Having Problems Again!!!

**Pumpa** · 11-27-2007, 02:54 PM

Name: Schedule
Display Name: Task Scheduler
Description: Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: seclogon
Display Name: Secondary Logon
Description: Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: SENS
Display Name: System Event Notification
Description: Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: SharedAccess
Display Name: Windows Firewall/Internet Connection Sharing (ICS)
Description: Provides network address translation, addressing, name resolution and/or intrusion prevention services for a home or small office network.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: ShellHWDetection
Display Name: Shell Hardware Detection
Description: Provides notifications for AutoPlay hardware events.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: SNDSrvc
Display Name: Symantec Network Drivers Service
Description: Symantec Network Drivers Service
Path Name: "H:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"
Start Mode: Auto
State: Running

Name: SPBBCSvc
Display Name: Symantec SPBBCSvc
Description: Symantec SPBBC
Path Name: "H:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe"
Start Mode: Manual
State: Stopped

Name: Spooler
Display Name: Print Spooler
Description: Loads files to memory for later printing.
Path Name: H:\WINDOWS\system32\spoolsv.exe
Start Mode: Auto
State: Running

Name: srservice
Display Name: System Restore Service
Description: Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Stopped

Name: SSDPSRV
Display Name: SSDP Discovery Service
Description: Enables discovery of UPnP devices on your home network.
Path Name: H:\WINDOWS\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Running

Name: stisvc
Display Name: Windows Image Acquisition (WIA)
Description: Provides image acquisition services for scanners and cameras.
Path Name: H:\WINDOWS\system32\svchost.exe -k imgsvc
Start Mode: Auto
State: Running

Name: SwPrv
Display Name: MS Software Shadow Copy Provider
Description: Manages software-based volume shadow copies taken by the Volume Shadow Copy service. If this service is stopped, software-based volume shadow copies cannot be managed. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\dllhost.exe /Processid:{AD984AA9-A233-48CF-B24B-9BAB0259E029}
Start Mode: Manual
State: Stopped

Name: Symantec AntiVirus
Display Name: Symantec AntiVirus
Description: Provides real-time virus scanning, reporting, and management functionality for Symantec AntiVirus.
Path Name: "H:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe"
Start Mode: Auto
State: Running

Name: SymSecurePort
Display Name: Symantec SecurePort
Description: Symantec SecurePort Service
Path Name: "H:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe"
Start Mode: Auto
State: Running

Name: SysmonLog
Display Name: Performance Logs and Alerts
Description: Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If this service is stopped, performance information will not be collected. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\smlogsvc.exe
Start Mode: Manual
State: Stopped

Name: TapiSrv
Display Name: Telephony
Description: Provides Telephony API (TAPI) support for programs that control telephony devices and IP based voice connections on the local computer and, through the LAN, on servers that are also running the service.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Manual
State: Running

Name: TermService
Display Name: Terminal Services
Description: Allows multiple users to be connected interactively to a machine as well as the display of desktops and applications to remote computers. The underpinning of Remote Desktop (including RD for Administrators), Fast User Switching, Remote Assistance, and Terminal Server.
Path Name: H:\WINDOWS\System32\svchost -k DComLaunch
Start Mode: Manual
State: Running

Name: Themes
Display Name: Themes
Description: Provides user experience theme management.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: TlntSvr
Display Name: Telnet
Description: Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients, including UNIX-based and Windows-based computers. If this service is stopped, remote user access to programs might be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\tlntsvr.exe
Start Mode: Disabled
State: Stopped

Name: TrkWks
Display Name: Distributed Link Tracking Client
Description: Maintains links between NTFS files within a computer or across computers in a network domain.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: UMWdf
Display Name: Windows User Mode Driver Framework
Description: Enables Windows user mode drivers.
Path Name: H:\WINDOWS\system32\wdfmgr.exe
Start Mode: Manual
State: Stopped

Name: upnphost
Display Name: Universal Plug and Play Device Host
Description: Provides support to host Universal Plug and Play devices.
Path Name: H:\WINDOWS\system32\svchost.exe -k LocalService
Start Mode: Manual
State: Stopped

Name: UPS
Display Name: Uninterruptible Power Supply
Description: Manages an uninterruptible power supply (UPS) connected to the computer.
Path Name: H:\WINDOWS\System32\ups.exe
Start Mode: Manual
State: Stopped

Name: usnjsvc
Display Name: Messenger Sharing Folders USN Journal Reader service
Description: Service installed by Messenger to enable sharing scenarios
Path Name: "H:\Program Files\MSN Messenger\usnsvc.exe"
Start Mode: Manual
State: Stopped

Name: VSS
Display Name: Volume Shadow Copy
Description: Manages and implements Volume Shadow Copies used for backup and other purposes. If this service is stopped, shadow copies will be unavailable for backup and the backup may fail. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\System32\vssvc.exe
Start Mode: Manual
State: Stopped

Name: W32Time
Display Name: Windows Time
Description: Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.

Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: WebClient
Display Name: WebClient
Description: Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k LocalService
Start Mode: Auto
State: Running

Name: winmgmt
Display Name: Windows Management Instrumentation
Description: Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: WMConnectCDS
Display Name: Windows Media Connect Service
Description: Shares media with media devices using Universal Plug and Play
Path Name: H:\Program Files\Windows Media Connect 2\wmccds.exe
Start Mode: Manual
State: Stopped

Name: WmdmPmSN
Display Name: Portable Media Serial Number Service
Description: Retrieves the serial number of any portable media player connected to this computer. If this service is stopped, protected content might not be down loaded to the device.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: Wmi
Display Name: Windows Management Instrumentation Driver Extensions
Description: Provides systems management information to and from drivers.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: WmiApSrv
Display Name: WMI Performance Adapter
Description: Provides performance library information from WMI HiPerf providers.
Path Name: H:\WINDOWS\system32\wbem\wmiapsrv.exe
Start Mode: Manual
State: Stopped

Name: wscsvc
Display Name: Security Center
Description: Monitors system security settings and configurations.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: wuauserv
Display Name: Automatic Updates
Description: Enables the download and installation of Windows updates. If this service is disabled, this computer will not be able to use the Automatic Updates feature or the Windows Update Web site.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: WZCSVC
Display Name: Wireless Zero Configuration
Description: Provides automatic configuration for the 802.11 adapters
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: xmlprov
Display Name: Network Provisioning Service
Description: Manages XML configuration files on a domain basis for automatic network provisioning.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

**Pumpa** · 11-27-2007, 02:55 PM

------------------------------------------------------------------------------------

Displaying LOG for Microsoft Windows Malicious Software Removal Tool:
*** Microsoft Windows MRT Log NOT Found! ****
----------------------------------------------------------------------------
Listing HKCU Explorer\Advanced//Hidden and SuperHidden Registry Keys
if Hidden = 0 then Hidden Files and Folders are not shown
if SuperHidden = 1 is the desired default value.
if ShowSuperHidden = 0 then System Files are not shown
if HideFileExt = 1 then File Extension are not shown
We want their values to be (from top to bottom) 1,1,1,0
----------------------------------------------------------------------------

HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\explorer\advanced
Hidden REG_DWORD 1 (0x1)
SuperHidden REG_DWORD 1 (0x1)
ShowSuperHidden REG_DWORD 1 (0x1)
HideFileExt REG_DWORD 0 (0x0)

************************************************** **********************************

Examining Select Windows Registry Keys
------------------------------------------------------------------------------------

--------------------------------------------------------------------------
Items Found in ZoneMap\Domains:
--------------------------------------------------------------------------

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\internet settings\zonemap\domains
<NO NAME> REG_SZ

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\internet settings\zonemap\domains\msn.com

----------------------------------------------------------------------------
Current User ZoneMap ProtocolDefaults
----------------------------------------------------------------------------

HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\internet settings\zonemap\protocoldefaults
<NO NAME> REG_SZ
http REG_DWORD 3 (0x3)
https REG_DWORD 3 (0x3)
ftp REG_DWORD 3 (0x3)
file REG_DWORD 3 (0x3)
@ivt REG_DWORD 1 (0x1)
shell REG_DWORD 0 (0x0)

----------------------------------------------------------------------------
Default URL Prefix Keys
----------------------------------------------------------------------------

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\url

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\url\DefaultPrefix
<NO NAME> REG_SZ http://

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\url\Prefixes
ftp REG_SZ ftp://
gopher REG_SZ gopher://
home REG_SZ http://
mosaic REG_SZ http://
www REG_SZ http://

--------------------------------------------------------------------------
Startup Items Disabled via MSCONFIG:
--------------------------------------------------------------------------

--------------------------------------------------------------------------
Select AutoRun Registry Keys:
--------------------------------------------------------------------------

HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\run
ctfmon.exe REG_SZ H:\WINDOWS\system32\ctfmon.exe
AnyDVD REG_SZ H:\Program Files\SlySoft\AnyDVD\AnyDVD.exe

HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\runonce

HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\runservices

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run
High Definition Audio Property Page Shortcut REG_SZ HDAShCut.exe
SoundMan REG_SZ SOUNDMAN.EXE
AlcWzrd REG_SZ ALCWZRD.EXE
ccApp REG_SZ "H:\Program Files\Common Files\Symantec Shared\ccApp.exe"
vptray REG_SZ H:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
NeroFilterCheck REG_SZ H:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
NvCplDaemon REG_SZ RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
NvMediaCenter REG_SZ RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
QuickTime Task REG_SZ "H:\Program Files\QuickTime\qttask.exe" -atboottime
OfficeKB REG_SZ H:\PROGRA~1\OfficeKB\OfficeKB.EXE
Easy-PrintToolBox REG_SZ H:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
SunJavaUpdateSched REG_SZ "H:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
THGuard REG_SZ "H:\Program Files\TrojanHunter 5.0\THGuard.exe"
000000af REG_SZ rundll32.exe "H:\WINDOWS\system32\bbatbpwm.dll",b

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run\OptionalComponents

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\runonce

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\runonceex

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\runservices

HKEY_USERS\.default\software\microsoft\windows\cur rentversion\run

HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run

HKEY_USERS\s-1-5-19\software\microsoft\windows\currentversion\run

HKEY_USERS\s-1-5-20\software\microsoft\windows\currentversion\run

--------------------------------------------------------------------------
WinLogon Notify Registry Key:
--------------------------------------------------------------------------

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\crypt32chain
Asynchronous REG_DWORD 0 (0x0)
Impersonate REG_DWORD 0 (0x0)
DllName REG_EXPAND_SZ crypt32.dll
Logoff REG_SZ ChainWlxLogoffEvent

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cryptnet
Asynchronous REG_DWORD 0 (0x0)
Impersonate REG_DWORD 0 (0x0)
DllName REG_EXPAND_SZ cryptnet.dll
Logoff REG_SZ CryptnetWlxLogoffEvent

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\cscdll
DLLName REG_SZ cscdll.dll
Logon REG_SZ WinlogonLogonEvent
Logoff REG_SZ WinlogonLogoffEvent
ScreenSaver REG_SZ WinlogonScreenSaverEvent
Startup REG_SZ WinlogonStartupEvent
Shutdown REG_SZ WinlogonShutdownEvent
StartShell REG_SZ WinlogonStartShellEvent
Impersonate REG_DWORD 0 (0x0)
Asynchronous REG_DWORD 1 (0x1)

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\igfxcui
<NO NAME> REG_SZ
DLLName REG_SZ igfxdev.dll
Asynchronous REG_DWORD 1 (0x1)
Impersonate REG_DWORD 1 (0x1)
Unlock REG_SZ WinlogonUnlockEvent

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\NavLogon
Logoff REG_SZ NavLogoffEvent
DllName REG_SZ H:\WINDOWS\system32\NavLogon.dll
StartShell REG_SZ NavStartShellEvent
LoginDomain REG_SZ DT-32F7CC931ADE

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ScCertProp
DLLName REG_SZ wlnotify.dll
Logon REG_SZ SCardStartCertProp
Logoff REG_SZ SCardStopCertProp
Lock REG_SZ SCardSuspendCertProp
Unlock REG_SZ SCardResumeCertProp
Enabled REG_DWORD 1 (0x1)
Impersonate REG_DWORD 1 (0x1)
Asynchronous REG_DWORD 1 (0x1)

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Schedule
Asynchronous REG_DWORD 0 (0x0)
DllName REG_EXPAND_SZ wlnotify.dll
Impersonate REG_DWORD 0 (0x0)
StartShell REG_SZ SchedStartShell
Logoff REG_SZ SchedEventLogOff

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sclgntfy
Logoff REG_SZ WLEventLogoff
Impersonate REG_DWORD 0 (0x0)
Asynchronous REG_DWORD 1 (0x1)
DllName REG_EXPAND_SZ sclgntfy.dll

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\SensLogn
DLLName REG_SZ WlNotify.dll
Lock REG_SZ SensLockEvent
Logon REG_SZ SensLogonEvent
Logoff REG_SZ SensLogoffEvent
Safe REG_DWORD 1 (0x1)
MaxWait REG_DWORD 600 (0x258)
StartScreenSaver REG_SZ SensStartScreenSaverEvent
StopScreenSaver REG_SZ SensStopScreenSaverEvent
Startup REG_SZ SensStartupEvent
Shutdown REG_SZ SensShutdownEvent
StartShell REG_SZ SensStartShellEvent
PostShell REG_SZ SensPostShellEvent
Disconnect REG_SZ SensDisconnectEvent
Reconnect REG_SZ SensReconnectEvent
Unlock REG_SZ SensUnlockEvent
Impersonate REG_DWORD 1 (0x1)
Asynchronous REG_DWORD 1 (0x1)

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\termsrv
Asynchronous REG_DWORD 0 (0x0)
DllName REG_EXPAND_SZ wlnotify.dll
Impersonate REG_DWORD 0 (0x0)
Logoff REG_SZ TSEventLogoff
Logon REG_SZ TSEventLogon
PostShell REG_SZ TSEventPostShell
Shutdown REG_SZ TSEventShutdown
StartShell REG_SZ TSEventStartShell
Startup REG_SZ TSEventStartup
MaxWait REG_DWORD 600 (0x258)
Reconnect REG_SZ TSEventReconnect
Disconnect REG_SZ TSEventDisconnect

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon
Asynchronous REG_DWORD 0 (0x0)
Disconnect REG_SZ WLEventDisconnect
DllName REG_EXPAND_SZ WgaLogon.dll
Event REG_DWORD 1 (0x1)
Impersonate REG_DWORD 1 (0x1)
Lock REG_SZ WLEventLock
Logoff REG_SZ WLEventLogoff
Logon REG_SZ WLEventLogon
MaxWait REG_DWORD -1 (0xffffffff)
PostShell REG_SZ WLEventPostShell
Reconnect REG_SZ WLEventReconnect
SafeMode REG_DWORD 1 (0x1)
Shutdown REG_SZ WLEventShutdown
StartScreenSaver REG_SZ WLEventStartScreenSaver
StartShell REG_SZ WLEventStartShell
Startup REG_SZ WLEventStartup
StopScreenSaver REG_SZ WLEventStopScreenSaver
Unlock REG_SZ WLEventUnlock
InstallNotifyShown REG_DWORD 1 (0x1)

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WgaLogon\Setting s
Data REG_BINARY 01000000d08c9ddf0115d1118c7a00c04fc297eb0100000030 8f29276ba1ec4885e936a0775e922504000000040000005300 000003660000a800000010000000160f3d03a57f72f8d0b54a 57dc824ca00000000004800000a00000001000000017f5af32 5926cdaa65b61d35b48c942c18020000fd2df09ade7c3e3832 3a403c09329a2a4609061d1fc618b43b5306b00d1c9a6359fd ffded999c9f6a42cd1e5b20a0e00425e2272a0c1135edc1d1e d0bf0138d72a5ba7143916a73b73c88da73117f996cdd08c83 f59ea9ea803757550c68398f0aa22700eb4c4e9d96ea525052 5ebe4a5255536c1c29f339ebdb7b00c1b613d15f855cd3f122 8575a3a873b8924226fbf54935e1c1a1a419b5e9934fa517b3 ea8ac6196aaaa02482c35006a5639cb2e9b771f3621b2fc90e a42b328feca5e0e1bfd857038a110bb6f95d698555b9be8c04 47d2573ae09bcaf161b0d66ef4da938529cadd5cb98802bfe5 97b241b895b332e4a6cfcb892a465238ced4e873e5106ca59b 0fe31977b407a9ac7d439110db2eb680e734f0f31e151f7206 cf1b03a74cb8e0a982758e1ef6d1ee77eda4968487fa457d92 2b1925318cca0fe98cd2ee51bea6518a56ab7af7c580ead2dd 5c8dcf4218fbf39bf6802d990fd0bda86235c073392daddd1f 7a8b357c0f992d278cbcf33fc80b69a523a3203418ccf06464 3ebc965fb41ffd213239ddb895ee9b412b649ed3a2d3f09d0f 19bc7046420f9119a02d5a6288332568fbe4dff4228f9587be 4cb1079d474cc52cc97ec6fd321abf207721f333f5729fd954 806dcefe0631192b16d91bc1aaa33ce843f5f8f51ef6d1dbb0 c83393409ceefd79ff78b8b559804b322e482a91a5f23046e5 17c93680a4274d8887e78b66b97a86b27688ae48f297a0b0bd 35c41400000079820b823f5604aec7f578cb84f5021915c893 7b

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wlballoon
DLLName REG_SZ wlnotify.dll
Logon REG_SZ RegisterTicketExpiredNotificationEvent
Logoff REG_SZ UnregisterTicketExpiredNotificationEvent
Impersonate REG_DWORD 1 (0x1)
Asynchronous REG_DWORD 1 (0x1)

--------------------------------------------------------------------------
Shared Task Scheduler Registry Items:
--------------------------------------------------------------------------

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\sharedtaskscheduler
{438755C2-A8BA-11D1-B96B-00A0C90312E1} REG_SZ Browseui preloader
{8C7461EF-2B13-11d2-BE35-3078302C2030} REG_SZ Component Categories cache daemon

--------------------------------------------------------------------------
Scheduled Tasks:
--------------------------------------------------------------------------

Volume in drive H has no label.
Volume Serial Number is 9CA1-B56F

Directory of H:\WINDOWS\tasks

01/05/2007 10:02 PM <DIR> .
01/05/2007 10:02 PM <DIR> ..
27/11/2007 10:35 AM 256 Check Updates for Windows Live Toolbar.job
23/08/2001 10:30 PM 65 desktop.ini
27/11/2007 06:16 PM 6 SA.DAT
23/07/2006 08:38 AM 366 Symantec NetDetect.job
4 File(s) 693 bytes

Total Files Listed:
4 File(s) 693 bytes
2 Dir(s) 139,141,967,872 bytes free
A H:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
HR H:\WINDOWS\tasks\desktop.ini
A H H:\WINDOWS\tasks\SA.DAT
A H:\WINDOWS\tasks\Symantec NetDetect.job

----------------------------------------------------------------------------
ShellExecuteHooks Registry Keys
----------------------------------------------------------------------------

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shellexecutehooks
{AEB6717E-7E19-11d0-97EE-00C04FD91972} REG_SZ
{57B86673-276A-48B2-BAE7-C6DBB3020EB8} REG_SZ AVG Anti-Spyware 7.5
{60E2746A-9C2E-45A2-85CE-7E1A8A890961} REG_SZ

----------------------------------------------------------------------------
ShellServiceObjectDelayLoad Registry Keys
----------------------------------------------------------------------------

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\shellserviceobjectdelayload
PostBootReminder REG_SZ {7849596a-48ea-486e-8937-a2a3009f31a9}
CDBurn REG_SZ {fbeb8a05-beee-4442-804e-409d6c4515e9}
WebCheck REG_SZ {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
SysTray REG_SZ {35CEC8A3-2BE6-11D2-8773-92E220524153}

----------------------------------------------------------------------------
ModuleUsage Registry Keys:
----------------------------------------------------------------------------

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\moduleusage

----------------------------------------------------------------------------
BHO Registry Keys:
----------------------------------------------------------------------------

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\browser helper objects

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\browser helper objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\browser helper objects\{53707962-6F74-2D53-2644-206D7942484F}

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\browser helper objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}
<NO NAME> REG_SZ Canon Easy Web Print Helper

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\browser helper objects\{7449713A-4B98-4047-A24D-9DB184991C05}

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\browser helper objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
NoExplorer REG_DWORD 1 (0x1)

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\browser helper objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\browser helper objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
<NO NAME> REG_SZ

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\browser helper objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}\NoExplorer
<NO NAME> REG_DWORD 1 (0x1)

--------------------------------------------------------------------------
Select Policy Keys:
--------------------------------------------------------------------------

HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer
NoDriveTypeAutoRun REG_DWORD 145 (0x91)

HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer\Run

HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer\run

HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system
DisableRegistryTools REG_DWORD 0 (0x0)

HKEY_CURRENT_USER\software\policies\microsoft\inte rnet explorer
Windows Update Menu Text REG_SZ Microsoft Update

HKEY_CURRENT_USER\software\policies\microsoft\inte rnet explorer\Control Panel

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer
NoDriveAutoRun REG_DWORD 67108863 (0x3ffffff)
NoDriveTypeAutoRun REG_DWORD 255 (0xff)

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer\Run

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer\run

HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system
dontdisplaylastusername REG_DWORD 0 (0x0)
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
shutdownwithoutlogon REG_DWORD 1 (0x1)
undockwithoutlogon REG_DWORD 1 (0x1)

HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies\explorer
NoDriveTypeAutoRun REG_DWORD 145 (0x91)

HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies

HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies\Explorer

HKEY_USERS\.default\software\microsoft\windows\cur rentversion\policies\system

HKEY_USERS\.default\software\policies\microsoft\in ternet explorer
Windows Update Menu Text REG_SZ Microsoft Update

HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\polic ies\explorer
NoDriveTypeAutoRun REG_DWORD 145 (0x91)

HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\polic ies\system

HKEY_USERS\s-1-5-18\software\policies\microsoft\internet explorer
Windows Update Menu Text REG_SZ Microsoft Update

HKEY_USERS\s-1-5-19\software\policies\microsoft\internet explorer
Windows Update Menu Text REG_SZ Microsoft Update

HKEY_USERS\s-1-5-19\software\policies\microsoft\internet explorer
Windows Update Menu Text REG_SZ Microsoft Update

**Pumpa** · 11-27-2007, 02:59 PM

************************************************** **********************************

Checking File System for suspicious Files

--------------------------------------------------------------------------
Items in the Root Directory:
--------------------------------------------------------------------------

Locating all files created in H:\

H:\
!KILLBOX Sat 24 Nov 2007 22:57:18 .D... <Dir>
587FBB~1 Sat 18 Nov 2006 19:35:56 .D... <Dir>
A4D986~1 Sat 18 Nov 2006 19:35:48 .D... <Dir>
BJPRIN~1 Mon 18 Sep 2006 10:25:30 .D.H. <Dir>
boot.ini Sun 23 Jul 2006 3:43:46 ..SH. 210 0.20 K
CLONED~1 Mon 31 Jul 2006 14:32:58 .D... <Dir>
DECKARD Tue 20 Nov 2007 6:53:54 .D... <Dir>
DOCUME~1 Sun 23 Jul 2006 3:44:42 .D... <Dir>
ETAX2006 Tue 8 Aug 2006 17:19:34 .D... <Dir>
ETAX2007 Thu 23 Aug 2007 18:12:54 .D... <Dir>
hiberfil.sys Tue 27 Nov 2007 18:15:54 A.SH. 1,609,945,088 1535.36 M
ISEEYO~1 Tue 27 Nov 2007 10:32:24 .D... <Dir>
MSOCACHE Sun 23 Jul 2006 8:44:12 .D.HR <Dir>
ntdetect.com Wed 4 Aug 2004 7:08:34 A.SHR 47,564 46.45 K
ntldr Wed 4 Aug 2004 7:29:34 A.SHR 250,032 244.17 K
pagefile.sys Tue 27 Nov 2007 18:15:54 A.SH. 792,723,456 756.00 M
PROGRA~1 Sun 23 Jul 2006 3:46:26 .D..R <Dir>
RECYCLER Mon 26 Nov 2007 10:14:16 .DSH. <Dir>
S400 Mon 18 Sep 2006 10:20:12 .D... <Dir>
sq13b0~1.sqm Sat 2 Jun 2007 11:48:24 A..H. 244 0.24 K
sq13b4~1.sqm Sat 2 Jun 2007 12:11:08 A..H. 244 0.24 K
sq13b8~1.sqm Mon 20 Aug 2007 8:41:44 A..H. 244 0.24 K
sq13bc~1.sqm Mon 20 Aug 2007 8:42:16 A..H. 244 0.24 K
sq23b0~1.sqm Sat 2 Jun 2007 12:11:30 A..H. 244 0.24 K
sq23b4~1.sqm Sat 16 Jun 2007 17:01:10 A..H. 244 0.24 K
sq23b8~1.sqm Sat 2 Jun 2007 12:11:12 A..H. 244 0.24 K
sq23bc~1.sqm Sat 2 Jun 2007 12:11:28 A..H. 244 0.24 K
sq2fa0~1.sqm Thu 19 Jul 2007 21:32:14 A..H. 244 0.24 K
sq2fa4~1.sqm Thu 19 Jul 2007 21:32:38 A..H. 244 0.24 K
sq2fa8~1.sqm Mon 16 Jul 2007 21:42:16 A..H. 244 0.24 K
sq2fac~1.sqm Tue 17 Jul 2007 20:56:24 A..H. 244 0.24 K
sq33b8~1.sqm Sat 16 Jun 2007 17:01:12 A..H. 244 0.24 K
sq33bc~1.sqm Sat 16 Jun 2007 17:01:20 A..H. 244 0.24 K
sq3fa8~1.sqm Fri 20 Jul 2007 18:00:00 A..H. 244 0.24 K
sq3fac~1.sqm Fri 20 Jul 2007 19:34:40 A..H. 244 0.24 K
sqa368~1.sqm Mon 20 Aug 2007 8:41:46 A..H. 232 0.23 K
sqa378~1.sqm Sat 2 Jun 2007 12:11:12 A..H. 232 0.23 K
sqa37a~1.sqm Mon 16 Jul 2007 21:42:16 A..H. 232 0.23 K
sqa388~1.sqm Sat 16 Jun 2007 17:01:12 A..H. 232 0.23 K
sqa38a~1.sqm Fri 20 Jul 2007 18:00:00 A..H. 232 0.23 K
sqa768~1.sqm Mon 20 Aug 2007 8:42:16 A..H. 232 0.23 K
sqa778~1.sqm Sat 2 Jun 2007 12:11:28 A..H. 232 0.23 K
sqa77a~1.sqm Tue 17 Jul 2007 20:56:24 A..H. 232 0.23 K
sqa788~1.sqm Sat 16 Jun 2007 17:01:20 A..H. 232 0.23 K
sqa78a~1.sqm Fri 20 Jul 2007 19:34:40 A..H. 232 0.23 K
sqab68~1.sqm Sat 2 Jun 2007 11:48:24 A..H. 232 0.23 K
sqab78~1.sqm Sat 2 Jun 2007 12:11:30 A..H. 232 0.23 K
sqab7a~1.sqm Thu 19 Jul 2007 21:32:14 A..H. 232 0.23 K
sqaf68~1.sqm Sat 2 Jun 2007 12:11:08 A..H. 232 0.23 K
sqaf78~1.sqm Sat 16 Jun 2007 17:01:10 A..H. 232 0.23 K
sqaf7a~1.sqm Thu 19 Jul 2007 21:32:38 A..H. 232 0.23 K
sqmdat~1.sqm Sun 1 Jul 2007 22:50:22 A..H. 232 0.23 K
sqmdat~2.sqm Mon 2 Jul 2007 21:00:22 A..H. 268 0.26 K
sqmdat~3.sqm Mon 2 Jul 2007 21:00:22 A..H. 136 0.13 K
sqmdat~4.sqm Mon 2 Jul 2007 21:00:22 A..H. 160 0.16 K
sqmnoo~1.sqm Sun 1 Jul 2007 22:50:22 A..H. 244 0.24 K
sqmnoo~2.sqm Mon 2 Jul 2007 21:00:22 A..H. 244 0.24 K
sqmnoo~3.sqm Mon 2 Jul 2007 21:00:22 A..H. 244 0.24 K
sqmnoo~4.sqm Mon 2 Jul 2007 21:00:22 A..H. 172 0.17 K
STUDIO~1 Sun 7 Oct 2007 21:35:30 .D... <Dir>
SYSTEM~1 Sun 23 Jul 2006 3:44:42 .DSH. <Dir>
VIDEO Sun 23 Jul 2006 8:21:18 .D... <Dir>
WINDOWS Sun 23 Jul 2006 3:39:52 .D... <Dir>

63 items found: 45 files (45 H/S), 18 directories (4 H/S).
Total of file sizes: 2,402,975,666 bytes 2.23 G

--------------------------------------------------------------------------
Locating all Backup files on H:
--------------------------------------------------------------------------

Locating all *.BAK* files

H:\ETAX2006\
damian~1.bak Tue 29 Aug 2006 19:21:12 A.... 3,168 3.09 K

H:\ETAX2007\
damian.bak Thu 23 Aug 2007 18:53:14 A.... 2,880 2.81 K
damian07.bak Fri 24 Aug 2007 14:14:20 A.... 3,008 2.94 K

H:\STUDIO~1\
slddin~1.bak Sun 28 Oct 2007 0:18:16 A.... 5,016 4.90 K

H:\PROGRA~1\STUDIO~1\
relaxi~1.bak Sun 28 Oct 2007 0:18:16 A.... 931 0.91 K

H:\PROGRA~1\COMMON~1\SYMANT~1\
firewall.bak Sat 5 May 2007 19:23:32 A.... 46,516 45.43 K
persist.bak Thu 22 Nov 2007 12:14:46 A.... 2,212 2.16 K

H:\PROGRA~1\ELABOR~1\CLONED~1\
cloned~1.bak Wed 13 Jul 2005 5:28:38 A.... 4,636,672 4.42 M
rgdrvl~1.bak Wed 13 Jul 2005 5:28:38 A.... 128,000 125.00 K

H:\PROGRA~1\SLYSOFT\ANYDVD\
anydvd~1.bak Mon 27 Nov 2006 4:29:38 A.... 498,176 486.50 K

H:\PROGRA~1\COMMON~1\SYMANT~1\IDS\
idssettg.bak Sat 24 Nov 2007 7:41:44 A.... 3,788 3.70 K

H:\DOCUME~1\ADMINI~1\APPLIC~1\MICROS~1\INTERN~1\
brndlog.bak Sat 22 Jul 2006 18:28:14 A.... 113 0.11 K

H:\DOCUME~1\ALLUSE~1\APPLIC~1\SYMANTEC\COMMON~1\
settings.bak Tue 27 Nov 2007 10:43:24 A.... 5,318,164 5.07 M

H:\DOCUME~1\DAMIAN\APPLIC~1\MICROS~1\INTERN~1\
brndlog.bak Sat 22 Jul 2006 18:28:34 A.... 141 0.14 K

H:\DOCUME~1\DEFAUL~1\APPLIC~1\MICROS~1\INTERN~1\
brndlog.bak Sat 22 Jul 2006 18:28:14 A.... 113 0.11 K

H:\WINDOWS\PCHEALTH\HELPCTR\CONFIG\CACHE\
profes~1.bak Tue 27 Nov 2007 9:56:36 A.... 268,934 262.63 K

H:\DOCUME~1\ALLUSE~1\APPLIC~1\MICROS~1\OFFICE\DATA \
opa11.bak Thu 17 Oct 2002 22:23:16 A.... 8,200 8.01 K

H:\DOCUME~1\DAMIAN\APPLIC~1\MOZILLA\FIREFOX\PROFIL ES\B1GKMR~1.DEF\
bookma~1.bak Tue 27 Nov 2007 18:19:58 A.... 41,475 40.50 K
bookma~2.bak Sat 24 Nov 2007 20:59:40 A.... 32,924 32.15 K

H:\WINDOWS\SYSTEM32\CONFIG\SYSTEM~1\APPLIC~1\MICRO S~1\INTERN~1\
brndlog.bak Sat 22 Jul 2006 18:28:14 A.... 113 0.11 K

20 items found: 20 files, 0 directories.
Total of file sizes: 11,000,544 bytes 10.49 M

--------------------------------------------------------------------------
Locating all copies of Internet Explorer on H:
--------------------------------------------------------------------------

Locating all copies of Internet Explorer

H:\PROGRA~1\INTERN~1\
iexplore.exe Wed 4 Aug 2004 9:26:52 A.... 93,184 91.00 K

H:\WINDOWS\SYSTEM32\DLLCACHE\
iexplore.exe Wed 4 Aug 2004 9:26:52 A.... 93,184 91.00 K

2 items found: 2 files, 0 directories.
Total of file sizes: 186,368 bytes 182.00 K

--------------------------------------------------------------------------
Locating all copies of Windows Explorer on H:
--------------------------------------------------------------------------

Locating all copies of Windows Explorer

H:\WINDOWS\
explorer.exe Wed 13 Jun 2007 21:56:04 A.... 1,033,216 1009.00 K

H:\WINDOWS\$N7CCA~1\
explorer.exe Thu 20 Jul 2006 6:45:58 ..... 1,032,192 1008.00 K

H:\WINDOWS\SYSTEM32\DLLCACHE\
explorer.exe Wed 13 Jun 2007 21:56:04 A.... 1,033,216 1009.00 K

3 items found: 3 files, 0 directories.
Total of file sizes: 3,098,624 bytes 2.95 M

--------------------------------------------------------------------------
Items in Document and Settings:
--------------------------------------------------------------------------

Listing contents of H:\Documents and Settings

No matches found.

--------------------------------------------------------------------------
Desktop Items:
--------------------------------------------------------------------------

Locating all files created in H:\Documents and Settings\Damian\Desktop within the last 90 days.

No matches found.

Locating all files created in H:\Documents and Settings\All Users\Desktop\ within the last 90 days.

No matches found.

--------------------------------------------------------------------------
Start Menu Items:
--------------------------------------------------------------------------

Locating all files created inH:\Documents and Settings\Damian\Start Menu within the last 90 days.

No matches found.

Locating all files created in H:\Documents and Settings\Damian\Start Menu\Programs\Startup within the last 90 days.

No matches found.

Locating all files created in H:\Documents and Settings\All Users\Start Menu within the last 90 days.

No matches found.

Locating all files created in H:\Documents and Settings\All Users\Start Menu\Programs\Startup\ within the last 90 days.

No matches found.

--------------------------------------------------------------------------
Application Data Items:
--------------------------------------------------------------------------

Locating all files created in H:\Documents and Settings\Damian\Application Data\ within the last 90 days.

No matches found.

Locating all files created in H:\Documents and Settings\Damian\Local Settings\Application Data\ within the last 90 days.

No matches found.

Locating all files created in H:\Documents and Settings\All Users\Application Data\ within the last 90 days.

No matches found.

--------------------------------------------------------------------------
H:\Documents and Settings\Damian\Local Settings\TEMP:
--------------------------------------------------------------------------

Locating all files created in H:\Documents and Settings\Damian\Local Settings\TEMP within the last 90 days.

--------------------------------------------------------------------------
Items in Templates Folder:
--------------------------------------------------------------------------

Locating all files created in H:\Documents and Settings\Damian\Templates

No matches found.

--------------------------------------------------------------------------
Items in Program Files:
--------------------------------------------------------------------------

Locating all files created in H:\Program Files\ within the last 90 days.

No matches found.

Locating all files created in H:\Program Files\Common Files\ within the last 90 days.

No matches found.

Locating all files created in H:\Program Files\Common Files\Microsoft Shared\Web Folders within the last 90 days.

--------------------------------------------------------------------------
Items in the Windows Directory:
--------------------------------------------------------------------------

Locating all files created in H:\WINDOWS\ within the last 90 days.

H:\WINDOWS\
$N28DE~1 Fri 31 Aug 2007 16:46:18 .D.H. <Dir>
$N30AC~1 Thu 11 Oct 2007 9:45:40 .D.H. <Dir>
$N38D4~1 Wed 14 Nov 2007 6:25:54 .D.H. <Dir>
$N48EA~1 Thu 11 Oct 2007 9:46:38 .D.H. <Dir>
$N88B6~1 Thu 11 Oct 2007 9:46:50 .D.H. <Dir>
0.log Tue 27 Nov 2007 18:16:56 A.... 0 0.00 K
alcfdrtm.ver Sat 24 Nov 2007 18:11:26 A.... 81,920 80.00 K
bootstat.dat Tue 27 Nov 2007 18:16:00 A.S.. 2,048 2.00 K
ERDNT Tue 20 Nov 2007 6:54:36 .D... <Dir>
FTPCACHE Sun 21 Oct 2007 0:54:50 .DSH. <Dir>
MINIDUMP Tue 16 Oct 2007 9:17:00 .D... <Dir>
nerodi~1.ini Fri 23 Nov 2007 8:58:02 A.... 116 0.11 K
nsreg.dat Fri 16 Nov 2007 12:23:48 A.... 0 0.00 K
relax.ini Sun 7 Oct 2007 21:35:44 A.... 52 0.05 K
s1650e~1.tmp Sun 14 Oct 2007 22:54:04 ..SH. 24 0.02 K
schedlgu.txt Tue 27 Nov 2007 10:43:24 A.... 14,712 14.37 K
sti_tr~1.log Sun 25 Nov 2007 8:11:58 A.... 0 0.00 K
SUN Thu 8 Nov 2007 19:56:26 .D... <Dir>
thumbs.db Fri 14 Sep 2007 17:49:04 A.SH. 7,680 7.50 K
wiadebug.log Tue 27 Nov 2007 18:16:52 A.... 159 0.15 K
wiaservc.log Tue 27 Nov 2007 18:16:38 A.... 50 0.05 K
window~1.log Tue 27 Nov 2007 18:21:40 A.... 203,781 199.00 K
wininit.ini Mon 19 Nov 2007 13:53:34 A.... 449 0.44 K

23 items found: 14 files (3 H/S), 9 directories (6 H/S).
Total of file sizes: 310,991 bytes 303.70 K

--------------------------------------------------------------------------
H:\WINDOWS\Downloaded Program Files:
--------------------------------------------------------------------------

Locating all files created in H:\WINDOWS\Downloaded Program Files\ within the last 90 days.

No matches found.

--------------------------------------------------------------------------
H:\WINDOWS\PCHealth\HelpCtr\Binaries:
--------------------------------------------------------------------------

Locating all files in H:\WINDOWS\PCHealth\HelpCtr\Binaries

H:\WINDOWS\PCHEALTH\HELPCTR\BINARIES\
brpinfo.dll Thu 23 Aug 2001 22:30:00 A.... 21,504 21.00 K
hcappres.dll Thu 23 Aug 2001 22:30:00 A.... 6,656 6.50 K
helpctr.exe Wed 4 Aug 2004 9:26:50 A.... 768,512 750.50 K
helphost.exe Thu 23 Aug 2001 22:30:00 A.... 99,840 97.50 K
helpsvc.exe Wed 4 Aug 2004 9:26:52 A.... 743,936 726.50 K
hscmui.cab Sat 17 Jul 2004 20:09:14 A.... 68,327 66.72 K
hscsp_w3.cab Sat 17 Jul 2004 20:09:16 A.... 305,145 297.99 K
hscupd.exe Wed 4 Aug 2004 9:26:52 A.... 18,944 18.50 K
msconfig.exe Thu 20 Jul 2006 6:46:18 A.... 169,984 166.00 K
msinfo.dll Wed 4 Aug 2004 9:26:44 A.... 376,320 367.50 K
notiflag.exe Thu 23 Aug 2001 22:30:00 A.... 35,328 34.50 K
pchdt_w3.cab Wed 4 Aug 2004 7:19:10 A.... 2,737,914 2.61 M
pchshell.dll Wed 4 Aug 2004 9:26:46 A.... 102,400 100.00 K
pchsvc.dll Wed 4 Aug 2004 9:26:46 A.... 38,912 38.00 K

14 items found: 14 files, 0 directories.
Total of file sizes: 5,493,722 bytes 5.24 M

--------------------------------------------------------------------------
H:\WINDOWS\system:
--------------------------------------------------------------------------

Locating all files created in H:\WINDOWS\system within the last 90 days.

No matches found.

--------------------------------------------------------------------------
H:\WINDOWS\system32:
--------------------------------------------------------------------------

Locating all files created in H:\WINDOWS\system32 within the last 90 days.

H:\WINDOWS\SYSTEM32\
ADOBE Mon 26 Nov 2007 21:44:16 .D... <Dir>
aiqegays.ini Sun 25 Nov 2007 23:01:54 ..SH. 776,132 757.94 K
bassmod.dll Sun 21 Oct 2007 13:45:34 A.... 34,308 33.50 K
bbatbpwm.dll Tue 27 Nov 2007 10:30:50 A.... 86,080 84.06 K
java.exe Mon 24 Sep 2007 22:30:28 A.... 135,168 132.00 K
javacpl.cpl Mon 24 Sep 2007 23:31:42 A.... 69,632 68.00 K
javaw.exe Mon 24 Sep 2007 22:30:30 A.... 135,168 132.00 K
javaws.exe Mon 24 Sep 2007 23:31:42 A.... 139,264 136.00 K
jupdat~1.log Thu 8 Nov 2007 19:56:08 A.... 5,387 5.26 K
KASPER~1 Wed 21 Nov 2007 8:02:24 .D... <Dir>
mcrh.tmp Mon 26 Nov 2007 14:03:08 A.... 143 0.14 K
mrt.exe Fri 2 Nov 2007 0:12:58 A.... 18,238,072 17.39 M
mwpbtabb.ini Tue 27 Nov 2007 18:16:52 ..SH. 781,415 763.10 K
nvapps.xml Tue 27 Nov 2007 18:16:26 A.... 61,465 60.02 K
paaivpcd.ini Tue 27 Nov 2007 10:30:16 ..SH. 778,838 760.58 K
perfc009.dat Sun 28 Oct 2007 9:01:58 A.... 40,952 39.99 K
perfh009.dat Sun 28 Oct 2007 9:01:58 A.... 314,816 307.44 K
perfst~1.ini Sun 28 Oct 2007 9:01:58 A.... 360,124 351.68 K
profile.dat Tue 27 Nov 2007 10:43:24 A.... 40 0.04 K
shell32.dll Fri 26 Oct 2007 14:04:02 A.... 8,460,288 8.07 M
sstts.dll Wed 14 Nov 2007 17:43:56 ..... 320,608 313.09 K
stream~1.dll Tue 20 Nov 2007 15:09:42 ....R 59,392 58.00 K
sttss.ini Tue 27 Nov 2007 18:21:50 A.SH. 91,384 89.24 K
sttss~1.ini Tue 27 Nov 2007 18:19:24 A.SH. 93,754 91.55 K
sybsaoxe.ini Mon 26 Nov 2007 17:12:04 ..SH. 776,492 758.29 K
sytmwgpx.ini Sat 24 Nov 2007 7:42:02 ..SH. 775,832 757.65 K
tzlog.log Fri 31 Aug 2007 16:46:18 A.... 253,934 247.98 K
wpa.dbl Sun 18 Nov 2007 14:49:04 A.... 2,206 2.15 K
xpgwmtys.dll Sat 24 Nov 2007 7:41:40 A.... 86,080 84.06 K
xpsp3res.dll Mon 29 Oct 2007 20:34:04 A.... 350,720 342.50 K

30 items found: 28 files (7 H/S), 2 directories.
Total of file sizes: 33,227,694 bytes 31.69 M

--------------------------------------------------------------------------
H:\WINDOWS\system32\com:
--------------------------------------------------------------------------

Locating all files created in H:\WINDOWS\system32\com within the last 90 days.

No matches found.

--------------------------------------------------------------------------
H:\WINDOWS\system32\components:
--------------------------------------------------------------------------
Locating all files created in H:\WINDOWS\system32\components within the last 90 days.

No matches found.

--------------------------------------------------------------------------
H:\WINDOWS\system32\drivers:
--------------------------------------------------------------------------

Locating all files created in H:\WINDOWS\system32\drivers within the last 90 days.

H:\WINDOWS\SYSTEM32\DRIVERS\
anydvd.sys Wed 21 Nov 2007 10:29:48 A.... 97,216 94.94 K
tmcomm.sys Thu 15 Nov 2007 15:25:36 A.... 102,664 100.26 K

2 items found: 2 files, 0 directories.
Total of file sizes: 199,880 bytes 195.20 K

--------------------------------------------------------------------------
H:\WINDOWS\system32\drivers\etc:
--------------------------------------------------------------------------

Locating all files created in H:\WINDOWS\system32\drivers\etc within the last 90 days.

No matches found.

--------------------------------------------------------------------------
H:\WINDOWS\TEMP:
--------------------------------------------------------------------------

Locating all files created in H:\WINDOWS\TEMP within the last 90 days.

H:\WINDOWS\TEMP\
wgaerr~1.txt Tue 27 Nov 2007 18:16:14 A.... 255 0.25 K
wganot~1.set Tue 27 Nov 2007 18:17:18 A.... 409 0.40 K

2 items found: 2 files, 0 directories.
Total of file sizes: 664 bytes 0.65 K

************************************************** **********************************

**Pumpa** · 11-27-2007, 03:03 PM

************************************************** **********************************

Dumping HKLM Uninstall Programs list

DisplayName REG_SZ Adobe Acrobat 5.0
DisplayName REG_SZ Adobe Flash Player 9 ActiveX
DisplayName REG_SZ Adobe Flash Player Plugin
DisplayName REG_SZ Agere Systems PCI Soft Modem
DisplayName REG_SZ AnyDVD
DisplayName REG_SZ AVG Anti-Rootkit Free
DisplayName REG_SZ AVG Anti-Spyware 7.5
DisplayName REG_SZ Camera Window
DisplayName REG_SZ Canon Camera Window for ZoomBrowser EX
DisplayName REG_SZ Canon iP4300
DisplayName REG_SZ Canon PhotoRecord
DisplayName REG_SZ Canon Setup Utility 2.3
DisplayName REG_SZ Canon Utilities Easy-PhotoPrint
DisplayName REG_SZ Canon Utilities Easy-PrintToolBox
DisplayName REG_SZ Canon Utilities File Viewer Utility 1.2
DisplayName REG_SZ Canon Utilities PhotoStitch 3.1
DisplayName REG_SZ Canon Utilities RemoteCapture 2.7
DisplayName REG_SZ Canon Utilities ZoomBrowser EX
DisplayName REG_SZ CCleaner (remove only)
DisplayName REG_SZ CD-LabelPrint
DisplayName REG_SZ CDex extraction audio
DisplayName REG_SZ CloneDVD 3.9.4
DisplayName REG_SZ CloneDVD2
DisplayName REG_SZ Diamond View V4.08
DisplayName REG_SZ DVD Decrypter (Remove Only)
DisplayName REG_SZ DVD Shrink 3.2
DisplayName REG_SZ Dynalink ADSL Router USB Driver
DisplayName REG_SZ e-tax 2006
DisplayName REG_SZ e-tax 2007
DisplayName REG_SZ Easy-WebPrint
DisplayName REG_SZ File Viewer Utility 1.2.2
DisplayName REG_SZ HijackThis 1.99.1
DisplayName REG_SZ Hotfix for Windows XP (KB929120)
DisplayName REG_SZ Hotfix for Windows XP (KB935448)
DisplayName REG_SZ Intel(R) Graphics Media Accelerator Driver
DisplayName REG_SZ Java(TM) 6 Update 3
DisplayName REG_SZ K9
DisplayName REG_SZ Kaspersky Online Scanner
DisplayName REG_SZ LiveUpdate 2.6 (Symantec Corporation)
DisplayName REG_SZ Media & Office Keyboard
DisplayName REG_SZ Microsoft Money 2006
DisplayName REG_SZ Microsoft Office Professional Edition 2003
DisplayName REG_SZ Movie Downloader
DisplayName REG_SZ Movie Joiner
DisplayName REG_SZ Mozilla Firefox (2.0.0.9)
DisplayName REG_SZ MSXML 4.0 SP2 (KB925672)
DisplayName REG_SZ MSXML 4.0 SP2 (KB927978)
DisplayName REG_SZ MSXML 4.0 SP2 (KB936181)
DisplayName REG_SZ MSXML 6.0 Parser (KB933579)
DisplayName REG_SZ Nero 7 Ultra Edition
DisplayName REG_SZ ninemsn Internet Software
DisplayName REG_SZ OneCare Advisor (Windows Live Toolbar)
DisplayName REG_SZ PhotoStitch
DisplayName REG_SZ Popup Blocker (Windows Live Toolbar)
DisplayName REG_SZ PowerDVD
DisplayName REG_SZ QuickTime
DisplayName REG_SZ QuickTime
DisplayName REG_SZ Realtek High Definition Audio Driver
DisplayName REG_SZ RemoteCapture 2.7.2
DisplayName REG_SZ S400
DisplayName REG_SZ ScanButton
DisplayName REG_SZ Security Update for CAPICOM (KB931906)
DisplayName REG_SZ Security Update for CAPICOM (KB931906)
DisplayName REG_SZ Security Update for Windows Media Player 10 (KB936782)
DisplayName REG_SZ Security Update for Windows Media Player 6.4 (KB925398)
DisplayName REG_SZ Security Update for Windows XP (KB917422)
DisplayName REG_SZ Security Update for Windows XP (KB918118)
DisplayName REG_SZ Security Update for Windows XP (KB918899)
DisplayName REG_SZ Security Update for Windows XP (KB919007)
DisplayName REG_SZ Security Update for Windows XP (KB920213)
DisplayName REG_SZ Security Update for Windows XP (KB920214)
DisplayName REG_SZ Security Update for Windows XP (KB920670)
DisplayName REG_SZ Security Update for Windows XP (KB920683)
DisplayName REG_SZ Security Update for Windows XP (KB920685)
DisplayName REG_SZ Security Update for Windows XP (KB921398)
DisplayName REG_SZ Security Update for Windows XP (KB921503)
DisplayName REG_SZ Security Update for Windows XP (KB921883)
DisplayName REG_SZ Security Update for Windows XP (KB922616)
DisplayName REG_SZ Security Update for Windows XP (KB922760)
DisplayName REG_SZ Security Update for Windows XP (KB922819)
DisplayName REG_SZ Security Update for Windows XP (KB923191)
DisplayName REG_SZ Security Update for Windows XP (KB923414)
DisplayName REG_SZ Security Update for Windows XP (KB923689)
DisplayName REG_SZ Security Update for Windows XP (KB923694)
DisplayName REG_SZ Security Update for Windows XP (KB923980)
DisplayName REG_SZ Security Update for Windows XP (KB924191)
DisplayName REG_SZ Security Update for Windows XP (KB924270)
DisplayName REG_SZ Security Update for Windows XP (KB924496)
DisplayName REG_SZ Security Update for Windows XP (KB924667)
DisplayName REG_SZ Security Update for Windows XP (KB925454)
DisplayName REG_SZ Security Update for Windows XP (KB925486)
DisplayName REG_SZ Security Update for Windows XP (KB925902)
DisplayName REG_SZ Security Update for Windows XP (KB926255)
DisplayName REG_SZ Security Update for Windows XP (KB926436)
DisplayName REG_SZ Security Update for Windows XP (KB927779)
DisplayName REG_SZ Security Update for Windows XP (KB927802)
DisplayName REG_SZ Security Update for Windows XP (KB928090)
DisplayName REG_SZ Security Update for Windows XP (KB928255)
DisplayName REG_SZ Security Update for Windows XP (KB928843)
DisplayName REG_SZ Security Update for Windows XP (KB929123)
DisplayName REG_SZ Security Update for Windows XP (KB929969)
DisplayName REG_SZ Security Update for Windows XP (KB930178)
DisplayName REG_SZ Security Update for Windows XP (KB931261)
DisplayName REG_SZ Security Update for Windows XP (KB931768)
DisplayName REG_SZ Security Update for Windows XP (KB931784)
DisplayName REG_SZ Security Update for Windows XP (KB932168)
DisplayName REG_SZ Security Update for Windows XP (KB933566)
DisplayName REG_SZ Security Update for Windows XP (KB933729)
DisplayName REG_SZ Security Update for Windows XP (KB935839)
DisplayName REG_SZ Security Update for Windows XP (KB935840)
DisplayName REG_SZ Security Update for Windows XP (KB936021)
DisplayName REG_SZ Security Update for Windows XP (KB937143)
DisplayName REG_SZ Security Update for Windows XP (KB938127)
DisplayName REG_SZ Security Update for Windows XP (KB938829)
DisplayName REG_SZ Security Update for Windows XP (KB939653)
DisplayName REG_SZ Security Update for Windows XP (KB941202)
DisplayName REG_SZ Security Update for Windows XP (KB943460)
DisplayName REG_SZ Smart Menus (Windows Live Toolbar)
DisplayName REG_SZ Software Update for Web Folders
DisplayName REG_SZ Spybot - Search & Destroy 1.4
DisplayName REG_SZ StudioLine Photo Basic
DisplayName REG_SZ Symantec Client Security
DisplayName REG_SZ Tabbed Browsing (Windows Live Toolbar)
DisplayName REG_SZ TrojanHunter 5.0
DisplayName REG_SZ Ultimate Label Printer Pro Version 5.5.2
DisplayName REG_SZ Update for Windows Media Player 10 (KB926251)
DisplayName REG_SZ Update for Windows XP (KB920872)
DisplayName REG_SZ Update for Windows XP (KB922582)
DisplayName REG_SZ Update for Windows XP (KB927891)
DisplayName REG_SZ Update for Windows XP (KB929338)
DisplayName REG_SZ Update for Windows XP (KB930916)
DisplayName REG_SZ Update for Windows XP (KB931836)
DisplayName REG_SZ Update for Windows XP (KB933360)
DisplayName REG_SZ Update for Windows XP (KB936357)
DisplayName REG_SZ Update for Windows XP (KB938828)
DisplayName REG_SZ Windows Live Favorites for Windows Live Toolbar
DisplayName REG_SZ Windows Live Messenger
DisplayName REG_SZ Windows Live Outlook Toolbar (Windows Live Toolbar)
DisplayName REG_SZ Windows Live Sign-in Assistant
DisplayName REG_SZ Windows Live Toolbar
DisplayName REG_SZ Windows Live Toolbar
DisplayName REG_SZ Windows Live Toolbar Extension (Windows Live Toolbar)
DisplayName REG_SZ Windows Live Toolbar Feed Detector (Windows Live Toolbar)
DisplayName REG_SZ WinFast(R) Display Driver
DisplayName REG_SZ WinRAR archiver
DisplayName REG_SZ WinZip
ParentDisplayName REG_SZ CAPICOM
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates
ParentDisplayName REG_SZ Windows XP - Software Updates

################################################## ################################################## #

-- All DONE!

~ ShadowPuterDude ~

**ShadowPuterDude** · 11-27-2007, 04:46 PM

Originally Posted by Pumpa

Processdll failed. got an error message**The application failed to initialize properly(00xc0000135) Click to terminate the application) **
Need an email to send it to.
We could be running out of time here. Sorry.

Damian

Install the Microsoft .NET Framework there are 4: 1.1, 2.0, 3.0, 3.5.
http://www.microsoft.com/downloads/d...7-034d1e7cf3a3
http://www.microsoft.com/downloads/d...d-aab15c5e04f5
http://www.microsoft.com/downloads/d...5-25634C3BF043
http://www.microsoft.com/downloads/d...1-508D977D32A6

ProcessDll should run with just 1.1 installed. It won't hurt to install the other as well.

**Pumpa** · 11-28-2007, 02:53 AM

**Pumpa** · 11-28-2007, 02:55 AM

og Created @ 28/11/2007 6:15:45 PM

nvsvc32 (H:\WINDOWS\system32\nvsvc32.exe)

H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\POWRPROF.dll
H:\WINDOWS\system32\wtsapi32.dll
H:\WINDOWS\system32\WINSTA.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\COMCTL32.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\secur32.dll
H:\WINDOWS\system32\msv1_0.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\iphlpapi.dll
H:\WINDOWS\system32\Apphelp.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\NTMARTA.DLL
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\SAMLIB.dll

THGuard (H:\Program Files\TrojanHunter 5.0\THGuard.exe)

H:\Program Files\TrojanHunter 5.0\THGuard.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\user32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\advapi32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\oleaut32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\version.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\shell32.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\MSCTF.dll

SNDSrvc (H:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe)

H:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\iphlpapi.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\MSVCP71.dll
H:\WINDOWS\system32\MSVCR71.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\RASAPI32.DLL
H:\WINDOWS\system32\rasman.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\TAPI32.dll
H:\WINDOWS\system32\rtutils.dll
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\Secur32.dll
H:\WINDOWS\system32\SymNeti.dll
H:\WINDOWS\system32\WSOCK32.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\userenv.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\msi.dll
H:\WINDOWS\system32\SXS.DLL

AcroTray (H:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe)

H:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\WININET.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\Secur32.dll
H:\WINDOWS\system32\MSCTF.dll

ALCWZRD (H:\WINDOWS\ALCWZRD.EXE)

H:\WINDOWS\ALCWZRD.EXE
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\DSOUND.DLL
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SETUPAPI.DLL
H:\WINDOWS\system32\COMCTL32.DLL
H:\WINDOWS\system32\OLEAUT32.DLL
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\wdmaud.drv
H:\WINDOWS\system32\msacm32.drv
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\midimap.dll
H:\WINDOWS\system32\KsUser.dll
H:\WINDOWS\system32\MSCTF.dll

guard (H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe)

H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll
H:\WINDOWS\system32\SHFOLDER.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\PSAPI.DLL
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\iphlpapi.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\NTMARTA.DLL
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\SAMLIB.dll

svchost (H:\WINDOWS\system32\svchost.exe)

H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\NTMARTA.DLL
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\SAMLIB.dll
H:\WINDOWS\system32\xpsp2res.dll
h:\windows\system32\lmhsvc.dll
h:\windows\system32\iphlpapi.dll
h:\windows\system32\WS2_32.dll
h:\windows\system32\WS2HELP.dll
h:\windows\system32\webclnt.dll
H:\WINDOWS\system32\WININET.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\Secur32.dll
H:\WINDOWS\system32\wsock32.dll
h:\windows\system32\regsvc.dll
h:\windows\system32\ssdpsrv.dll
H:\WINDOWS\system32\hnetcfg.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\mswsock.dll
H:\WINDOWS\System32\wshtcpip.dll

csrss (\??\H:\WINDOWS\system32\csrss.exe)

\??\H:\WINDOWS\system32\csrss.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\CSRSRV.dll
H:\WINDOWS\system32\basesrv.dll
H:\WINDOWS\system32\winsrv.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\KERNEL32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\sxs.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\Apphelp.dll
H:\WINDOWS\system32\VERSION.dll

jusched (H:\Program Files\Java\jre1.6.0_03\bin\jusched.exe)

H:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\WININET.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\uxtheme.dll

SOUNDMAN (H:\WINDOWS\SOUNDMAN.EXE)

H:\WINDOWS\SOUNDMAN.EXE
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\HID.DLL
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\MSCTF.dll

wuauclt (H:\WINDOWS\system32\wuauclt.exe)

H:\WINDOWS\system32\wuauclt.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\wuaueng.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\ESENT.dll
H:\WINDOWS\system32\WTSAPI32.dll
H:\WINDOWS\system32\WINSTA.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\WINSPOOL.DRV
H:\WINDOWS\system32\IPHLPAPI.DLL
H:\WINDOWS\system32\WINHTTP.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\Cabinet.dll
H:\WINDOWS\system32\mspatcha.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\wups2.dll

ccEvtMgr (H:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe)

H:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSVCP71.dll
H:\WINDOWS\system32\MSVCR71.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\Program Files\Common Files\Symantec Shared\ccL35.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\DBGHELP.DLL
H:\WINDOWS\system32\IMM32.DLL
H:\WINDOWS\system32\Secur32.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\Crypt32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\WinTrust.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\userenv.dll
H:\WINDOWS\system32\netapi32.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\msi.dll
H:\WINDOWS\system32\SXS.DLL
H:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\WSOCK32.dll
H:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\BB.DLL
H:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL
H:\Program Files\Common Files\Symantec Shared\ccSet.dll
H:\PROGRA~1\COMMON~1\SYMANT~1\CCLOGIN.DLL
H:\PROGRA~1\COMMON~1\SYMANT~1\CCPXYEVT.DLL
H:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL
H:\PROGRA~1\SYMANT~1\SYMANT~1\LOGFWDER.DLL
H:\WINDOWS\system32\SymNeti.DLL
H:\Program Files\Symantec Client Security\Symantec Client Firewall\NisEvt.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\Cliproxy.dll
H:\WINDOWS\system32\MPR.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\NAVNTUTL.DLL
h:\program files\common files\symantec shared\ssc\ScsComms.dll
H:\WINDOWS\system32\nts.dll
H:\WINDOWS\system32\MSWSOCK.dll
H:\WINDOWS\system32\cba.dll
H:\WINDOWS\system32\MsgSys.dll
H:\WINDOWS\system32\PDS.DLL
H:\Program Files\Symantec Client Security\Symantec Client Firewall\SNLog.dll
H:\WINDOWS\system32\DNSAPI.dll
H:\WINDOWS\System32\winrnr.dll
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\rasadhlp.dll

rundll32 (H:\WINDOWS\system32\RUNDLL32.EXE)

H:\WINDOWS\system32\RUNDLL32.EXE
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\NvMcTray.dll
H:\WINDOWS\system32\MSCTF.dll

**Pumpa** · 11-28-2007, 02:56 AM

WgaTray (H:\WINDOWS\system32\WgaTray.exe)

H:\WINDOWS\system32\WgaTray.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\WININET.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\msxml3.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\NTMARTA.DLL
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\SAMLIB.dll
H:\WINDOWS\system32\MSCTF.dll

ctfmon (H:\WINDOWS\system32\ctfmon.exe)

H:\WINDOWS\system32\ctfmon.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\MSCTF.dll
H:\WINDOWS\system32\MSUTB.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

spoolsv (H:\WINDOWS\system32\spoolsv.exe)

H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\SPOOLSS.DLL
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\DNSAPI.dll
H:\WINDOWS\system32\rasadhlp.dll
H:\WINDOWS\system32\localspl.dll
H:\WINDOWS\system32\Secur32.dll
H:\WINDOWS\system32\sfc_os.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\winspool.drv
H:\WINDOWS\system32\netapi32.dll
H:\WINDOWS\system32\cnbjmon.dll
H:\WINDOWS\system32\CNBJMON2.DLL
H:\WINDOWS\system32\CNMLM86.DLL
H:\WINDOWS\system32\PSAPI.DLL
H:\WINDOWS\system32\CNMLM2P.DLL
H:\WINDOWS\system32\mdimon.dll
H:\WINDOWS\system32\msi.dll
H:\WINDOWS\system32\pdfports.dll
H:\Program Files\Adobe\Acrobat 5.0\Distillr\adistres.dll
H:\WINDOWS\system32\pjlmon.dll
H:\WINDOWS\system32\tcpmon.dll
H:\WINDOWS\system32\usbmon.dll
H:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD86. DLL
H:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD2P. DLL
H:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.d ll
H:\WINDOWS\System32\mswsock.dll
H:\WINDOWS\System32\winrnr.dll
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\win32spl.dll
H:\WINDOWS\system32\NETRAP.dll
H:\WINDOWS\system32\NTDSAPI.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\inetpp.dll

lsass (H:\WINDOWS\system32\lsass.exe)

H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\LSASRV.dll
H:\WINDOWS\system32\MPR.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\NTDSAPI.dll
H:\WINDOWS\system32\DNSAPI.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\Secur32.dll
H:\WINDOWS\system32\SAMLIB.dll
H:\WINDOWS\system32\SAMSRV.dll
H:\WINDOWS\system32\cryptdll.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\msprivs.dll
H:\WINDOWS\system32\kerberos.dll
H:\WINDOWS\system32\msv1_0.dll
H:\WINDOWS\system32\iphlpapi.dll
H:\WINDOWS\system32\netlogon.dll
H:\WINDOWS\system32\w32time.dll
H:\WINDOWS\system32\MSVCP60.dll
H:\WINDOWS\system32\schannel.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\wdigest.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\sstts.dll
H:\WINDOWS\system32\SHFOLDER.dll
H:\WINDOWS\system32\urlmon.dll
H:\WINDOWS\system32\WININET.dll
H:\WINDOWS\system32\setupapi.dll
H:\WINDOWS\system32\scecli.dll
H:\WINDOWS\system32\ipsecsvc.dll
H:\WINDOWS\system32\AUTHZ.dll
H:\WINDOWS\system32\oakley.DLL
H:\WINDOWS\system32\WINIPSEC.DLL
H:\WINDOWS\system32\mswsock.dll
H:\WINDOWS\system32\hnetcfg.dll
H:\WINDOWS\system32\pstorsvc.dll
H:\WINDOWS\System32\wshtcpip.dll
H:\WINDOWS\system32\psbase.dll
H:\WINDOWS\system32\dssenh.dll

K9 (H:\Program Files\KeirNet\K9\K9.exe)

H:\Program Files\KeirNet\K9\K9.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\COMCTL32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\comdlg32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\RICHED32.dll
H:\WINDOWS\system32\RICHED20.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\MSCTF.dll
H:\WINDOWS\system32\mswsock.dll
H:\WINDOWS\system32\hnetcfg.dll
H:\WINDOWS\System32\wshtcpip.dll

DoScan (H:\Program Files\Symantec Client Security\Symantec AntiVirus\DoScan.exe)

H:\Program Files\Symantec Client Security\Symantec AntiVirus\DoScan.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\MSVCR71.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\WININET.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\Secur32.dll
H:\WINDOWS\system32\shell32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\msi.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\Cliscan.dll
H:\WINDOWS\system32\MPR.dll
H:\WINDOWS\system32\MSVCP71.dll
H:\WINDOWS\system32\shfolder.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\NAVNTUTL.DLL
H:\WINDOWS\system32\SFC.DLL
H:\WINDOWS\system32\sfc_os.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\SXS.DLL
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\I2ldvp3.dll
H:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
H:\Program Files\Common Files\Symantec Shared\ccL35.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\WSOCK32.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\userenv.dll
H:\WINDOWS\system32\netapi32.dll
H:\Program Files\Common Files\Symantec Shared\ccDec.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\decsdk.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll
H:\Program Files\Common Files\Symantec Shared\ccScan.dll
H:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL
H:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20071123.04 9\ccEraser.dll
H:\WINDOWS\System32\mswsock.dll
H:\WINDOWS\system32\DNSAPI.dll
H:\WINDOWS\system32\rasadhlp.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\DefUtDCD.dll
H:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20071123.04 9\ecmsvr32.dll
H:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20071123.04 9\NAVEX32a.DLL
H:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20071123.04 9\NAVENG32.DLL
H:\Program Files\Symantec Client Security\Symantec AntiVirus\NAVAP32.DLL
H:\Program Files\Symantec Client Security\Symantec AntiVirus\SAVRT32.DLL
H:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll
H:\WINDOWS\system32\IMM32.dll
H:\WINDOWS\system32\MFC71.DLL
H:\WINDOWS\system32\comdlg32.dll
H:\WINDOWS\system32\PSAPI.DLL

services (H:\WINDOWS\system32\services.exe)

H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\SCESRV.dll
H:\WINDOWS\system32\AUTHZ.dll
H:\WINDOWS\system32\umpnpmgr.dll
H:\WINDOWS\system32\WINSTA.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\NCObjAPI.DLL
H:\WINDOWS\system32\MSVCP60.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\secur32.dll
H:\WINDOWS\system32\Apphelp.dll
H:\WINDOWS\system32\eventlog.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\PSAPI.DLL
H:\WINDOWS\system32\wtsapi32.dll

AnyDVD (H:\Program Files\SlySoft\AnyDVD\AnyDVD.exe)

H:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\WININET.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\Secur32.dll
H:\Program Files\SlySoft\AnyDVD\AnyDialog.dll
H:\WINDOWS\system32\WINSPOOL.DRV
H:\WINDOWS\system32\COMDLG32.DLL
H:\WINDOWS\system32\WINMM.DLL
H:\WINDOWS\system32\ElbyCDIO.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\wsock32.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\MSCTF.dll

MDM (H:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE)

H:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\psapi.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll

alg (H:\WINDOWS\System32\alg.exe)

H:\WINDOWS\System32\alg.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\System32\ATL.DLL
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\System32\WSOCK32.dll
H:\WINDOWS\System32\WS2_32.dll
H:\WINDOWS\System32\WS2HELP.dll
H:\WINDOWS\System32\MSWSOCK.DLL
H:\WINDOWS\System32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\System32\WINMM.dll
H:\WINDOWS\System32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\System32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\System32\CLBCATQ.DLL
H:\WINDOWS\System32\COMRes.dll
H:\WINDOWS\System32\xpsp2res.dll
H:\WINDOWS\system32\hnetcfg.dll
H:\WINDOWS\System32\wshtcpip.dll

ProcessDll (H:\Documents and Settings\Damian\Desktop\ProcessDll.exe)

H:\Documents and Settings\Damian\Desktop\ProcessDll.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\mscoree.dll
H:\WINDOWS\system32\KERNEL32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscor wks.dll
H:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR 71.dll
H:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusio n.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
h:\windows\microsoft.net\framework\v1.1.4322\mscor lib.dll
h:\windows\assembly\nativeimages1_v1.1.4322\mscorl ib\1.0.5000.0__b77a5c561934e089_513eaa2c\mscorlib. dll
H:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscor sn.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\MSCTF.dll
H:\WINDOWS\system32\xpsp2res.dll
h:\windows\assembly\gac\system\1.0.5000.0__b77a5c5 61934e089\system.dll
h:\windows\assembly\nativeimages1_v1.1.4322\system \1.0.5000.0__b77a5c561934e089_b98389cf\system.dll
h:\windows\assembly\gac\system.drawing\1.0.5000.0_ _b03f5f7f11d50a3a\system.drawing.dll
h:\windows\assembly\nativeimages1_v1.1.4322\system .drawing\1.0.5000.0__b03f5f7f11d50a3a_72c37ba2\sys tem.drawing.dll
h:\windows\assembly\gac\system.directoryservices\1 .0.5000.0__b03f5f7f11d50a3a\system.directoryservic es.dll
H:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCOR JIT.DLL
h:\windows\assembly\gac\system.messaging\1.0.5000. 0__b03f5f7f11d50a3a\system.messaging.dll
h:\windows\assembly\gac\system.serviceprocess\1.0. 5000.0__b03f5f7f11d50a3a\system.serviceprocess.dll
h:\windows\assembly\gac\system.data\1.0.5000.0__b7 7a5c561934e089\system.data.dll
h:\windows\assembly\gac\microsoft.visualbasic\7.0. 5000.0__b03f5f7f11d50a3a\microsoft.visualbasic.dll
H:\WINDOWS\system32\shfolder.dll
H:\WINDOWS\system32\netfxperf.dll
H:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\perfc ounter.dll
H:\WINDOWS\system32\NTMARTA.DLL
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\SAMLIB.dll
H:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Corpe rfmonExt.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\PSAPI.dll
H:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspne t_isapi.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\System32\query.dll
H:\WINDOWS\system32\msdtcuiu.DLL
H:\WINDOWS\system32\ATL.DLL
H:\WINDOWS\system32\MFC42u.DLL
H:\WINDOWS\system32\MPR.dll
H:\WINDOWS\system32\MSDTCPRX.dll
H:\WINDOWS\system32\MSVCP60.dll
H:\WINDOWS\system32\MTXCLU.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\WSOCK32.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\CLUSAPI.DLL
H:\WINDOWS\system32\RESUTILS.DLL
H:\PROGRA~1\COMMON~1\SYSTEM\MSMAPI\1033\MSMAPI32.D LL
H:\Program Files\Common Files\Microsoft Shared\office11\mso.dll
H:\WINDOWS\system32\perfdisk.dll
H:\WINDOWS\system32\perfnet.dll
H:\WINDOWS\system32\perfos.dll
H:\WINDOWS\system32\perfproc.dll
H:\WINDOWS\system32\pschdprf.dll
H:\WINDOWS\system32\TRAFFIC.dll
H:\WINDOWS\system32\iphlpapi.dll
H:\WINDOWS\system32\WMI.dll
H:\WINDOWS\System32\rasctrs.dll
H:\WINDOWS\system32\rasman.dll
H:\WINDOWS\system32\secur32.dll
H:\WINDOWS\system32\msv1_0.dll
H:\WINDOWS\System32\rsvpperf.dll
H:\WINDOWS\system32\winspool.drv
H:\WINDOWS\system32\tapiperf.dll
H:\WINDOWS\system32\tapi32.dll
H:\WINDOWS\system32\rtutils.dll
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\Perfctrs.dll
H:\WINDOWS\system32\MPRAPI.dll
H:\WINDOWS\system32\ACTIVEDS.dll
H:\WINDOWS\system32\adsldpc.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\perfts.dll
H:\WINDOWS\system32\WINSTA.dll
H:\WINDOWS\system32\UTILDLL.dll
H:\WINDOWS\system32\wbem\wmiaprpl.dll
H:\WINDOWS\system32\loadperf.dll
H:\WINDOWS\system32\wbem\wbemcomn.dll

**Pumpa** · 11-28-2007, 02:57 AM

LxrSII1s (H:\WINDOWS\system32\LxrSII1s.exe)

H:\WINDOWS\system32\LxrSII1s.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll

wmiprvse (H:\WINDOWS\system32\wbem\wmiprvse.exe)

H:\WINDOWS\system32\wbem\wmiprvse.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\wbem\wbemcomn.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\wbem\FastProx.dll
H:\WINDOWS\system32\MSVCP60.dll
H:\WINDOWS\system32\NTDSAPI.dll
H:\WINDOWS\system32\DNSAPI.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\Secur32.dll
H:\WINDOWS\system32\NCObjAPI.DLL
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\wbem\wbemprox.dll
H:\WINDOWS\system32\wbem\wbemsvc.dll
H:\WINDOWS\system32\wbem\wmiutils.dll
H:\WINDOWS\system32\wbem\cimwin32.dll
H:\WINDOWS\system32\wbem\framedyn.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\SECURITY.DLL
H:\WINDOWS\system32\schannel.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\wbem\wmipcima.dll
H:\WINDOWS\system32\WTSAPI32.dll
H:\WINDOWS\system32\WINSTA.dll
H:\WINDOWS\system32\CFGMGR32.DLL
H:\WINDOWS\system32\WMI.DLL

svchost (H:\WINDOWS\system32\svchost.exe)

H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\NTMARTA.DLL
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\SAMLIB.dll
h:\windows\system32\rpcss.dll
h:\windows\system32\Secur32.dll
h:\windows\system32\WS2_32.dll
h:\windows\system32\WS2HELP.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
h:\windows\system32\termsrv.dll
h:\windows\system32\ICAAPI.dll
h:\windows\system32\SETUPAPI.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\IMAGEHLP.dll
h:\windows\system32\AUTHZ.dll
h:\windows\system32\mstlsapi.dll
h:\windows\system32\ACTIVEDS.dll
h:\windows\system32\adsldpc.dll
H:\WINDOWS\system32\NETAPI32.dll
h:\windows\system32\ATL.DLL
H:\WINDOWS\system32\REGAPI.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\Apphelp.dll

explorer (H:\WINDOWS\Explorer.EXE)

H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\BROWSEUI.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\SHDOCVW.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\CRYPTUI.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\WININET.dll
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\sstts.dll
H:\WINDOWS\system32\Secur32.dll
H:\WINDOWS\system32\SHFOLDER.dll
H:\WINDOWS\system32\urlmon.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\appHelp.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\System32\cscui.dll
H:\WINDOWS\System32\CSCDLL.dll
H:\WINDOWS\system32\themeui.dll
H:\WINDOWS\system32\MSIMG32.dll
H:\WINDOWS\system32\shdoclc.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\wsock32.dll
H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll
H:\WINDOWS\system32\actxprxy.dll
H:\Program Files\Windows Media Player\wmpband.dll
H:\WINDOWS\system32\MPR.dll
H:\WINDOWS\system32\SAMLIB.dll
H:\WINDOWS\system32\LINKINFO.dll
H:\WINDOWS\system32\ntshrui.dll
H:\WINDOWS\system32\ATL.DLL
H:\WINDOWS\system32\msi.dll
H:\WINDOWS\system32\SXS.DLL
H:\WINDOWS\system32\setupapi.dll
H:\WINDOWS\system32\NETSHELL.dll
H:\WINDOWS\system32\credui.dll
H:\WINDOWS\system32\iphlpapi.dll
H:\WINDOWS\system32\rtutils.dll
H:\WINDOWS\system32\WINSTA.dll
H:\WINDOWS\system32\webcheck.dll
H:\WINDOWS\system32\stobject.dll
H:\WINDOWS\system32\BatMeter.dll
H:\WINDOWS\system32\POWRPROF.dll
H:\WINDOWS\system32\WTSAPI32.dll
H:\WINDOWS\system32\wdmaud.drv
H:\WINDOWS\system32\hsjugqhk.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\MSCTF.dll
H:\WINDOWS\system32\msacm32.drv
H:\WINDOWS\system32\midimap.dll
H:\WINDOWS\system32\mslbui.dll
H:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
H:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
H:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll
H:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll
H:\PROGRA~1\WINZIP\WZSHLSTB.DLL
H:\PROGRA~1\TROJAN~1.0\contmenu.dll
H:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll
H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll
H:\WINDOWS\System32\drprov.dll
H:\WINDOWS\System32\ntlanman.dll
H:\WINDOWS\System32\NETUI0.dll
H:\WINDOWS\System32\NETUI1.dll
H:\WINDOWS\System32\NETRAP.dll
H:\WINDOWS\System32\davclnt.dll

VPTray (H:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe)

H:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSVCR71.dll
H:\WINDOWS\system32\MSVCP71.dll
H:\WINDOWS\system32\PSAPI.DLL
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\Secur32.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\SAVRT32.DLL
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\msi.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\Cliscan.dll
H:\WINDOWS\system32\MPR.dll
H:\WINDOWS\system32\shfolder.dll
H:\PROGRA~1\SYMANT~1\SYMANT~2\NAVNTUTL.DLL
H:\WINDOWS\system32\SFC.DLL
H:\WINDOWS\system32\sfc_os.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\SXS.DLL
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\Cliproxy.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\MSWSOCK.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\userenv.dll
H:\WINDOWS\system32\MSCTF.dll
H:\WINDOWS\system32\mslbui.dll

ISSVC (H:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe)

H:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\SymNeti.DLL
H:\WINDOWS\system32\WSOCK32.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSVCP71.dll
H:\WINDOWS\system32\MSVCR71.dll
H:\Program Files\Symantec Client Security\Symantec Client Firewall\NISRES.DLL
H:\WINDOWS\system32\msi.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\Program Files\Common Files\Symantec Shared\ccL35.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\DBGHELP.DLL
H:\WINDOWS\system32\IMM32.DLL
H:\WINDOWS\system32\Secur32.dll
H:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\Crypt32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\WinTrust.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\userenv.dll
H:\WINDOWS\system32\netapi32.dll
H:\Program Files\Common Files\Symantec Shared\ccSet.dll
H:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll
H:\Program Files\Common Files\Symantec Shared\ccProSub.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\SXS.DLL

smss (H:\WINDOWS\system32\smss.exe)

H:\WINDOWS\system32\smss.exe
H:\WINDOWS\system32\ntdll.dll

ccProxy (H:\Program Files\Common Files\Symantec Shared\ccProxy.exe)

H:\Program Files\Common Files\Symantec Shared\ccProxy.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\SYMREDIR.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSVCR71.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\MSVCP71.dll
H:\WINDOWS\system32\SymNeti.DLL
H:\WINDOWS\system32\WSOCK32.dll
H:\WINDOWS\system32\SHELL32.dll
H:\Program Files\Common Files\Symantec Shared\ccL35.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\DBGHELP.DLL
H:\WINDOWS\system32\IMM32.DLL
H:\WINDOWS\system32\Secur32.dll
H:\WINDOWS\system32\mswsock.dll
H:\WINDOWS\system32\hnetcfg.dll
H:\WINDOWS\System32\wshtcpip.dll
H:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\Crypt32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\WinTrust.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\userenv.dll
H:\WINDOWS\system32\netapi32.dll
H:\Program Files\Common Files\Symantec Shared\ccSet.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\msi.dll
H:\WINDOWS\system32\SXS.DLL
H:\Program Files\Common Files\Symantec Shared\DPHTML.dll
H:\Program Files\Common Files\Symantec Shared\DPJS.dll
H:\Program Files\Common Files\Symantec Shared\DPVBS.dll
H:\Program Files\Common Files\Symantec Shared\PFAdBlk.dll
H:\Program Files\Common Files\Symantec Shared\PFMisc.dll
H:\Program Files\Common Files\Symantec Shared\PFPriv.dll
H:\Program Files\Common Files\Symantec Shared\PFSec.dll
H:\Program Files\Common Files\Symantec Shared\PxyHTTP.dll
H:\Program Files\Common Files\Symantec Shared\DPHTTP.dll
H:\Program Files\Common Files\Symantec Shared\PxyIM.dll
H:\Program Files\Common Files\Symantec Shared\ccProSub.dll
H:\Program Files\Common Files\Symantec Shared\ccPxyEvt.dll
H:\Program Files\Common Files\Symantec Shared\ccLogin.dll
H:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll

OfficeKB (H:\PROGRA~1\OfficeKB\OfficeKB.EXE)

H:\PROGRA~1\OfficeKB\OfficeKB.EXE
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\comdlg32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\COMCTL32.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\VERSION.dll
H:\PROGRA~1\OfficeKB\LgKCUtl.dll
H:\PROGRA~1\OfficeKB\SzUPFUtl.dll
H:\PROGRA~1\OfficeKB\OSDUtl.dll
H:\PROGRA~1\OfficeKB\RgnMaker.dll
H:\PROGRA~1\OfficeKB\CDRomUtl.dll
H:\WINDOWS\system32\WINMM.dll
H:\PROGRA~1\OfficeKB\MixerUtl.dll
H:\PROGRA~1\OfficeKB\ComFnUtl.dll
H:\WINDOWS\system32\ole32.dll
H:\PROGRA~1\OfficeKB\Wnd2File.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\Secur32.dll
H:\PROGRA~1\OfficeKB\USBKBKC.DLL
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\wdmaud.drv
H:\WINDOWS\system32\msacm32.drv
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\midimap.dll
H:\WINDOWS\system32\WTSAPI32.DLL
H:\WINDOWS\system32\WINSTA.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\MSCTF.dll

svchost (H:\WINDOWS\system32\svchost.exe)

H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
h:\windows\system32\wiaservc.dll
h:\windows\system32\CFGMGR32.dll
H:\WINDOWS\system32\setupapi.dll
h:\windows\system32\mscms.dll
h:\windows\system32\WINSPOOL.DRV
h:\windows\system32\WINSTA.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\ScanUsdX.dll
H:\WINDOWS\system32\actxprxy.dll

ccApp (H:\Program Files\Common Files\Symantec Shared\ccApp.exe)

H:\Program Files\Common Files\Symantec Shared\ccApp.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\COMCTL32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\MSVCP71.dll
H:\WINDOWS\system32\MSVCR71.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\Program Files\Common Files\Symantec Shared\ccL35.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\DBGHELP.DLL
H:\WINDOWS\system32\uxtheme.dll
H:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\WSOCK32.dll
H:\WINDOWS\system32\Crypt32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\WinTrust.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\userenv.dll
H:\WINDOWS\system32\secur32.dll
H:\WINDOWS\system32\netapi32.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\msi.dll
H:\WINDOWS\system32\SXS.DLL
H:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL
H:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL
H:\WINDOWS\system32\MSWSOCK.dll
H:\WINDOWS\system32\MSCTF.dll
H:\PROGRA~1\SYMANT~1\SYMANT~1\NISPROD.DLL
H:\PROGRA~1\SYMANT~1\SYMANT~1\NISRES.DLL
H:\PROGRA~1\SYMANT~1\SYMANT~1\NISTRAY.DLL
H:\PROGRA~1\SYMANT~1\SYMANT~1\NISALERT.DLL
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\SymNeti.DLL
H:\Program Files\Common Files\Symantec Shared\ccSet.dll
H:\WINDOWS\system32\SYMREDIR.DLL
H:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll
H:\Program Files\Symantec Client Security\Symantec Client Firewall\NISLCOM.dll
H:\Program Files\Common Files\Symantec Shared\ccLogin.dll
H:\Program Files\Common Files\Symantec Shared\ccProSub.dll
H:\Program Files\Symantec Client Security\Symantec Client Firewall\ccEmlflt.dll
H:\Program Files\Common Files\Symantec Shared\ccPxyEvt.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\SavEmail.dll
H:\WINDOWS\system32\DNSAPI.dll
H:\WINDOWS\System32\winrnr.dll
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\rasadhlp.dll
H:\WINDOWS\system32\hnetcfg.dll
H:\WINDOWS\System32\wshtcpip.dll
H:\Program Files\Symantec Client Security\Symantec Client Firewall\SymFWAgt.dll
H:\Program Files\Symantec Client Security\Symantec Client Firewall\SFWAlert.dll
H:\Program Files\Symantec Client Security\Symantec Client Firewall\ccFWSetg.dll
H:\Program Files\Symantec Client Security\Symantec Client Firewall\pRSettg.dll
H:\Program Files\Symantec Client Security\Symantec Client Firewall\TLevel.dll

**Pumpa** · 11-28-2007, 03:00 AM

svchost (H:\WINDOWS\system32\svchost.exe)

H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
h:\windows\system32\rpcss.dll
h:\windows\system32\Secur32.dll
h:\windows\system32\WS2_32.dll
h:\windows\system32\WS2HELP.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\mswsock.dll
H:\WINDOWS\system32\hnetcfg.dll
H:\WINDOWS\System32\wshtcpip.dll
H:\WINDOWS\system32\DNSAPI.dll
H:\WINDOWS\system32\iphlpapi.dll
H:\WINDOWS\System32\winrnr.dll
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\rasadhlp.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll

ccSetMgr (H:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe)

H:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\MSVCP71.dll
H:\WINDOWS\system32\MSVCR71.dll
H:\Program Files\Common Files\Symantec Shared\ccL35.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\DBGHELP.DLL
H:\WINDOWS\system32\IMM32.DLL
H:\WINDOWS\system32\Secur32.dll
H:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\WSOCK32.dll
H:\WINDOWS\system32\Crypt32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\WinTrust.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\msi.dll
H:\WINDOWS\system32\SXS.DLL
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\userenv.dll
H:\WINDOWS\system32\netapi32.dll
H:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll

svchost (H:\WINDOWS\System32\svchost.exe)

H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\System32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\System32\WINMM.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\System32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\System32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\System32\NTMARTA.DLL
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\System32\SAMLIB.dll
H:\WINDOWS\System32\xpsp2res.dll
h:\windows\system32\shsvcs.dll
H:\WINDOWS\System32\WINSTA.dll
H:\WINDOWS\system32\NETAPI32.dll
h:\windows\system32\dhcpcsvc.dll
h:\windows\system32\DNSAPI.dll
h:\windows\system32\WS2_32.dll
h:\windows\system32\WS2HELP.dll
h:\windows\system32\iphlpapi.dll
h:\windows\system32\Secur32.dll
H:\WINDOWS\System32\rsaenh.dll
h:\windows\system32\wzcsvc.dll
h:\windows\system32\rtutils.dll
h:\windows\system32\WMI.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
h:\windows\system32\WTSAPI32.dll
h:\windows\system32\ESENT.dll
h:\windows\system32\ATL.DLL
H:\WINDOWS\System32\SETUPAPI.DLL
H:\WINDOWS\System32\rastls.dll
H:\WINDOWS\system32\CRYPTUI.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\WININET.dll
H:\WINDOWS\System32\MPRAPI.dll
H:\WINDOWS\System32\ACTIVEDS.dll
H:\WINDOWS\System32\adsldpc.dll
H:\WINDOWS\System32\RASAPI32.dll
H:\WINDOWS\System32\rasman.dll
H:\WINDOWS\System32\TAPI32.dll
H:\WINDOWS\System32\SCHANNEL.dll
H:\WINDOWS\System32\WinSCard.dll
H:\WINDOWS\System32\raschap.dll
H:\WINDOWS\system32\msv1_0.dll
H:\WINDOWS\System32\CLBCATQ.DLL
H:\WINDOWS\System32\COMRes.dll
h:\windows\system32\schedsvc.dll
h:\windows\system32\NTDSAPI.dll
H:\WINDOWS\System32\MSIDLE.DLL
h:\windows\system32\audiosrv.dll
h:\windows\system32\wkssvc.dll
h:\windows\system32\cryptsvc.dll
h:\windows\system32\certcli.dll
h:\windows\system32\dmserver.dll
h:\windows\system32\ersvc.dll
h:\windows\system32\es.dll
h:\windows\pchealth\helpctr\binaries\pchsvc.dll
h:\windows\system32\hidserv.dll
h:\windows\system32\HID.DLL
h:\windows\system32\srvsvc.dll
H:\WINDOWS\System32\HNETCFG.DLL
h:\windows\system32\netman.dll
h:\windows\system32\netshell.dll
h:\windows\system32\credui.dll
h:\windows\system32\WZCSAPI.DLL
h:\windows\system32\seclogon.dll
h:\windows\system32\srsvc.dll
h:\windows\system32\POWRPROF.dll
h:\windows\system32\trkwks.dll
h:\windows\system32\w32time.dll
h:\windows\system32\MSVCP60.dll
H:\WINDOWS\system32\actxprxy.dll
h:\windows\system32\wbem\wmisvc.dll
H:\WINDOWS\system32\VSSAPI.DLL
H:\WINDOWS\system32\mswsock.dll
h:\windows\system32\wuauserv.dll
H:\WINDOWS\system32\wuaueng.dll
H:\WINDOWS\System32\WINSPOOL.DRV
H:\WINDOWS\System32\WINHTTP.dll
H:\WINDOWS\System32\Cabinet.dll
H:\WINDOWS\System32\mspatcha.dll
h:\windows\system32\browser.dll
h:\windows\system32\sens.dll
H:\WINDOWS\System32\wshtcpip.dll
h:\windows\system32\wscsvc.dll
h:\windows\system32\msi.dll
H:\WINDOWS\system32\wbem\wbemprox.dll
H:\WINDOWS\system32\wbem\wbemcomn.dll
H:\WINDOWS\system32\wbem\wbemcore.dll
H:\WINDOWS\system32\wbem\esscli.dll
H:\WINDOWS\system32\wbem\FastProx.dll
H:\WINDOWS\system32\wbem\wbemsvc.dll
H:\WINDOWS\system32\wbem\wmiutils.dll
H:\WINDOWS\system32\wbem\repdrvfs.dll
H:\WINDOWS\System32\sfc.dll
H:\WINDOWS\System32\sfc_os.dll
H:\WINDOWS\System32\SXS.DLL
H:\WINDOWS\system32\wbem\wmiprvsd.dll
H:\WINDOWS\system32\NCObjAPI.DLL
H:\WINDOWS\system32\wbem\wbemess.dll
H:\WINDOWS\system32\comsvcs.dll
H:\WINDOWS\system32\colbact.DLL
H:\WINDOWS\system32\MTXCLU.DLL
H:\WINDOWS\system32\WSOCK32.dll
H:\WINDOWS\System32\CLUSAPI.DLL
H:\WINDOWS\System32\RESUTILS.DLL
h:\windows\system32\ipnathlp.dll
h:\windows\system32\AUTHZ.dll
H:\WINDOWS\system32\wuapi.dll
H:\WINDOWS\system32\wbem\ncprov.dll
H:\WINDOWS\system32\wbem\wbemcons.dll
H:\WINDOWS\System32\rasadhlp.dll
H:\WINDOWS\system32\netcfgx.dll
H:\WINDOWS\System32\rasmans.dll
H:\WINDOWS\System32\WINIPSEC.DLL
h:\windows\system32\tapisrv.dll
h:\windows\system32\PSAPI.DLL
H:\WINDOWS\System32\rastapi.dll
H:\WINDOWS\System32\unimdm.tsp
H:\WINDOWS\System32\uniplat.dll
H:\WINDOWS\System32\unimdmat.dll
H:\WINDOWS\system32\modemui.dll
H:\WINDOWS\System32\kmddsp.tsp
H:\WINDOWS\System32\ndptsp.tsp
H:\WINDOWS\System32\ipconf.tsp
H:\WINDOWS\System32\h323.tsp
H:\WINDOWS\System32\hidphone.tsp
H:\WINDOWS\System32\rasppp.dll
H:\WINDOWS\System32\ntlsapi.dll
H:\WINDOWS\system32\kerberos.dll
H:\WINDOWS\System32\cryptdll.dll
H:\WINDOWS\system32\upnp.dll
H:\WINDOWS\system32\SSDPAPI.dll
H:\WINDOWS\System32\RASDLG.dll
H:\WINDOWS\system32\msxml3.dll
H:\WINDOWS\system32\Apphelp.dll
H:\WINDOWS\system32\wups2.dll

wmiapsrv (ER-0x01)

Unable to list modules

svchost (H:\WINDOWS\system32\svchost.exe)

H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
h:\windows\system32\dnsrslvr.dll
h:\windows\system32\DNSAPI.dll
h:\windows\system32\WS2_32.dll
h:\windows\system32\WS2HELP.dll
h:\windows\system32\iphlpapi.dll

winlogon (\??\H:\WINDOWS\system32\winlogon.exe)

\??\H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\AUTHZ.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\NDdeApi.dll
H:\WINDOWS\system32\PROFMAP.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\PSAPI.DLL
H:\WINDOWS\system32\REGAPI.dll
H:\WINDOWS\system32\Secur32.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\WINSTA.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\MSGINA.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\COMCTL32.dll
H:\WINDOWS\system32\ODBC32.dll
H:\WINDOWS\system32\comdlg32.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\odbcint.dll
H:\WINDOWS\system32\SHSVCS.dll
H:\WINDOWS\system32\sfc.dll
H:\WINDOWS\system32\sfc_os.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\Apphelp.dll
H:\WINDOWS\system32\sxs.dll
H:\WINDOWS\system32\WINSCARD.DLL
H:\WINDOWS\system32\WTSAPI32.dll
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\cscdll.dll
H:\WINDOWS\system32\WlNotify.dll
H:\WINDOWS\system32\WINSPOOL.DRV
H:\WINDOWS\system32\MPR.dll
H:\WINDOWS\system32\WgaLogon.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\NTMARTA.DLL
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\SAMLIB.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\msv1_0.dll
H:\WINDOWS\system32\iphlpapi.dll
H:\WINDOWS\system32\cscui.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\NavLogon.dll
H:\WINDOWS\system32\wdmaud.drv
H:\WINDOWS\system32\msacm32.drv
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\midimap.dll

DefWatch (H:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe)

H:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\MSVCR71.dll

SymSPort (H:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe)

H:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\SymNeti.DLL
H:\WINDOWS\system32\WSOCK32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSVCP71.dll
H:\WINDOWS\system32\MSVCR71.dll
H:\WINDOWS\system32\iphlpapi.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\Program Files\Common Files\Symantec Shared\ccL35.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\Crypt32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\WinTrust.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\userenv.dll
H:\WINDOWS\system32\secur32.dll
H:\WINDOWS\system32\netapi32.dll
H:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll
H:\Program Files\Symantec Client Security\Symantec Client Firewall\NisEvt.dll
H:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\Program Files\Common Files\Symantec Shared\ccProSub.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\msi.dll
H:\WINDOWS\system32\SXS.DLL
H:\WINDOWS\system32\wbem\wbemprox.dll
H:\WINDOWS\system32\wbem\wbemcomn.dll
H:\WINDOWS\system32\wbem\wbemsvc.dll
H:\WINDOWS\system32\wbem\fastprox.dll
H:\WINDOWS\system32\MSVCP60.dll
H:\WINDOWS\system32\NTDSAPI.dll
H:\WINDOWS\system32\DNSAPI.dll
H:\WINDOWS\system32\WLDAP32.dll
H:\Program Files\Common Files\Symantec Shared\ccSet.dll
H:\WINDOWS\system32\hnetcfg.dll

System (ER-0x01)

Unable to list modules

Rtvscan (H:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe)

H:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\CBA.DLL
H:\WINDOWS\system32\MsgSys.dll
H:\WINDOWS\system32\NTS.dll
H:\WINDOWS\system32\WSOCK32.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\MSWSOCK.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\PDS.DLL
H:\WINDOWS\system32\MPR.dll
H:\WINDOWS\system32\ole32.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\NAVLU.dll
H:\WINDOWS\system32\MFC71.DLL
H:\WINDOWS\system32\MSVCR71.dll
H:\WINDOWS\system32\PSAPI.DLL
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\IMM32.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\NAVNTUTL.DLL
H:\WINDOWS\system32\SFC.DLL
H:\WINDOWS\system32\sfc_os.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\wbem\wbemprox.dll
H:\WINDOWS\system32\wbem\wbemcomn.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\wbem\wbemsvc.dll
H:\WINDOWS\system32\wbem\fastprox.dll
H:\WINDOWS\system32\MSVCP60.dll
H:\WINDOWS\system32\NTDSAPI.dll
H:\WINDOWS\system32\DNSAPI.dll
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\Secur32.dll
H:\WINDOWS\system32\shfolder.dll
h:\program files\common files\symantec shared\ssc\ScsComms.dll
H:\WINDOWS\system32\MSVCP71.dll
H:\WINDOWS\system32\rsaenh.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\I2ldvp3.dll
H:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
H:\Program Files\Common Files\Symantec Shared\ccL35.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\uxtheme.dll
H:\Program Files\Common Files\Symantec Shared\ccDec.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\decsdk.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll
H:\WINDOWS\system32\WININET.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll
H:\Program Files\Common Files\Symantec Shared\ccScan.dll
H:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL
H:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20071123.04 9\ccEraser.dll
H:\WINDOWS\System32\winrnr.dll
H:\WINDOWS\system32\rasadhlp.dll
H:\WINDOWS\system32\hnetcfg.dll
H:\WINDOWS\System32\wshtcpip.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\DefUtDCD.dll
H:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20071123.04 9\ecmsvr32.dll
H:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20071123.04 9\NAVEX32a.DLL
H:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20071123.04 9\NAVENG32.DLL
H:\Program Files\Symantec Client Security\Symantec AntiVirus\NAVAP32.DLL
H:\Program Files\Symantec Client Security\Symantec AntiVirus\SAVRT32.DLL
H:\WINDOWS\system32\msi.dll
H:\WINDOWS\system32\SXS.DLL
H:\Program Files\Symantec Client Security\Symantec AntiVirus\IMail.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\NotesExt.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\vpmsece3.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\SymProtectStorage.dll
H:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll

Idle (ER-0x01)

Unable to list modules

Thread: Having Problems Again!!!

Thread Tools

Display

Wow that was

Processdll

Thread Information

Users Browsing this Thread

Posting Permissions