Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I am really screwed and can't figure out what is hacking/attacking


  • Please log in to reply

#1
namron110264

namron110264

    New Member

  • Member
  • Pip
  • 1 posts
I am running a gateway 6518 laptop it has a pentium M I believe and half a GB
of memory and a 60 GB HD. About 3 months ago I got something on or in this
machine that I cannot no matter what directions or antivirus, antispyware, anti
trojan, anti rootkit, anti ??? anything I have been able to conceive of nothing
will seem to work. Gateway sent me new install disks but it did not help. Let
me explain. It seems that a rootkit or possibly a hidden partition which seems
to be some form of exploit, as i have seen notations about Dell in memory, has
eaten some of my harddisk and whatever is in there has also rewritten parts of
the bios, or at least I believe so, because the harddisk believes it is only 57,232 MB large
when it should be 60 GB. So I have done clean installs using 95, 98, NT, 2000,
and XP both Home and PRO to no avail. I even have tried DOS to try to kill this thing
and I have interupted installs along the way to see if I can catch some logs about this.
At least I know kind of what it is doing. What seems to be happening is that there is
some kind of Active Directory server running in the hidden areas and it gets loaded into memory
first or at least that is what the logs have said. I really think that somehow it is loading itself
into the second memory chip slot and fooling the system into thinking it is a second memory
chip. But be that as it may, what this malware does is alot of things, it starts by trying to migrate
the operating system and whatever account you are using by USMT routine which is legitimate but
not the way it is being used to hack on me. I get migrated from xp to NT or 2000 and to a lower
privelige which at the same time also seems to be a good way to kill anti viruses and other such
protection. My XP install becomes eventually either 2000, ME or NT 4.0 it does this by initiating scripts
vb, java, and windows script hosting along with manifests and inf files fed from the
server? It is really weird I consider myself more than somewhat knowledgeable and
am very handy at killing most viruses/spies/trojans/etc. but in all my life I have
never seen this. I have been able to stop it only by blocking all scripting and physically
deleting java classes so it can't run. But there are multiple instances and avenues of
attack and multiple java machines? It seems crazy. It runs ftp server, mail server,
a file server, whatever this is is also keylogging through the accessibility tools called
narrator which is a screenreader for the blind and this thing is reading the screen
then pushing it out to somewhere on the net i have no clue? It also runs a fakey
windows media player and fakey codecs recording all video, audio, and keys and
mice I am at a loss. I have tried to bottle it up, tried antitrojans, antiviruses but
eventually the end result is that the machine ends up a bot after about 2 or 3 days
if left to its own devices and all admin rights and abilities end up being grabbed to a
remote person. Oh, and the reason i didn't post a log of hijack this is because the log
says it is clean also ewido says clean adaware spybot norton mcafee trendmicro, the
only thing that alerts is tauscan and that is when i tell it to use heuristics and then it
goes crazy but i think it is false?? Can anyone help at all? or give some direction???

I am including a System Report from GREATIS Software's RegRun Platinum Here it is:

SpyHolesList Version:1.6
07.10.2006
WinDir=C:\WINDOWS
Startup=C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
Common Startup=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Microsoft Windows XP Service Pack 1 (5.1.2600)
Internet Explorer 6 Service Pack 1 (Windows XP SP1) 6.0.2800.1106
[Internet Explorer]
[Default Home Page] :HKLM Default_Page_URL=""
[Current Home Page] :HKCU Start Page=about:blank
[Current Home Page] :HKCU HOMEOldSP=""
[Search URL Template] :HKLM 1=www.%s.com
[Search URL Template] :HKLM 2=www.%s.org
[Search URL Template] :HKLM 3=www.%s.net
[Search URL Template] :HKLM 4=www.%s.edu
[All Users Search] :HKLM Default_Search_URL=""
[All Users Search] :HKLM Search Page=""
[Current Users Search] :HKCU Search Page=""
[Current Users Search] :HKCU Search Bar=""
[IE Local Blank Page] :HKCU Local Page=C:\WINDOWS\SYSTEM32\blank.htm
[IE Local Blank Page] :HKLM Local Page=%SystemRoot%\system32\blank.htm
[Auto Search URL] :HKCU provider=""
[Auto Search URL] :HKCU "Default Value"=""
[Search Assistant] :HKCU SearchAssistant=""
[Search Assistant] :HKLM SearchAssistant=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
[Search Assistant] :HKCU CustomizeSearch=""
[Search Assistant] :HKLM CustomizeSearch=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
[CustomizeSearch] :HKLM CustomizeSearch=""
[URLSearchHook] :HKCU {CFBFAE00-17A6-11D0-99CB-00C04FD64497}=%SystemRoot%\System32\shdocvw.dll
### Shell Doc Object and Control Library Microsoft Corporation Microsoft® Windows® Operating System 6.00.2800.1106
[Default Prefix] :HKLM "Default Value"=http://
[URL Default Prefixes] :HKLM ftp=ftp://
[URL Default Prefixes] :HKLM gopher=gopher://
[URL Default Prefixes] :HKLM home=http://
[URL Default Prefixes] :HKLM mosaic=http://
[URL Default Prefixes] :HKLM www=http://
[Safe Sites] :HKLM ie.search.msn.com=http://ie.search.msn.com/*
[Safe Sites] :HKLM winweb=%windir%\Web\*
[AboutURLs] :HKLM NavigationFailure=res://shdoclc.dll/navcancl.htm
[AboutURLs] :HKLM DesktopItemNavigationFailure=res://shdoclc.dll/navcancl.htm
[AboutURLs] :HKLM NavigationCanceled=res://shdoclc.dll/navcancl.htm
[AboutURLs] :HKLM OfflineInformation=res://shdoclc.dll/offcancl.htm
[AboutURLs] :HKLM Home=270
[AboutURLs] :HKLM blank=res://mshtml.dll/blank.htm
[AboutURLs] :HKLM PostNotCached=res://mshtml.dll/repost.htm
[AboutURLs] :HKLM mozilla=res://mshtml.dll/about.moz
[User Style Sheet] :HKCU User Stylesheet=""
[User Style Sheet] :HKUS User Stylesheet=""
[User Style Sheet] :HKCU Use My Stylesheet=0
[User Style Sheet] :HKUS Use My Stylesheet=0
[Execute unsigned ActiveX in My Computer Zone] :HKCU 1201=3
[Execute unsigned ActiveX in My Computer Zone] :HKLM 1201=3
[Execute unsigned ActiveX in Local Intranet Zone] :HKCU 1201=3
[Execute unsigned ActiveX in Local Intranet Zone] :HKLM 1201=3
[Execute unsigned ActiveX in Internet Zone] :HKCU 1201=3
[Execute unsigned ActiveX in Internet Zone] :HKLM 1201=3
[Links Toolbar] :HKCU LinksFolderName=Links
[Explorer Bars] :HKLM {4D5C8C25-D075-11d0-B416-00C04FB90376}=%SystemRoot%\System32\shdocvw.dll
### Shell Doc Object and Control Library Microsoft Corporation Microsoft® Windows® Operating System 6.00.2800.1106
[Proxy] :HKCU ProxyServer=""
[Proxy] :HKCU ProxyEnable=0
[Network Settings]
[Hosts File Path] :HKLM DataBasePath=%SystemRoot%\System32\drivers\etc
[Hosts File Contents] :HKLM 127.0.0.1 localhost
[Domain Name] :HKLM Domain=""
[Name Server] {BD5C1904-4BFE-42F7-A1AD-FBD521831A37}=68.9.16.25 68.9.16.30 68.100.16.30
### Network Card:Broadcom 440x 10/100 Integrated Controller DHCPNameServer:68.9.16.25 68.9.16.30 68.100.16.30 DhcpDefaultGateway:68.9.18.1 DhcpServer:172.19.65.19
[WinSock2 Components] :HKLM mswsock.dll=%SystemRoot%\System32\mswsock.dll
### Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[WinSock2 Components] :HKLM winrnr.dll=%SystemRoot%\System32\winrnr.dll
### LDAP RnR Provider DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[WinSock2 Components] :HKLM rsvpsp.dll=%SystemRoot%\system32\rsvpsp.dll
### Microsoft Windows Rsvp 1.0 Service Provider Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Windows Shell]
[Display Scrap's Extensions] :HKLM NeverShowExt=""
[ScreenSaver] :HKCU SCRNSAVE.EXE=%SystemRoot%\System32\logn.scr
[System.ini] shell=Explorer.exe
[Main File Extensions] :HKLM .exe="%1" %*
[Main File Extensions] :HKLM .com="%1" %*
[Main File Extensions] :HKLM .pif="%1" %*
[Main File Extensions] :HKLM .cmd="%1" %*
[Main File Extensions] :HKLM .scr="%1" /S
[Main File Extensions] :HKLM .jpg=rundll32.exe C:\WINDOWS\System32\shimgvw.dll,ImageView_Fullscreen %1
[Main File Extensions] :HKLM .jpeg=rundll32.exe C:\WINDOWS\System32\shimgvw.dll,ImageView_Fullscreen %1
[Shell Execute Hooks] :HKLM {AEB6717E-7E19-11d0-97EE-00C04FD91972}=shell32.dll
### Windows Shell Common Dll Microsoft Corporation Microsoft® Windows® Operating System 6.00.2800.1106
[Shell Execute Hooks] :HKLM {F552DDE6-2090-4bf4-B924-6141E87789A5}=C:\Program Files\Greatis\RegRunSuite\RRShell.dll
### RRShell Module Greatis Software, LLC RRShell Module 1, 0, 1, 2
[Shell Execute Hooks] :HKLM {57B86673-276A-48B2-BAE7-C6DBB3020EB8}=C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll
### ewido anti-spyware guard Anti-Malware Development a.s. ewido anti-spyware 4, 0, 0, 172
[UserInit Value] :HKLM UserInit=C:\WINDOWS\system32\userinit.exe,
[Shell Services DelayLoad] :HKLM PostBootReminder=""
[Shell Services DelayLoad] :HKLM CDBurn=""
[Shell Services DelayLoad] :HKLM WebCheck=""
[Shell Services DelayLoad] :HKLM SysTray=""
[Prevents Display in Control Panel from running.] :HKCU NoDispCpl=0
[Disable Registry Tools ] :HKCU DisableRegistryTools =0
[Kernel Auto Boot]
[ActiveSetup] >{22d6f312-b0f6-11d0-94ab-0080c74c7e95}=C:\WINDOWS\
[ActiveSetup] {22d6f312-b0f6-11d0-94ab-0080c74c7e95}=rundll32.exe
### Run a DLL as an App Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[ActiveSetup] {306D6C21-C1B6-4629-986C-E59E1875B8AF}="C:\WINDOWS\System32\rundll32.exe"
### Run a DLL as an App Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Bootexecute] :HKLM BootExecute=autocheck autochk *
[KnownDLLs] :HKLM advapi32=advapi32.dll
[KnownDLLs] :HKLM comdlg32=comdlg32.dll
[KnownDLLs] :HKLM DllDirectory=%SystemRoot%\system32
[KnownDLLs] :HKLM gdi32=gdi32.dll
[KnownDLLs] :HKLM imagehlp=imagehlp.dll
[KnownDLLs] :HKLM kernel32=kernel32.dll
[KnownDLLs] :HKLM lz32=lz32.dll
[KnownDLLs] :HKLM ole32=ole32.dll
[KnownDLLs] :HKLM oleaut32=oleaut32.dll
[KnownDLLs] :HKLM olecli32=olecli32.dll
[KnownDLLs] :HKLM olecnv32=olecnv32.dll
[KnownDLLs] :HKLM olesvr32=olesvr32.dll
[KnownDLLs] :HKLM olethk32=olethk32.dll
[KnownDLLs] :HKLM rpcrt4=rpcrt4.dll
[KnownDLLs] :HKLM shell32=shell32.dll
[KnownDLLs] :HKLM url=url.dll
[KnownDLLs] :HKLM urlmon=urlmon.dll
[KnownDLLs] :HKLM user32=user32.dll
[KnownDLLs] :HKLM version=version.dll
[KnownDLLs] :HKLM wininet=wininet.dll
[KnownDLLs] :HKLM wldap32=wldap32.dll
[Environment - Path ] :HKLM Path=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
[List of Injected DLLs] :HKLM AppInit_DLLs=""
[Auto Services] Dhcp
### Internal Name: Dhcp. Status: service running. Actual File: C:\WINDOWS\System32\svchost.exe -k netsvcs * Manages network configuration by registering and updating IP addresses and DNS names.
[Auto Services] Dnscache
### Internal Name: Dnscache. Status: service running. Actual File: C:\WINDOWS\System32\svchost.exe -k NetworkService * Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start.
[Auto Services] LmHosts
### Internal Name: LmHosts. Status: service stopped. Actual File: C:\WINDOWS\System32\svchost.exe -k LocalService * Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution.
[Auto Services] PlugPlay
### Internal Name: PlugPlay. Status: service running. Actual File: C:\WINDOWS\system32\services.exe * Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability.
[Auto Services] PolicyAgent
### Internal Name: PolicyAgent. Status: service running. Actual File: C:\WINDOWS\System32\lsass.exe * Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver.
[Auto Services] ProtectedStorage
### Internal Name: ProtectedStorage. Status: service running. Actual File: C:\WINDOWS\system32\lsass.exe * Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users.
[Auto Services] RpcSs
### Internal Name: RpcSs. Status: service running. Actual File: C:\WINDOWS\system32\svchost -k rpcss * Provides the endpoint mapper and other miscellaneous RPC services.
[Auto Services] SamSs
### Internal Name: SamSs. Status: service running. Actual File: C:\WINDOWS\system32\lsass.exe * Stores security information for local user accounts.
[Auto Services] srservice
### Internal Name: srservice. Status: service running. Actual File: C:\WINDOWS\System32\svchost.exe -k netsvcs * Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties
[Auto Services] ewido anti-spyware 4.0 guard
### Internal Name: ewido anti-spyware 4.0 guard. Status: service stopped. Actual File: C:\Program Files\ewido anti-spyware 4.0\guard.exe *
[Drivers] ntoskrnl.exe=C:\WINDOWS\SYSTEM32\NTOSKRNL.EXE
### NT Kernel & System Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] hal.dll=C:\WINDOWS\SYSTEM32\HAL.DLL
### Hardware Abstraction Layer DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] KDCOM.DLL=C:\WINDOWS\SYSTEM32\KDCOM.DLL
### Kernel Debugger HW Extension DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] BOOTVID.dll=C:\WINDOWS\SYSTEM32\BOOTVID.DLL
### VGA Boot Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] pci.sys=C:\WINDOWS\System32\DRIVERS\pci.sys
### NT Plug and Play PCI Enumerator Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] isapnp.sys=C:\WINDOWS\System32\DRIVERS\isapnp.sys
### PNP ISA Bus Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] ohci1394.sys=C:\WINDOWS\System32\DRIVERS\ohci1394.sys
### 1394 OpenHCI Port Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] WMILIB.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\WMILIB.SYS
### WMILIB WMI support library Dll Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] 1394BUS.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\1394BUS.SYS
### 1394 Bus Device Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] PCIIde.sys=C:\WINDOWS\System32\DRIVERS\PCIIde.sys
### Generic PCI IDE Bus Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] PCIIDEX.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\PCIIDEX.SYS
### PCI IDE Bus Driver Extension Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] intelide.sys=C:\WINDOWS\System32\DRIVERS\intelide.sys
### Intel PCI IDE Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] pcmcia.sys=C:\WINDOWS\System32\DRIVERS\pcmcia.sys
### PCMCIA Bus Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] MountMgr.sys=C:\WINDOWS\System32\DRIVERS\MountMgr.sys
### Mount Manager Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] ftdisk.sys=C:\WINDOWS\System32\DRIVERS\ftdisk.sys
### FT Disk Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] dmload.sys=C:\WINDOWS\System32\DRIVERS\dmload.sys
### NT Disk Manager Startup Driver Microsoft Corp., Veritas Software. Logical Disk Manager for Windows NT 1.0
[Drivers] dmio.sys=C:\WINDOWS\System32\DRIVERS\dmio.sys
### NT Disk Manager I/O Driver Microsoft Corp., Veritas Software VERITAS® NT Disk Manager 1.0
[Drivers] PartMgr.sys=C:\WINDOWS\System32\DRIVERS\PartMgr.sys
### Partition Manager Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] VolSnap.sys=C:\WINDOWS\System32\DRIVERS\VolSnap.sys
### Volume Shadow Copy Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] atapi.sys=C:\WINDOWS\System32\DRIVERS\atapi.sys
### IDE/ATAPI Port Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] disk.sys=C:\WINDOWS\System32\DRIVERS\disk.sys
### PnP Disk Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] CLASSPNP.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\CLASSPNP.SYS
### SCSI Class System Dll Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] sr.sys=C:\WINDOWS\System32\DRIVERS\sr.sys
### System Restore Filesystem Filter Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] KSecDD.sys=C:\WINDOWS\System32\DRIVERS\KSecDD.sys
### Kernel Security Support Provider Interface Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] Ntfs.sys=C:\WINDOWS\System32\DRIVERS\Ntfs.sys
### NT File System Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] NDIS.sys=C:\WINDOWS\System32\DRIVERS\NDIS.sys
### NDIS 5.1 wrapper driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] Mup.sys=C:\WINDOWS\System32\DRIVERS\Mup.sys
### Multiple UNC Provider driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] audstub.sys=C:\WINDOWS\SYSTEM32\DRIVERS\AUDSTUB.SYS
### AudStub Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] psched.sys=C:\WINDOWS\SYSTEM32\DRIVERS\PSCHED.SYS
### MS QoS Packet Scheduler Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] msgpc.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MSGPC.SYS
### MS General Packet Classifier Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] TDI.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\TDI.SYS
### TDI Wrapper Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] usbuhci.sys=C:\WINDOWS\SYSTEM32\DRIVERS\USBUHCI.SYS
### UHCI USB Miniport Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] USBPORT.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\USBPORT.SYS
### USB 1.1 & 2.0 Port Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] usbehci.sys=C:\WINDOWS\SYSTEM32\DRIVERS\USBEHCI.SYS
### EHCI eUSB Miniport Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] bcm4sbxp.sys=C:\WINDOWS\SYSTEM32\DRIVERS\BCM4SBXP.SYS
### Broadcom Corporation NDIS 5.1 ethernet driver Broadcom Corporation Broadcom 440x 10/100 Integrated Controller 4.27.0.0
[Drivers] imapi.sys=C:\WINDOWS\SYSTEM32\DRIVERS\IMAPI.SYS
### IMAPI Kernel Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] cdrom.sys=C:\WINDOWS\SYSTEM32\DRIVERS\CDROM.SYS
### SCSI CD-ROM Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] redbook.sys=C:\WINDOWS\SYSTEM32\DRIVERS\REDBOOK.SYS
### Redbook Audio Filter Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] ks.sys=C:\WINDOWS\SYSTEM32\DRIVERS\KS.SYS
### Kernel CSA Library Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] rdpdr.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RDPDR.SYS
### Microsoft RDP Device redirector Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] termdd.sys=C:\WINDOWS\SYSTEM32\DRIVERS\TERMDD.SYS
### Terminal Server Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] kbdclass.sys=C:\WINDOWS\SYSTEM32\DRIVERS\KBDCLASS.SYS
### Keyboard Class Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] mouclass.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MOUCLASS.SYS
### Mouse Class Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] swenum.sys=C:\WINDOWS\SYSTEM32\DRIVERS\SWENUM.SYS
### Plug and Play Software Device Enumerator Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] update.sys=C:\WINDOWS\SYSTEM32\DRIVERS\UPDATE.SYS
### Update Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] i8042prt.sys=C:\WINDOWS\SYSTEM32\DRIVERS\I8042PRT.SYS
### i8042 Port Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] parport.sys=C:\WINDOWS\SYSTEM32\DRIVERS\PARPORT.SYS
### Parallel Port Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] usbhub.sys=C:\WINDOWS\SYSTEM32\DRIVERS\USBHUB.SYS
### Default Hub Driver for USB Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] USBD.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\USBD.SYS
### Universal Serial Bus Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] Fs_Rec.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\FS_REC.SYS
### File System Recognizer Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] Null.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\NULL.SYS
### NULL Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] Beep.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\BEEP.SYS
### BEEP Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] vga.sys=C:\WINDOWS\SYSTEM32\DRIVERS\VGA.SYS
### VGA/Super VGA Video Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] VIDEOPRT.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\VIDEOPRT.SYS
### Video Port Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] mnmdd.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\MNMDD.SYS
### Frame buffer simulator Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] RDPCDD.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RDPCDD.SYS
### RDP Miniport Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] Msfs.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\MSFS.SYS
### Mailslot driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] Npfs.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\NPFS.SYS
### NPFS Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] rasacd.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RASACD.SYS
### RAS Automatic Connection Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] ipsec.sys=C:\WINDOWS\SYSTEM32\DRIVERS\IPSEC.SYS
### IPSec Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] tcpip.sys=C:\WINDOWS\SYSTEM32\DRIVERS\TCPIP.SYS
### TCP/IP Protocol Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] netbt.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NETBT.SYS
### MBT Transport driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] netbios.sys=C:\WINDOWS\SYSTEM32\DRIVERS\NETBIOS.SYS
### NetBIOS interface driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] rdbss.sys=C:\WINDOWS\SYSTEM32\DRIVERS\RDBSS.SYS
### Redirected Drive Buffering SubSystem Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] mrxsmb.sys=C:\WINDOWS\SYSTEM32\DRIVERS\MRXSMB.SYS
### Windows NT SMB Minirdr Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] Fips.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\FIPS.SYS
### FIPS Crypto Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] Cdfs.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\CDFS.SYS
### CD-ROM File System Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] atapi.sys=C:\WINDOWS\SYSTEM32\DRIVERS\DUMP_ATAPI.SYS
[Drivers] WMILIB.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\DUMP_WMILIB.SYS
[Drivers] win32k.sys=C:\WINDOWS\SYSTEM32\WIN32K.SYS
### Multi-User Win32 Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] watchdog.sys=C:\WINDOWS\SYSTEM32\WATCHDOG.SYS
### Watchdog Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] Dxapi.sys=C:\WINDOWS\SYSTEM32\DRIVERS\DXAPI.SYS
### DirectX API Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] dxg.sys=C:\WINDOWS\SYSTEM32\DRIVERS\DXG.SYS
### DirectX Graphics Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] dxgthk.sys=C:\WINDOWS\SYSTEM32\DRIVERS\DXGTHK.SYS
### DirectX Graphics Driver Thunk Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] framebuf.dll=C:\WINDOWS\SYSTEM32\FRAMEBUF.DLL
### Framebuffer Display Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] afd.sys=C:\WINDOWS\SYSTEM32\DRIVERS\AFD.SYS
### Ancillary Function Driver for WinSock Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Drivers] ParVdm.SYS=C:\WINDOWS\SYSTEM32\DRIVERS\PARVDM.SYS
### VDM Parallel Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Drivers] regguard.sys=C:\WINDOWS\SYSTEM32\DRIVERS\REGGUARD.SYS
### Registry Guard - registry keys protection driver for Windows NT/2000/XP/2003/Vista Greatis Software RegRun Security Suite 4.60
[Drivers] vsdatant.sys=C:\WINDOWS\SYSTEM32\VSDATANT.SYS
### TrueVector Device Driver Zone Labs, LLC TrueVector Device Driver 6.5.722.000
[Drivers] guard.sys=C:\PROGRAM FILES\EWIDO ANTI-SPYWARE 4.0\GUARD.SYS
[Drivers] ntdll.dll=C:\WINDOWS\SYSTEM32\NTDLL.DLL
### NT Layer DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Auto Start Apps]
[Registry Run] :HKCU Regrun2=C:\PROGRA~1\Greatis\REGRUN~1\WatchDog.exe
### WatchDog Greatis Software RegRun Security Suite 4.0
[Registry Run] :HKCU Registry="C:\Program Files\Greatis\RegRunSuite\lsoon.exe" -1 30 "C:\Program Files\Greatis\RegRunSuite\rescue.exe" /a "c:\backreg\rstore.ini"
### Launch application with delay Greatis Software RegRun Security Suite 3.1
[Registry Run] :HKLM Zone Labs Client="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
### Zone Labs Client Zone Labs, LLC Zone Labs Client 6.5.722.000
[Registry Run] :HKLM RegRun WinBait=C:\WINDOWS\winbait.exe
[Registry Run] :HKLM @RegRunOnSecure=C:\PROGRA~1\Greatis\REGRUN~1\OnSecure.exe
### Secure Start Support Application Greatis Software RegRun Security Suite 3.4
[Registry RunOnceEx] :HKLM @Regrun2=C:\PROGRA~1\Greatis\REGRUN~1\regrun2.exe /w
### 1=C:\PROGRA~1\Greatis\REGRUN~1\regrun2.exe /w
[Win.ini] load=""
[Win.ini] run=""
[In memory]
[Running Processes] C:\WINDOWS\SYSTEM32\SMSS.EXE
### Windows NT Session Manager Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Running Processes] C:\WINDOWS\SYSTEM32\WINLOGON.EXE
### Windows NT Logon Application Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Running Processes] C:\WINDOWS\SYSTEM32\SERVICES.EXE
### Services and Controller app Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Running Processes] C:\WINDOWS\SYSTEM32\LSASS.EXE
### LSA Shell (Export Version) Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Running Processes] C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Generic Host Process for Win32 Services Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Running Processes] C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Generic Host Process for Win32 Services Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Running Processes] C:\WINDOWS\SYSTEM32\SVCHOST.EXE
### Generic Host Process for Win32 Services Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Running Processes] C:\WINDOWS\EXPLORER.EXE
### Windows Explorer Microsoft Corporation Microsoft® Windows® Operating System 6.00.2800.1106
[Running Processes] C:\PROGRAM FILES\ZONE LABS\ZONEALARM\ZLCLIENT.EXE
### Zone Labs Client Zone Labs, LLC Zone Labs Client 6.5.722.000
[Running Processes] C:\PROGRA~1\GREATIS\REGRUN~1\WATCHDOG.EXE
### WatchDog Greatis Software RegRun Security Suite 4.0
[Running Processes] C:\WINDOWS\SYSTEM32\ZONELABS\VSMON.EXE
### TrueVector Service Zone Labs, LLC TrueVector Service 6.5.722.000
[Running Processes] C:\PROGRAM FILES\EWIDO ANTI-SPYWARE 4.0\EWIDO.EXE
### ewido anti-spyware Anti-Malware Development a.s. ewido anti-spyware 4, 0, 0, 172
[Running Processes] C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
### Firefox Mozilla Corporation Firefox 1.5.0.7
[Running Processes] C:\PROGRA~1\GREATIS\REGRUN~1\REGRUN2.EXE
### RegRun Start Control Greatis Software RegRun Security Suite 4.6
[Loaded DLLs] C:\WINDOWS\System32\mstask.dll
### Task Scheduler interface DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\RICHED20.dll
### Rich Text Edit Control, v3.0 Microsoft Corporation Microsoft RichEdit Control, version 3.0 3.0
[Loaded DLLs] C:\WINDOWS\System32\RICHED32.DLL
### Wrapper Dll for Richedit 1.0 Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\Program Files\ewido anti-spyware 4.0\shellexecutehook.dll
### ewido anti-spyware guard Anti-Malware Development a.s. ewido anti-spyware 4, 0, 0, 172
[Loaded DLLs] C:\Program Files\Greatis\RegRunSuite\RRShell.dll
### RRShell Module Greatis Software, LLC RRShell Module 1, 0, 1, 2
[Loaded DLLs] C:\WINDOWS\System32\olepro32.dll
### Microsoft ® OLE Property Support DLL Microsoft Corporation Microsoft OLE 3.50 for Windows NT™ and Windows 95™ Operating Systems 3.50
[Loaded DLLs] C:\WINDOWS\System32\shfolder.dll
### Shell Folder Service Microsoft Corporation Microsoft® Windows® Operating System 6.00.2800.1106
[Loaded DLLs] C:\WINDOWS\System32\MSCTF.dll
### MSCTF Server DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\msimtf.dll
### Active IMM Server DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\Program Files\Mozilla Firefox\components\jar50.dll
### Mozilla Foundation Firefox 1.8.0.7: 2006090918
[Loaded DLLs] C:\Program Files\Mozilla Firefox\xpcom_compat.dll
### Mozilla Foundation Firefox 1.8.0.7: 2006090918
[Loaded DLLs] C:\Program Files\Mozilla Firefox\ssl3.dll
### NSS SSL Library Netscape Communications Corporation Network Security Services 3.10.2
[Loaded DLLs] C:\Program Files\Mozilla Firefox\softokn3.dll
### NSS PKCS #11 Library Netscape Communications Corporation Network Security Services 3.10.2
[Loaded DLLs] C:\Program Files\Mozilla Firefox\nss3.dll
### NSS Base Library Netscape Communications Corporation Network Security Services 3.10.2
[Loaded DLLs] C:\Program Files\Mozilla Firefox\smime3.dll
### NSS S/MIME Library Netscape Communications Corporation Network Security Services 3.10.2
[Loaded DLLs] C:\Program Files\Mozilla Firefox\plds4.dll
### PLDS Library Netscape Communications Corporation Netscape Portable Runtime 4.6.1
[Loaded DLLs] C:\Program Files\Mozilla Firefox\plc4.dll
### PLC Library Netscape Communications Corporation Netscape Portable Runtime 4.6.1
[Loaded DLLs] C:\Program Files\Mozilla Firefox\xpcom_core.dll
### Mozilla Foundation Firefox 1.8.0.7: 2006090918
[Loaded DLLs] C:\Program Files\Mozilla Firefox\nspr4.dll
### NSPR Library Netscape Communications Corporation Netscape Portable Runtime 4.6.1
[Loaded DLLs] C:\Program Files\Mozilla Firefox\js3250.dll
### Netscape 32-bit JavaScript Module Netscape Communications Corporation NETSCAPE 4.0
[Loaded DLLs] C:\WINDOWS\System32\IMM32.DLL
### Windows XP IMM32 API Client DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\jscript.dll
### Microsoft ® JScript Microsoft Corporation Microsoft ® JScript 5.6.0.6626
[Loaded DLLs] C:\WINDOWS\System32\mlang.dll
### Multi Language Support DLL Microsoft Corporation Microsoft® Windows® Operating System 6.00.2600.0000
[Loaded DLLs] C:\WINDOWS\System32\shdoclc.dll
### Shell Doc Object and Control Library Microsoft Corporation Microsoft® Windows® Operating System 6.00.2600.0000
[Loaded DLLs] C:\WINDOWS\System32\itss.dll
### Microsoft® InfoTech Storage System Library Microsoft Corporation Microsoft® Windows® Operating System 5.2.3644.0
[Loaded DLLs] C:\WINDOWS\System32\hhctrl.ocx
### Microsoft® HTML Help Control Microsoft Corporation HTML Help 5.2.3664.0
[Loaded DLLs] C:\Program Files\ewido anti-spyware 4.0\engine.dll
### scan engine Anti-Malware Development a.s. ewido anti-spyware 4, 0, 0, 172
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\qrsrecl.dll
### qrsreclient Zone Labs, LLC qrsreclient 5, 0, 83, 0
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\vsavpro.dll
### TrueVector Service Zone Labs, LLC TrueVector Service 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\zlparser.dll
### Zone Labs ZLPARSER.DLL Zone Labs, LLC Zone Labs ZLPARSER.DLL 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\LIBEAY32_0.9.6l.dll
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\streamapi\httpblocker\httpblocker.dll
### HttpBlocker plug-in Zone Labs, LLC HttpBlocker plug-in 6.5.734.000
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\zlupdate.dll
### ZLUpdate feature plug-in Zone Labs, LLC ZLUpdate feature plug-in 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\srescan.dll
### srescan Zone Labs, LLC srescanner 5, 0, 83, 0
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\zlsre.dll
### zlsre Zone Labs, LLC zlsre 6.5.734.000
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\qrbase.dll
### qrbase Zone Labs, LLC qrbase 5, 0, 83, 0
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\zlquarantine.dll
### zlquarantine Zone Labs, LLC zlquarantine 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\vsvault.dll
### TrueVector Service Zone Labs, LLC TrueVector Service 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\VSRULEDB.DLL
### TrueVector Service Zone Labs, LLC TrueVector Service 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\vsdb.dll
### TrueVector Service Zone Labs, LLC TrueVector Service 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\fbl.dll
### Feature based licensing library Zone Labs, LLC Feature based licensing library 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\ssleay32.dll
### TrueVector Service Zone Labs, LLC TrueVector Service 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\vsmondll.dll
### TrueVector Service Zone Labs, LLC TrueVector Service 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\plugins\rpc_server\rpc_server.dll
### RPC Server plug-in Zone Labs, LLC RPC Server plug-in 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\plugins\vsmon_plugin\vsmon_plugin.dll
### vsmon plug-in Zone Labs, LLC vsmon plug-in 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\lib\pyd\_socket.pyd
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\lib\pyd\pyexpat.pyd
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\lib\pyd\pyvsinit.pyd
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\lib\pyd\signedDll.pyd
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\zpy.dll
### Python Core Python Software Foundation Python 2.4.2
[Loaded DLLs] C:\PROGRA~1\Greatis\REGRUN~1\regguardl.dll
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\zlparser.dll
### Zone Labs ZLPARSER.DLL Zone Labs, LLC Zone Labs ZLPARSER.DLL 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\camupd.dll
### camupd feature plug-in Zone Labs, LLC camupd feature plug-in 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\msxml3.dll
### MSXML 3.0 SP 3 Microsoft Corporation Microsoft® MSXML 3.0 SP 3 8.30.9926.0
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\zlsre.dll
### zlsre Zone Labs, LLC zlsre 6.5.734.000
[Loaded DLLs] C:\Program Files\Zone Labs\ZoneAlarm\security.zap
### Overview Plugin Module Zone Labs, LLC Overview Plugin Module 6.5.722.000
[Loaded DLLs] C:\Program Files\Zone Labs\ZoneAlarm\scan.zap
### Scan Plugin Module Zone Labs, LLC Scan Plugin Module 6.5.722.000
[Loaded DLLs] C:\Program Files\Zone Labs\ZoneAlarm\programs.zap
### Programs Plugin Module Zone Labs, LLC Programs Plugin Module 6.5.722.000
[Loaded DLLs] C:\Program Files\Zone Labs\ZoneAlarm\privacy.zap
### Privacy Plugin Module Zone Labs, LLC Privacy Plugin Module 6.5.722.000
[Loaded DLLs] C:\Program Files\Zone Labs\ZoneAlarm\idlock.zap
### ZoneAlarmPro Zone Labs, LLC ZoneAlarmPro 6.5.722.000
[Loaded DLLs] C:\Program Files\Zone Labs\ZoneAlarm\firewall.zap
### Firewall Plugin Module Zone Labs, LLC Firewall Plugin Module 6.5.722.000
[Loaded DLLs] C:\Program Files\Zone Labs\ZoneAlarm\filter.zap
### Filter Plugin Module Zone Labs, LLC Filter Plugin Module 6.5.722.000
[Loaded DLLs] C:\Program Files\Zone Labs\ZoneAlarm\email.zap
### Email Plugin Module Zone Labs, LLC Email Plugin Module 6.5.722.000
[Loaded DLLs] C:\Program Files\Zone Labs\ZoneAlarm\cam.zap
### Anti-Virus Monitoring Module Zone Labs, LLC Anti-Virus Monitoring Module 6.5.722.000
[Loaded DLLs] C:\Program Files\Zone Labs\ZoneAlarm\alert.zap
### Alerts Plugin Module Zone Labs, LLC Alerts Plugin Module 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\scheduler.dll
### scheduler feature plug-in Zone Labs, LLC scheduler feature plug-in 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\ZLCommDB.dll
### ZLCommDB Zone Labs, LLC ZLCommDB 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\zlcomm.dll
### ZLComm Zone Labs, LLC ZLComm 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\vsmonapi.dll
### TrueVector Client Interface Zone Labs, LLC TrueVector Client Interface 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\vsxml.dll
### TrueVector Service Zone Labs, LLC TrueVector Service 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\vsdata.dll
### TrueVector Service DLL Zone Labs, LLC TrueVector Service DLL 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\fbl.dll
### Feature based licensing library Zone Labs, LLC Feature based licensing library 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\ZoneLabs\dbghelp.dll
### Windows Image Helper Microsoft Corporation Debugging Tools for Windows® 6.2.0013.1
[Loaded DLLs] C:\Program Files\Zone Labs\ZoneAlarm\framewrk.dll
### ZoneAlarm Framework Module Zone Labs, LLC ZoneAlarm Framework Module 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\VSPUBAPI.dll
### TrueVector Service Zone Labs, LLC TrueVector Service 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\VSINIT.dll
### TrueVector Service Zone Labs, LLC TrueVector Service 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\WSOCK32.dll
### Windows Socket 32-Bit DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\System32\VSUTIL.dll
### TrueVector Service Zone Labs, LLC TrueVector Service 6.5.722.000
[Loaded DLLs] C:\WINDOWS\System32\DUSER.dll
### Windows DirectUser Engine Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\browselc.dll
### Shell Browser UI Library Microsoft Corporation Microsoft® Windows® Operating System 6.00.2800.1106
[Loaded DLLs] C:\WINDOWS\System32\davclnt.dll
### Web DAV Client DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\System32\NETRAP.dll
### Net Remote Admin Protocol DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\System32\NETUI1.dll
### NT LM UI Common Code - Networking classes Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\System32\NETUI0.dll
### NT LM UI Common Code - GUI Classes Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\System32\ntlanman.dll
### Microsoft® Lan Manager Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\drprov.dll
### Microsoft Terminal Server Network Provider Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\System32\LINKINFO.dll
### Windows Volume Tracking Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\system32\urlmon.dll
### OLE32 Extensions for Win32 Microsoft Corporation Microsoft® Windows® Operating System 6.00.2800.1106
[Loaded DLLs] C:\WINDOWS\System32\ntshrui.dll
### Shell extensions for sharing Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\MSIMG32.dll
### GDIEXT Client DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\themeui.dll
### Windows Theme API Microsoft Corporation Microsoft® Windows® Operating System 6.00.2800.1106
[Loaded DLLs] C:\WINDOWS\System32\CSCDLL.dll
### Offline Network Agent Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\System32\cscui.dll
### Client Side Caching UI Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\appHelp.dll
### Application Compatibility Client Library Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\SHDOCVW.dll
### Shell Doc Object and Control Library Microsoft Corporation Microsoft® Windows® Operating System 6.00.2800.1106
[Loaded DLLs] C:\WINDOWS\System32\BROWSEUI.dll
### Shell Browser UI Library Microsoft Corporation Microsoft® Windows® Operating System 6.00.2800.1106
[Loaded DLLs] c:\windows\system32\dnsrslvr.dll
### DNS Caching Resolver Service Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\System32\CLUSAPI.dll
### Cluster API Library Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\netcfgx.dll
### Network Configuration Objects Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\wbem\wbemcomn.dll
### WMI Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\wbem\wbemprox.dll
### WMI Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\hnetcfg.dll
### Home Networking Configuration Manager Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\credui.dll
### Credential Manager User Interface Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\NETSHELL.dll
### Network Connections Shell Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\WININET.dll
### Internet Extensions for Win32 Microsoft Corporation Microsoft® Windows® Operating System 6.00.2800.1106
[Loaded DLLs] c:\windows\system32\ESENT.dll
### Server Database Storage Engine Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] c:\windows\system32\WMI.dll
### WMI DC and DP functionality Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] c:\windows\system32\WZCSvc.DLL
### Wireless Zero Configuration Service Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] c:\windows\system32\TAPI32.dll
### Microsoft® Windows™ Telephony API Client DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] c:\windows\system32\rasman.dll
### Remote Access Connection Manager Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] c:\windows\system32\RASAPI32.dll
### Remote Access API Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] c:\windows\system32\netman.dll
### Network Connections Manager Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\winspool.drv
### Windows Spooler Driver Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] c:\windows\system32\POWRPROF.dll
### Power Profile Helper DLL Microsoft Corporation Microsoft® Windows® Operating System 6.00.2600.0000
[Loaded DLLs] c:\windows\system32\srsvc.dll
### System Restore Service Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] c:\windows\system32\dhcpcsvc.dll
### DHCP Client Service Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\COMRes.dll
### Microsoft Corporation COM Services 03.00.00.4414
[Loaded DLLs] C:\WINDOWS\system32\CLBCATQ.DLL
### Microsoft Corporation COM Services 03.00.00.4414
[Loaded DLLs] C:\WINDOWS\system32\rasadhlp.dll
### Remote Access AutoDial Helper Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\System32\winrnr.dll
### LDAP RnR Provider DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] c:\windows\system32\rpcss.dll
### Distributed COM Services Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\dssenh.dll
### Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1029
[Loaded DLLs] C:\WINDOWS\System32\wshtcpip.dll
### Windows Sockets Helper DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\system32\psbase.dll
### Protected Storage default provider Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\mswsock.dll
### Microsoft Windows Sockets 2.0 Service Provider Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\system32\pstorsvc.dll
### Protected storage server Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\system32\WINIPSEC.DLL
### Windows IPSec SPD Client DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\system32\oakley.DLL
### Oakley Key Manager Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\ipsecsvc.dll
### Windows IPSec SPD Server DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\scecli.dll
### Windows Security Configuration Editor Client Engine Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\wdigest.dll
### Microsoft Digest Access Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\system32\schannel.dll
### TLS / SSL Security Provider Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\iphlpapi.dll
### IP Helper API Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.2
[Loaded DLLs] C:\WINDOWS\system32\MSVCP60.dll
### Microsoft ® C++ Runtime Library Microsoft Corporation Microsoft ® Visual C++ 6.00.8972.0
[Loaded DLLs] C:\WINDOWS\system32\w32time.dll
### Windows Time Service Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\netlogon.dll
### Net Logon Services DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\msv1_0.dll
### Microsoft Authentication Package v1.0 Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\kerberos.dll
### Kerberos Security Package Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\msprivs.dll
### Microsoft Privilege Translations Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\system32\NTDSAPI.dll
### NT5DS Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\system32\DNSAPI.dll
### DNS Client API DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\cryptdll.dll
### Cryptography Manager Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\system32\SAMSRV.dll
### SAM Server DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\system32\LSASRV.dll
### LSA Server DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\NCObjAPI.DLL
### Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\umpnpmgr.dll
### User-mode Plug-and-Play Service Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\SCESRV.dll
### Windows Security Configuration Editor Engine Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\UxTheme.dll
### Microsoft UxTheme Library Microsoft Corporation Microsoft® Windows® Operating System 6.00.2800.1106
[Loaded DLLs] C:\WINDOWS\System32\NTMARTA.DLL
### Windows NT MARTA provider Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\MPR.dll
### Multiple Provider Router DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\System32\rtutils.dll
### Routing Utilities Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\system32\OLEAUT32.dll
### Microsoft OLE 3.50 for Windows NT™ and Windows 95™ Operating Systems Microsoft Corporation Microsoft OLE 3.50 for Windows NT™ and Windows 95™ Operating Systems 3.50.5016.0
[Loaded DLLs] C:\WINDOWS\System32\ATL.DLL
### ATL Module for Windows NT (Unicode) Microsoft Corporation Microsoft ® Visual C++ 6.00.9435
[Loaded DLLs] C:\WINDOWS\System32\adsldpc.dll
### ADs LDAP Provider C DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\ACTIVEDS.dll
### ADs Router Layer DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\System32\MPRAPI.dll
### Windows NT MP Router Administration DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\System32\SAMLIB.dll
### SAM Library DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\wldap32.dll
### Win32 LDAP API DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\sxs.dll
### Fusion 2.5 Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\rsaenh.dll
### Microsoft Base Cryptographic Provider Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1029
[Loaded DLLs] C:\WINDOWS\System32\WINMM.dll
### MCI API DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\WTSAPI32.dll
### Windows Terminal Server SDK APIs Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\WINSCARD.DLL
### Microsoft Smart Card API Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\system32\IMAGEHLP.dll
### Windows NT Image Helper Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\ole32.dll
### Microsoft OLE for Windows Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\System32\WINTRUST.dll
### Microsoft Trust Verification APIs Microsoft Corporation Microsoft® Windows® Operating System 5.131.2600.0
[Loaded DLLs] C:\WINDOWS\System32\sfc_os.dll
### Windows File Protection Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\sfc.dll
### Windows File Protection Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\System32\SHSVCS.dll
### Windows Shell Services Dll Microsoft Corporation Microsoft® Windows® Operating System 6.00.2800.1106
[Loaded DLLs] C:\WINDOWS\System32\odbcint.dll
### Microsoft Data Access - ODBC Resources Microsoft Corporation Microsoft Open Database Connectivity 3.520.7713.0
[Loaded DLLs] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.10.0_x-ww_f7fb5805\comctl32.dll
### User Experience Controls Library Microsoft Corporation Microsoft® Windows® Operating System 6.00.2800.1106
[Loaded DLLs] C:\WINDOWS\system32\comdlg32.dll
### Common Dialogs DLL Microsoft Corporation Microsoft® Windows® Operating System 6.00.2800.1106
[Loaded DLLs] C:\WINDOWS\System32\ODBC32.dll
### Microsoft Data Access - ODBC Driver Manager Microsoft Corporation Microsoft Open Database Connectivity 3.520.9030.0
[Loaded DLLs] C:\WINDOWS\system32\COMCTL32.dll
### Common Controls Library Microsoft Corporation Microsoft® Windows® Operating System 6.00.2800.1106
[Loaded DLLs] C:\WINDOWS\system32\SHLWAPI.dll
### Shell Light-weight Utility Library Microsoft Corporation Microsoft® Windows® Operating System 6.00.2800.1106
[Loaded DLLs] C:\WINDOWS\system32\SHELL32.dll
### Windows Shell Common Dll Microsoft Corporation Microsoft® Windows® Operating System 6.00.2800.1106
[Loaded DLLs] C:\WINDOWS\System32\MSGINA.dll
### Windows NT Logon GINA DLL Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\SETUPAPI.dll
### Windows Setup API Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\VERSION.dll
### Version Checking and File Installation Libraries Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\system32\PSAPI.DLL
### Process Status Helper Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.1106
[Loaded DLLs] C:\WINDOWS\system32\AUTHZ.dll
### Authorization Framework Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\system32\WS2HELP.dll
### Windows Socket 2.0 Helper for Windows NT Microsoft Corporation Microsoft® Windows® Operating System 5.1.2600.0
[Loaded DLLs] C:\WINDOWS\system32\WS2_32.dll
### Windows Socket 2.0 32-Bit DLL Microsoft Corporation Microsoft® Windows® Operatin
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP