Tech Support Forum banner
Cancel

Internet Explorer not loading pages.. but firefox is??

1965 Views 6 Replies 4 Participants Last post by  mclarenmp4
G
Hey guys,

I have been over in the internet explorer forum for a bit and tried a few things over there to over come my problem. But obviously nothing has worked.. what is happening is internet explorer displays nothing it jsut keeps trying to load.(Firefox works fine still) I have done all adware/spyware/temp file scans etc. as well as a System file checker scan and a winsock fix (thread here www.techsupportforum.com/newthread.php?do=newthread&f=50) so anyway heres my hijack this log.

Logfile of HijackThis v1.99.1
Scan saved at 7:17:25 AM, on 21/09/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\PROGRA~1\SYSTEM~1\WScheduler.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\WINDOWS\system32\wuauclt.exe
T:\Programs\hijackthis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [WScheduler] C:\PROGRA~1\SYSTEM~1\WScheduler.exe /LOGON
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

Thanks, any help would be appreicated
See less See more
Save
Like
Status
Not open for further replies.
1 - 7 of 7 Posts
tetonbob
The only possible problem I see in that log is the presence of Messenger Plus! 3, which unless you choose to NOT install the "sponsor" program along with it, will give you a nice little LOP infection.....however, I see no evidence of that in your log, either, and your symptoms don't match.

Let's try registering Internet Explorer's DLL files. Go to Start->Run and type in command and click OK. Then type in each of the following, hitting the Enter key after each line:

regsvr32 Shdocvw.dll
regsvr32 Shell32.dll
regsvr32 Oleaut32.dll
regsvr32 Actxprxy.dll
regsvr32 Mshtml.dll
regsvr32 Urlmon.dll
regsvr32 softpub.dll

See if that makes a difference.

Then, we can run a couple of scanners, to try to eliminate unseen malware as the issue.

Please download Ewido Security Suite at http://www.ewido.net/en/download/.

1. Install Ewido Security Suite.
2. When installing, under 'Additional Options' uncheck:
* Install background guard
* Install scan via context menu
3. Launch Ewido, there should be an icon on your desktop, double click it.
4. The program will now open to the main screen.
5. When you run Ewido for the first time, you will get a warning 'Database could not be found!'. Click OK. We will fix this in a moment.
6. You will need to update Ewido to the latest definition files.
* On the left hand side of the main screen click update.
* Then click on Start Update.
7. The update will start and a progress bar will show the updates being installed. The status bar at the bottom will display 'Update successful'.
8. Exit Ewido. DO NOT scan yet.

The Temp folders should be cleaned out periodically as installation programs and hijack programs leave a lot of junk there. Download CleanUp! (Alternate Link if main link doesn't work) and install it.

*NOTE* Cleanup deletes EVERYTHING out of temp/temporary folders and does not make backups. If you have any documents or programs that are saved in any Temporary Folders, please make a backup of these before running CleanUp!

Please configure CleanUp with the following settings:

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows:
*Click "Options..."
*Move the arrow down to "Custom CleanUp!"
*Put a check next to the following:
  • Empty Recycle Bins
  • Delete Cookies
  • Delete Prefetch files
    [X]Scan local drives for temporary files (Please uncheck this option)
  • Cleanup! All Users
Click OK
Press the CleanUp! button to start the program. Reboot/logoff when prompted.

Restart your computer and boot into Safe Mode by hitting the F8 key repeatedly until a menu shows up (and choose Safe Mode from the list). In some systems, this may be the F5 key, so try that if F8 doesn't work.

Now open Ewido and do a scan on your system.

* Click on scanner
* Click on Complete System Scan and the scan will begin.
* NOTE: During some scans with Ewido it is finding cases of false positives.
o You will need to step through the process of cleaning files one-by-one.
o If Ewido detects a file you KNOW to be legitimate, select none as the action.
o Do NOT select 'Perform action on all infections'
o If you are unsure of any entry found, select none for now as the action.
* Once the scan has completed, there will be a button located on the bottom of the screen named Save report
* Click Save report.
* Save the report .txt file to your desktop or a location where you can find it easily.

Note: There is no need to purchase Ewido. It will remain as the freeware version after the trial period, which means the guard process will no longer work, but the scanner will be just as effective.

Run the CleanUp program again with the same settings as before.

Reboot into normal mode now.

Housecall supports other browsers. Run a scan with TrendMicro Housecall, and be sure to check the AutoClean feature.

Restart your system now.

Run a new scan with HJT, and post the log here.

So I need logs from:

Ewido
Housecall
HJT
See less See more
Save
Like
G
I have done the 3 scans:

Housecall found nothing and i couldnt find a log feature.

Eqido Log:
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 7:21:50 AM, 23/09/2005
+ Report-Checksum: 56D0AE80

+ Scan result:

:mozilla.15:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Clickhype : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Revenue : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.121:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.133:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.134:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.135:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.136:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.137:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.148:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.151:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.154:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.155:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.156:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.185:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Trafic : Cleaned with backup
:mozilla.191:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.192:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.194:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.197:C:\Documents and Settings\Mat\Application Data\Mozilla\Firefox\Profiles\8r7hl2ti.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup


::Report End

HJT LOG:

Logfile of HijackThis v1.99.1
Scan saved at 7:24:05 AM, on 23/09/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\PROGRA~1\SYSTEM~1\WScheduler.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Winamp\Winamp.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Mat\LOCALS~1\Temp\Rar$EX00.594\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM\..\Run: [WScheduler] C:\PROGRA~1\SYSTEM~1\WScheduler.exe /LOGON
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{36F7AA95-50BA-445A-8A70-EDC17428E875}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{36F7AA95-50BA-445A-8A70-EDC17428E875}: NameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{36F7AA95-50BA-445A-8A70-EDC17428E875}: NameServer = 192.168.0.1
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

and IE still doesnt work. Thanks for the help
See less See more
Save
Like
MicroBell
Download: StartDreck

Unzip to its own folder and start the program:
Press 'Config'
Press 'Mark All'

UN-Check the 'NT-Services & NT-Kernel...' boxes only:
Press 'Ok'

Press 'Save' and select the location to save the log file (default is the same folder as the application)

Post the log in this thread..


Download Silent runners.Vbs http://www.silentrunners.org/
1. Make sure you have any script blocking software disabled
2. Run the program. It will take a few minutes to complete.
3. Once complete it will produce a log named “StartupPrograms” with Your user and date in the filename. Open that txt file and posts it contents in your next post.
See less See more
Save
Like
G
Ok before i post the logs i have an update on my situation. I was so annoyed with the whole IE not working thing that i reloaded windows. Now IE worked fine when i reloaded, fine when i loaded drivers (except printer i think). Then i installed programs and it was running fine. Now at some point it stopped working and it doing the same thing as it did before i formated. So i am thinking its some sort of program conflict that i have installed... now which one is another question. As i didnt pay close attention to it when i was installing them i cant find out which one and simply uninstall. So i am going to continue and post the logs you said beacuse the problem is still apparent.

StartDreck (build 2.1.7 public stable) - 2005-09-24 @ 19:46:16 (GMT +10:00)
Platform: Windows XP (Win NT 5.1.2600 Service Pack 2)
Internet Explorer: 7.0.5112.0
Logged in as Mat at MATS

»Registry
»Run Keys
»Current User
»Run
*ctfmon.exe=C:\WINDOWS\system32\ctfmon.exe
*Steam=C:\Program Files\Valve\Steam\\Steam.exe -silent
*MessengerPlus3="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
*msnmsgr="C:\Program Files\MSN Messenger\msnmsgr.exe" /background
»RunOnce
»Default User
»Run
*CTFMON.EXE=C:\WINDOWS\system32\CTFMON.EXE
»RunOnce
»Local Machine
»Run
*ATIPTA="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
*WinFast Schedule=C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
*ccApp="C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
*vptray=C:\PROGRA~1\SYMANT~1\VPTray.exe
*MessengerPlus3="C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
*SunJavaUpdateSched=C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
*iTunesHelper="C:\Program Files\iTunes\iTunesHelper.exe"
*Lexmark X1100 Series="C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
+OptionalComponents
+MSFS
*Installed=1
+MAPI
*Installed=1
*NoChange=1
+MAPI
*Installed=1
*NoChange=1
»RunOnce
»RunServices
»RunServicesOnce
»RunOnceEx
*Flag=
»RunServicesOnceEx
»File Associations (CR)
+.bat
*batfile="%1" %*
+.com
*comfile="%1" %*
+.disabled
*SpybotSD.DisabledFile="C:\Program Files\Spybot - Search & Destroy\blindman.exe" "%1"
+.exe
*exefile="%1" %*
+.hta
*htafile=C:\WINDOWS\system32\mshta.exe "%1" %*
+.htm
*FirefoxHTML=C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1"
+.html
*FirefoxHTML=C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1"
+.js
*JSFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.jse
*JSEFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.pif
*piffile="%1" %*
+.reg
*regfile=regedit.exe "%1"
+.scr
*scrfile="%1" /S
+.txt
*txtfile=%SystemRoot%\system32\NOTEPAD.EXE %1
+.vbs
*VBSFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.vbe
*VBEFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.wsh
*WSHFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.wsf
*WSFFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.lnk
`lnkfile= [key or value does not exist]
»Active Setup (LM)
+Internet Explorer/>{26923b43-4d38-484f-9b9e-de460746276c}
*StubPath="%programfiles%\Internet Explorer\iexplore.exe" -userconfig
+Browser Customizations/>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
*StubPath=RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
+Outlook Express/>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
*StubPath=%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
+Themes Setup/{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
*StubPath=%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
+Microsoft Outlook Express 6/{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
*StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
+NetMeeting 3.01/{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
+Internet Explorer/{4b218e3e-bc98-4770-93d3-2731b9329278}
*StubPath=%SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
+Windows Messenger 4.7/{5945c046-1e7d-11d1-bc44-00c04fd912be}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
+Microsoft Windows Media Player/{6BF52A52-394A-11d3-B153-00C04F79FAA6}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
+Address Book 6/{7790769C-0471-11d2-AF11-00C04FA35D02}
*StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
+Windows Desktop Update/{89820200-ECBD-11cf-8B85-00AA005B4340}
*StubPath=regsvr32.exe /s /n /i:U shell32.dll
+Internet Explorer 7/{89820200-ECBD-11cf-8B85-00AA005B4383}
*StubPath=%SystemRoot%\system32\ie4uinit.exe
»Browser Helper Objects (LM)
*FDCatch.FDIeCatcher/{206E52E0-D52E-11D4-AD54-0000E86C26F6}
`InprocServer32=C:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll
»Internet Explorer
»Current User
*Local Page=C:\WINDOWS\system32\blank.htm
*Search Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Start Page=http://www.google.com/
+SearchUrl
*provider=
»Default User
»Local Machine
*Default_Page_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
*Default_Search_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Local Page=%SystemRoot%\system32\blank.htm
*Search Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Start Page=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
*CustomizeSearch=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
*SearchAssistant=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
»ShellServiceObjectDelayLoad (LM)
*PostBootReminder={7849596a-48ea-486e-8937-a2a3009f31a9}
`InprocServer32=%SystemRoot%\system32\SHELL32.dll
*CDBurn={fbeb8a05-beee-4442-804e-409d6c4515e9}
`InprocServer32=%SystemRoot%\system32\SHELL32.dll
*WebCheck={E6FB5E20-DE35-11CF-9C87-00AA005127ED}
`InprocServer32=C:\WINDOWS\system32\webcheck.dll
*SysTray={35CEC8A3-2BE6-11D2-8773-92E220524153}
`InprocServer32=C:\WINDOWS\system32\stobject.dll
»Special NT Values
»Current User
*Load=
*Run=
*Programs=com exe bat pif cmd
*SHELL=
»Default User
*Load=
*Run=
*Programs=com exe bat pif cmd
*SHELL=
»Local Machine
*AppInit_DLLs=
*SHELL=Explorer.exe
*Userinit=C:\WINDOWS\system32\userinit.exe,
»Files
»Autostart Folders
»Current User
*C:\Documents and Settings\Mat\Start Menu\Programs\Startup\desktop.ini
»Default User
*C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini
»Local Machine
*C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
»INI-Files
»WIN.INI\[windows]
*LOAD=
*RUN=
»SYSTEM.INI\[boot]
*SHELL=Explorer.exe
»Text Files
*C:\boot.ini
`[boot loader]
`timeout=30
`default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
`[operating systems]
`multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
*C:\msdos.sys
*C:\config.sys
*C:\WINDOWS\system32\config.nt
`dos=high, umb
`device=%SystemRoot%\system32\himem.sys
`files=40
*C:\autoexec.bat
*C:\WINDOWS\system32\autoexec.nt
`@echo off
`lh %SystemRoot%\system32\mscdexnt.exe
`lh %SystemRoot%\system32\redir
`lh %SystemRoot%\system32\dosx
`SET BLASTER=A220 I5 D1 P330 T3
*C:\WINDOWS\system32\drivers\etc\hosts
`127.0.0.1 localhost
»Program Files
*C:\ntldr
*C:\ntdetect.com
*C:\io.sys
*C:\WINDOWS\system32\win.com
*C:\WINDOWS\explorer.exe
»%PATH% Companion Files
+C:\WINDOWS\system32\notepad.exe
*C:\WINDOWS\NOTEPAD.EXE
+C:\WINDOWS\system32\taskman.exe
*C:\WINDOWS\TASKMAN.EXE
+C:\WINDOWS\system32\winhlp32.exe
*C:\WINDOWS\winhlp32.exe
»System/Drivers
»Running Processes
+0=<idle>
+4=<system>
+1084=\SystemRoot\System32\smss.exe
*C:\WINDOWS\system32\ntdll.dll
+1132=\??\C:\WINDOWS\system32\csrss.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\CSRSRV.dll
*C:\WINDOWS\system32\basesrv.dll
*C:\WINDOWS\system32\winsrv.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\KERNEL32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\sxs.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\Apphelp.dll
*C:\WINDOWS\system32\VERSION.dll
+1172=\??\C:\WINDOWS\system32\winlogon.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\AUTHZ.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\NDdeApi.dll
*C:\WINDOWS\system32\PROFMAP.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\PSAPI.DLL
*C:\WINDOWS\system32\REGAPI.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\MSGINA.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\system32\ODBC32.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\odbcint.dll
*C:\WINDOWS\system32\SHSVCS.dll
*C:\WINDOWS\system32\sfc.dll
*C:\WINDOWS\system32\sfc_os.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\Apphelp.dll
*C:\WINDOWS\system32\WINSCARD.DLL
*C:\WINDOWS\system32\WTSAPI32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\Ati2evxx.dll
*C:\WINDOWS\system32\cscdll.dll
*C:\WINDOWS\system32\WlNotify.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\msv1_0.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\sxs.dll
*C:\WINDOWS\system32\cscui.dll
*C:\WINDOWS\system32\MPRAPI.dll
*C:\WINDOWS\system32\ACTIVEDS.dll
*C:\WINDOWS\system32\adsldpc.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\ATL.DLL
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\NavLogon.dll
*C:\WINDOWS\system32\NTMARTA.DLL
*C:\WINDOWS\system32\wdmaud.drv
*C:\WINDOWS\system32\msacm32.drv
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\midimap.dll
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
+1216=C:\WINDOWS\system32\services.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\SCESRV.dll
*C:\WINDOWS\system32\AUTHZ.dll
*C:\WINDOWS\system32\umpnpmgr.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\NCObjAPI.DLL
*C:\WINDOWS\system32\MSVCP60.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\secur32.dll
*C:\WINDOWS\system32\Apphelp.dll
*C:\WINDOWS\system32\eventlog.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\PSAPI.DLL
*C:\WINDOWS\system32\wtsapi32.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\Cabinet.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\rsaenh.dll
+1228=C:\WINDOWS\system32\lsass.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\LSASRV.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\NTDSAPI.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\SAMSRV.dll
*C:\WINDOWS\system32\cryptdll.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\msprivs.dll
*C:\WINDOWS\system32\kerberos.dll
*C:\WINDOWS\system32\msv1_0.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\netlogon.dll
*C:\WINDOWS\system32\w32time.dll
*C:\WINDOWS\system32\MSVCP60.dll
*C:\WINDOWS\system32\schannel.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\wdigest.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\scecli.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\ipsecsvc.dll
*C:\WINDOWS\system32\AUTHZ.dll
*C:\WINDOWS\system32\oakley.DLL
*C:\WINDOWS\system32\WINIPSEC.DLL
*C:\WINDOWS\system32\pstorsvc.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\dssenh.dll
*C:\WINDOWS\system32\psbase.dll
+1376=C:\WINDOWS\system32\Ati2evxx.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\Ati2edxx.dll
*C:\WINDOWS\system32\uxtheme.dll
+1392=C:\WINDOWS\system32\svchost.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\SAMLIB.dll
*c:\windows\system32\rpcss.dll
*c:\windows\system32\Secur32.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\Apphelp.dll
*c:\windows\system32\termsrv.dll
*c:\windows\system32\ICAAPI.dll
*c:\windows\system32\SETUPAPI.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*c:\windows\system32\AUTHZ.dll
*c:\windows\system32\mstlsapi.dll
*c:\windows\system32\ACTIVEDS.dll
*c:\windows\system32\adsldpc.dll
*C:\WINDOWS\system32\NETAPI32.dll
*c:\windows\system32\ATL.DLL
*C:\WINDOWS\system32\REGAPI.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\WTSAPI32.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\msv1_0.dll
*C:\WINDOWS\system32\iphlpapi.dll
+1512=C:\WINDOWS\system32\svchost.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*c:\windows\system32\rpcss.dll
*c:\windows\system32\Secur32.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\rasadhlp.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
+1600=C:\WINDOWS\System32\svchost.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\System32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\System32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\System32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\System32\SAMLIB.dll
*C:\WINDOWS\System32\xpsp2res.dll
*c:\windows\system32\shsvcs.dll
*C:\WINDOWS\System32\WINSTA.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\System32\rsaenh.dll
*c:\windows\system32\dhcpcsvc.dll
*c:\windows\system32\DNSAPI.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*c:\windows\system32\iphlpapi.dll
*c:\windows\system32\Secur32.dll
*c:\windows\system32\wzcsvc.dll
*c:\windows\system32\rtutils.dll
*c:\windows\system32\WMI.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*c:\windows\system32\WTSAPI32.dll
*c:\windows\system32\ESENT.dll
*c:\windows\system32\ATL.DLL
*C:\WINDOWS\System32\rastls.dll
*C:\WINDOWS\system32\CRYPTUI.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\System32\MPRAPI.dll
*C:\WINDOWS\System32\ACTIVEDS.dll
*C:\WINDOWS\System32\adsldpc.dll
*C:\WINDOWS\System32\SETUPAPI.dll
*C:\WINDOWS\System32\RASAPI32.dll
*C:\WINDOWS\System32\rasman.dll
*C:\WINDOWS\System32\TAPI32.dll
*C:\WINDOWS\System32\SCHANNEL.dll
*C:\WINDOWS\System32\WinSCard.dll
*C:\WINDOWS\System32\raschap.dll
*C:\WINDOWS\system32\msv1_0.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*c:\windows\system32\schedsvc.dll
*c:\windows\system32\NTDSAPI.dll
*C:\WINDOWS\System32\MSIDLE.DLL
*c:\windows\system32\audiosrv.dll
*c:\windows\system32\wkssvc.dll
*c:\windows\system32\cryptsvc.dll
*c:\windows\system32\certcli.dll
*c:\windows\system32\ersvc.dll
*c:\windows\system32\es.dll
*c:\windows\pchealth\helpctr\binaries\pchsvc.dll
*c:\windows\system32\srvsvc.dll
*c:\windows\system32\srsvc.dll
*c:\windows\system32\POWRPROF.dll
*c:\windows\system32\sens.dll
*C:\WINDOWS\System32\HNETCFG.DLL
*c:\windows\system32\seclogon.dll
*c:\windows\system32\netman.dll
*c:\windows\system32\netshell.dll
*c:\windows\system32\credui.dll
*c:\windows\system32\WZCSAPI.DLL
*C:\WINDOWS\System32\SXS.DLL
*C:\WINDOWS\system32\comsvcs.dll
*C:\WINDOWS\system32\MTXCLU.DLL
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\colbact.DLL
*C:\WINDOWS\System32\CLUSAPI.DLL
*C:\WINDOWS\System32\RESUTILS.DLL
*c:\windows\system32\browser.dll
*c:\windows\system32\wuauserv.dll
*c:\windows\system32\wbem\wmisvc.dll
*C:\WINDOWS\system32\VSSAPI.DLL
*C:\WINDOWS\system32\wuaueng.dll
*C:\WINDOWS\System32\ADVPACK.dll
*C:\WINDOWS\System32\SHFOLDER.dll
*C:\WINDOWS\System32\WINSPOOL.DRV
*C:\WINDOWS\System32\WINHTTP.dll
*C:\WINDOWS\System32\Cabinet.dll
*C:\WINDOWS\System32\mspatcha.dll
*C:\WINDOWS\System32\sfc.dll
*C:\WINDOWS\System32\sfc_os.dll
*C:\WINDOWS\System32\msi.dll
*c:\windows\system32\w32time.dll
*c:\windows\system32\MSVCP60.dll
*c:\windows\system32\trkwks.dll
*c:\windows\system32\wscsvc.dll
*c:\windows\system32\ipnathlp.dll
*c:\windows\system32\MSWSOCK.dll
*c:\windows\system32\AUTHZ.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\wbem\wbemcomn.dll
*C:\WINDOWS\System32\Wbem\wbemcore.dll
*C:\WINDOWS\System32\Wbem\esscli.dll
*C:\WINDOWS\System32\Wbem\FastProx.dll
*C:\WINDOWS\system32\wbem\wbemsvc.dll
*C:\WINDOWS\system32\wbem\wmiutils.dll
*C:\WINDOWS\system32\wbem\repdrvfs.dll
*C:\WINDOWS\system32\wbem\wmiprvsd.dll
*C:\WINDOWS\system32\NCObjAPI.DLL
*C:\WINDOWS\system32\wbem\wbemess.dll
*C:\WINDOWS\system32\wbem\ncprov.dll
*c:\windows\system32\qmgr.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\upnp.dll
*C:\WINDOWS\system32\SSDPAPI.dll
*C:\WINDOWS\System32\rasadhlp.dll
*C:\WINDOWS\System32\RASDLG.dll
*C:\WINDOWS\system32\qmgrprxy.dll
*C:\WINDOWS\System32\NETRAP.dll
*C:\WINDOWS\system32\Apphelp.dll
*C:\WINDOWS\system32\wups.dll
*C:\WINDOWS\System32\catsrvut.dll
*C:\WINDOWS\System32\MfcSubs.dll
*C:\WINDOWS\system32\urlmon.dll
*C:\WINDOWS\System32\catsrv.dll
*C:\WINDOWS\system32\netcfgx.dll
*C:\WINDOWS\System32\xactsrv.dll
+1688=C:\WINDOWS\system32\svchost.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*c:\windows\system32\dnsrslvr.dll
*c:\windows\system32\DNSAPI.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*c:\windows\system32\iphlpapi.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
+1792=C:\WINDOWS\system32\svchost.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\xpsp2res.dll
*c:\windows\system32\lmhsvc.dll
*c:\windows\system32\iphlpapi.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*c:\windows\system32\webclnt.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\Secur32.dll
*c:\windows\system32\ssdpsrv.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\wshtcpip.dll
+1904=C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\MSVCP70.dll
*C:\WINDOWS\system32\MSVCR70.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\IMM32.DLL
*C:\WINDOWS\system32\Secur32.dll
*C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\WinTrust.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\msi.dll
*C:\WINDOWS\system32\SXS.DLL
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\userenv.dll
*C:\WINDOWS\system32\netapi32.dll
*C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll
+1940=C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\MSVCP70.dll
*C:\WINDOWS\system32\MSVCR70.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\IMM32.DLL
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\WinTrust.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\userenv.dll
*C:\WINDOWS\system32\netapi32.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\msi.dll
*C:\WINDOWS\system32\SXS.DLL
*C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL
+236=C:\WINDOWS\system32\spoolsv.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\SPOOLSS.DLL
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\rasadhlp.dll
*C:\WINDOWS\system32\localspl.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\sfc_os.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\winspool.drv
*C:\WINDOWS\system32\netapi32.dll
*C:\WINDOWS\system32\cnbjmon.dll
*C:\WINDOWS\system32\mdimon.dll
*C:\WINDOWS\system32\msi.dll
*C:\WINDOWS\system32\pjlmon.dll
*C:\WINDOWS\system32\tcpmon.dll
*C:\WINDOWS\system32\usbmon.dll
*C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll
*C:\WINDOWS\System32\mswsock.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\win32spl.dll
*C:\WINDOWS\system32\NETRAP.dll
*C:\WINDOWS\system32\NTDSAPI.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\inetpp.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\LEXLMPM.DLL
*C:\WINDOWS\system32\LexBce.dll
*C:\WINDOWS\System32\spool\PRTPROCS\W32X86\LXBKPP5C.dll
*C:\WINDOWS\system32\Cabinet.dll
*C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBKUI5C.DLL
*C:\WINDOWS\system32\mscms.dll
*C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBKSTRN.DLL
*C:\WINDOWS\system32\winsta.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\LINKINFO.dll
*C:\WINDOWS\system32\ntshrui.dll
*C:\WINDOWS\system32\ATL.DLL
*C:\WINDOWS\system32\icm32.dll
+296=C:\WINDOWS\system32\Ati2evxx.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\Ati2edxx.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\MSCTF.dll
+432=C:\WINDOWS\Explorer.EXE
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\BROWSEUI.dll
*C:\WINDOWS\system32\SHDOCVW.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\CRYPTUI.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\appHelp.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\System32\cscui.dll
*C:\WINDOWS\System32\CSCDLL.dll
*C:\WINDOWS\system32\themeui.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\MSIMG32.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\LINKINFO.dll
*C:\WINDOWS\system32\ntshrui.dll
*C:\WINDOWS\system32\ATL.DLL
*C:\WINDOWS\system32\urlmon.dll
*C:\WINDOWS\system32\ieframe.dll
*C:\WINDOWS\system32\ADVPACK.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\DUSER.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
*C:\WINDOWS\system32\IMM32.dll
*C:\WINDOWS\system32\MSHTML.dll
*C:\WINDOWS\system32\msls31.dll
*C:\WINDOWS\system32\MSRATING.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\OLEACC.dll
*C:\WINDOWS\system32\MSVCP60.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\webcheck.dll
*C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll
*C:\WINDOWS\system32\stobject.dll
*C:\WINDOWS\system32\BatMeter.dll
*C:\WINDOWS\system32\POWRPROF.dll
*C:\WINDOWS\system32\WTSAPI32.dll
*C:\WINDOWS\system32\wdmaud.drv
*C:\WINDOWS\system32\msacm32.drv
*C:\WINDOWS\system32\midimap.dll
*C:\WINDOWS\system32\NETSHELL.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\credui.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\msi.dll
*C:\WINDOWS\system32\SXS.DLL
*C:\WINDOWS\system32\mslbui.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\System32\drprov.dll
*C:\WINDOWS\System32\ntlanman.dll
*C:\WINDOWS\System32\NETUI0.dll
*C:\WINDOWS\System32\NETUI1.dll
*C:\WINDOWS\System32\NETRAP.dll
*C:\WINDOWS\System32\SAMLIB.dll
*C:\WINDOWS\System32\davclnt.dll
*C:\Program Files\WinRAR\rarext.dll
*C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll
*C:\WINDOWS\system32\browselc.dll
*C:\WINDOWS\system32\MSGINA.dll
*C:\WINDOWS\system32\ODBC32.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\system32\odbcint.dll
*C:\WINDOWS\system32\MLANG.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\RASAPI32.dll
*C:\WINDOWS\system32\rasman.dll
*C:\WINDOWS\system32\TAPI32.dll
*C:\WINDOWS\system32\sensapi.dll
*C:\WINDOWS\system32\wiashext.dll
*C:\WINDOWS\system32\sti.dll
*C:\WINDOWS\system32\CFGMGR32.dll
*C:\WINDOWS\system32\wmpshell.dll
*C:\WINDOWS\system32\shmedia.dll
*C:\WINDOWS\system32\MSVFW32.dll
*C:\WINDOWS\system32\AVIFIL32.dll
*C:\WINDOWS\system32\wmvcore.dll
*C:\WINDOWS\system32\wmidx.dll
*C:\WINDOWS\system32\WMASF.DLL
*C:\WINDOWS\system32\msdmo.dll
*C:\WINDOWS\system32\DRMClien.DLL
*C:\WINDOWS\system32\shdoclc.dll
*C:\WINDOWS\system32\OLEPRO32.DLL
*C:\WINDOWS\system32\NTMARTA.DLL
*C:\WINDOWS\system32\mscms.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
+504=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\Apphelp.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\COMRes.dll
*C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll
*C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.ENU
*C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll
*C:\WINDOWS\system32\DINPUT8.dll
*C:\WINDOWS\system32\HID.DLL
*C:\WINDOWS\system32\SETUPAPI.DLL
*C:\WINDOWS\system32\WINMM.DLL
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\MSCTF.dll
+588=C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\qcap.dll
*C:\WINDOWS\system32\MSVFW32.dll
*C:\WINDOWS\system32\quartz.dll
*C:\WINDOWS\system32\devenum.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\msdmo.dll
*C:\WINDOWS\system32\ksproxy.ax
*C:\WINDOWS\system32\ksuser.dll
*C:\WINDOWS\system32\kswdmcap.ax
*C:\WINDOWS\system32\MFC42.DLL
*C:\WINDOWS\system32\mslbui.dll
+596=C:\Program Files\Common Files\Symantec Shared\ccApp.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\MSVCP70.dll
*C:\WINDOWS\system32\MSVCR70.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\WinTrust.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\userenv.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\secur32.dll
*C:\WINDOWS\system32\netapi32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\msi.dll
*C:\WINDOWS\system32\SXS.DLL
*C:\Program Files\Symantec\LiveUpdate\ProductRegCom.DLL
*C:\Program Files\Symantec\LiveUpdate\LuComServerPS.DLL
*C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL
*C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL
*C:\WINDOWS\system32\MSWSOCK.dll
*C:\WINDOWS\system32\SYMREDIR.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll
*C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll
*C:\Program Files\Symantec AntiVirus\SavEmail.dll
*C:\Program Files\Common Files\Symantec Shared\ccProSub.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\rasadhlp.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
+624=C:\PROGRA~1\SYMANT~1\VPTray.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\Program Files\Symantec AntiVirus\SAVRT32.DLL
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\msi.dll
*C:\Program Files\Symantec AntiVirus\Cliscan.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\CTL3D32.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\shfolder.dll
*C:\PROGRA~1\SYMANT~1\NAVNTUTL.DLL
*C:\WINDOWS\system32\SFC.DLL
*C:\WINDOWS\system32\sfc_os.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\SXS.DLL
*C:\Program Files\Symantec AntiVirus\Cliproxy.dll
*C:\WINDOWS\system32\MSCTF.dll
+640=C:\Program Files\MessengerPlus! 3\MsgPlus.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\MSCTF.dll
+668=C:\Program Files\Java\j2re1.4.2_09\bin\jusched.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\Apphelp.dll
+680=C:\Program Files\iTunes\iTunesHelper.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\ATL.DLL
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL
*C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL
*C:\WINDOWS\system32\uxtheme.dll
*C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\msi.dll
*C:\WINDOWS\system32\SXS.DLL
*C:\WINDOWS\system32\MSCTF.dll
+692=C:\WINDOWS\system32\ctfmon.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\WINDOWS\system32\MSUTB.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll
+772=C:\Program Files\Valve\Steam\Steam.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\oledlg.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\OLEACC.dll
*C:\WINDOWS\system32\MSVCP60.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\system32\mslbui.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\Program Files\Valve\Steam\Steam.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\rasadhlp.dll
*C:\Program Files\Valve\Steam\SteamUI.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\Program Files\Valve\Steam\dbg.dll
*C:\Program Files\Valve\Steam\bin\FileSystem_Steam.dll
*C:\Program Files\Valve\Steam\bin\vgui2.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\wdmaud.drv
*C:\WINDOWS\system32\msacm32.drv
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\midimap.dll
*C:\Program Files\Valve\Steam\steamclient.dll
*C:\Program Files\Valve\Steam\vstdlib_s.dll
*C:\Program Files\Valve\Steam\tier0_s.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\psapi.dll
*c:\program files\valve\steam\Friends\trackerUI.dll
*c:\program files\valve\steam\Servers\serverbrowser.dll
*C:\WINDOWS\system32\WSOCK32.dll
*c:\program files\valve\steam\Friends\TrackerNET.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\ieframe.dll
*C:\WINDOWS\system32\ADVPACK.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\CRYPTUI.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\system32\DUSER.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
*C:\WINDOWS\system32\IMM32.dll
*C:\WINDOWS\system32\MSHTML.dll
*C:\WINDOWS\system32\msls31.dll
*C:\WINDOWS\system32\MSRATING.dll
*C:\WINDOWS\system32\URLMON.DLL
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\apphelp.dll
*C:\WINDOWS\system32\shdocvw.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\msi.dll
*C:\WINDOWS\system32\SXS.DLL
*C:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll
*C:\WINDOWS\system32\olepro32.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\userenv.dll
*C:\WINDOWS\system32\cryptnet.dll
*C:\WINDOWS\system32\WINHTTP.dll
*C:\WINDOWS\system32\SensApi.dll
+976=C:\Program Files\Symantec AntiVirus\DefWatch.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
+1020=C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\psapi.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL
+1632=C:\Program Files\Symantec AntiVirus\Rtvscan.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\CBA.DLL
*C:\WINDOWS\system32\MsgSys.dll
*C:\WINDOWS\system32\NTS.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\MSWSOCK.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\PDS.DLL
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\CTL3D32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\Program Files\Symantec AntiVirus\NAVLU.dll
*C:\WINDOWS\system32\MFC42.DLL
*C:\WINDOWS\system32\PSAPI.DLL
*C:\WINDOWS\system32\USERENV.dll
*C:\Program Files\Symantec AntiVirus\I2ldvp3.dll
*C:\Program Files\Symantec AntiVirus\ecmldr32.DLL
*C:\Program Files\Symantec AntiVirus\SAVRT32.DLL
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\IMM32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL
*C:\WINDOWS\system32\SFC.DLL
*C:\WINDOWS\system32\sfc_os.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\shfolder.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050921.017\ecmsvr32.dll
*C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050921.017\NAVEX32a.DLL
*C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050921.017\NAVENG32.DLL
*C:\Program Files\Symantec AntiVirus\IMail.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\Program Files\Symantec AntiVirus\NotesExt.dll
*C:\Program Files\Symantec AntiVirus\vpmsece.dll
*C:\WINDOWS\system32\shell32.dll
*C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\system32\MSVCP60.dll
*C:\Program Files\Symantec AntiVirus\DecSDK.dll
*C:\Program Files\Symantec AntiVirus\Dec2.dll
*C:\WINDOWS\system32\WININET.dll
*C:\Program Files\Symantec AntiVirus\Dec2ID.dll
*C:\Program Files\Symantec AntiVirus\Dec2ZIP.dll
*C:\Program Files\Symantec AntiVirus\Dec2SS.dll
*C:\Program Files\Symantec AntiVirus\Dec2GZIP.dll
*C:\Program Files\Symantec AntiVirus\Dec2CAB.dll
*C:\Program Files\Symantec AntiVirus\Dec2LHA.dll
*C:\Program Files\Symantec AntiVirus\Dec2ARJ.dll
*C:\Program Files\Symantec AntiVirus\Dec2TNEF.dll
*C:\Program Files\Symantec AntiVirus\Dec2LZ.dll
*C:\Program Files\Symantec AntiVirus\Dec2AMG.dll
*C:\Program Files\Symantec AntiVirus\Dec2TAR.dll
*C:\Program Files\Symantec AntiVirus\Dec2RTF.dll
*C:\Program Files\Symantec AntiVirus\Dec2Text.dll
+780=C:\Program Files\iPod\bin\iPodService.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\CFGMGR32.dll
*C:\WINDOWS\system32\setupapi.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\ATL.DLL
*C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.DLL
*C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\Wtsapi32.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\msi.dll
*C:\WINDOWS\system32\SXS.DLL
+2192=C:\WINDOWS\System32\alg.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\System32\ATL.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\WSOCK32.dll
*C:\WINDOWS\System32\WS2_32.dll
*C:\WINDOWS\System32\WS2HELP.dll
*C:\WINDOWS\System32\MSWSOCK.DLL
*C:\WINDOWS\System32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\System32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\System32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*C:\WINDOWS\System32\xpsp2res.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
+3968=C:\WINDOWS\system32\LEXBCES.EXE
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\lexp2p32.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\lex2kusb.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
+3992=C:\WINDOWS\system32\LEXPPS.EXE
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\LEXBCE.DLL
+2440=C:\WINDOWS\system32\svchost.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*c:\windows\system32\wiaservc.dll
*c:\windows\system32\CFGMGR32.dll
*c:\windows\system32\setupapi.DLL
*c:\windows\system32\mscms.dll
*c:\windows\system32\WINSPOOL.DRV
*c:\windows\system32\WINSTA.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\ACTXPRXY.DLL
*C:\WINDOWS\system32\WIAFBDRV.DLL
*C:\WINDOWS\system32\ATL.DLL
*C:\Program Files\Lexmark X1100 Series\lxbkmcro.dll
*C:\Program Files\Lexmark X1100 Series\ConvDIB.dll
*C:\Program Files\Lexmark X1100 Series\rtscan.dll
*C:\WINDOWS\system32\sti.dll
+2536=C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll
*C:\WINDOWS\system32\Apphelp.dll
+2544=C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
+3932=C:\Program Files\Winamp\Winamp.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\ieframe.dll
*C:\WINDOWS\system32\ADVPACK.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\CRYPTUI.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\DUSER.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
*C:\WINDOWS\system32\IMM32.dll
*C:\WINDOWS\system32\MSHTML.dll
*C:\WINDOWS\system32\msls31.dll
*C:\WINDOWS\system32\MSRATING.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\OLEACC.dll
*C:\WINDOWS\system32\MSVCP60.dll
*C:\WINDOWS\system32\URLMON.DLL
*C:\WINDOWS\system32\Secur32.dll
*C:\Program Files\Winamp\Plugins\in_cdda.dll
*C:\Program Files\Winamp\Plugins\in_dshow.dll
*C:\Program Files\Winamp\Plugins\in_midi.dll
*C:\Program Files\Winamp\Plugins\read_file.dll
*C:\Program Files\Winamp\Plugins\in_mod.dll
*C:\Program Files\Winamp\Plugins\in_mp3.dll
*C:\Program Files\Winamp\Plugins\in_mp4.dll
*C:\Program Files\Winamp\Plugins\in_nsv.dll
*C:\Program Files\Winamp\Plugins\in_vorbis.dll
*C:\Program Files\Winamp\Plugins\in_wave.dll
*C:\Program Files\Winamp\Plugins\in_wm.dll
*C:\WINDOWS\system32\wdmaud.drv
*C:\WINDOWS\system32\msacm32.drv
*C:\WINDOWS\system32\midimap.dll
*C:\Program Files\Winamp\Plugins\out_disk.dll
*C:\Program Files\Winamp\Plugins\out_ds.dll
*C:\Program Files\Winamp\Plugins\out_wave.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\system32\ddraw.dll
*C:\WINDOWS\system32\DCIMAN32.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\Program Files\Winamp\Plugins\gen_ff.dll
*C:\WINDOWS\system32\OLEPRO32.DLL
*C:\Program Files\Winamp\Plugins\gen_hotkeys.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\Program Files\Winamp\Plugins\gen_jumpex.dll
*C:\Program Files\Winamp\Plugins\gen_ml.dll
*C:\Program Files\Winamp\Plugins\gen_tips.dll
*C:\Program Files\Winamp\Plugins\gen_toaster.dll
*C:\Program Files\Winamp\Plugins\gen_tray.dll
*C:\WINDOWS\system32\mslbui.dll
*C:\WINDOWS\system32\dsound.dll
*C:\WINDOWS\system32\KsUser.dll
*C:\WINDOWS\system32\rasadhlp.dll
+3816=C:\Program Files\MSN Messenger\msnmsgr.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\CRYPTNET.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\WINHTTP.dll
*C:\WINDOWS\system32\SensApi.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\msi.dll
*C:\WINDOWS\system32\DSOUND.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\Program Files\MSN Messenger\msidcrl.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll
*C:\Program Files\MSN Messenger\MSGSLANG.DLL
*C:\WINDOWS\system32\wtsapi32.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\es.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\Program Files\MessengerPlus! 3\MsgPlusH.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\Program Files\MessengerPlus! 3\Resources\MsgPlusRes.dll
*C:\WINDOWS\system32\SXS.DLL
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\RASAPI32.dll
*C:\WINDOWS\system32\rasman.dll
*C:\WINDOWS\system32\TAPI32.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\msxml3.dll
*C:\WINDOWS\system32\Riched20.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\Program Files\MessengerPlus! 3\RichEdHook.dll
*C:\WINDOWS\system32\IMM32.dll
*C:\WINDOWS\system32\MSIMG32.DLL
*C:\WINDOWS\system32\mslbui.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\schannel.dll
*C:\WINDOWS\system32\rasadhlp.dll
*C:\WINDOWS\system32\urlmon.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\dssenh.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\MPRAPI.dll
*C:\WINDOWS\system32\ACTIVEDS.dll
*C:\WINDOWS\system32\adsldpc.dll
*C:\WINDOWS\system32\ATL.DLL
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\msdmo.dll
*C:\WINDOWS\system32\Cabinet.dll
*C:\WINDOWS\system32\ieframe.dll
*C:\WINDOWS\system32\ADVPACK.dll
*C:\WINDOWS\system32\CRYPTUI.dll
*C:\WINDOWS\system32\DUSER.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
*C:\WINDOWS\system32\MSHTML.dll
*C:\WINDOWS\system32\msls31.dll
*C:\WINDOWS\system32\MSRATING.dll
*C:\WINDOWS\system32\OLEACC.dll
*C:\WINDOWS\system32\MSVCP60.dll
*C:\WINDOWS\system32\USP10.dll
*C:\WINDOWS\system32\dpnhupnp.dll
*C:\WINDOWS\system32\NETSHELL.dll
*C:\WINDOWS\system32\credui.dll
*C:\WINDOWS\system32\appHelp.dll
*C:\WINDOWS\system32\wdmaud.drv
*C:\WINDOWS\system32\msacm32.drv
*C:\WINDOWS\system32\midimap.dll
*C:\Program Files\MessengerPlus! 3\libsndfile.dll
*C:\Program Files\MessengerPlus! 3\lame_enc.dll
*C:\WINDOWS\system32\MLANG.dll
*C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\PDM.DLL
*C:\WINDOWS\system32\ntshrui.dll
*C:\WINDOWS\system32\LINKINFO.dll
*C:\WINDOWS\system32\mscms.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\browseui.dll
*C:\WINDOWS\system32\shdocvw.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\System32\drprov.dll
*C:\WINDOWS\System32\ntlanman.dll
*C:\WINDOWS\System32\NETUI0.dll
*C:\WINDOWS\System32\NETUI1.dll
*C:\WINDOWS\System32\NETRAP.dll
*C:\WINDOWS\System32\davclnt.dll
*C:\WINDOWS\system32\MSGINA.dll
*C:\WINDOWS\system32\ODBC32.dll
*C:\WINDOWS\system32\odbcint.dll
*C:\WINDOWS\system32\sti.dll
*C:\WINDOWS\system32\CFGMGR32.dll
*C:\WINDOWS\system32\sirenacm.dll
*C:\WINDOWS\system32\KsUser.dll
*C:\WINDOWS\system32\devenum.dll
*C:\Program Files\Common Files\Microsoft Shared\INK\INKOBJ.DLL
*C:\WINDOWS\system32\dciman32.dll
+3272=C:\Program Files\Mozilla Firefox\firefox.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\Program Files\Mozilla Firefox\js3250.dll
*C:\Program Files\Mozilla Firefox\nspr4.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\Program Files\Mozilla Firefox\xpcom.dll
*C:\Program Files\Mozilla Firefox\plc4.dll
*C:\Program Files\Mozilla Firefox\plds4.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\ole32.dll
*C:\Program Files\Mozilla Firefox\smime3.dll
*C:\Program Files\Mozilla Firefox\nss3.dll
*C:\Program Files\Mozilla Firefox\softokn3.dll
*C:\Program Files\Mozilla Firefox\ssl3.dll
*C:\Program Files\Mozilla Firefox\xpcom_compat.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\Program Files\Mozilla Firefox\components\qfaservices.dll
*C:\Program Files\Mozilla Firefox\components\FULLSOFT.DLL
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\msimtf.dll
*C:\Program Files\Java\jre1.5.0_04\bin\NPOJI610.dll
*C:\WINDOWS\system32\OLEPRO32.DLL
*C:\Program Files\Java\jre1.5.0_04\bin\jpioji.dll
*C:\Program Files\Java\jre1.5.0_04\bin\jpinscp.dll
*C:\Program Files\Java\jre1.5.0_04\bin\jpishare.dll
*C:\Program Files\Mozilla Firefox\components\jar50.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\msimg32.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\mslbui.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\rasadhlp.dll
*C:\WINDOWS\system32\appHelp.dll
*C:\WINDOWS\System32\cscui.dll
*C:\WINDOWS\System32\CSCDLL.dll
*C:\WINDOWS\system32\USERENV.dll
+1080=C:\Documents and Settings\Mat\Desktop\startdreck\StartDreck.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\Documents and Settings\Mat\Desktop\startdreck\VB40032.DLL
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\MSVCRT20.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\OLEPRO32.DLL
*C:\Documents and Settings\Mat\Desktop\startdreck\VB4DE32.DLL
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\Program Files\MessengerPlus! 3\MsgPlusLoader.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\mslbui.dll
*C:\Documents and Settings\Mat\Desktop\startdreck\PSAPI.DLL
»VMM32Files (LM)
»%System%\VMM32
»%System%\IOSUBSYS
»Application specific
»MS Office 97/8.0 STARTUP-PATH
»Current User
»Default User
»Local Machine
»ICQ NetDetect
»Current User
»Default User

and Startup programs

"Silent Runners.vbs", revision 40.1, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"Steam" = "C:\Program Files\Valve\Steam\\Steam.exe -silent" ["Valve Corporation"]
"MessengerPlus3" = ""C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart" ["Patchou"]
"msnmsgr" = ""C:\Program Files\MSN Messenger\msnmsgr.exe" /background" [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"ATIPTA" = ""C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"" ["ATI Technologies, Inc."]
"WinFast Schedule" = "C:\Program Files\WinFast\WFTVFM\WFWIZ.exe" ["Leadtek Research Inc."]
"ccApp" = ""C:\Program Files\Common Files\Symantec Shared\ccApp.exe"" ["Symantec Corporation"]
"vptray" = "C:\PROGRA~1\SYMANT~1\VPTray.exe" ["Symantec Corporation"]
"MessengerPlus3" = ""C:\Program Files\MessengerPlus! 3\MsgPlus.exe"" ["Patchou"]
"SunJavaUpdateSched" = "C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe" ["Sun Microsystems, Inc."]
"iTunesHelper" = ""C:\Program Files\iTunes\iTunesHelper.exe"" ["Apple Computer, Inc."]
"Lexmark X1100 Series" = ""C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"" ["Lexmark International, Inc."]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx\ {++}
"Flag" = 2

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{206E52E0-D52E-11D4-AD54-0000E86C26F6}\(Default) = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll" ["FreshDevices Corp."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"
-> {CLSID}\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{30D02401-6A81-11d0-8274-00C04FD5AE38}" = "IE Search Band"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{07798131-AF23-11d1-9111-00A0C98BA67D}" = "Web Search"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}" = "Shell DocObject Viewer"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}" = "InternetShortcut"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}" = "Microsoft Url History Service"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{FF393560-C2A7-11CF-BFF4-444553540000}" = "History"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}" = "Temporary Internet Files"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}" = "Temporary Internet Files"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}" = "Microsoft Url Search Hook"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}" = "IE4 Suite Splash Screen"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}" = "CDF Extension Copy Hook"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}" = "The Internet"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{871C5380-42A0-1069-A2EA-08002B30309D}" = "Internet Name Space"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{0D6D4F41-2994-4ba0-8FEF-620E43CD2812}" = "IE Microsoft Internet Toolbar"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{E2A0A3BF-0968-42c1-A9CB-62248F296E87}" = "IE Download Status"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{73CFD649-CD48-4fd8-A272-2070EA56526B}" = "IE BandProxy"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{07C45BB1-4A8C-4642-A1F5-237E7215FF66}" = "IE Microsoft BrowserBand"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{43886CD5-6529-41c4-A707-7B3C92C05E68}" = "IE Navigation Bar"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{C4EC38BD-4E9E-4b5e-935A-D1BFF237D980}" = "Explorer Travel Band"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{6D8BB3D3-9D87-4a91-AB56-4F30CFFEFE9F}" = "Explorer Search Band"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E}" = "IE Registry Tree Options Utility"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{DE011590-0531-4804-9C9C-3FEDC7E6E5C8}" = "IE &Address"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{7E48925F-FF5C-47fa-A99A-F5912A10623B}" = "IE Address EditBox"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{3028902F-6374-48b2-8DC6-9725E775B926}" = "IE AutoComplete"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8}" = "IE MRU AutoComplete List"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{FDE7673D-2E19-4145-8376-BBD58C4BC7BA}" = "IE Custom MRU AutoCompleted List"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{6038EF75-ABFC-4e59-AB6F-12D397F6568D}" = "IE Microsoft History AutoComplete List"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{9D958C62-3954-4b44-8FAB-C4670C1DB4C2}" = "IE Microsoft Shell Folder AutoComplete List"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{B31C5FAE-961F-415b-BAF0-E697A5178B94}" = "IE Microsoft Multiple AutoComplete List Container"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{E6EE9AAC-F76B-4947-8260-A9F136138E11}" = "IE Shell Band Site Menu"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{7EDC7DE1-DD42-457a-8B36-B422F8E94E14}" = "IE Shell DeskBar"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A}" = "IE Shell Rebar BandSite"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75}" = "IE User Assist"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{F0353E1D-FEEC-474e-A984-1E5C6865E380}" = "IE Global Folder Settings"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{4B78D326-D922-44f9-AF2A-07805C2A3560}" = "IE Menu Band"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{6CF48EF8-44CD-45d2-8832-A16EA016311B}" = "IE IShellFolderBand"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{F2CF5485-4E02-4f68-819C-B92DE9277049}" = "&Links"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{DBC04CF4-BE36-4f53-9C48-2D3625CA7694}" = "IE Thumbnail Image"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{1C1EDB47-CE22-4bbb-B608-77B48F83C823}" = "IE Fade Task"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE}" = "IE Tracking Shell Menu"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{44C76ECD-F7FA-411c-9929-1B77BA77F524}" = "IE Menu Site"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{205D7A97-F16D-4691-86EF-F3075DCCA57D}" = "IE Menu Desk Bar"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{482A7CB3-2EDF-4595-A315-A5244F1E96E6}" = "IE Search Control"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{0B1818A2-EA07-4a55-AF57-1F410EBD21D3}" = "Favorites Band"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{BC476F4C-D9D7-4100-8D4E-E043F6DEC409}" = "Microsoft Browser Architecture"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{B22A2FFB-CD86-4b74-A19A-2377C04A737C}" = "Microsoft Browser History Service"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{83be3be3-1d98-48c0-b974-933f42b79e2f}" = "Download Manager"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL" [MS]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{32020A01-506E-484D-A2A8-BE3CF17601C3}" = "AlcoholShellEx"
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\ALCOHO~1\ALCOHO~1\AXShlEx.dll" ["Alcohol Soft Development Team"]
"{BDA77241-42F6-11d0-85E2-00AA001FE28C}" = "LDVP Shell Extensions"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll" ["Symantec Corporation"]
"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}" = "iTunes"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\iTunes\iTunesMiniPlayer.dll" ["Apple Computer, Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\
INFECTION WARNING! "{240E2B94-741E-4513-B66A-60EC26A9EF26}" = "IE Browseui preloader"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]
INFECTION WARNING! "{553858A7-4922-4e7e-B1C1-97140C1C16EF}" = "IE Component Categories cache daemon"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]
INFECTION WARNING! NavLogon\DLLName = "C:\WINDOWS\system32\NavLogon.dll" ["Symantec Corporation"]

HKLM\Software\Classes\PROTOCOLS\Filter\
INFECTION WARNING! text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
LDVPMenu\(Default) = "{BDA77241-42F6-11d0-85E2-00AA001FE28C}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll" ["Symantec Corporation"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
LDVPMenu\(Default) = "{BDA77241-42F6-11d0-85E2-00AA001FE28C}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll" ["Symantec Corporation"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]


Active Desktop and Wallpaper:
-----------------------------

Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\Mat\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 15
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{F2CF5485-4E02-4F68-819C-B92DE9277049}" = "&Links" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\system32\ieframe.dll" [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll" ["Sun Microsystems, Inc."]

{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
"ButtonText" = "Research"

{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]


Miscellaneous IE Hijack Points
------------------------------

C:\WINDOWS\INF\IERESET.INF (used to "Reset Web Settings")

Added lines (compared with English-language version):
[Strings]: START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
[Strings]: MS_START_PAGE_URL="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"

Missing lines (compared with English-language version):
[Strings]: 2 lines

HKLM\Software\Microsoft\Internet Explorer\AboutURLs\
HIJACK WARNING! "NavigationFailure" = "res://ieframe.dll/navcancl.htm" [MS]
HIJACK WARNING! "DesktopItemNavigationFailure" = "res://ieframe.dll/navcancl.htm" [MS]
HIJACK WARNING! "NavigationCanceled" = "res://ieframe.dll/navcancl.htm" [MS]
HIJACK WARNING! "OfflineInformation" = "res://ieframe.dll/offcancl.htm" [MS]
HIJACK WARNING! "NoAdd-ons" = "res://ieframe.dll/noaddon.htm" [MS]
HIJACK WARNING! "NoAdd-onsInfo" = "res://ieframe.dll/noaddoninfo.htm" [MS]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."]
iPodService, iPodService, "C:\Program Files\iPod\bin\iPodService.exe" ["Apple Computer, Inc."]
LexBce Server, LexBceS, "C:\WINDOWS\system32\LEXBCES.EXE" ["Lexmark International, Inc."]
Machine Debug Manager, MDM, ""C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"" [MS]
Symantec AntiVirus, Symantec AntiVirus, ""C:\Program Files\Symantec AntiVirus\Rtvscan.exe"" ["Symantec Corporation"]
Symantec AntiVirus Definition Watcher, DefWatch, ""C:\Program Files\Symantec AntiVirus\DefWatch.exe"" ["Symantec Corporation"]
Symantec Event Manager, ccEvtMgr, ""C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"" ["Symantec Corporation"]
Symantec Settings Manager, ccSetMgr, ""C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"" ["Symantec Corporation"]


----------
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points and all Registry CLSIDs for dormant Explorer Bars,
use the -supp parameter or answer "No" at the first message box.
---------- (total run time: 33 seconds, including 12 seconds for message boxes)

if it was my guess it would be the printer but i dont part to get rid of.. and yeah i sort of need the printer and i have had this printer for 2 years now

Thanks
See less See more
Save
Like
MicroBell
Well..I think I would ask your question in the Internet Explorer forum as this issue isn't spyware related but something amiss with IE7. I would also open msconfig and start turning off programs to see whats causing the issue. Make sure your firewall is allowing IE7 to connect.

If you think it's the printer...then remove it and see. You need to narrow down which program is the problem...then work from there.
Save
Like
M
I'm having the same problem & it does look like in IE7 issue.
I recently upgraded my MB & CPU, as such I had to format c:, on reloading I went & installed critical apps that I use on a daily basis & also installed the new IE7 beta (which was working fine prior to the reformat).
IE7 worked fine with just a few apps installed so I went ahead & installed approx. 20 apps.
After doing this IE7 wouldn't attempt to connect to the internet, I checked this through my firewall & although the IE main window appeared, no connecting or page cannot be displayed messages were appearing. If I clicked stop then I would get the usual page cannot be displayed.
I thought that by uninstalling IE7 then I would be able to work on IE6 as it would revert back all files & restore the default settings, alas this was not the case.
I have tried a few things like running the sfc /scannow command & also downloaded IEfix utility, I also thought it might be a winsock issue as it's not getting as far as even attempting to connect to the page, alas this was not the issue.
Everything else works fine connecting to the internet so it's not a major problem as I can use firefox but I don't like having issues I can't resolve so I will keep scouring the forums trying to find a solution.
One question I would like to know the answer to if anybody can help would be which DLL file does internet explorer use to connect to the internet? I thought it might be wininet.dll but that seems to be more generic to the OS than exclusively used by internet explorer.
I have exhausted most possibilities & I have done quite a few so any standard replies like have you tried to re register the dll files or have you disabled addons etc, spyware etc.. the answer would be yes I have done, this issue can't be resolved by doing a repair on xp as I have also attempted this.
Thanks in advance.
See less See more
Save
Like
1 - 7 of 7 Posts
Status
Not open for further replies.
Tech Support Forum
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Windows XP Support Windows 7 , Windows Vista Support Motherboards, Bios|UEFI & CPU Networking Support Laptop Support

Top Contributors this Month

View All
spunk.funk
SpywareDr
Gary R
Recommended Communities
Community avatar for SkyscraperCity
SkyscraperCity
1M+ members
Community avatar for AVS Forum
AVS Forum
1M+ members
Community avatar for Climbing
Climbing
NEW!
30+ members
Top