----- [Operating System] ------------------------------------------------------------ Property Value Name Windows XP (Professional) Service Pack 2 Terminal Services in Remote Admin Mode Multiprocessor Free Running on the console. Activation Status Activated Kernel Version 5.1.2600.2765 Security 128 bits Product Name Microsoft Windows XP Build Lab 2600.xpsp.050928-1517 Data Execution Prevention OptOut (enabled by default for all processes) Automatic Updates Turn off Automatic Updates Scheduled Install Every Day @ 4:00 PM System Restore Disabled Owner Gabriel Topala Organization Home Workgroup WORKGROUP Computer Name GABI Language English (Canada) Installation Time 01/06/2006 21:33:37.281 Boot Time 10/01/2006 09:31:48.375 Running Time 6 days 49 minutes 34 seconds Number of Open Programs 3 Active Desktop Installed ----- [Autorun] ---------------------------------------------------------------- Process Name Path Location Version Description Status Label Link Name msnmsgr.exe C:\Program Files\MSN Messenger\ HKCU\Software\Microsoft\Windows\CurrentVersion\Run 8.0.812.0 Messenger Running MsnMsgr wcescomm.exe C:\Program Files\Microsoft ActiveSync\ HKCU\Software\Microsoft\Windows\CurrentVersion\Run 4.2.4876.0 ActiveSync Connection Manager / Microsoft ActiveSync Running H/PC Connection Agent shell32.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks 6.0.2900.2951 Windows Shell Common Dll / Microsoft® Windows® Operating System MpShHook.dll C:\Program Files\Windows Defender\ HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks 1.1.1347.0 Shell Execution Monitor / Windows Defender Microsoft AntiMalware ShellExecuteHook MSNLNamespaceMgr.dll C:\Program Files\Windows Desktop Search\ HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks 2.6.5000.5378 Windows Desktop Search Namespace Manager / Microsoft® Windows® Operating System browseui.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler 6.0.2900.2937 Shell Browser UI Library / Microsoft® Windows® Operating System Browseui preloader smax4pnp.exe C:\Program Files\Analog Devices\Core\ HKLM\Software\Microsoft\Windows\CurrentVersion\Run 5.2.0.5 SMax4PNP MFC Application / SMax4PNP Application Running SoundMAXPnP igfxtray.exe C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Run 3.0.0.4410 igfxTray Module / Intel(R) Common User Interface igfxtray hkcmd.exe C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Run 3.0.0.4410 hkcmd Module / Intel(R) Common User Interface Running igfxhkcmd igfxpers.exe C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Run 3.0.0.4410 persistence Module / Intel(R) Common User Interface Running igfxpers ipoint.exe C:\Program Files\Microsoft IntelliPoint\ HKLM\Software\Microsoft\Windows\CurrentVersion\Run 5.5.662.0 IPoint.exe / Microsoft IntelliPoint Running IntelliPoint DWTRIG20.EXE C:\Program Files\Common Files\Microsoft Shared\DW\ HKLM\Software\Microsoft\Windows\CurrentVersion\Run 11.0.6555.0 Watson Subscriber for SENS Network Notifications DWPersistentQueuedReporting hpztsb04.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\ HKLM\Software\Microsoft\Windows\CurrentVersion\Run 2.80.0.0 HP DeskJet Running HPDJ Taskbar Utility hphupd05.exe c:\Program Files\Hewlett-Packard\{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}\ HKLM\Software\Microsoft\Windows\CurrentVersion\Run 5.2.3.0 HPHupd05 / HP Photosmart HPHUPD05 hpcmpmgr.exe C:\Program Files\HP\hpcoretech\ HKLM\Software\Microsoft\Windows\CurrentVersion\Run 2.1.1.0 HP Framework Component Manager Service / hp coretech (COmponent REuse TECHnology) Running HP Component Manager hphmon05.exe C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Run 5.2.10.0 HPHmon05 / HP Photosmart Running HPHmon05 HPWuSchd2.exe C:\Program Files\Hewlett-Packard\HP Software Update\ HKLM\Software\Microsoft\Windows\CurrentVersion\Run 50.0.146.0 Hewlett-Packard Product Assistant / hp digital imaging - hp all-in-one series Running HP Software Update fpdisp5a.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\ HKLM\Software\Microsoft\Windows\CurrentVersion\Run 5.46.0.0 FinePrint Running FinePrint Dispatcher v5 DrgToDsc.exe C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\ HKLM\Software\Microsoft\Windows\CurrentVersion\Run 8.0.5.23 Drag To Disc Application / Drag-to-Disc Running RoxioDragToDisc RoxWatchTray.exe C:\Program Files\Common Files\Roxio Shared\SharedCOM8\ HKLM\Software\Microsoft\Windows\CurrentVersion\Run 8.0.5.55 test1 Module / CommonSDK Running RoxWatchTray ISUSPM.exe C:\Program Files\Common Files\InstallShield\UpdateService\ HKLM\Software\Microsoft\Windows\CurrentVersion\Run 3.10.100.1155 InstallShield Update Service Update Manager / InstallShield Update Service ISUSPM Startup issch.exe C:\Program Files\Common Files\InstallShield\UpdateService\ HKLM\Software\Microsoft\Windows\CurrentVersion\Run 3.10.100.1155 InstallShield Update Service Scheduler / InstallShield Update Service Running ISUSScheduler MSASCui.exe C:\Program Files\Windows Defender\ HKLM\Software\Microsoft\Windows\CurrentVersion\Run 1.1.1347.0 Windows Defender User Interface / Windows Defender Running Windows Defender DkIcon.exe C:\Program Files\Diskeeper Corporation\Diskeeper\ HKLM\Software\Microsoft\Windows\CurrentVersion\Run 10.0.608.0 DKICON.EXE / Diskeeper (TM) Disk Defragmenter DiskeeperSystray fppdis2a.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\ HKLM\Software\Microsoft\Windows\CurrentVersion\Run 2.1.0.0 FinePrint pdfFactory Running pdfFactory Pro Dispatcher v2 mmsys.cpl C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2180 Control Panel Drivers Applet / Microsoft® Windows® Operating System Multimedia File Property Sheet icmui.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.0 Microsoft Color Matching System User Interface DLL / Microsoft® Windows® Operating System ICM Scanner Management rshx32.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2180 Security Shell Extension / Microsoft® Windows® Operating System NTFS Security Page docprop.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.0 OLE DocFile Property Page / Microsoft® Windows® Operating System OLE Docfile Property Page ntshrui.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2180 Shell extensions for sharing / Microsoft® Windows® Operating System Shell extensions for sharing themeui.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 6.0.2900.2180 Windows Theme API / Microsoft® Windows® Operating System PlusPack CPL Extension deskadp.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 6.0.2600.0 Advanced display adapter properties / Microsoft® Windows® Operating System Display Adapter CPL Extension deskmon.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 6.0.2600.0 Advanced display monitor properties / Microsoft® Windows® Operating System Display Monitor CPL Extension deskpan.dll HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved Display Panning CPL Extension dssec.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2180 Directory Service Security UI / Microsoft® Windows® Operating System DS Security Page SlayerXP.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2180 Compatibility Tab Shell Extension DLL / Microsoft® Windows® Operating System Compatibility Page shscrap.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2180 Shell scrap object handler / Microsoft® Windows® Operating System Shell Scrap DataHandler diskcopy.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 6.0.2600.0 Windows DiskCopy / Microsoft® Windows® Operating System Disk Copy Extension ntlanui2.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.0 Network object shell UI / Microsoft® Windows® Operating System Shell extensions for Microsoft Windows Network objects printui.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2180 Print UI DLL / Microsoft® Windows® Operating System Web Printer Shell Extension dskquoui.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.0 Windows Shell Disk Quota UI DLL / Microsoft® Windows® Operating System Disk Quota UI syncui.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2180 Windows Briefcase / Microsoft® Windows® Operating System Briefcase hticons.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.0 HyperTerminal Applet Library / Microsoft® Windows® Operating System HyperTerminal Icon Ext fontext.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2180 Windows Font Folder / Microsoft® Windows® Operating System Fonts deskperf.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.0 Advanced display performance properties / Microsoft® Windows® Operating System Display TroubleShoot CPL Extension cryptext.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.131.2600.2180 Crypto Shell Extensions / Microsoft® Windows® Operating System Crypto PKO Extension netshell.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2658 Network Connections Shell / Microsoft® Windows® Operating System Network Connections wiashext.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2180 Imaging Devices Shell Folder UI / Microsoft® Windows® Operating System Scanners Cameras remotepg.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2180 Remote Sessions CPL Extension / Microsoft® Windows® Operating System Remote Sessions CPL Extension wshext.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.6.0.8820 Microsoft (r) Shell Extension for Windows Script Host / Microsoft (r) Windows Script Host Shell extensions for Windows Script Host oledb32.dll C:\Program Files\Common Files\System\Ole DB\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 2.81.1117.0 Microsoft Data Access - OLE DB Core Services / Microsoft Data Access Components Microsoft Data Link mstask.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2180 Task Scheduler interface DLL / Microsoft® Windows® Operating System Tasks Folder Icon Handler shdocvw.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 6.0.2900.2937 Shell Doc Object and Control Library / Microsoft® Windows® Operating System Set Program Access and Defaults wuaucpl.cpl C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.8.0.2469 Automatic Updates Control Panel / Microsoft® Windows® Operating System Auto Update Property Sheet Extension twext.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 6.0.3800.2180 Previous Versions property page / Microsoft® Windows® Operating System Previous Versions Property Page shmedia.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 6.0.2900.2180 Media File Property Extractor Shell Extension / Microsoft® Windows® Operating System Audio Media Properties Handler sendmail.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 6.0.2900.2180 Send Mail / Microsoft® Windows® Operating System Sendmail service occache.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 6.0.2900.2180 Object Control Viewer / Microsoft® Windows® Operating System ActiveX Cache Folder webcheck.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 6.0.2900.2180 Web Site Monitor / Microsoft® Windows® Operating System WebCheck appwiz.cpl C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2180 Shell Application Manager / Microsoft® Windows® Operating System Shell Application Manager shimgvw.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 6.0.2900.2180 Windows Picture and Fax Viewer / Microsoft® Windows® Operating System Shell Image Verbs netplwiz.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2180 Map Network Drives/Network Places Wizard / Microsoft® Windows® Operating System Web Publishing Wizard zipfldr.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 6.0.2900.2180 Compressed (zipped) Folders / Microsoft® Windows® Operating System Compressed (zipped) Folder cdfview.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 6.0.2900.2937 Channel Definition File Viewer / Microsoft® Windows® Operating System Channel File extmgr.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 6.0.2900.2937 Extensions Manager / Microsoft® Windows® Operating System Extensions Manager Folder msieftp.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 6.0.2900.2180 Microsoft Internet Explorer FTP Folder Shell Extension / Microsoft® Windows® Operating System FTP Folders Webview docprop2.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2180 Microsoft DocProp Shell Ext / Microsoft® Windows® Operating System Microsoft DocProp Shell Ext dsquery.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2180 Directory Service Find / Microsoft® Windows® Operating System Directory Query UI dsuiext.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2180 Directory Service Common UI / Microsoft® Windows® Operating System Directory Property UI mydocs.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 6.0.2900.2180 My Documents Folder UI / Microsoft® Windows® Operating System MyDocs Copy Hook cscui.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2180 Client Side Caching UI / Microsoft® Windows® Operating System Offline Files Menu agentpsh.dll C:\WINDOWS\msagent\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 2.0.0.3422 Microsoft Agent Property Sheet Handler Microsoft Agent Character Property Sheet Handler dfsshlex.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2180 Distributed File System shell extension / Microsoft® Windows® Operating System DfsShell photowiz.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.1.2600.2180 Photo Printing Wizard / Microsoft® Windows® Operating System %DESC_PublishDropTarget% mmcshext.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.2.3790.2612 MMC Shell Extension DLL / Microsoft® Windows® Operating System MMC Icon Handler cabview.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 6.0.2900.2180 Cabinet File Viewer Shell Extension / Microsoft® Windows® Operating System .CAB file viewer wabfind.dll C:\Program Files\Outlook Express\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 6.0.2900.2180 Find People / Microsoft® Windows® Operating System For People... wmpshell.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 10.0.0.3802 Windows Media Player Launcher / Microsoft(R) Windows Media Player Windows Media Player Play as Playlist Context Menu Handler ipcplwir.dll C:\Program Files\Microsoft IntelliPoint\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.5.661.0 ipcplwir.dll / Microsoft IntelliPoint IntelliPoint Wireless Control Panel Property Page ipcplwhl.dll C:\Program Files\Microsoft IntelliPoint\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.5.661.0 ipcplwhl.dll / Microsoft IntelliPoint IntelliPoint Wheel Control Panel Property Page ipcplact.dll C:\Program Files\Microsoft IntelliPoint\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.5.661.0 ipcplact.dll / Microsoft IntelliPoint IntelliPoint Activities Control Panel Property Page ipcplbtn.dll C:\Program Files\Microsoft IntelliPoint\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.5.661.0 ipcplbtn.dll / Microsoft IntelliPoint IntelliPoint Buttons Control Panel Property Page w3ext.dll C:\WINDOWS\system32\inetsrv\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 6.0.2600.1 IIS W3ext Module / Internet Information Services IIS Shell Extension WZSHLSTB.DLL C:\Program Files\WinZip\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 4.1.0.0 WinZip Shell Extension DLL / WinZip WinZip MSONSEXT.DLL C:\Program Files\Common Files\Microsoft Shared\Web Folders\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 11.0.5510.0 Microsoft Web Folders / SharePoint Portal Server Web Folders MLSHEXT.DLL C:\Program Files\Microsoft Office\OFFICE11\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 11.0.6550.0 Microsoft Shell Extension Library / Microsoft Office Outlook Microsoft Office Outlook Desktop Icon Handler OLKFSTUB.DLL C:\Program Files\Microsoft Office\OFFICE11\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 11.0.5510.0 Outlook Shell Hook for Start/Find / Microsoft Office Outlook Microsoft Office Outlook Custom Icon Handler MSOHEV.DLL C:\Program Files\Microsoft Office\OFFICE11\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 11.0.5510.0 Microsoft Office 2003 component / Microsoft Office 2003 Microsoft Office HTML Icon Handler dfshim.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 2.0.50727.42 Application Deployment Support Library / Microsoft® .NET Framework ShellLink for Application References Audiodev.dll C:\WINDOWS\system32\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 5.2.3802.3802 Portable Media Devices Shell Extension / Microsoft® Windows® Operating System Portable Media Devices Shellex.dll C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 8.0.5.23 DirectCD Shell Extention DLL / Drag-to-Disc Roxio DragToDisc Shell Extension DC_ShellExt.dll C:\Program Files\Roxio\Easy Media Creator 8\Virtual Drive\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved RXDCExtShlExt extension fsshext.8.0.0812.00.dll C:\Program Files\MSN Messenger\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 8.0.812.0 Messenger File Sharing Shell Extensions / Messenger Messenger Sharing Folders Wcesview.dll C:\Program Files\Microsoft ActiveSync\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 4.2.4876.0 Mobile Devices Shell Extension / Microsoft ActiveSync Mobile Device deskbar.dll C:\Program Files\Windows Desktop Search\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 2.6.5000.5378 Windows Desktop Search Deskbar / Microsoft® Windows® Operating System Windows Deskbar msnlExt.dll C:\Program Files\Windows Desktop Search\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 2.6.5000.5378 Windows Desktop Search Results View / Microsoft® Windows® Operating System Windows Desktop Search OEPH.dll C:\Program Files\Windows Desktop Search\ HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved 2.6.5000.5378 Windows Desktop Search Outlook Express Protocol Handler / Microsoft® Windows® Operating System Windows Desktop Search Outlook Express ISearchFolder Class reader_sl.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\ C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ 7.0.5.172 Adobe Acrobat SpeedLauncher / Adobe Acrobat Adobe Reader Speed Launch.lnk taskmgr.exe C:\WINDOWS\system32\ C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ 5.1.2600.2180 Windows TaskManager / Microsoft® Windows® Operating System Running TakManager.lnk Icon3E5562ED7.ico C:\WINDOWS\Installer\{24C67B54-0718-445E-B663-3138D9246BD1}\ C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ Cisco Systems Inc. VPN Client VPN Client.lnk WindowsSearch.exe C:\Program Files\Windows Desktop Search\ C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ 2.6.5000.5378 Windows Desktop Search Tool Tray Admin / Microsoft® Windows® Operating System Running Search your desktop Windows Desktop Search.lnk AcroIEHelper.dll C:\Program Files\Adobe\Acrobat 7.0\ActiveX\ {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} BHO: Adobe PDF Reader Link Helper Jccatch.dll C:\Program Files\FlashGet\ {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} BHO: IeCatch5 Class dsWebAllow.dll C:\Program Files\Windows Desktop Search\ {2F85D76C-0569-466F-A488-493E6BD0E955} BHO: dsWebAllowBHO Class WindowsLiveLogin.dll C:\Program Files\Common Files\Microsoft Shared\Windows Live\ {9030D464-4C02-4ABF-8ECC-5164760863C6} BHO: Windows Live Sign-in Helper msntb.dll C:\Program Files\Windows Live Toolbar\ {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} BHO: Windows Live Toolbar Helper ----- [Motherboard] --------------------------------------------------------------- Property Value Manufacturer Dell Inc. Model 0F8098 Serial Number ..CN137405C102A3. Chipset Vendor Intel Corporation Chipset Model 945G Processor to I/O Controller South Bridge 82801GB/GR (ICH7 Family) LPC Interface Controller SMBus Intel Corporation 82801G (ICH7 Family) SMBus Controller @E8A0h CPU Intel Pentium D Cpu Socket LGA775 Processor Upgrade ZIF Socket Max CPU Speed 4000 MHz System Slots 2 PCI OnBoard devices Video (Enabled) Intel Graphics Media Accelerator 950 Ethernet (Disabled) Broadcom 5751 NetXtreme Gigabit Controller Sound (Enabled) AC'97 Audio Controller Memory Summary Capacity 3072 MBytes Location System board or motherboard Maximum Capacity 4096 MBytes Memory Slots 4 Error Correction None Name Physical Memory Array Use System memory Warning! Accuracy of DMI data cannot be guaranteed ----- [Memory] ---------------------------------------------- Property Value Memory Summary Capacity 3072 MBytes Location System board or motherboard Maximum Capacity 4096 MBytes Memory Slots 4 Error Correction None Name Physical Memory Array Use System memory Device Locator Slot 1 Manufacturer Micron Technology Part Number 8HTF6464AY-53EB7 Serial Number 752E6FC1 Capacity 512 MBytes Memory Type DDR2 SDRAM Speed DDR2-533 (266 MHz) Data Width 64 bits Voltage SSTL 1.8V Error Correction None Refresh Reduced (.5x)...7.8 µs Manufacturing Date 2005, Week 49 EPP SPD Support No Device Locator Slot 2 Manufacturer Micron Technology Part Number 16HTF12864AY-53EB1 Serial Number 69A5EC1C Capacity 1024 MBytes Memory Type DDR2 SDRAM Speed DDR2-533 (266 MHz) Data Width 64 bits Voltage SSTL 1.8V Error Correction None Refresh Reduced (.5x)...7.8 µs Manufacturing Date 2005, Week 50 EPP SPD Support No Device Locator Slot 3 Manufacturer Micron Technology Part Number 8HTF6464AY-53EB7 Serial Number 752E6FBD Capacity 512 MBytes Memory Type DDR2 SDRAM Speed DDR2-533 (266 MHz) Data Width 64 bits Voltage SSTL 1.8V Error Correction None Refresh Reduced (.5x)...7.8 µs Manufacturing Date 2005, Week 49 EPP SPD Support No Device Locator Slot 4 Manufacturer Micron Technology Part Number 16HTF12864AY-53EB1 Serial Number 69A5EC1E Capacity 1024 MBytes Memory Type DDR2 SDRAM Speed DDR2-533 (266 MHz) Data Width 64 bits Voltage SSTL 1.8V Error Correction None Refresh Reduced (.5x)...7.8 µs Manufacturing Date 2005, Week 50 EPP SPD Support No Warning! Accuracy of DMI data cannot be guaranteed ----- [Open Ports] ---------------------------------------------------------------- Protocol Program [PID] State Local Address Port Remote Address Port Path and File Description [TCP] ServUDaemon.exe [564] LISTENING (2) 0.0.0.0 (GABI) 21 ftp 0.0.0.0 0 C:\Program Files\Serv-U\ServUDaemon.exe Serv-U FTP Server [TCP] inetinfo.exe [1940] LISTENING (2) 0.0.0.0 (GABI) 25 smtp 0.0.0.0 0 C:\WINDOWS\system32\inetsrv\inetinfo.exe Internet Information Services [TCP] inetinfo.exe [1940] LISTENING (2) 0.0.0.0 (GABI) 80 http 0.0.0.0 0 C:\WINDOWS\system32\inetsrv\inetinfo.exe Internet Information Services [TCP] svchost.exe [1168] LISTENING (2) 0.0.0.0 (GABI) 135 epmap 0.0.0.0 0 C:\WINDOWS\system32\svchost.exe Generic Host Process for Win32 Services / Microsoft® Windows® Operating System [TCP] inetinfo.exe [1940] LISTENING (2) 0.0.0.0 (GABI) 443 https 0.0.0.0 0 C:\WINDOWS\system32\inetsrv\inetinfo.exe Internet Information Services [TCP] System [4] LISTENING (2) 0.0.0.0 (GABI) 445 microsoft-ds 0.0.0.0 0 [TCP] rapimgr.exe [3384] LISTENING (2) 0.0.0.0 (GABI) 990 0.0.0.0 0 C:\Program Files\Microsoft ActiveSync\rapimgr.exe ActiveSync RAPI Manager / Microsoft ActiveSync [TCP] inetinfo.exe [1940] LISTENING (2) 0.0.0.0 (GABI) 1027 0.0.0.0 0 C:\WINDOWS\system32\inetsrv\inetinfo.exe Internet Information Services [TCP] svchost.exe [1084] LISTENING (2) 0.0.0.0 (GABI) 3389 0.0.0.0 0 C:\WINDOWS\system32\svchost.exe Generic Host Process for Win32 Services / Microsoft® Windows® Operating System [TCP] vssrvc.exe [828] LISTENING (2) 0.0.0.0 (GABI) 5900 0.0.0.0 0 C:\Program Files\Microsoft Virtual Server\vssrvc.exe Virtual Server 2005 R2 SP1 Service / Microsoft Virtual Server 2005 R2 SP1 [TCP] DkService.exe [1876] LISTENING (2) 0.0.0.0 (GABI) 31038 0.0.0.0 0 C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe DKSERVICE.EXE / Diskeeper (TM) Disk Defragmenter [TCP] System [4] LISTENING (2) 10.160.0.30 (gabi) 139 netbios-ssn 0.0.0.0 0 [TCP] alg.exe [2416] LISTENING (2) 127.0.0.1 (localhost) 1028 0.0.0.0 0 C:\WINDOWS\system32\alg.exe Application Layer Gateway Service / Microsoft® Windows® Operating System [TCP] vpngui.exe [3624] ESTABLISHED (5) 127.0.0.1 (localhost) 2143 127.0.0.1 (localhost) 62514 C:\Program Files\Cisco Systems\VPN Client\vpngui.exe Cisco Systems VPN Client [TCP] wcescomm.exe [3308] LISTENING (2) 127.0.0.1 (localhost) 5679 0.0.0.0 0 C:\Program Files\Microsoft ActiveSync\wcescomm.exe ActiveSync Connection Manager / Microsoft ActiveSync [TCP] wcescomm.exe [3308] LISTENING (2) 127.0.0.1 (localhost) 7438 0.0.0.0 0 C:\Program Files\Microsoft ActiveSync\wcescomm.exe ActiveSync Connection Manager / Microsoft ActiveSync [TCP] ServUDaemon.exe [564] LISTENING (2) 127.0.0.1 (localhost) 43958 0.0.0.0 0 C:\Program Files\Serv-U\ServUDaemon.exe Serv-U FTP Server [TCP] cvpnd.exe [1860] LISTENING (2) 127.0.0.1 (localhost) 62514 0.0.0.0 0 C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe Cisco Systems VPN Client [TCP] cvpnd.exe [1860] ESTABLISHED (5) 127.0.0.1 (localhost) 62514 127.0.0.1 (localhost) 2143 C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe Cisco Systems VPN Client [TCP] System [4] LISTENING (2) 192.168.2.221 (gabi) 139 netbios-ssn 0.0.0.0 0 [TCP] msnmsgr.exe [3276] ESTABLISHED (5) 192.168.2.221 (gabi) 2445 207.46.111.43 (by2msg2204711.phx.gbl) 1863 C:\Program Files\MSN Messenger\msnmsgr.exe Messenger [TCP] msnmsgr.exe [3276] CLOSE_WAIT (8) 192.168.2.221 (gabi) 2451 207.61.132.11 80 http C:\Program Files\MSN Messenger\msnmsgr.exe Messenger [TCP] msnmsgr.exe [3276] CLOSE_WAIT (8) 192.168.2.221 (gabi) 2452 207.61.132.11 80 http C:\Program Files\MSN Messenger\msnmsgr.exe Messenger [TCP] msnmsgr.exe [3276] CLOSE_WAIT (8) 192.168.2.221 (gabi) 2455 207.61.132.33 80 http C:\Program Files\MSN Messenger\msnmsgr.exe Messenger [TCP] msnmsgr.exe [3276] CLOSE_WAIT (8) 192.168.2.221 (gabi) 2456 207.61.132.33 80 http C:\Program Files\MSN Messenger\msnmsgr.exe Messenger [TCP] [System Process] [0] TIME_WAIT (11) 192.168.2.221 (gabi) 4309 209.226.175.83 110 pop3 [TCP] [System Process] [0] TIME_WAIT (11) 192.168.2.221 (gabi) 4310 217.156.85.38 (mail.easynet.ro) 110 pop3 [TCP] [System Process] [0] TIME_WAIT (11) 192.168.2.221 (gabi) 4311 68.142.224.70 (pop1.biz.mail.vip.re2.yahoo.com) 110 pop3 [TCP] [System Process] [0] TIME_WAIT (11) 192.168.2.221 (gabi) 4312 68.142.224.70 (pop1.biz.mail.vip.re2.yahoo.com) 110 pop3 [TCP] [System Process] [0] TIME_WAIT (11) 192.168.2.221 (gabi) 4313 68.142.224.70 (pop1.biz.mail.vip.re2.yahoo.com) 110 pop3 [TCP] [System Process] [0] TIME_WAIT (11) 192.168.2.221 (gabi) 4314 209.226.175.83 110 pop3 [TCP] [System Process] [0] TIME_WAIT (11) 192.168.2.221 (gabi) 4315 217.156.85.38 (mail.easynet.ro) 110 pop3 [TCP] [System Process] [0] TIME_WAIT (11) 192.168.2.221 (gabi) 4316 68.142.224.70 (pop1.biz.mail.vip.re2.yahoo.com) 110 pop3 [TCP] [System Process] [0] TIME_WAIT (11) 192.168.2.221 (gabi) 4317 68.142.224.70 (pop1.biz.mail.vip.re2.yahoo.com) 110 pop3 [TCP] [System Process] [0] TIME_WAIT (11) 192.168.2.221 (gabi) 4318 68.142.224.70 (pop1.biz.mail.vip.re2.yahoo.com) 110 pop3 [UDP] System [4] 0.0.0.0 (GABI) 445 microsoft-ds 0.0.0.0 0 [UDP] cvpnd.exe [1860] 0.0.0.0 (GABI) 500 isakmp 0.0.0.0 0 C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe Cisco Systems VPN Client [UDP] msnmsgr.exe [3276] 0.0.0.0 (GABI) 1033 0.0.0.0 0 C:\Program Files\MSN Messenger\msnmsgr.exe Messenger [UDP] svchost.exe [1356] 0.0.0.0 (GABI) 1034 0.0.0.0 0 C:\WINDOWS\system32\svchost.exe Generic Host Process for Win32 Services / Microsoft® Windows® Operating System [UDP] svchost.exe [1356] 0.0.0.0 (GABI) 1044 0.0.0.0 0 C:\WINDOWS\system32\svchost.exe Generic Host Process for Win32 Services / Microsoft® Windows® Operating System [UDP] msnmsgr.exe [3276] 0.0.0.0 (GABI) 2450 0.0.0.0 0 C:\Program Files\MSN Messenger\msnmsgr.exe Messenger [UDP] inetinfo.exe [1940] 0.0.0.0 (GABI) 3456 0.0.0.0 0 C:\WINDOWS\system32\inetsrv\inetinfo.exe Internet Information Services [UDP] svchost.exe [1356] 0.0.0.0 (GABI) 3680 0.0.0.0 0 C:\WINDOWS\system32\svchost.exe Generic Host Process for Win32 Services / Microsoft® Windows® Operating System [UDP] svchost.exe [1356] 0.0.0.0 (GABI) 3786 0.0.0.0 0 C:\WINDOWS\system32\svchost.exe Generic Host Process for Win32 Services / Microsoft® Windows® Operating System [UDP] svchost.exe [1356] 0.0.0.0 (GABI) 3789 0.0.0.0 0 C:\WINDOWS\system32\svchost.exe Generic Host Process for Win32 Services / Microsoft® Windows® Operating System [UDP] svchost.exe [1356] 0.0.0.0 (GABI) 3790 0.0.0.0 0 C:\WINDOWS\system32\svchost.exe Generic Host Process for Win32 Services / Microsoft® Windows® Operating System [UDP] cvpnd.exe [1860] 0.0.0.0 (GABI) 4500 0.0.0.0 0 C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe Cisco Systems VPN Client [UDP] svchost.exe [1248] 10.160.0.30 (gabi) 123 ntp 0.0.0.0 0 C:\WINDOWS\system32\svchost.exe Generic Host Process for Win32 Services / Microsoft® Windows® Operating System [UDP] System [4] 10.160.0.30 (gabi) 137 netbios-ns 0.0.0.0 0 [UDP] System [4] 10.160.0.30 (gabi) 138 netbios-dgm 0.0.0.0 0 [UDP] svchost.exe [1392] 10.160.0.30 (gabi) 1900 0.0.0.0 0 C:\WINDOWS\system32\svchost.exe Generic Host Process for Win32 Services / Microsoft® Windows® Operating System [UDP] msnmsgr.exe [3276] 10.160.0.30 (gabi) 9243 0.0.0.0 0 C:\Program Files\MSN Messenger\msnmsgr.exe Messenger [UDP] msnmsgr.exe [3276] 10.160.0.30 (gabi) 23100 0.0.0.0 0 C:\Program Files\MSN Messenger\msnmsgr.exe Messenger [UDP] msnmsgr.exe [3276] 10.160.0.30 (gabi) 34052 0.0.0.0 0 C:\Program Files\MSN Messenger\msnmsgr.exe Messenger [UDP] svchost.exe [1248] 127.0.0.1 (localhost) 123 ntp 0.0.0.0 0 C:\WINDOWS\system32\svchost.exe Generic Host Process for Win32 Services / Microsoft® Windows® Operating System [UDP] msnmsgr.exe [3276] 127.0.0.1 (localhost) 1035 0.0.0.0 0 C:\Program Files\MSN Messenger\msnmsgr.exe Messenger [UDP] svchost.exe [1392] 127.0.0.1 (localhost) 1900 0.0.0.0 0 C:\WINDOWS\system32\svchost.exe Generic Host Process for Win32 Services / Microsoft® Windows® Operating System [UDP] OUTLOOK.EXE [4112] 127.0.0.1 (localhost) 3389 0.0.0.0 0 C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE Microsoft Office Outlook [UDP] IEXPLORE.EXE [5560] 127.0.0.1 (localhost) 4224 0.0.0.0 0 C:\Program Files\Internet Explorer\IEXPLORE.EXE Internet Explorer / Microsoft® Windows® Operating System [UDP] cvpnd.exe [1860] 127.0.0.1 (localhost) 62514 0.0.0.0 0 C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe Cisco Systems VPN Client [UDP] msnmsgr.exe [3276] 192.168.2.221 (gabi) 9 discard 0.0.0.0 0 C:\Program Files\MSN Messenger\msnmsgr.exe Messenger [UDP] svchost.exe [1248] 192.168.2.221 (gabi) 123 ntp 0.0.0.0 0 C:\WINDOWS\system32\svchost.exe Generic Host Process for Win32 Services / Microsoft® Windows® Operating System [UDP] System [4] 192.168.2.221 (gabi) 137 netbios-ns 0.0.0.0 0 [UDP] System [4] 192.168.2.221 (gabi) 138 netbios-dgm 0.0.0.0 0 [UDP] svchost.exe [1392] 192.168.2.221 (gabi) 1900 0.0.0.0 0 C:\WINDOWS\system32\svchost.exe Generic Host Process for Win32 Services / Microsoft® Windows® Operating System [UDP] msnmsgr.exe [3276] 192.168.2.221 (gabi) 8278 0.0.0.0 0 C:\Program Files\MSN Messenger\msnmsgr.exe Messenger [UDP] msnmsgr.exe [3276] 192.168.2.221 (gabi) 48927 0.0.0.0 0 C:\Program Files\MSN Messenger\msnmsgr.exe Messenger [UDP] msnmsgr.exe [3276] 192.168.2.221 (gabi) 50563 0.0.0.0 0 C:\Program Files\MSN Messenger\msnmsgr.exe Messenger Summary Log file SIW-TXT-REPORT.TXT was created successfully Total Time: 1 seconds