please help VIRUS see Hijack this - Need advice for windows

please,i would appreciate any help/advice on what to do to clean up my slowing laptop, and need help removing whatever virus or malware or whatever is there, and if possible more info about how to avoid this.


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:43:23 PM, on 7/14/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PayPal\PayPal Plug-In\RBroker.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: OToolbarHelper Class - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll
O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O3 - Toolbar: PayPal Plug-In - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: Justin.tv Publisher - http://www.justin.tv/plugins/justintv_publisher.CAB
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: gearsec - GEAR Software - C:\Windows\system32\gearsec.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7170 bytes

I don't see anything there that would be causing you any problems at all. Did you run a Scanner like Spyware Doctor or something like that?

Did you run your ESET Smart Security? What are the results?

Hi, thanks for the response, I appreciate it so much.

I have spybot search and destroy installed, as well as ad-aware. scans with both come up with nothing.

Do you suggest I run a scan with spyware doctor? I can do it if you think its a better program.

I ran eset, but it identifies keygens (there are quite a few) and i am not sure how to make it not quarantine or make changes to the program when it scans. Bunch of programs dont work after eset scan.

Wow so I guess I am just paranoid. Thats interesting, thank you for your input on that, and taking the time to help me.

I have a couple more questions, if you have time to answer them, that would be wonderful.

Is there a way for me to know if and when someone accesses my webcam without my knowledge?

Someone told me to go to my event viewer, and to the security tab, to see a log of when people have changed something in my computer. Is it true that the "audit failed"s are when people tried to access and make changes to my computer?

I know I am not just paranoid about etting my private pictures taken from my computer lately, I have found them posted in various places on the web, by searching for them by filename. it appears to me to be a bot posting them, but a lot of the pages are in other languages.

Is there anything else you can tell me?

I don't know if Spyware Doctor is the better program, but it has found a number of stuff that Spyware S & D or Ad-Aware haven't found. THe only problem with Spyware Doctor is that it is not for free if you intend to remove something with it... but it will scan your computer and give you the results for free.

You could do it, make a screenshot of the results, and then post the screenshot here with the results, if there are any... or maybe you're just paranoid.

About those images you have of you on other sites... they could have being retrieved from the storage facilities you have given them too...

And I don't know about those questions... I'm sure though that there are some people on ozzu that would be of good assistance there.

Hi again, I downloaded spyware doctor free. It found this:

http://s255.photobucket.com/albums/hh13 ... esults.jpg

backdoor looks to have come from an irc attack, like i thought.

what do i do now?? pleaase help!

also need to know if there is a way i can find out if and when someone is accessing my webcams without my knowlege.

thanks again,
angela

thanks

Can you do that again and get a bigger picture? I don't have a magnifying glass at the moment

I can't help you at the moment since I can't read anything in that image and it doesn't look like there is any way to get the picture to get bigger... downloading it would still result in that small image and there doesn't seem to be an option to see it in full view.

oh oooops sorry I feel silly now. I dont even know how to do this right.... but i think i got it now. one of these should work...




hopefully you can see what i am referring to, the last line about backdoor.rbot!ct

the program file it is in is a program i use, jasc, but i do not use that particular photo program. i only have installed jasc paintshop pro. the backdoor refers to a jasc photo program that i dont think i have installed.

thanks for being so patient with me, youre awesome!!

Keep in mind that Spyware Doctor is selling a product. They want you to think you need to purchase their software. Wouldn't be the first false-positive bait scheme I've ever seen.

good point. i really believe someone got into my computer though. i angered someone on mIRC and suddenly my laptop is acting funny.

If you've already used spybot S&D and adaware, try the product at malwarebytes.org. It's highly recommended by a few guys here that I trust. If you still think someone could be accessing your machine, then get a good firewall solution, a good AV scanner, and let us know what the curious behaviors are that you find suspect.

thank you, I downloaded malwarebytes and ran a scan.
it found something in my registry but it looked like an error... i had the program fix it.
i thought i had copied the screen shot but i was in a hurry. after the fix, i noticed my clipboard was empty. so, likely by my own fault i still dont know if i had a problem or it was even fixed or not, because i dont know what to refer to now...

I am still trying to figure out if there is a way for me to know if and when someone is accessing my webcam.

i know it is possible because i work on a webcam site and people are supposed to pay for it, at certain times, and they have described what i was doing in private paid chat when they shouldnt have been able to see it. is that a result of the lack of security for the site i work for? or is it the actual webcam expoit? apparently a lot of hackers know about this program to see anyones webcam at any time. i would love more info related to this topic, and info on how to protect myself against this. Even just being able to tell if someone is accessing it.

i just need some advice.
someone please help me.

i will post the symptoms that lead me to believe someone is accessing my laptop, when i am able to tell if it is still happening. i am hoping maybe the problem is fixed? .... :/

i am sorry for all the questions and for jumping around between subjects, but i need to know some stuff because not knowing can be dangerous and also if you dont ask you will never know! And I know how to use google and I read a lot and try to figure things out on my own before i ask.
i really appreciate your help.
thanks in advance....

Malwarebytes' Anti-Malware 1.39
Database version: 2481
Windows 6.0.6001 Service Pack 1

7/22/2009 1:34:53 PM
mbam-log-2009-07-22 (13-34-39).txt

Scan type: Quick Scan
Objects scanned: 81434
Time elapsed: 4 minute(s), 36 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

If they're accessing via webcam, there's probably a hole in your site's access system or software. Have a look at this quick Google search, for instance.

Now I purchased a new hard drive after i dropped my laptop and the hard drive started making noises. it is still accessable so i thought it would be good to change it out for a bigger one. so i did and i didnt make vista recovery discs, but i am going to put the old drive back in and do that (discless install originally) anyways, as the old drive has viruses on it, i installed what i thought was a good copy on a disc from someone i thought was knowledgeable about computers enough to know what they were giving me was legit.

so i install it and now i am running some version of vista that i have never seen anything like before, and i think someone is accessing it remotely, theyve installed some keylogging crap (because when start to type, the cursor jumps to the left 5 keys or to the previous field) but i only suspect some real bad things are going on because i think i recognize the words as red flags, and thats the extent of my knowledge, i dont know what to do beyond that.

i have it all set up on this os the way i want, all my programs are ready to go, and some i dont have discs for anymore... it would be a pain but i can wipe it all out and start over with legit recovery discs from my old drive, but i want to avoid that if possible. the thing is, i think if its possible, this version of vista is unuseable, somehow it has my settings so i cant change them.

the menu to log off has changed. now there is no "restart" and i must log off and then restart. and sometimes it asks me if i want to log off when i turn it off, because there are other users logged into my computer!!! I am the only one who should be.

i have a svchost.exe that doesnt run in safe mode that takes up around 58,000 k all the time. i have created memory dump files, which i have tried to attach but couldnt.

two files appeared in my user file, which are hidden and they are not deleteable and they are called ntuser.dat.LOG1 and ntuser.dat.LOG2

it has placed my computer into a business workgroup and even called it WORKGROUP and i cannot change it. it sets itself back to that on reboot.

i think its happening during reboot. i did a pre-boot scan using avast and avast found viruses in some downloads of mine, but this behavior and problems i am describing started long before anything was downloaded.

i have even had my screen resetting a lot, and at one point, i could see an icon under my start button.

i dont know if anyone can tell me what is going on, at this point i have been troubleshooting and learning and would like to know i am not crazy, theres also a lanman service popping up, printer spooler... all bad things from what I know, am I right?

here are some logs from different tools i have run...

Process PID CPU Description Company Name
System Idle Process 0 98.66
Interrupts n/a Hardware Interrupts
DPCs n/a Deferred Procedure Calls
System 4
smss.exe 456 Windows Session Manager Microsoft Corporation
csrss.exe 524 Client Server Runtime Process Microsoft Corporation
wininit.exe 576 Windows Start-Up Application Microsoft Corporation
services.exe 624 Services and Controller app Microsoft Corporation
svchost.exe 820 Host Process for Windows Services Microsoft Corporation
nvvsvc.exe 876 NVIDIA Driver Helper Service, Version 177.13 NVIDIA Corporation
rundll32.exe 1384 Windows host process (Rundll32) Microsoft Corporation
svchost.exe 904 Host Process for Windows Services Microsoft Corporation
svchost.exe 940 Host Process for Windows Services Microsoft Corporation
svchost.exe 1024 Host Process for Windows Services Microsoft Corporation
audiodg.exe 1248 Windows Audio Device Graph Isolation Microsoft Corporation
svchost.exe 1092 Host Process for Windows Services Microsoft Corporation
dwm.exe 532 Desktop Window Manager Microsoft Corporation
svchost.exe 1136 Host Process for Windows Services Microsoft Corporation
taskeng.exe 464 Task Scheduler Engine Microsoft Corporation
taskeng.exe 888 Task Scheduler Engine Microsoft Corporation
svchost.exe 1276 Host Process for Windows Services Microsoft Corporation
SLsvc.exe 1300 Microsoft Software Licensing Service Microsoft Corporation
svchost.exe 1348 Host Process for Windows Services Microsoft Corporation
svchost.exe 1560 Host Process for Windows Services Microsoft Corporation
aswUpdSv.exe 1696 avast! Antivirus updating service ALWIL Software
ashServ.exe 1708 avast! antivirus service ALWIL Software
svchost.exe 1900 Host Process for Windows Services Microsoft Corporation
AppleMobileDeviceService.exe 1676 Apple Mobile Device Service Apple Inc.
mDNSResponder.exe 744 Bonjour Service Apple Inc.
iPodService.exe 1556 iPodService Module Apple Inc.
svchost.exe 2072 Host Process for Windows Services Microsoft Corporation
svchost.exe 2184 Host Process for Windows Services Microsoft Corporation
svchost.exe 2224 Host Process for Windows Services Microsoft Corporation
SearchIndexer.exe 2276 Microsoft Windows Search Indexer Microsoft Corporation
XAudio.exe 2460 Modem Audio Service Conexant Systems, Inc.
SDWinSec.exe 2648 Spybot-S&D Security Center integration Safer Networking Ltd.
ashMaiSv.exe 2952 avast! e-Mail Scanner Service ALWIL Software
ashWebSv.exe 2996 avast! Web Scanner ALWIL Software
lsass.exe 672 Local Security Authority Process Microsoft Corporation
lsm.exe 684 Local Session Manager Service Microsoft Corporation
csrss.exe 588 Client Server Runtime Process Microsoft Corporation
winlogon.exe 648 Windows Logon Application Microsoft Corporation
explorer.exe 828 Windows Explorer Microsoft Corporation
ashDisp.exe 1400 avast! service GUI component ALWIL Software
wmpnscfg.exe 3348 Windows Media Player Network Sharing Service Configuration Application Microsoft Corporation
iTunes.exe 3676 iTunes Apple Inc.
AppleMobileDeviceHelper.exe 3024 AppleMobileDeviceHelper
distnoted.exe 1828 distnoted.exe
firefox.exe 3848 Firefox Mozilla Corporation
AutoRun.exe 3460
taskmgr.exe 2068 Windows Task Manager Microsoft Corporation
PROCEXP.EXE 2284 Sysinternals Process Explorer Sysinternals

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
+ C:\Windows\system32\userinit.exe Userinit Logon Application Microsoft Corporation c:\windows\system32\userinit.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
+ explorer.exe Windows Explorer Microsoft Corporation c:\windows\explorer.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
+ avast! avast! service GUI component ALWIL Software c:\program files\alwil software\avast4\ashdisp.exe
HKLM\SOFTWARE\Classes\Protocols\Filter
+ application/octet-stream Microsoft .NET Runtime Execution Engine Microsoft Corporation c:\windows\system32\mscoree.dll
+ application/x-complus Microsoft .NET Runtime Execution Engine Microsoft Corporation c:\windows\system32\mscoree.dll
+ application/x-msdownload Microsoft .NET Runtime Execution Engine Microsoft Corporation c:\windows\system32\mscoree.dll
+ deflate OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
+ gzip OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
HKLM\SOFTWARE\Classes\Protocols\Handler
+ about Microsoft (R) HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll
+ cdl OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
+ dvd ActiveX control for streaming video Microsoft Corporation c:\windows\system32\msvidctl.dll
+ file OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
+ ftp OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
+ http OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
+ https OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
+ its Microsoft® InfoTech Storage System Library Microsoft Corporation c:\windows\system32\itss.dll
+ javascript Microsoft (R) HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll
+ local OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
+ mailto Microsoft (R) HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll
+ mhtml Microsoft Internet Messaging API Resources Microsoft Corporation c:\windows\system32\inetcomm.dll
+ mk OLE32 Extensions for Win32 Microsoft Corporation c:\windows\system32\urlmon.dll
+ ms-its Microsoft® InfoTech Storage System Library Microsoft Corporation c:\windows\system32\itss.dll
+ res Microsoft (R) HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll
+ tv ActiveX control for streaming video Microsoft Corporation c:\windows\system32\msvidctl.dll
+ vbscript Microsoft (R) HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
+ Browser Customizations IEAK branding Microsoft Corporation c:\windows\system32\iedkcs32.dll
+ Microsoft Windows Mail 7 Windows Mail Microsoft Corporation c:\program files\windows mail\winmail.exe
+ Microsoft Windows Media Player Microsoft Windows Media Player Setup Utility Microsoft Corporation c:\windows\system32\unregmp2.exe
+ Microsoft Windows Media Player Microsoft Windows Media Player Setup Utility Microsoft Corporation c:\windows\system32\unregmp2.exe
+ Themes Setup Microsoft(C) Register Server Microsoft Corporation c:\windows\system32\regsvr32.exe
+ Windows Desktop Update Microsoft(C) Register Server Microsoft Corporation c:\windows\system32\regsvr32.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
+ &Address Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ &Links Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ .CAB file viewer Cabinet File Viewer Shell Extension Microsoft Corporation c:\windows\system32\cabview.dll
+ .contact shell extension handler Microsoft (R) Contacts DLL Microsoft Corporation c:\program files\common files\system\wab32.dll
+ .cpl, .dll, .exe, .ocx, .rll or .sys files Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
+ .fon, .otf, .ttc or .ttf files Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
+ .group shell extension handler Microsoft (R) Contacts DLL Microsoft Corporation c:\program files\common files\system\wab32.dll
+ ActiveX Cache Folder Object Control Viewer Microsoft Corporation c:\windows\system32\occache.dll
+ Add New Hardware Add Hardware Wizard Microsoft Corporation c:\windows\system32\hdwwiz.exe
+ Address EditBox Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ Administrative Tools Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ Alphabetical Categorizer Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
+ Audio Media Properties Handler Media Metadata Handler Microsoft Corporation c:\windows\system32\mediametadatahandler.dll
+ avast avast! Shell Extension ALWIL Software c:\program files\alwil software\avast4\ashshell.dll
+ BandProxy Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ BitLocker Drive Encryption CPL Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ Briefcase Windows Briefcase Microsoft Corporation c:\windows\system32\syncui.dll
+ Client application shell extension Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
+ Client Side Cache Namespace Extension MSSearch Vista Platform Microsoft Corporation c:\windows\system32\mssvp.dll
+ Code Download Agent Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll
+ Color Control Panel Applet Microsoft Color Control Panel Microsoft Corporation c:\windows\system32\colorcpl.exe
+ Command Folder Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
+ Common Places Folder Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ Compatibility Property Page Compatibility Tab Shell Extension Library Microsoft Corporation c:\windows\system32\acppage.dll
+ Compressed (zipped) Folder Compressed (zipped) Folders Microsoft Corporation c:\windows\system32\zipfldr.dll
+ Compressed (zipped) Folder Context Menu Compressed (zipped) Folders Microsoft Corporation c:\windows\system32\zipfldr.dll
+ Compressed (zipped) Folder Drop Handler Compressed (zipped) Folders Microsoft Corporation c:\windows\system32\zipfldr.dll
+ Compressed (zipped) Folder Right Drag Handler Compressed (zipped) Folders Microsoft Corporation c:\windows\system32\zipfldr.dll
+ Compressed (zipped) Folder SendTo Target Compressed (zipped) Folders Microsoft Corporation c:\windows\system32\zipfldr.dll
+ Computers and Devices Network Explorer Microsoft Corporation c:\windows\system32\networkexplorer.dll
+ contact_wab_auto_file Microsoft (R) Contacts DLL Microsoft Corporation c:\program files\common files\system\wab32.dll
+ Control Panel Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
+ Control Panel command object for Start menu Windows Control Panel Microsoft Corporation c:\windows\system32\control.exe
+ Crypto PKO Extension Crypto Shell Extensions Microsoft Corporation c:\windows\system32\cryptext.dll
+ Crypto Sign Extension Crypto Shell Extensions Microsoft Corporation c:\windows\system32\cryptext.dll
+ Custom MRU AutoCompleted List Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ Darwin App Publisher Shell Application Manager Microsoft Corporation c:\windows\system32\appwiz.cpl
+ Default Programs command object for Start menu Windows Control Panel Microsoft Corporation c:\windows\system32\control.exe
+ Desktop Shortcut Send Mail Microsoft Corporation c:\windows\system32\sendmail.dll
+ Device Manager Device Manager MMC Snapin Microsoft Corporation c:\windows\system32\devmgr.dll
+ DfsShell.DfsShell Property Sheet Distributed File System shell extension Microsoft Corporation c:\windows\system32\dfsshlex.dll
+ Directory Context Menu Verbs Directory Service Common UI Microsoft Corporation c:\windows\system32\dsuiext.dll
+ Directory Object Find Directory Service Find Microsoft Corporation c:\windows\system32\dsquery.dll
+ Directory Property UI Directory Service Common UI Microsoft Corporation c:\windows\system32\dsuiext.dll
+ Directory Query UI Directory Service Find Microsoft Corporation c:\windows\system32\dsquery.dll
+ Directory Start/Search Find Directory Service Find Microsoft Corporation c:\windows\system32\dsquery.dll
+ Disk Copy Extension Windows DiskCopy Microsoft Corporation c:\windows\system32\diskcopy.dll
+ Disk Quota UI Windows Shell Disk Quota UI DLL Microsoft Corporation c:\windows\system32\dskquoui.dll
+ Display Adapter CPL Extension Advanced display adapter properties Microsoft Corporation c:\windows\system32\deskadp.dll
+ Display Monitor CPL Extension Advanced display monitor properties Microsoft Corporation c:\windows\system32\deskmon.dll
+ Display TroubleShoot CPL Extension Advanced display performance properties Microsoft Corporation c:\windows\system32\deskperf.dll
+ DropTarget Object for Photo Printing Wizard Photo Printing Wizard Microsoft Corporation c:\windows\system32\photowiz.dll
+ DS Security Page Directory Service Security UI Microsoft Corporation c:\windows\system32\dssec.dll
+ E-mail Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ EMDFileProperties ReadyBoost Service Microsoft Corporation c:\windows\system32\emdmgmt.dll
+ Enhanced Storage Data Source Windows Enhanced Storage Shell Extension Microsoft Corporation c:\windows\system32\ehstorshell.dll
+ Execute Folder ExplorerFrame Microsoft Corporation c:\windows\system32\explorerframe.dll
+ Explorer Browser Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
+ Explorer Navigation Bar Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ Explorer Search Band Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ Explorer Travel Band Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ File Backup Index Microsoft® Windows Backup Shell Extension Microsoft Corporation c:\windows\system32\sdshext.dll
+ File Open Dialog Common Dialogs DLL Microsoft Corporation c:\windows\system32\comdlg32.dll
+ File Save Dialog Common Dialogs DLL Microsoft Corporation c:\windows\system32\comdlg32.dll
+ Folder Options Windows host process (Rundll32) Microsoft Corporation c:\windows\system32\rundll32.exe
+ Fonts Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ For &People... Find People Microsoft Corporation c:\program files\windows mail\wabfind.dll
+ FTP Folders Webview Microsoft Internet Explorer FTP Folder Shell Extension Microsoft Corporation c:\windows\system32\msieftp.dll
+ Games Folder Games Explorer Microsoft Corporation c:\windows\system32\gameux.dll
+ GameUX.RichGameMediaThumbnail Games Explorer Microsoft Corporation c:\windows\system32\gameux.dll
+ Get Programs Online Windows host process (Rundll32) Microsoft Corporation c:\windows\system32\rundll32.exe
+ Global Folder Settings Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ group_wab_auto_file Microsoft (R) Contacts DLL Microsoft Corporation c:\program files\common files\system\wab32.dll
+ Help and Support Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ Help and Support Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ History Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ HTML Document Microsoft (R) HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll
+ ICC Profile Microsoft Color Control Panel Microsoft Corporation c:\windows\system32\colorui.dll
+ ICM Monitor Management Microsoft Color Control Panel Microsoft Corporation c:\windows\system32\colorui.dll
+ ICM Printer Management Microsoft Color Control Panel Microsoft Corporation c:\windows\system32\colorui.dll
+ ICM Scanner Management Microsoft Color Control Panel Microsoft Corporation c:\windows\system32\colorui.dll
+ IE AutoComplete Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IE BandProxy Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IE Custom MRU AutoCompleted List Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IE Fade Task Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IE History and Feeds Shell Data Source for Windows Search Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IE IShellFolderBand Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IE Menu Band Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IE Menu Desk Bar Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IE Menu Site Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IE Microsoft BrowserBand Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IE Microsoft History AutoComplete List Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IE Microsoft Multiple AutoComplete List Container Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IE Microsoft Shell Folder AutoComplete List Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IE MRU AutoComplete List Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IE Navigation Bar Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IE Registry Tree Options Utility Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IE RSS Feeder Folder Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IE Search Band Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IE Shell Band Site Menu Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IE Shell Rebar BandSite Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IE Tracking Shell Menu Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IGD Property Sheet Handler Internet Gateway Device properties Microsoft Corporation c:\windows\system32\icsigd.dll
+ In-pane search Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ Install New Programs Shell Application Manager Microsoft Corporation c:\windows\system32\appwiz.cpl
+ Installed Updates Shell Application Manager Microsoft Corporation c:\windows\system32\appwiz.cpl
+ Internet Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ Internet Name Space Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ InternetShortcut Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ IPropertyStore Handler for Images Photo Metadata Handler Microsoft Corporation c:\windows\system32\photometadatahandler.dll
+ iSCSI Initiator Microsoft iSCSI Initiator Configuration Tool Microsoft Corporation c:\windows\system32\iscsicpl.exe
+ iTunes iTunes Mini Player DLL Apple Inc. c:\program files\itunes\itunesminiplayer.dll
+ Layout Folder Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
+ Mail Service Send Mail Microsoft Corporation c:\windows\system32\sendmail.dll
+ Manage Wireless Networks Wireless Preferred Networks Microsoft Corporation c:\windows\system32\wlanpref.dll
+ MAPI Search Namespace Extension MSSearch Vista Platform Microsoft Corporation c:\windows\system32\mssvp.dll
+ Microsoft Agent Character Property Sheet Handler Microsoft Agent Property Sheet Handler Microsoft Corporation c:\windows\msagent\agentpsh.dll
+ Microsoft AutoComplete Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ Microsoft Breadcrumb Bar Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ Microsoft BrowserBand Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ Microsoft CommBand Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ Microsoft Data Link OLE DB Core Services Microsoft Corporation c:\program files\common files\system\ole db\oledb32.dll
+ Microsoft History AutoComplete List Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ Microsoft Internet Toolbar Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ Microsoft Multiple AutoComplete List Container Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ Microsoft Power Options Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ Microsoft Shell Folder AutoComplete List Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ Microsoft Url History Service Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ Microsoft Url Search Hook Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ Microsoft Web Browser Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ Microsoft Windows Font File Context Menu Handler Windows Font Folder Microsoft Corporation c:\windows\system32\fontext.dll
+ Microsoft Windows Font File Icon Handler Windows Font Folder Microsoft Corporation c:\windows\system32\fontext.dll
+ Microsoft Windows Font Folder Windows Font Folder Microsoft Corporation c:\windows\system32\fontext.dll
+ Microsoft Windows Font Previewer Windows Font Folder Microsoft Corporation c:\windows\system32\fontext.dll
+ Microsoft Windows Mail Html Preview Handler Microsoft Internet Messaging API Resources Microsoft Corporation c:\windows\system32\inetcomm.dll
+ Microsoft Windows Mail Html Preview Handler Microsoft Internet Messaging API Resources Microsoft Corporation c:\windows\system32\inetcomm.dll
+ Microsoft Windows Mail Html Preview Handler Microsoft Internet Messaging API Resources Microsoft Corporation c:\windows\system32\inetcomm.dll
+ Microsoft Windows MAPI Preview Handler MSSearch Vista Platform Microsoft Corporation c:\windows\system32\mssvp.dll
+ Microsoft Windows RTF Preview Handler Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
+ Microsoft XPS Properties Package Document Shell Extension Handler Microsoft Corporation c:\windows\system32\xpsshhdr.dll
+ Microsoft XPS Thumbnail Package Document Shell Extension Handler Microsoft Corporation c:\windows\system32\xpsshhdr.dll
+ Microsoft.ScannersAndCameras Imaging Devices Control Panel Microsoft Corporation c:\program files\windows photo gallery\imagingdevices.exe
+ MMC Icon Handler MMC Shell Extension DLL Microsoft Corporation c:\windows\system32\mmcshext.dll
+ Mobility Center Control Panel Windows Mobility Center Microsoft Corporation c:\windows\system32\mblctr.exe
+ MRU AutoComplete List Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ MSHTML Document Microsoft (R) HTML Viewer Microsoft Corporation c:\windows\system32\mshtml.dll
+ MyDocs Drop Target My Documents Folder UI Microsoft Corporation c:\windows\system32\mydocs.dll
+ MyDocuments menu and properties My Documents Folder UI Microsoft Corporation c:\windows\system32\mydocs.dll
+ MyFolder Properties My Documents Folder UI Microsoft Corporation c:\windows\system32\mydocs.dll
+ nethood delegate folder Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ Network Connections Network Connections Shell Microsoft Corporation c:\windows\system32\netshell.dll
+ Network Connections Network Connections Shell Microsoft Corporation c:\windows\system32\netshell.dll
+ Network Explorer Property Sheet Handler Advanced network device properties Microsoft Corporation c:\windows\system32\ncdprop.dll
+ New Shortcut Wizard Shell Application Manager Microsoft Corporation c:\windows\system32\appwiz.cpl
+ New Shortcut Wizard Modal Shell Application Manager Microsoft Corporation c:\windows\system32\appwiz.cpl
+ NTFS Security Page Security Shell Extension Microsoft Corporation c:\windows\system32\rshx32.dll
+ NvCpl DesktopContext Class NVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll
+ Office Document Property Handler Microsoft Property System Microsoft Corporation c:\windows\system32\propsys.dll
+ Offline Files Context Menu Client Side Caching UI Microsoft Corporation c:\windows\system32\cscui.dll
+ Offline Files Folder Client Side Caching UI Microsoft Corporation c:\windows\system32\cscui.dll
+ Offline Files Folder Options Client Side Caching UI Microsoft Corporation c:\windows\system32\cscui.dll
+ Offline Files Icon Overlay Handler Client Side Caching UI Microsoft Corporation c:\windows\system32\cscui.dll
+ Offline Files Property Sheet Extension Client Side Caching UI Microsoft Corporation c:\windows\system32\cscui.dll
+ OLE Docfile Property Page OLE DocFile Property Page Microsoft Corporation c:\windows\system32\docprop.dll
+ OlePrn.PrinterURL Oleprn DLL Microsoft Corporation c:\windows\system32\oleprn.dll
+ Photo Thumbnail Extractor Photo Metadata Handler Microsoft Corporation c:\windows\system32\photometadatahandler.dll
+ Photo Thumbnail Provider Photo Metadata Handler Microsoft Corporation c:\windows\system32\photometadatahandler.dll
+ PhotoAcqDropTarget Photo Acquisition Microsoft Corporation c:\program files\windows photo gallery\photoacq.dll
+ Play on my TV helper NVIDIA Display Properties Extension NVIDIA Corporation c:\windows\system32\nvcpl.dll
+ PlusPack CPL Extension Windows Theme API Microsoft Corporation c:\windows\system32\themeui.dll
+ Portable Devices Portable Devices Shell Extension Microsoft Corporation c:\windows\system32\wpdshext.dll
+ Portable Devices Menu Portable Devices Shell Extension Microsoft Corporation c:\windows\system32\wpdshext.dll
+ Portable Media Devices Portable Media Devices Shell Extension Microsoft Corporation c:\windows\system32\audiodev.dll
+ Previous Versions Previous Versions property page Microsoft Corporation c:\windows\system32\twext.dll
+ Previous Versions Property Page Previous Versions property page Microsoft Corporation c:\windows\system32\twext.dll
+ Print Ordering via the Web Windows Shell Web Services Microsoft Corporation c:\windows\system32\shwebsvc.dll
+ Printers Security Page Security Shell Extension Microsoft Corporation c:\windows\system32\rshx32.dll
+ printhood delegate folder Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ Problem Reports and Solutions Problem Reports and Solutions Microsoft Corporation c:\windows\system32\wercon.exe
+ Programs and Features Shell Application Manager Microsoft Corporation c:\windows\system32\appwiz.cpl
+ Programs Folder and Fast Items Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
+ Property Labels Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ Public Folder Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ Registry Tree Options Utility Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ Remote Sessions CPL Extension Remote Sessions CPL Extension Microsoft Corporation c:\windows\system32\remotepg.dll
+ RichGameMediaPropertyStore Class Games Explorer Microsoft Corporation c:\windows\system32\gameux.dll
+ Run... Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ Search Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ Search Band Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ Search Control Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ Search Execute Command ExplorerFrame Microsoft Corporation c:\windows\system32\explorerframe.dll
+ Search Folder Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ Search Folders Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
+ Set Program Access and Defaults Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ shdocvw.dll Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ shdocvw.dll Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ shdocvw.dll Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ shdocvw.dll Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ shdocvw.dll Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ shdocvw.dll Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ shdocvw.dll Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ shdocvw.dll Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ shdocvw.dll Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ shdocvw.dll Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ shdocvw.dll Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ shdocvw.dll Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ shdocvw.dll Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ shdocvw.dll Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ Shell Band Site Menu Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ Shell DeskBarApp Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ Shell DocObject Viewer Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ Shell extensions for Microsoft Windows Network objects Network object shell UI Microsoft Corporation c:\windows\system32\ntlanui2.dll
+ Shell extensions for sharing Shell extensions for sharing Microsoft Corporation c:\windows\system32\ntshrui.dll
+ Shell extensions for sharing Shell extensions for sharing Microsoft Corporation c:\windows\system32\ntshrui.dll
+ Shell extensions for Windows Script Host Microsoft (R) Shell Extension for Windows Script Host Microsoft Corporation c:\windows\system32\wshext.dll
+ Shell Icon Handler for Application References Application Deployment Support Library Microsoft Corporation c:\windows\system32\dfshim.dll
+ Shell Message Handler Microsoft Internet Messaging API Resources Microsoft Corporation c:\windows\system32\inetcomm.dll
+ Shell properties for a DS object Directory Service Find Microsoft Corporation c:\windows\system32\dsquery.dll
+ Shell Publishing Wizard Object Windows Shell Web Services Microsoft Corporation c:\windows\system32\shwebsvc.dll
+ Shell Rebar BandSite Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ ShellLink for Application References Application Deployment Support Library Microsoft Corporation c:\windows\system32\dfshim.dll
+ Shortcut Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
+ Show Desktop Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ Start Menu OEM Command Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ Subscription Folder Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll
+ Subscription Mgr Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll
+ Summary Info Thumbnail handler (DOCFILES) Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
+ Sync Center Conflict Delegate Folder Microsoft Sync Center Microsoft Corporation c:\windows\system32\synccenter.dll
+ Sync Center Conflict Folder Microsoft Sync Center Microsoft Corporation c:\windows\system32\synccenter.dll
+ Sync Center Conflict Properties Extension Microsoft Sync Center Microsoft Corporation c:\windows\system32\synccenter.dll
+ Sync Center Device Notification Sink Microsoft Sync Center Microsoft Corporation c:\windows\system32\synccenter.dll
+ Sync Center Event Properties Extension Microsoft Sync Center Microsoft Corporation c:\windows\system32\synccenter.dll
+ Sync Center Folder Microsoft Sync Center Microsoft Corporation c:\windows\system32\synccenter.dll
+ Sync Center Handler Properties Extension Microsoft Sync Center Microsoft Corporation c:\windows\system32\synccenter.dll
+ Sync Center Item Properties Extension Microsoft Sync Center Microsoft Corporation c:\windows\system32\synccenter.dll
+ Sync Center Simple Conflict Presenter Microsoft Sync Center Microsoft Corporation c:\windows\system32\synccenter.dll
+ Sync Results Delegate Folder Microsoft Sync Center Microsoft Corporation c:\windows\system32\synccenter.dll
+ Sync Results Folder Microsoft Sync Center Microsoft Corporation c:\windows\system32\synccenter.dll
+ Sync Setup Delegate Folder Microsoft Sync Center Microsoft Corporation c:\windows\system32\synccenter.dll
+ Sync Setup Folder Microsoft Sync Center Microsoft Corporation c:\windows\system32\synccenter.dll
+ Tablet PC Input Panel Microsoft Tablet Input Band Microsoft Corporation c:\program files\common files\microsoft shared\ink\tipband.dll
+ Taskbar and Start Menu Windows host process (Rundll32) Microsoft Corporation c:\windows\system32\rundll32.exe
+ Temporary Internet Files Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ Temporary Internet Files Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ The Internet Internet Explorer Microsoft Corporation c:\windows\system32\ieframe.dll
+ Touch Band Microsoft Tablet PC Touch Input Component Microsoft Corporation c:\windows\system32\touchx.dll
+ Tree property value folder Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
+ User Accounts Advanced User Accounts Control Panel Microsoft Corporation c:\windows\system32\netplwiz.exe
+ User Assist Shell Browser UI Library Microsoft Corporation c:\windows\system32\browseui.dll
+ users files delegate folder Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ Video Media Properties Handler Media Metadata Handler Microsoft Corporation c:\windows\system32\mediametadatahandler.dll
+ Video Thumbnail Extractor Media Metadata Handler Microsoft Corporation c:\windows\system32\mediametadatahandler.dll
+ View Available Networks View Available Networks Microsoft Corporation c:\windows\system32\van.dll
+ Web Printer Shell Extension Printer Settings User Interface Microsoft Corporation c:\windows\system32\printui.dll
+ Web Publishing Wizard Windows Shell Web Services Microsoft Corporation c:\windows\system32\shwebsvc.dll
+ WebCheck Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll
+ WebCheck SyncMgr Handler Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll
+ WebCheckWebCrawler Web Site Monitor Microsoft Corporation c:\windows\system32\webcheck.dll
+ Welcome Center Welcome Center Microsoft Corporation c:\windows\system32\oobefldr.dll
+ Window Switcher Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ Window TXT Preview Handler Windows Shell Common Dll Microsoft Corporation c:\windows\system32\shell32.dll
+ Windows Contact Preview Handler Microsoft (R) Contacts DLL Microsoft Corporation c:\program files\common files\system\wab32.dll
+ Windows Defender Windows Defender User Interface Microsoft Corporation c:\program files\windows defender\msascui.exe
+ Windows Defender IOfficeAntiVirus implementation IOfficeAntiVirus Module Microsoft Corporation c:\program files\windows defender\mpoav.dll
+ Windows Features Windows Features Microsoft Corporation c:\windows\system32\optionalfeatures.exe
+ Windows Firewall Windows Firewall Control Panel Microsoft Corporation c:\windows\system32\firewallcontrolpanel.exe
+ Windows gadget DropTarget Sidebar droptarget Microsoft Corporation c:\program files\windows sidebar\sbdrop.dll
+ Windows Media Player Windows Media Player Deskband Microsoft Corporation c:\program files\windows media player\wmpband.dll
+ Windows Media Player Add to Playlist Context Menu Handler Windows Media Player Launcher Microsoft Corporation c:\windows\system32\wmpshell.dll
+ Windows Media Player Burn Audio CD Context Menu Handler Windows Media Player Launcher Microsoft Corporation c:\windows\system32\wmpshell.dll
+ Windows Media Player Play as Playlist Context Menu Handler Windows Media Player Launcher Microsoft Corporation c:\windows\system32\wmpshell.dll
+ Windows Media Player Play as Playlist Context Menu Handler Windows Media Player Launcher Microsoft Corporation c:\windows\system32\wmpshell.dll
+ Windows Media Player Shop Music Context Menu Handler Windows Media Player Launcher Microsoft Corporation c:\windows\system32\wmpshell.dll
+ Windows Photo Gallery Viewer Image Verbs Windows Photo Gallery Microsoft Corporation c:\program files\windows photo gallery\photoviewer.dll
+ Windows Photo Gallery Viewer Video Verbs Windows Photo Gallery Microsoft Corporation c:\program files\windows photo gallery\photoviewer.dll
+ Windows Sidebar Properties Windows Sidebar Microsoft Corporation c:\program files\windows sidebar\sidebar.exe
+ Windows Update Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll
+ WinRAR shell extension c:\program files\winrar\rarext.dll
+ Wireless Devices Function Discovery Folder Microsoft Corporation c:\windows\system32\functiondiscoveryfolder.dll
+ WPL property store Shell Doc Object and Control Library Microsoft Corporation c:\windows\system32\shdocvw.dll