My Internet Explorer is incredibly slow & often has a “Not Responding” status

Status
Not open for further replies.
Hi Microbell,

Thanks for your help. Below, please see the report you've asked for. I'm very happy to receive help from you and this forum's members, and I look forward to solving my computer's problems.

In response to your advice to install the service packs for XP & IE6, I have a question. Is it possible to install the entire ServicePack2 file as it exists after having installed ServicePack 1 and 2 in the past? If so, how should I proceed? I'm apprehensive about installing individual updates because I installed a few Microsoft updates to my Win98 computer a few years ago as a precaution and they created problems where there were none previously.

On my computer, I currently have:

Q824145 for Internet Explorer

...and the following WindowsXP HotFixes:
KB823980
KB835732
KB842773

Thank you very much,
m



StartDreck (build 2.1.7 public stable) - 2005-01-31 @ 09:31:24 (GMT -05:00)
Platform: Windows XP (Win NT 5.1.2600 )
Internet Explorer: 6.0.2600.0000
Logged in as tyriek at TYRIEK

»Registry
»Run Keys
»Current User
»Run
*ctfmon.exe=C:\WINDOWS\System32\ctfmon.exe
*Skype="C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
*SureCleanProfessional="C:\PROGRA~1\PANICW~1\SURECL~1\SRClean.exe"
»RunOnce
»Default User
»Run
»RunOnce
»Local Machine
»Run
*NvCplDaemon=RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
*SynTPLpr=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
*SynTPEnh=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
*TCASUTIEXE=TCAUDIAG -off
*DadApp=C:\WINDOWS\SYSTEM32\Drivers\dadapp.exe
*MoneyStartUp10.0="C:\Program Files\Microsoft Money\System\Activation.exe"
*AdaptecDirectCD="C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
*Lexmark X73 Button Monitor=C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
*Lexmark X73 Button Manager=C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
*PrinTray=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
*NDPS=C:\WINDOWS\System32\dpmw32.exe
*NWTRAY=NWTRAY.EXE
*QuickTime Task="C:\Program Files\QuickTime\qttask.exe" -atboottime
*TkBellExe=C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot
*Synchronization Manager=%SystemRoot%\system32\mobsync.exe /logon
*sealmon=C:\Program Files\SealedMedia\sealmon.exe
*vptray=C:\Program Files\NavNT\vptray.exe
*gcasServ="C:\antispyware\microsoft antispyware\gcasServ.exe"
+OptionalComponents
+MSFS
*Installed=1
+MAPI
*Installed=1
*NoChange=1
+MAPI
*Installed=1
*NoChange=1
»RunOnce
»RunServices
»RunServicesOnce
»RunOnceEx
»RunServicesOnceEx
»File Associations (CR)
+.bat
*batfile="%1" %*
+.com
*comfile="%1" %*
+.disabled
*SpybotSD.DisabledFile="C:\antispyware\spybot search and destroy 1.3\Spybot - Search & Destroy\blindman.exe" "%1"
+.exe
*exefile="%1" %*
+.hta
*htafile=C:\WINDOWS\System32\mshta.exe "%1" %*
+.htm
*htmlfile="C:\Program Files\Internet Explorer\iexplore.exe" -nohome
+.html
*htmlfile="C:\Program Files\Internet Explorer\iexplore.exe" -nohome
+.js
*JSFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.jse
*JSEFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.pif
*piffile="%1" %*
+.reg
*regfile=regedit.exe "%1"
+.scr
*scrfile="%1" /S
+.txt
*txtfile=%SystemRoot%\system32\NOTEPAD.EXE %1
+.vbs
*VBSFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.vbe
*VBEFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.wsh
*WSHFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.wsf
*WSFFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.lnk
`lnkfile= [key or value does not exist]
»Active Setup (LM)
+Microsoft Windows Media Player 6.4/{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\mplayer2.inf,PerUserStub.NT
+Themes Setup/{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
*StubPath=%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
+Microsoft Outlook Express 6/{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
*StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
+NetMeeting 3.01/{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
+Windows Messenger/{5945c046-1e7d-11d1-bc44-00c04fd912be}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\msmsgs.inf,BLC.Install.PerUser
+Microsoft Windows Media Player 8/{6BF52A52-394A-11d3-B153-00C04F79FAA6}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
+Address Book 6/{7790769C-0471-11d2-AF11-00C04FA35D02}
*StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
+Windows Desktop Update/{89820200-ECBD-11cf-8B85-00AA005B4340}
*StubPath=regsvr32.exe /s /n /i:U shell32.dll
+Internet Explorer 6/{89820200-ECBD-11cf-8B85-00AA005B4383}
*StubPath=%SystemRoot%\system32\ie4uinit.exe
+Fax/{8b15971b-5355-4c82-8c07-7e181ea07608}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
+Internet Explorer Access/{ACC563BC-4266-43f0-B6ED-9D38C4202C7E}
*StubPath=rundll32 iesetup.dll,IEAccessUserInst
»Browser Helper Objects (LM)
*AcroIEHelper.AcroIEHlprObj.1/{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
`InprocServer32=C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
*MoneySide.BrowserHelperObject.10/{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}
`InprocServer32=C:\Program Files\Microsoft Money\System\mnyviewer.dll
»Internet Explorer
»Current User
*Default_Page_URL=http://www.dellnet.com/
*Local Page=C:\WINDOWS\System32\blank.htm
*Search Bar=
*Search Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Start Page=http://www.google.com.br/
+SearchUrl
*provider=
»Default User
*Default_Page_URL=http://www.dellnet.com/
*First Home Page=http://www.dellnet.com/
*Start Page=http://www.dellnet.com/
»Local Machine
*Default_Page_URL=http://www.dellnet.com/
*Default_Search_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Local Page=C:\WINDOWS\System32\blank.htm
*Search Page=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Start Page=http://www.google.com.br/
*CustomizeSearch=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
*SearchAssistant=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
»ShellServiceObjectDelayLoad (LM)
*PostBootReminder={7849596a-48ea-486e-8937-a2a3009f31a9}
`InprocServer32=%SystemRoot%\system32\SHELL32.dll
*CDBurn={fbeb8a05-beee-4442-804e-409d6c4515e9}
`InprocServer32=%SystemRoot%\system32\SHELL32.dll
*WebCheck={E6FB5E20-DE35-11CF-9C87-00AA005127ED}
`InprocServer32=%SystemRoot%\System32\webcheck.dll
*SysTray={35CEC8A3-2BE6-11D2-8773-92E220524153}
`InprocServer32=C:\WINDOWS\System32\stobject.dll
»Special NT Values
»Current User
*Load=
*Run=
*Programs=com exe bat pif cmd
*SHELL=
»Default User
*Load=
*Run=
*Programs=com exe bat pif cmd
*SHELL=
»Local Machine
*AppInit_DLLs=
*SHELL=Explorer.exe
*Userinit=C:\WINDOWS\system32\userinit.exe,
»Files
»Autostart Folders
»Current User
*C:\Documents and Settings\tyriek\Start Menu\Programs\Startup\DESKTOP.INI
*C:\Documents and Settings\tyriek\Start Menu\Programs\Startup\HotSync Manager.LNK
»Default User
*C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\DESKTOP.INI
»Local Machine
*C:\Documents and Settings\All Users\Start Menu\Programs\Startup\DESKTOP.INI
*C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
»INI-Files
»WIN.INI\[windows]
*LOAD=
*RUN=
»SYSTEM.INI\[boot]
*SHELL=Explorer.exe
»Text Files
*C:\boot.ini
`[boot loader]
`timeout=30
`default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
`[operating systems]
`multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Professional" /fastdetect
*C:\msdos.sys
*C:\config.sys
*C:\WINDOWS\System32\config.nt
`dos=high, umb
`device=%SystemRoot%\system32\himem.sys
`files=40
*C:\autoexec.bat
*C:\WINDOWS\System32\autoexec.nt
`@echo off
`lh %SystemRoot%\system32\mscdexnt.exe
`lh %SystemRoot%\system32\redir
`lh %SystemRoot%\system32\dosx
`SET BLASTER=A220 I5 D1 P330 T3
`%SystemRoot%\system32\vipx.exe
`%SystemRoot%\system32\vlmsup.exe
»Program Files
*C:\ntldr
*C:\ntdetect.com
*C:\io.sys
*C:\WINDOWS\System32\win.com
*C:\WINDOWS\explorer.exe
»%PATH% Companion Files
+C:\WINDOWS\System32\NOTEPAD.EXE
*C:\WINDOWS\NOTEPAD.EXE
+C:\WINDOWS\System32\TASKMAN.EXE
*C:\WINDOWS\TASKMAN.EXE
+C:\WINDOWS\System32\WINHLP32.EXE
*C:\WINDOWS\WINHLP32.EXE
»System/Drivers
»Running Processes
+0=<idle>
+4=<system>
+368=\SystemRoot\System32\smss.exe
*C:\WINDOWS\System32\ntdll.dll
+416=\??\C:\WINDOWS\system32\csrss.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\CSRSRV.dll
*C:\WINDOWS\system32\basesrv.dll
*C:\WINDOWS\system32\winsrv.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\KERNEL32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\System32\sxs.dll
+440=\??\C:\WINDOWS\system32\winlogon.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\AUTHZ.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\NDdeApi.dll
*C:\WINDOWS\system32\PROFMAP.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\PSAPI.DLL
*C:\WINDOWS\system32\REGAPI.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\MSGINA.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\system32\ODBC32.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\odbcint.dll
*C:\WINDOWS\system32\SHSVCS.dll
*C:\WINDOWS\system32\sfc.dll
*C:\WINDOWS\system32\sfc_os.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\NWGINA.DLL
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\CALWIN32.DLL
*C:\WINDOWS\system32\CLNWIN32.DLL
*C:\WINDOWS\system32\LOCWIN32.DLL
*C:\WINDOWS\system32\NCPWIN32.dll
*C:\WINDOWS\system32\NETWIN32.DLL
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\CLXWIN32.DLL
*C:\WINDOWS\System32\NLS\ENGLISH\NWGINAR.DLL
*C:\WINDOWS\system32\WINSCARD.DLL
*C:\WINDOWS\system32\WTSAPI32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\cscdll.dll
*C:\WINDOWS\system32\WlNotify.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
*C:\WINDOWS\System32\rsaenh.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\sxs.dll
*C:\WINDOWS\system32\OLEPRO32.DLL
*C:\WINDOWS\system32\msv1_0.dll
*C:\WINDOWS\system32\wldap32.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\RASAPI32.dll
*C:\WINDOWS\system32\rasman.dll
*C:\WINDOWS\system32\TAPI32.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\cscui.dll
*C:\WINDOWS\System32\NavLogon.dll
*C:\WINDOWS\system32\NTMARTA.DLL
*C:\WINDOWS\system32\wdmaud.drv
*C:\WINDOWS\system32\msacm32.drv
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\midimap.dll
+484=C:\WINDOWS\system32\services.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\SCESRV.dll
*C:\WINDOWS\system32\AUTHZ.dll
*C:\WINDOWS\system32\umpnpmgr.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\NCObjAPI.DLL
*C:\WINDOWS\system32\secur32.dll
*C:\WINDOWS\system32\eventlog.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\PSAPI.DLL
*C:\WINDOWS\system32\wtsapi32.dll
*C:\WINDOWS\system32\netapi32.dll
*C:\WINDOWS\system32\Apphelp.dll
+496=C:\WINDOWS\system32\lsass.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\LSASRV.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\SAMSRV.dll
*C:\WINDOWS\system32\cryptdll.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\NTDSAPI.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\msprivs.dll
*C:\WINDOWS\system32\kerberos.dll
*C:\WINDOWS\system32\msv1_0.dll
*C:\WINDOWS\system32\netlogon.dll
*C:\WINDOWS\system32\w32time.dll
*C:\WINDOWS\system32\MSVCP60.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\netman.dll
*C:\WINDOWS\system32\MPRAPI.dll
*C:\WINDOWS\system32\ACTIVEDS.dll
*C:\WINDOWS\system32\adsldpc.dll
*C:\WINDOWS\system32\ATL.DLL
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\RASAPI32.dll
*C:\WINDOWS\system32\rasman.dll
*C:\WINDOWS\system32\TAPI32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\WZCSvc.DLL
*C:\WINDOWS\system32\WMI.dll
*C:\WINDOWS\system32\DHCPCSVC.DLL
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\WTSAPI32.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\schannel.dll
*C:\WINDOWS\system32\wdigest.dll
*C:\WINDOWS\System32\rsaenh.dll
*C:\WINDOWS\system32\nwv1_0.dll
*C:\WINDOWS\system32\scecli.dll
*C:\WINDOWS\system32\ipsecsvc.dll
*C:\WINDOWS\system32\oakley.DLL
*C:\WINDOWS\system32\WINIPSEC.DLL
*C:\WINDOWS\system32\pstorsvc.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\psbase.dll
*C:\WINDOWS\System32\dssenh.dll
+660=C:\WINDOWS\system32\svchost.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*c:\windows\system32\rpcss.dll
*C:\WINDOWS\system32\msvcrt.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*c:\windows\system32\Secur32.dll
*C:\WINDOWS\system32\userenv.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\netman.dll
*C:\WINDOWS\system32\MPRAPI.dll
*C:\WINDOWS\system32\ACTIVEDS.dll
*C:\WINDOWS\system32\adsldpc.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\ATL.DLL
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\RASAPI32.dll
*C:\WINDOWS\system32\rasman.dll
*C:\WINDOWS\system32\TAPI32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\WZCSvc.DLL
*C:\WINDOWS\system32\WMI.dll
*C:\WINDOWS\system32\DHCPCSVC.DLL
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\WTSAPI32.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\netware\NWWS2NDS.DLL
*C:\WINDOWS\system32\NETWIN32.DLL
*C:\WINDOWS\system32\CLNWIN32.DLL
*C:\WINDOWS\system32\LOCWIN32.DLL
*C:\WINDOWS\system32\NCPWIN32.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\netware\NWWS2SLP.DLL
*C:\WINDOWS\system32\NWSRVLOC.dll
*C:\WINDOWS\system32\rasadhlp.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\msv1_0.dll
+684=C:\WINDOWS\System32\svchost.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*c:\windows\system32\shsvcs.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\shell32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\System32\WINSTA.dll
*c:\windows\system32\dhcpcsvc.dll
*c:\windows\system32\DNSAPI.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*c:\windows\system32\iphlpapi.dll
*c:\windows\system32\netman.dll
*c:\windows\system32\MPRAPI.dll
*c:\windows\system32\ACTIVEDS.dll
*c:\windows\system32\adsldpc.dll
*c:\windows\system32\NETAPI32.dll
*C:\WINDOWS\system32\WLDAP32.dll
*c:\windows\system32\ATL.DLL
*C:\WINDOWS\system32\OLEAUT32.dll
*c:\windows\system32\rtutils.dll
*c:\windows\system32\SAMLIB.dll
*c:\windows\system32\SETUPAPI.dll
*c:\windows\system32\RASAPI32.dll
*c:\windows\system32\rasman.dll
*c:\windows\system32\TAPI32.dll
*c:\windows\system32\WINMM.dll
*c:\windows\system32\Secur32.dll
*c:\windows\system32\WZCSvc.DLL
*c:\windows\system32\WMI.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*c:\windows\system32\WTSAPI32.dll
*C:\WINDOWS\System32\UxTheme.dll
*C:\WINDOWS\System32\rsaenh.dll
*c:\windows\system32\termsrv.dll
*c:\windows\system32\ICAAPI.dll
*c:\windows\system32\AUTHZ.dll
*c:\windows\system32\mstlsapi.dll
*C:\WINDOWS\System32\REGAPI.dll
*c:\windows\system32\irmon.dll
*C:\WINDOWS\system32\USERENV.dll
*c:\windows\system32\MSWSOCK.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\System32\wshirda.dll
*C:\WINDOWS\System32\NTMARTA.DLL
*C:\WINDOWS\System32\rastls.dll
*C:\WINDOWS\System32\SCHANNEL.dll
*C:\WINDOWS\System32\WinSCard.dll
*C:\WINDOWS\System32\raschap.dll
*C:\WINDOWS\system32\msv1_0.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*c:\windows\system32\schedsvc.dll
*c:\windows\system32\NTDSAPI.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\System32\MSIDLE.DLL
*c:\windows\system32\audiosrv.dll
*c:\windows\system32\wkssvc.dll
*c:\windows\system32\qmgr.dll
*C:\WINDOWS\system32\MPR.dll
*c:\windows\system32\SHFOLDER.dll
*c:\windows\system32\WINHTTP.dll
*c:\windows\system32\cryptsvc.dll
*c:\windows\system32\WINTRUST.dll
*c:\windows\system32\certcli.dll
*c:\windows\system32\CRYPTUI.dll
*C:\WINDOWS\system32\WININET.dll
*c:\windows\system32\ESENT.dll
*c:\windows\system32\srvsvc.dll
*c:\windows\pchealth\helpctr\binaries\pchsvc.dll
*c:\windows\system32\es.dll
*c:\windows\system32\ersvc.dll
*c:\windows\system32\dmserver.dll
*c:\windows\system32\seclogon.dll
*c:\windows\system32\sens.dll
*c:\windows\system32\srsvc.dll
*c:\windows\system32\POWRPROF.dll
*c:\windows\system32\tapisrv.dll
*c:\windows\system32\PSAPI.DLL
*c:\windows\system32\trkwks.dll
*c:\windows\system32\w32time.dll
*c:\windows\system32\MSVCP60.dll
*C:\WINDOWS\System32\upnp.dll
*C:\WINDOWS\System32\SSDPAPI.dll
*c:\windows\system32\wbem\wmisvc.dll
*c:\windows\system32\wbem\wbemcomn.dll
*C:\WINDOWS\system32\VSSAPI.DLL
*c:\windows\system32\mspmspsv.dll
*c:\windows\system32\wuauserv.dll
*c:\windows\system32\browser.dll
*C:\WINDOWS\System32\wuaueng.dll
*C:\WINDOWS\System32\ADVPACK.dll
*C:\WINDOWS\System32\WINSPOOL.DRV
*C:\WINDOWS\System32\Cabinet.dll
*C:\WINDOWS\System32\mspatcha.dll
*C:\WINDOWS\System32\sfc.dll
*C:\WINDOWS\System32\sfc_os.dll
*C:\WINDOWS\System32\MSXML3.DLL
*c:\windows\system32\rasmans.dll
*c:\windows\system32\WINIPSEC.DLL
*c:\windows\system32\netcfgx.dll
*c:\windows\system32\CLUSAPI.dll
*C:\WINDOWS\System32\SXS.DLL
*C:\WINDOWS\System32\rastapi.dll
*C:\WINDOWS\system32\comsvcs.dll
*C:\WINDOWS\system32\MTXCLU.DLL
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\colbact.DLL
*C:\WINDOWS\System32\RESUTILS.DLL
*C:\WINDOWS\System32\mtxoci.dll
*C:\WINDOWS\System32\unimdm.tsp
*C:\WINDOWS\System32\uniplat.dll
*C:\WINDOWS\System32\unimdmat.dll
*C:\WINDOWS\System32\modemui.dll
*C:\WINDOWS\System32\kmddsp.tsp
*C:\WINDOWS\System32\ndptsp.tsp
*C:\WINDOWS\System32\ipconf.tsp
*C:\WINDOWS\System32\h323.tsp
*C:\WINDOWS\System32\hidphone.tsp
*C:\WINDOWS\System32\HID.DLL
*C:\WINDOWS\System32\rasppp.dll
*C:\WINDOWS\System32\ntlsapi.dll
*c:\windows\system32\ipnathlp.dll
*c:\windows\system32\netshell.dll
*c:\windows\system32\credui.dll
*c:\windows\system32\HNetCfg.dll
*C:\WINDOWS\System32\rasadhlp.dll
*C:\WINDOWS\System32\Wbem\wbemcore.dll
*C:\WINDOWS\System32\Wbem\esscli.dll
*C:\WINDOWS\System32\Wbem\FastProx.dll
*C:\WINDOWS\System32\wbem\wmiutils.dll
*C:\WINDOWS\System32\wbem\repdrvfs.dll
*C:\WINDOWS\System32\wbem\wmiprvsd.dll
*C:\WINDOWS\system32\NCObjAPI.DLL
*C:\WINDOWS\System32\wbem\wbemess.dll
*c:\windows\system32\rasauto.dll
*C:\WINDOWS\System32\icmp.dll
*C:\WINDOWS\System32\msi.dll
*C:\WINDOWS\System32\RASDLG.dll
*C:\WINDOWS\System32\wups.dll
*C:\WINDOWS\System32\wbem\ncprov.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\netware\NWWS2NDS.DLL
*C:\WINDOWS\System32\NETWIN32.DLL
*C:\WINDOWS\System32\CLNWIN32.DLL
*C:\WINDOWS\System32\LOCWIN32.DLL
*C:\WINDOWS\System32\NCPWIN32.dll
*C:\WINDOWS\system32\netware\NWWS2SLP.DLL
*C:\WINDOWS\System32\NWSRVLOC.dll
+808=C:\WINDOWS\System32\svchost.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*c:\windows\system32\dnsrslvr.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*c:\windows\system32\DNSAPI.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*c:\windows\system32\iphlpapi.dll
*c:\windows\system32\netman.dll
*c:\windows\system32\MPRAPI.dll
*c:\windows\system32\ACTIVEDS.dll
*c:\windows\system32\adsldpc.dll
*c:\windows\system32\NETAPI32.dll
*C:\WINDOWS\system32\WLDAP32.dll
*c:\windows\system32\ATL.DLL
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*c:\windows\system32\rtutils.dll
*c:\windows\system32\SAMLIB.dll
*c:\windows\system32\SETUPAPI.dll
*c:\windows\system32\RASAPI32.dll
*c:\windows\system32\rasman.dll
*c:\windows\system32\TAPI32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*c:\windows\system32\WINMM.dll
*C:\WINDOWS\system32\SHELL32.dll
*c:\windows\system32\Secur32.dll
*c:\windows\system32\WZCSvc.DLL
*c:\windows\system32\WMI.dll
*c:\windows\system32\DHCPCSVC.DLL
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*c:\windows\system32\WTSAPI32.dll
*c:\windows\system32\WINSTA.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\wshtcpip.dll
+832=C:\WINDOWS\System32\svchost.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*c:\windows\system32\lmhsvc.dll
*C:\WINDOWS\system32\msvcrt.dll
*c:\windows\system32\iphlpapi.dll
*c:\windows\system32\netman.dll
*c:\windows\system32\MPRAPI.dll
*c:\windows\system32\ACTIVEDS.dll
*c:\windows\system32\adsldpc.dll
*c:\windows\system32\NETAPI32.dll
*C:\WINDOWS\system32\WLDAP32.dll
*c:\windows\system32\ATL.DLL
*C:\WINDOWS\system32\OLEAUT32.dll
*c:\windows\system32\rtutils.dll
*c:\windows\system32\SAMLIB.dll
*c:\windows\system32\SETUPAPI.dll
*c:\windows\system32\RASAPI32.dll
*c:\windows\system32\rasman.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*c:\windows\system32\TAPI32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*c:\windows\system32\WINMM.dll
*C:\WINDOWS\system32\SHELL32.dll
*c:\windows\system32\Secur32.dll
*c:\windows\system32\WZCSvc.DLL
*c:\windows\system32\WMI.dll
*c:\windows\system32\DHCPCSVC.DLL
*c:\windows\system32\DNSAPI.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*c:\windows\system32\WTSAPI32.dll
*c:\windows\system32\WINSTA.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*c:\windows\system32\webclnt.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\System32\wsock32.dll
*c:\windows\system32\regsvc.dll
*c:\windows\system32\ssdpsrv.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\uxtheme.dll
+952=C:\WINDOWS\system32\LEXBCES.EXE
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\lex2kusb.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\SETUPAPI.dll
+980=C:\WINDOWS\system32\spoolsv.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\SPOOLSS.DLL
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\netman.dll
*C:\WINDOWS\system32\MPRAPI.dll
*C:\WINDOWS\system32\ACTIVEDS.dll
*C:\WINDOWS\system32\adsldpc.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\ATL.DLL
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\RASAPI32.dll
*C:\WINDOWS\system32\rasman.dll
*C:\WINDOWS\system32\TAPI32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\WZCSvc.DLL
*C:\WINDOWS\system32\WMI.dll
*C:\WINDOWS\system32\DHCPCSVC.DLL
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\WTSAPI32.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\rasadhlp.dll
*C:\WINDOWS\system32\localspl.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\sfc_os.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\winspool.drv
*C:\WINDOWS\system32\cnbjmon.dll
*C:\WINDOWS\system32\LEXLMPM.DLL
*C:\WINDOWS\system32\LexBce.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\system32\FXSMON.DLL
*C:\WINDOWS\system32\FXSEVENT.dll
*C:\WINDOWS\system32\pjlmon.dll
*C:\WINDOWS\system32\tcpmon.dll
*C:\WINDOWS\system32\usbmon.dll
*C:\WINDOWS\System32\spool\PRTPROCS\W32X86\lxarpp.dll
*C:\WINDOWS\System32\spool\PRTPROCS\W32X86\lmpclnpp.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\netware\NWWS2NDS.DLL
*C:\WINDOWS\system32\NETWIN32.DLL
*C:\WINDOWS\system32\CLNWIN32.DLL
*C:\WINDOWS\system32\LOCWIN32.DLL
*C:\WINDOWS\system32\NCPWIN32.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\netware\NWWS2SLP.DLL
*C:\WINDOWS\system32\NWSRVLOC.dll
*C:\WINDOWS\system32\ndppnt.dll
*C:\WINDOWS\system32\CALWIN32.DLL
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\CLXWIN32.DLL
*C:\WINDOWS\system32\DPAWIN32.dll
*C:\WINDOWS\system32\DPLWIN32.dll
*C:\WINDOWS\system32\DPPWIN32.dll
*C:\WINDOWS\system32\DPSWIN32.dll
*C:\WINDOWS\system32\DPRPCW32.dll
*C:\WINDOWS\system32\LZ32.dll
*C:\WINDOWS\system32\DPLMW32.DLL
*C:\WINDOWS\System32\NLS\ENGLISH\NDPPNTR.DLL
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\nwspool.dll
*C:\WINDOWS\System32\NLS\ENGLISH\NWSPOOLR.DLL
*C:\WINDOWS\system32\win32spl.dll
*C:\WINDOWS\system32\NETRAP.dll
*C:\WINDOWS\system32\inetpp.dll
*C:\WINDOWS\system32\icmp.dll
*C:\WINDOWS\System32\wshtcpip.dll
+1084=C:\WINDOWS\System32\alg.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\System32\ATL.DLL
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\WSOCK32.dll
*C:\WINDOWS\System32\WS2_32.dll
*C:\WINDOWS\System32\WS2HELP.dll
*C:\WINDOWS\System32\MSWSOCK.DLL
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\System32\hnetcfg.dll
*C:\WINDOWS\System32\RASAPI32.dll
*C:\WINDOWS\System32\rasman.dll
*C:\WINDOWS\System32\NETAPI32.dll
*C:\WINDOWS\System32\TAPI32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\System32\rtutils.dll
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\System32\netshell.dll
*C:\WINDOWS\System32\credui.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\System32\iphlpapi.dll
*C:\WINDOWS\System32\netman.dll
*C:\WINDOWS\System32\MPRAPI.dll
*C:\WINDOWS\System32\ACTIVEDS.dll
*C:\WINDOWS\System32\adsldpc.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\System32\SAMLIB.dll
*C:\WINDOWS\System32\SETUPAPI.dll
*C:\WINDOWS\System32\Secur32.dll
*C:\WINDOWS\System32\WZCSvc.DLL
*C:\WINDOWS\System32\WMI.dll
*C:\WINDOWS\System32\DHCPCSVC.DLL
*C:\WINDOWS\System32\DNSAPI.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\System32\WTSAPI32.dll
*C:\WINDOWS\System32\WINSTA.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\System32\wshtcpip.dll
+1104=C:\Program Files\NavNT\defwatch.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\MSVCRT.dll
+1136=C:\PROGRA~1\Iomega\System32\AppServices.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\msvcrt.dll
+1156=c:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSVCRT.DLL
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\psapi.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*c:\Program Files\Common Files\Microsoft Shared\VS7Debug\msdbg2.dll
+1168=C:\WINDOWS\System32\NALNTSRV.EXE
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\System32\LOCWIN32.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\System32\NETWIN32.DLL
*C:\WINDOWS\System32\CLNWIN32.DLL
*C:\WINDOWS\System32\NCPWIN32.dll
*C:\WINDOWS\System32\WSOCK32.dll
*C:\WINDOWS\System32\WS2_32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\System32\WS2HELP.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\System32\NLS\ENGLISH\NALNTRES.DLL
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
+1196=C:\Program Files\NavNT\rtvscan.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\Program Files\NavNT\Dec2.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\MSVCRT.dll
*C:\Program Files\NavNT\Dec2ARJ.dll
*C:\Program Files\NavNT\Dec2ID.dll
*C:\Program Files\NavNT\Dec2LHA.dll
*C:\Program Files\NavNT\SymLHA.dll
*C:\Program Files\NavNT\Dec2LZ.dll
*C:\Program Files\NavNT\Dec2MIME.dll
*C:\Program Files\NavNT\Dec2Zip.dll
*C:\Program Files\NavNT\Dec2AMG.dll
*C:\Program Files\NavNT\SYMAMG32.DLL
*C:\Program Files\NavNT\Dec2UUE.dll
*C:\Program Files\NavNT\Dec2SS.dll
*C:\Program Files\NavNT\Dec2RTF.dll
*C:\WINDOWS\system32\CBA.DLL
*C:\WINDOWS\system32\MsgSys.dll
*C:\WINDOWS\system32\NTS.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\MSWSOCK.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\PDS.DLL
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\CTL3D32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\Program Files\NavNT\NAVLU.dll
*C:\WINDOWS\system32\MFC42.DLL
*C:\WINDOWS\system32\PSAPI.DLL
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\Program Files\NavNT\NAVNTUTL.DLL
*C:\WINDOWS\System32\SFC.DLL
*C:\WINDOWS\System32\sfc_os.dll
*C:\WINDOWS\System32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\Program Files\NavNT\i2ldvp3.dll
*C:\Program Files\NavNT\NAVAPI32.DLL
*C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050119.041\NAVEX32a.DLL
*C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20050119.041\NAVENG32.DLL
*C:\Program Files\NavNT\NAVAP32.DLL
*C:\WINDOWS\System32\amslib.dll
*C:\WINDOWS\System32\loc32vc0.dll
*C:\WINDOWS\system32\VERSION.dll
+1240=C:\WINDOWS\System32\nvsvc32.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
+1320=C:\WINDOWS\wanmpsvc.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\netman.dll
*C:\WINDOWS\system32\MPRAPI.dll
*C:\WINDOWS\system32\ACTIVEDS.dll
*C:\WINDOWS\system32\adsldpc.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\ATL.DLL
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\RASAPI32.dll
*C:\WINDOWS\system32\rasman.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\TAPI32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\WZCSvc.DLL
*C:\WINDOWS\system32\WMI.dll
*C:\WINDOWS\system32\DHCPCSVC.DLL
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\WTSAPI32.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\SHFOLDER.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
+1404=C:\WINDOWS\system32\fxssvc.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\MSVCP60.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\TAPI32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\credui.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\FXSEVENT.dll
*C:\WINDOWS\system32\FXSTIFF.dll
*C:\WINDOWS\system32\FXSAPI.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\fxst30.dll
*C:\WINDOWS\system32\fxsroute.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\System32\wshtcpip.dll
+1972=C:\WINDOWS\System32\MsgSys.EXE
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\System32\NTS.dll
*C:\WINDOWS\System32\WSOCK32.dll
*C:\WINDOWS\System32\WS2_32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\System32\WS2HELP.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\System32\MSWSOCK.dll
*C:\WINDOWS\System32\NETAPI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\System32\CBA.DLL
*C:\WINDOWS\System32\MsgSys.dll
*C:\WINDOWS\System32\PDS.DLL
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\System32\DNSAPI.dll
*C:\WINDOWS\System32\iphlpapi.dll
*C:\WINDOWS\System32\netman.dll
*C:\WINDOWS\System32\MPRAPI.dll
*C:\WINDOWS\System32\ACTIVEDS.dll
*C:\WINDOWS\System32\adsldpc.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\System32\ATL.DLL
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\rtutils.dll
*C:\WINDOWS\System32\SAMLIB.dll
*C:\WINDOWS\System32\SETUPAPI.dll
*C:\WINDOWS\System32\RASAPI32.dll
*C:\WINDOWS\System32\rasman.dll
*C:\WINDOWS\System32\TAPI32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\System32\Secur32.dll
*C:\WINDOWS\System32\WZCSvc.DLL
*C:\WINDOWS\System32\WMI.dll
*C:\WINDOWS\System32\DHCPCSVC.DLL
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\System32\WTSAPI32.dll
*C:\WINDOWS\System32\WINSTA.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\netware\NWWS2NDS.DLL
*C:\WINDOWS\System32\NETWIN32.DLL
*C:\WINDOWS\System32\CLNWIN32.DLL
*C:\WINDOWS\System32\LOCWIN32.DLL
*C:\WINDOWS\System32\NCPWIN32.dll
*C:\WINDOWS\system32\netware\NWWS2SLP.DLL
*C:\WINDOWS\System32\NWSRVLOC.dll
*C:\WINDOWS\System32\rasadhlp.dll
+620=C:\WINDOWS\Explorer.EXE
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\BROWSEUI.dll
*C:\WINDOWS\System32\SHDOCVW.dll
*C:\WINDOWS\System32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\appHelp.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\System32\cscui.dll
*C:\WINDOWS\System32\CSCDLL.dll
*C:\WINDOWS\System32\themeui.dll
*C:\WINDOWS\System32\Secur32.dll
*C:\WINDOWS\System32\MSIMG32.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\System32\actxprxy.dll
*C:\WINDOWS\System32\msutb.dll
*C:\WINDOWS\System32\MSCTF.dll
*C:\WINDOWS\System32\LINKINFO.dll
*C:\WINDOWS\System32\ntshrui.dll
*C:\WINDOWS\System32\ATL.DLL
*C:\WINDOWS\System32\NETAPI32.dll
*C:\WINDOWS\system32\urlmon.dll
*C:\WINDOWS\System32\mlang.dll
*C:\WINDOWS\System32\mshtml.dll
*C:\WINDOWS\system32\WININET.DLL
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\System32\RASAPI32.DLL
*C:\WINDOWS\System32\rasman.dll
*C:\WINDOWS\System32\WS2_32.dll
*C:\WINDOWS\System32\WS2HELP.dll
*C:\WINDOWS\System32\TAPI32.dll
*C:\WINDOWS\System32\rtutils.dll
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\System32\sensapi.dll
*c:\Program Files\Common Files\Microsoft Shared\VS7Debug\pdm.dll
*C:\WINDOWS\System32\shdoclc.dll
*C:\WINDOWS\System32\SETUPAPI.dll
*c:\Program Files\Common Files\Microsoft Shared\VS7Debug\msdbg2.dll
*C:\antispyware\microsoft antispyware\shellextension.dll
*C:\WINDOWS\System32\msi.dll
*C:\WINDOWS\System32\SynTPFcs.dll
*C:\WINDOWS\System32\mslbui.dll
*C:\WINDOWS\System32\wsock32.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\WINSTA.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\System32\msimtf.dll
*C:\WINDOWS\System32\webcheck.dll
*C:\WINDOWS\System32\stobject.dll
*C:\WINDOWS\System32\BatMeter.dll
*C:\WINDOWS\System32\POWRPROF.dll
*C:\WINDOWS\System32\WTSAPI32.dll
*C:\WINDOWS\ime\sptip.dll
*c:\Program Files\Common Files\Microsoft Shared\Ink\PENUSA.DLL
*C:\WINDOWS\System32\MSLS31.DLL
*C:\WINDOWS\System32\wdmaud.drv
*C:\WINDOWS\System32\msacm32.drv
*C:\WINDOWS\System32\MSACM32.dll
*C:\WINDOWS\System32\midimap.dll
*C:\WINDOWS\system32\NETSHELL.dll
*C:\WINDOWS\system32\credui.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\netman.dll
*C:\WINDOWS\system32\MPRAPI.dll
*C:\WINDOWS\system32\ACTIVEDS.dll
*C:\WINDOWS\system32\adsldpc.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\WZCSvc.DLL
*C:\WINDOWS\system32\WMI.dll
*C:\WINDOWS\system32\DHCPCSVC.DLL
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\System32\printui.dll
*C:\WINDOWS\System32\WINSPOOL.DRV
*C:\WINDOWS\System32\CFGMGR32.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\System32\fxsst.dll
*C:\WINDOWS\System32\FXSAPI.dll
*C:\WINDOWS\System32\NOVNPNT.DLL
*C:\WINDOWS\System32\CALWIN32.DLL
*C:\WINDOWS\System32\CLNWIN32.DLL
*C:\WINDOWS\System32\LOCWIN32.DLL
*C:\WINDOWS\System32\NCPWIN32.dll
*C:\WINDOWS\System32\NETWIN32.DLL
*C:\WINDOWS\System32\CLXWIN32.DLL
*C:\WINDOWS\System32\MAPBASE.dll
*C:\WINDOWS\System32\NWSHLXNT.dll
*C:\WINDOWS\System32\NLS\ENGLISH\MAPBASER.DLL
*C:\WINDOWS\System32\NLS\ENGLISH\NWSHLXNR.DLL
*C:\WINDOWS\System32\NLS\ENGLISH\NOVNPNTR.DLL
*C:\WINDOWS\System32\drprov.dll
*C:\WINDOWS\System32\ntlanman.dll
*C:\WINDOWS\System32\NETUI0.dll
*C:\WINDOWS\System32\NETUI1.dll
*C:\WINDOWS\System32\NETRAP.dll
*C:\WINDOWS\System32\davclnt.dll
*C:\WINDOWS\System32\SXS.DLL
*C:\WINDOWS\System32\browselc.dll
*C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
*C:\Program Files\Microsoft Money\System\mnyviewer.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\System32\DUSER.dll
*C:\WINDOWS\System32\MSGINA.dll
*C:\WINDOWS\System32\ODBC32.dll
*C:\WINDOWS\System32\odbcint.dll
*c:\Program Files\Microsoft Office\Office10\msohev.dll
*C:\WINDOWS\System32\rasadhlp.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\netware\NWWS2NDS.DLL
*C:\WINDOWS\system32\netware\NWWS2SLP.DLL
*C:\WINDOWS\System32\NWSRVLOC.dll
*c:\windows\system32\jscript.dll
*C:\WINDOWS\System32\wintrust.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\System32\schannel.dll
*C:\WINDOWS\System32\rsaenh.dll
*C:\WINDOWS\System32\dssenh.dll
*C:\WINDOWS\System32\mshtmled.dll
*C:\WINDOWS\System32\macromed\flash\Flash.ocx
*C:\WINDOWS\System32\Macromed\Common\SwSupport.dll
*c:\windows\system32\vbscript.dll
*C:\WINDOWS\SYSTEM32\Drivers\Dadkeyb.dll
*C:\WINDOWS\System32\ftpshext.dll
*C:\WINDOWS\System32\mydocs.dll
*C:\WINDOWS\System32\ddrawex.dll
*C:\WINDOWS\System32\DDRAW.dll
*C:\WINDOWS\System32\DCIMAN32.dll
*C:\WINDOWS\System32\zipfldr.dll
+1064=C:\WINDOWS\System32\RUNDLL32.EXE
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\System32\NvQTwk.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\System32\nvgfx.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\SynTPFcs.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\System32\MSCTF.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\System32\netapi32.dll
*C:\WINDOWS\System32\SETUPAPI.dll
*C:\WINDOWS\system32\appHelp.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\COMRes.dll
+1192=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\System32\SynTPFcs.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\System32\MSCTF.dll
+1120=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\MSCTF.dll
*C:\WINDOWS\System32\SynTPAPI.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\System32\SynTPFcs.dll
+1256=C:\WINDOWS\SYSTEM32\Drivers\dadapp.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\MSCTF.dll
*C:\WINDOWS\SYSTEM32\Drivers\Dadkeyb.dll
+1288=C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\CDUDFLIB.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\System32\WINSPOOL.DRV
*C:\WINDOWS\system32\msvcrt.dll
*C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\UDFRWLIB.dll
*C:\WINDOWS\System32\SHFOLDER.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\System32\oledlg.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\System32\OLEPRO32.DLL
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\SynTPFcs.dll
*C:\WINDOWS\System32\MSCTF.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*C:\WINDOWS\System32\SETUPAPI.dll
*C:\WINDOWS\System32\LINKINFO.dll
*C:\WINDOWS\System32\ntshrui.dll
*C:\WINDOWS\System32\ATL.DLL
*C:\WINDOWS\System32\NETAPI32.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\System32\mslbui.dll
+1188=C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\System32\SETUPAPI.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\MSCTF.dll
+1304=C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\MSCTF.dll
+1292=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\System32\WINSPOOL.DRV
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\MSCTF.dll
*C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\PrinTray.dll
*C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXARICO.DLL
*C:\WINDOWS\System32\SynTPFcs.dll
+1500=C:\WINDOWS\System32\dpmw32.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\System32\NTMARTA.DLL
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\DPLMW32.DLL
*C:\WINDOWS\System32\WS2_32.dll
*C:\WINDOWS\System32\WS2HELP.dll
*C:\WINDOWS\System32\WINSPOOL.DRV
*C:\WINDOWS\System32\DPLWIN32.dll
*C:\WINDOWS\System32\DPAWIN32.dll
*C:\WINDOWS\System32\NETWIN32.DLL
*C:\WINDOWS\System32\CLNWIN32.DLL
*C:\WINDOWS\System32\LOCWIN32.DLL
*C:\WINDOWS\System32\NCPWIN32.dll
*C:\WINDOWS\System32\WSOCK32.dll
*C:\WINDOWS\System32\DPRPCW32.dll
*C:\WINDOWS\System32\DPPWIN32.dll
*C:\WINDOWS\System32\DPSWIN32.dll
*C:\WINDOWS\system32\LZ32.dll
*C:\WINDOWS\System32\CLXWIN32.DLL
*C:\WINDOWS\System32\CALWIN32.DLL
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\System32\SynTPFcs.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\System32\MSCTF.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\System32\DNSAPI.dll
*C:\WINDOWS\System32\iphlpapi.dll
*C:\WINDOWS\System32\netman.dll
*C:\WINDOWS\System32\MPRAPI.dll
*C:\WINDOWS\System32\ACTIVEDS.dll
*C:\WINDOWS\System32\adsldpc.dll
*C:\WINDOWS\System32\NETAPI32.dll
*C:\WINDOWS\System32\ATL.DLL
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\rtutils.dll
*C:\WINDOWS\System32\SAMLIB.dll
*C:\WINDOWS\System32\SETUPAPI.dll
*C:\WINDOWS\System32\RASAPI32.dll
*C:\WINDOWS\System32\rasman.dll
*C:\WINDOWS\System32\TAPI32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\System32\Secur32.dll
*C:\WINDOWS\System32\WZCSvc.DLL
*C:\WINDOWS\System32\WMI.dll
*C:\WINDOWS\System32\DHCPCSVC.DLL
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\System32\WTSAPI32.dll
*C:\WINDOWS\System32\WINSTA.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\netware\NWWS2NDS.DLL
*C:\WINDOWS\system32\netware\NWWS2SLP.DLL
*C:\WINDOWS\System32\NWSRVLOC.dll
*C:\WINDOWS\System32\rasadhlp.dll
+1572=C:\WINDOWS\System32\NWTRAY.EXE
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\COMCTL32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\System32\NOVNPNT.DLL
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\System32\NETAPI32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\System32\CALWIN32.DLL
*C:\WINDOWS\System32\CLNWIN32.DLL
*C:\WINDOWS\System32\LOCWIN32.DLL
*C:\WINDOWS\System32\NCPWIN32.dll
*C:\WINDOWS\System32\NETWIN32.DLL
*C:\WINDOWS\System32\WSOCK32.dll
*C:\WINDOWS\System32\WS2_32.dll
*C:\WINDOWS\System32\WS2HELP.dll
*C:\WINDOWS\System32\CLXWIN32.DLL
*C:\WINDOWS\System32\MAPBASE.dll
*C:\WINDOWS\System32\NWSHLXNT.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\System32\NLS\ENGLISH\MAPBASER.DLL
*C:\WINDOWS\System32\NLS\ENGLISH\NWSHLXNR.DLL
*C:\WINDOWS\System32\NLS\ENGLISH\NOVNPNTR.DLL
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\SynTPFcs.dll
*C:\WINDOWS\System32\MSCTF.dll
+1588=C:\Program Files\QuickTime\qttask.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\MSCTF.dll
*C:\WINDOWS\System32\QuickTime.qts
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\WININET.DLL
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\ddraw.dll
*C:\WINDOWS\System32\DCIMAN32.dll
*C:\WINDOWS\System32\SynTPFcs.dll
*C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeAuthoring.qtx
*C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeEssentials.qtx
*C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeInternetExtras.qtx
*C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeMPEG.qtx
*C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeMPEG4.qtx
*C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeStreaming.qtx
*C:\WINDOWS\System32\WSOCK32.dll
*C:\WINDOWS\System32\WS2_32.dll
*C:\WINDOWS\System32\WS2HELP.dll
*C:\WINDOWS\SYSTEM32\QuickTime\QuickTimeStreamingExtras.qtx
*C:\WINDOWS\System32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
+1596=C:\Program Files\Common Files\Real\Update_OB\realsched.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\System32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\System32\MSCTF.dll
+1612=C:\Program Files\SealedMedia\sealmon.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\wininet.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\OLE32.DLL
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\System32\MSCTF.dll
+1620=C:\Program Files\NavNT\vptray.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\SynTPFcs.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\System32\MSCTF.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\COMRes.dll
*C:\WINDOWS\System32\msi.dll
*C:\Program Files\NavNT\Cliproxy.dll
*C:\WINDOWS\System32\CTL3D32.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\System32\Secur32.dll
*C:\Program Files\NavNT\NAVNTUTL.DLL
*C:\WINDOWS\System32\SXS.DLL
*C:\Program Files\NavNT\Cliscan.dll
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\System32\SFC.DLL
*C:\WINDOWS\System32\sfc_os.dll
*C:\WINDOWS\System32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
+1628=C:\antispyware\microsoft antispyware\gcasServ.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\System32\MSVBVM60.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSVCRT.DLL
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\SynTPFcs.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\System32\MSCTF.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*C:\WINDOWS\System32\msi.dll
*C:\WINDOWS\System32\SXS.DLL
*C:\antispyware\microsoft antispyware\gcAntiSpywareLibrary.dll
*C:\WINDOWS\System32\ShFolder.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\wininet.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\System32\Secur32.dll
*C:\WINDOWS\system32\shell32.dll
*C:\WINDOWS\System32\RASAPI32.DLL
*C:\WINDOWS\System32\rasman.dll
*C:\WINDOWS\System32\WS2_32.dll
*C:\WINDOWS\System32\WS2HELP.dll
*C:\WINDOWS\System32\NETAPI32.dll
*C:\WINDOWS\System32\TAPI32.dll
*C:\WINDOWS\System32\rtutils.dll
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\System32\sensapi.dll
*C:\WINDOWS\system32\USERENV.dll
+1636=C:\WINDOWS\System32\ctfmon.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\System32\MSCTF.dll
*C:\WINDOWS\System32\MSUTB.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\System32\SynTPFcs.dll
*C:\WINDOWS\system32\VERSION.dll
+1776=C:\Program Files\Handspring\HOTSYNC.EXE
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\Program Files\Handspring\CMDS21.dll
*C:\Program Files\Handspring\HSLOG20.dll
*C:\Program Files\Handspring\PalmCmn.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\MSVCRT.dll
*C:\WINDOWS\System32\MSVCIRT.dll
*C:\Program Files\Handspring\CONDMGR.dll
*C:\WINDOWS\System32\WS2_32.dll
*C:\WINDOWS\System32\WS2HELP.dll
*C:\Program Files\Handspring\SYNC20.dll
*C:\Program Files\Handspring\INSTAIDE.dll
*C:\Program Files\Handspring\Subs30.dll
*C:\WINDOWS\System32\MFC42.DLL
*C:\Program Files\Handspring\UserData.dll
*C:\Program Files\Handspring\VFSAPI.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\SynTPFcs.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\System32\MSCTF.dll
*C:\Program Files\Handspring\USBTransport.dll
*C:\Program Files\Handspring\USBPort.dll
*C:\WINDOWS\System32\SETUPAPI.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\wshirda.dll
+1672=C:\WINDOWS\SYSTEM32\Drivers\DadTray.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\System32\WINSPOOL.DRV
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\SynTPFcs.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\System32\MSCTF.dll
+2308=C:\antispyware\microsoft antispyware\gcasDtServ.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\MSVBVM60.DLL
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSVCRT.DLL
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\SynTPFcs.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\System32\MSCTF.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\antispyware\microsoft antispyware\gcAntiSpywareLibrary.dll
*C:\WINDOWS\System32\GCCollection.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\SXS.DLL
*C:\WINDOWS\system32\msi.dll
*C:\WINDOWS\system32\shell32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\rasapi32.dll
*C:\WINDOWS\system32\rasman.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\TAPI32.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\hashlib.dll
+2388=C:\WINDOWS\System32\wuauclt.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\System32\ATL.DLL
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\COMCTL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\wuaucpl.cpl
*C:\WINDOWS\System32\SHFOLDER.dll
*C:\WINDOWS\System32\wuaueng.dll
*C:\WINDOWS\System32\ADVPACK.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\System32\WS2_32.dll
*C:\WINDOWS\System32\WS2HELP.dll
*C:\WINDOWS\System32\ESENT.dll
*C:\WINDOWS\System32\WTSAPI32.dll
*C:\WINDOWS\System32\WINSTA.dll
*C:\WINDOWS\System32\WINSPOOL.DRV
*C:\WINDOWS\System32\SETUPAPI.dll
*C:\WINDOWS\System32\WINHTTP.dll
*C:\WINDOWS\System32\WINTRUST.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\System32\Cabinet.dll
*C:\WINDOWS\System32\mspatcha.dll
*C:\WINDOWS\System32\sfc.dll
*C:\WINDOWS\System32\sfc_os.dll
*C:\WINDOWS\System32\MSIMG32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\SynTPFcs.dll
*C:\WINDOWS\System32\MSCTF.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*C:\WINDOWS\System32\wups.dll
*C:\WINDOWS\System32\wucltui.dll
+3220=C:\antispyware\StartDreck\StartDreck.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\antispyware\StartDreck\VB40032.DLL
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\System32\MSVCRT20.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSVCRT.DLL
*C:\WINDOWS\System32\OLEPRO32.DLL
*C:\antispyware\StartDreck\VB4DE32.DLL
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\SynTPFcs.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\System32\MSCTF.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*C:\antispyware\StartDreck\PSAPI.DLL
*C:\WINDOWS\System32\mslbui.dll
»VMM32Files (LM)
»%System%\VMM32
»%System%\IOSUBSYS
»Application specific
»MS Office 97/8.0 STARTUP-PATH
»Current User
»Default User
»Local Machine
»ICQ NetDetect
»Current User
»Default User
 
TYRIEK:

This log is also clean. For your updates just visit MS's update page...and it should ask you to update both XP and IE. Service pack 1 won't need installed as SP2 is a combination of it..and the new firewall and security fixs. Anyway...back to your log...just try a few tools and see what they pick up.

Download Silent runners.Vbs http://www.silentrunners.org/
1. Make sure you have any script blocking software disabled
2. Run the program. It will take a few minutes to complete.
3. Once complete it will produce a log named “StartupPrograms” with Your user and date in the filename. Open that txt file and posts it contents in your next post.

Download and unzip
http://castlecops.com/zx/Zupe/Find It NT-2K-XP.zip
Double-click on find.bat inside the folder to run it. It should run for a while, then open a text document. Please copy and paste the contents of that document here.

Download Find-qoologic.zip from my attachment here.
http://www.techsupportforum.com/showthread.php?t=31271&page=2
1. Unzip (It must be unzipped) the files to a folder on your desktop.
2. Open the qoologic folder, run qoologic.bat from there and wait for it to finish.
3. It will take awhile so wait until the dos window disappears and disk activity stops.
4. Then open the text file it createdÂ… found here c:\log.txt and paste the contents into your next post.

Download DLLCompare http://www.greyknight17.com/spy/DllCompare.exe

Please put it in a folder on the root drive (C:\)
Click the Run locate.com button
When the scan is complete click the Compare button.

It will sort through the files it found and determine which should be flagged as "No access" and display them in the lower box.
In a few minutes it will complete.
Click the button Make a Log of what was Found

Post that log.

**Note** Only if you get an error after pressing Run Locate.com:
Copy autoexec.nt from c:\windows\repair\ folder to c:\windows\system32\ folder..

Post ALL those logs.
 
Microbell,

Thanks for your response. Unfortunately, my browser locks up when I try to open the link you've listed for downloading "Find-qoologic.zip. Can you provide me with a link to the actual file instead of the page? In the meantime, I'll run the other items you've asked for.

Thanks,
m
 
Microbell,

Below are the four reports you've asked for. Please disregard my request for help to download Find-Qoologic.zip. I found a way to get the file.

I'm looking forward to receiving your instructions about what to do next. Please be aware that I have not yet downloaded the Microsoft updates.

Thanks for your help,
mantis



REPORT FOR: SILENTRUNNERS

"Silent Runners.vbs", revision 30
Operating System: Windows XP
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"ctfmon.exe" = "C:\WINDOWS\System32\ctfmon.exe" [MS]
"Skype" = ""C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized" ["Skype Technologies S.A."]
"SureCleanProfessional" = ""C:\PROGRA~1\PANICW~1\SURECL~1\SRClean.exe"" [file not found]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
"NvCplDaemon" = "RUNDLL32.EXE NvQTwk,NvCplDaemon initialize" [MS]
"SynTPLpr" = "C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" ["Synaptics, Inc."]
"SynTPEnh" = "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" ["Synaptics, Inc."]
"TCASUTIEXE" = "TCAUDIAG -off" [empty string]
"DadApp" = "C:\WINDOWS\SYSTEM32\Drivers\dadapp.exe" [null data]
"MoneyStartUp10.0" = ""C:\Program Files\Microsoft Money\System\Activation.exe"" [MS]
"AdaptecDirectCD" = ""C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"" ["Roxio"]
"Lexmark X73 Button Monitor" = "C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe" ["Silitek Corp."]
"Lexmark X73 Button Manager" = "C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe" ["Jetsoft Development Company"]
"PrinTray" = "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe" ["Lexmark"]
"NDPS" = "C:\WINDOWS\System32\dpmw32.exe" [null data]
"NWTRAY" = "NWTRAY.EXE" ["Novell, Inc."]
"QuickTime Task" = ""C:\Program Files\QuickTime\qttask.exe" -atboottime" ["Apple Computer, Inc."]
"TkBellExe" = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe -osboot" ["RealNetworks, Inc."]
"Synchronization Manager" = "C:\WINDOWS\system32\mobsync.exe /logon" [MS]
"sealmon" = "C:\Program Files\SealedMedia\sealmon.exe" ["SealedMedia"]
"vptray" = "C:\Program Files\NavNT\vptray.exe" ["Symantec Corporation"]
"gcasServ" = ""C:\antispyware\microsoft antispyware\gcasServ.exe"" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = "AcroIEHlprObj Class" [from CLSID]
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx" [empty string]
{FDD3B846-8D59-4ffb-8758-209B6AD74ACC}\(Default) = (no title provided)
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Microsoft Money\System\mnyviewer.dll" [MS]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"
-> {CLSID}\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\hticons.dll" ["Hilgraeve, Inc."]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {CLSID}\InProcServer32\(Default) = "c:\Program Files\Microsoft Office\Office10\msohev.dll" [MS]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Outlook Custom Icon Handler"
-> {CLSID}\InProcServer32\(Default) = "c:\Program Files\Microsoft Office\Office10\OLKFSTUB.DLL" [MS]
"{955B7B84-5308-419c-8ED8-0B9CA3C56985}" = "6 Months of AOL Included"
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\COMMON~1\aolshare\shell\us\shellext.dll" ["America Online, Inc."]
"{5E44E225-A408-11CF-B581-008029601108}" = "Adaptec DirectCD Shell Extension"
-> {CLSID}\InProcServer32\(Default) = "C:\PROGRA~1\Adaptec\EASYCD~1\DirectCD\Shellex.dll" ["Roxio"]
"{AF8DE18D-9065-4102-BC40-EB294A95BB07}" = "Novell Connections"
-> {CLSID}\InProcServer32\(Default) = "C:\WINDOWS\System32\nwshlxnt.dll" ["Novell, Inc."]
"{04c23aa0-3d34-11d2-b788-008029605ac7}" = "NDPS Shell Extension"
-> {CLSID}\InProcServer32\(Default) = "ndpsprop.dll" [empty string]
"{BDA77241-42F6-11d0-85E2-00AA001FE28C}" = "LDVP Shell Extensions"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll" ["Symantec Corporation"]
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}" = "Shell Extensions for RealOne Player"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Real\RealPlayer\rpshellext.dll" ["RealNetworks"]
"{D508094D-53A2-11D7-935D-000AE6309654}" = "Panicware, Inc. SureClean Recycle Bin"
-> {CLSID}\InProcServer32\(Default) = "C:\Program Files\Panicware\SureClean Professional\pwinssd.dll" [file not found]

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\
INFECTION WARNING! "GinaDLL" = "NWGINA.DLL" ["Novell, Inc."]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
INFECTION WARNING! "NavLogon\DLLName" = "C:\WINDOWS\System32\NavLogon.dll" [null data]


Startup items in "tyriek" & "All Users" startup folders:
--------------------------------------------------------

C:\Documents and Settings\tyriek\Start Menu\Programs\Startup
"HotSync Manager" -> shortcut to: "C:\Program Files\Handspring\HOTSYNC.EXE" ["Palm, Inc."]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
"Microsoft Office" -> shortcut to: "C:\Program Files\Microsoft Office\Office10\OSA.EXE -b -l" [MS]


Enabled Scheduled Tasks:
------------------------

"Symantec NetDetect" -> launches: "C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE" ["Symantec Corporation"]
"{4022C93B-4FB0-43AD-9C75-652FB3D93351}_TYRIEK_tyriek" -> launches: "C:\WINDOWS\system32\MOBSYNC.EXE /Schedule="{4022C93B-4FB0-43AD-9C75-652FB3D93351}_TYRIEK_tyriek"" [MS]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

DefWatch, DefWatch, "C:\Program Files\NavNT\defwatch.exe" ["Symantec Corporation"]
Fax, Fax, "C:\WINDOWS\system32\fxssvc.exe" [MS]
Iomega App Services, Iomega App Services, ""C:\PROGRA~1\Iomega\System32\AppServices.exe"" ["Iomega Corporation"]
LexBce Server, LexBceS, "C:\WINDOWS\system32\LEXBCES.EXE" ["Lexmark International, Inc."]
Machine Debug Manager, MDM, ""c:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe"" [MS]
Norton AntiVirus Client, Norton AntiVirus Server, "C:\Program Files\NavNT\rtvscan.exe" ["Symantec Corporation"]
Novell Application Launcher, NALNTSERVICE, "C:\WINDOWS\System32\NALNTSRV.EXE" ["Novell, Inc."]
NVIDIA Driver Helper Service, NVSvc, "C:\WINDOWS\System32\nvsvc32.exe" ["NVIDIA Corporation"]
WAN Miniport (ATW) Service, WANMiniportService, ""C:\WINDOWS\wanmpsvc.exe"" ["America Online, Inc."]


----------
This report excludes default entries except where indicated.
To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
----------



REPORT FOR: FIND IT NT-2K-XP

Warning! This utility will find legitimate files in addition to malware.
Do not remove anything unless you are sure you know what you're doing.

Find.bat is running from: C:\Documents and Settings\tyriek\Desktop\scanspyware\2005-02-01\find it nt-2k-xp

------- System Files in System32 Directory -------

Volume in drive C has no label.
Volume Serial Number is 4453-BF83

Directory of C:\WINDOWS\System32

01/28/2005 05:20 PM <DIR> DLLCACHE
05/06/2002 12:16 AM <DIR> Microsoft
0 File(s) 0 bytes
2 Dir(s) 2,653,802,496 bytes free

------- Hidden Files in System32 Directory -------

Volume in drive C has no label.
Volume Serial Number is 4453-BF83

Directory of C:\WINDOWS\System32

01/28/2005 05:20 PM <DIR> DLLCACHE
08/30/2001 11:29 PM 488 logonui.exe.manifest
08/30/2001 11:29 PM 488 WindowsLogon.manifest
08/30/2001 11:29 PM 749 nwc.cpl.manifest
08/30/2001 11:29 PM 749 sapi.cpl.manifest
08/30/2001 11:29 PM 749 ncpa.cpl.manifest
08/30/2001 11:29 PM 749 wuaucpl.cpl.manifest
08/30/2001 11:29 PM 749 cdplayer.exe.manifest
7 File(s) 4,721 bytes
1 Dir(s) 2,653,802,496 bytes free

------------ Files Named "Guard" ---------------

Volume in drive C has no label.
Volume Serial Number is 4453-BF83

Directory of C:\WINDOWS\System32


------ Temp Files in System32 Directory ------

Volume in drive C has no label.
Volume Serial Number is 4453-BF83

Directory of C:\WINDOWS\System32

08/17/2001 06:00 PM 2,577 CONFIG.TMP
1 File(s) 2,577 bytes
0 Dir(s) 2,653,798,400 bytes free

------------------ User Agent ----------------

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]


------------- Keys Under Notify -------------

REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,72,79,70,74,33,32,2e,64,6c,6c,00
"Logoff"="ChainWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,72,79,70,74,6e,65,74,2e,64,6c,6c,00
"Logoff"="CryptnetWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
"DllName"="C:\\WINDOWS\\System32\\NavLogon.dll"
"Logoff"="NavLogoffEvent"
"StartShell"="NavStartShellEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,6c,6e,6f,74,69,66,79,2e,64,6c,6c,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,63,6c,67,6e,74,66,79,2e,64,6c,6c,00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,6c,6e,6f,74,69,66,79,2e,64,6c,6c,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001


------------- Locate.com Results -------------

No matches found.

-------- Strings.exe Qoologic Results --------

C:\WINDOWS\SYSTEM32\pav.sig: Qoologic
C:\WINDOWS\SYSTEM32\pav.sig: Qoologic

--------- Strings.exe Aspack Results ---------

C:\WINDOWS\SYSTEM32\pav.sig: AsPack

-------------- HKLM Run Key ----------------

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.EXE NvQTwk,NvCplDaemon initialize"
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"TCASUTIEXE"="TCAUDIAG -off"
"DadApp"="C:\\WINDOWS\\SYSTEM32\\Drivers\\dadapp.exe"
"MoneyStartUp10.0"="\"C:\\Program Files\\Microsoft Money\\System\\Activation.exe\""
"AdaptecDirectCD"="\"C:\\Program Files\\Adaptec\\Easy CD Creator 5\\DirectCD\\DirectCD.exe\""
"Lexmark X73 Button Monitor"="C:\\PROGRA~1\\LEXMAR~1\\ACMonitor_X73.exe"
"Lexmark X73 Button Manager"="C:\\PROGRA~1\\LEXMAR~1\\AcBtnMgr_X73.exe"
"PrinTray"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\printray.exe"
"NDPS"="C:\\WINDOWS\\System32\\dpmw32.exe"
"NWTRAY"="NWTRAY.EXE"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"TkBellExe"="C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe -osboot"
"Synchronization Manager"=hex(2):25,53,79,73,74,65,6d,52,6f,6f,74,25,5c,73,79,\
73,74,65,6d,33,32,5c,6d,6f,62,73,79,6e,63,2e,65,78,65,20,2f,6c,6f,67,6f,6e,\
00
"sealmon"="C:\\Program Files\\SealedMedia\\sealmon.exe"
"vptray"="C:\\Program Files\\NavNT\\vptray.exe"
"gcasServ"="\"C:\\antispyware\\microsoft antispyware\\gcasServ.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"






REPORT FOR: FIND-QOOLOGIC

C:\Documents and Settings\tyriek\Desktop\scanspyware\2005-02-01\qoologic

PLEASE NOTE THAT ALL FILES FOUND BY THIS METHOD ARE NOT BAD FILES, THERE MIGHT BE LEGIT FILES LISTED AND PLEASE BE CAREFUL WHILE FIXING. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.
Files Found in system Folder............
------------------------
C:\WINDOWS\SYSTEM32\pav.sig: Qoologic
C:\WINDOWS\SYSTEM32\pav.sig: Qoologic
C:\WINDOWS\SYSTEM32\pav.sig: AsPack

Files Found in all users startup Folder............
------------------------




REPORT FOR: DLL COMPARE

* DLLCompare Log version(1.0.0.125)
Files Found that Windows does not See or cannot Access
*Not everything listed here means you are infected!
________________________________________________

O^E says: "There were no files found :)"
________________________________________________

1,426 items found: 1,426 files, 0 directories.
Total of file sizes: 242,747,274 bytes 231.50 M

Administrator Account = True

--------------------End log---------------------
 
mantis:

Unfortunatly these log's are also clean. I don't think your issue is releated to spyware on the PC. I think at this point we should check for a trojan. Download TDS-3 from here...http://tds.diamondcs.com.au/

Update it's database and run a FULL system scan. Delete any trojans found in the bottom window. I would also put your XP CD in the drive and from the run command type... sfc /scannow. This will check the OS for missing or corrupt windows files. Consider updateing at least IE to Sp2 and see if that helps. You may need to reinstall IE6.
 
Hi Microbell,

Thanks for your help. HereÂ’s an update.

I’ll start with something I’ve observed recently that seems important. When my computer slows down and I check Windows Task Manager and look under the “Processes” tab, sometimes “EXPLORER.EXE” is using 98% or 99% of the CPU. It’s not always “IEXPLORER.EXE” that’s doing this, although it does it too as I reported initially. Maybe this new information adds a useful perspective to the problem.

Now, on to the things you told me to do.

TDS-3:
I ran a full system scan with this program & it found approximately 10 “dual extensions” files. All of these are Microsoft Word documents or other MS Office documents that I transferred to my machine from colleagues. I did not attempt to remove or alter these files because the report didn’t identify them as Trojans. Please tell me if I should alter or delete them. If so, please tell me if this requires me to rerun the scan or if it’s possible to retrieve them through some form of a scan history feature in TDS-3. Here's the program's report:

21:24:25 [Init] Trojan Defence Suite v3.2.0 (UNLICENSED)
21:24:25 [Init] Started 01-02-05 21:24:25 Eastern Standard Time (UTC: 5), Internet Time @1141.96
21:24:25 [Init] Loading TDS-3 Systems ...
21:24:25 [Init] Token successfully adjusted.
21:24:25 [Init] • TDS Privileges : OK. Adjusted TDS-3 token privileges to maximum
21:24:26 [Init] • Plugins : OK. Loaded 13
21:24:26 [Init] • Exec Protection : Not Installed
21:24:26 [Init] WARNING: Your Radius.TD3 database needs to be updated!
21:24:26 [Init] Please download the latest from http://tds.diamondcs.com.au/radius.td3
21:24:26 [Init] Licensed users can use the Update facility from the TDS menu
21:24:26 [Init] Loading Radius Advanced Scanning Systems ... <R3 Engine, DCS Labs>
21:24:43 [Init] Started - verifying 29 files ...
21:25:03 [Init] Test finished.
21:27:30 [Init] Memory scan started, please wait a moment ...
21:27:32 [Init] Memory scan complete.
21:27:32 [Init] Started...
21:27:34 [Init] Finished (no trojan mutexes found).
21:27:34 [Init] Started...
21:27:45 [Init] Finished.
21:27:45 [Init] Scanning for services and drivers ...
21:28:07 [Init] Scanned 326 services and drivers.
21:28:07 [Init] Scanning in A:\ ...
21:28:08 [Init] Scanned 0 files: 0 alarms in 1.046875 seconds (Avg 1. files/sec)
21:28:08 [Init] Scanning in C:\ ...
01:13:23 [Init] Scanned 110044 files: 14 alarms in -72884.42 seconds (Avg -.51 files/sec)
01:13:23 [Init] Scanning in D:\ ...
01:13:23 [Init] Scanned 0 files: 14 alarms in 0 seconds (Avg -1.#IND files/sec)
01:13:23 [Init] Finished.
01:13:25 [Init] • Radius Advanced Specialist Extensions on standby for 13 trojan families
01:13:26 [Init] • Systems Initialised [45726 references - 21681 primaries/11902 traces/12143 variants/other]
01:13:26 [Init] Radius Systems loaded. <Databases updated 01-02-2005>
01:13:26 [Init] TDS-3 Ready. <Tyriek@127.0.0.1 - United States>
01:13:26 [Tip Of The Day] Press F5 to join licensed TDS-3 Operators and DiamondCS staff in the DiamondCS Discussion Forum!
01:13:26 [TDS] Good morning Tyriek. What are you doing up at this time?
01:13:37 [Mutex Memory Scan] Started...
01:13:41 [Mutex Memory Scan] Finished (no trojan mutexes found).
01:13:41 [TDS-3] This is an EVALUATION demo of TDS-3. Please see the help file for help on registering.


sfc /scannow:
I ran this command, and it completed the scan without prompting me to do anything during or after the scan. Can I assume this means that itÂ’s fine? I should note that I ran it twice: first without the Windows XP CD and the second time with it. In both cases, it did not refer to the CD, so I assume that it ran a check against some files on the hard drive. But IÂ’m not sure about this.

Updating Internet Explorer 6 to Service Pack 2:
I checked Microsoft’s online “Windows Updates” and found “Cumulative Security Update for Internet Explorer 6 (KB834707) listed, which appears to be the Service Pack 2 update for the browser. I will download and install this update.

Service Pack 2 for Windows XP:
My computer appears to have both Service Pack 1 and 2 installed for the operating system but, obviously, theyÂ’re out of date.

Reinstalling Internet Explorer 6:
Can you advise me on this? I assume that I should do this from the installation CD. That seems obvious enough. However, can you tell me what I should back up, if anything? For example, will the installation overwrite my bookmarks and browser settings? Is it possible to use a tool to save these somewhere so I can insert them after the reinstallation, or do I have to do this manually?

That covers everything I can think of. Thanks again for your diligent help. I look forward to your reply.

Sincerely,
m
 
Did you remove those 14 alarms that TDS-3 detected. The log I was looking for is called scandump.log. This lists the trojans found in the bottom window. I need that log.
 
I didn't remove the 14 alarms because the report didn't identify them as trojans. Please take a look at what I wrote below and advise me from there:

I ran a full system scan with this program & it found approximately 10 “dual extensions” files. All of these are Microsoft Word documents or other MS Office documents that I transferred to my machine from colleagues. I did not attempt to remove or alter these files because the report didn’t identify them as Trojans. Please tell me if I should alter or delete them. If so, please tell me if this requires me to rerun the scan or if it’s possible to retrieve them through some form of a scan history feature in TDS-3.

Thanks again.
 
Microbell,

I've run the TDS-3 scan again. All 14 files are listed as "suspicious" because they have "dual extensions". The tool has found no trojans and it has not created a report called "scandump.log" or any other report.

If you would like this report, please tell me how to create it. I looked through the help tool and the menu options but didn't see any commands like this.

As for Winsock2Fix, I ran it and it asked permission to change two registry keys, which I changed after I saved a backup of the registry with this program.

I have not reinstalled / repaired Internet Explorer yet. Please tell me if I should do so at this point. Please tell me if I should go ahead with this before we have isolated everything else.

I'm don't know if this information is important, but I will add it as a final note. Some other items seemed to consume all (98% or 99%) of the CPU's resources recently based on the Windows Task Manager view. This is occasional, not something that happens often. These include:
RUN32.dll
Synchronization Manager
Disk Clean-up

I
 
Status
Not open for further replies.

Similar threads

XWrench3
hijack this scan
Replies
6
Views
2K
XWrench3
XWrench3
G
Computer slow and work in background
Replies
0
Views
3K
grecycle99
G
N
Laptop slowing down in function (internet and general apps)
Replies
1
Views
3K
Trotter
Trotter
M
computer suddenly slowed down.
Replies
0
Views
3K
mike3dp
M
N
Your computer appears to be correctly configured, but the device or resource (DNS server) is not responding"
Replies
0
Views
4K
nev
N
Back
Top Bottom