Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Need this log checked by someone who knows what it is.

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Need this log checked by someone who knows what it is.

Unread postby Enough already » August 13th, 2008, 6:39 pm

It seems the problems I've been having relate to my router or firewall. Your input will help me eliminate the items on this log if they are OK. Please tell me if you see something in this report needing correction and thanks.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:14:49 PM, on 8/13/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\Taskmgr.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Users\Cynthia\Desktop\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe"
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware (PcScnSrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcScnSrv.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe (file missing)
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe (file missing)
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe

--
End of file - 1896 bytes
Enough already
Active Member
 
Posts: 2
Joined: August 13th, 2008, 6:23 pm
Advertisement
Register to Remove

Re: Need this log checked by someone who knows what it is.

Unread postby suebaby41 » August 15th, 2008, 3:20 pm

Welcome to the Malware removal Forums. Since it has been a few days since you scanned your computer with HijackThis, please post a new HijackThis Log. Please describe the problems you are having. Thank you for your patience.

If you have already posted this log at another forum or if you decide to seek help at another forum, please let us know. There is a shortage of helpers and taking the time of two volunteer helpers means that someone else may not be helped.
User avatar
suebaby41
MRU Master
MRU Master
 
Posts: 2053
Joined: February 8th, 2005, 7:38 pm

Re: Need this log checked by someone who knows what it is.

Unread postby Enough already » August 18th, 2008, 6:54 pm

Hi, Sue -
I am having the most trouble with accessing my administrative functions. I am the only user on my laptop and found many concerns related to Vista and WMI, such as shared drives and many items "greyed out" when I attempt to remove "Authenticated Users", etc. I have found several files with properties that include "Everyone" as users. I am including a "HijackPatrol.log" by WinPatrol as it seems more expansive (and I don't know what is useful and what isn't). Thanks for your response and I have not posted this or the "Hijack This" log on any other sites.
Thanks again,
Cynthia

Log created by WinPatrol PLUS version 15.5.2008.0:15.5.2008.0
Scan saved at 5:42:53 PM, on 8/18/2008
Platform: Windows Vista SP1 Service Pack 1 (Build 6001)
MSIE: Internet Explorer (7.00.6000.16386)
Boot mode: Normal

Running processes:
C:\Windows\System32\dwm.exe
C:\Windows\explorer.exe
C:\PROGRAM FILES\TREND MICRO\INTERNET SECURITY 2007\pccguide.exe
C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROL.EXE
C:\PROGRAM FILES\WINDOWS SIDEBAR\sidebar.exe
C:\Windows\System32\taskmgr.exe
C:\PROGRAM FILES\INTERNET EXPLORER\iexplore.exe
C:\PROGRAM FILES\INTERNET EXPLORER\ieuser.exe
C:\Windows\System32\SEARCHFILTERHOST.EXE
C:\PROGRAM FILES\BILLP STUDIOS\WINPATROL\WINPATROLEX.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
O1 - Hosts: 127.0.0.
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O4 - HKLM\..\Run: [pccguide.exe]C:\Program Files\Trend Micro\Internet Security 2007\pccguide.exe
O4 - HKLM\..\Run: [WinPatrol PLUS]C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKCU\..\Run: [Sidebar]C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O11 - Options group: [] -
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} (http://fpdownload.macromedia.com/get/fl ... /ultrashim) - http://fpdownload.macromedia.com/get/fl ... rashim.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.co ... nos/gp.cab
O23 - Service: Application Experience - Microsoft Corporation - C:\Windows\System32\aelupsvc.dll
O23 - Service: Application Layer Gateway Service - Microsoft Corporation - C:\Windows\System32\alg.exe
O23 - Service: Application Information - Microsoft Corporation - C:\Windows\System32\appinfo.dll
O23 - Service: Application Management - Microsoft Corporation - C:\Windows\System32\appmgmts.dll
O23 - Service: Windows Audio Endpoint Builder - Microsoft Corporation - C:\Windows\System32\audiosrv.dll
O23 - Service: Windows Audio - Microsoft Corporation - C:\Windows\System32\audiosrv.dll
O23 - Service: ActiveX Installer (AxInstSV) - Microsoft Corporation - C:\Windows\System32\AxInstSv.dll
O23 - Service: Base Filtering Engine - Microsoft Corporation - C:\Windows\System32\BFE.DLL
O23 - Service: Background Intelligent Transfer Service - Microsoft Corporation - C:\Windows\System32\qmgr.dll
O23 - Service: Computer Browser - Microsoft Corporation - C:\Windows\System32\browser.dll
O23 - Service: Certificate Propagation - Microsoft Corporation - C:\Windows\System32\certprop.dll
O23 - Service: Indexing Service - Microsoft Corporation - C:\Windows\System32\CISVC.EXE
O23 - Service: Microsoft .NET Framework NGEN v2.0.50727_X86 - Microsoft Corporation - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
O23 - Service: COM+ System Application - - C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
O23 - Service: Cryptographic Services - Microsoft Corporation - C:\Windows\System32\cryptsvc.dll
O23 - Service: Offline Files - Microsoft Corporation - C:\Windows\System32\cscsvc.dll
O23 - Service: DCOM Server Process Launcher - Microsoft Corporation - C:\Windows\System32\rpcss.dll
O23 - Service: DHCP Client - Microsoft Corporation - C:\Windows\System32\dhcpcsvc.dll
O23 - Service: DNS Client - Microsoft Corporation - C:\Windows\System32\dnsrslvr.dll
O23 - Service: Wired AutoConfig - Microsoft Corporation - C:\Windows\System32\dot3svc.dll
O23 - Service: Diagnostic Policy Service - Microsoft Corporation - C:\Windows\System32\dps.dll
O23 - Service: Extensible Authentication Protocol - Microsoft Corporation - C:\Windows\System32\eapsvc.dll
O23 - Service: Windows Media Center Receiver Service - Microsoft Corporation - C:\Windows\ehome\ehrecvr.exe
O23 - Service: Windows Media Center Scheduler Service - Microsoft Corporation - C:\Windows\ehome\ehsched.exe
O23 - Service: Windows Media Center Service Launcher - Microsoft Corporation - C:\Windows\ehome\ehstart.dll
O23 - Service: ReadyBoost - Microsoft Corporation - C:\Windows\System32\emdmgmt.dll
O23 - Service: Windows Event Log - - C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
O23 - Service: COM+ Event System - Microsoft Corporation - C:\Windows\System32\es.dll
O23 - Service: Fax - Microsoft Corporation - C:\Windows\System32\FXSSVC.exe
O23 - Service: Function Discovery Provider Host - Microsoft Corporation - C:\Windows\System32\fdPHost.dll
O23 - Service: Function Discovery Resource Publication - Microsoft Corporation - C:\Windows\System32\FDResPub.dll
O23 - Service: Windows Presentation Foundation Font Cache 3.0.0.0 - Microsoft Corporation - C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
O23 - Service: Group Policy Client - Microsoft Corporation - C:\Windows\System32\gpsvc.dll
O23 - Service: Human Interface Device Access - Microsoft Corporation - C:\Windows\System32\hidserv.dll
O23 - Service: Health Key and Certificate Management - Microsoft Corporation - C:\Windows\System32\KMSVC.DLL
O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Windows CardSpace - Microsoft Corporation - C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
O23 - Service: IKE and AuthIP IPsec Keying Modules - Microsoft Corporation - C:\Windows\System32\IKEEXT.DLL
O23 - Service: PnP-X IP Bus Enumerator - Microsoft Corporation - C:\Windows\System32\ipbusenum.dll
O23 - Service: IP Helper - Microsoft Corporation - C:\Windows\System32\iphlpsvc.dll
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CNG Key Isolation - Microsoft Corporation - C:\Windows\System32\lsass.exe
O23 - Service: KtmRm for Distributed Transaction Coordinator - Microsoft Corporation - C:\Windows\System32\msdtckrm.dll
O23 - Service: Server - Microsoft Corporation - C:\Windows\System32\srvsvc.dll
O23 - Service: Workstation - Microsoft Corporation - C:\Windows\System32\wkssvc.dll
O23 - Service: Link-Layer Topology Discovery Mapper - Microsoft Corporation - C:\Windows\System32\lltdsvc.dll
O23 - Service: TCP/IP NetBIOS Helper - Microsoft Corporation - C:\Windows\System32\lmhsvc.dll
O23 - Service: Windows Media Center Extender Service - Microsoft Corporation - C:\Windows\System32\Mcx2Svc.dll
O23 - Service: Machine Debug Manager - Microsoft Corporation - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
O23 - Service: Microsoft Office Groove Audit Service - Microsoft Corporation - C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
O23 - Service: Multimedia Class Scheduler - Microsoft Corporation - C:\Windows\System32\mmcss.dll
O23 - Service: Windows Firewall - Microsoft Corporation - C:\Windows\System32\MPSSVC.dll
O23 - Service: Distributed Transaction Coordinator - Microsoft Corporation - C:\Windows\System32\msdtc.exe
O23 - Service: Microsoft iSCSI Initiator Service - Microsoft Corporation - C:\Windows\System32\iscsiexe.dll
O23 - Service: Message Queuing - Microsoft Corporation - C:\Windows\System32\mqsvc.exe
O23 - Service: Network Access Protection Agent - Microsoft Corporation - C:\Windows\System32\QAGENTRT.DLL
O23 - Service: Net Driver HPZ12 - Hewlett-Packard - C:\Windows\System32\HPZinw12.dll
O23 - Service: Netlogon - Microsoft Corporation - C:\Windows\System32\lsass.exe
O23 - Service: Network Connections - Microsoft Corporation - C:\Windows\System32\netman.dll
O23 - Service: Network List Service - Microsoft Corporation - C:\Windows\System32\netprofm.dll
O23 - Service: Net.Tcp Port Sharing Service - Microsoft Corporation - C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
O23 - Service: Network Location Awareness - Microsoft Corporation - C:\Windows\System32\nlasvc.dll
O23 - Service: Network Store Interface Service - Microsoft Corporation - C:\Windows\System32\nsisvc.dll
O23 - Service: Microsoft Office Diagnostics Service - Microsoft Corporation - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
O23 - Service: Office Source Engine - Microsoft Corporation - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service: Peer Networking Identity Manager - Microsoft Corporation - C:\Windows\System32\p2psvc.dll
O23 - Service: Peer Networking Grouping - Microsoft Corporation - C:\Windows\System32\p2psvc.dll
O23 - Service: Program Compatibility Assistant Service - Microsoft Corporation - C:\Windows\System32\pcasvc.dll
O23 - Service: Trend Micro Central Control Component - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security 2007\PcCtlCom.exe
O23 - Service: Trend Micro Protection Against Spyware - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security 2007\PcScnSrv.exe
O23 - Service: Performance Logs & Alerts - Microsoft Corporation - C:\Windows\System32\pla.dll
O23 - Service: Plug and Play - Microsoft Corporation - C:\Windows\System32\umpnpmgr.dll
O23 - Service: Pml Driver HPZ12 - Hewlett-Packard - C:\Windows\System32\HPZipm12.dll
O23 - Service: PNRP Machine Name Publication Service - Microsoft Corporation - C:\Windows\System32\p2psvc.dll
O23 - Service: Peer Name Resolution Protocol - Microsoft Corporation - C:\Windows\System32\p2psvc.dll
O23 - Service: IPsec Policy Agent - Microsoft Corporation - C:\Windows\System32\IPSECSVC.DLL
O23 - Service: User Profile Service - Microsoft Corporation - C:\Windows\System32\profsvc.dll
O23 - Service: Protected Storage - Microsoft Corporation - C:\Windows\System32\lsass.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) - - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: Quality Windows Audio Video Experience - Microsoft Corporation - C:\Windows\System32\qwave.dll
O23 - Service: Remote Access Auto Connection Manager - Microsoft Corporation - C:\Windows\System32\rasauto.dll
O23 - Service: Remote Access Connection Manager - Microsoft Corporation - C:\Windows\System32\rasmans.dll
O23 - Service: Routing and Remote Access - Microsoft Corporation - C:\Windows\System32\mprdim.dll
O23 - Service: Remote Registry - Microsoft Corporation - C:\Windows\System32\regsvc.dll
O23 - Service: Roxio UPnP Renderer 9 - - C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
O23 - Service: Roxio Upnp Server 9 - - C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
O23 - Service: LiveShare P2P Server 9 - - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 - - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: Remote Procedure Call (RPC) Locator - Microsoft Corporation - C:\Windows\System32\Locator.exe
O23 - Service: Remote Procedure Call (RPC) - Microsoft Corporation - C:\Windows\System32\rpcss.dll
O23 - Service: Security Accounts Manager - Microsoft Corporation - C:\Windows\System32\lsass.exe
O23 - Service: Smart Card - Microsoft Corporation - C:\Windows\System32\SCardSvr.dll
O23 - Service: Task Scheduler - Microsoft Corporation - C:\Windows\System32\schedsvc.dll
O23 - Service: Smart Card Removal Policy - Microsoft Corporation - C:\Windows\System32\certprop.dll
O23 - Service: Windows Backup - Microsoft Corporation - C:\Windows\System32\sdrsvc.dll
O23 - Service: Secondary Logon - Microsoft Corporation - C:\Windows\System32\seclogon.dll
O23 - Service: System Event Notification Service - Microsoft Corporation - C:\Windows\System32\Sens.dll
O23 - Service: Terminal Services Configuration - Microsoft Corporation - C:\Windows\System32\SessEnv.dll
O23 - Service: Internet Connection Sharing (ICS) - Microsoft Corporation - C:\Windows\System32\ipnathlp.dll
O23 - Service: Shell Hardware Detection - Microsoft Corporation - C:\Windows\System32\shsvcs.dll
O23 - Service: Simple TCP/IP Services - Microsoft Corporation - C:\Windows\System32\TCPSVCS.EXE
O23 - Service: Software Licensing - Microsoft Corporation - C:\Windows\System32\SLsvc.exe
O23 - Service: SL UI Notification Service - Microsoft Corporation - C:\Windows\System32\SLUINotify.dll
O23 - Service: SNMP Service - Microsoft Corporation - C:\Windows\System32\snmp.exe
O23 - Service: SNMP Trap - Microsoft Corporation - C:\Windows\System32\snmptrap.exe
O23 - Service: Print Spooler - Microsoft Corporation - C:\Windows\System32\spoolsv.exe
O23 - Service: SSDP Discovery - Microsoft Corporation - C:\Windows\System32\ssdpsrv.dll
O23 - Service: Secure Socket Tunneling Protocol Service - Microsoft Corporation - C:\Windows\System32\sstpsvc.dll
O23 - Service: Windows Image Acquisition (WIA) - Microsoft Corporation - C:\Windows\System32\wiaservc.dll
O23 - Service: Microsoft Software Shadow Copy Provider - Microsoft Corporation - C:\Windows\System32\swprv.dll
O23 - Service: Superfetch - Microsoft Corporation - C:\Windows\System32\sysmain.dll
O23 - Service: Tablet PC Input Service - Microsoft Corporation - C:\Windows\System32\TabSvc.dll
O23 - Service: Telephony - Microsoft Corporation - C:\Windows\System32\tapisrv.dll
O23 - Service: TPM Base Services - Microsoft Corporation - C:\Windows\System32\tbssvc.dll
O23 - Service: Terminal Services - Microsoft Corporation - C:\Windows\System32\termsrv.dll
O23 - Service: Themes - Microsoft Corporation - C:\Windows\System32\shsvcs.dll
O23 - Service: Thread Ordering Server - Microsoft Corporation - C:\Windows\System32\mmcss.dll
O23 - Service: Trend Micro Real-time Service - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security 2007\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security 2007\TmPfw.exe
O23 - Service: Trend Micro Proxy Service - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security 2007\tmproxy.exe
O23 - Service: Distributed Link Tracking Client - Microsoft Corporation - C:\Windows\System32\trkwks.dll
O23 - Service: Windows Modules Installer - Microsoft Corporation - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: Interactive Services Detection - Microsoft Corporation - C:\Windows\System32\UI0Detect.exe
O23 - Service: Terminal Services UserMode Port Redirector - Microsoft Corporation - C:\Windows\System32\umrdp.dll
O23 - Service: UPnP Device Host - Microsoft Corporation - C:\Windows\System32\upnphost.dll
O23 - Service: Desktop Window Manager Session Manager - Microsoft Corporation - C:\Windows\System32\uxsms.dll
O23 - Service: Virtual Disk - Microsoft Corporation - C:\Windows\System32\vds.exe
O23 - Service: Volume Shadow Copy - Microsoft Corporation - C:\Windows\System32\VSSVC.exe
O23 - Service: Windows Time - Microsoft Corporation - C:\Windows\System32\w32time.dll
O23 - Service: Block Level Backup Engine Service - Microsoft Corporation - C:\Windows\System32\wbengine.exe
O23 - Service: Windows Connect Now - Config Registrar - Microsoft Corporation - C:\Windows\System32\wcncsvc.dll
O23 - Service: Windows Color System - Microsoft Corporation - C:\Windows\System32\WcsPlugInService.dll
O23 - Service: Diagnostic Service Host - Microsoft Corporation - C:\Windows\System32\wdi.dll
O23 - Service: Diagnostic System Host - Microsoft Corporation - C:\Windows\System32\wdi.dll
O23 - Service: WebClient - Microsoft Corporation - C:\Windows\System32\WebClnt.dll
O23 - Service: Windows Event Collector - Microsoft Corporation - C:\Windows\System32\wecsvc.dll
O23 - Service: Problem Reports and Solutions Control Panel Support - Microsoft Corporation - C:\Windows\System32\wercplsupport.dll
O23 - Service: Windows Error Reporting Service - Microsoft Corporation - C:\Windows\System32\wersvc.dll
O23 - Service: Windows Defender - Microsoft Corporation - C:\Program Files\Windows Defender\MpSvc.dll
O23 - Service: WinHTTP Web Proxy Auto-Discovery Service - Microsoft Corporation - winhttp.dll
O23 - Service: Windows Management Instrumentation - Microsoft Corporation - C:\Windows\System32\wbem\WMIsvc.dll
O23 - Service: Windows Remote Management (WS-Management) - Microsoft Corporation - C:\Windows\System32\WsmSvc.dll
O23 - Service: WLAN AutoConfig - Microsoft Corporation - C:\Windows\System32\wlansvc.dll
O23 - Service: WMI Performance Adapter - Microsoft Corporation - C:\Windows\System32\wbem\WmiApSrv.exe
O23 - Service: Windows Media Player Network Sharing Service - Microsoft Corporation - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: Parental Controls - Microsoft Corporation - C:\Windows\System32\wpcsvc.dll
O23 - Service: Portable Device Enumerator Service - Microsoft Corporation - C:\Windows\System32\wpdbusenum.dll
O23 - Service: Security Center - Microsoft Corporation - C:\Windows\System32\wscsvc.dll
O23 - Service: Windows Search - - C:\Windows\system32\SearchIndexer.exe /Embedding
O23 - Service: Windows Update - Microsoft Corporation - C:\Windows\System32\wuaueng.dll
O23 - Service: Windows Driver Foundation - User-mode Driver Framework - Microsoft Corporation - C:\Windows\System32\WUDFSvc.dll

--- Additional WinPatrol Info ---
Default Browser: Windows® Internet Explorer - Internet Explorer version 7.00.6000.16386
MSIE: Internet Explorer (7.00.6000.16386)
0 IE Cookies in Folder: C:\Users\Cynthia\AppData\Roaming\Microsoft\Windows\Cookies\

WP00 - HKLM\CCS: BootExecute = autocheck autochk *
WP00 - HKLM\CS2: BootExecute = autocheck autochk *
WP00 - HKLM\CS3: BootExecute = autocheck autochk *
WP02 - HKLM\CCS: Command = C:\Windows\system32\cmd.exe

WP03 - Windows Automatic Update = 2:Notify me but don't automatically download or install them.


WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix: Default = http://
WP08 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes: www = http://


WP16 - ActiveX: {02BCC737-B171-4746-94C9-0D8A0B2C0089} [Microsoft Office Template and Media Control] C:\Program Files\Microsoft Office\Office12\IEAWSDC.DLL
WP16 - ActiveX: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} [Office Genuine Advantage Validation Tool] C:\Windows\System32\OGACHECKCONTROL.DLL
WP16 - ActiveX: {07B06095-5687-4D13-9E32-12B4259C9813} [STSUpld UploadCtl Class] C:\Program Files\Microsoft Office\Office12\STSUPLD.DLL 12.0.4518.1014
WP16 - ActiveX: {0D012ABD-CEED-11D2-9C76-00105AA73033} [Groove DocumentShareView] C:\PROGRAM FILES\MICROSOFT OFFICE\Office12\GROOVEDOCUMENTSHARETOOL.DLL 4.2.1.2704
WP16 - ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42E} [PeerDraw Class] C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\vgx\VGX.dll 7.00.6001.18000
WP16 - ActiveX: {12A66224-5E8A-4679-8941-0B9B960BF5EA} [VistaWUWebControl Class] C:\Windows\System32\wuwebv.dll 7.0.6001.18000
WP16 - ActiveX: {17492023-C23A-453E-A040-C7C580BBF700} [Windows Genuine Advantage Validation Tool] C:\Windows\System32\LEGITCHECKCONTROL.DLL 1.7.0069.2
WP16 - ActiveX: {19916E01-B44E-4E31-94A4-4696DF46157B} [InformationCardSigninHelper Class] C:\Windows\System32\icardie.dll 7.00.6000.16386
WP16 - ActiveX: {2933BF90-7B36-11D2-B20E-00C04F983E60} [XML DOM Document] C:\Windows\System32\msxml3.dll 8.100.1043.0
WP16 - ActiveX: {2933BF94-7B36-11D2-B20E-00C04F983E60} [XSL Template] C:\Windows\System32\msxml3.dll 8.100.1043.0
WP16 - ActiveX: {3050F819-98B5-11CF-BB82-00AA00BDCE0B} [HtmlDlgSafeHelper Class] C:\Windows\System32\mshtmled.dll 7.00.6000.16386
WP16 - ActiveX: {333C7BC4-460F-11D0-BC04-0080C7055A83} [Tabular Data Control] C:\Windows\System32\tdc.ocx 7.00.6001.18000
WP16 - ActiveX: {373984C9-B845-449B-91E7-45AC83036ADE} [XML Schema Cache] C:\Windows\System32\msxml3.dll 8.100.1043.0
WP16 - ActiveX: {3FD37ABB-F90A-4DE5-AA38-179629E64C2F} [SharePoint Spreadsheet Launcher] C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL 12.0.6211.1000
WP16 - ActiveX: {48123BC4-99D9-11D1-A6B3-00C04FD91555} [XML Document] C:\Windows\System32\msxml3.dll 8.100.1043.0
WP16 - ActiveX: {4CCA4E80-9259-11D9-AC6E-444553544200} [FixController Control] C:\PROGRAM FILES\HP\Common\FIXENGINE.DLL 1, 0, 3, 0
WP16 - ActiveX: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} [DeviceEnum Class] C:\PROGRAM FILES\HP\Common\HPDEVICEDETECTION.DLL 4.0.11.0
WP16 - ActiveX: {55136805-B2DE-11D1-B9F2-00A0C98BC547} [Shell Name Space] C:\Windows\System32\ieframe.dll 7.00.6000.16386
WP16 - ActiveX: {56A58823-AE99-11D5-B90B-0050DACD1F75} [Groove Data List Display] C:\PROGRAM FILES\MICROSOFT OFFICE\Office12\GROOVECOMMONCOMPONENTS.DLL 4.2.1.2704
WP16 - ActiveX: {5E6F22B3-7DF6-4C64-8AD0-1A6CC1351085} [HPScript Class] C:\PROGRAM FILES\HP\Common\HPSCRIPTING.DLL 2, 0, 0, 4
WP16 - ActiveX: {62B4D041-4667-40B6-BB50-4BC0A5043A73} [SharePoint Export Database Launcher] C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL 12.0.6211.1000
WP16 - ActiveX: {64AB4BB7-111E-11D1-8F79-00C04FC2FBE1} [Microsoft Shell UI Helper] C:\Windows\System32\ieframe.dll 7.00.6000.16386
WP16 - ActiveX: {65BCBEE4-7728-41A0-97BE-14E1CAE36AAE} [Microsoft Office List 12.0] C:\PROGRAM FILES\MICROSOFT OFFICE\Office12\STSLIST.DLL 12.0.6211.1000
WP16 - ActiveX: {6B75345B-AA36-438A-BBE6-4078B4C6984D} [HpProductDetection Class] C:\PROGRAM FILES\HP\Common\HPDEVICEDETECTION.DLL 4.0.11.0
WP16 - ActiveX: {6BF52A52-394A-11D3-B153-00C04F79FAA6} [Windows Media Player] C:\Windows\System32\wmp.dll 11.0.6001.7000
WP16 - ActiveX: {760C4B83-E211-11D2-BF3E-00805FBE84A6} [Windows Media Services DRM Storage object] C:\Windows\System32\msnetobj.dll 11.0.6001.7000
WP16 - ActiveX: {7D4CF499-32EC-4E8E-8714-7E74303869F0} [HPCookie Class] C:\PROGRAM FILES\HP\Common\HPDEVICEDETECTION.DLL 4.0.11.0
WP16 - ActiveX: {8075631E-5146-11D5-A672-00B0D022E945} [SharepointOpenXMLDocuments] C:\PROGRAM FILES\MICROSOFT OFFICE\Office12\INLAUNCH.DLL 12.0.4518.1014
WP16 - ActiveX: {80AEEC0E-A2BE-4B8D-985F-350FE869DC40} [HPDDClientExec Class] C:\PROGRAM FILES\HP\Common\HPDDAXO.dll 1, 0, 1, 0
WP16 - ActiveX: {8856F961-340A-11D0-A96B-00C04FD705A2} [Microsoft Web Browser] C:\Windows\System32\ieframe.dll 7.00.6000.16386
WP16 - ActiveX: {88D969C0-F192-11D4-A65F-0040963251E5} [XML DOM Document 4.0] C:\Windows\System32\msxml4.dll 4.20.9849.0
WP16 - ActiveX: {88D969C1-F192-11D4-A65F-0040963251E5} [Free Threaded XML DOM Document 4.0] C:\Windows\System32\msxml4.dll 4.20.9849.0
WP16 - ActiveX: {88D969C2-F192-11D4-A65F-0040963251E5} [XML Schema Cache 4.0] C:\Windows\System32\msxml4.dll 4.20.9849.0
WP16 - ActiveX: {88D969C3-F192-11D4-A65F-0040963251E5} [XSL Template 4.0] C:\Windows\System32\msxml4.dll 4.20.9849.0
WP16 - ActiveX: {88D969C4-F192-11D4-A65F-0040963251E5} [XML Data Source Object 4.0] C:\Windows\System32\msxml4.dll 4.20.9849.0
WP16 - ActiveX: {88D969C5-F192-11D4-A65F-0040963251E5} [XML HTTP 4.0] C:\Windows\System32\msxml4.dll 4.20.9849.0
WP16 - ActiveX: {88D96A05-F192-11D4-A65F-0040963251E5} [XML DOM Document 6.0] C:\Windows\System32\msxml6.dll 6.20.1076.0
WP16 - ActiveX: {88D96A06-F192-11D4-A65F-0040963251E5} [Free Threaded XML DOM Document 6.0] C:\Windows\System32\msxml6.dll 6.20.1076.0
WP16 - ActiveX: {88D96A07-F192-11D4-A65F-0040963251E5} [XML Schema Cache 6.0] C:\Windows\System32\msxml6.dll 6.20.1076.0
WP16 - ActiveX: {88D96A08-F192-11D4-A65F-0040963251E5} [XSL Template 6.0] C:\Windows\System32\msxml6.dll 6.20.1076.0
WP16 - ActiveX: {88D96A0A-F192-11D4-A65F-0040963251E5} [XML HTTP 6.0] C:\Windows\System32\msxml6.dll 6.20.1076.0
WP16 - ActiveX: {8E4062D9-FE1B-4B9E-AA16-5E8EEF68F48E} [Registration Control] C:\Windows\System32\RegCtrl.dll 6.0.6001.18000
WP16 - ActiveX: {9203C2CB-1DC1-482D-967E-597AFF270F0D} [SharePoint OpenDocuments Class] C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL 12.0.6211.1000
WP16 - ActiveX: {9E1DDDD2-0638-4607-B266-13FE69EDFFD3} [HPHubSearch Class] C:\PROGRAM FILES\HP\Common\HPDEVICEDETECTION.DLL 4.0.11.0
WP16 - ActiveX: {A6FD4E81-807B-477F-8A27-8D834C5AD5C4} [InstallManager Control] C:\PROGRAM FILES\HP\Common\FIXENGINE.DLL 1, 0, 3, 0
WP16 - ActiveX: {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} [RMGetLicense Class] C:\Windows\System32\msnetobj.dll 11.0.6001.7000
WP16 - ActiveX: {B2CD4730-67E7-401C-A2CB-D74715E05FA4} [HPSIEnumeration Class] C:\PROGRAM FILES\HP\Common\HPDEVICEDETECTION.DLL 4.0.11.0
WP16 - ActiveX: {B63C249D-7FA4-42A6-8AF1-D83AB0CE00B3} [HPSIEnumeration Class] C:\PROGRAM FILES\HP\Common\HPBASICDETECTION3.DLL 3, 2, 7, 0
WP16 - ActiveX: {BDEADE3E-C265-11D0-BCED-00A0C90AB50F} [OWSClientEventSubscription Class] C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL 12.0.6211.1000
WP16 - ActiveX: {BDEADE3F-C265-11D0-BCED-00A0C90AB50F} [OWSClientMiscApis Class] C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL 12.0.6211.1000
WP16 - ActiveX: {BDEADE40-C265-11D0-BCED-00A0C90AB50F} [OWSClientCommentThread Class] C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL 12.0.6211.1000
WP16 - ActiveX: {BDEADE42-C265-11D0-BCED-00A0C90AB50F} [OWSClientComment Class] C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL 12.0.6211.1000
WP16 - ActiveX: {BDEADE43-C265-11D0-BCED-00A0C90AB50F} [OWSBrowserUI Class] C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL 12.0.6211.1000
WP16 - ActiveX: {BDEADE98-C265-11D0-BCED-00A0C90AB50F} [OWS Post Data] C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL 12.0.6211.1000
WP16 - ActiveX: {BDEADE9E-C265-11D0-BCED-00A0C90AB50F} [SharePoint Spreadsheet Launcher] C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL 12.0.6211.1000
WP16 - ActiveX: {BDEADEB3-C265-11D0-BCED-00A0C90AB50F} [Web Discussions] C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL 12.0.6211.1000
WP16 - ActiveX: {BDEADEB4-C265-11D0-BCED-00A0C90AB50F} [Web Discussions] C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL 12.0.6211.1000
WP16 - ActiveX: {BDEADEB5-C265-11D0-BCED-00A0C90AB50F} [Web Discussions] C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL 12.0.6211.1000
WP16 - ActiveX: {BDEADEB7-C265-11D0-BCED-00A0C90AB50F} [OWSDiscussionServers Class] C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL 12.0.6211.1000
WP16 - ActiveX: {BDEADEB8-C265-11D0-BCED-00A0C90AB50F} [OWSClientCollaboration Class] C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL 12.0.6211.1000
WP16 - ActiveX: {BDEADEDA-C265-11D0-BCED-00A0C90AB50F} [OSE.Discussion] C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL 12.0.6211.1000
WP16 - ActiveX: {BDEADEDB-C265-11D0-BCED-00A0C90AB50F} [OSE.Discussions] C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL 12.0.6211.1000
WP16 - ActiveX: {BDEADEDC-C265-11D0-BCED-00A0C90AB50F} [OSE.DiscussionServer] C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL 12.0.6211.1000
WP16 - ActiveX: {BDEADEDD-C265-11D0-BCED-00A0C90AB50F} [OSE.DiscussionServers] C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL 12.0.6211.1000
WP16 - ActiveX: {BDEADEDE-C265-11D0-BCED-00A0C90AB50F} [OSE Global Class] C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL 12.0.6211.1000
WP16 - ActiveX: {BDEADEE0-C265-11D0-BCED-00A0C90AB50F} [OWSDiscussionBar Class] C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL 12.0.6211.1000
WP16 - ActiveX: {BDEADEF5-C265-11D0-BCED-00A0C90AB50F} [SharePoint Stssync Handler] C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL 12.0.6211.1000
WP16 - ActiveX: {BE65189A-4770-47A0-9B7B-68827DB1C317} [ContentFinder Class] C:\PROGRAM FILES\HP\Common\RULESENGINE.DLL 1, 0, 4, 1
WP16 - ActiveX: {C9712B19-838B-45A5-ABF2-9A315DDDED50} [Microsoft Office 12 Authorization Control] C:\Program Files\Microsoft Office\Office12\AUTHZAX.DLL 12.0.4518.1014
WP16 - ActiveX: {CDAF9CEC-F3EC-4B22-ABA3-9726713560F8} [HPFileUtil Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {CDEC13B2-0B3C-400E-B909-E27EE89C6799} [STSUpld CopyCtl Class] C:\Program Files\Microsoft Office\Office12\STSUPLD.DLL 12.0.4518.1014
WP16 - ActiveX: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} [get_atlcom Class] C:\Windows\DOWNLOADED PROGRAM FILES\gp.ocx 1, 5, 2, 19
WP16 - ActiveX: {E01D1C6A-4F40-11D3-8958-00105A272DCF} [Groove Text View] C:\PROGRAM FILES\MICROSOFT OFFICE\Office12\GROOVETEXTTOOLS.DLL 4.2.1.2704
WP16 - ActiveX: {E18FEC31-2EA1-49A2-A7A6-902DC0D1FF05} [NameCtrl Class] C:\PROGRAM FILES\MICROSOFT OFFICE\Office12\NAME.DLL 12.0.6211.1000
WP16 - ActiveX: {E543A17A-F212-49C0-B63D-BF09B460250E} [OISClientLauncher Class] C:\PROGRAM FILES\MICROSOFT OFFICE\Office12\oisctrl.dll 12.0.4518.1014
WP16 - ActiveX: {E7339A62-0E31-4A5E-BA3D-F2FEDFBF8BE5} [PersonalSite Class] C:\Program Files\Common Files\microsoft shared\Portal\PortalConnectCore.dll
WP16 - ActiveX: {E9348280-2D74-4933-BE25-73D946926795} [DeviceEnum Class] C:\PROGRAM FILES\HP\Common\HPBASICDETECTION3.DLL 3, 2, 7, 0
WP16 - ActiveX: {ED8C108E-4349-11D2-91A4-00C04F7969E8} [XML HTTP Request] C:\Windows\System32\msxml3.dll 8.100.1043.0
WP16 - ActiveX: {EE09B103-97E0-11CF-978F-00A02463E06F} [Scripting.Dictionary] C:\Windows\System32\scrrun.dll 5.7.0.6000
WP16 - ActiveX: {F5078F32-C551-11D3-89B9-0000F81FE221} [XML DOM Document 3.0] C:\Windows\System32\msxml3.dll 8.100.1043.0
WP16 - ActiveX: {F5078F33-C551-11D3-89B9-0000F81FE221} [Free Threaded XML DOM Document 3.0] C:\Windows\System32\msxml3.dll 8.100.1043.0
WP16 - ActiveX: {F5078F34-C551-11D3-89B9-0000F81FE221} [XML Schema Cache 3.0] C:\Windows\System32\msxml3.dll 8.100.1043.0
WP16 - ActiveX: {F5078F35-C551-11D3-89B9-0000F81FE221} [XML HTTP 3.0] C:\Windows\System32\msxml3.dll 8.100.1043.0
WP16 - ActiveX: {F5078F36-C551-11D3-89B9-0000F81FE221} [XSL Template 3.0] C:\Windows\System32\msxml3.dll 8.100.1043.0
WP16 - ActiveX: {F5078F39-C551-11D3-89B9-0000F81FE221} [XML Data Source Object 3.0] C:\Windows\System32\msxml3.dll 8.100.1043.0
WP16 - ActiveX: {F6D90F11-9C73-11D3-B32E-00C04F990BB4} [XML DOM Document] C:\Windows\System32\msxml3.dll 8.100.1043.0
WP16 - ActiveX: {F6D90F12-9C73-11D3-B32E-00C04F990BB4} [Free Threaded XML DOM Document] C:\Windows\System32\msxml3.dll 8.100.1043.0
WP16 - ActiveX: {F6D90F14-9C73-11D3-B32E-00C04F990BB4} [XML Data Source Object] C:\Windows\System32\msxml3.dll 8.100.1043.0
WP16 - ActiveX: {F6D90F16-9C73-11D3-B32E-00C04F990BB4} [XML HTTP] C:\Windows\System32\msxml3.dll 8.100.1043.0
WP16 - ActiveX: {00000566-0000-0010-8000-00AA006D2EA4} [ADODB.Stream] C:\PROGRAM FILES\COMMON FILES\System\ado\msado15.dll 6.0.6001.18000
WP16 - ActiveX: {0002000D-0000-0000-C000-000000000046} [IAVIStream & IAVIFile Proxy] C:\Windows\System32\avifil32.dll 6.0.6000.16386
WP16 - ActiveX: {00020420-0000-0000-c000-000000000046} [PSDispatch] C:\Windows\System32\oleaut32.dll
WP16 - ActiveX: {00020421-0000-0000-C000-000000000046} [PSEnumVariant] C:\Windows\System32\oleaut32.dll
WP16 - ActiveX: {00020422-0000-0000-C000-000000000046} [PSTypeInfo] C:\Windows\System32\oleaut32.dll
WP16 - ActiveX: {00020423-0000-0000-C000-000000000046} [PSTypeLib] C:\Windows\System32\oleaut32.dll
WP16 - ActiveX: {00020424-0000-0000-c000-000000000046} [PSOAInterface] C:\Windows\System32\oleaut32.dll
WP16 - ActiveX: {00020425-0000-0000-C000-000000000046} [PSTypeComp] C:\Windows\System32\oleaut32.dll
WP16 - ActiveX: {00021401-0000-0000-C000-000000000046} [Shortcut] SHELL32.DLL 6.0.6001.18000
WP16 - ActiveX: {00024522-0000-0000-C000-000000000046} [RefEdit.Ctrl] C:\Program Files\Microsoft Office\Office12\REFEDIT.DLL 12.0.6211.1000
WP16 - ActiveX: {01E04581-4EEE-11d0-BFE9-00AA005B4383} [&Address] C:\Windows\System32\browseui.dll 6.0.6000.16386
WP16 - ActiveX: {02BCC737-B171-4746-94C9-0D8A0B2C0089} [Microsoft Office Template and Media Control] C:\Program Files\Microsoft Office\Office12\IEAWSDC.DLL
WP16 - ActiveX: {05589fa1-c356-11ce-bf01-00aa0055595a} [ActiveMovieControl Object] C:\Windows\System32\wmpdxm.dll 11.0.6001.7000
WP16 - ActiveX: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} [Office Genuine Advantage Validation Tool] C:\Windows\System32\OGACHECKCONTROL.DLL
WP16 - ActiveX: {0713E8A2-850A-101B-AFC0-4210102A8DA7} [Microsoft TreeView Control, version 5.0 (SP2)] C:\Windows\System32\comctl32.ocx 6.00.8105
WP16 - ActiveX: {0713E8D2-850A-101B-AFC0-4210102A8DA7} [Microsoft ProgressBar Control, version 5.0 (SP2)] C:\Windows\System32\comctl32.ocx 6.00.8105
WP16 - ActiveX: {083863F1-70DE-11d0-BD40-00A0C911CE86} [ActiveMovie Filter Class Manager] DEVENUM.DLL 6.6.6000.16386
WP16 - ActiveX: {0C378864-D5C4-4D9C-854C-432E3BEC9CCB} [HPRegUtil Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {0CF32AA1-7571-11D0-93C4-00AA00A3DDEA} [System Monitor Source Properties] C:\Windows\System32\sysmon.ocx 6.0.6000.16386
WP16 - ActiveX: {0D012ABD-CEED-11D2-9C76-00105AA73033} [Groove DocumentShareView] C:\PROGRAM FILES\MICROSOFT OFFICE\Office12\GROOVEDOCUMENTSHARETOOL.DLL 4.2.1.2704
WP16 - ActiveX: {3605B612-C3CF-4ab4-A426-2D853391DB2E} [Certificates Class] C:\PROGRAM FILES\MICROSOFT CAPICOM 2.1.0.2\Lib\X86\capicom.dll 2, 1, 0, 2
WP16 - ActiveX: {17E67D4A-23A1-40D8-A049-EE34C0AF756A} [HPLogicalDriveInfo Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {1B544C24-FD0B-11CE-8C63-00AA0044B520} [DirectX Transform Wrapper Property Page] C:\Windows\System32\qedit.dll 6.6.6000.16386
WP16 - ActiveX: {1E807E5C-521F-465E-AF4E-267AAD50B3AC} [HPHubSearch Class] C:\PROGRAM FILES\HP\Common\HPBASICDETECTION3.DLL 3, 2, 7, 0
WP16 - ActiveX: {2D2E24CB-0CD5-458F-86EA-3E6FA22C8E64} [VMR Allocator Presenter 9] QUARTZ.DLL 6.6.6000.16386
WP16 - ActiveX: {3050F391-98B5-11CF-BB82-00AA00BDCE0B} [Microsoft HTML Window Security Proxy] C:\Windows\System32\mshtml.dll 7.00.6000.16386
WP16 - ActiveX: {3050F4F5-98B5-11CF-BB82-00AA00BDCE0B} [Trident HTMLEditor] C:\Windows\System32\mshtmled.dll 7.00.6000.16386
WP16 - ActiveX: {3050F5C8-98B5-11CF-BB82-00AA00BDCE0B} [Microsoft HTA Document 6.0] C:\Windows\System32\mshtml.dll 7.00.6000.16386
WP16 - ActiveX: {3050f667-98b5-11cf-bb82-00aa00bdce0b} [Microsoft Html Popup Window] C:\Windows\System32\mshtml.dll 7.00.6000.16386
WP16 - ActiveX: {3050F67D-98B5-11CF-BB82-00AA00BDCE0B} [Microsoft Html Document for Popup Window] C:\Windows\System32\mshtml.dll 7.00.6000.16386
WP16 - ActiveX: {314111B8-A502-11D2-BBCA-00C04F8EC294} [Microsoft Help 2.0 Contents Control] C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\Help\hxvz.dll 2.05.50727.42
WP16 - ActiveX: {314111C6-A502-11D2-BBCA-00C04F8EC294} [Microsoft Help 2.0 Index Control] C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\Help\hxvz.dll 2.05.50727.42
WP16 - ActiveX: {32DA2B15-CFED-11D1-B747-00C04FC2B085} [Script Encoder Object] C:\Windows\System32\scrrun.dll 5.7.0.6000
WP16 - ActiveX: {33d9a760-90c8-11d0-bd43-00a0c911ce86} [ICM Class Manager] DEVENUM.DLL 6.6.6000.16386
WP16 - ActiveX: {33d9a761-90c8-11d0-bd43-00a0c911ce86} [ACM Class Manager] DEVENUM.DLL 6.6.6000.16386
WP16 - ActiveX: {33D9A762-90C8-11d0-BD43-00A0C911CE86} [WaveIn Class Manager] DEVENUM.DLL 6.6.6000.16386
WP16 - ActiveX: {35cec8a3-2be6-11d2-8773-92e220524153} [stobject] C:\Windows\System32\stobject.dll 6.0.6000.16386
WP16 - ActiveX: {372E5402-BDA5-428D-88CE-187BCF91A343} [HPSIProductUrlCollection Class] C:\PROGRAM FILES\HP\Common\HPBASICDETECTION3.DLL 3, 2, 7, 0
WP16 - ActiveX: {37de7045-5056-456f-8409-c871e0f8b0e0} [Trun Gateway Protocol Class] C:\Windows\System32\msdtctm.dll 6.0.6001.18000
WP16 - ActiveX: {3BEE4890-4FE9-4A37-8C1E-5E7E12791C1F} [SpSharedRecognizer Class] C:\Windows\System32\Speech\Common\sapi.dll 5.3.6001.18000
WP16 - ActiveX: {3F156A66-3796-4043-96A7-F3423B81C86D} [HPCookie Class] C:\PROGRAM FILES\HP\Common\HPBASICDETECTION3.DLL 3, 2, 7, 0
WP16 - ActiveX: {3FD37ABB-F90A-4DE5-AA38-179629E64C2F} [SharePoint Spreadsheet Launcher] C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL 12.0.6211.1000
WP16 - ActiveX: {52A2AAAE-085D-4187-97EA-8C30DB990436} [HHCtrl Object] C:\Windows\System32\hhctrl.ocx 6.0.6000.16386
WP16 - ActiveX: {42C419BE-9376-4b71-B8B3-335507A52569} [HPSIProductCollection Class] C:\PROGRAM FILES\HP\Common\HPBASICDETECTION3.DLL 3, 2, 7, 0
WP16 - ActiveX: {42C68651-1700-4750-A81F-A1F5110E0F66} [HPPProcessorsCollection Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {4622AD11-FF23-11d0-8D34-00A0C90F2719} [Start Menu] C:\Windows\System32\shell32.dll 6.0.6001.18000
WP16 - ActiveX: {47206204-5ECA-11D2-960F-00C04F8EE628} [SpSharedRecoContext Class] C:\Windows\System32\Speech\Common\sapi.dll 5.3.6001.18000
WP16 - ActiveX: {4774922A-8983-4ECC-94FD-7235F06F53A1} [HPPDriverRead Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {49C47CE5-9BA4-11D0-8212-00C04FC32C45} [MMStream Class] AMSTREAM.DLL 6.6.6000.16386
WP16 - ActiveX: {4CFB5280-800B-4367-848F-5A13EBF27F1D} [LexRefStEsObject Class] C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\TRANSLAT\ESEN\MSB1ESEN.DLL 1, 0, 2109, 1
WP16 - ActiveX: {4DDB6D36-3BC1-11D2-86F2-006008B0E5D2} [MSP Class] C:\Windows\System32\wavemsp.dll 6.0.6000.16386
WP16 - ActiveX: {4efe2452-168a-11d1-bc76-00c04fb9453b} [MidiOut Class Manager] DEVENUM.DLL 6.6.6000.16386
WP16 - ActiveX: {51B3B655-7E45-4494-9983-4BACF0E0A834} [HPSimpleProductCollection Class] C:\PROGRAM FILES\HP\Common\HPBASICDETECTION3.DLL 3, 2, 7, 0
WP16 - ActiveX: {51B4ABF3-748F-4E3B-A276-C828330E926A} [Video Mixing Renderer 9] QUARTZ.DLL 6.6.6000.16386
WP16 - ActiveX: {53C74826-AB99-4D33-ACA4-3117F51D3788} [shell32] C:\Windows\System32\shell32.dll 6.0.6001.18000
WP16 - ActiveX: {58DA8D8A-9D6A-101B-AFC0-4210102A8DA7} [Microsoft ListView Control, version 5.0 (SP2)] C:\Windows\System32\comctl32.ocx 6.00.8105
WP16 - ActiveX: {58DA8D8F-9D6A-101B-AFC0-4210102A8DA7} [Microsoft ImageList Control, version 5.0 (SP2)] C:\Windows\System32\comctl32.ocx 6.00.8105
WP16 - ActiveX: {5d08b586-343a-11d0-ad46-00c04fd8fdff} [Microsoft WBEM Event Subsystem] C:\Windows\System32\wbem\wbemess.dll 6.0.6001.18000
WP16 - ActiveX: {5E6F22B3-7DF6-4C64-8AD0-1A6CC1351085} [HPScript Class] C:\PROGRAM FILES\HP\Common\HPSCRIPTING.DLL 2, 0, 0, 4
WP16 - ActiveX: {60178279-6D62-43af-A336-77925651A4C6} [HPDevice Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {62B4D041-4667-40B6-BB50-4BC0A5043A73} [SharePoint Export Database Launcher] C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL 12.0.6211.1000
WP16 - ActiveX: {6470DE80-1635-4B5D-93A3-3701CE148A79} [HPPPortRead Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {550C8FFB-4DC0-4756-828C-862E6D0AE74F} [Chain Class] C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\CAPICOM\CapiCom.dll 2, 1, 0, 2
WP16 - ActiveX: {6B7E638F-850A-101B-AFC0-4210102A8DA7} [Microsoft StatusBar Control, version 5.0 (SP2)] C:\Windows\System32\comctl32.ocx 6.00.8105
WP16 - ActiveX: {7007ACCF-3202-11D1-AAD2-00805FC1270E} [Network Connections Tray] C:\Windows\System32\netshell.dll 6.0.6000.16386
WP16 - ActiveX: {7057e952-bd1b-11d1-8919-00c04fc2c836} [Microsoft DocHost User Interface Handler] C:\Windows\System32\ieframe.dll 7.00.6000.16386
WP16 - ActiveX: {7172D604-32E2-41D5-ABA0-6533DF0BD3D9} [Device Class] C:\PROGRAM FILES\HP\Common\HPBASICDETECTION3.DLL 3, 2, 7, 0
WP16 - ActiveX: {730f6cdc-2c86-11d2-8773-92e220524153} [SysTrayInvoker] C:\Windows\System32\stobject.dll 6.0.6000.16386
WP16 - ActiveX: {75C11604-5C51-48B2-B786-DF5E51D10EC9} [LexRefBilingualTextContext Class] C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\TRANSLAT\MSB1CORE.DLL 12.0.4518.1014
WP16 - ActiveX: {7849596a-48ea-486e-8937-a2a3009f31a9} [PostBootReminder object] C:\Windows\System32\shell32.dll 6.0.6001.18000
WP16 - ActiveX: {784F2933-6BDD-4E5F-B1BA-A8D99B603649} [HPOperatingSystem Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {91D221C4-0CD4-461C-A728-01D509321556} [Store Class] C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\CAPICOM\CapiCom.dll 2, 1, 0, 2
WP16 - ActiveX: {7BDC31F1-FF5D-4F00-AD3B-30A8C37C435B} [HPSearchResults Class] C:\PROGRAM FILES\HP\Common\HPBASICDETECTION3.DLL 3, 2, 7, 0
WP16 - ActiveX: {7CB9D4F5-C492-42A4-93B1-3F7D6946470D} [ContentCollection Class] C:\PROGRAM FILES\HP\Common\RULESENGINE.DLL 1, 0, 4, 1
WP16 - ActiveX: {8075631E-5146-11D5-A672-00B0D022E945} [SharepointOpenXMLDocuments] C:\PROGRAM FILES\MICROSOFT OFFICE\Office12\INLAUNCH.DLL 12.0.4518.1014
WP16 - ActiveX: {85bbd920-42a0-1069-a2e4-08002b30309d} [Briefcase] SYNCUI.DLL 6.0.6000.16386
WP16 - ActiveX: {860bb310-5d01-11d0-bd3b-00a0c911ce86} [VFW Capture Class Manager] DEVENUM.DLL 6.6.6000.16386
WP16 - ActiveX: {8856F961-340A-11D0-A96B-00C04FD705A2} [Microsoft Web Browser] C:\Windows\System32\ieframe.dll 7.00.6000.16386
WP16 - ActiveX: {8BD21D50-EC42-11CE-9E0D-00AA006002F3} [Microsoft Forms 2.0 OptionButton] C:\Windows\System32\FM20.DLL 12.0.6211.1000
WP16 - ActiveX: {910E7ADE-7F75-402D-A4A6-BB1A82362FCA} [HPPPortsCollection Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {9203C2CB-1DC1-482D-967E-597AFF270F0D} [SharePoint OpenDocuments Class] C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL 12.0.6211.1000
WP16 - ActiveX: {93441C07-E57E-4086-B912-F323D741A9D8} [HPIniFileUtil Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {992cffa0-f557-101a-88ec-00dd010ccc48} [Network Connections] C:\Windows\System32\netshell.dll 6.0.6000.16386
WP16 - ActiveX: {A2EDA89A-0966-4B91-9C18-AB69F098187F} [WMT DeInterlace Prop Page] C:\PROGRAM FILES\MOVIE MAKER\WMM2FILT.dll 6.0.6000.16386
WP16 - ActiveX: {A489AA80-6F27-4C3A-895D-EAC0E45EC77B} [HPStarter Class] C:\PROGRAM FILES\HP\Common\HPBASICDETECTION3.DLL 3, 2, 7, 0
WP16 - ActiveX: {A95845D8-8463-4605-B5FB-4F8CFBAC5C47} [HPSpoolerRead Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {AB049B11-607B-46C8-BBF7-F4D6AF301046} [HPPMonitorsCollection Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {AB237044-8A3B-42BB-9EE1-9BFA6721D9ED} [HPSystemBoardInfo Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {ABBA001B-3075-11D6-88A4-00B0D0200F88} [DigitalCable Class] C:\Windows\System32\psisdecd.dll 6.6.6001.18061
WP16 - ActiveX: {ABC0DABE-565B-4A71-BB5D-B8D1CE1F8981} [DeviceCollection Class] C:\PROGRAM FILES\HP\Common\HPBASICDETECTION3.DLL 3, 2, 7, 0
WP16 - ActiveX: {41B23C28-488E-4E5C-ACE2-BB0BBABE99E8} [HHCtrl Object] C:\Windows\System32\hhctrl.ocx 6.0.6000.16386
WP16 - ActiveX: {AE24FDAE-03C6-11D1-8B76-0080C744F389} [Microsoft Scriptlet Component] C:\Windows\System32\mshtml.dll 7.00.6000.16386
WP16 - ActiveX: {AED6483E-3304-11D2-86F1-006008B0E5D2} [Video Render Dynamic Terminal] C:\Windows\System32\termmgr.dll 6.0.6000.16386
WP16 - ActiveX: {AED6483F-3304-11D2-86F1-006008B0E5D2} [Media Streaming Dynamic Terminal] C:\Windows\System32\termmgr.dll 6.0.6000.16386
WP16 - ActiveX: {AF604EFE-8897-11D1-B944-00A0C90312E1} [Microsoft Common Browser Architecture] C:\Windows\System32\browseui.dll 6.0.6000.16386
WP16 - ActiveX: {B3E0E785-BD78-4366-9560-B7DABE2723BE} [LexRefStFrObject Class] C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\TRANSLAT\FREN\MSB1FREN.DLL 1, 0, 2109, 1
WP16 - ActiveX: {b4b3aecb-dfd6-11d1-9daa-00805f85cfe3} [clbcatq] C:\Windows\System32\clbcatq.dll 6.0.6001.18000
WP16 - ActiveX: {B4E721A0-6AC4-40E6-94FC-CBD0D4279B5E} [HPSimpleProduct Class] C:\PROGRAM FILES\HP\Common\HPBASICDETECTION3.DLL 3, 2, 7, 0
WP16 - ActiveX: {B5201019-B9A8-411C-A7AC-CEA856A63C00} [HPScript2 Class] C:\PROGRAM FILES\HP\Common\HPSCRIPTING.DLL 2, 0, 0, 4
WP16 - ActiveX: {B63C249D-7FA4-42A6-8AF1-D83AB0CE00B3} [HPSIEnumeration Class] C:\PROGRAM FILES\HP\Common\HPBASICDETECTION3.DLL 3, 2, 7, 0
WP16 - ActiveX: {B9C13CD0-5A97-4C6B-8A50-7638020E2462} [HPPJobsCollection Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {BC2971B9-2A4F-44C8-8D7F-04E027544828} [ScriptHost Class] C:\PROGRAM FILES\HP\Common\HPSCRIPTING.DLL 2, 0, 0, 4
WP16 - ActiveX: {BDEADE9E-C265-11D0-BCED-00A0C90AB50F} [SharePoint Spreadsheet Launcher] C:\Program Files\Microsoft Office\Office12\OWSCLT.DLL 12.0.6211.1000
WP16 - ActiveX: {BDEADEF5-C265-11D0-BCED-00A0C90AB50F} [SharePoint Stssync Handler] C:\Program Files\Microsoft Office\Office12\OWSSUPP.DLL 12.0.6211.1000
WP16 - ActiveX: {BF931895-AF82-467A-8819-917C6EE2D1F3} [HPPrinterRead Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {C70D0641-DDE1-4FD7-A4D4-DA187B80741D} [HPPrintersCollection Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {c7b6c04a-cbb5-11d0-bb4c-00c04fc2f410} [IndexServer Simple Command Creator] C:\Windows\System32\Query.dll 6.0.6000.16386
WP16 - ActiveX: {C94188F6-0F9F-46B3-8B78-D71907BD8B77} [HPPMonitorRead Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {CA1F27DD-4AF0-46C1-8CE5-54DEB2F8CF19} [HPSIProduct Class] C:\PROGRAM FILES\HP\Common\HPBASICDETECTION3.DLL 3, 2, 7, 0
WP16 - ActiveX: {cc7bfb42-f175-11d1-a392-00e0291f3959} [Video Effect (1 input) Class Manager] C:\Windows\System32\qedit.dll 6.6.6000.16386
WP16 - ActiveX: {cc7bfb43-f175-11d1-a392-00e0291f3959} [Video Effect (2 input) Class Manager] C:\Windows\System32\qedit.dll 6.6.6000.16386
WP16 - ActiveX: {CDAF9CEC-F3EC-4B22-ABA3-9726713560F8} [HPFileUtil Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {CE292861-FC88-11D0-9E69-00C04FD7C15B} [VideoPort Object] QDVD.DLL 6.6.6000.16386
WP16 - ActiveX: {CF6866F9-B67C-4B24-9957-F91E91E788DC} [HPSpoolerEnum Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {d2d588b5-d081-11d0-99e0-00c04fc2f8ec} [WDM Instance Provider] C:\Windows\System32\wbem\wmiprov.dll 6.0.6001.18000
WP16 - ActiveX: {DC4F9DA0-DB05-4BB0-8FB2-03A80FE98772} [HPDeviceUtil Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {DE233AFF-8BD5-457E-B7F0-702DBEA5A828} [HPPDriversCollection Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {DF0B3D60-548F-101B-8E65-08002B2BD119} [PSSupportErrorInfo] C:\Windows\System32\oleaut32.dll
WP16 - ActiveX: {DF1F1C17-6A29-45fb-A3C6-9825908E062E} [ScriptUtil Class] C:\PROGRAM FILES\HP\Common\RULESENGINE.DLL 1, 0, 4, 1
WP16 - ActiveX: {e0f158e1-cb04-11d0-bd4e-00a0c911ce86} [WaveOut and DSound Class Manager] DEVENUM.DLL 6.6.6000.16386
WP16 - ActiveX: {E12DA4F2-BDFB-4EAD-B12F-2725251FA6B0} [HPPJobRead Class] C:\PROGRAM FILES\HP\Common\HPeDiag.dll 1, 1, 3, 0
WP16 - ActiveX: {E188F7A3-A04E-413E-99D1-D79A45F70305} [WMT FormatConversion Prop Page] C:\PROGRAM FILES\MOVIE MAKER\WMM2FILT.dll 6.0.6000.16386
WP16 - ActiveX: {9171C115-7DD9-46BA-B1E5-0ED50AFFC1B8} [Certificate Class] C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\CAPICOM\CapiCom.dll 2, 1, 0, 2
WP16 - ActiveX: {E4979309-7A32-495E-8A92-7B014AAD4961} [VMR ImageSync 9] QUARTZ.DLL 6.6.6000.16386
WP16 - ActiveX: {E7339A62-0E31-4A5E-BA3D-F2FEDFBF8BE5} [PersonalSite Class] C:\Program Files\Common Files\microsoft shared\Portal\PortalConnectCore.dll
WP16 - ActiveX: {e846f0a0-d367-11d1-8286-00a0c9231c29} [catsrvut] C:\Windows\System32\catsrvut.dll 6.0.6001.18000
WP16 - ActiveX: {E9348280-2D74-4933-BE25-73D946926795} [DeviceEnum Class] C:\PROGRAM FILES\HP\Common\HPBASICDETECTION3.DLL 3, 2, 7, 0
WP16 - ActiveX: {EA084E0F-B62E-406E-B672-CE909626918B} [PSFactoryBuffer] C:\PROGRAM FILES\HP\Common\HPBASICDETECTION3.DLL 3, 2, 7, 0
WP16 - ActiveX: {ECABAFC0-7F19-11D2-978E-0000F8757E2A} [cfw Class] C:\Windows\System32\comsvcs.dll 6.0.6001.18000
WP16 - ActiveX: {ecabafc2-7f19-11d2-978e-0000f8757e2a} [Queued Components Recorder] C:\Windows\System32\comsvcs.dll 6.0.6001.18000
WP16 - ActiveX: {ECABB0AB-7F19-11D2-978E-0000F8757E2A} [MTSEvents Class] C:\Windows\System32\comsvcs.dll 6.0.6001.18000
WP16 - ActiveX: {ecabb0bf-7f19-11d2-978e-0000f8757e2a} [MessageMover Class] C:\Windows\System32\comsvcs.dll 6.0.6001.18000
WP16 - ActiveX: {F198A89A-5042-4294-ADF1-CB163E549798} [Win32_EncryptableVolumeProvider Class] C:\Windows\System32\wbem\WIN32_ENCRYPTABLEVOLUME.DLL 6.0.6001.18000
WP16 - ActiveX: {F5BE8BD2-7DE6-11D0-91FE-00C04FD701A5} [Microsoft Agent Control 1.5] C:\Windows\MSAgent\AgentCtl.dll 5.2.3790.1241
WP16 - ActiveX: {3605B612-C3CF-4ab4-A426-2D853391DB2E} [Certificates Class] C:\PROGRAM FILES\MICROSOFT CAPICOM 2.1.0.2\Lib\X86\capicom.dll 2, 1, 0, 2
WP16 - ActiveX: {fbeb8a05-beee-4442-804e-409d6c4515e9} [ShellFolder for CD Burning] C:\Windows\System32\shell32.dll 6.0.6001.18000
WP16 - ActiveX: {FEF10FA2-355E-4E06-9381-9B24D7F7CC88} [shell32] C:\Windows\System32\shell32.dll 6.0.6001.18000

WP32 - Hidden File: C:\$drvmig$
WP32 - Hidden File: C:\bootmgr
WP32 - Hidden File: C:\pagefile.sys
WP32 - Hidden File: C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
WP32 - Hidden File: C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
WP32 - Hidden File: C:\Windows\System32\config\BCD-Template.LOG
WP32 - Hidden File: C:\Windows\System32\config\BCD-Template.LOG1
WP32 - Hidden File: C:\Windows\System32\config\BCD-Template.LOG2
WP32 - Hidden File: C:\Windows\System32\config\COMPONENTS.LOG
WP32 - Hidden File: C:\Windows\System32\config\COMPONENTS.LOG1
WP32 - Hidden File: C:\Windows\System32\config\COMPONENTS.LOG2
WP32 - Hidden File: C:\Windows\System32\config\DEFAULT.LOG
WP32 - Hidden File: C:\Windows\System32\config\DEFAULT.LOG1
WP32 - Hidden File: C:\Windows\System32\config\DEFAULT.LOG2
WP32 - Hidden File: C:\Windows\System32\config\SAM.LOG
WP32 - Hidden File: C:\Windows\System32\config\SAM.LOG1
WP32 - Hidden File: C:\Windows\System32\config\SAM.LOG2
WP32 - Hidden File: C:\Windows\System32\config\SECURITY.LOG
WP32 - Hidden File: C:\Windows\System32\config\SECURITY.LOG1
WP32 - Hidden File: C:\Windows\System32\config\SECURITY.LOG2
WP32 - Hidden File: C:\Windows\System32\config\SOFTWARE.LOG
WP32 - Hidden File: C:\Windows\System32\config\SOFTWARE.LOG1
WP32 - Hidden File: C:\Windows\System32\config\SOFTWARE.LOG2
WP32 - Hidden File: C:\Windows\System32\config\SYSTEM.LOG
WP32 - Hidden File: C:\Windows\System32\config\SYSTEM.LOG1
WP32 - Hidden File: C:\Windows\System32\config\SYSTEM.LOG2
WP32 - Hidden File: C:\Windows\System32\desktop.ini
WP32 - Hidden File: C:\Windows\System32\drivers\Msft_Kernel_SynTP_01000.Wdf
WP32 - Hidden File: C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf

WP33 - File Type .AVI: [Video Clip]C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:8 /Open %L
WP33 - File Type .BAT: [Windows Batch File]%1 %*
WP33 - File Type .CAB: [Cabinet File]C:\Windows\Explorer.exe /idlist,%I,%L
WP33 - File Type .CAT: [Security Catalog]C:\Windows\system32\rundll32.exe cryptext.dll,CryptExtOpenCAT %1
WP33 - File Type .CHM: [Compiled HTML Help file]C:\Windows\hh.exe %1
WP33 - File Type .COM: [MS-DOS Application]%1 %*
WP33 - File Type .CMD: [Windows Command Script]%1 %*
WP33 - File Type .DOC: [Microsoft Office Word 97 - 2003 Document]C:\Program Files\Microsoft Office\Office12\WINWORD.EXE /n /dde
WP33 - File Type .EML: [Internet E-Mail Message]C:\Program Files\Windows Mail\WinMail.exe /eml:%1
WP33 - File Type .EXE: [Application]%1 %*
WP33 - File Type .INF: [Setup Information]C:\Windows\system32\NOTEPAD.EXE %1
WP33 - File Type .JS: [JScript Script File]C:\Windows\System32\WScript.exe %1 %*
WP33 - File Type .LOG: [Text Document]C:\Windows\system32\NOTEPAD.EXE %1
WP33 - File Type .MSI: [Windows Installer Package]C:\Windows\System32\msiexec.exe /i %1 %*
WP33 - File Type .MID: [MIDI Sequence]C:\Program Files\Windows Media Player\wmplayer.exe /Open %L
WP33 - File Type .PIF: [Shortcut to MS-DOS Program]%1 %*
WP33 - File Type .REG: [Registration Entries]regedit.exe %1
WP33 - File Type .RTF: [Rich Text Format]C:\Program Files\Microsoft Office\Office12\WINWORD.EXE /n /dde
WP33 - File Type .SCR: [Screen Saver]%1 /S
WP33 - File Type .TXT: [Text Document]C:\Windows\system32\NOTEPAD.EXE %1
WP33 - File Type .URL: [Internet Shortcut]rundll32.exe ieframe.dll,OpenURL %l
WP33 - File Type .VBS: [VBScript Script File]C:\Windows\System32\WScript.exe %1 %*
WP33 - File Type .VBE: [VBScript Encoded File]C:\Windows\System32\WScript.exe %1 %*
WP33 - File Type .WSF: [Windows Script File]C:\Windows\System32\WScript.exe %1 %*
WP33 - File Type .WSH: [Windows Script Host Settings File]C:\Windows\System32\WScript.exe %1 %*
WP33 - File Type .XLS: [Microsoft Office Excel 97-2003 Worksheet]C:\Program Files\Microsoft Office\Office12\EXCEL.EXE /e

Memory currently in use: 53%
Physical Memory Free: 975,584 KB
Paging File Free: 3,336,824 KB
Virtual Memory Free: 2,027,848 KB


--
End of file
Enough already
Active Member
 
Posts: 2
Joined: August 13th, 2008, 6:23 pm

Re: Need this log checked by someone who knows what it is.

Unread postby suebaby41 » August 23rd, 2008, 9:09 pm

Sorry for the delay in responding. Because of my health, I have good days and bad days. Thanks for your patience.

O23 - Service: Peer Networking Identity Manager - Microsoft Corporation - C:\Windows\System32\p2psvc.dll

O23 - Service: Peer Networking Grouping - Microsoft Corporation - C:\Windows\System32\p2psvc.dll

O23 - Service: PNRP Machine Name Publication Service - Microsoft Corporation - C:\Windows\System32\p2psvc.dll

O23 - Service: Peer Name Resolution Protocol - Microsoft Corporation - C:\Windows\System32\p2psvc.dll


The above entries indicate that you installed Windows Peer To Peer Services. Please read Malware Removal Forum's Policy regarding P2P programs. P2P (peer to peer) file sharing programs must be removed.

Please disable the "Windows XP Peer-to-Peer Networking Component".

To disable the "Windows XP Peer-to-Peer Networking Component", follow these steps:
  1. Click Start > Control Panel.
  2. Click Add or Remove Programs.
  3. Click Add/Remove Windows Components. The Windows Components wizard starts.
  4. Click Networking Services (but do not click to clear the check box), and then click Details.
  5. Click to clear the Peer-to-Peer check box, and then click OK.
  6. Click Next.
  7. Follow the instructions on the remaining pages of the wizard to remove the component from the computer.
  8. Note: If the IPv6 ICF is enabled, when you disable the Windows Peer-to-Peer Networking Component, ports 3587(TCP) and 3540 (UDP) automatically close.
The list below illustrates many reasons why P2P programs are dangerous and why members of the security community advise against their use.
  1. P2P programs form a direct conduit on to your computer.
  2. P2P security measures are easily circumvented.
  3. Some P2P programs will share everything on the computer with anyone by default. If your P2P program is not configured correctly, you may be sharing more files than you realize.
  4. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program.
  5. P2P programs have always been a target of malware writers and increasingly so of late with Viruses, Worms and Trojans being distributed with the downloaded files.
  6. P2P programs connected to a network can be used to spread malware, share private documents, or use the file server to both store and forward malware.
  7. Many of the files in P2P networks are copyrighted and legal action could result.
  8. Pedophiles can use P2P communities to distribute child porn materials or attempt to make contact with children.
Please post a new HijackThis log. Thanks.
User avatar
suebaby41
MRU Master
MRU Master
 
Posts: 2053
Joined: February 8th, 2005, 7:38 pm

Re: Need this log checked by someone who knows what it is.

Unread postby NonSuch » August 28th, 2008, 3:14 am

Due to lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27302
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 37 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware