\SYSTEM32\msi.dll C:\windows\SYSTEM32\msvcrt.dll C:\windows\system32\mswsock.dll C:\windows\system32\napinsp.dll C:\windows\SYSTEM32\ncrypt.dll C:\windows\SYSTEM32\netutils.dll C:\windows\system32\NLAapi.dll C:\windows\SYSTEM32\NSI.dll C:\windows\SYSTEM32\NTASN1.dll C:\windows\SYSTEM32\ntdll.dll C:\windows\SYSTEM32\ole32.dll C:\windows\SYSTEM32\OLEAUT32.dll C:\windows\system32\pnrpnsp.dll C:\windows\SYSTEM32\profapi.dll C:\windows\SYSTEM32\PROPSYS.dll C:\windows\SYSTEM32\PSAPI.DLL C:\Windows\System32\rasadhlp.dll C:\windows\SYSTEM32\RPCRT4.dll C:\windows\system32\rsaenh.dll C:\windows\SYSTEM32\sechost.dll C:\windows\SYSTEM32\Secur32.dll C:\windows\SYSTEM32\SETUPAPI.dll C:\windows\SYSTEM32\SHCORE.dll C:\windows\SYSTEM32\SHELL32.dll C:\windows\SYSTEM32\SHLWAPI.dll C:\windows\SYSTEM32\SspiCli.dll C:\windows\SYSTEM32\USER32.dll C:\windows\system32\uxtheme.dll C:\windows\system32\wbem\fastprox.dll C:\windows\system32\wbem\wbemprox.dll C:\windows\system32\wbem\wbemsvc.dll C:\windows\SYSTEM32\wbemcomn.dll C:\windows\SYSTEM32\WINHTTP.dll C:\windows\SYSTEM32\WININET.dll C:\windows\SYSTEM32\winmm.DLL C:\windows\SYSTEM32\WINMMBASE.dll C:\windows\SYSTEM32\WINNSI.DLL C:\windows\System32\winrnr.dll C:\windows\SYSTEM32\WINTRUST.dll C:\windows\SYSTEM32\WLDAP32.dll C:\windows\SYSTEM32\WS2_32.dll C:\windows\system32\wshbth.dll C:\windows\SYSTEM32\WSOCK32.dll C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6871_none_50944e7cbcb706e5\MSVCP90.dll C:\windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6871_none_50944e7cbcb706e5\MSVCR90.dll [C:\Program Files (x86)\Mozilla Firefox\firefox.exe (158)] C:\Program Files (x86)\Common Files\microsoft shared\ink\tiptsf.dll C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll C:\Program Files (x86)\Mozilla Firefox\freebl3.dll C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll C:\Program Files (x86)\Mozilla Firefox\mozglue.dll C:\Program Files (x86)\Mozilla Firefox\mozjs.dll C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll C:\Program Files (x86)\Mozilla Firefox\MSVCP100.dll C:\Program Files (x86)\Mozilla Firefox\MSVCR100.dll C:\Program Files (x86)\Mozilla Firefox\nspr4.dll C:\Program Files (x86)\Mozilla Firefox\nss3.dll C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll C:\Program Files (x86)\Mozilla Firefox\plc4.dll C:\Program Files (x86)\Mozilla Firefox\plds4.dll C:\Program Files (x86)\Mozilla Firefox\smime3.dll C:\Program Files (x86)\Mozilla Firefox\softokn3.dll C:\Program Files (x86)\Mozilla Firefox\ssl3.dll C:\Program Files (x86)\Mozilla Firefox\xpcom.dll C:\Program Files (x86)\Mozilla Firefox\xul.dll C:\Program Files (x86)\RocketDock\RocketDock.dll C:\Program Files (x86)\SplashKiller\SplashKiller.dll C:\Program Files (x86)\Windows Defender\MpOav.dll C:\Users\CJC\AppData\Roaming\Mozilla\Firefox\Profiles\gmzkt2go.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll C:\Windows\SYSTEM32\actxprxy.dll C:\windows\SYSTEM32\ADVAPI32.dll C:\windows\system32\apphelp.dll C:\Windows\SYSTEM32\ATL.DLL C:\windows\SYSTEM32\AUDIOSES.DLL C:\Windows\System32\Bcp47Langs.dll C:\windows\SYSTEM32\bcryptPrimitives.dll C:\windows\SYSTEM32\browcli.dll C:\windows\SYSTEM32\CFGMGR32.dll C:\windows\SYSTEM32\clbcatq.dll C:\windows\SYSTEM32\combase.dll C:\windows\System32\comdlg32.dll C:\windows\SYSTEM32\CRYPT32.dll C:\windows\SYSTEM32\CRYPTBASE.dll C:\windows\SYSTEM32\CRYPTSP.dll C:\windows\SYSTEM32\cscapi.dll C:\windows\SYSTEM32\d2d1.dll C:\windows\SYSTEM32\d3d10_1.dll C:\windows\SYSTEM32\d3d10_1core.dll C:\windows\SYSTEM32\d3d11.dll C:\windows\System32\davclnt.dll C:\windows\System32\DAVHLPR.dll C:\windows\SYSTEM32\dbghelp.dll C:\Windows\System32\DevDispItemProvider.dll C:\windows\SYSTEM32\DEVOBJ.dll C:\windows\SYSTEM32\dfscli.dll C:\windows\SYSTEM32\dhcpcsvc.DLL C:\windows\SYSTEM32\dhcpcsvc6.DLL C:\Windows\SYSTEM32\dlnashext.dll C:\windows\SYSTEM32\DNSAPI.dll C:\windows\SYSTEM32\DPAPI.dll C:\windows\System32\drprov.dll C:\windows\system32\dtsh.dll C:\windows\system32\DUI70.dll C:\windows\system32\DUser.dll C:\windows\SYSTEM32\dwmapi.dll C:\windows\SYSTEM32\dwrite.dll C:\windows\SYSTEM32\dxgi.dll C:\windows\system32\explorerframe.dll C:\Windows\SYSTEM32\fdproxy.dll C:\windows\System32\fdwcn.dll C:\Windows\SYSTEM32\fdWNet.dll C:\windows\SYSTEM32\feclient.dll C:\windows\system32\FirewallAPI.dll C:\Windows\SYSTEM32\FunDisc.dll C:\windows\System32\fwpuclnt.dll C:\windows\SYSTEM32\GDI32.dll C:\windows\System32\IDStore.dll C:\windows\SYSTEM32\iertutil.dll C:\windows\SYSTEM32\igd10umd32.dll C:\windows\system32\IMM32.DLL C:\windows\SYSTEM32\IPHLPAPI.DLL C:\windows\SYSTEM32\KERNEL32.DLL C:\windows\SYSTEM32\KERNELBASE.dll C:\windows\SYSTEM32\LINKINFO.dll C:\windows\System32\MMDevApi.dll C:\windows\SYSTEM32\MPR.dll C:\windows\SYSTEM32\MSASN1.dll C:\windows\SYSTEM32\mscms.dll C:\windows\SYSTEM32\MSCTF.dll C:\windows\SYSTEM32\msdmo.dll C:\windows\SYSTEM32\MSIMG32.dll C:\windows\SYSTEM32\msvcrt.dll C:\windows\system32\mswsock.dll C:\windows\system32\napinsp.dll C:\windows\SYSTEM32\NETAPI32.dll C:\windows\SYSTEM32\netutils.dll C:\windows\system32\NetworkExplorer.dll C:\windows\system32\NetworkItemFactory.dll C:\windows\system32\NLAapi.dll C:\windows\System32\npmproxy.dll C:\windows\SYSTEM32\NSI.dll C:\windows\SYSTEM32\ntdll.dll C:\windows\System32\ntlanman.dll C:\windows\SYSTEM32\ntmarta.dll C:\windows\SYSTEM32\ntshrui.dll C:\windows\SYSTEM32\ole32.dll C:\Windows\SYSTEM32\oleacc.dll C:\windows\SYSTEM32\OLEAUT32.dll C:\windows\system32\pnrpnsp.dll C:\Windows\SYSTEM32\PortableDeviceApi.dll C:\windows\SYSTEM32\powrprof.dll C:\windows\SYSTEM32\profapi.dll C:\windows\system32\propsys.dll C:\windows\System32\provsvc.dll C:\windows\SYSTEM32\PSAPI.DLL C:\Windows\System32\rasadhlp.dll C:\windows\SYSTEM32\RPCRT4.dll C:\windows\system32\rsaenh.dll C:\windows\SYSTEM32\SAMCLI.DLL C:\windows\SYSTEM32\SAMLIB.dll C:\windows\system32\SearchFolder.dll C:\windows\SYSTEM32\sechost.dll C:\windows\System32\Secur32.dll C:\windows\SYSTEM32\SETUPAPI.dll C:\windows\SYSTEM32\SHCORE.dll C:\windows\system32\shdocvw.dll C:\windows\SYSTEM32\SHELL32.dll C:\windows\SYSTEM32\SHLWAPI.dll C:\windows\SYSTEM32\srvcli.dll C:\windows\SYSTEM32\SspiCli.dll C:\windows\System32\StructuredQuery.dll C:\Windows\SYSTEM32\thumbcache.dll C:\Windows\SYSTEM32\twinapi.dll C:\windows\SYSTEM32\urlmon.dll C:\windows\SYSTEM32\USER32.dll C:\windows\SYSTEM32\USERENV.dll C:\windows\SYSTEM32\USP10.dll C:\windows\SYSTEM32\UxTheme.dll C:\windows\SYSTEM32\VERSION.dll C:\windows\System32\wcnapi.dll C:\windows\System32\wevtapi.dll C:\Windows\System32\Windows.Globalization.dll C:\Windows\System32\Windows.Media.Streaming.dll C:\windows\SYSTEM32\WindowsCodecs.dll C:\windows\SYSTEM32\winhttp.dll C:\windows\SYSTEM32\WININET.dll C:\windows\SYSTEM32\WINMM.dll C:\windows\SYSTEM32\WINMMBASE.dll C:\windows\SYSTEM32\WINNSI.DLL C:\windows\System32\winrnr.dll C:\windows\System32\WINSTA.dll C:\windows\SYSTEM32\WINTRUST.dll C:\windows\SYSTEM32\wkscli.dll C:\windows\System32\wlidprov.dll C:\windows\System32\Wpc.dll C:\windows\SYSTEM32\WS2_32.dll C:\windows\system32\wshbth.dll C:\windows\SYSTEM32\WSOCK32.dll C:\windows\system32\xmllite.dll C:\windows\system32\zipfldr.dll C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985\comctl32.dll [C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (76)] C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll C:\Program Files (x86)\Mozilla Firefox\mozglue.dll C:\Program Files (x86)\Mozilla Firefox\mozjs.dll C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll C:\Program Files (x86)\Mozilla Firefox\MSVCP100.dll C:\Program Files (x86)\Mozilla Firefox\MSVCR100.dll C:\Program Files (x86)\Mozilla Firefox\nspr4.dll C:\Program Files (x86)\Mozilla Firefox\nss3.dll C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll C:\Program Files (x86)\Mozilla Firefox\plc4.dll C:\Program Files (x86)\Mozilla Firefox\plds4.dll C:\Program Files (x86)\Mozilla Firefox\smime3.dll C:\Program Files (x86)\Mozilla Firefox\ssl3.dll C:\Program Files (x86)\Mozilla Firefox\xul.dll C:\Program Files (x86)\RocketDock\RocketDock.dll C:\Program Files (x86)\SplashKiller\SplashKiller.dll C:\windows\SYSTEM32\ADVAPI32.dll C:\windows\SYSTEM32\AUDIOSES.DLL C:\windows\SYSTEM32\bcryptPrimitives.dll C:\windows\SYSTEM32\CFGMGR32.dll C:\windows\SYSTEM32\clbcatq.dll C:\windows\SYSTEM32\combase.dll C:\windows\SYSTEM32\COMDLG32.dll C:\windows\SYSTEM32\CRYPT32.dll C:\windows\SYSTEM32\CRYPTBASE.dll C:\windows\SYSTEM32\DEVOBJ.dll C:\windows\SYSTEM32\DSOUND.dll C:\windows\SYSTEM32\dwmapi.dll C:\windows\SYSTEM32\GDI32.dll C:\windows\SYSTEM32\iertutil.dll C:\windows\SYSTEM32\IMM32.dll C:\windows\SYSTEM32\IPHLPAPI.DLL C:\windows\SYSTEM32\KERNEL32.DLL C:\windows\SYSTEM32\KERNELBASE.dll C:\windows\SYSTEM32\Macromed\Flash\NPSWF32_11_5_502_146.dll C:\windows\System32\MMDevApi.dll C:\windows\SYSTEM32\MSASN1.dll C:\windows\SYSTEM32\mscms.dll C:\windows\SYSTEM32\MSCTF.dll C:\windows\SYSTEM32\msdmo.dll C:\windows\SYSTEM32\MSIMG32.dll C:\windows\SYSTEM32\msvcrt.dll C:\windows\SYSTEM32\NETAPI32.dll C:\windows\SYSTEM32\netutils.dll C:\windows\SYSTEM32\NSI.dll C:\windows\SYSTEM32\ntdll.dll C:\windows\SYSTEM32\ole32.dll C:\windows\SYSTEM32\OLEAUT32.dll C:\windows\SYSTEM32\POWRPROF.dll C:\windows\SYSTEM32\profapi.dll C:\windows\SYSTEM32\PSAPI.DLL C:\windows\SYSTEM32\RPCRT4.dll C:\windows\SYSTEM32\SAMCLI.DLL C:\windows\SYSTEM32\sechost.dll C:\windows\SYSTEM32\SETUPAPI.dll C:\windows\SYSTEM32\shcore.dll C:\windows\SYSTEM32\SHELL32.dll C:\windows\SYSTEM32\SHLWAPI.dll C:\windows\SYSTEM32\srvcli.dll C:\windows\SYSTEM32\SspiCli.dll C:\windows\SYSTEM32\urlmon.dll C:\windows\SYSTEM32\USER32.dll C:\windows\SYSTEM32\USERENV.dll C:\windows\SYSTEM32\USP10.dll C:\windows\SYSTEM32\UxTheme.dll C:\windows\SYSTEM32\VERSION.dll C:\windows\SYSTEM32\WININET.dll C:\windows\SYSTEM32\WINMM.dll C:\windows\SYSTEM32\WINMMBASE.dll C:\windows\SYSTEM32\WINNSI.DLL C:\windows\SYSTEM32\WINSPOOL.DRV C:\windows\SYSTEM32\wkscli.dll C:\windows\SYSTEM32\WS2_32.dll C:\windows\SYSTEM32\WSOCK32.dll C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985\COMCTL32.dll [C:\Program Files (x86)\RocketDock\RocketDock.exe (52)] C:\Program Files (x86)\RocketDock\Docklets\KkMenu\kkmenu.dll C:\Program Files (x86)\RocketDock\RocketDock.dll C:\Program Files (x86)\SplashKiller\SplashKiller.dll C:\windows\SYSTEM32\ADVAPI32.dll C:\windows\system32\apphelp.dll C:\windows\SYSTEM32\bcryptPrimitives.dll C:\windows\SYSTEM32\CFGMGR32.dll C:\windows\SYSTEM32\clbcatq.dll C:\windows\SYSTEM32\combase.dll C:\windows\SYSTEM32\COMDLG32.dll C:\windows\SYSTEM32\CRYPTBASE.dll C:\windows\SYSTEM32\CRYPTSP.dll C:\windows\SYSTEM32\DEVOBJ.dll C:\windows\SYSTEM32\DEVRTL.dll C:\windows\SYSTEM32\dwmapi.dll C:\windows\SYSTEM32\DWrite.dll C:\windows\SYSTEM32\GDI32.dll C:\windows\SYSTEM32\iertutil.dll C:\windows\system32\IMM32.DLL C:\windows\SYSTEM32\KERNEL32.DLL C:\windows\SYSTEM32\KERNELBASE.dll C:\windows\SYSTEM32\MPR.dll C:\windows\SYSTEM32\MSCTF.dll C:\windows\SYSTEM32\msvcrt.dll C:\windows\SYSTEM32\ntdll.dll C:\windows\SYSTEM32\ntmarta.dll C:\windows\SYSTEM32\ole32.dll C:\windows\SYSTEM32\OLEAUT32.dll C:\windows\SYSTEM32\pcacli.dll C:\windows\SYSTEM32\profapi.dll C:\windows\system32\propsys.dll C:\windows\SYSTEM32\PSAPI.DLL C:\windows\SYSTEM32\RPCRT4.dll C:\windows\system32\rsaenh.dll C:\windows\SYSTEM32\sechost.dll C:\windows\SYSTEM32\Secur32.dll C:\windows\SYSTEM32\SETUPAPI.dll C:\windows\System32\sfc_os.dll C:\windows\SYSTEM32\SHCORE.DLL C:\windows\SYSTEM32\SHELL32.dll C:\windows\SYSTEM32\SHLWAPI.dll C:\windows\SYSTEM32\SspiCli.dll C:\Windows\SYSTEM32\urlmon.dll C:\windows\SYSTEM32\USER32.dll C:\windows\system32\uxtheme.dll C:\windows\SYSTEM32\version.dll C:\windows\SYSTEM32\WindowsCodecs.dll C:\windows\SYSTEM32\WININET.dll C:\windows\SYSTEM32\winmm.dll C:\windows\SYSTEM32\WINMMBASE.dll C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985\COMCTL32.dll C:\windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9200.16518_none_ba1cf6b7e09f1918\gdiplus.dll [C:\Program Files (x86)\SplashKiller\SplashKillerRunner.exe (23)] C:\Program Files (x86)\SplashKiller\SplashKiller.dll C:\windows\SYSTEM32\ADVAPI32.dll C:\windows\SYSTEM32\bcryptPrimitives.dll C:\windows\SYSTEM32\combase.dll C:\windows\SYSTEM32\comdlg32.dll C:\windows\SYSTEM32\CRYPTBASE.dll C:\windows\SYSTEM32\dwmapi.dll C:\windows\SYSTEM32\GDI32.dll C:\windows\system32\IMM32.DLL C:\windows\SYSTEM32\KERNEL32.DLL C:\windows\SYSTEM32\KERNELBASE.dll C:\windows\SYSTEM32\MSCTF.dll C:\windows\SYSTEM32\msvcrt.dll C:\windows\SYSTEM32\ntdll.dll C:\windows\SYSTEM32\RPCRT4.dll C:\windows\SYSTEM32\sechost.dll C:\windows\SYSTEM32\SHCORE.DLL C:\windows\SYSTEM32\SHELL32.dll C:\windows\SYSTEM32\SHLWAPI.dll C:\windows\SYSTEM32\SspiCli.dll C:\windows\SYSTEM32\USER32.dll C:\windows\system32\uxtheme.dll C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9200.16384_none_bf100cd445f4d954\COMCTL32.dll [C:\Users\CJC\Desktop\startuplist\StartupList.exe (49)] C:\Program Files (x86)\RocketDock\RocketDock.dll C:\Program Files (x86)\SplashKiller\SplashKiller.dll C:\windows\SYSTEM32\ADVAPI32.dll C:\windows\system32\apphelp.dll C:\windows\system32\asycfilt.dll C:\windows\SYSTEM32\bcryptPrimitives.dll C:\windows\SYSTEM32\clbcatq.dll C:\windows\SYSTEM32\combase.dll C:\windows\SYSTEM32\comdlg32.dll C:\windows\SYSTEM32\CRYPTBASE.dll C:\windows\SYSTEM32\CRYPTSP.dll C:\windows\SYSTEM32\dwmapi.dll C:\windows\SYSTEM32\GDI32.dll C:\windows\system32\IMM32.DLL C:\windows\SYSTEM32\KERNEL32.DLL C:\windows\SYSTEM32\KERNELBASE.dll C:\windows\SYSTEM32\MSCOMCTL.OCX C:\windows\SYSTEM32\MSCTF.dll C:\windows\SYSTEM32\msi.dll C:\windows\SYSTEM32\msiltcfg.dll C:\windows\SYSTEM32\MSVBVM60.DLL C:\windows\SYSTEM32\msvcrt.dll C:\windows\SYSTEM32\NSI.dll C:\windows\SYSTEM32\ntdll.dll C:\windows\SYSTEM32\ole32.dll C:\windows\SYSTEM32\OLEAUT32.dll C:\windows\SYSTEM32\PSAPI.DLL C:\windows\SYSTEM32\RPCRT4.dll C:\windows\system32\rsaenh.dll C:\windows\SYSTEM32\sechost.dll C:\windows\SYSTEM32\SFC.DLL C:\windows\SYSTEM32\sfc_os.DLL C:\windows\SYSTEM32\SHCORE.dll C:\windows\SYSTEM32\SHELL32.dll C:\windows\SYSTEM32\SHLWAPI.dll C:\windows\SYSTEM32\SspiCli.dll C:\windows\SYSTEM32\SXS.DLL C:\windows\SYSTEM32\USER32.dll C:\windows\system32\uxtheme.dll C:\windows\SYSTEM32\VERSION.dll C:\windows\system32\wbem\fastprox.dll C:\windows\system32\wbem\wbemdisp.dll C:\windows\system32\wbem\wbemprox.dll C:\windows\system32\wbem\wbemsvc.dll C:\windows\system32\wbem\wmiutils.dll C:\windows\SYSTEM32\wbemcomn.dll C:\windows\SYSTEM32\WS2_32.dll C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9200.16384_none_bf100cd445f4d954\COMCTL32.dll C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16384_none_893961408605e985\comctl32.DLL [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe (41)] C:\Program Files (x86)\RocketDock\RocketDock.dll C:\Program Files (x86)\SplashKiller\SplashKiller.dll C:\windows\SYSTEM32\ADVAPI32.dll C:\windows\SYSTEM32\bcryptPrimitives.dll C:\windows\SYSTEM32\combase.dll C:\windows\SYSTEM32\COMDLG32.dll C:\windows\SYSTEM32\CRYPT32.dll C:\windows\SYSTEM32\CRYPTBASE.dll C:\windows\SYSTEM32\dwmapi.dll C:\windows\SYSTEM32\GDI32.dll C:\windows\SYSTEM32\iertutil.dll C:\windows\SYSTEM32\IMM32.dll C:\windows\SYSTEM32\KERNEL32.DLL C:\windows\SYSTEM32\KERNELBASE.dll C:\windows\SYSTEM32\MPR.dll C:\windows\SYSTEM32\MSASN1.dll C:\windows\SYSTEM32\MSCTF.dll C:\windows\SYSTEM32\msvcrt.dll C:\windows\SYSTEM32\ntdll.dll C:\windows\SYSTEM32\ntmarta.dll C:\windows\SYSTEM32\ole32.dll C:\windows\SYSTEM32\OLEAUT32.dll C:\windows\SYSTEM32\profapi.dll C:\windows\SYSTEM32\PSAPI.DLL C:\windows\SYSTEM32\RPCRT4.dll C:\windows\SYSTEM32\schannel.dll C:\windows\SYSTEM32\sechost.dll C:\windows\SYSTEM32\Secur32.dll C:\windows\SYSTEM32\SHCORE.DLL C:\windows\SYSTEM32\SHELL32.dll C:\windows\SYSTEM32\SHLWAPI.dll C:\windows\SYSTEM32\SspiCli.dll C:\windows\SYSTEM32\urlmon.dll C:\windows\SYSTEM32\USER32.dll C:\windows\system32\uxtheme.dll C:\windows\SYSTEM32\version.dll C:\windows\SYSTEM32\WININET.dll C:\windows\SYSTEM32\WINMM.dll C:\windows\SYSTEM32\WINMMBASE.dll C:\windows\SYSTEM32\WINSPOOL.DRV C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9200.16384_none_bf100cd445f4d954\COMCTL32.dll [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe (51)] C:\Program Files (x86)\RocketDock\RocketDock.dll C:\Program Files (x86)\SplashKiller\SplashKiller.dll C:\windows\SYSTEM32\ADVAPI32.dll C:\windows\SYSTEM32\bcryptPrimitives.dll C:\windows\SYSTEM32\clbcatq.dll C:\windows\SYSTEM32\combase.dll C:\windows\SYSTEM32\COMDLG32.dll C:\windows\SYSTEM32\CRYPT32.dll C:\windows\SYSTEM32\CRYPTBASE.dll C:\windows\SYSTEM32\CRYPTSP.dll C:\windows\SYSTEM32\DSOUND.dll C:\windows\SYSTEM32\dwmapi.dll C:\windows\SYSTEM32\GDI32.dll C:\windows\SYSTEM32\iertutil.dll C:\windows\SYSTEM32\IMM32.dll C:\windows\SYSTEM32\KERNEL32.DLL C:\windows\SYSTEM32\KERNELBASE.dll C:\windows\SYSTEM32\Macromed\Flash\NPSWF32_11_5_502_146.dll C:\windows\system32\mlang.dll C:\windows\SYSTEM32\MPR.dll C:\windows\SYSTEM32\MSASN1.dll C:\windows\SYSTEM32\mscms.dll C:\windows\SYSTEM32\MSCTF.dll C:\windows\SYSTEM32\msvcrt.dll C:\windows\SYSTEM32\NSI.dll C:\windows\SYSTEM32\ntdll.dll C:\windows\SYSTEM32\ntmarta.dll C:\windows\SYSTEM32\ole32.dll C:\windows\SYSTEM32\OLEAUT32.dll C:\windows\SYSTEM32\POWRPROF.dll C:\windows\SYSTEM32\profapi.dll C:\windows\SYSTEM32\PSAPI.DLL C:\windows\SYSTEM32\RPCRT4.dll C:\windows\system32\rsaenh.dll C:\windows\SYSTEM32\sechost.dll C:\windows\SYSTEM32\Secur32.dll C:\windows\SYSTEM32\SHCORE.DLL C:\windows\SYSTEM32\SHELL32.dll C:\windows\SYSTEM32\SHLWAPI.dll C:\windows\SYSTEM32\SspiCli.dll C:\windows\SYSTEM32\urlmon.dll C:\windows\SYSTEM32\USER32.dll C:\windows\SYSTEM32\USERENV.dll C:\windows\system32\uxtheme.dll C:\windows\SYSTEM32\VERSION.dll C:\windows\SYSTEM32\WININET.dll C:\windows\SYSTEM32\WINMM.dll C:\windows\SYSTEM32\WINMMBASE.dll C:\windows\SYSTEM32\WINSPOOL.DRV C:\windows\SYSTEM32\WS2_32.dll C:\windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9200.16384_none_bf100cd445f4d954\COMCTL32.dll -------------------- Autostart folders: [Startup (3)] desktop.ini MailWasherPro.lnk SplashKillerRunner.lnk [User Startup (3)] desktop.ini MailWasherPro.lnk SplashKillerRunner.lnk [Common Startup (4)] Check for Updates.lnk.disabled desktop.ini Install LastPass FF RunOnce.lnk Install LastPass IE RunOnce.lnk [User Common Startup (4)] Check for Updates.lnk.disabled desktop.ini Install LastPass FF RunOnce.lnk Install LastPass IE RunOnce.lnk -------------------- IniMapping values: System NT shell = explorer.exe -------------------- On-reboot actions: BootExecute = autocheck autochk * [PendingFileRenameOperations] C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe -> NULL -------------------- Shell commands: .bat - Windows Batch File - "%1" %* .cmd - Windows Command Script - "%1" %* .com - MS-DOS Application - "%1" %* .exe - Application - "%1" %* .hta - HTML Application - C:\Windows\SysWOW64\mshta.exe "%1" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}%U{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5} %* .js - JavaScript File - C:\Windows\System32\WScript.exe "%1" %* .jse - JScript Encoded File - C:\Windows\System32\WScript.exe "%1" %* .pif - Shortcut to MS-DOS Program - "%1" %* .scr - Screen saver - "%1" /S .txt - Text Document - C:\windows\system32\NOTEPAD.EXE %1 .vbe - VBScript Encoded File - "C:\windows\System32\WScript.exe" "%1" %* .vbs - VBScript Script File - "C:\windows\System32\WScript.exe" "%1" %* .wsf - Windows Script File - "C:\windows\System32\WScript.exe" "%1" %* .wsh - Windows Script Host Settings File - "C:\windows\System32\WScript.exe" "%1" %* -------------------- Services: [NT Services (61)] @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 = "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 = C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted @%SystemRoot%\system32\audiosrv.dll,-200 = C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted @%SystemRoot%\system32\bfe.dll,-1001 = C:\windows\system32\svchost.exe -k LocalServiceNoNetwork @%SystemRoot%\system32\cryptsvc.dll,-1001 = C:\windows\system32\svchost.exe -k NetworkService @%SystemRoot%\system32\das.dll,-100 = C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted @%SystemRoot%\system32\dhcpcore.dll,-100 = C:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted @%SystemRoot%\System32\dnsapi.dll,-101 = C:\windows\system32\svchost.exe -k NetworkService @%systemroot%\system32\dps.dll,-500 = C:\windows\System32\svchost.exe -k LocalServiceNoNetwork @%SystemRoot%\system32\FirewallAPI.dll,-23090 = C:\windows\system32\svchost.exe -k LocalServiceNoNetwork @%systemroot%\system32\FntCache.dll,-100 = C:\windows\system32\svchost.exe -k LocalService @%SystemRoot%\system32\ikeext.dll,-501 = C:\windows\system32\svchost.exe -k netsvcs @%SystemRoot%\system32\iphlpsvc.dll,-500 = C:\windows\System32\svchost.exe -k NetSvcs @%SystemRoot%\system32\lmhsvc.dll,-101 = C:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted @%systemroot%\system32\mmcss.dll,-100 = C:\windows\system32\svchost.exe -k netsvcs @%SystemRoot%\System32\nlasvc.dll,-1 = C:\windows\System32\svchost.exe -k NetworkService @%SystemRoot%\system32\nsisvc.dll,-200 = C:\windows\system32\svchost.exe -k LocalService @%SystemRoot%\system32\pcasvc.dll,-1 = C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted @%systemroot%\system32\profsvc.dll,-300 = C:\windows\system32\svchost.exe -k netsvcs @%SystemRoot%\system32\qmgr.dll,-1000 = C:\windows\System32\svchost.exe -k netsvcs @%SystemRoot%\system32\samsrv.dll,-1 = C:\windows\system32\lsass.exe @%SystemRoot%\system32\schedsvc.dll,-100 = C:\windows\system32\svchost.exe -k netsvcs @%systemroot%\system32\SearchIndexer.exe,-103 = C:\windows\system32\SearchIndexer.exe /Embedding @%SystemRoot%\system32\Sens.dll,-200 = C:\windows\system32\svchost.exe -k netsvcs @%SystemRoot%\System32\shsvcs.dll,-12288 = C:\windows\System32\svchost.exe -k netsvcs @%systemroot%\system32\spoolsv.exe,-1 = C:\windows\System32\spoolsv.exe @%SystemRoot%\system32\sppsvc.exe,-101 = C:\windows\system32\sppsvc.exe @%systemroot%\system32\srvsvc.dll,-100 = C:\windows\system32\svchost.exe -k netsvcs @%SystemRoot%\system32\sysmain.dll,-1000 = C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted @%SystemRoot%\System32\themeservice.dll,-8192 = C:\windows\System32\svchost.exe -k netsvcs @%SystemRoot%\system32\trkwks.dll,-1 = C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted @%SystemRoot%\system32\umpo.dll,-100 = C:\windows\system32\svchost.exe -k DcomLaunch @%Systemroot%\system32\wbem\wmisvc.dll,-205 = C:\windows\system32\svchost.exe -k netsvcs @%SystemRoot%\System32\wcmsvc.dll,-4097 = C:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted @%SystemRoot%\system32\wevtsvc.dll,-200 = C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted @%systemroot%\system32\wkssvc.dll,-100 = C:\windows\System32\svchost.exe -k NetworkService @%SystemRoot%\System32\wlansvc.dll,-257 = C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted @%SystemRoot%\System32\wscsvc.dll,-200 = C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted @%windir%\system32\bisrv.dll,-100 = C:\windows\system32\svchost.exe -k DcomLaunch @%windir%\system32\lsm.dll,-1001 = C:\windows\system32\svchost.exe -k DcomLaunch @%windir%\system32\RpcEpMap.dll,-1001 = C:\windows\system32\svchost.exe -k RPCSS @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 = "C:\Program Files (x86)\Nero\Update\NASvc.exe" @combase.dll,-5010 = C:\windows\system32\svchost.exe -k rpcss @combase.dll,-5012 = C:\windows\system32\svchost.exe -k DcomLaunch @comres.dll,-2450 = C:\windows\system32\svchost.exe -k LocalService @gpapi.dll,-112 = C:\windows\system32\svchost.exe -k netsvcs Classic Shell Service = "C:\Program Files\Classic Shell\ClassicShellService.exe" Cyberlink RichVideo Service(CRVS) = "C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe" GFNEX Service = C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe Intel(R) Capability Licensing Service Interface = "C:\Program Files\Intel\iCLS Client\HeciServer.exe" Intel(R) Dynamic Application Loader Host Interface Service = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe Intel(R) Management and Security Application Local Management Service = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe Intel(R) Management and Security Application User Notification Service = "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe" Intel(R) ME Service = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe Realtek Audio Service = C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe Spybot-S&D 2 Scanner Service = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe Spybot-S&D 2 Security Center Service = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe Spybot-S&D 2 Updating Service = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe TOSHIBA eco Utility Service = "C:\Program Files\TOSHIBA\Teco\TecoService.exe" TOSHIBA Optical Disc Drive Service = C:\Windows\system32\TODDSrv.exe Windows Defender Service = "%ProgramFiles%\Windows Defender\MsMpEng.exe" [SafeBoot services (Minimal boot)] * CD-ROM Drive * {4D36E965-E325-11CE-BFC1-08002BE10318} * DiskDrive * {4D36E967-E325-11CE-BFC1-08002BE10318} * Driver * BasicDisplay.sys BasicRender.sys dxgkrnl.sys FsDepends.sys sermouse.sys volmgr.sys volmgrx.sys WudfPf WudfRd * Driver Group * Base Boot Bus Extender Boot file system File system Filter PCI Configuration PNP Filter Primary disk SCSI Class System Bus Extender * Enhanced Storage Devices * {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} * Floppy disk drive * {4D36E980-E325-11CE-BFC1-08002BE10318} * Hdc * {4D36E96A-E325-11CE-BFC1-08002BE10318} * Human Interface Devices * {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} * IEEE 1394 Bus host controllers * {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} * Keyboard * {4D36E96B-E325-11CE-BFC1-08002BE10318} * Mouse * {4D36E96F-E325-11CE-BFC1-08002BE10318} * PCMCIA Adapters * {4D36E977-E325-11CE-BFC1-08002BE10318} * SBP2 IEEE 1394 Devices * {D48179BE-EC20-11D1-B6B8-00C04FA372A7} * SCSIAdapter * {4D36E97B-E325-11CE-BFC1-08002BE10318} * SDA Standard Compliant SD Host Controller * {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} * SecurityDevices * {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} * Service * AppInfo AppMgmt BrokerInfrastructure CryptSvc DcomLaunch DeviceInstall EFS EventLog HelpSvc KeyIso LSM Netlogon NTDS PlugPlay Power ProfSvc RpcEptMapper RpcSs sacsvr SWPRV TabletInputService TBS TrustedInstaller VDS vmms WinDefend WinMgmt WudfSvc * Standard floppy disk controller * {4D36E969-E325-11CE-BFC1-08002BE10318} * System * {4D36E97D-E325-11CE-BFC1-08002BE10318} * Universal Serial Bus controllers * {36FC9E60-C465-11CF-8056-444553540000} * Volume * {71A27CDD-812A-11D0-BEC7-08002BE2092F} * Volume shadow copy * {533C5B84-EC70-11D2-9505-00C04F79DEAF} [SafeBoot services (Minimal boot + network support)] * CD-ROM Drive * {4D36E965-E325-11CE-BFC1-08002BE10318} * DiskDrive * {4D36E967-E325-11CE-BFC1-08002BE10318} * Driver * BasicDisplay.sys BasicRender.sys bowser dfsc dxgkrnl.sys FsDepends.sys ipnat.sys MPSDrv mrxsmb mrxsmb10 mrxsmb20 ndiscap nsiproxy.sys rdbss rdpencdd.sys sermouse.sys SmartcardSimulator VirtualSmartcardReader volmgr.sys volmgrx.sys WudfPf WudfRd WudfUsbccidDriver * Driver Group * Base Boot Bus Extender Boot file system File system Filter NDIS NDIS Wrapper NetBIOSGroup NetDDEGroup Network NetworkProvider PCI Configuration PNP Filter PNP_TDI Primary disk SCSI Class Streams Drivers System Bus Extender TDI * Enhanced Storage Devices * {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} * Floppy disk drive * {4D36E980-E325-11CE-BFC1-08002BE10318} * Hdc * {4D36E96A-E325-11CE-BFC1-08002BE10318} * Human Interface Devices * {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} * IEEE 1394 Bus host controllers * {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} * Keyboard * {4D36E96B-E325-11CE-BFC1-08002BE10318} * Mouse * {4D36E96F-E325-11CE-BFC1-08002BE10318} * Net * {4D36E972-E325-11CE-BFC1-08002BE10318} * NetClient * {4D36E973-E325-11CE-BFC1-08002BE10318} * NetService * {4D36E974-E325-11CE-BFC1-08002BE10318} * NetTrans * {4D36E975-E325-11CE-BFC1-08002BE10318} * PCMCIA Adapters * {4D36E977-E325-11CE-BFC1-08002BE10318} * SBP2 IEEE 1394 Devices * {D48179BE-EC20-11D1-B6B8-00C04FA372A7} * SCSIAdapter * {4D36E97B-E325-11CE-BFC1-08002BE10318} * SDA Standard Compliant SD Host Controller * {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} * SecurityDevices * {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} * Service * AFD AppInfo AppMgmt BFE BrokerInfrastructure Browser CryptSvc DcomLaunch DeviceInstall Dhcp DnsCache Dot3Svc Eaphost EFS EventLog HelpSvc IKEEXT KeyIso LanmanServer LanmanWorkstation LmHosts LSM Messenger MPSSvc NativeWifiP Ndisuio NetBIOS NetBT Netlogon NetMan netprofm NlaSvc Nsi NTDS PlugPlay PolicyAgent Power ProfSvc rdsessmgr RpcEptMapper RpcSs sacsvr SCardSvr SharedAccess SWPRV TabletInputService TBS Tcpip TrustedInstaller VaultSvc VDS vmms Wcmsvc WinDefend WinMgmt Wlansvc WudfSvc * Smart card readers * {50DD5230-BA8A-11D1-BF5D-0000F805F530} * Standard floppy disk controller * {4D36E969-E325-11CE-BFC1-08002BE10318} * System * {4D36E97D-E325-11CE-BFC1-08002BE10318} * Universal Serial Bus controllers * {36FC9E60-C465-11CF-8056-444553540000} * Volume * {71A27CDD-812A-11D0-BEC7-08002BE2092F} * Volume shadow copy * {533C5B84-EC70-11D2-9505-00C04F79DEAF} [SafeBoot: Alternate shell] cmd.exe (not enabled) -------------------- Driver filters: [Class filters] * (no name) * - Upper filters WpdUpFltr.sys [Device filters] * @cdrom.inf,%gencdrom_devdesc%;CD-ROM Drive * - Lower filters tdcmdpst.sys * @netrasa.inf,%mp-bh-dispname%;WAN Miniport (Network Monitor) * - Lower filters NdisTapi.sys * @netrasa.inf,%mp-ip-dispname%;WAN Miniport (IP) * - Lower filters NdisTapi.sys * @netrasa.inf,%mp-ipv6-dispname%;WAN Miniport (IPv6) * - Lower filters NdisTapi.sys * @oem15.inf,%rtl8188ce.devicedesc%;Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC * - Upper filters vwifibus.sys * @oem17.inf,%thotkey%;Toshiba Hotkey Driver * - Upper filters mshidkmdf.sys * @oem20.inf,%*tos1900.devicedescntamd64%;TOSHIBA x64 ACPI-Compliant Value Added Logical and General Purpose Device * - Upper filters TVALZFL.sys * @oem9.inf,%ps2.syndevicedesc%;Synaptics PS/2 Port TouchPad * - Upper filters SynTP.sys -------------------- Print monitors (6): Canon BJ Language Monitor MP600 - CNMLM87.DLL Local Port - localspl.dll Microsoft Shared Fax Monitor - FXSMON.DLL Standard TCP/IP Port - tcpmon.dll USB Monitor - usbmon.dll WSD Port - WSDMon.dll -------------------- WinLogon autoruns: UserInit = userinit.exe VmApplet = SystemPropertiesPerformance.exe /pagefile [Notify (1)] SDWinLogon = SDWinLogon.dll [Group policy extensions (16)] Wireless Group Policy = wlgpclnt.dll Folder Redirection = fdeploy.dll Microsoft Disk Quota = %SystemRoot%\System32\dskquota.dll QoS Packet Scheduler = gptext.dll Internet Explorer Zonemapping = C:\Windows\SysWOW64\iedkcs32.dll Windows Search Group Policy Extension = %SystemRoot%\System32\srchadmin.dll Internet Explorer User Accelerators = C:\Windows\SysWOW64\iedkcs32.dll Security = scecli.dll Deployed Printer Connections = %systemroot%\system32\gpprnext.dll Internet Explorer Branding = C:\Windows\SysWOW64\iedkcs32.dll 802.3 Group Policy = dot3gpclnt.dll TCPIP = gptext.dll Internet Explorer Machine Accelerators = C:\Windows\SysWOW64\iedkcs32.dll IP Security = %SystemRoot%\System32\polstore.dll Enterprise QoS = gptext.dll CP = gptext.dll -------------------- Policies: [This user] * Primary policies * - (16) {F11118-BE76-3F32-3AE4C12Aa5FA} = 7 {F32FACA5-1FD4-AF10-842A38AE823D} = 3331 {F37FACA0-11D4-AF10-842AC8AE823D} = 105 {FC2E4B7F-1CB8-AF10-842F38CE823E} = E53FF00042B19BA {FC2E4B7A-1C8B-AF10-842F38C8E231} = 30303030 {F37AACA8-11E4-AF10-842AC8AC85FD} = 3230313330313233 {F3CF4CA8-C1E6-AF10-8A2FC8FF85FA} = 303232313339 {F37AACA4-11E4-AF10-842AC8AE82FD} = CCD1CCCC {F37C4CA4-11E4-AF22-842AC8AE82FD} = CCD1CCCC {DF2E4BBF-1C38-DF1E-842F78C3823E} = 32312E3935 {DF2E4B00-CC38-DB91-B1E578C3A2C6} = 31392E3935 {C62A9C37-4B11-11FD-CB2FC8FF35F3} = 3535 {4C2E4BBF-1C38-AF10-842F38CE823E} = CC1000DF42B19BC {F32FACA0-C1D4-AF10-842AC8AE85CD} = 7361786F6E653140676F6F676C656D61696C2E636F6D {F32FACA0-11D4-AF10-842AC8EC823D} = 30305146342D43345734542D4A344943432D444D443457 Resume = dword: 0 [All users] * Primary policies * - Software\Policies\Microsoft\Peernet (1) Disabled = dword: 0 - Software\Policies\Microsoft\Windows\EnhancedStorageDevices (1) TCGSecurityActivationDisabled = dword: 0 - Software\Policies\Microsoft\Windows\Network Connections (1) NC_PersonalFirewallConfig = dword: 0 - Software\Policies\Microsoft\Windows\NetworkConnectivityStatusIndicator (1) @ = - Software\Policies\Microsoft\Windows\safer\codeidentifiers (1) authenticodeenabled = dword: 0 - Software\Policies\Microsoft\Windows\WcmSvc\Local (4) fBlockRoaming = dword: 0 fBlockNonDomain = dword: 0 fDisablePowerManagement = dword: 0 fMinimizeConnections = dword: 1 - Software\Policies\Microsoft\Windows NT\Terminal Services\Client (3) fEnableUsbNoAckIsochWriteToDevice = dword: 80 fEnableUsbBlockDeviceBySetupClass = dword: 1 fEnableUsbSelectDeviceByInterface = dword: 1 - Software\Policies\Microsoft\Windows NT\Terminal Services\Client\UsbBlockDeviceBySetupClasses (1) 1000 = {3376f4ce-ff8d-40a2-a80f-bb4359d1415c} - Software\Policies\Microsoft\Windows NT\Terminal Services\Client\UsbSelectDeviceByInterfaces (1) 1000 = {6bdd1fc6-810f-11d0-bec7-08002be2092f} - Software\Policies\Microsoft\Windows NT\Windows File Protection (1) KnownDllList = nlhtml.dll * Alternate policies * - Software\Microsoft\Windows\CurrentVersion\policies\ActiveDesktop (2) NoComponents = dword: 1 NoAddingComponents = dword: 1 - Software\Microsoft\Windows\CurrentVersion\policies\Attachments (1) ScanWithAntiVirus = dword: 3 - Software\Microsoft\Windows\CurrentVersion\policies\Explorer (3) ForceActiveDesktopOn = dword: 0 NoActiveDesktopChanges = dword: 1 NoActiveDesktop = dword: 1 - Software\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID (3) {553891B7-A0D5-4526-BE18-D3CE461D6310} = 2 {449D0D6E-2412-4E61-B68F-1CB625CD9E52} = 2 {EA801577-E6AD-4BD5-8F71-4BE0154331A4} = 2 - Software\Microsoft\Windows\CurrentVersion\policies\NonEnum (3) {BDEADF00-C265-11D0-BCED-00A0C90AB50F} = dword: 1 {6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} = dword: 1073741857 {0DF44EAA-FF21-4412-828E-260A8728E7F1} = dword: 32 - Software\Microsoft\Windows\CurrentVersion\policies\System (18) EnableVirtualization = dword: 1 EnableInstallerDetection = dword: 1 PromptOnSecureDesktop = dword: 1 EnableLUA = dword: 1 EnableSecureUIAPaths = dword: 1 ConsentPromptBehaviorAdmin = dword: 5 ValidateAdminCodeSignatures = dword: 0 EnableUIADesktopToggle = dword: 0 EnableCursorSuppression = dword: 1 ConsentPromptBehaviorUser = dword: 3 dontdisplaylastusername = dword: 0 legalnoticecaption = legalnoticetext = scforceoption = dword: 0 shutdownwithoutlogon = dword: 1 undockwithoutlogon = dword: 1 FilterAdministratorToken = dword: 0 EnableLinkedConnections = dword: 1 - Software\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats (7) CF_UNICODETEXT = dword: 13 CF_DIBV5 = dword: 17 CF_PALETTE = dword: 9 CF_BITMAP = dword: 2 CF_TEXT = dword: 1 CF_DIB = dword: 8 CF_OEMTEXT = dword: 7 -------------------- Browser Helper Objects (3): ClassicIE9BHO Class = {EA801577-E6AD-4BD5-8F71-4BE0154331A4} = C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll ExplorerBHO Class = {449D0D6E-2412-4E61-B68F-1CB625CD9E52} = C:\Program Files\Classic Shell\ClassicExplorer32.dll LastPass Vault = {95D9ECF5-2A4D-4550-BE49-70D42F71296E} = C:\Program Files (x86)\LastPass\LPToolbar.dll -------------------- ActiveX objects (4): DOTNETFRAMEWORKS - {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install MailNews - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\windows\system32\unregmp2.exe /FirstLogon WMPACCESS - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\windows\system32\unregmp2.exe /ShowWMP -------------------- Internet Explorer toolbars: [All users (1)] LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [This user] * ShellBrowser (1) * (no name) - ITBar7Layout - (no file) -------------------- Internet Explorer buttons/tools (4): LastPass - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll Research - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL -------------------- Internet Explorer menu extensions: [This user (2)] LastPass - file://C:\Users\CJC\AppData\LocalLow\LastPass\context.html?cmd=lastpass LastPass Fill Forms - file://C:\Users\CJC\AppData\LocalLow\LastPass\context.html?cmd=fillforms -------------------- Internet Explorer Bands (4): IE Search Band - {30D02401-6A81-11d0-8274-00C04FD5AE38} - C:\Windows\SysWOW64\ieframe.dll &Discuss - {BDEADE7F-C265-11D0-BCED-00A0C90AB50F} - shdocvw.dll - {EFA24E64-B078-11D0-89E4-00C04FC9E26E} - &Research - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL -------------------- URL search hooks: [This user (1)] Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll -------------------- Explorer clones: C:\windows\explorer.exe C:\windows\system32\explorer.exe -------------------- ContextMenuHandlers: [* (6)] BriefcaseMenu = {85BBD920-42A0-1069-A2E4-08002B30309D} = C:\windows\system32\syncui.dll NeroShellExt Class = {F764812A-132C-4013-9960-5CBBEB408A0E} = C:\Program Files (x86)\Common Files\Nero\NeroShellExt\\NeroShellExt.dll Open With = {09799AFB-AD67-11d1-ABCD-00C04FC30936} = C:\windows\system32\shell32.dll Open With EncryptionMenu = {A470F8CF-A1E8-4f65-8335-227475AA5C46} = C:\windows\system32\shell32.dll Sharing = {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = C:\windows\system32\ntshrui.dll Taskband Pin = {90AA3A4E-1CBA-4233-B8BB-535773D48449} = C:\windows\system32\shell32.dll [Drive (6)] Disk Copy Extension = {59099400-57FF-11CE-BD94-0020AF85B590} = C:\windows\system32\diskcopy.dll NeroShellExt Class = {F764812A-132C-4013-9960-5CBBEB408A0E} = C:\Program Files (x86)\Common Files\Nero\NeroShellExt\\NeroShellExt.dll Portable Devices Menu = {D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} = C:\windows\system32\wpdshext.dll Previous Versions Property Page = {596AB062-B4D2-4215-9F74-E9109B0A8153} = C:\windows\system32\twext.dll Sharing = {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = C:\windows\system32\ntshrui.dll ShellFolder for CD Burning = {fbeb8a05-beee-4442-804e-409d6c4515e9} = C:\windows\system32\shell32.dll [Folder (3)] BriefcaseMenu = {85BBD920-42A0-1069-A2E4-08002B30309D} = C:\windows\system32\syncui.dll Library Location = {3dad6c5d-2167-4cae-9914-f99e41c12cfa} = C:\windows\system32\shell32.dll NBShellHook Class = {0A920327-8189-4514-86FF-48D5F9C75FD4} = C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBShell.dll [CompressedFolder (1)] Compressed (zipped) Folder Context Menu = {b8cdcb65-b1bf-4b42-9428-1dfdb7ee92af} = C:\windows\system32\zipfldr.dll [Directory (4)] EncryptionMenu = {A470F8CF-A1E8-4f65-8335-227475AA5C46} = C:\windows\system32\shell32.dll NeroShellExt Class = {F764812A-132C-4013-9960-5CBBEB408A0E} = C:\Program Files (x86)\Common Files\Nero\NeroShellExt\\NeroShellExt.dll Previous Versions Property Page = {596AB062-B4D2-4215-9F74-E9109B0A8153} = C:\windows\system32\twext.dll Sharing = {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = C:\windows\system32\ntshrui.dll [Directory\Background (2)] New = {D969A300-E7FF-11d0-A93B-00A0C90F2719} = C:\windows\system32\shell32.dll Sharing = {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} = C:\windows\system32\ntshrui.dll [InternetShortcut (1)] Internet Shortcut = {FBF23B40-E3F0-101B-8488-00AA003E56F8} = C:\Windows\SysWOW64\ieframe.dll [AllFileSystemObjects (5)] Copy To = {C2FBB630-2971-11D1-A18C-00C04FD75D13} = C:\windows\system32\shell32.dll CopyAsPathMenu = {f3d06e7c-1e45-4a26-847e-f9fcdee59be0} = C:\windows\system32\shell32.dll Move To = {C2FBB631-2971-11D1-A18C-00C04FD75D13} = C:\windows\system32\shell32.dll Previous Versions Property Page = {596AB062-B4D2-4215-9F74-E9109B0A8153} = C:\windows\system32\twext.dll SendTo = {7BA4C740-9E81-11CF-99D3-00AA004AE837} = C:\windows\system32\shell32.dll -------------------- Approved Shell Extensions: [All users (21)] .contact shell extension handler - {8082C5E6-4C27-48ec-A809-B8E1122E8F97} - %CommonProgramFiles%\System\wab32.dll .group shell extension handler - {4F58F63F-244B-4c07-B29F-210BE59BE9B4} - %CommonProgramFiles%\System\wab32.dll Code Download Agent - {7D559C10-9FE9-11d0-93F7-00AA0059CE02} - C:\Windows\SysWOW64\webcheck.dll contact_wab_auto_file - {CF67796C-F57F-45F8-92FB-AD698826C602} - %CommonProgramFiles%\System\wab32.dll Contacts folder - {0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} - DLNA Namespace Extension - {289AF617-1CC3-42A6-926C-E6A863F0E3BA} - C:\Windows\SysWOW64\dlnashext.dll group_wab_auto_file - {16C2C29D-0E5F-45f3-A445-03E03F587B7D} - %CommonProgramFiles%\System\wab32.dll Microsoft Camera Raw Property Store - {3DBEE9A1-C471-4B95-BBCA-F39310064458} - C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll Microsoft Office HTML Icon Handler - {42042206-2D85-11D3-8CFF-005004838597} - C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll Microsoft Windows Mail Html Preview Handler - {92dbad9f-5025-49b0-9078-2d78f935e341} - C:\Windows\SysWOW64\inetcomm.dll Microsoft Windows Mail Html Preview Handler - {b9815375-5d7f-4ce2-9245-c9d4da436930} - C:\Windows\SysWOW64\inetcomm.dll Microsoft Windows Mail Html Preview Handler - {BFD468D2-D0A0-4bdc-878C-E69C2F5B435D} - C:\Windows\SysWOW64\inetcomm.dll Microsoft Windows Mail Html Preview Handler - {f8b8412b-dea3-4130-b36c-5e8be73106ac} - C:\Windows\SysWOW64\inetcomm.dll Nero Shell Extension - {F764812A-132C-4013-9960-5CBBEB408A0E} - C:\Program Files (x86)\Common Files\Nero\NeroShellExt\\NeroShellExt.dll Shell extensions for Windows Script Host - {60254CA5-953B-11CF-8C96-00AA00B8708C} - C:\Windows\SysWOW64\wshext.dll Subscription Folder - {F5175861-2688-11d0-9C5E-00AA00A45957} - C:\Windows\SysWOW64\webcheck.dll Subscription Mgr - {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} - C:\Windows\SysWOW64\webcheck.dll WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - WebCheck SyncMgr Handler - {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} - C:\Windows\SysWOW64\webcheck.dll WebCheckWebCrawler - {08165EA0-E946-11CF-9C87-00AA005127ED} - C:\Windows\SysWOW64\webcheck.dll Windows Contact Preview Handler - {13D3C4B8-B179-4ebb-BF62-F704173E7448} - %CommonProgramFiles%\System\wab32.dll -------------------- Registry 'Run' keys: [User Run] RemoTerm.exe = C:\Program Files (x86)\Common Files\PCTV Systems\RemoTerm\RemoTerm.exe RocketDock = "C:\Program Files (x86)\RocketDock\RocketDock.exe" [System Run] Intel AppUp(SM) center = "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4 ToshibaDynamicIconUtility = "C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe" TPUReg = "C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe" /Retimes TPUReg(x86) = "C:\Program Files\TOSHIBA\Password Utility\TosPU.exe" /Retimes -------------------- Protocols: [Pluggable MIME filters (4)] application/octet-stream = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} = C:\Windows\SysWOW64\mscoree.dll application/x-complus = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} = C:\Windows\SysWOW64\mscoree.dll application/x-msdownload = {1E66F26B-79EE-11D2-8710-00C04F79ED0D} = C:\Windows\SysWOW64\mscoree.dll text/xml = {807563E5-5146-11D5-A672-00B0D022E945} = C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL [Protocol handlers (18)] about = {3050F406-98B5-11CF-BB82-00AA00BDCE0B} = C:\Windows\SysWOW64\mshtml.dll cdl = {3dd53d40-7b8b-11D0-b013-00aa0059ce02} = C:\Windows\SysWOW64\urlmon.dll dvd = {12D51199-0DB5-46FE-A120-47A3D7D937CC} = C:\Windows\SysWOW64\msvidctl.dll file = {79eac9e7-baf9-11ce-8c82-00aa004ba90b} = C:\Windows\SysWOW64\urlmon.dll ftp = {79eac9e3-baf9-11ce-8c82-00aa004ba90b} = C:\Windows\SysWOW64\urlmon.dll http = {79eac9e2-baf9-11ce-8c82-00aa004ba90b} = C:\Windows\SysWOW64\urlmon.dll https = {79eac9e5-baf9-11ce-8c82-00aa004ba90b} = C:\Windows\SysWOW64\urlmon.dll its = {9D148291-B9C8-11D0-A4CC-0000F80149F6} = C:\Windows\SysWOW64\itss.dll javascript = {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} = C:\Windows\SysWOW64\mshtml.dll local = {79eac9e7-baf9-11ce-8c82-00aa004ba90b} = C:\Windows\SysWOW64\urlmon.dll mailto = {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} = C:\Windows\SysWOW64\mshtml.dll mhtml = {05300401-BCBC-11d0-85E3-00C04FD85AB4} = C:\Windows\SysWOW64\inetcomm.dll mk = {79eac9e6-baf9-11ce-8c82-00aa004ba90b} = C:\Windows\SysWOW64\urlmon.dll ms-help = {314111c7-a502-11d2-bbca-00c04f8ec294} = C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll ms-its = {9D148291-B9C8-11D0-A4CC-0000F80149F6} = C:\Windows\SysWOW64\itss.dll res = {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} = C:\Windows\SysWOW64\mshtml.dll tv = {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} = C:\Windows\SysWOW64\msvidctl.dll vbscript = {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} = C:\Windows\SysWOW64\mshtml.dll -------------------- WOW compatibility: [KnownDlls (32-bit) (32)] advapi32.dll clbcatq.dll combase.dll COMDLG32.dll difxapi.dll gdi32.dll gdiplus.dll IERTUTIL.dll IMAGEHLP.dll IMM32.dll kernel32.dll LPK.dll MSCTF.dll MSVCRT.dll NORMALIZ.dll NSI.dll ole32.dll OLEAUT32.dll PSAPI.DLL rpcrt4.dll sechost.dll Setupapi.dll SHELL32.dll SHLWAPI.dll URLMON.dll user32.dll WININET.dll WLDAP32.dll Wow64.dll Wow64cpu.dll Wow64win.dll WS2_32.dll -------------------- Winsock LSP: [Protocols (9)] MSAFD Tcpip [TCP/IP] - {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} - C:\windows\system32\mswsock.dll MSAFD Tcpip [UDP/IP] - {E70F1AA0-AB8B-11CF-8CA3-00805F48A192} - C:\windows\system32\mswsock.dll MSAFD Tcpip [TCP/IPv6] - {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4} - C:\windows\system32\mswsock.dll MSAFD Tcpip [UDP/IPv6] - {F9EAB0C0-26D4-11D0-BBBF-00AA006C34E4} - C:\windows\system32\mswsock.dll RSVP TCPv6 Service Provider - {9D60A9E0-337A-11D0-BD88-0000C082E69A} - C:\windows\system32\mswsock.dll RSVP TCP Service Provider - {9D60A9E0-337A-11D0-BD88-0000C082E69A} - C:\windows\system32\mswsock.dll RSVP UDPv6 Service Provider - {9D60A9E0-337A-11D0-BD88-0000C082E69A} - C:\windows\system32\mswsock.dll RSVP UDP Service Provider - {9D60A9E0-337A-11D0-BD88-0000C082E69A} - C:\windows\system32\mswsock.dll MSAFD RfComm [Bluetooth] - {9FC48064-7298-43E4-B7BD-181F2089792A} - C:\windows\system32\mswsock.dll [Namespace Providers (7)] E-mail Naming Shim Provider - {964ACBA2-B2BC-40EB-8C6A-A6DB40161CAE} - PNRP Cloud Namespace Provider - {03FE89CE-766D-4976-B9C1-BB9BC42C7B4D} - PNRP Name Namespace Provider - {03FE89CD-766D-4976-B9C1-BB9BC42C7B4D} - Network Location Awareness Legacy (NLAv1) Namespace - {6642243A-3BA8-4AA6-BAA5-2E0BD71FDD83} - Tcpip - {22059D40-7E9E-11CF-AE5A-00AA00A7112B} - NTDS - {3B2637EE-E580-11CF-A555-00C04FD8D4AC} - Bluetooth Namespace - {06AA63E0-7D60-41FF-AFB2-3EE6D2D9392D} - C:\windows\system32\wshbth.dll -------------------- Hijack points: [Reset web settings URLs] SearchAssistant = CustomizeSearch = START_PAGE_URL = SEARCH_PAGE_URL = MS_START_PAGE_URL = [Internet Explorer URLs] * This user * - Internet Explorer\Main (4) Default_Page_Url = http://toshiba13.msn.com Local Page = C:\windows\system32\blank.htm Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 Start Page = http://toshiba13.msn.com * All users * - Internet Explorer\Main (5) Default_Page_Url = http://go.microsoft.com/fwlink/p/?LinkId=255141 Default_Search_Url = http://go.microsoft.com/fwlink/?LinkId=54896 Local Page = C:\windows\SysWOW64\blank.htm Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 - Internet Explorer\AboutURLs (6) blank = res://mshtml.dll/blank.htm DesktopItemNavigationFailure = res://ieframe.dll/navcancl.htm NavigationCanceled = res://ieframe.dll/navcancl.htm NavigationFailure = res://ieframe.dll/navcancl.htm OfflineInformation = res://ieframe.dll/offcancl.htm PostNotCached = res://ieframe.dll/repost.htm [Default URL prefixes] default = http:// ftp = ftp:// home = http:// mosaic = http:// www = http:// [Hosts file location] DatabasePath = C:\windows\System32\drivers\etc\hosts -------------------- Protection & disabled items: [ActiveX killbits (151)] &Address - {01E04581-4EEE-11d0-BFE9-00AA005B4383} - C:\windows\system32\explorerframe.dll (no name) - {35cec8a3-2be6-11d2-8773-92e220524153} - C:\windows\system32\stobject.dll (no name) - {53C74826-AB99-4D33-ACA4-3117F51D3788} - C:\windows\system32\shell32.dll (no name) - {b4b3aecb-dfd6-11d1-9daa-00805f85cfe3} - C:\windows\system32\clbcatq.dll (no name) - {e846f0a0-d367-11d1-8286-00a0c9231c29} - C:\Windows\SysWOW64\catsrvut.dll (no name) - {FEF10FA2-355E-4E06-9381-9B24D7F7CC88} - C:\windows\system32\shell32.dll ACM Class Manager - {33d9a761-90c8-11d0-bd43-00a0c911ce86} - C:\Windows\SysWOW64\devenum.dll ActiveMovie Filter Class Manager - {083863F1-70DE-11d0-BD40-00A0C911CE86} - C:\Windows\SysWOW64\devenum.dll ADODB.Stream - {00000566-0000-0010-8000-00AA006D2EA4} - C:\Program Files (x86)\Common Files\System\ado\msado15.dll Analog Audio Component Type - {28AB0005-E845-4FFA-AA9B-F4665236141C} - C:\Windows\SysWOW64\msvidctl.dll ATSC Tune Request Location Information - {8872FF1B-98FA-4D7A-8D93-C9F1055F85BB} - C:\Windows\SysWOW64\msvidctl.dll Audio Renderers Collection Class - {C5702CCF-9B79-11D3-B654-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll BDA Data Services Feature Segment - {334125C0-77E5-11d3-B653-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuner Device Segment - {A2E3074E-6C3D-11D3-B653-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model Analog Locator - {49638B91-48AB-48B7-A47A-7D0E75A08EDE} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model Analog Radio Tuning Space - {8A674B4C-1F63-11D3-B64C-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model Analog TV Tuning Space - {8A674B4D-1F63-11D3-B64C-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model ATSC Channel Tune Request - {0369B4E6-45B6-11D3-B650-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model ATSC Component Type Class (Broadcast Substream Type) - {A8DCF3D5-0780-4EF4-8A83-2CFFAACB8ACE} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model ATSC Tuning Space - {A2E30750-6C3D-11D3-B653-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model Auxiliary Inputs Tuning Space - {F9769A06-7ACA-4E39-9CFB-97BB35F0E77E} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model Channel ID Tune Request - {3A9428A7-31A4-45E9-9EFB-E055BF7BB3DB} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model Channel ID Tuning Space - {CC829A2F-3365-463F-AF13-81DBB6F3A555} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model Channel Tune Request - {0369B4E5-45B6-11D3-B650-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model Component Class(Broadcast Substream) - {59DC47A8-116C-11D3-9D8E-00C04F72D980} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model Component Type Class (Broadcast Substream Type) - {823535A0-0318-11D3-9D8E-00C04F72D980} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model Digital Cable Locator - {03C06416-D127-407A-AB4C-FDD279ABBE5D} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model Digital Cable Tune Request - {26EC0B63-AA90-458A-8DF4-5659F2C8A18A} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model Digital Cable Tuning Space - {D9BB4CEE-B87A-47F1-AC92-B08D9C7813FC} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model DVB Cable Locator - {C531D9FD-9685-4028-8B68-6E1232079F1E} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model DVB Satellite Locator - {1DF7D126-4050-47F0-A7CF-4C4CA9241333} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model DVB Terrestrial Locator - {9CD64701-BDF3-4D14-8E03-F12983D86664} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model DVB Tune Request - {15D6504A-5494-499C-886C-973C9E53B9F1} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model DVB Tuning Space - {C6B14B32-76AA-4A86-A7AC-5C79AAF58DA7} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model DVB-Satellite Tuning Space - {B64016F3-C9A2-4066-96F0-BD9563314726} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model Language Component Type Class (Broadcast Substream Type) - {1BE49F30-0E1B-11D3-9D8E-00C04F72D980} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model MPEG2 Component Class (Broadcast Substream) - {055CB2D7-2969-45CD-914B-76890722F112} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model MPEG2 Component Type Class (Broadcast Substream Type) - {418008F3-CF67-4668-9628-10DC52BE1D08} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model MPEG2 Tune Request - {0955AC62-BF2E-4CBA-A2B9-A63F772D46CF} - C:\Windows\SysWOW64\msvidctl.dll BDA Tuning Model MPEG2 Tune Request Factory - {2C63E4EB-4CEA-41B8-919C-E947EA19A77C} - C:\Windows\SysWOW64\msvidctl.dll Briefcase - {85bbd920-42a0-1069-a2e4-08002b30309d} - C:\windows\system32\syncui.dll cfw Class - {ECABAFC0-7F19-11D2-978E-0000F8757E2A} - C:\Windows\SysWOW64\comsvcs.dll Closed Captions Analysis Feature Segment - {86151827-E47B-45EE-8421-D10E6E690979} - C:\Windows\SysWOW64\msvidctl.dll Collection of all the available BDA Tuning Model Tuning Space objects on this system - {D02AAC50-027E-11D3-9D8E-00C04F72D980} - C:\Windows\SysWOW64\msvidctl.dll Collection of BDA Tuning Model Component Types(Broadcast Substream Types) - {A1A2B1C4-0E3A-11D3-9D8E-00C04F72D980} - C:\Windows\SysWOW64\msvidctl.dll Collection of BDA Tuning Model Components(Broadcast Substreams) - {809B6661-94C4-49E6-B6EC-3F0F862215AA} - C:\Windows\SysWOW64\msvidctl.dll Custom Composition Segment from Data Services to Time Shift Sink - {38F03426-E83B-4E68-B65B-DCAE73304838} - C:\Windows\SysWOW64\msvidctl.dll Custom Composition Segment from Encoder to Time Shift Sink - {A0B9B497-AFBC-45AD-A8A6-9B077C40D4F2} - C:\Windows\SysWOW64\msvidctl.dll Custom Composition Segment from iTV to Stream Buffer Source - {92B94828-1AF7-4E6E-9EBF-770657F77AF5} - C:\Windows\SysWOW64\msvidctl.dll Custom Composition Segment from Legacy Analog Tv Tuner Device Segment to Data Services Feature Segment - {C5702CD6-9B79-11D3-B654-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll Custom Composition Segment from Legacy Analog Tv Tuner Device Segment to Standard Video Renderer Device Segment - {E18AF75A-08AF-11D3-B64A-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll Custom Composition Segment from WebDVD Device Segment to Standard Video Renderer Device Segment - {267DB0B3-55E3-4902-949B-DF8F5CEC0191} - C:\Windows\SysWOW64\msvidctl.dll Developer Tools - {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll Developer Tools - {8FE85D00-4647-40B9-87E4-5EB8A52F4759} - C:\Program Files (x86)\Internet Explorer\iedvtool.dll DigitalCable Class - {ABBA001B-3075-11D6-88A4-00B0D0200F88} - C:\Windows\SysWOW64\psisdecd.dll DirectX Transform Wrapper Property Page - {1B544C24-FD0B-11CE-8C63-00AA0044B520} - C:\Windows\SysWOW64\qedit.dll Encoder Feature Segment - {BB530C63-D9DF-4B49-9439-63453962E598} - C:\Windows\SysWOW64\msvidctl.dll Features Collection Class - {C5702CD0-9B79-11D3-B654-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll File Playback Device Segment - {37B0353C-A4C8-11D2-B634-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll Generic Graph Composition Segment - {2764BCE5-CC39-11D2-B639-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll Generic Sink Segment - {4A5869CF-929D-4040-AE03-FCAFC5B9CD42} - C:\Windows\SysWOW64\msvidctl.dll HHCtrl Object - {41B23C28-488E-4E5C-ACE2-BB0BBABE99E8} - C:\Windows\SysWOW64\hhctrl.ocx HHCtrl Object - {ADB880A6-D8FF-11CF-9377-00AA003B7A11} - C:\Windows\SysWOW64\hhctrl.ocx IAVIStream & IAVIFile Proxy - {0002000D-0000-0000-C000-000000000046} - C:\Windows\SysWOW64\avifil32.dll ICM Class Manager - {33d9a760-90c8-11d0-bd43-00a0c911ce86} - C:\Windows\SysWOW64\devenum.dll Input Devices Collection Class - {C5702CCC-9B79-11D3-B654-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll iTV Capture Feature Segment - {5740A302-EF0B-45CE-BF3B-4470A14A8980} - C:\Windows\SysWOW64\msvidctl.dll iTV Playback Feature Segment - {9E797ED0-5253-4243-A9B7-BD06C58F8EF3} - C:\Windows\SysWOW64\msvidctl.dll Legacy Analog TV Tuner Device Segment - {1C15D484-911D-11D2-B632-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll LexRefBilingualTextContext Class - {75C11604-5C51-48B2-B786-DF5E51D10EC9} - C:\Program Files (x86)\Common Files\Microsoft Shared\TRANSLAT\MSB1CORE.DLL LexRefStEsObject Class - {4CFB5280-800B-4367-848F-5A13EBF27F1D} - C:\Program Files (x86)\Common Files\Microsoft Shared\TRANSLAT\ESEN\MSB1ESEN.DLL LexRefStFrObject Class - {B3E0E785-BD78-4366-9560-B7DABE2723BE} - C:\Program Files (x86)\Common Files\Microsoft Shared\TRANSLAT\FREN\MSB1FREN.DLL LW Identities - {A9AE6C91-1D1B-11D2-B21A-00C04FA357FA} - C:\windows\system32\msident.dll Media Streaming Dynamic Terminal - {AED6483F-3304-11D2-86F1-006008B0E5D2} - C:\Windows\SysWOW64\termmgr.dll MessageMover Class - {ecabb0bf-7f19-11d2-978e-0000f8757e2a} - C:\Windows\SysWOW64\comsvcs.dll Microsoft Common Browser Architecture - {AF604EFE-8897-11D1-B944-00A0C90312E1} - C:\windows\system32\explorerframe.dll Microsoft DocHost User Interface Handler - {7057e952-bd1b-11d1-8919-00c04fc2c836} - C:\Windows\SysWOW64\ieframe.dll Microsoft HTA Document 6.0 - {3050F5C8-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll Microsoft Html Document for Popup Window - {3050F67D-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll Microsoft Html Popup Window - {3050f667-98b5-11cf-bb82-00aa00bdce0b} - C:\Windows\SysWOW64\mshtml.dll Microsoft HTML Window Security Proxy - {3050F391-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll Microsoft RDP Client Control (redistributable) - version 3 - {9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} - C:\windows\system32\mstscax.dll Microsoft RDP Client Control (redistributable) - version 4 - {7584c670-2274-4efb-b00b-d6aaba6d3850} - C:\windows\system32\mstscax.dll Microsoft RDP Client Control (redistributable) - version 5 - {4EDCB26C-D24C-4e72-AF07-B576699AC0DE} - C:\windows\system32\mstscax.dll MidiOut Class Manager - {4efe2452-168a-11d1-bc76-00c04fb9453b} - C:\Windows\SysWOW64\devenum.dll MMStream Class - {49C47CE5-9BA4-11D0-8212-00C04FC32C45} - C:\Windows\SysWOW64\amstream.dll MS TV Video Control - {B0EDF163-910A-11D2-B632-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll MS Video Control Closed Captioning Feature Segment - {7F9CB14D-48E4-43B6-9346-1AEBC39C64D3} - C:\Windows\SysWOW64\msvidctl.dll MS Video Control Closed Captioning SI Feature Segment - {92ED88BF-879E-448F-B6B6-A385BCEB846D} - C:\Windows\SysWOW64\msvidctl.dll MSP Class - {4DDB6D36-3BC1-11D2-86F2-006008B0E5D2} - C:\Windows\SysWOW64\wavemsp.dll MSVidCtl Analog Capture to Encoder Composition Segment - {28953661-0231-41DB-8986-21FF4388EE9B} - C:\Windows\SysWOW64\msvidctl.dll MSVidCtl Analog Capture to XDS Composition Segment - {3540D440-5B1D-49CB-821A-E84B8CF065A7} - C:\Windows\SysWOW64\msvidctl.dll MSVidCtl Analog TV to StreamBufferSource Composition Segment - {9F50E8B1-9530-4DDC-825E-1AF81D47AED6} - C:\Windows\SysWOW64\msvidctl.dll MSVidCtl CC to Audio Renderer Composition Segment - {D76334CA-D89E-4BAF-86AB-DDB59372AFC2} - C:\Windows\SysWOW64\msvidctl.dll MSVidCtl CC to Video Renderer Composition Segment - {C4BF2784-AE00-41BA-9828-9C953BD3C54A} - C:\Windows\SysWOW64\msvidctl.dll MSVidCtl Digital TV to CCA Composition Segment - {73D14237-B9DB-4EFA-A6DD-84350421FB2F} - C:\Windows\SysWOW64\msvidctl.dll MSVidCtl Digital TV to iTV Composition Segment - {5D8E73F7-4989-4AC8-8A98-39BA0D325302} - C:\Windows\SysWOW64\msvidctl.dll MSVidCtl Digital TV to StreamBufferSource Composition Segment - {ABE40035-27C3-4A2F-8153-6624471608AF} - C:\Windows\SysWOW64\msvidctl.dll MSVidCtl DVD to Audio Renderer Composition Segment - {8D04238E-9FD1-41C6-8DE3-9E1EE309E935} - C:\Windows\SysWOW64\msvidctl.dll MSVidCtl Enhanced Video Renderer(DX10) Segment - {C45268A2-FA81-4E19-B1E3-72EDBD60AEDA} - C:\Windows\SysWOW64\msvidctl.dll MSVidCtl FilePlayback to Audio Renderer Composition Segment - {CC23F537-18D4-4ECE-93BD-207A84726979} - C:\Windows\SysWOW64\msvidctl.dll MSVidCtl FilePlayback to Video Renderer Composition Segment - {B401C5EB-8457-427F-84EA-A4D2363364B0} - C:\Windows\SysWOW64\msvidctl.dll MSVidCtl MPEG2 Decoder to Closed Captioning Composition Segment - {6AD28EE1-5002-4E71-AAF7-BD077907B1A4} - C:\Windows\SysWOW64\msvidctl.dll MSVidCtl SBE Source to Closed Caption Composition Segment - {9193A8F9-0CBA-400E-AA97-EB4709164576} - C:\Windows\SysWOW64\msvidctl.dll MSVidCtl SBE Source to iTV Composition Segment - {2291478C-5EE3-4BEF-AB5D-B5FF2CF58352} - C:\Windows\SysWOW64\msvidctl.dll MSVidCtl SBE Source to Video Mixing Renderer Composition Segment - {3C4708DC-B181-46A8-8DA8-4AB0371758CD} - C:\Windows\SysWOW64\msvidctl.dll MSVidCtl Stream Buffer Source To Generic Sink Composition segment - {991DA7E5-953F-435B-BE5E-B92A05EDFC42} - C:\Windows\SysWOW64\msvidctl.dll MTSEvents Class - {ECABB0AB-7F19-11D2-978E-0000F8757E2A} - C:\Windows\SysWOW64\comsvcs.dll Network Connections - {7007acc7-3202-11d1-aad2-00805fc1270e} - C:\windows\System32\netshell.dll Network Connections - {992cffa0-f557-101a-88ec-00dd010ccc48} - C:\windows\System32\netshell.dll Output Devices Collection Class - {C5702CCD-9B79-11D3-B654-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll PostBootReminder object - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\windows\system32\shell32.dll PSDispatch - {00020420-0000-0000-c000-000000000046} - C:\Windows\SysWOW64\oleaut32.dll PSEnumVariant - {00020421-0000-0000-C000-000000000046} - C:\Windows\SysWOW64\oleaut32.dll PSOAInterface - {00020424-0000-0000-c000-000000000046} - C:\Windows\SysWOW64\oleaut32.dll PSSupportErrorInfo - {DF0B3D60-548F-101B-8E65-08002B2BD119} - C:\Windows\SysWOW64\oleaut32.dll PSTypeComp - {00020425-0000-0000-C000-000000000046} - C:\Windows\SysWOW64\oleaut32.dll PSTypeInfo - {00020422-0000-0000-C000-000000000046} - C:\Windows\SysWOW64\oleaut32.dll PSTypeLib - {00020423-0000-0000-C000-000000000046} - C:\Windows\SysWOW64\oleaut32.dll Queued Components Recorder - {ecabafc2-7f19-11d2-978e-0000f8757e2a} - C:\Windows\SysWOW64\comsvcs.dll Script Encoder Object - {32DA2B15-CFED-11D1-B747-00C04FC2B085} - C:\Windows\SysWOW64\scrrun.dll ShellFolder for CD Burning - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\windows\system32\shell32.dll Shortcut - {00021401-0000-0000-C000-000000000046} - C:\Windows\SysWOW64\shell32.dll SpSharedRecoContext Class - {47206204-5ECA-11D2-960F-00C04F8EE628} - C:\windows\System32\Speech\Common\sapi.dll SpSharedRecognizer Class - {3BEE4890-4FE9-4A37-8C1E-5E7E12791C1F} - C:\windows\System32\Speech\Common\sapi.dll Standard Audio Renderer Device Segment - {37B03544-A4C8-11D2-B634-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll Standard Video Renderer Device Segment - {37B03543-A4C8-11D2-B634-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll Stream Buffer Recording Control Object - {CAAFDD83-CEFC-4E3D-BA03-175F17A24F91} - C:\Windows\SysWOW64\msvidctl.dll Stream Buffer Sink Segment - {9E77AAC4-35E5-42A1-BDC2-8F3FF399847C} - C:\Windows\SysWOW64\msvidctl.dll Stream Buffer Source - {AD8E510D-217F-409B-8076-29C5E73B98E8} - C:\Windows\SysWOW64\msvidctl.dll Stream Buffer V2 Source - {FD351EA1-4173-4AF4-821D-80D4AE979048} - C:\Windows\SysWOW64\MSVidCtl.dll System Monitor Source Properties - {0CF32AA1-7571-11D0-93C4-00AA00A3DDEA} - C:\windows\System32\sysmon.ocx Tablet Tip Soft Keyboard Skin Class - {E94137E0-92ED-4579-9251-18AF2A08CCD1} - %CommonProgramFiles%\microsoft shared\ink\tipskins.dll Trident HTMLEditor - {3050F4F5-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtmled.dll Utility Object for Binding Events SubObjects in Script Variables - {577FAA18-4518-445E-8F70-1473F8CF4BA4} - C:\Windows\SysWOW64\msvidctl.dll VFW Capture Class Manager - {860bb310-5d01-11d0-bd3b-00a0c911ce86} - C:\Windows\SysWOW64\devenum.dll Video Effect (1 input) Class Manager - {cc7bfb42-f175-11d1-a392-00e0291f3959} - C:\Windows\SysWOW64\qedit.dll Video Effect (2 input) Class Manager - {cc7bfb43-f175-11d1-a392-00e0291f3959} - C:\Windows\SysWOW64\qedit.dll Video Mixing Renderer 9 - {51B4ABF3-748F-4E3B-A276-C828330E926A} - C:\Windows\SysWOW64\quartz.dll Video Mixing Renderer 9 Device Segment - {24DC3975-09BF-4231-8655-3EE71F43837D} - C:\Windows\SysWOW64\msvidctl.dll Video Render Dynamic Terminal - {AED6483E-3304-11D2-86F1-006008B0E5D2} - C:\Windows\SysWOW64\termmgr.dll Video Renderers Collection Class - {C5702CCE-9B79-11D3-B654-00C04F79498E} - C:\Windows\SysWOW64\msvidctl.dll VideoPort Object - {CE292861-FC88-11D0-9E69-00C04FD7C15B} - C:\Windows\SysWOW64\qdvd.dll VMR Allocator Presenter 9 - {2D2E24CB-0CD5-458F-86EA-3E6FA22C8E64} - C:\Windows\SysWOW64\quartz.dll VMR ImageSync 9 - {E4979309-7A32-495E-8A92-7B014AAD4961} - C:\Windows\SysWOW64\quartz.dll WaveIn Class Manager - {33D9A762-90C8-11d0-BD43-00A0C911CE86} - C:\Windows\SysWOW64\devenum.dll WaveOut and DSound Class Manager - {e0f158e1-cb04-11d0-bd4e-00a0c911ce86} - C:\Windows\SysWOW64\devenum.dll WebDVD Adminitration class - {FA7C375B-66A7-4280-879D-FD459C84BB02} - C:\Windows\SysWOW64\msvidctl.dll WebDVD Device Segment - {011B3619-FE63-4814-8A84-15A194CE9CE3} - C:\Windows\SysWOW64\msvidctl.dll Windows Mail Address Book - {233A9694-667E-11d1-9DFB-006097D50408} - %ProgramFiles%\Windows Mail\msoe.dll XDS Feature Segment - {0149EEDF-D08F-4142-8D73-D23903D21E90} - C:\Windows\SysWOW64\msvidctl.dll [MSConfig 98/ME] * User Run (3) * BrowserChoice = "C:\Windows\BrowserChoice\browserchoice.exe" /run EAGames Updater = C:\Users\CJC\AppData\Roaming\EAGames\Updater\updateloader.exe Power2GoExpress = "C:\Program Files (x86)\CyberLink\Power2Go\Power2GoExpress.exe" /Startup * System Run (3) * BDRegion = C:\Program Files (x86)\Cyberlink\Shared files\brs.exe RemoteControl10 = "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" SDTray = "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [Stopped/disabled NT Services] * Stopped (112) * @%SystemRoot%\servicing\TrustedInstaller.exe,-100 = C:\windows\servicing\TrustedInstaller.exe @%SystemRoot%\system32\aelupsvc.dll,-1 = C:\windows\system32\svchost.exe -k netsvcs @%SystemRoot%\system32\Alg.exe,-112 = C:\windows\System32\alg.exe @%systemroot%\system32\appidsvc.dll,-100 = C:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted @%systemroot%\system32\appinfo.dll,-100 = C:\windows\system32\svchost.exe -k netsvcs @%SystemRoot%\System32\AUInstallAgent.dll,-101 = C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted @%SystemRoot%\system32\AxInstSV.dll,-103 = C:\windows\system32\svchost.exe -k AxInstSVGroup @%SystemRoot%\system32\bdesvc.dll,-100 = C:\windows\System32\svchost.exe -k netsvcs @%systemroot%\system32\browser.dll,-100 = C:\windows\System32\svchost.exe -k netsvcs @%SystemRoot%\System32\bthserv.dll,-101 = C:\windows\system32\svchost.exe -k LocalService @%SystemRoot%\System32\certprop.dll,-11 = C:\windows\system32\svchost.exe -k netsvcs @%SystemRoot%\System32\certprop.dll,-13 = C:\windows\system32\svchost.exe -k netsvcs @%SystemRoot%\system32\defragsvc.dll,-101 = C:\windows\system32\svchost.exe -k defragsvc @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 = C:\windows\system32\svchost.exe -k netsvcs @%systemroot%\system32\dot3svc.dll,-1102 = C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted @%systemroot%\system32\eapsvc.dll,-1 = C:\windows\System32\svchost.exe -k netsvcs @%SystemRoot%\system32\efssvc.dll,-100 = C:\windows\System32\lsass.exe @%systemroot%\system32\fdPHost.dll,-100 = C:\windows\system32\svchost.exe -k LocalService @%systemroot%\system32\fdrespub.dll,-100 = C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation @%systemroot%\system32\fhsvc.dll,-101 = C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted @%systemroot%\system32\fxsresm.dll,-118 = C:\windows\system32\fxssvc.exe @%SystemRoot%\System32\hidserv.dll,-101 = C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted @%SystemRoot%\system32\ipnathlp.dll,-106 = C:\windows\System32\svchost.exe -k netsvcs @%SystemRoot%\system32\iscsidsc.dll,-5000 = C:\windows\system32\svchost.exe -k netsvcs @%SystemRoot%\system32\kmsvc.dll,-6 = C:\windows\System32\svchost.exe -k netsvcs @%SystemRoot%\System32\ListSvc.dll,-100 = C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted @%SystemRoot%\system32\lltdres.dll,-1 = C:\windows\System32\svchost.exe -k LocalService @%systemroot%\system32\Locator.exe,-2 = C:\windows\system32\locator.exe @%systemroot%\system32\mmcss.dll,-102 = C:\windows\system32\svchost.exe -k LocalService @%SystemRoot%\system32\msimsg.dll,-27 = C:\windows\system32\msiexec.exe /V @%SystemRoot%\system32\ncasvc.dll,-3009 = C:\windows\System32\svchost.exe -k NetSvcs @%SystemRoot%\system32\NcdAutoSetup.dll,-100 = C:\windows\System32\svchost.exe -k LocalServiceNoNetwork @%SystemRoot%\System32\netlogon.dll,-102 = C:\windows\system32\lsass.exe @%SystemRoot%\system32\netman.dll,-109 = C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted @%SystemRoot%\system32\netprofmsvc.dll,-202 = C:\windows\System32\svchost.exe -k LocalService @%SystemRoot%\system32\p2psvc.dll,-8006 = C:\windows\System32\svchost.exe -k LocalServicePeerNet @%systemroot%\system32\pla.dll,-500 = C:\windows\System32\svchost.exe -k LocalServiceNoNetwork @%SystemRoot%\system32\pnrpauto.dll,-8002 = C:\windows\System32\svchost.exe -k LocalServicePeerNet @%SystemRoot%\system32\pnrpsvc.dll,-8000 = C:\windows\System32\svchost.exe -k LocalServicePeerNet @%SystemRoot%\system32\pnrpsvc.dll,-8004 = C:\windows\System32\svchost.exe -k LocalServicePeerNet @%SystemRoot%\System32\polstore.dll,-5010 = C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted @%SystemRoot%\system32\PresentationHost.exe,-3309 = C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe @%SystemRoot%\System32\provsvc.dll,-100 = C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted @%SystemRoot%\system32\qagentrt.dll,-6 = C:\windows\System32\svchost.exe -k NetworkService @%SystemRoot%\system32\qwave.dll,-1 = %windir%\system32\svchost.exe -k LocalServiceAndNoImpersonation @%Systemroot%\system32\rasauto.dll,-200 = C:\windows\System32\svchost.exe -k netsvcs @%Systemroot%\system32\rasmans.dll,-200 = C:\windows\System32\svchost.exe -k netsvcs @%SystemRoot%\system32\sdrsvc.dll,-107 = C:\windows\system32\svchost.exe -k SDRSVC @%SystemRoot%\system32\seclogon.dll,-7001 = %windir%\system32\svchost.exe -k netsvcs @%SystemRoot%\System32\sensrsvc.dll,-1000 = C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation @%SystemRoot%\System32\SessEnv.dll,-1026 = C:\windows\System32\svchost.exe -k netsvcs @%SystemRoot%\system32\snmptrap.exe,-3 = C:\windows\System32\snmptrap.exe @%systemroot%\system32\ssdpsrv.dll,-100 = C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation @%SystemRoot%\system32\sstpsvc.dll,-200 = C:\windows\system32\svchost.exe -k LocalService @%SystemRoot%\System32\StorSvc.dll,-100 = C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted @%SystemRoot%\system32\svsvc.dll,-101 = C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted @%SystemRoot%\System32\swprv.dll,-103 = C:\windows\System32\svchost.exe -k swprv @%SystemRoot%\system32\TabSvc.dll,-100 = C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted @%SystemRoot%\system32\tapisrv.dll,-10100 = C:\windows\System32\svchost.exe -k NetworkService @%SystemRoot%\System32\termsrv.dll,-268 = C:\windows\System32\svchost.exe -k NetworkService @%SystemRoot%\system32\ui0detect.exe,-101 = C:\windows\system32\UI0Detect.exe @%SystemRoot%\system32\umpnpmgr.dll,-100 = C:\windows\system32\svchost.exe -k DcomLaunch @%SystemRoot%\system32\umpnpmgr.dll,-200 = C:\windows\system32\svchost.exe -k DcomLaunch @%SystemRoot%\system32\umrdp.dll,-1000 = C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted @%systemroot%\system32\upnphost.dll,-213 = C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation @%SystemRoot%\system32\vaultsvc.dll,-1003 = C:\windows\system32\lsass.exe @%SystemRoot%\system32\vds.exe,-100 = C:\windows\System32\vds.exe @%systemroot%\system32\vmicres.dll,-101 = C:\windows\system32\svchost.exe -k ICService @%systemroot%\system32\vmicres.dll,-201 = C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted @%systemroot%\system32\vmicres.dll,-301 = C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted @%systemroot%\system32\vmicres.dll,-401 = C:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted @%systemroot%\system32\vmicres.dll,-501 = C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted @%systemroot%\system32\vmicres.dll,-601 = C:\windows\system32\svchost.exe -k ICService @%systemroot%\system32\vssvc.exe,-102 = C:\windows\system32\vssvc.exe @%SystemRoot%\system32\w32time.dll,-200 = C:\windows\system32\svchost.exe -k LocalService @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 = C:\windows\system32\wbem\WmiApSrv.exe @%systemroot%\system32\wbengine.exe,-104 = "C:\windows\system32\wbengine.exe" @%systemroot%\system32\wbiosrvc.dll,-100 = C:\windows\system32\svchost.exe -k WbioSvcGroup @%SystemRoot%\system32\wcncsvc.dll,-3 = C:\windows\System32\svchost.exe -k LocalServiceAndNoImpersonation @%SystemRoot%\system32\WcsPlugInService.dll,-200 = C:\windows\system32\svchost.exe -k wcssvc @%systemroot%\system32\wdi.dll,-500 = C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted @%systemroot%\system32\wdi.dll,-502 = C:\windows\System32\svchost.exe -k LocalService @%systemroot%\system32\webclnt.dll,-100 = C:\windows\system32\svchost.exe -k LocalService @%SystemRoot%\system32\wecsvc.dll,-200 = C:\windows\system32\svchost.exe -k NetworkService @%SystemRoot%\System32\wercplsupport.dll,-101 = C:\windows\System32\svchost.exe -k netsvcs @%SystemRoot%\System32\wersvc.dll,-100 = C:\windows\System32\svchost.exe -k WerSvcGroup @%SystemRoot%\system32\wiarpc.dll,-2 = C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted @%SystemRoot%\system32\wiaservc.dll,-9 = C:\windows\system32\svchost.exe -k imgsvc @%SystemRoot%\system32\winhttp.dll,-100 = C:\windows\system32\svchost.exe -k LocalService @%SystemRoot%\system32\wlidsvc.dll,-100 = C:\windows\system32\svchost.exe -k netsvcs @%SystemRoot%\system32\wpcsvc.dll,-100 = C:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted @%SystemRoot%\system32\wpdbusenum.dll,-100 = C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted @%Systemroot%\system32\wsmsvc.dll,-101 = C:\windows\System32\svchost.exe -k NetworkService @%SystemRoot%\system32\WSService.dll,-103 = C:\windows\System32\svchost.exe -k LocalServiceAndNoImpersonation @%systemroot%\system32\wuaueng.dll,-105 = C:\windows\system32\svchost.exe -k netsvcs @%SystemRoot%\system32\wudfsvc.dll,-1000 = C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted @%SystemRoot%\System32\wwansvc.dll,-257 = C:\windows\system32\svchost.exe -k LocalServiceNoNetwork @%systemroot%\sysWow64\perfhost.exe,-2 = C:\windows\SysWow64\perfhost.exe @%windir%\system32\SystemEventsBrokerServer.dll,-1001 = C:\windows\system32\svchost.exe -k netsvcs @%windir%\system32\TimeBrokerServer.dll,-1001 = C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation @C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll,-1 = C:\windows\system32\svchost.exe -k print @comres.dll,-2797 = C:\windows\System32\msdtc.exe @comres.dll,-2946 = C:\windows\System32\svchost.exe -k NetworkServiceAndNoImpersonation @comres.dll,-947 = C:\windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} @keyiso.dll,-100 = C:\windows\system32\lsass.exe Intel(R) Content Protection HECI Service = C:\windows\SysWow64\IntelCpHeciSvc.exe Microsoft Office Diagnostics Service = "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" Mozilla Maintenance Service = "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" Office Source Engine = "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" TEMPRO Service = "C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe" TMachInfo = "C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe" TPCH Service = "C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe" * Stopped & disabled (4) * @%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201 = C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe @%Systemroot%\system32\mprdim.dll,-200 = C:\windows\System32\svchost.exe -k netsvcs @%SystemRoot%\System32\SCardSvr.dll,-1 = C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation @regsvc.dll,-1 = C:\windows\system32\svchost.exe -k localService [Windows XP Security] * System Restore * - All users SRInitDone = dword: 1 ================================================== = Other users on this computer: Default user = ================================================== -------------------- Autostart folders: [User Startup] desktop.ini MailWasherPro.lnk SplashKillerRunner.lnk ================================================== = Other users on this computer: SYSTEM = ================================================== -------------------- Autostart folders: [User Startup] desktop.ini MailWasherPro.lnk SplashKillerRunner.lnk -------------------------------------------------- End of report, 90,902 bytes Commandline options: /showempty - Show empty sections /showcmts - Show comments in .bat files /noshowclsids - Hide class IDs /noshowprivate - Hide usernames and computer name /noshowusers - Hide entries from other users /noshowhardware - Hide entries from other hardware configurations /showlargehosts - Show hosts file even when more than 1000 lines are in it /showlargezones - Show Zones even when more than 1000 domains are in them /autosave - Run hidden, automatically save a report and quit /autosavepath: - Specify where to save log, when using /autosave. Use surrounding quotes for paths with spaces.