Having Problems Again!!!

**Pumpa** · 11-28-2007, 02:56 AM

WgaTray (H:\WINDOWS\system32\WgaTray.exe)

H:\WINDOWS\system32\WgaTray.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\WININET.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\msxml3.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\NTMARTA.DLL
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\SAMLIB.dll
H:\WINDOWS\system32\MSCTF.dll

ctfmon (H:\WINDOWS\system32\ctfmon.exe)

H:\WINDOWS\system32\ctfmon.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\MSCTF.dll
H:\WINDOWS\system32\MSUTB.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

spoolsv (H:\WINDOWS\system32\spoolsv.exe)

H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\SPOOLSS.DLL
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\DNSAPI.dll
H:\WINDOWS\system32\rasadhlp.dll
H:\WINDOWS\system32\localspl.dll
H:\WINDOWS\system32\Secur32.dll
H:\WINDOWS\system32\sfc_os.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\winspool.drv
H:\WINDOWS\system32\netapi32.dll
H:\WINDOWS\system32\cnbjmon.dll
H:\WINDOWS\system32\CNBJMON2.DLL
H:\WINDOWS\system32\CNMLM86.DLL
H:\WINDOWS\system32\PSAPI.DLL
H:\WINDOWS\system32\CNMLM2P.DLL
H:\WINDOWS\system32\mdimon.dll
H:\WINDOWS\system32\msi.dll
H:\WINDOWS\system32\pdfports.dll
H:\Program Files\Adobe\Acrobat 5.0\Distillr\adistres.dll
H:\WINDOWS\system32\pjlmon.dll
H:\WINDOWS\system32\tcpmon.dll
H:\WINDOWS\system32\usbmon.dll
H:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD86. DLL
H:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD2P. DLL
H:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.d ll
H:\WINDOWS\System32\mswsock.dll
H:\WINDOWS\System32\winrnr.dll
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\win32spl.dll
H:\WINDOWS\system32\NETRAP.dll
H:\WINDOWS\system32\NTDSAPI.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\inetpp.dll

lsass (H:\WINDOWS\system32\lsass.exe)

H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\LSASRV.dll
H:\WINDOWS\system32\MPR.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\NTDSAPI.dll
H:\WINDOWS\system32\DNSAPI.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\Secur32.dll
H:\WINDOWS\system32\SAMLIB.dll
H:\WINDOWS\system32\SAMSRV.dll
H:\WINDOWS\system32\cryptdll.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\msprivs.dll
H:\WINDOWS\system32\kerberos.dll
H:\WINDOWS\system32\msv1_0.dll
H:\WINDOWS\system32\iphlpapi.dll
H:\WINDOWS\system32\netlogon.dll
H:\WINDOWS\system32\w32time.dll
H:\WINDOWS\system32\MSVCP60.dll
H:\WINDOWS\system32\schannel.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\wdigest.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\sstts.dll
H:\WINDOWS\system32\SHFOLDER.dll
H:\WINDOWS\system32\urlmon.dll
H:\WINDOWS\system32\WININET.dll
H:\WINDOWS\system32\setupapi.dll
H:\WINDOWS\system32\scecli.dll
H:\WINDOWS\system32\ipsecsvc.dll
H:\WINDOWS\system32\AUTHZ.dll
H:\WINDOWS\system32\oakley.DLL
H:\WINDOWS\system32\WINIPSEC.DLL
H:\WINDOWS\system32\mswsock.dll
H:\WINDOWS\system32\hnetcfg.dll
H:\WINDOWS\system32\pstorsvc.dll
H:\WINDOWS\System32\wshtcpip.dll
H:\WINDOWS\system32\psbase.dll
H:\WINDOWS\system32\dssenh.dll

K9 (H:\Program Files\KeirNet\K9\K9.exe)

H:\Program Files\KeirNet\K9\K9.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\COMCTL32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\comdlg32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\RICHED32.dll
H:\WINDOWS\system32\RICHED20.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\MSCTF.dll
H:\WINDOWS\system32\mswsock.dll
H:\WINDOWS\system32\hnetcfg.dll
H:\WINDOWS\System32\wshtcpip.dll

DoScan (H:\Program Files\Symantec Client Security\Symantec AntiVirus\DoScan.exe)

H:\Program Files\Symantec Client Security\Symantec AntiVirus\DoScan.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\MSVCR71.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\WININET.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\Secur32.dll
H:\WINDOWS\system32\shell32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\msi.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\Cliscan.dll
H:\WINDOWS\system32\MPR.dll
H:\WINDOWS\system32\MSVCP71.dll
H:\WINDOWS\system32\shfolder.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\NAVNTUTL.DLL
H:\WINDOWS\system32\SFC.DLL
H:\WINDOWS\system32\sfc_os.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\SXS.DLL
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\I2ldvp3.dll
H:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
H:\Program Files\Common Files\Symantec Shared\ccL35.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\WSOCK32.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\userenv.dll
H:\WINDOWS\system32\netapi32.dll
H:\Program Files\Common Files\Symantec Shared\ccDec.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\decsdk.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll
H:\Program Files\Common Files\Symantec Shared\ccScan.dll
H:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL
H:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20071123.04 9\ccEraser.dll
H:\WINDOWS\System32\mswsock.dll
H:\WINDOWS\system32\DNSAPI.dll
H:\WINDOWS\system32\rasadhlp.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\DefUtDCD.dll
H:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20071123.04 9\ecmsvr32.dll
H:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20071123.04 9\NAVEX32a.DLL
H:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20071123.04 9\NAVENG32.DLL
H:\Program Files\Symantec Client Security\Symantec AntiVirus\NAVAP32.DLL
H:\Program Files\Symantec Client Security\Symantec AntiVirus\SAVRT32.DLL
H:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll
H:\WINDOWS\system32\IMM32.dll
H:\WINDOWS\system32\MFC71.DLL
H:\WINDOWS\system32\comdlg32.dll
H:\WINDOWS\system32\PSAPI.DLL

services (H:\WINDOWS\system32\services.exe)

H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\SCESRV.dll
H:\WINDOWS\system32\AUTHZ.dll
H:\WINDOWS\system32\umpnpmgr.dll
H:\WINDOWS\system32\WINSTA.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\NCObjAPI.DLL
H:\WINDOWS\system32\MSVCP60.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\secur32.dll
H:\WINDOWS\system32\Apphelp.dll
H:\WINDOWS\system32\eventlog.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\PSAPI.DLL
H:\WINDOWS\system32\wtsapi32.dll

AnyDVD (H:\Program Files\SlySoft\AnyDVD\AnyDVD.exe)

H:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\WININET.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\Secur32.dll
H:\Program Files\SlySoft\AnyDVD\AnyDialog.dll
H:\WINDOWS\system32\WINSPOOL.DRV
H:\WINDOWS\system32\COMDLG32.DLL
H:\WINDOWS\system32\WINMM.DLL
H:\WINDOWS\system32\ElbyCDIO.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\wsock32.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\MSCTF.dll

MDM (H:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE)

H:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\psapi.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll

alg (H:\WINDOWS\System32\alg.exe)

H:\WINDOWS\System32\alg.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\System32\ATL.DLL
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\System32\WSOCK32.dll
H:\WINDOWS\System32\WS2_32.dll
H:\WINDOWS\System32\WS2HELP.dll
H:\WINDOWS\System32\MSWSOCK.DLL
H:\WINDOWS\System32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\System32\WINMM.dll
H:\WINDOWS\System32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\System32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\System32\CLBCATQ.DLL
H:\WINDOWS\System32\COMRes.dll
H:\WINDOWS\System32\xpsp2res.dll
H:\WINDOWS\system32\hnetcfg.dll
H:\WINDOWS\System32\wshtcpip.dll

ProcessDll (H:\Documents and Settings\Damian\Desktop\ProcessDll.exe)

H:\Documents and Settings\Damian\Desktop\ProcessDll.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\mscoree.dll
H:\WINDOWS\system32\KERNEL32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscor wks.dll
H:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSVCR 71.dll
H:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fusio n.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
h:\windows\microsoft.net\framework\v1.1.4322\mscor lib.dll
h:\windows\assembly\nativeimages1_v1.1.4322\mscorl ib\1.0.5000.0__b77a5c561934e089_513eaa2c\mscorlib. dll
H:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\mscor sn.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\MSCTF.dll
H:\WINDOWS\system32\xpsp2res.dll
h:\windows\assembly\gac\system\1.0.5000.0__b77a5c5 61934e089\system.dll
h:\windows\assembly\nativeimages1_v1.1.4322\system \1.0.5000.0__b77a5c561934e089_b98389cf\system.dll
h:\windows\assembly\gac\system.drawing\1.0.5000.0_ _b03f5f7f11d50a3a\system.drawing.dll
h:\windows\assembly\nativeimages1_v1.1.4322\system .drawing\1.0.5000.0__b03f5f7f11d50a3a_72c37ba2\sys tem.drawing.dll
h:\windows\assembly\gac\system.directoryservices\1 .0.5000.0__b03f5f7f11d50a3a\system.directoryservic es.dll
H:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MSCOR JIT.DLL
h:\windows\assembly\gac\system.messaging\1.0.5000. 0__b03f5f7f11d50a3a\system.messaging.dll
h:\windows\assembly\gac\system.serviceprocess\1.0. 5000.0__b03f5f7f11d50a3a\system.serviceprocess.dll
h:\windows\assembly\gac\system.data\1.0.5000.0__b7 7a5c561934e089\system.data.dll
h:\windows\assembly\gac\microsoft.visualbasic\7.0. 5000.0__b03f5f7f11d50a3a\microsoft.visualbasic.dll
H:\WINDOWS\system32\shfolder.dll
H:\WINDOWS\system32\netfxperf.dll
H:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\perfc ounter.dll
H:\WINDOWS\system32\NTMARTA.DLL
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\SAMLIB.dll
H:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Corpe rfmonExt.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\PSAPI.dll
H:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspne t_isapi.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\System32\query.dll
H:\WINDOWS\system32\msdtcuiu.DLL
H:\WINDOWS\system32\ATL.DLL
H:\WINDOWS\system32\MFC42u.DLL
H:\WINDOWS\system32\MPR.dll
H:\WINDOWS\system32\MSDTCPRX.dll
H:\WINDOWS\system32\MSVCP60.dll
H:\WINDOWS\system32\MTXCLU.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\WSOCK32.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\CLUSAPI.DLL
H:\WINDOWS\system32\RESUTILS.DLL
H:\PROGRA~1\COMMON~1\SYSTEM\MSMAPI\1033\MSMAPI32.D LL
H:\Program Files\Common Files\Microsoft Shared\office11\mso.dll
H:\WINDOWS\system32\perfdisk.dll
H:\WINDOWS\system32\perfnet.dll
H:\WINDOWS\system32\perfos.dll
H:\WINDOWS\system32\perfproc.dll
H:\WINDOWS\system32\pschdprf.dll
H:\WINDOWS\system32\TRAFFIC.dll
H:\WINDOWS\system32\iphlpapi.dll
H:\WINDOWS\system32\WMI.dll
H:\WINDOWS\System32\rasctrs.dll
H:\WINDOWS\system32\rasman.dll
H:\WINDOWS\system32\secur32.dll
H:\WINDOWS\system32\msv1_0.dll
H:\WINDOWS\System32\rsvpperf.dll
H:\WINDOWS\system32\winspool.drv
H:\WINDOWS\system32\tapiperf.dll
H:\WINDOWS\system32\tapi32.dll
H:\WINDOWS\system32\rtutils.dll
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\Perfctrs.dll
H:\WINDOWS\system32\MPRAPI.dll
H:\WINDOWS\system32\ACTIVEDS.dll
H:\WINDOWS\system32\adsldpc.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\perfts.dll
H:\WINDOWS\system32\WINSTA.dll
H:\WINDOWS\system32\UTILDLL.dll
H:\WINDOWS\system32\wbem\wmiaprpl.dll
H:\WINDOWS\system32\loadperf.dll
H:\WINDOWS\system32\wbem\wbemcomn.dll

**Pumpa** · 11-28-2007, 02:57 AM

LxrSII1s (H:\WINDOWS\system32\LxrSII1s.exe)

H:\WINDOWS\system32\LxrSII1s.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll

wmiprvse (H:\WINDOWS\system32\wbem\wmiprvse.exe)

H:\WINDOWS\system32\wbem\wmiprvse.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\wbem\wbemcomn.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\wbem\FastProx.dll
H:\WINDOWS\system32\MSVCP60.dll
H:\WINDOWS\system32\NTDSAPI.dll
H:\WINDOWS\system32\DNSAPI.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\Secur32.dll
H:\WINDOWS\system32\NCObjAPI.DLL
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\wbem\wbemprox.dll
H:\WINDOWS\system32\wbem\wbemsvc.dll
H:\WINDOWS\system32\wbem\wmiutils.dll
H:\WINDOWS\system32\wbem\cimwin32.dll
H:\WINDOWS\system32\wbem\framedyn.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\SECURITY.DLL
H:\WINDOWS\system32\schannel.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\wbem\wmipcima.dll
H:\WINDOWS\system32\WTSAPI32.dll
H:\WINDOWS\system32\WINSTA.dll
H:\WINDOWS\system32\CFGMGR32.DLL
H:\WINDOWS\system32\WMI.DLL

svchost (H:\WINDOWS\system32\svchost.exe)

H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\NTMARTA.DLL
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\SAMLIB.dll
h:\windows\system32\rpcss.dll
h:\windows\system32\Secur32.dll
h:\windows\system32\WS2_32.dll
h:\windows\system32\WS2HELP.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
h:\windows\system32\termsrv.dll
h:\windows\system32\ICAAPI.dll
h:\windows\system32\SETUPAPI.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\IMAGEHLP.dll
h:\windows\system32\AUTHZ.dll
h:\windows\system32\mstlsapi.dll
h:\windows\system32\ACTIVEDS.dll
h:\windows\system32\adsldpc.dll
H:\WINDOWS\system32\NETAPI32.dll
h:\windows\system32\ATL.DLL
H:\WINDOWS\system32\REGAPI.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\Apphelp.dll

explorer (H:\WINDOWS\Explorer.EXE)

H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\BROWSEUI.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\SHDOCVW.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\CRYPTUI.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\WININET.dll
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\sstts.dll
H:\WINDOWS\system32\Secur32.dll
H:\WINDOWS\system32\SHFOLDER.dll
H:\WINDOWS\system32\urlmon.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\appHelp.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\System32\cscui.dll
H:\WINDOWS\System32\CSCDLL.dll
H:\WINDOWS\system32\themeui.dll
H:\WINDOWS\system32\MSIMG32.dll
H:\WINDOWS\system32\shdoclc.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\wsock32.dll
H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll
H:\WINDOWS\system32\actxprxy.dll
H:\Program Files\Windows Media Player\wmpband.dll
H:\WINDOWS\system32\MPR.dll
H:\WINDOWS\system32\SAMLIB.dll
H:\WINDOWS\system32\LINKINFO.dll
H:\WINDOWS\system32\ntshrui.dll
H:\WINDOWS\system32\ATL.DLL
H:\WINDOWS\system32\msi.dll
H:\WINDOWS\system32\SXS.DLL
H:\WINDOWS\system32\setupapi.dll
H:\WINDOWS\system32\NETSHELL.dll
H:\WINDOWS\system32\credui.dll
H:\WINDOWS\system32\iphlpapi.dll
H:\WINDOWS\system32\rtutils.dll
H:\WINDOWS\system32\WINSTA.dll
H:\WINDOWS\system32\webcheck.dll
H:\WINDOWS\system32\stobject.dll
H:\WINDOWS\system32\BatMeter.dll
H:\WINDOWS\system32\POWRPROF.dll
H:\WINDOWS\system32\WTSAPI32.dll
H:\WINDOWS\system32\wdmaud.drv
H:\WINDOWS\system32\hsjugqhk.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\MSCTF.dll
H:\WINDOWS\system32\msacm32.drv
H:\WINDOWS\system32\midimap.dll
H:\WINDOWS\system32\mslbui.dll
H:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
H:\Program Files\Nero\Nero 7\Nero BackItUp\MFC71U.DLL
H:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCR71.dll
H:\Program Files\Nero\Nero 7\Nero BackItUp\MSVCP71.dll
H:\PROGRA~1\WINZIP\WZSHLSTB.DLL
H:\PROGRA~1\TROJAN~1.0\contmenu.dll
H:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll
H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll
H:\WINDOWS\System32\drprov.dll
H:\WINDOWS\System32\ntlanman.dll
H:\WINDOWS\System32\NETUI0.dll
H:\WINDOWS\System32\NETUI1.dll
H:\WINDOWS\System32\NETRAP.dll
H:\WINDOWS\System32\davclnt.dll

VPTray (H:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe)

H:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSVCR71.dll
H:\WINDOWS\system32\MSVCP71.dll
H:\WINDOWS\system32\PSAPI.DLL
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\Secur32.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\SAVRT32.DLL
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\msi.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\Cliscan.dll
H:\WINDOWS\system32\MPR.dll
H:\WINDOWS\system32\shfolder.dll
H:\PROGRA~1\SYMANT~1\SYMANT~2\NAVNTUTL.DLL
H:\WINDOWS\system32\SFC.DLL
H:\WINDOWS\system32\sfc_os.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\SXS.DLL
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\Cliproxy.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\MSWSOCK.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\userenv.dll
H:\WINDOWS\system32\MSCTF.dll
H:\WINDOWS\system32\mslbui.dll

ISSVC (H:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe)

H:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\SymNeti.DLL
H:\WINDOWS\system32\WSOCK32.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSVCP71.dll
H:\WINDOWS\system32\MSVCR71.dll
H:\Program Files\Symantec Client Security\Symantec Client Firewall\NISRES.DLL
H:\WINDOWS\system32\msi.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\Program Files\Common Files\Symantec Shared\ccL35.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\DBGHELP.DLL
H:\WINDOWS\system32\IMM32.DLL
H:\WINDOWS\system32\Secur32.dll
H:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\Crypt32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\WinTrust.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\userenv.dll
H:\WINDOWS\system32\netapi32.dll
H:\Program Files\Common Files\Symantec Shared\ccSet.dll
H:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll
H:\Program Files\Common Files\Symantec Shared\ccProSub.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\SXS.DLL

smss (H:\WINDOWS\system32\smss.exe)

H:\WINDOWS\system32\smss.exe
H:\WINDOWS\system32\ntdll.dll

ccProxy (H:\Program Files\Common Files\Symantec Shared\ccProxy.exe)

H:\Program Files\Common Files\Symantec Shared\ccProxy.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\SYMREDIR.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSVCR71.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\MSVCP71.dll
H:\WINDOWS\system32\SymNeti.DLL
H:\WINDOWS\system32\WSOCK32.dll
H:\WINDOWS\system32\SHELL32.dll
H:\Program Files\Common Files\Symantec Shared\ccL35.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\DBGHELP.DLL
H:\WINDOWS\system32\IMM32.DLL
H:\WINDOWS\system32\Secur32.dll
H:\WINDOWS\system32\mswsock.dll
H:\WINDOWS\system32\hnetcfg.dll
H:\WINDOWS\System32\wshtcpip.dll
H:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\Crypt32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\WinTrust.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\userenv.dll
H:\WINDOWS\system32\netapi32.dll
H:\Program Files\Common Files\Symantec Shared\ccSet.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\msi.dll
H:\WINDOWS\system32\SXS.DLL
H:\Program Files\Common Files\Symantec Shared\DPHTML.dll
H:\Program Files\Common Files\Symantec Shared\DPJS.dll
H:\Program Files\Common Files\Symantec Shared\DPVBS.dll
H:\Program Files\Common Files\Symantec Shared\PFAdBlk.dll
H:\Program Files\Common Files\Symantec Shared\PFMisc.dll
H:\Program Files\Common Files\Symantec Shared\PFPriv.dll
H:\Program Files\Common Files\Symantec Shared\PFSec.dll
H:\Program Files\Common Files\Symantec Shared\PxyHTTP.dll
H:\Program Files\Common Files\Symantec Shared\DPHTTP.dll
H:\Program Files\Common Files\Symantec Shared\PxyIM.dll
H:\Program Files\Common Files\Symantec Shared\ccProSub.dll
H:\Program Files\Common Files\Symantec Shared\ccPxyEvt.dll
H:\Program Files\Common Files\Symantec Shared\ccLogin.dll
H:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll

OfficeKB (H:\PROGRA~1\OfficeKB\OfficeKB.EXE)

H:\PROGRA~1\OfficeKB\OfficeKB.EXE
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\comdlg32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\COMCTL32.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\VERSION.dll
H:\PROGRA~1\OfficeKB\LgKCUtl.dll
H:\PROGRA~1\OfficeKB\SzUPFUtl.dll
H:\PROGRA~1\OfficeKB\OSDUtl.dll
H:\PROGRA~1\OfficeKB\RgnMaker.dll
H:\PROGRA~1\OfficeKB\CDRomUtl.dll
H:\WINDOWS\system32\WINMM.dll
H:\PROGRA~1\OfficeKB\MixerUtl.dll
H:\PROGRA~1\OfficeKB\ComFnUtl.dll
H:\WINDOWS\system32\ole32.dll
H:\PROGRA~1\OfficeKB\Wnd2File.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\Secur32.dll
H:\PROGRA~1\OfficeKB\USBKBKC.DLL
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\wdmaud.drv
H:\WINDOWS\system32\msacm32.drv
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\midimap.dll
H:\WINDOWS\system32\WTSAPI32.DLL
H:\WINDOWS\system32\WINSTA.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\MSCTF.dll

svchost (H:\WINDOWS\system32\svchost.exe)

H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
h:\windows\system32\wiaservc.dll
h:\windows\system32\CFGMGR32.dll
H:\WINDOWS\system32\setupapi.dll
h:\windows\system32\mscms.dll
h:\windows\system32\WINSPOOL.DRV
h:\windows\system32\WINSTA.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\ScanUsdX.dll
H:\WINDOWS\system32\actxprxy.dll

ccApp (H:\Program Files\Common Files\Symantec Shared\ccApp.exe)

H:\Program Files\Common Files\Symantec Shared\ccApp.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\COMCTL32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\MSVCP71.dll
H:\WINDOWS\system32\MSVCR71.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\Program Files\Common Files\Symantec Shared\ccL35.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\DBGHELP.DLL
H:\WINDOWS\system32\uxtheme.dll
H:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\WSOCK32.dll
H:\WINDOWS\system32\Crypt32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\WinTrust.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\userenv.dll
H:\WINDOWS\system32\secur32.dll
H:\WINDOWS\system32\netapi32.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\msi.dll
H:\WINDOWS\system32\SXS.DLL
H:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL
H:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL
H:\WINDOWS\system32\MSWSOCK.dll
H:\WINDOWS\system32\MSCTF.dll
H:\PROGRA~1\SYMANT~1\SYMANT~1\NISPROD.DLL
H:\PROGRA~1\SYMANT~1\SYMANT~1\NISRES.DLL
H:\PROGRA~1\SYMANT~1\SYMANT~1\NISTRAY.DLL
H:\PROGRA~1\SYMANT~1\SYMANT~1\NISALERT.DLL
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\SymNeti.DLL
H:\Program Files\Common Files\Symantec Shared\ccSet.dll
H:\WINDOWS\system32\SYMREDIR.DLL
H:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll
H:\Program Files\Symantec Client Security\Symantec Client Firewall\NISLCOM.dll
H:\Program Files\Common Files\Symantec Shared\ccLogin.dll
H:\Program Files\Common Files\Symantec Shared\ccProSub.dll
H:\Program Files\Symantec Client Security\Symantec Client Firewall\ccEmlflt.dll
H:\Program Files\Common Files\Symantec Shared\ccPxyEvt.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\SavEmail.dll
H:\WINDOWS\system32\DNSAPI.dll
H:\WINDOWS\System32\winrnr.dll
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\rasadhlp.dll
H:\WINDOWS\system32\hnetcfg.dll
H:\WINDOWS\System32\wshtcpip.dll
H:\Program Files\Symantec Client Security\Symantec Client Firewall\SymFWAgt.dll
H:\Program Files\Symantec Client Security\Symantec Client Firewall\SFWAlert.dll
H:\Program Files\Symantec Client Security\Symantec Client Firewall\ccFWSetg.dll
H:\Program Files\Symantec Client Security\Symantec Client Firewall\pRSettg.dll
H:\Program Files\Symantec Client Security\Symantec Client Firewall\TLevel.dll

**Pumpa** · 11-28-2007, 03:00 AM

svchost (H:\WINDOWS\system32\svchost.exe)

H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
h:\windows\system32\rpcss.dll
h:\windows\system32\Secur32.dll
h:\windows\system32\WS2_32.dll
h:\windows\system32\WS2HELP.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\mswsock.dll
H:\WINDOWS\system32\hnetcfg.dll
H:\WINDOWS\System32\wshtcpip.dll
H:\WINDOWS\system32\DNSAPI.dll
H:\WINDOWS\system32\iphlpapi.dll
H:\WINDOWS\System32\winrnr.dll
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\rasadhlp.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll

ccSetMgr (H:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe)

H:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\MSVCP71.dll
H:\WINDOWS\system32\MSVCR71.dll
H:\Program Files\Common Files\Symantec Shared\ccL35.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\DBGHELP.DLL
H:\WINDOWS\system32\IMM32.DLL
H:\WINDOWS\system32\Secur32.dll
H:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\WSOCK32.dll
H:\WINDOWS\system32\Crypt32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\WinTrust.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\msi.dll
H:\WINDOWS\system32\SXS.DLL
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\userenv.dll
H:\WINDOWS\system32\netapi32.dll
H:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll

svchost (H:\WINDOWS\System32\svchost.exe)

H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\System32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\System32\WINMM.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\System32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\System32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\System32\NTMARTA.DLL
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\System32\SAMLIB.dll
H:\WINDOWS\System32\xpsp2res.dll
h:\windows\system32\shsvcs.dll
H:\WINDOWS\System32\WINSTA.dll
H:\WINDOWS\system32\NETAPI32.dll
h:\windows\system32\dhcpcsvc.dll
h:\windows\system32\DNSAPI.dll
h:\windows\system32\WS2_32.dll
h:\windows\system32\WS2HELP.dll
h:\windows\system32\iphlpapi.dll
h:\windows\system32\Secur32.dll
H:\WINDOWS\System32\rsaenh.dll
h:\windows\system32\wzcsvc.dll
h:\windows\system32\rtutils.dll
h:\windows\system32\WMI.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
h:\windows\system32\WTSAPI32.dll
h:\windows\system32\ESENT.dll
h:\windows\system32\ATL.DLL
H:\WINDOWS\System32\SETUPAPI.DLL
H:\WINDOWS\System32\rastls.dll
H:\WINDOWS\system32\CRYPTUI.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\WININET.dll
H:\WINDOWS\System32\MPRAPI.dll
H:\WINDOWS\System32\ACTIVEDS.dll
H:\WINDOWS\System32\adsldpc.dll
H:\WINDOWS\System32\RASAPI32.dll
H:\WINDOWS\System32\rasman.dll
H:\WINDOWS\System32\TAPI32.dll
H:\WINDOWS\System32\SCHANNEL.dll
H:\WINDOWS\System32\WinSCard.dll
H:\WINDOWS\System32\raschap.dll
H:\WINDOWS\system32\msv1_0.dll
H:\WINDOWS\System32\CLBCATQ.DLL
H:\WINDOWS\System32\COMRes.dll
h:\windows\system32\schedsvc.dll
h:\windows\system32\NTDSAPI.dll
H:\WINDOWS\System32\MSIDLE.DLL
h:\windows\system32\audiosrv.dll
h:\windows\system32\wkssvc.dll
h:\windows\system32\cryptsvc.dll
h:\windows\system32\certcli.dll
h:\windows\system32\dmserver.dll
h:\windows\system32\ersvc.dll
h:\windows\system32\es.dll
h:\windows\pchealth\helpctr\binaries\pchsvc.dll
h:\windows\system32\hidserv.dll
h:\windows\system32\HID.DLL
h:\windows\system32\srvsvc.dll
H:\WINDOWS\System32\HNETCFG.DLL
h:\windows\system32\netman.dll
h:\windows\system32\netshell.dll
h:\windows\system32\credui.dll
h:\windows\system32\WZCSAPI.DLL
h:\windows\system32\seclogon.dll
h:\windows\system32\srsvc.dll
h:\windows\system32\POWRPROF.dll
h:\windows\system32\trkwks.dll
h:\windows\system32\w32time.dll
h:\windows\system32\MSVCP60.dll
H:\WINDOWS\system32\actxprxy.dll
h:\windows\system32\wbem\wmisvc.dll
H:\WINDOWS\system32\VSSAPI.DLL
H:\WINDOWS\system32\mswsock.dll
h:\windows\system32\wuauserv.dll
H:\WINDOWS\system32\wuaueng.dll
H:\WINDOWS\System32\WINSPOOL.DRV
H:\WINDOWS\System32\WINHTTP.dll
H:\WINDOWS\System32\Cabinet.dll
H:\WINDOWS\System32\mspatcha.dll
h:\windows\system32\browser.dll
h:\windows\system32\sens.dll
H:\WINDOWS\System32\wshtcpip.dll
h:\windows\system32\wscsvc.dll
h:\windows\system32\msi.dll
H:\WINDOWS\system32\wbem\wbemprox.dll
H:\WINDOWS\system32\wbem\wbemcomn.dll
H:\WINDOWS\system32\wbem\wbemcore.dll
H:\WINDOWS\system32\wbem\esscli.dll
H:\WINDOWS\system32\wbem\FastProx.dll
H:\WINDOWS\system32\wbem\wbemsvc.dll
H:\WINDOWS\system32\wbem\wmiutils.dll
H:\WINDOWS\system32\wbem\repdrvfs.dll
H:\WINDOWS\System32\sfc.dll
H:\WINDOWS\System32\sfc_os.dll
H:\WINDOWS\System32\SXS.DLL
H:\WINDOWS\system32\wbem\wmiprvsd.dll
H:\WINDOWS\system32\NCObjAPI.DLL
H:\WINDOWS\system32\wbem\wbemess.dll
H:\WINDOWS\system32\comsvcs.dll
H:\WINDOWS\system32\colbact.DLL
H:\WINDOWS\system32\MTXCLU.DLL
H:\WINDOWS\system32\WSOCK32.dll
H:\WINDOWS\System32\CLUSAPI.DLL
H:\WINDOWS\System32\RESUTILS.DLL
h:\windows\system32\ipnathlp.dll
h:\windows\system32\AUTHZ.dll
H:\WINDOWS\system32\wuapi.dll
H:\WINDOWS\system32\wbem\ncprov.dll
H:\WINDOWS\system32\wbem\wbemcons.dll
H:\WINDOWS\System32\rasadhlp.dll
H:\WINDOWS\system32\netcfgx.dll
H:\WINDOWS\System32\rasmans.dll
H:\WINDOWS\System32\WINIPSEC.DLL
h:\windows\system32\tapisrv.dll
h:\windows\system32\PSAPI.DLL
H:\WINDOWS\System32\rastapi.dll
H:\WINDOWS\System32\unimdm.tsp
H:\WINDOWS\System32\uniplat.dll
H:\WINDOWS\System32\unimdmat.dll
H:\WINDOWS\system32\modemui.dll
H:\WINDOWS\System32\kmddsp.tsp
H:\WINDOWS\System32\ndptsp.tsp
H:\WINDOWS\System32\ipconf.tsp
H:\WINDOWS\System32\h323.tsp
H:\WINDOWS\System32\hidphone.tsp
H:\WINDOWS\System32\rasppp.dll
H:\WINDOWS\System32\ntlsapi.dll
H:\WINDOWS\system32\kerberos.dll
H:\WINDOWS\System32\cryptdll.dll
H:\WINDOWS\system32\upnp.dll
H:\WINDOWS\system32\SSDPAPI.dll
H:\WINDOWS\System32\RASDLG.dll
H:\WINDOWS\system32\msxml3.dll
H:\WINDOWS\system32\Apphelp.dll
H:\WINDOWS\system32\wups2.dll

wmiapsrv (ER-0x01)

Unable to list modules

svchost (H:\WINDOWS\system32\svchost.exe)

H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\ShimEng.dll
H:\WINDOWS\AppPatch\AcGenral.DLL
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\UxTheme.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
h:\windows\system32\dnsrslvr.dll
h:\windows\system32\DNSAPI.dll
h:\windows\system32\WS2_32.dll
h:\windows\system32\WS2HELP.dll
h:\windows\system32\iphlpapi.dll

winlogon (\??\H:\WINDOWS\system32\winlogon.exe)

\??\H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\AUTHZ.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\NDdeApi.dll
H:\WINDOWS\system32\PROFMAP.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\PSAPI.DLL
H:\WINDOWS\system32\REGAPI.dll
H:\WINDOWS\system32\Secur32.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\WINSTA.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\MSGINA.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\COMCTL32.dll
H:\WINDOWS\system32\ODBC32.dll
H:\WINDOWS\system32\comdlg32.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\odbcint.dll
H:\WINDOWS\system32\SHSVCS.dll
H:\WINDOWS\system32\sfc.dll
H:\WINDOWS\system32\sfc_os.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\Apphelp.dll
H:\WINDOWS\system32\sxs.dll
H:\WINDOWS\system32\WINSCARD.DLL
H:\WINDOWS\system32\WTSAPI32.dll
H:\WINDOWS\system32\WINMM.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\cscdll.dll
H:\WINDOWS\system32\WlNotify.dll
H:\WINDOWS\system32\WINSPOOL.DRV
H:\WINDOWS\system32\MPR.dll
H:\WINDOWS\system32\WgaLogon.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\NTMARTA.DLL
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\SAMLIB.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\msv1_0.dll
H:\WINDOWS\system32\iphlpapi.dll
H:\WINDOWS\system32\cscui.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\NavLogon.dll
H:\WINDOWS\system32\wdmaud.drv
H:\WINDOWS\system32\msacm32.drv
H:\WINDOWS\system32\MSACM32.dll
H:\WINDOWS\system32\midimap.dll

DefWatch (H:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe)

H:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\MSVCR71.dll

SymSPort (H:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe)

H:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\SymNeti.DLL
H:\WINDOWS\system32\WSOCK32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\ole32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\system32\MSVCP71.dll
H:\WINDOWS\system32\MSVCR71.dll
H:\WINDOWS\system32\iphlpapi.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\Program Files\Common Files\Symantec Shared\ccL35.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\Crypt32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\WinTrust.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\rsaenh.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\uxtheme.dll
H:\WINDOWS\system32\userenv.dll
H:\WINDOWS\system32\secur32.dll
H:\WINDOWS\system32\netapi32.dll
H:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll
H:\Program Files\Symantec Client Security\Symantec Client Firewall\NisEvt.dll
H:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\Program Files\Common Files\Symantec Shared\ccProSub.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\msi.dll
H:\WINDOWS\system32\SXS.DLL
H:\WINDOWS\system32\wbem\wbemprox.dll
H:\WINDOWS\system32\wbem\wbemcomn.dll
H:\WINDOWS\system32\wbem\wbemsvc.dll
H:\WINDOWS\system32\wbem\fastprox.dll
H:\WINDOWS\system32\MSVCP60.dll
H:\WINDOWS\system32\NTDSAPI.dll
H:\WINDOWS\system32\DNSAPI.dll
H:\WINDOWS\system32\WLDAP32.dll
H:\Program Files\Common Files\Symantec Shared\ccSet.dll
H:\WINDOWS\system32\hnetcfg.dll

System (ER-0x01)

Unable to list modules

Rtvscan (H:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe)

H:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
H:\WINDOWS\system32\ntdll.dll
H:\WINDOWS\system32\kernel32.dll
H:\WINDOWS\system32\SHLWAPI.dll
H:\WINDOWS\system32\ADVAPI32.dll
H:\WINDOWS\system32\RPCRT4.dll
H:\WINDOWS\system32\GDI32.dll
H:\WINDOWS\system32\USER32.dll
H:\WINDOWS\system32\msvcrt.dll
H:\WINDOWS\system32\CBA.DLL
H:\WINDOWS\system32\MsgSys.dll
H:\WINDOWS\system32\NTS.dll
H:\WINDOWS\system32\WSOCK32.dll
H:\WINDOWS\system32\WS2_32.dll
H:\WINDOWS\system32\WS2HELP.dll
H:\WINDOWS\system32\MSWSOCK.dll
H:\WINDOWS\system32\NETAPI32.dll
H:\WINDOWS\system32\PDS.DLL
H:\WINDOWS\system32\MPR.dll
H:\WINDOWS\system32\ole32.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\NAVLU.dll
H:\WINDOWS\system32\MFC71.DLL
H:\WINDOWS\system32\MSVCR71.dll
H:\WINDOWS\system32\PSAPI.DLL
H:\WINDOWS\system32\USERENV.dll
H:\WINDOWS\system32\SHELL32.dll
H:\WINDOWS\system32\OLEAUT32.dll
H:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
H:\WINDOWS\system32\comctl32.dll
H:\WINDOWS\system32\IMM32.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\NAVNTUTL.DLL
H:\WINDOWS\system32\SFC.DLL
H:\WINDOWS\system32\sfc_os.dll
H:\WINDOWS\system32\WINTRUST.dll
H:\WINDOWS\system32\CRYPT32.dll
H:\WINDOWS\system32\MSASN1.dll
H:\WINDOWS\system32\IMAGEHLP.dll
H:\WINDOWS\system32\CLBCATQ.DLL
H:\WINDOWS\system32\COMRes.dll
H:\WINDOWS\system32\VERSION.dll
H:\WINDOWS\system32\wbem\wbemprox.dll
H:\WINDOWS\system32\wbem\wbemcomn.dll
H:\WINDOWS\system32\xpsp2res.dll
H:\WINDOWS\system32\wbem\wbemsvc.dll
H:\WINDOWS\system32\wbem\fastprox.dll
H:\WINDOWS\system32\MSVCP60.dll
H:\WINDOWS\system32\NTDSAPI.dll
H:\WINDOWS\system32\DNSAPI.dll
H:\WINDOWS\system32\WLDAP32.dll
H:\WINDOWS\system32\Secur32.dll
H:\WINDOWS\system32\shfolder.dll
h:\program files\common files\symantec shared\ssc\ScsComms.dll
H:\WINDOWS\system32\MSVCP71.dll
H:\WINDOWS\system32\rsaenh.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\I2ldvp3.dll
H:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll
H:\Program Files\Common Files\Symantec Shared\ccL35.dll
H:\WINDOWS\system32\SETUPAPI.dll
H:\WINDOWS\system32\uxtheme.dll
H:\Program Files\Common Files\Symantec Shared\ccDec.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\decsdk.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2.dll
H:\WINDOWS\system32\WININET.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ID.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Zip.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2SS.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2GZIP.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2CAB.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LHA.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2ARJ.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TNEF.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2LZ.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2AMG.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RAR.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2TAR.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2RTF.dll
H:\Program Files\Common Files\Symantec Shared\Decomposers\Dec2Text.dll
H:\Program Files\Common Files\Symantec Shared\ccScan.dll
H:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL
H:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20071123.04 9\ccEraser.dll
H:\WINDOWS\System32\winrnr.dll
H:\WINDOWS\system32\rasadhlp.dll
H:\WINDOWS\system32\hnetcfg.dll
H:\WINDOWS\System32\wshtcpip.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\DefUtDCD.dll
H:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20071123.04 9\ecmsvr32.dll
H:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20071123.04 9\NAVEX32a.DLL
H:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20071123.04 9\NAVENG32.DLL
H:\Program Files\Symantec Client Security\Symantec AntiVirus\NAVAP32.DLL
H:\Program Files\Symantec Client Security\Symantec AntiVirus\SAVRT32.DLL
H:\WINDOWS\system32\msi.dll
H:\WINDOWS\system32\SXS.DLL
H:\Program Files\Symantec Client Security\Symantec AntiVirus\IMail.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\NotesExt.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\vpmsece3.dll
H:\Program Files\Symantec Client Security\Symantec AntiVirus\SymProtectStorage.dll
H:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCEvt.dll

Idle (ER-0x01)

Unable to list modules

**Pumpa** · 11-28-2007, 03:04 AM

I glad it's you guys that are making sense of that

Good luck

**ShadowPuterDude** · 11-28-2007, 08:39 AM

Download to your Desktop
- Process Explorer
- Pocket Killbox

Extract Process Explorer to the Desktop.

Extract Pocket Killbox to your Desktop

IMPORTANT: You should print or save the below locally, so you can refer to them while offline. You must exit all browsers before running the below steps and it would be best if you actually physically unplug your cable to the internet, reboot, and do not run anything but what I give you to do. Also it would be good to exit all processes and items in your System tray.

Do the above before continuing! Okay unplug your cable now.

Make sure you have rebooted in Normal Mode (do not open any other processes)

- Run Process Explorer

In the top section of the Process Explorer screen double click on lsass.exe to bring up the properties screen. Click on the Threads tab at the top.

Once you see this screen click on each instance of sstts.dll once and then click the kill button. After you have killed all of the sstts.dll under lsass click ok.

Next double click on explorer.exe and again click once on each instance of sstts.dll and kill it. Now once on each instance of hsjugqhk.dll and kill it

Now just exit Process Explorer.

Now Run HijackThis. Click the 'Do a system scan only' button. Place a checkmark in the box next to the following lines DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:

O2 - BHO: (no name) - {3025219A-0C96-486A-9044-9E25A5FE1349} - H:\WINDOWS\system32\sstts.dll

O4 - HKLM\..\Run: [000000af] rundll32.exe "H:\WINDOWS\system32\exoasbys.dll",b

Click on the 'Fix checked' button. Wait for HijackThis to finish; close HijackThis.

Copy the bold text below to notepad. Save it as fixme.reg to your desktop.
Be sure the "Save as" type is set to "all files"
Once you have saved it double click it and allow it to merge with the registry.

REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\run]
"000000af"=-

[-HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shellexecutehooks
{60E2746A-9C2E-45A2-85CE-7E1A8A890961}]

[-HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\browser helper objects\{7449713A-4B98-4047-A24D-9DB184991C05}]

Now run Pocket Killbox.
Choose Tools > Delete Temp Files and click Delete Selected Temp Files.
Then after it deletes the files click the Exit (Save Settings) button.
NOTE: Pocket Killbox will only list the added files it is able to find on the system. So when you do the below, if some files do not show in the list after pasting them in, just continue.

Select:

Delete on Reboot
then Click on the All Files button.
Please copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy):

H:\WINDOWS\SYSTEM32\aiqegays.ini
H:\WINDOWS\SYSTEM32\bbatbpwm.dll
H:\WINDOWS\system32\exoasbys.dll
H:\WINDOWS\system32\hsjugqhk.dll
H:\WINDOWS\SYSTEM32\mwpbtabb.ini
H:\WINDOWS\SYSTEM32\paaivpcd.ini
H:\WINDOWS\SYSTEM32\profile.dat
H:\WINDOWS\SYSTEM32\sstts.dll
H:\WINDOWS\SYSTEM32\sttss.ini
H:\WINDOWS\SYSTEM32\sttss~1.ini
H:\WINDOWS\SYSTEM32\sybsaoxe.ini
H:\WINDOWS\SYSTEM32\sytmwgpx.ini
H:\WINDOWS\SYSTEM32\xpgwmtys.dll
Return to Killbox, go to the File menu, and choose Paste from Clipboard.
Click the red-and-white Delete File button. Click Yes at the Delete on Reboot prompt. Click OK at any PendingFileRenameOperations prompt (and please let me know if you receive this message!).

If Killbox does not reboot just reboot your PC yourself.

Post fresh logs for:
HijackThis
ISeeYouXP

Tell me how the steps went.

Make sure you tell me how things are working now!

**Pumpa** · 11-28-2007, 05:01 PM

Ok I have done it all to the letter. Only touble was that hsjugqhk.dll was not there to delete when running process explore.
This entry
O4 - HKLM\..\Run: [000000af] rundll32.exe "H:\WINDOWS\system32\exoasbys.dll",b was not there during that stage when running HJT.

Here is HJT log.

Logfile of HijackThis v1.99.1
Scan saved at 7:52:06 AM, on 29/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\Program Files\Common Files\Symantec Shared\ccProxy.exe
H:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
H:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
H:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
H:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
H:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
H:\WINDOWS\system32\LxrSII1s.exe
H:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
H:\WINDOWS\system32\nvsvc32.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
H:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
H:\WINDOWS\system32\WgaTray.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\ALCWZRD.EXE
H:\Program Files\Common Files\Symantec Shared\ccApp.exe
H:\PROGRA~1\OfficeKB\OfficeKB.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
H:\Program Files\KeirNet\K9\K9.exe
H:\Program Files\Symantec Client Security\Symantec AntiVirus\DoScan.exe
H:\WINDOWS\system32\wuauclt.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Program Files\HI JACK THIS\Damian.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sa.chariot.net.au/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.ninemsn.com.au/0SEENAU/SAOS01?FORM=TOOLBR
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {09C16135-34ED-4301-BA9A-8C791EEB1F3C} - H:\WINDOWS\system32\sstts.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - H:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - H:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - H:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - H:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [ccApp] "H:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [OfficeKB] H:\PROGRA~1\OfficeKB\OfficeKB.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [vptray] H:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Launch K9.lnk = H:\Program Files\KeirNet\K9\K9.exe
O4 - Global Startup: Acrobat Assistant.lnk = H:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Windows Live Search - res://H:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://H:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://H:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://H:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://H:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O8 - Extra context menu item: Open in new background tab - res://H:\Program Files\Windows Live Toolbar\Components\en-au\msntabres.dll.mui/229?933a97c3b3af45fc9ff488f53ff4003b
O8 - Extra context menu item: Open in new foreground tab - res://H:\Program Files\Windows Live Toolbar\Components\en-au\msntabres.dll.mui/230?933a97c3b3af45fc9ff488f53ff4003b
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - H:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - H:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: H:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/par...an_unicode.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{10D44058-2415-454A-B693-4CADCE2AAEEA}: NameServer = 203.12.160.35,203.12.160.36
O17 - HKLM\System\CS1\Services\Tcpip\..\{10D44058-2415-454A-B693-4CADCE2AAEEA}: NameServer = 203.12.160.35,203.12.160.36
O17 - HKLM\System\CS2\Services\Tcpip\..\{10D44058-2415-454A-B693-4CADCE2AAEEA}: NameServer = 203.12.160.35,203.12.160.36
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - H:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - H:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - H:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: NavLogon - H:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: WgaLogon - H:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - H:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - H:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - H:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - H:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - H:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - H:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
O23 - Service: Lexar Secure II (LxrSII1s) - Unknown owner - H:\WINDOWS\SYSTEM32\LxrSII1s.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVRoam (SavRoam) - symantec - H:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - H:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - H:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - H:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - H:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe

**Pumpa** · 11-28-2007, 05:06 PM

************************************************** **********************************
ISeeYouXP v2.0 Beta 13

ISeeYouXP v1.3.0-v2.0 Beta 13 Copyright - ShadowPuterDude
ISeeYouXP v1.2.9 and earlier Copyright - PhilliePhan
------------------------------------------------------------------------------------
**** PLEASE NOTE THAT MOST (if not ALL) OF THE ITEMS BELOW ARE NOT BADDIES! ****
**** PLEASE CONSULT A KNOWLEDGEABLE PERSON BEFORE TAKING ANY ACTION. ****
************************************************** **********************************

Windows/Browser/Java Versions:

Microsoft Windows XP Professional
Version: 5.1.2600
Service Pack: 2.0
Windows Directory: H:\WINDOWS

Internet Explorer
Version: 6.0.2900.2180
Build: 62900.2180
Language: English (United States)
Path: H:\Program Files\Internet Explorer

Boot State: Normal boot

Scan done at 8:33:08.56, Thu 29/11/2007

------------------------------------------------------------------------------------

ISeeYouXP installation folder and files

H:\ISEEYO~1\
bootst~1.vbs Mon 28 May 2007 14:26:48 A.... 359 0.35 K
change.log Wed 17 Oct 2007 18:49:26 A.... 4,902 4.79 K
chodefix.bat Wed 18 Apr 2007 13:57:18 A.... 5,387 5.26 K
fixchode.reg Wed 18 Apr 2007 13:22:12 A.... 528 0.52 K
fixexp~1.bat Sat 24 Feb 2007 13:29:40 A.... 487 0.47 K
getunk~1.bat Sat 12 Aug 2006 13:24:58 A.... 1,478 1.44 K
grep.exe Fri 24 Dec 2004 19:33:28 A.... 160,768 157.00 K
hideit.bat Wed 17 Oct 2007 21:00:56 A.... 1,072 1.05 K
ieinfo.vbs Mon 28 May 2007 13:51:28 A.... 514 0.50 K
iesecu~1.bat Sun 28 Oct 2007 22:52:32 A.... 72 0.07 K
iesecu~1.vbs Wed 7 Nov 2007 23:17:40 A.... 2,399 2.34 K
iseeyo~1.bat Wed 17 Oct 2007 21:00:34 A.... 209,237 204.33 K
libico~1.dll Tue 16 Mar 2004 18:37:50 A.... 898,048 877.00 K
libintl3.dll Sat 9 Oct 2004 12:25:46 A.... 101,888 99.50 K
locate.com Fri 14 Jan 2005 1:41:48 A.... 11,254 10.99 K
md5sum.exe Sun 5 Aug 2007 19:56:56 A.... 49,152 48.00 K
msconf~1.bat Sat 24 Feb 2007 1:40:10 A.... 578 0.56 K
osinfo.vbs Mon 28 May 2007 14:00:10 A.... 598 0.58 K
pcbutts.txt Sun 25 Mar 2007 9:04:02 A.... 5,167 5.04 K
pcre.dll Sun 14 Nov 2004 13:29:04 A.... 183,313 179.02 K
pv.exe Thu 2 Mar 2006 23:42:40 A.... 73,728 72.00 K
regedi~1.bat Fri 30 Mar 2007 20:16:02 A.... 650 0.63 K
regfix.bat Wed 18 Apr 2007 13:55:40 A.... 145 0.14 K
servic~1.vbs Mon 28 May 2007 17:06:48 A.... 672 0.66 K
showit.bat Wed 17 Oct 2007 21:01:22 A.... 1,013 0.99 K
swreg.exe Thu 5 Apr 2007 6:58:52 A.... 139,776 136.50 K
system~1.bat Wed 28 Feb 2007 21:55:02 A.... 369 0.36 K
taskmg~1.bat Sat 24 Feb 2007 13:24:08 A.... 288 0.28 K

28 items found: 28 files, 0 directories.
Total of file sizes: 1,853,842 bytes 1.77 M
3 Dir(s) 138,992,132,096 bytes free

------------------------------------------------------------------------------------

System Environment Variables

ALLUSERSPROFILE=H:\Documents and Settings\All Users
APPDATA=H:\Documents and Settings\Damian\Application Data
CLASSPATH=.;H:\Program Files\QuickTime\QTSystem\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=H:\Program Files\Common Files
COMPUTERNAME=DT-32F7CC931ADE
ComSpec=H:\WINDOWS\system32\cmd.exe
errcode=0
FP_NO_HOST_CHECK=NO
HOMEDRIVE=H:
HOMEPATH=\Documents and Settings\Damian
LOGONSERVER=\\DT-32F7CC931ADE
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=H:\WINDOWS\system32;H:\WINDOWS;H:\WINDOWS\sys tem32\wbem;H:\Program Files\QuickTime\QTSystem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0401
ProgramFiles=H:\Program Files
PROMPT=$P$G
QTJAVA=H:\Program Files\QuickTime\QTSystem\QTJava.zip
SESSIONNAME=Console
SystemDrive=H:
SystemRoot=H:\WINDOWS
TEMP=H:\DOCUME~1\Damian\LOCALS~1\Temp
TMP=H:\DOCUME~1\Damian\LOCALS~1\Temp
USERDOMAIN=DT-32F7CC931ADE
USERNAME=Damian
USERPROFILE=H:\Documents and Settings\Damian
windir=H:\WINDOWS

------------------------------------------------------------------------------------

Showing any Pocket Killbox backup files

H:\!KILLBOX\
aiqegays.ini Sun 25 Nov 2007 23:01:54 ..... 776,132 757.94 K
mwpbtabb.ini Wed 28 Nov 2007 17:53:22 ..... 778,982 760.72 K
paaivpcd.ini Tue 27 Nov 2007 10:30:16 ..... 778,838 760.58 K
profile.dat Thu 29 Nov 2007 7

38 ..... 40 0.04 K
sstts.dll Wed 14 Nov 2007 17:43:56 ..... 320,608 313.09 K
sstts~1.dll Wed 14 Nov 2007 17:43:56 ..... 320,608 313.09 K
sttss.ini Thu 29 Nov 2007 7:32:18 ..... 91,535 89.39 K
sttss~1.ini Thu 29 Nov 2007 7:32:08 ..... 91,535 89.39 K
sybsaoxe.ini Mon 26 Nov 2007 17:12:04 ..... 776,492 758.29 K
sytmwgpx.ini Sat 24 Nov 2007 7:42:02 ..... 775,832 757.65 K
xpgwmtys.dll Sat 24 Nov 2007 7:41:40 ..... 86,080 84.06 K

11 items found: 11 files, 0 directories.
Total of file sizes: 4,796,682 bytes 4.57 M

------------------------------------------------------------------------------------

Displaying BOOT.INI:

[boot loader]
timeout=1
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOW S
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Micro soft Windows XP Professional" /noexecute=optin /fastdetect

------------------------------------------------------------------------------------

Displaying SYSTEM.INI:

; for 16-bit app support

[drivers]
wave=mmdrv.dll
timer=timer.drv

[mci]
[driver32]
[386enh]
woafont=app850.FON
EGA80WOA.FON=EGA80850.FON
EGA40WOA.FON=EGA40850.FON
CGA80WOA.FON=CGA80850.FON
CGA40WOA.FON=CGA40850.FON

------------------------------------------------------------------------------------

Displaying WIN.INI:

; for 16-bit app support
[fonts]
[extensions]
[mci extensions]
[files]
[Mail]
MAPI=1
CMCDLLNAME32=mapi32.dll
CMCDLLNAME=mapi.dll
CMC=1
MAPIX=1
MAPIXVER=1.0.0.1
OLEMessaging=1
[MCI Extensions.BAK]
aif=MPEGVideo
aifc=MPEGVideo
aiff=MPEGVideo
asf=MPEGVideo
asx=MPEGVideo
au=MPEGVideo
m1v=MPEGVideo
m3u=MPEGVideo
mp2=MPEGVideo
mp2v=MPEGVideo
mp3=MPEGVideo
mpa=MPEGVideo
mpe=MPEGVideo
mpeg=MPEGVideo
mpg=MPEGVideo
mpv2=MPEGVideo
snd=MPEGVideo
wax=MPEGVideo
wm=MPEGVideo
wma=MPEGVideo
wmv=MPEGVideo
wmx=MPEGVideo
wpl=MPEGVideo
wvx=MPEGVideo

------------------------------------------------------------------------------------

Displaying Running Processes:

PROCESS PID PRIO PATH
smss.exe 772 Normal H:\WINDOWS\System32\smss.exe
csrss.exe 824 Normal H:\WINDOWS\system32\csrss.exe
winlogon.exe 852 High H:\WINDOWS\system32\winlogon.exe
services.exe 896 Normal H:\WINDOWS\system32\services.exe
lsass.exe 908 Normal H:\WINDOWS\system32\lsass.exe
svchost.exe 1104 Normal H:\WINDOWS\system32\svchost.exe
svchost.exe 1188 Normal H:\WINDOWS\system32\svchost.exe
svchost.exe 1252 Normal H:\WINDOWS\System32\svchost.exe
svchost.exe 1380 Normal H:\WINDOWS\system32\svchost.exe
svchost.exe 1412 Normal H:\WINDOWS\system32\svchost.exe
ccProxy.exe 1464 Normal H:\Program Files\Common Files\Symantec Shared\ccProxy.exe
ccSetMgr.exe 1504 Normal H:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
ISSVC.exe 1516 Normal H:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
SNDSrvc.exe 1536 Normal H:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
ccEvtMgr.exe 1560 Normal H:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
spoolsv.exe 1860 Normal H:\WINDOWS\system32\spoolsv.exe
guard.exe 632 Normal H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
DefWatch.exe 656 Normal H:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
LxrSII1s.exe 704 Normal H:\WINDOWS\system32\LxrSII1s.exe
MDM.EXE 716 Normal H:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
nvsvc32.exe 728 Normal H:\WINDOWS\system32\nvsvc32.exe
svchost.exe 808 Normal H:\WINDOWS\system32\svchost.exe
Rtvscan.exe 1052 Normal H:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
SymSPort.exe 1484 Normal H:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
alg.exe 416 Normal H:\WINDOWS\System32\alg.exe
WgaTray.exe 2636 Normal H:\WINDOWS\system32\WgaTray.exe
ALCWZRD.EXE 2764 Normal H:\WINDOWS\ALCWZRD.EXE
ccApp.exe 2840 Normal H:\Program Files\Common Files\Symantec Shared\ccApp.exe
OfficeKB.EXE 2956 Normal H:\PROGRA~1\OfficeKB\OfficeKB.EXE
SOUNDMAN.EXE 2964 Normal H:\WINDOWS\SOUNDMAN.EXE
VPTray.exe 2972 Normal H:\PROGRA~1\SYMANT~1\SYMANT~2\VPTray.exe
ctfmon.exe 2980 Normal H:\WINDOWS\system32\ctfmon.exe
AcroTray.exe 2992 Normal H:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
K9.exe 3020 Normal H:\Program Files\KeirNet\K9\K9.exe
firefox.exe 2388 Normal H:\Program Files\Mozilla Firefox\firefox.exe
explorer.exe 1124 Normal H:\WINDOWS\explorer.exe
cmd.exe 4040 Normal H:\WINDOWS\system32\cmd.exe
ntvdm.exe 496 Normal H:\WINDOWS\system32\ntvdm.exe
wmiprvse.exe 700 Normal H:\WINDOWS\system32\wbem\wmiprvse.exe
pv.exe 2340 Normal H:\ISEEYO~1\pv.exe

------------------------------------------------------------------------------------

Displaying Windows Services:

Name: Alerter
Display Name: Alerter
Description: Notifies selected users and computers of administrative alerts. If the service is stopped, programs that use administrative alerts will not receive them. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k LocalService
Start Mode: Disabled
State: Stopped

Name: ALG
Display Name: Application Layer Gateway Service
Description: Provides support for 3rd party protocol plug-ins for Internet Connection Sharing and the Windows Firewall.
Path Name: H:\WINDOWS\System32\alg.exe
Start Mode: Manual
State: Running

Name: AppMgmt
Display Name: Application Management
Description: Provides software installation services such as Assign, Publish, and Remove.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Stopped

Name: aspnet_state
Display Name: ASP.NET State Service
Description: Provides support for out-of-process session states for ASP.NET. If this service is stopped, out-of-process requests will not be processed. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspne t_state.exe
Start Mode: Manual
State: Stopped

Name: AudioSrv
Display Name: Windows Audio
Description: Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: AVG Anti-Spyware Guard
Display Name: AVG Anti-Spyware Guard
Description:
Path Name: H:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
Start Mode: Auto
State: Running

Name: BITS
Display Name: Background Intelligent Transfer Service
Description: Transfers data between clients and servers in the background. If BITS is disabled, features such as Windows Update will not work correctly.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Stopped

Name: Browser
Display Name: Computer Browser
Description: Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: ccEvtMgr
Display Name: Symantec Event Manager
Description: Event propagation and logging service
Path Name: "H:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"
Start Mode: Auto
State: Running

Name: ccProxy
Display Name: Symantec Network Proxy
Description: Symantec Proxy Service
Path Name: "H:\Program Files\Common Files\Symantec Shared\ccProxy.exe"
Start Mode: Auto
State: Running

Name: ccPwdSvc
Display Name: Symantec Password Validation
Description: User account management service
Path Name: "H:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"
Start Mode: Manual
State: Stopped

Name: ccSetMgr
Display Name: Symantec Settings Manager
Description: Settings storage and management service
Path Name: "H:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"
Start Mode: Auto
State: Running

Name: CiSvc
Display Name: Indexing Service
Description: Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language.
Path Name: H:\WINDOWS\system32\cisvc.exe
Start Mode: Manual
State: Stopped

Name: ClipSrv
Display Name: ClipBook
Description: Enables ClipBook Viewer to store information and share it with remote computers. If the service is stopped, ClipBook Viewer will not be able to share information with remote computers. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\clipsrv.exe
Start Mode: Disabled
State: Stopped

Name: COMSysApp
Display Name: COM+ System Application
Description: Manages the configuration and tracking of Component Object Model (COM)+-based components. If the service is stopped, most COM+-based components will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Start Mode: Manual
State: Stopped

Name: CryptSvc
Display Name: Cryptographic Services
Description: Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: DcomLaunch
Display Name: DCOM Server Process Launcher
Description: Provides launch functionality for DCOM services.
Path Name: H:\WINDOWS\system32\svchost -k DcomLaunch
Start Mode: Auto
State: Running

Name: DefWatch
Display Name: Symantec AntiVirus Definition Watcher
Description: Monitors and maintains virus definitions.
Path Name: "H:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe"
Start Mode: Auto
State: Running

Name: Dhcp
Display Name: DHCP Client
Description: Manages network configuration by registering and updating IP addresses and DNS names.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: dmadmin
Display Name: Logical Disk Manager Administrative Service
Description: Configures hard disk drives and volumes. The service only runs for configuration processes and then stops.
Path Name: H:\WINDOWS\System32\dmadmin.exe /com
Start Mode: Manual
State: Stopped

Name: dmserver
Display Name: Logical Disk Manager
Description: Detects and monitors new hard disk drives and sends disk volume information to Logical Disk Manager Administrative Service for configuration. If this service is stopped, dynamic disk status and configuration information may become out of date. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: Dnscache
Display Name: DNS Client
Description: Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k NetworkService
Start Mode: Auto
State: Running

Name: ERSvc
Display Name: Error Reporting Service
Description: Allows error reporting for services and applictions running in non-standard environments.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: Eventlog
Display Name: Event Log
Description: Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped.
Path Name: H:\WINDOWS\system32\services.exe
Start Mode: Auto
State: Running

Name: EventSystem
Display Name: COM+ Event System
Description: Supports System Event Notification Service (SENS), which provides automatic distribution of events to subscribing Component Object Model (COM) components. If the service is stopped, SENS will close and will not be able to provide logon and logoff notifications. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Manual
State: Running

Name: FastUserSwitchingCompatibility
Display Name: Fast User Switching Compatibility
Description: Provides management for applications that require assistance in a multiple user environment.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Manual
State: Running

Name: helpsvc
Display Name: Help and Support
Description: Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: HidServ
Display Name: HID Input Service
Description: Enables generic input access to Human Interface Devices (HID), which activates and maintains the use of predefined hot buttons on keyboards, remote controls, and other multimedia devices. If this service is stopped, hot buttons controlled by this service will no longer function. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\System32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: HTTPFilter
Display Name: HTTP SSL
Description: This service implements the secure hypertext transfer protocol (HTTPS) for the HTTP service, using the Secure Socket Layer (SSL). If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\System32\svchost.exe -k HTTPFilter
Start Mode: Manual
State: Stopped

Name: IDriverT
Display Name: InstallDriver Table Manager
Description: Provides support for the Running Object Table for InstallShield Drivers
Path Name: "H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
Start Mode: Manual
State: Stopped

Name: ImapiService
Display Name: IMAPI CD-Burning COM Service
Description: Manages CD recording using Image Mastering Applications Programming Interface (IMAPI). If this service is stopped, this computer will be unable to record CDs. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\imapi.exe
Start Mode: Manual
State: Stopped

Name: ISSVC
Display Name: IS Service
Description: Internet Security Service
Path Name: "H:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe"
Start Mode: Auto
State: Running

Name: lanmanserver
Display Name: Server
Description: Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: lanmanworkstation
Display Name: Workstation
Description: Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Auto
State: Running

Name: LmHosts
Display Name: TCP/IP NetBIOS Helper
Description: Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution.
Path Name: H:\WINDOWS\system32\svchost.exe -k LocalService
Start Mode: Auto
State: Running

Name: LxrSII1s
Display Name: Lexar Secure II
Description:
Path Name: LxrSII1s.exe
Start Mode: Auto
State: Running

Name: MDM
Display Name: Machine Debug Manager
Description: Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly.
Path Name: "H:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"
Start Mode: Auto
State: Running

Name: Messenger
Display Name: Messenger
Description: Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start.
Path Name: H:\WINDOWS\system32\svchost.exe -k netsvcs
Start Mode: Disabled
State: Stopped

Name: mnmsrvc
Display Name: NetMeeting Remote Desktop Sharing
Description: Enables an authorized user to access this computer remotely by using NetMeeting over a corporate intranet. If this service is stopped, remote desktop sharing will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.

Thread: Having Problems Again!!!

Thread Tools

Display

Hybrid View

I hope it what you wanted.

Still There!!

Thread Information

Users Browsing this Thread

Posting Permissions