"Silent Runners.vbs", revision 40.1, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"
Startup items buried in registry:
---------------------------------
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"CTFMON.EXE" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"PeerGuardian" = "C:\Program Files\PeerGuardian2\pg2.exe" ["Methlabs"]
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"ATIPTA" = "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" ["ATI Technologies, Inc."]
"Zone Labs Client" = "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" ["Zone Labs, LLC"]
"DAEMON Tools-1033" = ""C:\Program Files\D-Tools\daemon.exe" -lang 1033" ["DAEMON'S HOME"]
"WinampAgent" = "C:\Program Files\Winamp\winampa.exe" [null data]
"SpySweeper" = ""C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray" ["Webroot Software, Inc."]
"gcasServ" = ""C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"" [MS]
"AVG7_CC" = "C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP" ["GRISOFT, s.r.o."]
"AVG7_EMC" = "C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe" ["GRISOFT, s.r.o."]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = "AcroIEHlprObj Class" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"
-> {CLSID}\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{63542C48-9552-494A-84F7-73AA6A7C99C1}" = "OpenOffice Property Sheet Handler"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\OpenOffice.org\program\shlxthdl.dll" ["Sun Microsystems, Inc."]
"{7C9D5882-CB4A-4090-96C8-430BFE8B795B}" = "Webroot Spy Sweeper Context Menu Integration"
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll" ["Webroot Software, Inc."]
"{EB47FF00-225E-11D2-9E1D-00A0C9AB0EEE}" = "eLicense Control"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\lcmmfu.cpl" [null data]
"{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Shell Extension"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
"{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}" = "AVG7 Find Extension"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
INFECTION WARNING! "{9EF34FF2-3396-4527-9D27-04C8C1C67806}" = "Microsoft AntiSpyware Service Hook"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Microsoft AntiSpyware\shellextension.dll" [MS]
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
AVG7 Shell Extension\(Default) = "{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Grisoft\AVG Free\avgse.dll" ["GRISOFT, s.r.o."]
SpySweeper\(Default) = "{7C9D5882-CB4A-4090-96C8-430BFE8B795B}"
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll" ["Webroot Software, Inc."]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
Active Desktop and Wallpaper:
-----------------------------
Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\WINDOWS\Firefox Wallpaper.bmp"
Enabled Screen Saver:
---------------------
HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\System32\logon.scr" [MS]
Startup items in "Matts" & "All Users" startup folders:
-------------------------------------------------------
C:\Documents and Settings\Matts\Start Menu\Programs\Startup
"Adobe Gamma" -> shortcut to: "C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe" ["Adobe Systems, Inc."]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
"Adobe Reader Speed Launch" -> shortcut to: "C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe" ["Adobe Systems Incorporated"]
Winsock2 Service Provider DLLs:
-------------------------------
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 11
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05
Toolbars, Explorer Bars, Extensions:
------------------------------------
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll" ["Sun Microsystems, Inc."]
{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]
Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------
Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."]
AVG7 Alert Manager Server, Avg7Alrt, "C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe" ["GRISOFT, s.r.o."]
AVG7 Update Service, Avg7UpdSvc, "C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe" ["GRISOFT, s.r.o."]
LicCtrl Service, LicCtrlService, "C:\WINDOWS\runservice.exe" [null data]
TrueVector Internet Monitor, vsmon, "C:\WINDOWS\system32\ZONELABS\vsmon.exe -service" ["Zone Labs, LLC"]
Webroot Spy Sweeper Engine, svcWRSSSDK, "C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe" ["Webroot Software, Inc."]
----------
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ The search for DESKTOP.INI DLL launch points on all local fixed drives
took 54 seconds.
+ The search for all Registry CLSIDs containing dormant Explorer Bars
took 31 seconds.
---------- (total run time: 130 seconds)
StartDreck (build 2.1.7 public stable) - 2005-09-22 @ 18:17:41 (GMT -04:00)
Platform: Windows XP (Win NT 5.1.2600 Service Pack 2)
Internet Explorer: 6.0.2900.2180
Logged in as Matts at MATROOM
»Registry
»Run Keys
»Current User
»Run
*CTFMON.EXE=C:\WINDOWS\system32\ctfmon.exe
*PeerGuardian=C:\Program Files\PeerGuardian2\pg2.exe
»RunOnce
»Default User
»Run
*CTFMON.EXE=C:\WINDOWS\System32\CTFMON.EXE
*AVG7_Run=C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE
»RunOnce
»Local Machine
»Run
*ATIPTA=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
*Zone Labs Client=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
*DAEMON Tools-1033="C:\Program Files\D-Tools\daemon.exe" -lang 1033
*WinampAgent=C:\Program Files\Winamp\winampa.exe
*SpySweeper="C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
*gcasServ="C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
*AVG7_CC=C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
*AVG7_EMC=C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
»RunOnce
»RunServices
»RunServicesOnce
»RunOnceEx
»RunServicesOnceEx
»File Associations (CR)
+.bat
*batfile="%1" %*
+.com
*comfile="%1" %*
+.disabled
*SpybotSD.DisabledFile="C:\Program Files\Spybot - Search & Destroy\blindman.exe" "%1"
+.exe
*exefile="%1" %*
+.hta
*htafile=C:\WINDOWS\system32\mshta.exe "%1" %*
+.htm
*FirefoxHTML=C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1"
+.html
*FirefoxHTML=C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1"
+.js
*JSFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.jse
*JSEFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.pif
*piffile="%1" %*
+.reg
*regfile=regedit.exe "%1"
+.scr
*scrfile="%1" /S
+.txt
*txtfile=%SystemRoot%\system32\NOTEPAD.EXE %1
+.vbs
*VBSFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.vbe
*VBEFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.wsh
*WSHFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.wsf
*WSFFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.lnk
`lnkfile= [key or value does not exist]
»Active Setup (LM)
+Internet Explorer/>{26923b43-4d38-484f-9b9e-de460746276c}
*StubPath=%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
+Browser Customizations/>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
*StubPath=RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
+Outlook Express/>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
*StubPath=%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
+Themes Setup/{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
*StubPath=%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
+Microsoft Outlook Express 6/{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
*StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
+NetMeeting 3.01/{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
+Internet Explorer/{4b218e3e-bc98-4770-93d3-2731b9329278}
*StubPath=%SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection MarketplaceLinkInstall 896 %systemroot%\inf\ie.inf
+Windows Messenger 4.7/{5945c046-1e7d-11d1-bc44-00c04fd912be}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
+Microsoft Windows Media Player/{6BF52A52-394A-11d3-B153-00C04F79FAA6}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
+Address Book 6/{7790769C-0471-11d2-AF11-00C04FA35D02}
*StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
+Windows Desktop Update/{89820200-ECBD-11cf-8B85-00AA005B4340}
*StubPath=regsvr32.exe /s /n /i:U shell32.dll
+Internet Explorer 6/{89820200-ECBD-11cf-8B85-00AA005B4383}
*StubPath=%SystemRoot%\system32\ie4uinit.exe
»Browser Helper Objects (LM)
*AcroIEHelper.AcroIEHlprObj.1/{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
`InprocServer32=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
»Internet Explorer
»Current User
*Local Page=C:\WINDOWS\system32\blank.htm
*Search Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Start Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
+SearchUrl
*provider=cand
»Default User
»Local Machine
*Default_Page_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
*Default_Search_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Local Page=%SystemRoot%\system32\blank.htm
*Search Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Start Page=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
*CustomizeSearch=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
*SearchAssistant=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
»ShellServiceObjectDelayLoad (LM)
*PostBootReminder={7849596a-48ea-486e-8937-a2a3009f31a9}
`InprocServer32=%SystemRoot%\system32\SHELL32.dll
*CDBurn={fbeb8a05-beee-4442-804e-409d6c4515e9}
`InprocServer32=%SystemRoot%\system32\SHELL32.dll
*WebCheck={E6FB5E20-DE35-11CF-9C87-00AA005127ED}
`InprocServer32=%SystemRoot%\System32\webcheck.dll
*SysTray={35CEC8A3-2BE6-11D2-8773-92E220524153}
`InprocServer32=C:\WINDOWS\System32\stobject.dll
»Special NT Values
»Current User
*Load=
*Run=
*Programs=com exe bat pif cmd
*SHELL=
»Default User
*Load=
*Run=
*Programs=com exe bat pif cmd
*SHELL=
»Local Machine
*AppInit_DLLs=
*SHELL=Explorer.exe
*Userinit=C:\WINDOWS\system32\userinit.exe,
»Files
»Autostart Folders
»Current User
*C:\Documents and Settings\Matts\Start Menu\Programs\Startup\desktop.ini
*C:\Documents and Settings\Matts\Start Menu\Programs\Startup\Adobe Gamma.lnk
»Default User
*C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini
»Local Machine
*C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
*C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
»INI-Files
»WIN.INI\[windows]
*LOAD=
*RUN=
»SYSTEM.INI\[boot]
*SHELL=Explorer.exe
»Text Files
*C:\boot.ini
`[boot loader]
`timeout=30
`default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
`[operating systems]
`multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition (bootscreen)" /fastdetect /NoExecute=OptIn /KERNEL=kernel1.exe
`multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
*C:\msdos.sys
`;W98EBD
*C:\config.sys
*C:\WINDOWS\system32\config.nt
`dos=high, umb
`device=%SystemRoot%\system32\himem.sys
`files=40
*C:\autoexec.bat
*C:\WINDOWS\system32\autoexec.nt
`@echo off
`lh %SystemRoot%\system32\mscdexnt.exe
`lh %SystemRoot%\system32\redir
`lh %SystemRoot%\system32\dosx
`SET BLASTER=A220 I5 D1 P330 T3
*C:\WINDOWS\wininit.ini
`[rename]
`NUL=
*C:\WINDOWS\system32\drivers\etc\hosts
`127.0.0.1 localhost
»Program Files
*C:\ntldr
*C:\ntdetect.com
*C:\io.sys
*C:\WINDOWS\system32\win.com
*C:\WINDOWS\explorer.exe
»%PATH% Companion Files
+C:\COMMAND.COM
*C:\WINDOWS\system32\command.com
+C:\WINDOWS\system32\notepad.exe
*C:\WINDOWS\notepad.exe
+C:\WINDOWS\system32\taskman.exe
*C:\WINDOWS\TASKMAN.EXE
+C:\WINDOWS\system32\winhlp32.exe
*C:\WINDOWS\winhlp32.exe
+C:\WINDOWS\system32\slrundll.exe
*C:\WINDOWS\slrundll.exe
»System/Drivers
»Running Processes
+0=<idle>
+4=<system>
+560=\SystemRoot\System32\smss.exe
*C:\WINDOWS\system32\ntdll.dll
+624=\??\C:\WINDOWS\system32\csrss.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\CSRSRV.dll
*C:\WINDOWS\system32\basesrv.dll
*C:\WINDOWS\system32\winsrv.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\KERNEL32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\sxs.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\oleaut32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\mpr.dll
*C:\WINDOWS\system32\version.dll
*C:\WINDOWS\system32\Apphelp.dll
+652=\??\C:\WINDOWS\system32\winlogon.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\AUTHZ.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\NDdeApi.dll
*C:\WINDOWS\system32\PROFMAP.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\PSAPI.DLL
*C:\WINDOWS\system32\REGAPI.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\MSGINA.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\system32\ODBC32.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\odbcint.dll
*C:\WINDOWS\system32\SHSVCS.dll
*C:\WINDOWS\system32\sfc.dll
*C:\WINDOWS\system32\sfc_os.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\Apphelp.dll
*C:\WINDOWS\system32\WINSCARD.DLL
*C:\WINDOWS\system32\WTSAPI32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\Ati2evxx.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\cscdll.dll
*C:\WINDOWS\system32\WlNotify.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\msv1_0.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\cscui.dll
*C:\WINDOWS\system32\MPRAPI.dll
*C:\WINDOWS\system32\ACTIVEDS.dll
*C:\WINDOWS\system32\adsldpc.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\ATL.DLL
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\NTMARTA.DLL
*C:\WINDOWS\system32\sxs.dll
*C:\WINDOWS\system32\wdmaud.drv
*C:\WINDOWS\system32\msacm32.drv
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\midimap.dll
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
+696=C:\WINDOWS\system32\services.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\SCESRV.dll
*C:\WINDOWS\system32\AUTHZ.dll
*C:\WINDOWS\system32\umpnpmgr.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\NCObjAPI.DLL
*C:\WINDOWS\system32\MSVCP60.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\secur32.dll
*C:\WINDOWS\system32\Apphelp.dll
*C:\WINDOWS\system32\eventlog.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\PSAPI.DLL
*C:\WINDOWS\system32\wtsapi32.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
+708=C:\WINDOWS\system32\lsass.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\LSASRV.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\NTDSAPI.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\SAMSRV.dll
*C:\WINDOWS\system32\cryptdll.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\msprivs.dll
*C:\WINDOWS\system32\kerberos.dll
*C:\WINDOWS\system32\msv1_0.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\netlogon.dll
*C:\WINDOWS\system32\w32time.dll
*C:\WINDOWS\system32\MSVCP60.dll
*C:\WINDOWS\system32\schannel.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\wdigest.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\scecli.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\ipsecsvc.dll
*C:\WINDOWS\system32\AUTHZ.dll
*C:\WINDOWS\system32\oakley.DLL
*C:\WINDOWS\system32\WINIPSEC.DLL
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\pstorsvc.dll
*C:\WINDOWS\system32\psbase.dll
*C:\WINDOWS\system32\dssenh.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
+856=C:\WINDOWS\system32\Ati2evxx.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\Ati2edxx.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
*C:\WINDOWS\system32\version.dll
+868=C:\WINDOWS\system32\svchost.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\SAMLIB.dll
*c:\windows\system32\rpcss.dll
*c:\windows\system32\Secur32.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*c:\windows\system32\termsrv.dll
*c:\windows\system32\ICAAPI.dll
*c:\windows\system32\SETUPAPI.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*c:\windows\system32\AUTHZ.dll
*c:\windows\system32\mstlsapi.dll
*c:\windows\system32\ACTIVEDS.dll
*c:\windows\system32\adsldpc.dll
*C:\WINDOWS\system32\NETAPI32.dll
*c:\windows\system32\ATL.DLL
*C:\WINDOWS\system32\REGAPI.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\Apphelp.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
*C:\WINDOWS\system32\msv1_0.dll
*C:\WINDOWS\system32\iphlpapi.dll
+956=C:\WINDOWS\system32\svchost.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*c:\windows\system32\rpcss.dll
*c:\windows\system32\Secur32.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\rasadhlp.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
+1048=C:\WINDOWS\System32\svchost.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\System32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\System32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\System32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\System32\SAMLIB.dll
*C:\WINDOWS\System32\xpsp2res.dll
*c:\windows\system32\shsvcs.dll
*C:\WINDOWS\System32\WINSTA.dll
*C:\WINDOWS\system32\NETAPI32.dll
*c:\windows\system32\dhcpcsvc.dll
*c:\windows\system32\DNSAPI.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*c:\windows\system32\iphlpapi.dll
*c:\windows\system32\Secur32.dll
*C:\WINDOWS\System32\rsaenh.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*c:\windows\system32\wzcsvc.dll
*c:\windows\system32\rtutils.dll
*c:\windows\system32\WMI.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*c:\windows\system32\WTSAPI32.dll
*c:\windows\system32\ESENT.dll
*c:\windows\system32\ATL.DLL
*C:\WINDOWS\System32\rastls.dll
*C:\WINDOWS\system32\CRYPTUI.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\System32\MPRAPI.dll
*C:\WINDOWS\System32\ACTIVEDS.dll
*C:\WINDOWS\System32\adsldpc.dll
*C:\WINDOWS\System32\SETUPAPI.dll
*C:\WINDOWS\System32\RASAPI32.dll
*C:\WINDOWS\System32\rasman.dll
*C:\WINDOWS\System32\TAPI32.dll
*C:\WINDOWS\System32\SCHANNEL.dll
*C:\WINDOWS\System32\WinSCard.dll
*C:\WINDOWS\System32\raschap.dll
*C:\WINDOWS\system32\msv1_0.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*c:\windows\system32\schedsvc.dll
*c:\windows\system32\NTDSAPI.dll
*C:\WINDOWS\System32\MSIDLE.DLL
*c:\windows\system32\audiosrv.dll
*c:\windows\system32\wkssvc.dll
*c:\windows\system32\cryptsvc.dll
*c:\windows\system32\certcli.dll
*c:\windows\system32\ersvc.dll
*c:\windows\system32\es.dll
*c:\windows\pchealth\helpctr\binaries\pchsvc.dll
*c:\windows\system32\hidserv.dll
*c:\windows\system32\HID.DLL
*c:\windows\system32\srvsvc.dll
*c:\windows\system32\netman.dll
*c:\windows\system32\netshell.dll
*c:\windows\system32\credui.dll
*c:\windows\system32\WZCSAPI.DLL
*c:\windows\system32\seclogon.dll
*c:\windows\system32\sens.dll
*c:\windows\system32\srsvc.dll
*c:\windows\system32\POWRPROF.dll
*C:\WINDOWS\System32\SXS.DLL
*C:\WINDOWS\System32\upnp.dll
*C:\WINDOWS\System32\WINHTTP.dll
*C:\WINDOWS\System32\SSDPAPI.dll
*C:\WINDOWS\System32\wbem\wbemcomn.dll
*C:\WINDOWS\System32\CLUSAPI.dll
*c:\windows\system32\trkwks.dll
*c:\windows\system32\w32time.dll
*c:\windows\system32\MSVCP60.dll
*c:\windows\system32\browser.dll
*c:\windows\system32\wuauserv.dll
*c:\windows\system32\wbem\wmisvc.dll
*C:\WINDOWS\system32\VSSAPI.DLL
*C:\WINDOWS\system32\wuaueng.dll
*C:\WINDOWS\System32\ADVPACK.dll
*C:\WINDOWS\System32\SHFOLDER.dll
*C:\WINDOWS\System32\WINSPOOL.DRV
*C:\WINDOWS\System32\Cabinet.dll
*C:\WINDOWS\System32\mspatcha.dll
*C:\WINDOWS\System32\sfc.dll
*C:\WINDOWS\System32\sfc_os.dll
*c:\windows\system32\ipnathlp.dll
*c:\windows\system32\AUTHZ.dll
*c:\windows\system32\wscsvc.dll
*c:\windows\system32\msi.dll
*C:\WINDOWS\system32\comsvcs.dll
*C:\WINDOWS\system32\MTXCLU.DLL
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\colbact.DLL
*C:\WINDOWS\System32\RESUTILS.DLL
*C:\WINDOWS\System32\Wbem\wbemcore.dll
*C:\WINDOWS\System32\Wbem\esscli.dll
*C:\WINDOWS\System32\Wbem\FastProx.dll
*C:\WINDOWS\System32\wbem\wbemsvc.dll
*C:\WINDOWS\System32\wbem\wmiutils.dll
*C:\WINDOWS\System32\wbem\repdrvfs.dll
*C:\WINDOWS\System32\wbem\wmiprvsd.dll
*C:\WINDOWS\system32\NCObjAPI.DLL
*C:\WINDOWS\System32\wbem\wbemess.dll
*C:\WINDOWS\System32\wbem\ncprov.dll
*C:\WINDOWS\System32\rasadhlp.dll
*C:\WINDOWS\System32\RASDLG.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
*C:\WINDOWS\System32\NETRAP.dll
*C:\WINDOWS\System32\msxml3.dll
*C:\WINDOWS\system32\Apphelp.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\System32\dssenh.dll
*C:\WINDOWS\System32\cryptnet.dll
*C:\WINDOWS\System32\SensApi.dll
+1092=C:\WINDOWS\System32\svchost.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\System32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\System32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*c:\windows\system32\dnsrslvr.dll
*c:\windows\system32\DNSAPI.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*c:\windows\system32\iphlpapi.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
+1192=C:\WINDOWS\System32\svchost.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\System32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\System32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\System32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\System32\SAMLIB.dll
*C:\WINDOWS\System32\xpsp2res.dll
*c:\windows\system32\lmhsvc.dll
*c:\windows\system32\iphlpapi.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*c:\windows\system32\webclnt.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\System32\Secur32.dll
*C:\WINDOWS\system32\urlmon.dll
*C:\WINDOWS\System32\wsock32.dll
*c:\windows\system32\alrsvc.dll
*C:\WINDOWS\system32\NETAPI32.dll
*c:\windows\system32\ssdpsrv.dll
*C:\WINDOWS\System32\hnetcfg.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
*C:\WINDOWS\System32\DNSAPI.dll
*C:\WINDOWS\System32\rasadhlp.dll
+1476=C:\WINDOWS\system32\spoolsv.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\SPOOLSS.DLL
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\rasadhlp.dll
*C:\WINDOWS\system32\localspl.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\sfc_os.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\winspool.drv
*C:\WINDOWS\system32\netapi32.dll
*C:\WINDOWS\system32\cnbjmon.dll
*C:\WINDOWS\system32\pjlmon.dll
*C:\WINDOWS\system32\tcpmon.dll
*C:\WINDOWS\system32\usbmon.dll
*C:\WINDOWS\System32\mswsock.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\win32spl.dll
*C:\WINDOWS\system32\NETRAP.dll
*C:\WINDOWS\system32\NTDSAPI.dll
*C:\WINDOWS\system32\inetpp.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
+1612=C:\WINDOWS\system32\Ati2evxx.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\Ati2edxx.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
+1656=C:\WINDOWS\Explorer.EXE
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\BROWSEUI.dll
*C:\WINDOWS\system32\SHDOCVW.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\CRYPTUI.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\appHelp.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\System32\cscui.dll
*C:\WINDOWS\System32\CSCDLL.dll
*C:\WINDOWS\System32\themeui.dll
*C:\WINDOWS\System32\Secur32.dll
*C:\WINDOWS\System32\MSIMG32.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\System32\actxprxy.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\ntshrui.dll
*C:\WINDOWS\system32\ATL.DLL
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\LINKINFO.dll
*C:\WINDOWS\system32\NETSHELL.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\credui.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\Program Files\Microsoft AntiSpyware\shellextension.dll
*C:\WINDOWS\system32\urlmon.dll
*C:\WINDOWS\system32\msi.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\System32\webcheck.dll
*C:\WINDOWS\System32\WSOCK32.dll
*C:\WINDOWS\System32\stobject.dll
*C:\WINDOWS\System32\BatMeter.dll
*C:\WINDOWS\System32\POWRPROF.dll
*C:\WINDOWS\System32\WTSAPI32.dll
*C:\WINDOWS\system32\wdmaud.drv
*C:\WINDOWS\system32\msacm32.drv
*C:\WINDOWS\system32\midimap.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
*C:\WINDOWS\System32\drprov.dll
*C:\WINDOWS\System32\ntlanman.dll
*C:\WINDOWS\System32\NETUI0.dll
*C:\WINDOWS\System32\NETUI1.dll
*C:\WINDOWS\System32\NETRAP.dll
*C:\WINDOWS\System32\davclnt.dll
*C:\WINDOWS\system32\shdoclc.dll
*C:\WINDOWS\System32\shimgvw.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
*C:\WINDOWS\system32\mscms.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
*C:\WINDOWS\system32\comdlg32.dll
*C:\Program Files\Trillian\events.dll
*C:\Program Files\Trillian\MSVCR71.dll
*C:\WINDOWS\System32\wshext.dll
*C:\WINDOWS\system32\MFC42.DLL
*C:\Program Files\WinRAR\rarext.dll
*C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll
*C:\Program Files\Grisoft\AVG Free\avgse.dll
*C:\WINDOWS\system32\MSVCP71.dll
*C:\WINDOWS\system32\SXS.DLL
*C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll
*C:\WINDOWS\system32\browselc.dll
*C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
*C:\WINDOWS\system32\DUSER.dll
+1784=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\COMRes.dll
*C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll
*C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.ENU
*C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll
*C:\WINDOWS\system32\DINPUT8.dll
*C:\WINDOWS\system32\HID.DLL
*C:\WINDOWS\system32\SETUPAPI.DLL
*C:\WINDOWS\system32\WINMM.DLL
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
+1792=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\MSVCRT.dll
*C:\WINDOWS\system32\VSUTIL.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\VSINIT.dll
*C:\WINDOWS\system32\VSPUBAPI.dll
*C:\Program Files\Zone Labs\ZoneAlarm\framewrk.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\Crypt32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\ZoneLabs\dbghelp.dll
*C:\WINDOWS\system32\vsdata.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\appHelp.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\WINDOWS\system32\vsmonapi.dll
*C:\WINDOWS\system32\zlcomm.dll
*C:\WINDOWS\system32\ZLCommDB.dll
*C:\WINDOWS\system32\vsxml.dll
*C:\Program Files\Zone Labs\ZoneAlarm\programs.zap
*C:\Program Files\Zone Labs\ZoneAlarm\security.zap
*C:\Program Files\Zone Labs\ZoneAlarm\alert.zap
*C:\Program Files\Zone Labs\ZoneAlarm\email.zap
*C:\Program Files\Zone Labs\ZoneAlarm\firewall.zap
*C:\Program Files\Zone Labs\ZoneAlarm\filter.zap
*C:\Program Files\Zone Labs\ZoneAlarm\privacy.zap
*C:\Program Files\Zone Labs\ZoneAlarm\idlock.zap
*C:\WINDOWS\system32\ZoneLabs\camupd.dll
*C:\Program Files\Zone Labs\ZoneAlarm\cam.zap
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\rasadhlp.dll
+1812=C:\Program Files\D-Tools\daemon.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msi.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\daemon.dll
*C:\WINDOWS\system32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\Program Files\D-Tools\PFCTOC.DLL
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
*C:\Program Files\D-Tools\Plugins\Images\ccdmount.dll
*C:\Program Files\D-Tools\Plugins\Images\mdsmount.dll
*C:\Program Files\D-Tools\Plugins\Images\pdimount.dll
*C:\Program Files\D-Tools\Plugins\Images\nrgmount.dll
*C:\Program Files\D-Tools\Plugins\Images\bw5mount.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\dsound.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\oleaut32.dll
*C:\WINDOWS\system32\mpr.dll
+1848=C:\Program Files\Winamp\winampa.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\oleaut32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\mpr.dll
*C:\WINDOWS\system32\version.dll
*C:\WINDOWS\system32\netapi32.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\appHelp.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\msi.dll
*C:\WINDOWS\system32\urlmon.dll
*C:\WINDOWS\system32\Secur32.dll
+1884=C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\user32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\advapi32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\oleaut32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\mpr.dll
*C:\WINDOWS\system32\version.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\shell32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\wininet.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\system32\wsock32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\winspool.drv
*C:\Program Files\Webroot\Spy Sweeper\wrid.dll
*C:\WINDOWS\system32\winmm.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\WINDOWS\System32\hhctrl.ocx
*C:\WINDOWS\system32\olepro32.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\Program Files\Webroot\Spy Sweeper\language.dll
*C:\WINDOWS\system32\RICHED32.DLL
*C:\WINDOWS\system32\RICHED20.dll
*C:\WINDOWS\system32\SXS.DLL
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\msi.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\System32\mstask.dll
*C:\WINDOWS\System32\NTDSAPI.dll
*C:\WINDOWS\System32\DNSAPI.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\System32\Secur32.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\urlmon.dll
*C:\WINDOWS\system32\RASAPI32.DLL
*C:\WINDOWS\system32\rasman.dll
*C:\WINDOWS\system32\TAPI32.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\sensapi.dll
+1912=C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\MSVBVM60.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\SXS.DLL
*C:\WINDOWS\system32\MSCTF.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\msi.dll
*C:\Program Files\Microsoft AntiSpyware\gcAntiSpywareLibrary.dll
*C:\WINDOWS\system32\ShFolder.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\wininet.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\shell32.dll
*C:\WINDOWS\system32\urlmon.dll
*C:\WINDOWS\system32\RASAPI32.DLL
*C:\WINDOWS\system32\rasman.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\TAPI32.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\sensapi.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
+1924=C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\AvgAbout.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\AvgCtrl.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\MFC71.DLL
*C:\WINDOWS\system32\MSVCR71.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSVFW32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\MSVCP71.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\MPR.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\AvgTest.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\AvgTMgr.dll
*C:\WINDOWS\system32\SHFOLDER.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\AvgTRes.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\AvgSet.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\avglog.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\Program Files\Grisoft\AVG Free\avgcfg.dll
*C:\Program Files\Grisoft\AVG Free\avgklib.dll
*C:\Program Files\Grisoft\AVG Free\avglng.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\Program Files\Grisoft\AVG Free\avgf.dll
*C:\Program Files\Grisoft\AVG Free\AVGRES.DLL
*C:\Program Files\Grisoft\AVG Free\avgcckrn.dll
*C:\Program Files\Grisoft\AVG Free\avgvault.dll
*C:\Program Files\Grisoft\AVG Free\avgscan.dll
*C:\Program Files\Grisoft\AVG Free\avgunarc.dll
*C:\Program Files\Grisoft\AVG Free\avgrep.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\avgemsui.dll
*C:\Program Files\Grisoft\AVG Free\avgemcps.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
+1932=C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\libsasl.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\MSVCR71.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\MSVCP71.dll
*C:\WINDOWS\system32\SHFOLDER.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\Program Files\Grisoft\AVG Free\avgcfg.dll
*C:\Program Files\Grisoft\AVG Free\avgklib.dll
*C:\Program Files\Grisoft\AVG Free\avglng.dll
*C:\Program Files\Grisoft\AVG Free\avgscan.dll
*C:\Program Files\Grisoft\AVG Free\avgunarc.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\RASAPI32.DLL
*C:\WINDOWS\system32\rasman.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\TAPI32.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\SCHANNEL.DLL
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\sasllogin.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\saslplain.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\saslcrammd5.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\sasldigestmd5.dll
*C:\Program Files\Grisoft\AVG Free\avgmail.dll
*C:\WINDOWS\system32\SensAPI.DLL
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\Program Files\Grisoft\AVG Free\avgemcps.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
+1944=C:\WINDOWS\system32\ctfmon.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\WINDOWS\system32\MSUTB.dll
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
+1956=C:\Program Files\PeerGuardian2\pg2.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
*C:\WINDOWS\system32\version.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\rasadhlp.dll
+272=C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\MSVBVM60.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\WINDOWS\system32\SXS.DLL
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\Program Files\Microsoft AntiSpyware\gcAntiSpywareLibrary.dll
*C:\WINDOWS\system32\GCCollection.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\msi.dll
*C:\WINDOWS\system32\shell32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
*C:\WINDOWS\system32\hashlib.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\ShFolder.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\netapi32.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\appHelp.dll
*C:\WINDOWS\system32\urlmon.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\Program Files\Microsoft AntiSpyware\shellextension.dll
+432=C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSVCP71.dll
*C:\WINDOWS\system32\MSVCR71.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\avglog.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\Program Files\Grisoft\AVG Free\avgcfg.dll
*C:\Program Files\Grisoft\AVG Free\avgklib.dll
*C:\WINDOWS\system32\SHFOLDER.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\SensAPI.DLL
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\System32\wbem\wbemprox.dll
*C:\WINDOWS\System32\wbem\wbemcomn.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\Program Files\Grisoft\AVG Free\avglng.dll
*C:\Program Files\Grisoft\AVG Free\avgamint.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\netapi32.dll
*C:\WINDOWS\system32\Wtsapi32.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\Program Files\Grisoft\AVG Free\avgamsps.dll
*C:\WINDOWS\system32\Apphelp.dll
*C:\WINDOWS\System32\wbem\wbemsvc.dll
*C:\WINDOWS\System32\wbem\fastprox.dll
*C:\WINDOWS\system32\MSVCP60.dll
*C:\WINDOWS\system32\NTDSAPI.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
+444=C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\Program Files\Grisoft\AVG Free\avgupd.dll
*C:\Program Files\Grisoft\AVG Free\avgupsvc.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\Program Files\Grisoft\AVG Free\avgamsps.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
+504=C:\WINDOWS\runservice.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\mmfs.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\oleaut32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\mpr.dll
*C:\WINDOWS\system32\version.dll
+1100=C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\user32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\advapi32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\oleaut32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\mpr.dll
*C:\WINDOWS\system32\version.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\wininet.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\shell32.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\system32\wsock32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\IMAGEHLP.DLL
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\olepro32.dll
*C:\WINDOWS\system32\vdmdbg.dll
*C:\WINDOWS\system32\wtsapi32.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\SXS.DLL
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\msi.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\System32\drprov.dll
*C:\WINDOWS\System32\ntlanman.dll
*C:\WINDOWS\System32\NETUI0.dll
*C:\WINDOWS\System32\NETUI1.dll
*C:\WINDOWS\System32\NETRAP.dll
*C:\WINDOWS\System32\davclnt.dll
*C:\WINDOWS\system32\PSAPI.dll
+1352=C:\WINDOWS\system32\ZONELABS\vsmon.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\MSVCRT.dll
*C:\WINDOWS\system32\VSDATA.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\VSINIT.dll
*C:\WINDOWS\system32\VSUTIL.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\ZONELABS\SSLEAY32.dll
*C:\WINDOWS\system32\Crypt32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\WINDOWS\system32\ZoneLabs\dbghelp.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\zlcomm.dll
*C:\WINDOWS\system32\ZLCommDB.dll
*C:\WINDOWS\system32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\vsxml.dll
*C:\WINDOWS\system32\ZONELABS\vsdb.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\ZONELABS\VSRULEDB.DLL
*C:\WINDOWS\system32\ZONELABS\vsvault.dll
*C:\WINDOWS\system32\rasapi32.dll
*C:\WINDOWS\system32\rasman.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\TAPI32.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\Wininet.dll
*C:\WINDOWS\system32\psapi.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\System32\wbem\wbemprox.dll
*C:\WINDOWS\System32\wbem\wbemcomn.dll
*C:\WINDOWS\System32\wbem\wbemsvc.dll
*C:\WINDOWS\system32\ZoneLabs\zlquarantine.dll
*C:\WINDOWS\System32\wbem\fastprox.dll
*C:\WINDOWS\system32\MSVCP60.dll
*C:\WINDOWS\system32\NTDSAPI.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\ZoneLabs\qrbase.dll
*C:\WINDOWS\system32\ZoneLabs\scheduler.dll
*C:\WINDOWS\system32\ZoneLabs\zlsre.dll
*C:\WINDOWS\system32\ZoneLabs\srescan.dll
*C:\WINDOWS\system32\ZONELABS\qrsrecl.dll
*C:\WINDOWS\system32\ZoneLabs\camupd.dll
*C:\WINDOWS\system32\urlmon.dll
*C:\WINDOWS\system32\sensapi.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\rasadhlp.dll
*C:\WINDOWS\system32\ZoneLabs\vsavpro.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
+2564=C:\WINDOWS\System32\alg.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\System32\ATL.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\WSOCK32.dll
*C:\WINDOWS\System32\WS2_32.dll
*C:\WINDOWS\System32\WS2HELP.dll
*C:\WINDOWS\System32\MSWSOCK.DLL
*C:\WINDOWS\System32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\System32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\System32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*C:\WINDOWS\System32\xpsp2res.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
+3396=C:\Program Files\Winamp\winamp.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
*C:\WINDOWS\system32\version.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\System32\shdocvw.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\CRYPTUI.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\urlmon.dll
*C:\Program Files\Winamp\Plugins\in_mp3.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\MSVCP60.dll
*C:\Program Files\Winamp\Plugins\in_wm.dll
*C:\WINDOWS\system32\wdmaud.drv
*C:\WINDOWS\system32\msacm32.drv
*C:\WINDOWS\system32\midimap.dll
*C:\Program Files\Winamp\Plugins\in_midi.dll
*C:\Program Files\Winamp\Plugins\read_file.dll
*C:\Program Files\Winamp\Plugins\in_mod.dll
*C:\Program Files\Winamp\Plugins\in_vorbis.dll
*C:\Program Files\Winamp\Plugins\in_mp4.dll
*C:\Program Files\Winamp\Plugins\in_cdda.dll
*C:\Program Files\Winamp\pxsdkpls.dll
*C:\WINDOWS\system32\PX.dll
*C:\WINDOWS\system32\PXDRV.DLL
*C:\WINDOWS\system32\PXMAS.DLL
*C:\WINDOWS\system32\PXWAVE.DLL
*C:\Program Files\Winamp\Plugins\in_wave.dll
*C:\Program Files\Winamp\Plugins\in_nsv.dll
*C:\Program Files\Winamp\Plugins\in_dshow.dll
*C:\Program Files\Winamp\Plugins\in_APE.dll
*C:\Program Files\Winamp\Plugins\in_linein.dll
*C:\Program Files\Winamp\Plugins\out_wave.dll
*C:\Program Files\Winamp\Plugins\out_disk.dll
*C:\Program Files\Winamp\Plugins\out_ds.dll
*C:\WINDOWS\system32\ddraw.dll
*C:\WINDOWS\system32\DCIMAN32.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\Program Files\Winamp\Plugins\gen_ml.dll
*C:\Program Files\Winamp\Plugins\ml_wire.dll
*C:\Program Files\Winamp\Plugins\ml_xpdxs.dll
*C:\Program Files\Winamp\Plugins\gen_ff.dll
*C:\WINDOWS\system32\OLEPRO32.DLL
*C:\Program Files\Winamp\Plugins\freeform\wacs\jpgload\jpgload.wac
*C:\Program Files\Winamp\Plugins\gen_hotkeys.dll
*C:\Program Files\Winamp\Plugins\gen_jumpex.dll
*C:\Program Files\Winamp\Plugins\gen_tray.dll
*C:\WINDOWS\system32\dsound.dll
*C:\WINDOWS\system32\KsUser.dll
*C:\WINDOWS\system32\appHelp.dll
*C:\WINDOWS\System32\cscui.dll
*C:\WINDOWS\System32\CSCDLL.dll
*C:\WINDOWS\System32\browseui.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\ntshrui.dll
*C:\WINDOWS\system32\ATL.DLL
*C:\WINDOWS\System32\drprov.dll
*C:\WINDOWS\System32\ntlanman.dll
*C:\WINDOWS\System32\NETUI0.dll
*C:\WINDOWS\System32\NETUI1.dll
*C:\WINDOWS\System32\NETRAP.dll
*C:\WINDOWS\System32\SAMLIB.dll
*C:\WINDOWS\System32\davclnt.dll
*C:\WINDOWS\system32\MSGINA.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\ODBC32.dll
*C:\WINDOWS\system32\odbcint.dll
*C:\WINDOWS\System32\shmedia.dll
*C:\WINDOWS\System32\MSVFW32.dll
*C:\WINDOWS\System32\AVIFIL32.dll
*C:\WINDOWS\system32\wmvcore.dll
*C:\WINDOWS\system32\wmidx.dll
*C:\WINDOWS\system32\WMASF.DLL
*C:\WINDOWS\system32\msdmo.dll
*C:\WINDOWS\system32\DRMClien.DLL
*C:\WINDOWS\System32\mlang.dll
+3468=C:\Program Files\Shareaza\Shareaza.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
*C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.dll
*C:\WINDOWS\system32\oledlg.dll
*C:\WINDOWS\system32\urlmon.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\Program Files\Shareaza\Plugins\ImageViewer.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\wsock32.dll
*C:\WINDOWS\system32\RASAPI32.DLL
*C:\WINDOWS\system32\rasman.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\TAPI32.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\sensapi.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\System32\mswsock.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\rasadhlp.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\Program Files\Trillian\events.dll
*C:\Program Files\Trillian\MSVCR71.dll
+1544=C:\Program Files\Trillian\trillian.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\Program Files\Trillian\zlib1.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
*C:\WINDOWS\system32\wtsapi32.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\Program Files\Trillian\languages\en\trillian.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\Program Files\Trillian\expatxml.dll
*C:\Program Files\Trillian\LIBEXPAT.dll
*C:\Program Files\Trillian\MSVCR71.dll
*C:\Program Files\Trillian\events.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\Program Files\Trillian\crypto.dll
*C:\Program Files\Trillian\proxy.dll
*C:\Program Files\Trillian\list.dll
*C:\WINDOWS\system32\msimg32.dll
*C:\Program Files\Trillian\toolkit.dll
*C:\Program Files\Trillian\kdu_v43R.dll
*C:\Program Files\Trillian\libpng13.dll
*C:\Program Files\Trillian\libjpeg.dll
*C:\Program Files\Trillian\libungif.dll
*C:\Program Files\Trillian\buddy.dll
*C:\Program Files\Trillian\talk.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\IMM32.dll
*C:\WINDOWS\system32\MSVFW32.dll
*C:\WINDOWS\system32\AVIFIL32.dll
*C:\WINDOWS\system32\dsound.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\urlmon.dll
*C:\WINDOWS\system32\RASAPI32.DLL
*C:\WINDOWS\system32\rasman.dll
*C:\WINDOWS\system32\TAPI32.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\sensapi.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\System32\mswsock.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\rasadhlp.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\LINKINFO.dll
*C:\WINDOWS\system32\ntshrui.dll
*C:\WINDOWS\system32\ATL.DLL
*C:\Program Files\Trillian\languages\en\events.dll
*C:\Program Files\Trillian\languages\en\proxy.dll
*C:\Program Files\Trillian\languages\en\toolkit.dll
*C:\Program Files\Trillian\languages\en\buddy.dll
*C:\Program Files\Trillian\languages\en\talk.dll
*C:\Program Files\Trillian\plugins\upnp.dll
*C:\Program Files\Trillian\plugins\http.dll
*C:\Program Files\Trillian\plugins\msn.dll
*C:\Program Files\Trillian\languages\en\msn.dll
*C:\Program Files\Trillian\plugins\aim.dll
*C:\Program Files\Trillian\languages\en\aim.dll
*C:\Program Files\Trillian\plugins\av.dll
*C:\WINDOWS\system32\rsaenh.dll
*C:\WINDOWS\system32\wdmaud.drv
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\msacm32.drv
*C:\WINDOWS\system32\midimap.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\schannel.dll
*C:\WINDOWS\system32\dssenh.dll
*C:\WINDOWS\system32\xpsp2res.dll
+3996=C:\Program Files\Mozilla Firefox\firefox.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\Program Files\Mozilla Firefox\js3250.dll
*C:\Program Files\Mozilla Firefox\nspr4.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\Program Files\Mozilla Firefox\xpcom.dll
*C:\Program Files\Mozilla Firefox\plc4.dll
*C:\Program Files\Mozilla Firefox\plds4.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\ole32.dll
*C:\Program Files\Mozilla Firefox\smime3.dll
*C:\Program Files\Mozilla Firefox\nss3.dll
*C:\Program Files\Mozilla Firefox\softokn3.dll
*C:\Program Files\Mozilla Firefox\ssl3.dll
*C:\Program Files\Mozilla Firefox\xpcom_compat.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\system32\hnetcfg.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\System32\msimtf.dll
*C:\Program Files\Java\jre1.5.0_04\bin\NPOJI610.dll
*C:\WINDOWS\system32\OLEPRO32.DLL
*C:\Program Files\Java\jre1.5.0_04\bin\jpioji.dll
*C:\Program Files\Java\jre1.5.0_04\bin\jpinscp.dll
*C:\Program Files\Java\jre1.5.0_04\bin\jpishare.dll
*C:\Program Files\Mozilla Firefox\components\jar50.dll
*C:\WINDOWS\system32\xpsp2res.dll
*C:\Program Files\Trillian\events.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\Program Files\Trillian\MSVCR71.dll
*C:\WINDOWS\system32\msimg32.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\rasadhlp.dll
*C:\WINDOWS\system32\appHelp.dll
*C:\WINDOWS\System32\cscui.dll
*C:\WINDOWS\System32\CSCDLL.dll
*C:\WINDOWS\System32\browseui.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\ntshrui.dll
*C:\WINDOWS\system32\ATL.DLL
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\LINKINFO.dll
*C:\WINDOWS\system32\SHDOCVW.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\CRYPTUI.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\WININET.dll
*C:\Program Files\Microsoft AntiSpyware\shellextension.dll
*C:\WINDOWS\system32\msi.dll
+3352=C:\WINDOWS\system32\NOTEPAD.EXE
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\COMCTL32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
*C:\WINDOWS\system32\ShimEng.dll
*C:\WINDOWS\AppPatch\AcGenral.DLL
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\UxTheme.dll
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\Program Files\Trillian\events.dll
*C:\Program Files\Trillian\MSVCR71.dll
+2908=C:\Documents and Settings\Matts\Desktop\startdreck217\StartDreck.exe
*C:\WINDOWS\system32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\Documents and Settings\Matts\Desktop\startdreck217\VB40032.DLL
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\MSVCRT20.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\OLEPRO32.DLL
*C:\Program Files\Webroot\Spy Sweeper\ssi.dll
*C:\WINDOWS\system32\mpr.dll
*C:\WINDOWS\system32\version.dll
*C:\Documents and Settings\Matts\Desktop\startdreck217\VB4DE32.DLL
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\MSCTF.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\Program Files\Trillian\events.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\Program Files\Trillian\MSVCR71.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
*C:\Documents and Settings\Matts\Desktop\startdreck217\PSAPI.DLL
»NT Services
*Adobe LM Service Adobe LM Service - on demand
`binary: "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
*Alerter Alerter running auto
`binary: C:\WINDOWS\System32\svchost.exe -k LocalService
*Application Layer Gateway Service ALG running on demand
`binary: C:\WINDOWS\System32\alg.exe
*Application Management AppMgmt - on demand
`binary: C:\WINDOWS\system32\svchost.exe -k netsvcs
*Ati HotKey Poller Ati HotKey Poller running auto
`binary: C:\WINDOWS\system32\Ati2evxx.exe
*ATI Smart ATI Smart - auto
`binary: C:\WINDOWS\system32\ati2sgag.exe
*Windows Audio AudioSrv running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*AVG7 Alert Manager Server Avg7Alrt running auto
`binary: C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
*AVG7 Update Service Avg7UpdSvc running auto
`binary: C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
*Background Intelligent Transfer Service BITS - on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Computer Browser Browser running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Indexing Service cisvc - on demand
`binary: C:\WINDOWS\System32\cisvc.exe
*ClipBook ClipSrv - disabled
`binary: C:\WINDOWS\system32\clipsrv.exe
*COM+ System Application COMSysApp - on demand
`binary: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
*Cryptographic Services CryptSvc running auto
`binary: C:\WINDOWS\system32\svchost.exe -k netsvcs
*DCOM Server Process Launcher DcomLaunch running auto
`binary: C:\WINDOWS\system32\svchost -k DcomLaunch
*DHCP Client Dhcp running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Logical Disk Manager Administrative Service dmadmin - on demand
`binary: C:\WINDOWS\System32\dmadmin.exe /com
*Logical Disk Manager dmserver - on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*DNS Client Dnscache running auto
`binary: C:\WINDOWS\System32\svchost.exe -k NetworkService
*Error Reporting Service ERSvc running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Event Log Eventlog running auto
`binary: C:\WINDOWS\system32\services.exe
*COM+ Event System EventSystem running on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Fast User Switching Compatibility FastUserSwitchingCom running on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Help and Support helpsvc running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*HID Input Service HidServ running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*HTTP SSL HTTPFilter - on demand
`binary: C:\WINDOWS\System32\svchost.exe -k HTTPFilter
*IMAPI CD-Burning COM Service ImapiService - on demand
`binary: C:\WINDOWS\System32\imapi.exe
*Server lanmanserver running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Workstation lanmanworkstation running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*LicCtrl Service LicCtrlService running auto
`binary: C:\WINDOWS\runservice.exe
*TCP/IP NetBIOS Helper LmHosts running auto
`binary: C:\WINDOWS\System32\svchost.exe -k LocalService
*Messenger Messenger - disabled
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*NetMeeting Remote Desktop Sharing mnmsrvc - on demand
`binary: C:\WINDOWS\System32\mnmsrvc.exe
*Distributed Transaction Coordinator MSDTC - on demand
`binary: C:\WINDOWS\System32\msdtc.exe
*Windows Installer MSIServer - on demand
`binary: C:\WINDOWS\system32\msiexec.exe /V
*Network DDE NetDDE - disabled
`binary: C:\WINDOWS\system32\netdde.exe
*Network DDE DSDM NetDDEdsdm - disabled
`binary: C:\WINDOWS\system32\netdde.exe
*Net Logon Netlogon - on demand
`binary: C:\WINDOWS\System32\lsass.exe
*Network Connections Netman running on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Network Location Awareness (NLA) Nla running on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*NT LM Security Support Provider NtLmSsp - on demand
`binary: C:\WINDOWS\System32\lsass.exe
*Removable Storage NtmsSvc - on demand
`binary: C:\WINDOWS\system32\svchost.exe -k netsvcs
*Plug and Play PlugPlay running auto
`binary: C:\WINDOWS\system32\services.exe
*IPSEC Services PolicyAgent running auto
`binary: C:\WINDOWS\System32\lsass.exe
*Protected Storage ProtectedStorage running auto
`binary: C:\WINDOWS\system32\lsass.exe
*Remote Access Auto Connection Manager RasAuto - on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Remote Access Connection Manager RasMan - on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Remote Desktop Help Session Manager RDSessMgr - on demand
`binary: C:\WINDOWS\system32\sessmgr.exe
*Routing and Remote Access RemoteAccess - disabled
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Remote Procedure Call (RPC) Locator RpcLocator - on demand
`binary: C:\WINDOWS\System32\locator.exe
*Remote Procedure Call (RPC) RpcSs running auto
`binary: C:\WINDOWS\system32\svchost -k rpcss
*QoS RSVP RSVP - on demand
`binary: C:\WINDOWS\System32\rsvp.exe
*Security Accounts Manager SamSs running auto
`binary: C:\WINDOWS\system32\lsass.exe
*Smart Card SCardSvr - on demand
`binary: C:\WINDOWS\System32\SCardSvr.exe
*Task Scheduler Schedule running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Secondary Logon seclogon running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*System Event Notification SENS running auto
`binary: C:\WINDOWS\system32\svchost.exe -k netsvcs
*Windows Firewall/Internet Connection Sharing (I SharedAccess running auto
`CS)
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Shell Hardware Detection ShellHWDetection running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Print Spooler Spooler running auto
`binary: C:\WINDOWS\system32\spoolsv.exe
*System Restore Service srservice - auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*SSDP Discovery Service SSDPSRV running on demand
`binary: C:\WINDOWS\System32\svchost.exe -k LocalService
*Windows Image Acquisition (WIA) stisvc - on demand
`binary: C:\WINDOWS\System32\svchost.exe -k imgsvc
*Webroot Spy Sweeper Engine svcWRSSSDK running auto
`binary: C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
*MS Software Shadow Copy Provider SwPrv - on demand
`binary: C:\WINDOWS\System32\dllhost.exe /Processid:{D545F3D7-8BE4-400F-AD7C-256428E71A60}
*Performance Logs and Alerts SysmonLog - on demand
`binary: C:\WINDOWS\system32\smlogsvc.exe
*Telephony TapiSrv - on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Terminal Services TermService running on demand
`binary: C:\WINDOWS\System32\svchost -k DComLaunch
*Themes Themes running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Distributed Link Tracking Client TrkWks running auto
`binary: C:\WINDOWS\system32\svchost.exe -k netsvcs
*Universal Plug and Play Device Host upnphost - on demand
`binary: C:\WINDOWS\System32\svchost.exe -k LocalService
*Uninterruptible Power Supply UPS - on demand
`binary: C:\WINDOWS\System32\ups.exe
*TrueVector Internet Monitor vsmon running auto
`binary: C:\WINDOWS\system32\ZONELABS\vsmon.exe -service
*Volume Shadow Copy VSS - on demand
`binary: C:\WINDOWS\System32\vssvc.exe
*Windows Time W32Time running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*WebClient WebClient running auto
`binary: C:\WINDOWS\System32\svchost.exe -k LocalService
*Windows Management Instrumentation winmgmt running auto
`binary: C:\WINDOWS\system32\svchost.exe -k netsvcs
*Portable Media Serial Number Service WmdmPmSN - on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*WMI Performance Adapter WmiApSrv - on demand
`binary: C:\WINDOWS\System32\wbem\wmiapsrv.exe
*Security Center wscsvc running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Automatic Updates wuauserv running auto
`binary: C:\WINDOWS\system32\svchost.exe -k netsvcs
*Wireless Zero Configuration WZCSVC running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Network Provisioning Service xmlprov - on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
»VMM32Files (LM)
»%System%\VMM32
»%System%\IOSUBSYS
»Application specific
»MS Office 97/8.0 STARTUP-PATH
»Current User
»Default User
»Local Machine
»ICQ NetDetect
»Current User
»Default User
