Logfile of HijackThis v1.99.1
Scan saved at 5:24:53 PM, on 9/2/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Command Software\dvpapi.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\ps2.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.gamespot.com/R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.gamespot.comO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\G001-1.0.25.0\gnotify.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cabO16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
http://messenger.zone.msn.com/binary/MineS...er.cab31267.cabO16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) -
http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cabO16 - DPF: {4E888414-DB8F-11D1-9CD9-00C04F98436A} (Microsoft.WinRep) -
https://webresponse.one.microsoft.com/oas/ActiveX/winrep.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://spaces.msn.com//PhotoUpload/MsnPUpld.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cabO16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) -
http://www.installengine.com/engine/isetup.cabO16 - DPF: {928626A3-6B98-11CF-90B4-00AA00A4011F} (SurroundVideoCtrl Object) -
http://encarta.msn.com/encnet/external/MSSurVid.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://www.pandasoftware.com/activescan/as5free/asinst.cabO16 - DPF: {9B17FE0E-51F2-4692-8B32-8EFB805FC0E7} (HPObjectInstaller Class) -
http://h30155.www3.hp.com/ediags/gs/instal...edsolutions.cabO16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) -
http://messenger.zone.msn.com/binary/Bankshot.cab31267.cabO16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) -
https://www.stopzilla.com/_download/Auto_In...ller/dwnldr.cabO16 - DPF: {F54C1137-5E34-4B95-95A5-BA56D4D8D743} (Secure Delivery) -
http://www.gamespot.com/KDX/kdx.cabO20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: DvpApi (dvpapi) - Command Software Systems, Inc. - C:\Program Files\Common Files\Command Software\dvpapi.exe
O23 - Service: Content Monitoring Tool (msCMTSrvc) - Unknown owner - C:\WINDOWS\system32\msCMTSrvc.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
+ C:\WINDOWS\system32\userinit.exe Userinit Logon Application Microsoft Windows XP Publisher c:\windows\system32\userinit.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
+ Explorer.exe Windows Explorer Microsoft Windows XP Publisher c:\windows\explorer.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ hpsysdrv hpsysdrv (Not verified) Hewlett-Packard Company c:\windows\system\hpsysdrv.exe
+ Logitech Utility Logitech Launcher Application Microsoft Windows Hardware Compatibility Publisher c:\windows\logi_mwx.exe
+ PS2 PS2 EXE Microsoft Windows Hardware Compatibility Publisher c:\windows\system32\ps2.exe
+ QuickTime Task (Not verified) Apple Computer, Inc. c:\program files\quicktime\qttask.exe
+ Recguard Recguard MFC Application c:\windows\sminst\recguard.exe
+ SunJavaUpdateSched Java™ 2 Platform Standard Edition binary (Not verified) Sun Microsystems, Inc. c:\program files\java\jre1.5.0_04\bin\jusched.exe
+ {0228e555-4f9c-4e35-a3ec-b109a192b4c2} Gmail Notifier (Not verified) Google Inc. c:\program files\google\gmail notifier\g001-1.0.25.0\gnotify.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
+ hpoddt01.exe.lnk hpotdd01 (Not verified) Hewlett-Packard c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe
+ Logitech Desktop Messenger.lnk LDM Configuration Application (Not verified) Logitech c:\program files\logitech\desktop messenger\8876480\program\ldmconf.exe
C:\Documents and Settings\Owner\Start Menu\Programs\Startup
+ Xfire.lnk Xfire (Not verified) Xfire Inc. c:\program files\xfire\xfire.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
+ ctfmon.exe CTF Loader Microsoft Windows XP Publisher c:\windows\system32\ctfmon.exe
+ MSMSGS Messenger (Not verified) Microsoft Corporation c:\program files\messenger\msmsgs.exe
HKLM\System\CurrentControlSet\Services
+ AudioSrv Manages audio devices for Windows-based programs. If this service is stopped, audio devices and effects will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ BITS Uses idle network bandwidth to transfer data. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ Browser Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ CryptSvc Provides three management services: Catalog Database Service, which confirms the signatures of Windows files; Protected Root Service, which adds and removes Trusted Root Certification Authority certificates from this computer; and Key Service, which helps enroll this computer for certificates. If this service is stopped, these management services will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ Dhcp Manages network configuration by registering and updating IP addresses and DNS names. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ Dnscache Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ dvpapi Dynamic Virus Protection (Not verified) Command Software Systems, Inc. c:\program files\common files\command software\dvpapi.exe
+ ERSvc Allows error reporting for services and applictions running in non-standard environments. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ Eventlog Enables event log messages issued by Windows-based programs and components to be viewed in Event Viewer. This service cannot be stopped. Microsoft Windows XP Publisher c:\windows\system32\services.exe
+ helpsvc Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ lanmanserver Supports file, print, and named-pipe sharing over the network for this computer. If this service is stopped, these functions will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ lanmanworkstation Creates and maintains client network connections to remote servers. If this service is stopped, these connections will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ LmHosts Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ MDM Supports local and remote debugging for Visual Studio and script debuggers. If this service is stopped, the debuggers will not function properly. Microsoft Corporation c:\program files\common files\microsoft shared\vs7debug\mdm.exe
+ Messenger Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will not be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ NVSvc NVIDIA Driver Helper Service, Version 42.01 Microsoft Windows Hardware Compatibility Publisher c:\windows\system32\nvsvc32.exe
+ PlugPlay Enables a computer to recognize and adapt to hardware changes with little or no user input. Stopping or disabling this service will result in system instability. Microsoft Windows XP Publisher c:\windows\system32\services.exe
+ PolicyAgent Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver. Microsoft Windows XP Publisher c:\windows\system32\lsass.exe
+ ProtectedStorage Provides protected storage for sensitive data, such as private keys, to prevent access by unauthorized services, processes, or users. Microsoft Windows XP Publisher c:\windows\system32\lsass.exe
+ RpcSs Provides the endpoint mapper and other miscellaneous RPC services. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ SamSs Stores security information for local user accounts. Microsoft Windows XP Publisher c:\windows\system32\lsass.exe
+ Schedule Enables a user to configure and schedule automated tasks on this computer. If this service is stopped, these tasks will not be run at their scheduled times. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ ScsiAccess c:\windows\system32\scsiaccess.exe
+ seclogon Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ SENS Tracks system events such as Windows logon, network, and power events. Notifies COM+ Event System subscribers of these events. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ ShellHWDetection Generic Host Process for Win32 Services Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ Spooler Loads files to memory for later printing. Microsoft Windows XP Publisher c:\windows\system32\spoolsv.exe
+ srservice Performs system restore functions. To stop service, turn off System Restore from the System Restore tab in My Computer->Properties Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ stisvc Provides image acquisition services for scanners and cameras. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ Themes Provides user experience theme management. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ TrkWks Maintains links between NTFS files within a computer or across computers in a network domain. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ UMWdf Enables Windows user mode drivers. Microsoft Windows Component Publisher c:\windows\system32\wdfmgr.exe
+ uploadmgr Manages synchronous and asynchronous file transfers between clients and servers on the network. If this service is stopped, synchronous and asynchronous file transfers between clients and servers on the network will not occur. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ W32Time Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ WANMiniportService Wan Miniport (ATW) Service (Not verified) America Online, Inc. c:\windows\wanmpsvc.exe
+ WebClient Enables Windows-based programs to create, access, and modify Internet-based files. If this service is stopped, these functions will not be available. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ winmgmt Provides a common interface and object model to access management information about operating system, devices, applications and services. If this service is stopped, most Windows-based software will not function properly. If this service is disabled, any services that explicitly depend on it will fail to start. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ wuauserv Enables the download and installation of critical Windows updates. If the service is disabled, the operating system can be manually updated at the Windows Update Web site. Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
+ WZCSVC Provides automatic configuration for the 802.11 adapters Microsoft Windows XP Publisher c:\windows\system32\svchost.exe
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
+ Address Book 6 Outlook Express Setup Library Microsoft Windows XP Publisher c:\program files\outlook express\setup50.exe
+ Browser Customizations Microsoft Internet Explorer Customization DLL Microsoft Windows XP Publisher c:\windows\system32\iedkcs32.dll
+ Fax ADVPACK Microsoft Windows XP Publisher c:\windows\system32\advpack.dll
+ Internet Explorer Windows NT User Data Migration Tool Microsoft Windows XP Publisher c:\windows\system32\shmgrate.exe
+ Internet Explorer Windows Setup API Microsoft Windows XP Publisher c:\windows\system32\setupapi.dll
+ Internet Explorer 6 IE 5.0 Per-User Install Utility Microsoft Windows XP Publisher c:\windows\system32\ie4uinit.exe
+ Microsoft Outlook Express 6 Outlook Express Setup Library Microsoft Windows XP Publisher c:\program files\outlook express\setup50.exe
+ Microsoft Windows Media Player ADVPACK Microsoft Windows XP Publisher c:\windows\system32\advpack.dll
+ NetMeeting 3.01 ADVPACK Microsoft Windows XP Publisher c:\windows\system32\advpack.dll
+ Outlook Express Windows NT User Data Migration Tool Microsoft Windows XP Publisher c:\windows\system32\shmgrate.exe
+ Themes Setup Microsoft© Register Server Microsoft Windows XP Publisher c:\windows\system32\regsvr32.exe
+ Windows Desktop Update Microsoft© Register Server Microsoft Windows XP Publisher c:\windows\system32\regsvr32.exe
+ Windows Media Player Microsoft Windows Media Player Setup Utility Microsoft Windows Component Publisher c:\windows\inf\unregmp2.exe
+ Windows Messenger ADVPACK Microsoft Windows XP Publisher c:\windows\system32\advpack.dll
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
+ Browseui preloader Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Component Categories cache daemon Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
+ CDBurn Windows Shell Common Dll Microsoft Windows XP Publisher c:\windows\system32\shell32.dll
+ PostBootReminder Windows Shell Common Dll Microsoft Windows XP Publisher c:\windows\system32\shell32.dll
+ SysTray Systray shell service object Microsoft Windows XP Publisher c:\windows\system32\stobject.dll
+ WebCheck Web Site Monitor Microsoft Windows XP Publisher c:\windows\system32\webcheck.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
+ shell32.dll Windows Shell Common Dll Microsoft Windows XP Publisher c:\windows\system32\shell32.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ %DESC_PublishDropTarget% Photo Printing Wizard Microsoft Windows XP Publisher c:\windows\system32\photowiz.dll
+ &Address Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ .CAB file viewer Cabinet File Viewer Shell Extension Microsoft Windows XP Publisher c:\windows\system32\cabview.dll
+ Accessible Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ ActiveX Cache Folder Object Control Viewer Microsoft Windows XP Publisher c:\windows\system32\occache.dll
+ Address Bar Parser Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Address EditBox Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Administrative Tools Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ America Online AOL Shell Extension (Not verified) America Online, Inc. c:\program files\common files\aolshare\shell\us\shellext.dll
+ Audio Media Properties Handler Media File Property Extractor Shell Extension Microsoft Windows XP Publisher c:\windows\system32\shmedia.dll
+ Augmented Shell Folder Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Augmented Shell Folder 2 Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Auto Update Property Sheet Extension Automatic Updates Control Panel Microsoft Windows XP Publisher c:\windows\system32\wuaucpl.cpl
+ Avi Properties Handler Media File Property Extractor Shell Extension Microsoft Windows XP Publisher c:\windows\system32\shmedia.dll
+ BandProxy Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Briefcase Windows Briefcase Microsoft Windows XP Publisher c:\windows\system32\syncui.dll
+ CDF Extension Copy Hook Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ Channel File Channel Definition File Viewer Microsoft Windows XP Publisher c:\windows\system32\cdfview.dll
+ Channel Handler Object Channel Definition File Viewer Microsoft Windows XP Publisher c:\windows\system32\cdfview.dll
+ Channel Menu Channel Definition File Viewer Microsoft Windows XP Publisher c:\windows\system32\cdfview.dll
+ Channel Properties Channel Definition File Viewer Microsoft Windows XP Publisher c:\windows\system32\cdfview.dll
+ Channel Shortcut Channel Definition File Viewer Microsoft Windows XP Publisher c:\windows\system32\cdfview.dll
+ Code Download Agent Web Site Monitor Microsoft Windows XP Publisher c:\windows\system32\webcheck.dll
+ Compatibility Page Compatibility Tab Shell Extension DLL Microsoft Windows XP Publisher c:\windows\system32\slayerxp.dll
+ Compressed (zipped) Folder Compressed (zipped) Folders Microsoft Windows XP Publisher c:\windows\system32\zipfldr.dll
+ Compressed (zipped) Folder Right Drag Handler Compressed (zipped) Folders Microsoft Windows XP Publisher c:\windows\system32\zipfldr.dll
+ Compressed (zipped) Folder SendTo Target Compressed (zipped) Folders Microsoft Windows XP Publisher c:\windows\system32\zipfldr.dll
+ ConnectionAgent Web Site Monitor Microsoft Windows XP Publisher c:\windows\system32\webcheck.dll
+ Crypto PKO Extension Crypto Shell Extensions Microsoft Windows XP Publisher c:\windows\system32\cryptext.dll
+ Crypto Sign Extension Crypto Shell Extensions Microsoft Windows XP Publisher c:\windows\system32\cryptext.dll
+ Custom MRU AutoCompleted List Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Darwin App Publisher Shell Application Manager Microsoft Windows XP Publisher c:\windows\system32\appwiz.cpl
+ Desktop Explorer NVIDIA Desktop Explorer, Version 42.01 Microsoft Windows Hardware Compatibility Publisher c:\windows\system32\nvshell.dll
+ Desktop Explorer Menu NVIDIA Desktop Explorer, Version 42.01 Microsoft Windows Hardware Compatibility Publisher c:\windows\system32\nvshell.dll
+ DfsShell Distributed File System shell extension Microsoft Windows XP Publisher c:\windows\system32\dfsshlex.dll
+ Directory Context Menu Verbs Directory Service Common UI Microsoft Windows XP Publisher c:\windows\system32\dsuiext.dll
+ Directory Object Find Directory Service Find Microsoft Windows XP Publisher c:\windows\system32\dsquery.dll
+ Directory Property UI Directory Service Common UI Microsoft Windows XP Publisher c:\windows\system32\dsuiext.dll
+ Directory Query UI Directory Service Find Microsoft Windows XP Publisher c:\windows\system32\dsquery.dll
+ Directory Start/Search Find Directory Service Find Microsoft Windows XP Publisher c:\windows\system32\dsquery.dll
+ Disk Copy Extension Windows DiskCopy Microsoft Windows XP Publisher c:\windows\system32\diskcopy.dll
+ Disk Quota UI Windows Shell Disk Quota UI DLL Microsoft Windows XP Publisher c:\windows\system32\dskquoui.dll
+ Display Adapter CPL Extension Advanced display adapter properties Microsoft Windows XP Publisher c:\windows\system32\deskadp.dll
+ Display Monitor CPL Extension Advanced display monitor properties Microsoft Windows XP Publisher c:\windows\system32\deskmon.dll
+ Display Panning CPL Extension File not found: deskpan.dll
+ Display TroubleShoot CPL Extension Advanced display performance properties Microsoft Windows XP Publisher c:\windows\system32\deskperf.dll
+ Download Status Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ DS Security Page Directory Service Security UI Microsoft Windows XP Publisher c:\windows\system32\dssec.dll
+ E-mail Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ Explorer Band Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ Favorites Band Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ Fonts Windows Font Folder Microsoft Windows XP Publisher c:\windows\system32\fontext.dll
+ Fonts Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ For &People... Find People Microsoft Windows Component Publisher c:\program files\outlook express\wabfind.dll
+ FTP Folders Webview Microsoft Internet Explorer FTP Folder Shell Extension Microsoft Windows XP Publisher c:\windows\system32\msieftp.dll
+ Fusion Cache Microsoft .NET Runtime Execution Engine (Not verified) Microsoft Corporation c:\windows\system32\mscoree.dll
+ GDI+ file thumbnail extractor Windows Picture and Fax Viewer Microsoft Windows XP Publisher c:\windows\system32\shimgvw.dll
+ Get a Passport Wizard Map Network Drives/Network Places Wizard Microsoft Windows XP Publisher c:\windows\system32\netplwiz.dll
+ Global Folder Settings Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Help and Support Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ Help and Support Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ History Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ HTML Thumbnail Extractor Windows Picture and Fax Viewer Microsoft Windows XP Publisher c:\windows\system32\shimgvw.dll
+ HyperTerminal Icon Ext HyperTerminal Applet Library Microsoft Windows XP Publisher c:\windows\system32\hticons.dll
+ ICC Profile Microsoft Color Matching System User Interface DLL Microsoft Windows XP Publisher c:\windows\system32\icmui.dll
+ ICM Monitor Management Microsoft Color Matching System User Interface DLL Microsoft Windows XP Publisher c:\windows\system32\icmui.dll
+ ICM Printer Management Microsoft Color Matching System User Interface DLL Microsoft Windows XP Publisher c:\windows\system32\icmui.dll
+ ICM Scanner Management Microsoft Color Matching System User Interface DLL Microsoft Windows XP Publisher c:\windows\system32\icmui.dll
+ IE4 Suite Splash Screen Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ In-pane search Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Installed Apps Enumerator Shell Application Manager Microsoft Windows XP Publisher c:\windows\system32\appwiz.cpl
+ Internet Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ Internet Name Space Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ InternetShortcut Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ ISFBand OC Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ KodakShellExtension Shell Extension Resource DLL (Not verified) Eastman Kodak Company c:\program files\common files\kodak\ifscore\kodakshx.dll
+ Media Band Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Microsoft Agent Character Property Sheet Handler Microsoft Agent Property Sheet Handler Microsoft Windows XP Publisher c:\windows\msagent\agentpsh.dll
+ Microsoft AutoComplete Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Microsoft Browser Architecture Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ Microsoft BrowserBand Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Microsoft Data Link Microsoft Data Access - OLE DB Core Services Microsoft Windows Component Publisher c:\program files\common files\system\ole db\oledb32.dll
+ Microsoft DocProp Inplace Calendar Control Microsoft DocProp Shell Ext Microsoft Windows XP Publisher c:\windows\system32\docprop2.dll
+ Microsoft DocProp Inplace Droplist Combo Control Microsoft DocProp Shell Ext Microsoft Windows XP Publisher c:\windows\system32\docprop2.dll
+ Microsoft DocProp Inplace Edit Box Control Microsoft DocProp Shell Ext Microsoft Windows XP Publisher c:\windows\system32\docprop2.dll
+ Microsoft DocProp Inplace ML Edit Box Control Microsoft DocProp Shell Ext Microsoft Windows XP Publisher c:\windows\system32\docprop2.dll
+ Microsoft DocProp Inplace Time Control Microsoft DocProp Shell Ext Microsoft Windows XP Publisher c:\windows\system32\docprop2.dll
+ Microsoft DocProp Shell Ext Microsoft DocProp Shell Ext Microsoft Windows XP Publisher c:\windows\system32\docprop2.dll
+ Microsoft History AutoComplete List Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Microsoft Internet Toolbar Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Microsoft Multiple AutoComplete List Container Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Microsoft Office HTML Icon Handler Microsoft Office 2003 component Microsoft Corporation c:\program files\microsoft office\office11\msohev.dll
+ Microsoft Office Outlook Custom Icon Handler Outlook Shell Hook for Start/Find Microsoft Corporation c:\program files\microsoft office\office11\olkfstub.dll
+ Microsoft Office Outlook Desktop Icon Handler Microsoft Shell Extension Library Microsoft Corporation c:\program files\microsoft office\office11\mlshext.dll
+ Microsoft Shell Folder AutoComplete List Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Microsoft Url History Service Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ Microsoft Url Search Hook Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ Midi Properties Handler Media File Property Extractor Shell Extension Microsoft Windows XP Publisher c:\windows\system32\shmedia.dll
+ MMC Icon Handler MMC Shell Extension DLL Microsoft Windows XP Publisher c:\windows\system32\mmcshext.dll
+ MRU AutoComplete List Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Multimedia File Property Sheet Control Panel Drivers Applet Microsoft Windows XP Publisher c:\windows\system32\mmsys.cpl
+ MyDocs Copy Hook My Documents Folder UI Microsoft Windows XP Publisher c:\windows\system32\mydocs.dll
+ MyDocs Drop Target My Documents Folder UI Microsoft Windows XP Publisher c:\windows\system32\mydocs.dll
+ MyDocs Properties My Documents Folder UI Microsoft Windows XP Publisher c:\windows\system32\mydocs.dll
+ Network Connections Network Connections Shell Microsoft Windows XP Publisher c:\windows\system32\netshell.dll
+ Network Connections Network Connections Shell Microsoft Windows XP Publisher c:\windows\system32\netshell.dll
+ NTFS Security Page Security Shell Extension Microsoft Windows XP Publisher c:\windows\system32\rshx32.dll
+ Offline Files Folder Client Side Caching UI Microsoft Windows XP Publisher c:\windows\system32\cscui.dll
+ Offline Files Folder Options Client Side Caching UI Microsoft Windows XP Publisher c:\windows\system32\cscui.dll
+ Offline Files Menu Client Side Caching UI Microsoft Windows XP Publisher c:\windows\system32\cscui.dll
+ OLE Docfile Property Page OLE DocFile Property Page Microsoft Windows XP Publisher c:\windows\system32\docprop.dll
+ PlusPack CPL Extension Windows Theme API Microsoft Windows XP Publisher c:\windows\system32\themeui.dll
+ Portable Media Devices Portable Media Devices Shell Extension Microsoft Windows Component Publisher c:\windows\system32\audiodev.dll
+ Portable Media Devices Menu Portable Media Devices Shell Extension Microsoft Windows Component Publisher c:\windows\system32\audiodev.dll
+ PostAgent Web Site Monitor Microsoft Windows XP Publisher c:\windows\system32\webcheck.dll
+ Previous Versions File not found: C:\WINDOWS\System32\twext.dll
+ Previous Versions Property Page File not found: C:\WINDOWS\System32\twext.dll
+ Print Ordering via the Web Map Network Drives/Network Places Wizard Microsoft Windows XP Publisher c:\windows\system32\netplwiz.dll
+ Printers Security Page Security Shell Extension Microsoft Windows XP Publisher c:\windows\system32\rshx32.dll
+ Registry Tree Options Utility Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Remote Sessions CPL Extension Remote Sessions CPL Extension Microsoft Windows XP Publisher c:\windows\system32\remotepg.dll
+ Run... Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ SampleView ShellvRTF (Not verified) XSS c:\windows\system32\shellvrtf.dll
+ Scanners & Cameras Imaging Devices Shell Folder UI Microsoft Windows XP Publisher c:\windows\system32\wiashext.dll
+ Scanners & Cameras Imaging Devices Shell Folder UI Microsoft Windows XP Publisher c:\windows\system32\wiashext.dll
+ Scanners & Cameras Imaging Devices Shell Folder UI Microsoft Windows XP Publisher c:\windows\system32\wiashext.dll
+ Scanners & Cameras Imaging Devices Shell Folder UI Microsoft Windows XP Publisher c:\windows\system32\wiashext.dll
+ Scanners & Cameras Imaging Devices Shell Folder UI Microsoft Windows XP Publisher c:\windows\system32\wiashext.dll
+ Scheduled Tasks Task Scheduler interface DLL Microsoft Windows XP Publisher c:\windows\system32\mstask.dll
+ Search Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ Search Assistant OC Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ Search Band Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Sendmail service Send Mail Microsoft Windows XP Publisher c:\windows\system32\sendmail.dll
+ Sendmail service Send Mail Microsoft Windows XP Publisher c:\windows\system32\sendmail.dll
+ Set Program Access and Defaults Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ Shell Application Manager Shell Application Manager Microsoft Windows XP Publisher c:\windows\system32\appwiz.cpl
+ Shell Automation Inproc Service Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ Shell Band Site Menu Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Shell DeskBar Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Shell DeskBarApp Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Shell DocObject Viewer Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ Shell extensions for Microsoft Windows Network objects Network object shell UI Microsoft Windows XP Publisher c:\windows\system32\ntlanui2.dll
+ Shell Extensions for RealOne Player RealPlayer Shell Extensions (Not verified) RealNetworks, Inc. c:\program files\real\realone player\rpshell.dll
+ Shell extensions for sharing Shell extensions for sharing Microsoft Windows XP Publisher c:\windows\system32\ntshrui.dll
+ Shell extensions for sharing Shell extensions for sharing Microsoft Windows XP Publisher c:\windows\system32\ntshrui.dll
+ Shell extensions for Windows Script Host Microsoft ® Shell Extension for Windows Script Host Microsoft Windows XP Publisher c:\windows\system32\wshext.dll
+ Shell Image Data Factory Windows Picture and Fax Viewer Microsoft Windows XP Publisher c:\windows\system32\shimgvw.dll
+ Shell Image Property Handler Windows Picture and Fax Viewer Microsoft Windows XP Publisher c:\windows\system32\shimgvw.dll
+ Shell Image Verbs Windows Picture and Fax Viewer Microsoft Windows XP Publisher c:\windows\system32\shimgvw.dll
+ Shell properties for a DS object Directory Service Find Microsoft Windows XP Publisher c:\windows\system32\dsquery.dll
+ Shell Publishing Wizard Object Map Network Drives/Network Places Wizard Microsoft Windows XP Publisher c:\windows\system32\netplwiz.dll
+ Shell Rebar BandSite Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Shell Scrap DataHandler Shell scrap object handler Microsoft Windows XP Publisher c:\windows\system32\shscrap.dll
+ Subscription Folder Web Site Monitor Microsoft Windows XP Publisher c:\windows\system32\webcheck.dll
+ Subscription Mgr Web Site Monitor Microsoft Windows XP Publisher c:\windows\system32\webcheck.dll
+ Summary Info Thumbnail handler (DOCFILES) Windows Picture and Fax Viewer Microsoft Windows XP Publisher c:\windows\system32\shimgvw.dll
+ Taskbar and Start Menu Windows Shell Common Dll Microsoft Windows XP Publisher c:\windows\system32\shell32.dll
+ Tasks Folder Icon Handler Task Scheduler interface DLL Microsoft Windows XP Publisher c:\windows\system32\mstask.dll
+ Tasks Folder Shell Extension Task Scheduler interface DLL Microsoft Windows XP Publisher c:\windows\system32\mstask.dll
+ Temporary Internet Files Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ Temporary Internet Files Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ The Internet Shell Doc Object and Control Library Microsoft Windows Component Publisher c:\windows\system32\shdocvw.dll
+ Track Popup Bar Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ TrayAgent Web Site Monitor Microsoft Windows XP Publisher c:\windows\system32\webcheck.dll
+ TridentImageExtractor Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ User Accounts Map Network Drives/Network Places Wizard Microsoft Windows XP Publisher c:\windows\system32\netplwiz.dll
+ User Assist Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ Video Media Properties Handler Media File Property Extractor Shell Extension Microsoft Windows XP Publisher c:\windows\system32\shmedia.dll
+ Video Thumbnail Extractor Media File Property Extractor Shell Extension Microsoft Windows XP Publisher c:\windows\system32\shmedia.dll
+ Wav Properties Handler Media File Property Extractor Shell Extension Microsoft Windows XP Publisher c:\windows\system32\shmedia.dll
+ Web Folders Microsoft Web Folders Microsoft Corporation c:\program files\common files\microsoft shared\web folders\mson-- The nicest hobby on Earth ;) --t.dll
+ Web Printer Shell Extension Print UI DLL Microsoft Windows XP Publisher c:\windows\system32\printui.dll
+ Web Publishing Wizard Map Network Drives/Network Places Wizard Microsoft Windows XP Publisher c:\windows\system32\netplwiz.dll
+ Web Search Shell Browser UI Library Microsoft Windows Component Publisher c:\windows\system32\browseui.dll
+ WebCheck Web Site Monitor Microsoft Windows XP Publisher c:\windows\system32\webcheck.dll
+ WebCheck SyncMgr Handler Web Site Monitor Microsoft Windows XP Publisher c:\windows\system32\webcheck.dll
+ WebCheckChannelAgent Web Site Monitor Microsoft Windows XP Publisher c:\windows\system32\webcheck.dll
+ WebCheckWebCrawler Web Site Monitor Microsoft Windows XP Publisher c:\windows\system32\webcheck.dll
+ Windows Media Player Add to Playlist Context Menu Handler Windows Media Player Launcher Microsoft Windows Component Publisher c:\windows\system32\wmpshell.dll
+ Windows Media Player Burn Audio CD Context Menu Handler Windows Media Player Launcher Microsoft Windows Component Publisher c:\windows\system32\wmpshell.dll
+ Windows Media Player Play as Playlist Context Menu Handler Windows Media Player Launcher Microsoft Windows Component Publisher c:\windows\system32\wmpshell.dll
+ WinRAR shell extension c:\program files\winrar\rarext.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing, Inc. c:\program files\winzip\wzshlstb.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing, Inc. c:\program files\winzip\wzshlstb.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing, Inc. c:\program files\winzip\wzshlstb.dll
+ WinZip WinZip Shell Extension DLL (Not verified) WinZip Computing, Inc. c:\program files\winzip\wzshlstb.dll
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
+ AcroIEHlprObj Class Adobe Acrobat IE Helper Version 7.0 for ActiveX Adobe Systems, Incorporated c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll
+ Google Toolbar Helper Google IE Client Toolbar (Not verified) Google Inc. c:\program files\google\googletoolbar1.dll
HKLM\Software\Microsoft\Internet Explorer\Toolbar
+ googletoolbar1.dll Google IE Client Toolbar (Not verified) Google Inc. c:\program files\google\googletoolbar1.dll
+ msdxm.ocx Windows Media Player 2 ActiveX Control Microsoft Windows Component Publisher c:\windows\system32\msdxm.ocx
HKLM\Software\Microsoft\Internet Explorer\Extensions
+ MoneySide MoneySide Controls (Not verified) Microsoft Corporation c:\program files\microsoft money\system\mnyside.dll
+ Sun Java Console Java Plug-in 1.5.0_04 for Netscape Navigator (DLL Helper) (Not verified) Sun Microsystems, Inc. c:\program files\java\jre1.5.0_04\bin\npjpi150_04.dll
+ Windows Messenger Messenger (Not verified) Microsoft Corporation c:\program files\messenger\msmsgs.exe
Task Scheduler
+ Symantec NetDetect.job Symantec NetDetect Symantec Corporation c:\program files\symantec\liveupdate\ndetect.exe
HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute
+ autocheck autochk * Auto Check Utility Microsoft Windows XP Publisher c:\windows\system32\autochk.exe
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
+ Your Image File Name Here without a path Symbolic Debugger for Windows 2000 Microsoft Windows XP Publisher c:\windows\system32\ntsd.exe
HKLM\System\CurrentControlSet\Control\Session Manager\KnownDlls
+ advapi32 Advanced Windows 32 Base API Microsoft Windows XP Publisher c:\windows\system32\advapi32.dll
+ comdlg32 Common Dialogs DLL Microsoft Windows XP Publisher c:\windows\system32\comdlg32.dll
+ DllDirectory c:\windows\system32
+ gdi32 GDI Client DLL Microsoft Windows XP Publisher c:\windows\system32\gdi32.dll
+ imagehlp Windows NT Image Helper Microsoft Windows XP Publisher c:\windows\system32\imagehlp.dll
+ kernel32 Windows NT BASE API Client DLL Microsoft Windows XP Publisher c:\windows\system32\kernel32.dll
+ lz32 LZ Expand/Compress API DLL Microsoft Windows XP Publisher c:\windows\system32\lz32.dll
+ ole32 Microsoft OLE for Windows Microsoft Windows XP Publisher c:\windows\system32\ole32.dll
+ oleaut32 Microsoft OLE 3.50 for Windows NT™ and Windows 95™ Operating Systems Microsoft Windows XP Publisher c:\windows\system32\oleaut32.dll
+ olecli32 Object Linking and Embedding Client Library Microsoft Windows XP Publisher c:\windows\system32\olecli32.dll
+ olecnv32 Microsoft OLE for Windows Microsoft Windows XP Publisher c:\windows\system32\olecnv32.dll
+ olesvr32 Object Linking and Embedding Server Library Microsoft Windows XP Publisher c:\windows\system32\olesvr32.dll
+ olethk32 Microsoft OLE for Windows Microsoft Windows XP Publisher c:\windows\system32\olethk32.dll
+ rpcrt4 Remote Procedure Call Runtime Microsoft Windows XP Publisher c:\windows\system32\rpcrt4.dll
+ shell32 Windows Shell Common Dll Microsoft Windows XP Publisher c:\windows\system32\shell32.dll
+ url Internet Shortcut Shell Extension DLL Microsoft Windows XP Publisher c:\windows\system32\url.dll
+ urlmon OLE32 Extensions for Win32 Microsoft Windows Component Publisher c:\windows\system32\urlmon.dll
+ user32 Windows XP USER API Client DLL Microsoft Windows XP Publisher c:\windows\system32\user32.dll
+ version Version Checking and File Installation Libraries Microsoft Windows XP Publisher c:\windows\system32\version.dll
+ wininet Internet Extensions for Win32 Microsoft Windows Component Publisher c:\windows\system32\wininet.dll
+ wldap32 Win32 LDAP API DLL Microsoft Windows XP Publisher c:\windows\system32\wldap32.dll
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
+ cscdll Offline Network Agent Microsoft Windows XP Publisher c:\windows\system32\cscdll.dll
+ ScCertProp Common DLL to receive Winlogon notifications Microsoft Windows XP Publisher c:\windows\system32\wlnotify.dll
+ Schedule Common DLL to receive Winlogon notifications Microsoft Windows XP Publisher c:\windows\system32\wlnotify.dll
+ SensLogn Common DLL to receive Winlogon notifications Microsoft Windows XP Publisher c:\windows\system32\wlnotify.dll
+ termsrv Common DLL to receive Winlogon notifications Microsoft Windows XP Publisher c:\windows\system32\wlnotify.dll
+ wlballoon Common DLL to receive Winlogon notifications Microsoft Windows XP Publisher c:\windows\system32\wlnotify.dll
HKCU\Control Panel\Desktop\Scrnsave.exe
+ C:\WINDOWS\System32\scrnsave.scr Default Screen Saver Microsoft Windows XP Publisher c:\windows\system32\scrnsave.scr
HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{74EC5576-B00E-4F05-B808-311012C46F9D}] DATAGRAM 3 Microsoft Windows Sockets 2.0 Service Provider Microsoft Windows XP Publisher c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{74EC5576-B00E-4F05-B808-311012C46F9D}] SEQPACKET 3 Microsoft Windows Sockets 2.0 Service Provider Microsoft Windows XP Publisher c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{935F9DED-499A-4B98-AEAB-6EF08072690F}] DATAGRAM 0 Microsoft Windows Sockets 2.0 Service Provider Microsoft Windows XP Publisher c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{935F9DED-499A-4B98-AEAB-6EF08072690F}] SEQPACKET 0 Microsoft Windows Sockets 2.0 Service Provider Microsoft Windows XP Publisher c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{A7291B3D-D1FC-4368-B312-9DE13F0D0EF6}] DATAGRAM 1 Microsoft Windows Sockets 2.0 Service Provider Microsoft Windows XP Publisher c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{A7291B3D-D1FC-4368-B312-9DE13F0D0EF6}] SEQPACKET 1 Microsoft Windows Sockets 2.0 Service Provider Microsoft Windows XP Publisher c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{A8F5E4D8-AEA6-4FF4-AB81-3ACEDA615A6B}] DATAGRAM 2 Microsoft Windows Sockets 2.0 Service Provider Microsoft Windows XP Publisher c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{A8F5E4D8-AEA6-4FF4-AB81-3ACEDA615A6B}] SEQPACKET 2 Microsoft Windows Sockets 2.0 Service Provider Microsoft Windows XP Publisher c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{D03AFC3D-3DD3-4555-94AB-2D747CD0FC20}] DATAGRAM 6 Microsoft Windows Sockets 2.0 Service Provider Microsoft Windows XP Publisher c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{D03AFC3D-3DD3-4555-94AB-2D747CD0FC20}] SEQPACKET 6 Microsoft Windows Sockets 2.0 Service Provider Microsoft Windows XP Publisher c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{D3FF70AB-EB21-4FC2-82BB-CA492147C419}] DATAGRAM 4 Microsoft Windows Sockets 2.0 Service Provider Microsoft Windows XP Publisher c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{D3FF70AB-EB21-4FC2-82BB-CA492147C419}] SEQPACKET 4 Microsoft Windows Sockets 2.0 Service Provider Microsoft Windows XP Publisher c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{F3944DBD-72C3-46DC-9E60-A2000A1C333A}] DATAGRAM 5 Microsoft Windows Sockets 2.0 Service Provider Microsoft Windows XP Publisher c:\windows\system32\mswsock.dll
+ MSAFD NetBIOS [\Device\NetBT_Tcpip_{F3944DBD-72C3-46DC-9E60-A2000A1C333A}] SEQPACKET 5 Microsoft Windows Sockets 2.0 Service Provider Microsoft Windows XP Publisher c:\windows\system32\mswsock.dll
+ MSAFD Tcpip [RAW/IP] Microsoft Windows Sockets 2.0 Service Provider Microsoft Windows XP Publisher c:\windows\system32\mswsock.dll
+ MSAFD Tcpip [TCP/IP] Microsoft Windows Sockets 2.0 Service Provider Microsoft Windows XP Publisher c:\windows\system32\mswsock.dll
+ MSAFD Tcpip [UDP/IP] Microsoft Windows Sockets 2.0 Service Provider Microsoft Windows XP Publisher c:\windows\system32\mswsock.dll
+ RSVP TCP Service Provider Microsoft Windows Rsvp 1.0 Service Provider Microsoft Windows XP Publisher c:\windows\system32\rsvpsp.dll
+ RSVP UDP Service Provider Microsoft Windows Rsvp 1.0 Service Provider Microsoft Windows XP Publisher c:\windows\system32\rsvpsp.dll