1st time user of this forum

Forum Guidelines

Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help

Posted Image

Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient.

Posted Image

DO NOT RUN ComboFix unless requested to.

Posted Image

Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.

Posted Image

When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.

Posted Image

Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.

5 Pages
←
1
2
3
4
5
→

You cannot start a new topic
You cannot reply to this topic

1st time user of this forum Computer acting slow not responding

#31 harrythook

Group: Malware Response Team
Posts: 4,151
Joined: 16-May 07
Gender:Male
Location:Philadelphia

Posted 11 July 2009 - 05:27 PM

Working on it Mac, gonna have to review everything here.
Do me a favor and run that regsearch again, lets see if the entries are gone.
Also, I am sure you would have told me if the strange things in AOL are gone?

Harry

Veni Vidi Vici
THE FIGHT AGAINST MALWARE

Become a BleepingComputer fan: Facebook

#32 MAKRLM

Member

Group: Members
Posts: 59
Joined: 28-February 07

Posted 13 July 2009 - 02:22 AM

Hi Harry,

Yes, I am still getting the wierd symbols.. Computer is getting slower also.
I have run Comodo Anti Virus, SpyBot, Ad-Aware,Windows Defender,Super Anti Spyware amd Malawarebytes again also.. I have run Glary Utilities and Advanced System Care again also..

I did the regsearch again and here are the results:

Hope you get the info ----------
Thanks - Mac -----

Attached File(s)

RegSearch.txt (656bytes)
Number of downloads: 3

#33 MAKRLM

Member

Group: Members
Posts: 59
Joined: 28-February 07

Posted 13 July 2009 - 02:44 AM

Hello again Harry,
I just ran across this ---

Does it help in any way ???

Mac ---------

http://rmd.atdmt.com/tl/a...Subscribe to this Thread:
RSS Feed AOL Alerts
Add to My Boards
Create New Thread

Blocking doesn't work ... < Previous Thread | Next Thread > wireless AOL
Messages: 1 - 2 of 2 List All | List Unread
http://rmd.atdmt.com/tl/atla... Mark Thread Read
#1 - Posted on 6/30/09 at 09:05 PM
Kjrs View Profile Send MailIgnore AuthorSend IM
This tracking cookie is installed on a system when an affected user visits the following Web site:

http://www.atlassolutions.com
Tracking cookies or data miners are cookies that are used by two or more Web sites to track an affected user's Web browsing habits and display advertisement or other material the users might be interested in.

Similar to adware, tracking cookies collect user information for third party recipients.

It runs on Windows 95, 98, ME, 2000, XP, and Server 2003.

Important Windows ME/XP Cleaning Instructions

Users running Windows ME and XP must disable System Restore to allow full scanning of infected computers.

Users running other Windows versions can proceed with the succeeding solution set(s).

ortant Windows ME/XP Cleaning Instructions

Users running Windows ME and XP must disable System Restore to allow full scanning of infected computers.

Users running other Windows versions can proceed with the succeeding solution set(s)

Other Internet users can use HouseCall, the Trend Micro online threat scanner.

Reply to Message Mark Message Unread | Notify AOL

(Msg Id: 544550:30451)
#2 - Posted on 7/03/09 at 02:14 PMRe: Post #1
PGroot View Profile Send MailIgnore AuthorSend IM
Calling a cookie "spyware" is exaggeration. There are keyloggers, which are real spyware. There are browser hijackers, which can watch what sites you visit, and redirect you to phony sites. Adware can pop up display advertising. Those are software that runs when you are not aware of it. A cookie is a small piece of text, not software. Yes, it could record ads that you viewed or clicked on, so there is a small privacy concern.signature: PGroot Silicon Valley, California

Reply to Message Mark Message Unread | Notify AOL

(Msg Id: 544550:30490)

#34 MAKRLM

Member

Group: Members
Posts: 59
Joined: 28-February 07

Posted 24 July 2009 - 02:02 AM

Hello Harry -

I have tried the last info I sent you and it did not change anything.

I ran all the programs I have mentioned before and turned off System Restore 3 different times, restarting each time.

Still have and get atdmt things.

Still have the wierd symbols and computer is slow....

Hoping you can come up with something to try next..

Mac ---

#35 harrythook

Group: Malware Response Team
Posts: 4,151
Joined: 16-May 07
Gender:Male
Location:Philadelphia

Posted 26 July 2009 - 08:32 AM

Hey Mac, sorry for the delays.
Lets follow some of the instructions AOL gives for clearing history. Follow the instructions for your version:
http://help.channels.aol.com/kjump.adp?articleId=218737

See if that helps, then we will try to speed you up.

Harry

Veni Vidi Vici
THE FIGHT AGAINST MALWARE

Become a BleepingComputer fan: Facebook

#36 MAKRLM

Member

Group: Members
Posts: 59
Joined: 28-February 07

Posted 28 July 2009 - 02:19 AM

Hi Harry,
I followed the directions from your last. Things did not change.
I am getting slower and slower.

I have removed all the Cookies and junk that I can with Glary Utlities and Advanced System Care. I have defraged and used Windows One Care also. Have run SuperAntiSpware and Malwarebytes. Have run Windows Defender too....... Even ran HouseCall..

Still have the wierd symbols..... They keep changing all the time...

By the way, since doing all these things, when I reboot, The Windows Live Messenger Icon in lower toolbar or the RoboForm icon always come on as a Black Square. I exit them and restart them and they come back normal.

I am ready for your next to do list........

Thanks - Mac --------

#37 harrythook

Group: Malware Response Team
Posts: 4,151
Joined: 16-May 07
Gender:Male
Location:Philadelphia

Posted 28 July 2009 - 04:08 AM

Hey Mac,
since these symbols translate to a microsoft product, and you are having problems with live messenger, lets try uninstalling that and see what happens. Go to add/remove programs and use the uninstaller there, let me know what happens.

Harry

Veni Vidi Vici
THE FIGHT AGAINST MALWARE

Become a BleepingComputer fan: Facebook

#38 MAKRLM

Member

Group: Members
Posts: 59
Joined: 28-February 07

Posted 29 July 2009 - 02:05 AM

Hello again Harry,

Went to "add/remove" and could not find Windows Live Messenger or Microsoft Messenger. I have both.
I went to Search and could not find anything for either one...
I can use either one, but can not find anything as to where I can remove them...
In the Start menu, All Programs, I have both. Neither one has a uninstall option...

At a loss now.........

Something new started today -- When I was looking around in eBay and my banks website and even getting into this website I keep getting a AOL Popup window that says " This area of America Online is no longer available". I close it 1-4 times and am able to continue doing what I was doing. Never have seen this before --------

This gets more interesting all the time............. Am learning things tho ---

mac -------------

#39 MAKRLM

Member

Group: Members
Posts: 59
Joined: 28-February 07

Posted 05 August 2009 - 02:40 AM

Hello Harry and Tea and who ever else is watching this situation of mine ----

I found out the reason for my problem--- LOL -----

What are we going to try next ??

Still can not remove Windows Messenger...

Mac --------------

Attached File(s)

Reworked_copy.jpg (23.8K)
Number of downloads: 5

#40 harrythook

Group: Malware Response Team
Posts: 4,151
Joined: 16-May 07
Gender:Male
Location:Philadelphia

Posted 05 August 2009 - 05:40 AM

Hey Mac,
I keep losing you in the mess I have here, please feel free to "nudge" me if I dont reply.

Lets take a look again in this way:
Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be prompted to install an ActiveX component from Kaspersky, Click Yes.

The program will launch and then begin downloading the latest definition files:
Once the files have been downloaded click on NEXT
Now click on Scan Settings
In the scan settings make sure that the following are selected:
- Scan using the following Anti-Virus database:
- Scan Options:
Click OK
Now under select a target to scan:
This will program will start and scan your system.
The scan will take a while so be patient and let it run.
Once the scan is complete it will display if your system has been infected.
- Now click on the Save as Text button:
Save the file to your desktop.
Copy and paste that information in your next post.

Veni Vidi Vici
THE FIGHT AGAINST MALWARE

Become a BleepingComputer fan: Facebook

#41 MAKRLM

Member

Group: Members
Posts: 59
Joined: 28-February 07

Posted 07 August 2009 - 02:37 AM

Hello Harry,
Kapersky will not let me run a scan. It tells me I need the latest Java . I have the latest, Version 6 w/ the 15 update.

I tried running it thru IE7 and thru AOL 9.1 and the same thing happens. I hit the download for Java and it says I have the latest version.

Do I have run some type of claen up/fix program now??

Thanks - Mac ------------

#42 MAKRLM

Member

Group: Members
Posts: 59
Joined: 28-February 07

Posted 10 August 2009 - 03:01 AM

Hello Harry,
I looked for Kaspersky in my add and remove and could not find it. I used search and removed all of the things that came up.
This is the Java Info:
Java Plug-in 1.6.0_15
Using JRE version 1.6.0_15-b03 Java HotSpot™ Client VM
User home directory = C:\Documents and Settings\Owner

----------------------------------------------------
c: clear console window
f: finalize objects on finalization queue
g: garbage collect
h: display this help message
l: dump classloader list
m: print memory usage
o: trigger logging
p: reload proxy configuration
q: hide console
r: reload policy configuration
s: dump system and deployment properties
t: dump thread list
v: dump thread stack
x: clear classloader cache
0-5: set trace level to <n>
----------------------------------------------------

Reading certificates from 12274 http://www.kaspersky.com/kos/eng/partner/us/kos-main.jar | C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\6.0\21\66415395-365c6d1e.idx
Reading certificates from 12274 http://www.kaspersky.com/kos/eng/partner/us/kos-main.jar | C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\6.0\21\66415395-365c6d1e.idx
java.lang.OutOfMemoryError: Java heap space
at sun.security.provider.certpath.OCSPChecker.check(Unknown Source)
at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(Unknown Source)
at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(Unknown Source)
at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(Unknown Source)
at java.security.cert.CertPathValidator.validate(Unknown Source)
at sun.security.validator.PKIXValidator.doValidate(Unknown Source)
at sun.security.validator.PKIXValidator.doValidate(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at sun.plugin.security.PluginClassLoader.getPermissions(Unknown Source)
at java.security.SecureClassLoader.getProtectionDomain(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.access$000(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at sun.applet.AppletClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.applet.AppletClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.applet.AppletClassLoader.loadCode(Unknown Source)
at sun.applet.AppletPanel.createApplet(Unknown Source)
at sun.plugin.AppletViewer.createApplet(Unknown Source)
at sun.applet.AppletPanel.runLoader(Unknown Source)
at sun.applet.AppletPanel.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
java.lang.OutOfMemoryError: Java heap space
at sun.security.provider.certpath.OCSPChecker.check(Unknown Source)
at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(Unknown Source)
at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(Unknown Source)
at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(Unknown Source)
at java.security.cert.CertPathValidator.validate(Unknown Source)
at sun.security.validator.PKIXValidator.doValidate(Unknown Source)
at sun.security.validator.PKIXValidator.doValidate(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at sun.plugin.security.PluginClassLoader.getPermissions(Unknown Source)
at java.security.SecureClassLoader.getProtectionDomain(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.defineClass(Unknown Source)
at java.net.URLClassLoader.access$000(Unknown Source)
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at sun.applet.AppletClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.applet.AppletClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.applet.AppletClassLoader.loadCode(Unknown Source)
at sun.applet.AppletPanel.createApplet(Unknown Source)
at sun.plugin.AppletViewer.createApplet(Unknown Source)
at sun.applet.AppletPanel.runLoader(Unknown Source)
at sun.applet.AppletPanel.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

Hope this helps.....

Mac -------------

--------------------------------------------------------------------------------

#43 harrythook

Group: Malware Response Team
Posts: 4,151
Joined: 16-May 07
Gender:Male
Location:Philadelphia

Posted 11 August 2009 - 10:15 AM

Hey Mac, follow these instructions for removing all older versions of Java:
Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older version Java components and update:

Download the latest version of Java Runtime Environment (JRE) Version 6 and save it to your desktop.
Look for "Java Runtime Environment (JRE)" JRE 6 Update 16.
Click the Download button to the right.
Select your Platform: "Windows".
Select your Language: "Multi-language".
Read the License Agreement, and then check the box that says: "Accept License Agreement".
Click Continue and the page will refresh.
Under Required Files, check the box for Windows Offline Installation, click the link below it and save the file to your desktop.
Close any programs you may have running - especially your web browser.

Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.

Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
Repeat as many times as necessary to remove each Java versions.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on jre-6u16-windows-i586.exe to install the newest version.

-- If using Windows Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
-- If you choose to update via the Java applet in Control Panel, uncheck the option to install the Toolbar unless you want it.
-- The uninstaller incorporated in this release removes previous Updates 10 and above, but does not remove older versions, so they still need to be removed manually.

Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click Ok and reboot your computer.

Veni Vidi Vici
THE FIGHT AGAINST MALWARE

Become a BleepingComputer fan: Facebook

#44 MAKRLM

Member

Group: Members
Posts: 59
Joined: 28-February 07

Posted 14 August 2009 - 02:29 AM

Hi Harry,
I tried to reply last night, but could not upload what you wanted. Hope it works tonight.
Got all the new Windows updates installed earlier and things seem like I will be able to.

I finally got Kaspersky to download. I remembered the website 'MajorGeeks.com". They had the whole program and it downloaded fine.. Ran it and it did not find anything. Sure is a long list !!!!!!!!!

Also have Java up to date also..

Computer has been acting real funny and super slow.. It now takes about 7 minutes to start up from a cold start.

Scan
----
Scanned: 714184
Detected: 0
Untreated: 0
Start time: 8/11/2009 12:26:15 AM
Duration: 03:51:25
Finish time: 8/11/2009 4:17:40 AM

Detected
--------
Status Object
------ ------

Events
------
Time Name Status Reason
---- ---- ------ ------
8/11/2009 12:26:26 AM Running module: smss.exe\smss.exe ok scanned
8/11/2009 12:26:26 AM File: C:\WINDOWS\System32\smss.exe ok scanned
8/11/2009 12:26:26 AM Running module: smss.exe\ntdll.dll ok scanned
8/11/2009 12:26:27 AM File: C:\WINDOWS\system32\ntdll.dll ok scanned
8/11/2009 12:26:27 AM Running module: csrss.exe\csrss.exe ok scanned
8/11/2009 12:26:27 AM File: C:\WINDOWS\system32\csrss.exe ok scanned
8/11/2009 12:26:27 AM Running module: csrss.exe\ntdll.dll ok scanned
8/11/2009 12:26:27 AM File: C:\WINDOWS\system32\ntdll.dll ok scanned
8/11/2009 12:26:27 AM Running module: csrss.exe\CSRSRV.dll ok scanned
8/11/2009 12:26:27 AM File: C:\WINDOWS\system32\CSRSRV.dll ok scanned
8/11/2009 12:26:27 AM Running module: csrss.exe\basesrv.dll ok scanned
8/11/2009 12:26:27 AM File: C:\WINDOWS\system32\basesrv.dll ok scanned
8/11/2009 12:26:27 AM Running module: csrss.exe\winsrv.dll ok scanned
8/11/2009 12:26:27 AM File: C:\WINDOWS\system32\winsrv.dll ok scanned
8/11/2009 12:26:27 AM Running module: csrss.exe\GDI32.dll ok scanned
8/11/2009 12:26:27 AM File: C:\WINDOWS\system32\GDI32.dll ok scanned
8/11/2009 12:26:27 AM Running module: csrss.exe\KERNEL32.dll ok scanned
8/11/2009 12:26:28 AM File: C:\WINDOWS\system32\KERNEL32.dll ok scanned
8/11/2009 12:26:28 AM Running module: csrss.exe\USER32.dll ok scanned
8/11/2009 12:26:28 AM File: C:\WINDOWS\system32\USER32.dll ok scanned
8/11/2009 12:26:28 AM Running module: csrss.exe\sxs.dll ok scanned
8/11/2009 12:26:28 AM File: C:\WINDOWS\system32\sxs.dll ok scanned
8/11/2009 12:26:28 AM Running module: csrss.exe\ADVAPI32.dll ok scanned
8/11/2009 12:26:28 AM File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
8/11/2009 12:26:28 AM Running module: csrss.exe\RPCRT4.dll ok scanned
8/11/2009 12:26:28 AM File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
8/11/2009 12:26:28 AM Running module: csrss.exe\Secur32.dll ok scanned
8/11/2009 12:26:28 AM File: C:\WINDOWS\system32\Secur32.dll ok scanned
8/11/2009 12:26:28 AM Running module: csrss.exe\Apphelp.dll ok scanned
8/11/2009 12:26:28 AM File: C:\WINDOWS\system32\Apphelp.dll ok scanned
8/11/2009 12:26:28 AM Running module: csrss.exe\VERSION.dll ok scanned
8/11/2009 12:26:28 AM File: C:\WINDOWS\system32\VERSION.dll ok scanned
8/11/2009 12:26:28 AM Running module: winlogon.exe\winlogon.exe ok scanned
8/11/2009 12:26:28 AM File: C:\WINDOWS\system32\winlogon.exe ok scanned
8/11/2009 12:26:28 AM Running module: winlogon.exe\ntdll.dll ok scanned
8/11/2009 12:26:28 AM File: C:\WINDOWS\system32\ntdll.dll ok scanned
8/11/2009 12:26:28 AM Running module: winlogon.exe\kernel32.dll ok scanned
8/11/2009 12:26:29 AM File: C:\WINDOWS\system32\kernel32.dll ok scanned
8/11/2009 12:26:29 AM Running module: winlogon.exe\ADVAPI32.dll ok scanned
8/11/2009 12:26:29 AM File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
8/11/2009 12:26:29 AM Running module: winlogon.exe\RPCRT4.dll ok scanned
8/11/2009 12:26:29 AM File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
8/11/2009 12:26:29 AM Running module: winlogon.exe\Secur32.dll ok scanned
8/11/2009 12:26:29 AM File: C:\WINDOWS\system32\Secur32.dll ok scanned
8/11/2009 12:26:29 AM Running module: winlogon.exe\AUTHZ.dll ok scanned
8/11/2009 12:26:29 AM File: C:\WINDOWS\system32\AUTHZ.dll ok scanned
8/11/2009 12:26:29 AM Running module: winlogon.exe\msvcrt.dll ok scanned
8/11/2009 12:26:29 AM File: C:\WINDOWS\system32\msvcrt.dll ok scanned
8/11/2009 12:26:29 AM Running module: winlogon.exe\CRYPT32.dll ok scanned
8/11/2009 12:26:29 AM File: C:\WINDOWS\system32\CRYPT32.dll ok scanned
8/11/2009 12:26:29 AM Running module: winlogon.exe\MSASN1.dll ok scanned
8/11/2009 12:26:29 AM File: C:\WINDOWS\system32\MSASN1.dll ok scanned
8/11/2009 12:26:29 AM Running module: winlogon.exe\USER32.dll ok scanned
8/11/2009 12:26:29 AM File: C:\WINDOWS\system32\USER32.dll ok scanned
8/11/2009 12:26:29 AM Running module: winlogon.exe\GDI32.dll ok scanned
8/11/2009 12:26:29 AM File: C:\WINDOWS\system32\GDI32.dll ok scanned
8/11/2009 12:26:29 AM Running module: winlogon.exe\NDdeApi.dll ok scanned
8/11/2009 12:26:30 AM File: C:\WINDOWS\system32\NDdeApi.dll ok scanned
8/11/2009 12:26:30 AM Running module: winlogon.exe\PROFMAP.dll ok scanned
8/11/2009 12:26:30 AM File: C:\WINDOWS\system32\PROFMAP.dll ok scanned
8/11/2009 12:26:30 AM Running module: winlogon.exe\NETAPI32.dll ok scanned
8/11/2009 12:26:30 AM File: C:\WINDOWS\system32\NETAPI32.dll ok scanned
8/11/2009 12:26:30 AM Running module: winlogon.exe\USERENV.dll ok scanned
8/11/2009 12:26:30 AM File: C:\WINDOWS\system32\USERENV.dll ok scanned
8/11/2009 12:26:30 AM Running module: winlogon.exe\PSAPI.DLL ok scanned
8/11/2009 12:26:30 AM File: C:\WINDOWS\system32\PSAPI.DLL ok scanned
8/11/2009 12:26:30 AM Running module: winlogon.exe\REGAPI.dll ok scanned
8/11/2009 12:26:30 AM File: C:\WINDOWS\system32\REGAPI.dll ok scanned
8/11/2009 12:26:30 AM Running module: winlogon.exe\SETUPAPI.dll ok scanned
8/11/2009 12:26:30 AM File: C:\WINDOWS\system32\SETUPAPI.dll ok scanned
8/11/2009 12:26:30 AM Running module: winlogon.exe\VERSION.dll ok scanned
8/11/2009 12:26:30 AM File: C:\WINDOWS\system32\VERSION.dll ok scanned
8/11/2009 12:26:30 AM Running module: winlogon.exe\WINSTA.dll ok scanned
8/11/2009 12:26:30 AM File: C:\WINDOWS\system32\WINSTA.dll ok scanned
8/11/2009 12:26:30 AM Running module: winlogon.exe\WINTRUST.dll ok scanned
8/11/2009 12:26:30 AM File: C:\WINDOWS\system32\WINTRUST.dll ok scanned
8/11/2009 12:26:30 AM Running module: winlogon.exe\IMAGEHLP.dll ok scanned
8/11/2009 12:26:30 AM File: C:\WINDOWS\system32\IMAGEHLP.dll ok scanned
8/11/2009 12:26:30 AM Running module: winlogon.exe\WS2_32.dll ok scanned
8/11/2009 12:26:30 AM File: C:\WINDOWS\system32\WS2_32.dll ok scanned
8/11/2009 12:26:30 AM Running module: winlogon.exe\WS2HELP.dll ok scanned
8/11/2009 12:26:30 AM File: C:\WINDOWS\system32\WS2HELP.dll ok scanned
8/11/2009 12:26:30 AM Running module: winlogon.exe\IMM32.DLL ok scanned
8/11/2009 12:26:30 AM File: C:\WINDOWS\system32\IMM32.DLL ok scanned
8/11/2009 12:26:30 AM Running module: winlogon.exe\guard32.dll ok scanned
8/11/2009 12:26:30 AM File: C:\WINDOWS\system32\guard32.dll ok scanned
8/11/2009 12:26:30 AM Running module: winlogon.exe\fltlib.dll ok scanned
8/11/2009 12:26:30 AM File: C:\WINDOWS\system32\fltlib.dll ok scanned
8/11/2009 12:26:30 AM Running module: winlogon.exe\MSGINA.dll ok scanned
8/11/2009 12:26:30 AM File: C:\WINDOWS\system32\MSGINA.dll ok scanned
8/11/2009 12:26:30 AM Running module: winlogon.exe\COMCTL32.dll ok scanned
8/11/2009 12:26:31 AM File: C:\WINDOWS\system32\COMCTL32.dll ok scanned
8/11/2009 12:26:31 AM Running module: winlogon.exe\ODBC32.dll ok scanned
8/11/2009 12:26:31 AM File: C:\WINDOWS\system32\ODBC32.dll ok scanned
8/11/2009 12:26:31 AM Running module: winlogon.exe\comdlg32.dll ok scanned
8/11/2009 12:26:31 AM File: C:\WINDOWS\system32\comdlg32.dll ok scanned
8/11/2009 12:26:31 AM Running module: winlogon.exe\SHELL32.dll ok scanned
8/11/2009 12:26:31 AM File: C:\WINDOWS\system32\SHELL32.dll ok scanned
8/11/2009 12:26:31 AM Running module: winlogon.exe\SHLWAPI.dll ok scanned
8/11/2009 12:26:31 AM File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
8/11/2009 12:26:31 AM Running module: winlogon.exe\comctl32.dll ok scanned
8/11/2009 12:26:31 AM File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ok scanned
8/11/2009 12:26:31 AM Running module: winlogon.exe\odbcint.dll ok scanned
8/11/2009 12:26:31 AM File: C:\WINDOWS\system32\odbcint.dll ok scanned
8/11/2009 12:26:31 AM Running module: winlogon.exe\SHSVCS.dll ok scanned
8/11/2009 12:26:31 AM File: C:\WINDOWS\system32\SHSVCS.dll ok scanned
8/11/2009 12:26:31 AM Running module: winlogon.exe\sfc.dll ok scanned
8/11/2009 12:26:31 AM File: C:\WINDOWS\system32\sfc.dll ok scanned
8/11/2009 12:26:31 AM Running module: winlogon.exe\sfc_os.dll ok scanned
8/11/2009 12:26:31 AM File: C:\WINDOWS\system32\sfc_os.dll ok scanned
8/11/2009 12:26:31 AM Running module: winlogon.exe\ole32.dll ok scanned
8/11/2009 12:26:31 AM File: C:\WINDOWS\system32\ole32.dll ok scanned
8/11/2009 12:26:31 AM Running module: winlogon.exe\Apphelp.dll ok scanned
8/11/2009 12:26:32 AM File: C:\WINDOWS\system32\Apphelp.dll ok scanned
8/11/2009 12:26:32 AM Running module: winlogon.exe\msctfime.ime ok scanned
8/11/2009 12:26:32 AM File: C:\WINDOWS\system32\msctfime.ime ok scanned
8/11/2009 12:26:32 AM Running module: winlogon.exe\WINSCARD.DLL ok scanned
8/11/2009 12:26:32 AM File: C:\WINDOWS\system32\WINSCARD.DLL ok scanned
8/11/2009 12:26:32 AM Running module: winlogon.exe\WTSAPI32.dll ok scanned
8/11/2009 12:26:32 AM File: C:\WINDOWS\system32\WTSAPI32.dll ok scanned
8/11/2009 12:26:32 AM Running module: winlogon.exe\sxs.dll ok scanned
8/11/2009 12:26:32 AM File: C:\WINDOWS\system32\sxs.dll ok scanned
8/11/2009 12:26:32 AM Running module: winlogon.exe\WINMM.dll ok scanned
8/11/2009 12:26:32 AM File: C:\WINDOWS\system32\WINMM.dll ok scanned
8/11/2009 12:26:32 AM Running module: winlogon.exe\serwvdrv.dll ok scanned
8/11/2009 12:26:32 AM File: C:\WINDOWS\system32\serwvdrv.dll ok scanned
8/11/2009 12:26:32 AM Running module: winlogon.exe\umdmxfrm.dll ok scanned
8/11/2009 12:26:32 AM File: C:\WINDOWS\system32\umdmxfrm.dll ok scanned
8/11/2009 12:26:32 AM Running module: winlogon.exe\uxtheme.dll ok scanned
8/11/2009 12:26:32 AM File: C:\WINDOWS\system32\uxtheme.dll ok scanned
8/11/2009 12:26:32 AM Running module: winlogon.exe\SASWINLO.dll ok scanned
8/11/2009 12:26:32 AM File: C:\Program Files\SUPERAntiSpyware\SASWINLO.dll ok scanned
8/11/2009 12:26:32 AM Running module: winlogon.exe\OLEAUT32.dll ok scanned
8/11/2009 12:26:32 AM File: C:\WINDOWS\system32\OLEAUT32.dll ok scanned
8/11/2009 12:26:32 AM Running module: winlogon.exe\WININET.dll ok scanned
8/11/2009 12:26:32 AM File: C:\WINDOWS\system32\WININET.dll ok scanned
8/11/2009 12:26:32 AM Running module: winlogon.exe\Normaliz.dll ok scanned
8/11/2009 12:26:32 AM File: C:\WINDOWS\system32\Normaliz.dll ok scanned
8/11/2009 12:26:32 AM Running module: winlogon.exe\iertutil.dll ok scanned
8/11/2009 12:26:32 AM File: C:\WINDOWS\system32\iertutil.dll ok scanned
8/11/2009 12:26:32 AM Running module: winlogon.exe\cscdll.dll ok scanned
8/11/2009 12:26:32 AM File: C:\WINDOWS\system32\cscdll.dll ok scanned
8/11/2009 12:26:32 AM Running module: winlogon.exe\rsaenh.dll ok scanned
8/11/2009 12:26:33 AM File: C:\WINDOWS\system32\rsaenh.dll ok scanned
8/11/2009 12:26:33 AM Running module: winlogon.exe\dimsntfy.dll ok scanned
8/11/2009 12:26:33 AM File: C:\WINDOWS\System32\dimsntfy.dll ok scanned
8/11/2009 12:26:33 AM Running module: winlogon.exe\WlNotify.dll ok scanned
8/11/2009 12:26:33 AM File: C:\WINDOWS\system32\WlNotify.dll ok scanned
8/11/2009 12:26:33 AM Running module: winlogon.exe\MPR.dll ok scanned
8/11/2009 12:26:33 AM File: C:\WINDOWS\system32\MPR.dll ok scanned
8/11/2009 12:26:33 AM Running module: winlogon.exe\WINSPOOL.DRV ok scanned
8/11/2009 12:26:33 AM File: C:\WINDOWS\system32\WINSPOOL.DRV ok scanned
8/11/2009 12:26:33 AM Running module: winlogon.exe\WgaLogon.dll ok scanned
8/11/2009 12:26:34 AM File: C:\WINDOWS\system32\WgaLogon.dll ok scanned
8/11/2009 12:26:34 AM Running module: winlogon.exe\NTMARTA.DLL ok scanned
8/11/2009 12:26:34 AM File: C:\WINDOWS\system32\NTMARTA.DLL ok scanned
8/11/2009 12:26:34 AM Running module: winlogon.exe\SAMLIB.dll ok scanned
8/11/2009 12:26:34 AM File: C:\WINDOWS\system32\SAMLIB.dll ok scanned
8/11/2009 12:26:34 AM Running module: winlogon.exe\WLDAP32.dll ok scanned
8/11/2009 12:26:34 AM File: C:\WINDOWS\system32\WLDAP32.dll ok scanned
8/11/2009 12:26:34 AM Running module: winlogon.exe\CLBCATQ.DLL ok scanned
8/11/2009 12:26:34 AM File: C:\WINDOWS\system32\CLBCATQ.DLL ok scanned
8/11/2009 12:26:34 AM Running module: winlogon.exe\COMRes.dll ok scanned
8/11/2009 12:26:34 AM File: C:\WINDOWS\system32\COMRes.dll ok scanned
8/11/2009 12:26:34 AM Running module: winlogon.exe\cscui.dll ok scanned
8/11/2009 12:26:34 AM File: C:\WINDOWS\system32\cscui.dll ok scanned
8/11/2009 12:26:34 AM Running module: winlogon.exe\msv1_0.dll ok scanned
8/11/2009 12:26:35 AM File: C:\WINDOWS\system32\msv1_0.dll ok scanned
8/11/2009 12:26:35 AM Running module: winlogon.exe\iphlpapi.dll ok scanned
8/11/2009 12:26:35 AM File: C:\WINDOWS\system32\iphlpapi.dll ok scanned
8/11/2009 12:26:35 AM Running module: winlogon.exe\xpsp2res.dll ok scanned
8/11/2009 12:26:35 AM File: C:\WINDOWS\system32\xpsp2res.dll ok scanned
8/11/2009 12:26:35 AM Running module: winlogon.exe\wdmaud.drv ok scanned
8/11/2009 12:26:35 AM File: C:\WINDOWS\system32\wdmaud.drv ok scanned
8/11/2009 12:26:35 AM Running module: winlogon.exe\msacm32.drv ok scanned
8/11/2009 12:26:35 AM File: C:\WINDOWS\system32\msacm32.drv ok scanned
8/11/2009 12:26:35 AM Running module: winlogon.exe\MSACM32.dll ok scanned
8/11/2009 12:26:35 AM File: C:\WINDOWS\system32\MSACM32.dll ok scanned
8/11/2009 12:26:35 AM Running module: winlogon.exe\midimap.dll ok scanned
8/11/2009 12:26:35 AM File: C:\WINDOWS\system32\midimap.dll ok scanned
8/11/2009 12:26:35 AM Running module: services.exe\services.exe ok scanned
8/11/2009 12:26:35 AM File: C:\WINDOWS\system32\services.exe ok scanned
8/11/2009 12:26:35 AM Running module: services.exe\ntdll.dll ok scanned
8/11/2009 12:26:35 AM File: C:\WINDOWS\system32\ntdll.dll ok scanned
8/11/2009 12:26:35 AM Running module: services.exe\kernel32.dll ok scanned
8/11/2009 12:26:36 AM File: C:\WINDOWS\system32\kernel32.dll ok scanned
8/11/2009 12:26:36 AM Running module: services.exe\ADVAPI32.dll ok scanned
8/11/2009 12:26:36 AM File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
8/11/2009 12:26:36 AM Running module: services.exe\RPCRT4.dll ok scanned
8/11/2009 12:26:36 AM File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
8/11/2009 12:26:36 AM Running module: services.exe\Secur32.dll ok scanned
8/11/2009 12:26:36 AM File: C:\WINDOWS\system32\Secur32.dll ok scanned
8/11/2009 12:26:36 AM Running module: services.exe\msvcrt.dll ok scanned
8/11/2009 12:26:36 AM File: C:\WINDOWS\system32\msvcrt.dll ok scanned
8/11/2009 12:26:36 AM Running module: services.exe\NCObjAPI.DLL ok scanned
8/11/2009 12:26:36 AM File: C:\WINDOWS\system32\NCObjAPI.DLL ok scanned
8/11/2009 12:26:36 AM Running module: services.exe\MSVCP60.dll ok scanned
8/11/2009 12:26:36 AM File: C:\WINDOWS\system32\MSVCP60.dll ok scanned
8/11/2009 12:26:36 AM Running module: services.exe\SCESRV.dll ok scanned
8/11/2009 12:26:36 AM File: C:\WINDOWS\system32\SCESRV.dll ok scanned
8/11/2009 12:26:36 AM Running module: services.exe\AUTHZ.dll ok scanned
8/11/2009 12:26:36 AM File: C:\WINDOWS\system32\AUTHZ.dll ok scanned
8/11/2009 12:26:36 AM Running module: services.exe\USER32.dll ok scanned
8/11/2009 12:26:36 AM File: C:\WINDOWS\system32\USER32.dll ok scanned
8/11/2009 12:26:36 AM Running module: services.exe\GDI32.dll ok scanned
8/11/2009 12:26:36 AM File: C:\WINDOWS\system32\GDI32.dll ok scanned
8/11/2009 12:26:36 AM Running module: services.exe\USERENV.dll ok scanned
8/11/2009 12:26:36 AM File: C:\WINDOWS\system32\USERENV.dll ok scanned
8/11/2009 12:26:36 AM Running module: services.exe\umpnpmgr.dll ok scanned
8/11/2009 12:26:37 AM File: C:\WINDOWS\system32\umpnpmgr.dll ok scanned
8/11/2009 12:26:37 AM Running module: services.exe\WINSTA.dll ok scanned
8/11/2009 12:26:37 AM File: C:\WINDOWS\system32\WINSTA.dll ok scanned
8/11/2009 12:26:37 AM Running module: services.exe\NETAPI32.dll ok scanned
8/11/2009 12:26:37 AM File: C:\WINDOWS\system32\NETAPI32.dll ok scanned
8/11/2009 12:26:37 AM Running module: services.exe\ShimEng.dll ok scanned
8/11/2009 12:26:37 AM File: C:\WINDOWS\system32\ShimEng.dll ok scanned
8/11/2009 12:26:37 AM Running module: services.exe\AcAdProc.dll ok scanned
8/11/2009 12:26:37 AM File: C:\WINDOWS\AppPatch\AcAdProc.dll ok scanned
8/11/2009 12:26:37 AM Running module: services.exe\IMM32.DLL ok scanned
8/11/2009 12:26:37 AM File: C:\WINDOWS\system32\IMM32.DLL ok scanned
8/11/2009 12:26:37 AM Running module: services.exe\guard32.dll ok scanned
8/11/2009 12:26:37 AM File: C:\WINDOWS\system32\guard32.dll ok scanned
8/11/2009 12:26:37 AM Running module: services.exe\VERSION.dll ok scanned
8/11/2009 12:26:37 AM File: C:\WINDOWS\system32\VERSION.dll ok scanned
8/11/2009 12:26:37 AM Running module: services.exe\fltlib.dll ok scanned
8/11/2009 12:26:37 AM File: C:\WINDOWS\system32\fltlib.dll ok scanned
8/11/2009 12:26:37 AM Running module: services.exe\Apphelp.dll ok scanned
8/11/2009 12:26:37 AM File: C:\WINDOWS\system32\Apphelp.dll ok scanned
8/11/2009 12:26:37 AM Running module: services.exe\eventlog.dll ok scanned
8/11/2009 12:26:37 AM File: C:\WINDOWS\system32\eventlog.dll ok scanned
8/11/2009 12:26:37 AM Running module: services.exe\PSAPI.DLL ok scanned
8/11/2009 12:26:37 AM File: C:\WINDOWS\system32\PSAPI.DLL ok scanned
8/11/2009 12:26:37 AM Running module: services.exe\WS2_32.dll ok scanned
8/11/2009 12:26:37 AM File: C:\WINDOWS\system32\WS2_32.dll ok scanned
8/11/2009 12:26:37 AM Running module: services.exe\WS2HELP.dll ok scanned
8/11/2009 12:26:37 AM File: C:\WINDOWS\system32\WS2HELP.dll ok scanned
8/11/2009 12:26:37 AM Running module: services.exe\wtsapi32.dll ok scanned
8/11/2009 12:26:37 AM File: C:\WINDOWS\system32\wtsapi32.dll ok scanned
8/11/2009 12:26:37 AM Running module: lsass.exe\lsass.exe ok scanned
8/11/2009 12:26:37 AM File: C:\WINDOWS\system32\lsass.exe ok scanned
8/11/2009 12:26:37 AM Running module: lsass.exe\ntdll.dll ok scanned
8/11/2009 12:26:37 AM File: C:\WINDOWS\system32\ntdll.dll ok scanned
8/11/2009 12:26:37 AM Running module: lsass.exe\kernel32.dll ok scanned
8/11/2009 12:26:38 AM File: C:\WINDOWS\system32\kernel32.dll ok scanned
8/11/2009 12:26:38 AM Running module: lsass.exe\ADVAPI32.dll ok scanned
8/11/2009 12:26:38 AM File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
8/11/2009 12:26:38 AM Running module: lsass.exe\RPCRT4.dll ok scanned
8/11/2009 12:26:38 AM File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
8/11/2009 12:26:38 AM Running module: lsass.exe\Secur32.dll ok scanned
8/11/2009 12:26:38 AM File: C:\WINDOWS\system32\Secur32.dll ok scanned
8/11/2009 12:26:38 AM Running module: lsass.exe\LSASRV.dll ok scanned
8/11/2009 12:26:38 AM File: C:\WINDOWS\system32\LSASRV.dll ok scanned
8/11/2009 12:26:38 AM Running module: lsass.exe\MPR.dll ok scanned
8/11/2009 12:26:38 AM File: C:\WINDOWS\system32\MPR.dll ok scanned
8/11/2009 12:26:38 AM Running module: lsass.exe\USER32.dll ok scanned
8/11/2009 12:26:38 AM File: C:\WINDOWS\system32\USER32.dll ok scanned
8/11/2009 12:26:38 AM Running module: lsass.exe\GDI32.dll ok scanned
8/11/2009 12:26:38 AM File: C:\WINDOWS\system32\GDI32.dll ok scanned
8/11/2009 12:26:38 AM Running module: lsass.exe\MSASN1.dll ok scanned
8/11/2009 12:26:38 AM File: C:\WINDOWS\system32\MSASN1.dll ok scanned
8/11/2009 12:26:38 AM Running module: lsass.exe\msvcrt.dll ok scanned
8/11/2009 12:26:38 AM File: C:\WINDOWS\system32\msvcrt.dll ok scanned
8/11/2009 12:26:38 AM Running module: lsass.exe\NETAPI32.dll ok scanned
8/11/2009 12:26:38 AM File: C:\WINDOWS\system32\NETAPI32.dll ok scanned
8/11/2009 12:26:38 AM Running module: lsass.exe\NTDSAPI.dll ok scanned
8/11/2009 12:26:38 AM File: C:\WINDOWS\system32\NTDSAPI.dll ok scanned
8/11/2009 12:26:38 AM Running module: lsass.exe\DNSAPI.dll ok scanned
8/11/2009 12:26:38 AM File: C:\WINDOWS\system32\DNSAPI.dll ok scanned
8/11/2009 12:26:38 AM Running module: lsass.exe\WS2_32.dll ok scanned
8/11/2009 12:26:39 AM File: C:\WINDOWS\system32\WS2_32.dll ok scanned
8/11/2009 12:26:39 AM Running module: lsass.exe\WS2HELP.dll ok scanned
8/11/2009 12:26:39 AM File: C:\WINDOWS\system32\WS2HELP.dll ok scanned
8/11/2009 12:26:39 AM Running module: lsass.exe\WLDAP32.dll ok scanned
8/11/2009 12:26:39 AM File: C:\WINDOWS\system32\WLDAP32.dll ok scanned
8/11/2009 12:26:39 AM Running module: lsass.exe\SAMLIB.dll ok scanned
8/11/2009 12:26:39 AM File: C:\WINDOWS\system32\SAMLIB.dll ok scanned
8/11/2009 12:26:39 AM Running module: lsass.exe\SAMSRV.dll ok scanned
8/11/2009 12:26:39 AM File: C:\WINDOWS\system32\SAMSRV.dll ok scanned
8/11/2009 12:26:39 AM Running module: lsass.exe\cryptdll.dll ok scanned
8/11/2009 12:26:39 AM File: C:\WINDOWS\system32\cryptdll.dll ok scanned
8/11/2009 12:26:39 AM Running module: lsass.exe\ShimEng.dll ok scanned
8/11/2009 12:26:39 AM File: C:\WINDOWS\system32\ShimEng.dll ok scanned
8/11/2009 12:26:39 AM Running module: lsass.exe\AcGenral.DLL ok scanned
8/11/2009 12:26:40 AM File: C:\WINDOWS\AppPatch\AcGenral.DLL ok scanned
8/11/2009 12:26:40 AM Running module: lsass.exe\WINMM.dll ok scanned
8/11/2009 12:26:40 AM File: C:\WINDOWS\system32\WINMM.dll ok scanned
8/11/2009 12:26:40 AM Running module: lsass.exe\ole32.dll ok scanned
8/11/2009 12:26:40 AM File: C:\WINDOWS\system32\ole32.dll ok scanned
8/11/2009 12:26:40 AM Running module: lsass.exe\OLEAUT32.dll ok scanned
8/11/2009 12:26:40 AM File: C:\WINDOWS\system32\OLEAUT32.dll ok scanned
8/11/2009 12:26:40 AM Running module: lsass.exe\MSACM32.dll ok scanned
8/11/2009 12:26:40 AM File: C:\WINDOWS\system32\MSACM32.dll ok scanned
8/11/2009 12:26:40 AM Running module: lsass.exe\VERSION.dll ok scanned
8/11/2009 12:26:40 AM File: C:\WINDOWS\system32\VERSION.dll ok scanned
8/11/2009 12:26:40 AM Running module: lsass.exe\SHELL32.dll ok scanned
8/11/2009 12:26:40 AM File: C:\WINDOWS\system32\SHELL32.dll ok scanned
8/11/2009 12:26:40 AM Running module: lsass.exe\SHLWAPI.dll ok scanned
8/11/2009 12:26:40 AM File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
8/11/2009 12:26:40 AM Running module: lsass.exe\USERENV.dll ok scanned
8/11/2009 12:26:40 AM File: C:\WINDOWS\system32\USERENV.dll ok scanned
8/11/2009 12:26:40 AM Running module: lsass.exe\UxTheme.dll ok scanned
8/11/2009 12:26:40 AM File: C:\WINDOWS\system32\UxTheme.dll ok scanned
8/11/2009 12:26:40 AM Running module: lsass.exe\IMM32.DLL ok scanned
8/11/2009 12:26:40 AM File: C:\WINDOWS\system32\IMM32.DLL ok scanned
8/11/2009 12:26:40 AM Running module: lsass.exe\guard32.dll ok scanned
8/11/2009 12:26:40 AM File: C:\WINDOWS\system32\guard32.dll ok scanned
8/11/2009 12:26:40 AM Running module: lsass.exe\fltlib.dll ok scanned
8/11/2009 12:26:40 AM File: C:\WINDOWS\system32\fltlib.dll ok scanned
8/11/2009 12:26:40 AM Running module: lsass.exe\serwvdrv.dll ok scanned
8/11/2009 12:26:40 AM File: C:\WINDOWS\system32\serwvdrv.dll ok scanned
8/11/2009 12:26:40 AM Running module: lsass.exe\umdmxfrm.dll ok scanned
8/11/2009 12:26:40 AM File: C:\WINDOWS\system32\umdmxfrm.dll ok scanned
8/11/2009 12:26:40 AM Running module: lsass.exe\comctl32.dll ok scanned
8/11/2009 12:26:40 AM File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ok scanned
8/11/2009 12:26:40 AM Running module: lsass.exe\comctl32.dll ok scanned
8/11/2009 12:26:40 AM File: C:\WINDOWS\system32\comctl32.dll ok scanned
8/11/2009 12:26:40 AM Running module: lsass.exe\msprivs.dll ok scanned
8/11/2009 12:26:40 AM File: C:\WINDOWS\system32\msprivs.dll ok scanned
8/11/2009 12:26:40 AM Running module: lsass.exe\kerberos.dll ok scanned
8/11/2009 12:26:41 AM File: C:\WINDOWS\system32\kerberos.dll ok scanned
8/11/2009 12:26:41 AM Running module: lsass.exe\msv1_0.dll ok scanned
8/11/2009 12:26:41 AM File: C:\WINDOWS\system32\msv1_0.dll ok scanned
8/11/2009 12:26:41 AM Running module: lsass.exe\iphlpapi.dll ok scanned
8/11/2009 12:26:41 AM File: C:\WINDOWS\system32\iphlpapi.dll ok scanned
8/11/2009 12:26:41 AM Running module: lsass.exe\netlogon.dll ok scanned
8/11/2009 12:26:41 AM File: C:\WINDOWS\system32\netlogon.dll ok scanned
8/11/2009 12:26:41 AM Running module: lsass.exe\w32time.dll ok scanned
8/11/2009 12:26:42 AM File: C:\WINDOWS\system32\w32time.dll ok scanned
8/11/2009 12:26:42 AM Running module: lsass.exe\MSVCP60.dll ok scanned
8/11/2009 12:26:42 AM File: C:\WINDOWS\system32\MSVCP60.dll ok scanned
8/11/2009 12:26:42 AM Running module: lsass.exe\schannel.dll ok scanned
8/11/2009 12:26:42 AM File: C:\WINDOWS\system32\schannel.dll ok scanned
8/11/2009 12:26:42 AM Running module: lsass.exe\CRYPT32.dll ok scanned
8/11/2009 12:26:42 AM File: C:\WINDOWS\system32\CRYPT32.dll ok scanned
8/11/2009 12:26:42 AM Running module: lsass.exe\wdigest.dll ok scanned
8/11/2009 12:26:42 AM File: C:\WINDOWS\system32\wdigest.dll ok scanned
8/11/2009 12:26:42 AM Running module: lsass.exe\rsaenh.dll ok scanned
8/11/2009 12:26:42 AM File: C:\WINDOWS\system32\rsaenh.dll ok scanned
8/11/2009 12:26:42 AM Running module: lsass.exe\relog_ap.dll ok scanned
8/11/2009 12:26:42 AM File: C:\WINDOWS\system32\relog_ap.dll ok scanned
8/11/2009 12:26:42 AM Running module: lsass.exe\setupapi.dll ok scanned
8/11/2009 12:26:42 AM File: C:\WINDOWS\system32\setupapi.dll ok scanned
8/11/2009 12:26:42 AM Running module: lsass.exe\scecli.dll ok scanned
8/11/2009 12:26:42 AM File: C:\WINDOWS\system32\scecli.dll ok scanned
8/11/2009 12:26:42 AM Running module: lsass.exe\ipsecsvc.dll ok scanned
8/11/2009 12:26:43 AM File: C:\WINDOWS\system32\ipsecsvc.dll ok scanned
8/11/2009 12:26:43 AM Running module: lsass.exe\AUTHZ.dll ok scanned
8/11/2009 12:26:43 AM File: C:\WINDOWS\system32\AUTHZ.dll ok scanned
8/11/2009 12:26:43 AM Running module: lsass.exe\oakley.DLL ok scanned
8/11/2009 12:26:43 AM File: C:\WINDOWS\system32\oakley.DLL ok scanned
8/11/2009 12:26:43 AM Running module: lsass.exe\WINIPSEC.DLL ok scanned
8/11/2009 12:26:43 AM File: C:\WINDOWS\system32\WINIPSEC.DLL ok scanned
8/11/2009 12:26:43 AM Running module: lsass.exe\pstorsvc.dll ok scanned
8/11/2009 12:26:43 AM File: C:\WINDOWS\system32\pstorsvc.dll ok scanned
8/11/2009 12:26:43 AM Running module: lsass.exe\mswsock.dll ok scanned
8/11/2009 12:26:44 AM File: C:\WINDOWS\system32\mswsock.dll ok scanned
8/11/2009 12:26:44 AM Running module: lsass.exe\psbase.dll ok scanned
8/11/2009 12:26:44 AM File: C:\WINDOWS\system32\psbase.dll ok scanned
8/11/2009 12:26:44 AM Running module: lsass.exe\hnetcfg.dll ok scanned
8/11/2009 12:26:44 AM File: C:\WINDOWS\system32\hnetcfg.dll ok scanned
8/11/2009 12:26:44 AM Running module: lsass.exe\wshtcpip.dll ok scanned
8/11/2009 12:26:44 AM File: C:\WINDOWS\System32\wshtcpip.dll ok scanned
8/11/2009 12:26:44 AM Running module: lsass.exe\dssenh.dll ok scanned
8/11/2009 12:26:44 AM File: C:\WINDOWS\system32\dssenh.dll ok scanned
8/11/2009 12:26:44 AM Running module: svchost.exe\svchost.exe ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\svchost.exe ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\ntdll.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\ntdll.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\kernel32.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\kernel32.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\ADVAPI32.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\RPCRT4.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\Secur32.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\Secur32.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\ShimEng.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\ShimEng.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\AcGenral.DLL ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\AppPatch\AcGenral.DLL ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\USER32.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\USER32.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\GDI32.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\GDI32.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\WINMM.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\WINMM.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\ole32.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\ole32.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\msvcrt.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\msvcrt.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\OLEAUT32.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\OLEAUT32.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\MSACM32.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\MSACM32.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\VERSION.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\VERSION.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\SHELL32.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\SHELL32.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\SHLWAPI.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\USERENV.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\USERENV.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\UxTheme.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\UxTheme.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\IMM32.DLL ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\IMM32.DLL ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\guard32.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\guard32.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\fltlib.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\fltlib.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\serwvdrv.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\serwvdrv.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\umdmxfrm.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\umdmxfrm.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\comctl32.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\comctl32.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\comctl32.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\NTMARTA.DLL ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\NTMARTA.DLL ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\SAMLIB.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\SAMLIB.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\WLDAP32.dll ok scanned
8/11/2009 12:26:45 AM File: C:\WINDOWS\system32\WLDAP32.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\rpcss.dll ok scanned
8/11/2009 12:26:45 AM File: c:\windows\system32\rpcss.dll ok scanned
8/11/2009 12:26:45 AM Running module: svchost.exe\WS2_32.dll ok scanned
8/11/2009 12:26:46 AM File: c:\windows\system32\WS2_32.dll ok scanned
8/11/2009 12:26:46 AM Running module: svchost.exe\WS2HELP.dll ok scanned
8/11/2009 12:26:46 AM File: c:\windows\system32\WS2HELP.dll ok scanned
8/11/2009 12:26:46 AM Running module: svchost.exe\xpsp2res.dll ok scanned
8/11/2009 12:26:46 AM File: C:\WINDOWS\system32\xpsp2res.dll ok scanned
8/11/2009 12:26:46 AM Running module: svchost.exe\CLBCATQ.DLL ok scanned
8/11/2009 12:26:46 AM File: C:\WINDOWS\system32\CLBCATQ.DLL ok scanned
8/11/2009 12:26:46 AM Running module: svchost.exe\COMRes.dll ok scanned
8/11/2009 12:26:46 AM File: C:\WINDOWS\system32\COMRes.dll ok scanned
8/11/2009 12:26:46 AM Running module: svchost.exe\WTSAPI32.dll ok scanned
8/11/2009 12:26:46 AM File: C:\WINDOWS\system32\WTSAPI32.dll ok scanned
8/11/2009 12:26:46 AM Running module: svchost.exe\WINSTA.dll ok scanned
8/11/2009 12:26:46 AM File: C:\WINDOWS\system32\WINSTA.dll ok scanned
8/11/2009 12:26:46 AM Running module: svchost.exe\NETAPI32.dll ok scanned
8/11/2009 12:26:46 AM File: C:\WINDOWS\system32\NETAPI32.dll ok scanned
8/11/2009 12:26:46 AM Running module: svchost.exe\msv1_0.dll ok scanned
8/11/2009 12:26:46 AM File: C:\WINDOWS\system32\msv1_0.dll ok scanned
8/11/2009 12:26:46 AM Running module: svchost.exe\iphlpapi.dll ok scanned
8/11/2009 12:26:46 AM File: C:\WINDOWS\system32\iphlpapi.dll ok scanned
8/11/2009 12:26:46 AM Running module: svchost.exe\Apphelp.dll ok scanned
8/11/2009 12:26:46 AM File: C:\WINDOWS\system32\Apphelp.dll ok scanned
8/11/2009 12:26:46 AM Running module: svchost.exe\termsrv.dll ok scanned
8/11/2009 12:26:46 AM File: c:\windows\system32\termsrv.dll ok scanned
8/11/2009 12:26:46 AM Running module: svchost.exe\ICAAPI.dll ok scanned
8/11/2009 12:26:46 AM File: c:\windows\system32\ICAAPI.dll ok scanned
8/11/2009 12:26:46 AM Running module: svchost.exe\SETUPAPI.dll ok scanned
8/11/2009 12:26:46 AM File: c:\windows\system32\SETUPAPI.dll ok scanned
8/11/2009 12:26:46 AM Running module: svchost.exe\WINTRUST.dll ok scanned
8/11/2009 12:26:46 AM File: C:\WINDOWS\system32\WINTRUST.dll ok scanned
8/11/2009 12:26:46 AM Running module: svchost.exe\CRYPT32.dll ok scanned
8/11/2009 12:26:46 AM File: C:\WINDOWS\system32\CRYPT32.dll ok scanned
8/11/2009 12:26:46 AM Running module: svchost.exe\MSASN1.dll ok scanned
8/11/2009 12:26:46 AM File: C:\WINDOWS\system32\MSASN1.dll ok scanned
8/11/2009 12:26:46 AM Running module: svchost.exe\IMAGEHLP.dll ok scanned
8/11/2009 12:26:46 AM File: C:\WINDOWS\system32\IMAGEHLP.dll ok scanned
8/11/2009 12:26:46 AM Running module: svchost.exe\AUTHZ.dll ok scanned
8/11/2009 12:26:46 AM File: c:\windows\system32\AUTHZ.dll ok scanned
8/11/2009 12:26:46 AM Running module: svchost.exe\mstlsapi.dll ok scanned
8/11/2009 12:26:46 AM File: c:\windows\system32\mstlsapi.dll ok scanned
8/11/2009 12:26:46 AM Running module: svchost.exe\ACTIVEDS.dll ok scanned
8/11/2009 12:26:47 AM File: c:\windows\system32\ACTIVEDS.dll ok scanned
8/11/2009 12:26:47 AM Running module: svchost.exe\adsldpc.dll ok scanned
8/11/2009 12:26:47 AM File: c:\windows\system32\adsldpc.dll ok scanned
8/11/2009 12:26:47 AM Running module: svchost.exe\ATL.DLL ok scanned
8/11/2009 12:26:47 AM File: c:\windows\system32\ATL.DLL ok scanned
8/11/2009 12:26:47 AM Running module: svchost.exe\REGAPI.dll ok scanned
8/11/2009 12:26:47 AM File: C:\WINDOWS\system32\REGAPI.dll ok scanned
8/11/2009 12:26:47 AM Running module: svchost.exe\rsaenh.dll ok scanned
8/11/2009 12:26:47 AM File: C:\WINDOWS\system32\rsaenh.dll ok scanned
8/11/2009 12:26:47 AM Running module: svchost.exe\msi.dll ok scanned
8/11/2009 12:26:48 AM File: C:\WINDOWS\system32\msi.dll ok scanned
8/11/2009 12:26:48 AM Running module: svchost.exe\svchost.exe ok scanned
8/11/2009 12:26:48 AM File: C:\WINDOWS\system32\svchost.exe ok scanned
8/11/2009 12:26:48 AM Running module: svchost.exe\ntdll.dll ok scanned
8/11/2009 12:26:48 AM File: C:\WINDOWS\system32\ntdll.dll ok scanned
8/11/2009 12:26:48 AM Running module: svchost.exe\kernel32.dll ok scanned
8/11/2009 12:26:48 AM File: C:\WINDOWS\system32\kernel32.dll ok scanned
8/11/2009 12:26:48 AM Running module: svchost.exe\ADVAPI32.dll ok scanned
8/11/2009 12:26:48 AM File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
8/11/2009 12:26:48 AM Running module: svchost.exe\RPCRT4.dll ok scanned
8/11/2009 12:26:48 AM File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
8/11/2009 12:26:48 AM Running module: svchost.exe\Secur32.dll ok scanned
8/11/2009 12:26:48 AM File: C:\WINDOWS\system32\Secur32.dll ok scanned
8/11/2009 12:26:48 AM Running module: svchost.exe\ShimEng.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\ShimEng.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\AcGenral.DLL ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\AppPatch\AcGenral.DLL ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\USER32.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\USER32.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\GDI32.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\GDI32.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\WINMM.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\WINMM.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\ole32.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\ole32.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\msvcrt.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\msvcrt.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\OLEAUT32.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\OLEAUT32.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\MSACM32.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\MSACM32.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\VERSION.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\VERSION.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\SHELL32.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\SHELL32.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\SHLWAPI.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\USERENV.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\USERENV.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\UxTheme.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\UxTheme.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\IMM32.DLL ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\IMM32.DLL ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\guard32.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\guard32.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\fltlib.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\fltlib.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\serwvdrv.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\serwvdrv.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\umdmxfrm.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\umdmxfrm.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\comctl32.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\comctl32.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\comctl32.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\rpcss.dll ok scanned
8/11/2009 12:26:49 AM File: c:\windows\system32\rpcss.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\WS2_32.dll ok scanned
8/11/2009 12:26:49 AM File: c:\windows\system32\WS2_32.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\WS2HELP.dll ok scanned
8/11/2009 12:26:49 AM File: c:\windows\system32\WS2HELP.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\xpsp2res.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\xpsp2res.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\rsaenh.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\rsaenh.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\mswsock.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\mswsock.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\hnetcfg.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\hnetcfg.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\wshtcpip.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\System32\wshtcpip.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\DNSAPI.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\DNSAPI.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\iphlpapi.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\iphlpapi.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\winrnr.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\System32\winrnr.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\WLDAP32.dll ok scanned
8/11/2009 12:26:49 AM File: C:\WINDOWS\system32\WLDAP32.dll ok scanned
8/11/2009 12:26:49 AM Running module: svchost.exe\mdnsNSP.dll ok scanned
8/11/2009 12:26:50 AM File: C:\Program Files\Bonjour\mdnsNSP.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\rasadhlp.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\rasadhlp.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\CLBCATQ.DLL ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\CLBCATQ.DLL ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\COMRes.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\COMRes.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\msi.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\msi.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\svchost.exe ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\svchost.exe ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\ntdll.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\ntdll.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\kernel32.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\kernel32.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\ADVAPI32.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\RPCRT4.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\Secur32.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\Secur32.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\ShimEng.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\ShimEng.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\AcGenral.DLL ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\AppPatch\AcGenral.DLL ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\USER32.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\USER32.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\GDI32.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\GDI32.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\WINMM.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\WINMM.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\ole32.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\ole32.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\msvcrt.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\msvcrt.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\OLEAUT32.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\OLEAUT32.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\MSACM32.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\MSACM32.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\VERSION.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\VERSION.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\SHELL32.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\SHELL32.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\SHLWAPI.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\USERENV.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\USERENV.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\UxTheme.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\UxTheme.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\IMM32.DLL ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\IMM32.DLL ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\guard32.dll ok scanned
8/11/2009 12:26:50 AM File: C:\WINDOWS\system32\guard32.dll ok scanned
8/11/2009 12:26:50 AM Running module: svchost.exe\fltlib.dll ok scanned
8/11/2009 12:26:51 AM File: C:\WINDOWS\system32\fltlib.dll ok scanned
8/11/2009 12:26:51 AM Running module: svchost.exe\serwvdrv.dll ok scanned
8/11/2009 12:26:51 AM File: C:\WINDOWS\system32\serwvdrv.dll ok scanned
8/11/2009 12:26:51 AM Running module: svchost.exe\umdmxfrm.dll ok scanned
8/11/2009 12:26:51 AM File: C:\WINDOWS\system32\umdmxfrm.dll ok scanned
8/11/2009 12:26:51 AM Running module: svchost.exe\comctl32.dll ok scanned
8/11/2009 12:26:51 AM File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ok scanned
8/11/2009 12:26:51 AM Running module: svchost.exe\comctl32.dll ok scanned
8/11/2009 12:26:51 AM File: C:\WINDOWS\system32\comctl32.dll ok scanned
8/11/2009 12:26:51 AM Running module: svchost.exe\NTMARTA.DLL ok scanned
8/11/2009 12:26:51 AM File: C:\WINDOWS\system32\NTMARTA.DLL ok scanned
8/11/2009 12:26:51 AM Running module: svchost.exe\SAMLIB.dll ok scanned
8/11/2009 12:26:51 AM File: C:\WINDOWS\system32\SAMLIB.dll ok scanned
8/11/2009 12:26:51 AM Running module: svchost.exe\WLDAP32.dll ok scanned
8/11/2009 12:26:51 AM File: C:\WINDOWS\system32\WLDAP32.dll ok scanned
8/11/2009 12:26:51 AM Running module: svchost.exe\xpsp2res.dll ok scanned
8/11/2009 12:26:51 AM File: C:\WINDOWS\system32\xpsp2res.dll ok scanned
8/11/2009 12:26:51 AM Running module: svchost.exe\cryptsvc.dll ok scanned
8/11/2009 12:26:51 AM File: c:\windows\system32\cryptsvc.dll ok scanned
8/11/2009 12:26:51 AM Running module: svchost.exe\certcli.dll ok scanned
8/11/2009 12:26:51 AM File: c:\windows\system32\certcli.dll ok scanned
8/11/2009 12:26:51 AM Running module: svchost.exe\ATL.DLL ok scanned
8/11/2009 12:26:51 AM File: c:\windows\system32\ATL.DLL ok scanned
8/11/2009 12:26:51 AM Running module: svchost.exe\CRYPT32.dll ok scanned
8/11/2009 12:26:51 AM File: C:\WINDOWS\system32\CRYPT32.dll ok scanned
8/11/2009 12:26:51 AM Running module: svchost.exe\MSASN1.dll ok scanned
8/11/2009 12:26:51 AM File: C:\WINDOWS\system32\MSASN1.dll ok scanned
8/11/2009 12:26:51 AM Running module: svchost.exe\CRYPTUI.dll ok scanned
8/11/2009 12:26:51 AM File: C:\WINDOWS\system32\CRYPTUI.dll ok scanned
8/11/2009 12:26:51 AM Running module: svchost.exe\NETAPI32.dll ok scanned
8/11/2009 12:26:51 AM File: C:\WINDOWS\system32\NETAPI32.dll ok scanned
8/11/2009 12:26:51 AM Running module: svchost.exe\WININET.dll ok scanned
8/11/2009 12:26:51 AM File: C:\WINDOWS\system32\WININET.dll ok scanned
8/11/2009 12:26:51 AM Running module: svchost.exe\Normaliz.dll ok scanned
8/11/2009 12:26:51 AM File: C:\WINDOWS\system32\Normaliz.dll ok scanned
8/11/2009 12:26:51 AM Running module: svchost.exe\iertutil.dll ok scanned
8/11/2009 12:26:52 AM File: C:\WINDOWS\system32\iertutil.dll ok scanned
8/11/2009 12:26:52 AM Running module: svchost.exe\WINTRUST.dll ok scanned
8/11/2009 12:26:52 AM File: C:\WINDOWS\system32\WINTRUST.dll ok scanned
8/11/2009 12:26:52 AM Running module: svchost.exe\IMAGEHLP.dll ok scanned
8/11/2009 12:26:52 AM File: C:\WINDOWS\system32\IMAGEHLP.dll ok scanned
8/11/2009 12:26:52 AM Running module: svchost.exe\ESENT.dll ok scanned
8/11/2009 12:26:52 AM File: c:\windows\system32\ESENT.dll ok scanned
8/11/2009 12:26:52 AM Running module: svchost.exe\shsvcs.dll ok scanned
8/11/2009 12:26:52 AM File: c:\windows\system32\shsvcs.dll ok scanned
8/11/2009 12:26:52 AM Running module: svchost.exe\WINSTA.dll ok scanned
8/11/2009 12:26:52 AM File: C:\WINDOWS\system32\WINSTA.dll ok scanned
8/11/2009 12:26:52 AM Running module: svchost.exe\uxtuneup.dll ok scanned
8/11/2009 12:26:52 AM File: c:\windows\system32\uxtuneup.dll ok scanned
8/11/2009 12:26:52 AM Running module: svchost.exe\dbghelp.dll ok scanned
8/11/2009 12:26:53 AM File: c:\windows\system32\dbghelp.dll ok scanned
8/11/2009 12:26:53 AM Running module: svchost.exe\dhcpcsvc.dll ok scanned
8/11/2009 12:26:53 AM File: c:\windows\system32\dhcpcsvc.dll ok scanned
8/11/2009 12:26:53 AM Running module: svchost.exe\DNSAPI.dll ok scanned
8/11/2009 12:26:53 AM File: c:\windows\system32\DNSAPI.dll ok scanned
8/11/2009 12:26:53 AM Running module: svchost.exe\WS2_32.dll ok scanned
8/11/2009 12:26:53 AM File: c:\windows\system32\WS2_32.dll ok scanned
8/11/2009 12:26:53 AM Running module: svchost.exe\WS2HELP.dll ok scanned
8/11/2009 12:26:53 AM File: c:\windows\system32\WS2HELP.dll ok scanned
8/11/2009 12:26:53 AM Running module: svchost.exe\iphlpapi.dll ok scanned
8/11/2009 12:26:53 AM File: c:\windows\system32\iphlpapi.dll ok scanned
8/11/2009 12:26:53 AM Running module: svchost.exe\rsaenh.dll ok scanned
8/11/2009 12:26:53 AM File: C:\WINDOWS\system32\rsaenh.dll ok scanned
8/11/2009 12:26:53 AM Running module: svchost.exe\wzcsvc.dll ok scanned
8/11/2009 12:26:53 AM File: c:\windows\system32\wzcsvc.dll ok scanned
8/11/2009 12:26:53 AM Running module: svchost.exe\rtutils.dll ok scanned
8/11/2009 12:26:53 AM File: c:\windows\system32\rtutils.dll ok scanned
8/11/2009 12:26:53 AM Running module: svchost.exe\WMI.dll ok scanned
8/11/2009 12:26:53 AM File: c:\windows\system32\WMI.dll ok scanned
8/11/2009 12:26:53 AM Running module: svchost.exe\EapolQec.dll ok scanned
8/11/2009 12:26:53 AM File: c:\windows\system32\EapolQec.dll ok scanned
8/11/2009 12:26:53 AM Running module: svchost.exe\QUtil.dll ok scanned
8/11/2009 12:26:53 AM File: c:\windows\system32\QUtil.dll ok scanned
8/11/2009 12:26:53 AM Running module: svchost.exe\MSVCP60.dll ok scanned
8/11/2009 12:26:53 AM File: c:\windows\system32\MSVCP60.dll ok scanned
8/11/2009 12:26:53 AM Running module: svchost.exe\dot3api.dll ok scanned
8/11/2009 12:26:53 AM File: c:\windows\system32\dot3api.dll ok scanned
8/11/2009 12:26:53 AM Running module: svchost.exe\WTSAPI32.dll ok scanned
8/11/2009 12:26:53 AM File: c:\windows\system32\WTSAPI32.dll ok scanned
8/11/2009 12:26:53 AM Running module: svchost.exe\SETUPAPI.DLL ok scanned
8/11/2009 12:26:53 AM File: C:\WINDOWS\system32\SETUPAPI.DLL ok scanned
8/11/2009 12:26:53 AM Running module: svchost.exe\CLBCATQ.DLL ok scanned
8/11/2009 12:26:53 AM File: C:\WINDOWS\system32\CLBCATQ.DLL ok scanned
8/11/2009 12:26:53 AM Running module: svchost.exe\COMRes.dll ok scanned
8/11/2009 12:26:53 AM File: C:\WINDOWS\system32\COMRes.dll ok scanned
8/11/2009 12:26:53 AM Running module: svchost.exe\rastls.dll ok scanned
8/11/2009 12:26:54 AM File: C:\WINDOWS\System32\rastls.dll ok scanned
8/11/2009 12:26:54 AM Running module: svchost.exe\MPRAPI.dll ok scanned
8/11/2009 12:26:54 AM File: C:\WINDOWS\system32\MPRAPI.dll ok scanned
8/11/2009 12:26:54 AM Running module: svchost.exe\ACTIVEDS.dll ok scanned
8/11/2009 12:26:54 AM File: C:\WINDOWS\system32\ACTIVEDS.dll ok scanned
8/11/2009 12:26:54 AM Running module: svchost.exe\adsldpc.dll ok scanned
8/11/2009 12:26:54 AM File: C:\WINDOWS\system32\adsldpc.dll ok scanned
8/11/2009 12:26:54 AM Running module: svchost.exe\RASAPI32.dll ok scanned
8/11/2009 12:26:54 AM File: C:\WINDOWS\system32\RASAPI32.dll ok scanned
8/11/2009 12:26:54 AM Running module: svchost.exe\rasman.dll ok scanned
8/11/2009 12:26:54 AM File: C:\WINDOWS\system32\rasman.dll ok scanned
8/11/2009 12:26:54 AM Running module: svchost.exe\TAPI32.dll ok scanned
8/11/2009 12:26:54 AM File: C:\WINDOWS\system32\TAPI32.dll ok scanned
8/11/2009 12:26:54 AM Running module: svchost.exe\SCHANNEL.dll ok scanned
8/11/2009 12:26:54 AM File: C:\WINDOWS\system32\SCHANNEL.dll ok scanned
8/11/2009 12:26:54 AM Running module: svchost.exe\WinSCard.dll ok scanned
8/11/2009 12:26:54 AM File: C:\WINDOWS\system32\WinSCard.dll ok scanned
8/11/2009 12:26:54 AM Running module: svchost.exe\PSAPI.DLL ok scanned
8/11/2009 12:26:54 AM File: C:\WINDOWS\system32\PSAPI.DLL ok scanned
8/11/2009 12:26:54 AM Running module: svchost.exe\raschap.dll ok scanned
8/11/2009 12:26:55 AM File: C:\WINDOWS\System32\raschap.dll ok scanned
8/11/2009 12:26:55 AM Running module: svchost.exe\msv1_0.dll ok scanned
8/11/2009 12:26:55 AM File: C:\WINDOWS\system32\msv1_0.dll ok scanned
8/11/2009 12:26:55 AM Running module: svchost.exe\schedsvc.dll ok scanned
8/11/2009 12:26:55 AM File: c:\windows\system32\schedsvc.dll ok scanned
8/11/2009 12:26:55 AM Running module: svchost.exe\NTDSAPI.dll ok scanned
8/11/2009 12:26:55 AM File: c:\windows\system32\NTDSAPI.dll ok scanned
8/11/2009 12:26:55 AM Running module: svchost.exe\MSIDLE.DLL ok scanned
8/11/2009 12:26:55 AM File: C:\WINDOWS\system32\MSIDLE.DLL ok scanned
8/11/2009 12:26:55 AM Running module: svchost.exe\audiosrv.dll ok scanned
8/11/2009 12:26:55 AM File: c:\windows\system32\audiosrv.dll ok scanned
8/11/2009 12:26:55 AM Running module: svchost.exe\wkssvc.dll ok scanned
8/11/2009 12:26:55 AM File: c:\windows\system32\wkssvc.dll ok scanned
8/11/2009 12:26:55 AM Running module: svchost.exe\qmgr.dll ok scanned
8/11/2009 12:26:56 AM File: c:\windows\system32\qmgr.dll ok scanned
8/11/2009 12:26:56 AM Running module: svchost.exe\MPR.dll ok scanned
8/11/2009 12:26:56 AM File: C:\WINDOWS\system32\MPR.dll ok scanned
8/11/2009 12:26:56 AM Running module: svchost.exe\SHFOLDER.dll ok scanned
8/11/2009 12:26:56 AM File: c:\windows\system32\SHFOLDER.dll ok scanned
8/11/2009 12:26:56 AM Running module: svchost.exe\WINHTTP.dll ok scanned
8/11/2009 12:26:56 AM File: c:\windows\system32\WINHTTP.dll ok scanned
8/11/2009 12:26:56 AM Running module: svchost.exe\mswsock.dll ok scanned
8/11/2009 12:26:56 AM File: C:\WINDOWS\system32\mswsock.dll ok scanned
8/11/2009 12:26:56 AM Running module: svchost.exe\hnetcfg.dll ok scanned
8/11/2009 12:26:56 AM File: C:\WINDOWS\system32\hnetcfg.dll ok scanned
8/11/2009 12:26:56 AM Running module: svchost.exe\wshtcpip.dll ok scanned
8/11/2009 12:26:56 AM File: C:\WINDOWS\System32\wshtcpip.dll ok scanned
8/11/2009 12:26:56 AM Running module: svchost.exe\netman.dll ok scanned
8/11/2009 12:26:56 AM File: C:\WINDOWS\system32\netman.dll ok scanned
8/11/2009 12:26:56 AM Running module: svchost.exe\netshell.dll ok scanned
8/11/2009 12:26:57 AM File: C:\WINDOWS\system32\netshell.dll ok scanned
8/11/2009 12:26:57 AM Running module: svchost.exe\credui.dll ok scanned
8/11/2009 12:26:57 AM File: C:\WINDOWS\system32\credui.dll ok scanned
8/11/2009 12:26:57 AM Running module: svchost.exe\dot3dlg.dll ok scanned
8/11/2009 12:26:57 AM File: C:\WINDOWS\system32\dot3dlg.dll ok scanned
8/11/2009 12:26:57 AM Running module: svchost.exe\OneX.DLL ok scanned
8/11/2009 12:26:57 AM File: C:\WINDOWS\system32\OneX.DLL ok scanned
8/11/2009 12:26:57 AM Running module: svchost.exe\eappcfg.dll ok scanned
8/11/2009 12:26:57 AM File: C:\WINDOWS\system32\eappcfg.dll ok scanned
8/11/2009 12:26:57 AM Running module: svchost.exe\eappprxy.dll ok scanned
8/11/2009 12:26:57 AM File: C:\WINDOWS\system32\eappprxy.dll ok scanned
8/11/2009 12:26:57 AM Running module: svchost.exe\WZCSAPI.DLL ok scanned
8/11/2009 12:26:57 AM File: C:\WINDOWS\system32\WZCSAPI.DLL ok scanned
8/11/2009 12:26:57 AM Running module: svchost.exe\es.dll ok scanned
8/11/2009 12:26:58 AM File: c:\windows\system32\es.dll ok scanned
8/11/2009 12:26:58 AM Running module: svchost.exe\pchsvc.dll ok scanned
8/11/2009 12:26:58 AM File: c:\windows\pchealth\helpctr\binaries\pchsvc.dll ok scanned
8/11/2009 12:26:58 AM Running module: svchost.exe\srvsvc.dll ok scanned
8/11/2009 12:26:58 AM File: c:\windows\system32\srvsvc.dll ok scanned
8/11/2009 12:26:58 AM Running module: svchost.exe\SXS.DLL ok scanned
8/11/2009 12:26:58 AM File: C:\WINDOWS\system32\SXS.DLL ok scanned
8/11/2009 12:26:58 AM Running module: svchost.exe\comsvcs.dll ok scanned
8/11/2009 12:26:59 AM File: C:\WINDOWS\system32\comsvcs.dll ok scanned
8/11/2009 12:26:59 AM Running module: svchost.exe\colbact.DLL ok scanned
8/11/2009 12:26:59 AM File: C:\WINDOWS\system32\colbact.DLL ok scanned
8/11/2009 12:26:59 AM Running module: svchost.exe\MTXCLU.DLL ok scanned
8/11/2009 12:26:59 AM File: C:\WINDOWS\system32\MTXCLU.DLL ok scanned
8/11/2009 12:26:59 AM Running module: svchost.exe\WSOCK32.dll ok scanned
8/11/2009 12:26:59 AM File: C:\WINDOWS\system32\WSOCK32.dll ok scanned
8/11/2009 12:26:59 AM Running module: svchost.exe\CLUSAPI.DLL ok scanned
8/11/2009 12:26:59 AM File: C:\WINDOWS\system32\CLUSAPI.DLL ok scanned
8/11/2009 12:26:59 AM Running module: svchost.exe\RESUTILS.DLL ok scanned
8/11/2009 12:26:59 AM File: C:\WINDOWS\system32\RESUTILS.DLL ok scanned
8/11/2009 12:26:59 AM Running module: svchost.exe\seclogon.dll ok scanned
8/11/2009 12:27:00 AM File: c:\windows\system32\seclogon.dll ok scanned
8/11/2009 12:27:00 AM Running module: svchost.exe\sens.dll ok scanned
8/11/2009 12:27:00 AM File: c:\windows\system32\sens.dll ok scanned
8/11/2009 12:27:00 AM Running module: svchost.exe\srsvc.dll ok scanned
8/11/2009 12:27:00 AM File: c:\windows\system32\srsvc.dll ok scanned
8/11/2009 12:27:00 AM Running module: svchost.exe\POWRPROF.dll ok scanned
8/11/2009 12:27:00 AM File: c:\windows\system32\POWRPROF.dll ok scanned
8/11/2009 12:27:00 AM Running module: svchost.exe\trkwks.dll ok scanned
8/11/2009 12:27:00 AM File: c:\windows\system32\trkwks.dll ok scanned
8/11/2009 12:27:00 AM Running module: svchost.exe\w32time.dll ok scanned
8/11/2009 12:27:00 AM File: c:\windows\system32\w32time.dll ok scanned
8/11/2009 12:27:00 AM Running module: svchost.exe\wmisvc.dll ok scanned
8/11/2009 12:27:00 AM File: c:\windows\system32\wbem\wmisvc.dll ok scanned
8/11/2009 12:27:00 AM Running module: svchost.exe\VSSAPI.DLL ok scanned
8/11/2009 12:27:01 AM File: C:\WINDOWS\system32\VSSAPI.DLL ok scanned
8/11/2009 12:27:01 AM Running module: svchost.exe\wbemcore.dll ok scanned
8/11/2009 12:27:01 AM File: C:\WINDOWS\system32\wbem\wbemcore.dll ok scanned
8/11/2009 12:27:01 AM Running module: svchost.exe\esscli.dll ok scanned
8/11/2009 12:27:02 AM File: C:\WINDOWS\system32\wbem\esscli.dll ok scanned
8/11/2009 12:27:02 AM Running module: svchost.exe\wbemcomn.dll ok scanned
8/11/2009 12:27:02 AM File: C:\WINDOWS\system32\wbem\wbemcomn.dll ok scanned
8/11/2009 12:27:02 AM Running module: svchost.exe\FastProx.dll ok scanned
8/11/2009 12:27:03 AM File: C:\WINDOWS\system32\wbem\FastProx.dll ok scanned
8/11/2009 12:27:03 AM Running module: svchost.exe\wbemsvc.dll ok scanned
8/11/2009 12:27:03 AM File: C:\WINDOWS\System32\wbem\wbemsvc.dll ok scanned
8/11/2009 12:27:03 AM Running module: svchost.exe\wmiutils.dll ok scanned
8/11/2009 12:27:03 AM File: C:\WINDOWS\System32\wbem\wmiutils.dll ok scanned
8/11/2009 12:27:03 AM Running module: svchost.exe\repdrvfs.dll ok scanned
8/11/2009 12:27:03 AM File: C:\WINDOWS\System32\wbem\repdrvfs.dll ok scanned
8/11/2009 12:27:03 AM Running module: svchost.exe\wmiprvsd.dll ok scanned
8/11/2009 12:27:04 AM File: C:\WINDOWS\System32\wbem\wmiprvsd.dll ok scanned
8/11/2009 12:27:04 AM Running module: svchost.exe\NCObjAPI.DLL ok scanned
8/11/2009 12:27:04 AM File: C:\WINDOWS\system32\NCObjAPI.DLL ok scanned
8/11/2009 12:27:04 AM Running module: svchost.exe\wbemess.dll ok scanned
8/11/2009 12:27:04 AM File: C:\WINDOWS\System32\wbem\wbemess.dll ok scanned
8/11/2009 12:27:04 AM Running module: svchost.exe\wscsvc.dll ok scanned
8/11/2009 12:27:04 AM File: c:\windows\system32\wscsvc.dll ok scanned
8/11/2009 12:27:04 AM Running module: svchost.exe\msi.dll ok scanned
8/11/2009 12:27:04 AM File: c:\windows\system32\msi.dll ok scanned
8/11/2009 12:27:04 AM Running module: svchost.exe\wuauserv.dll ok scanned
8/11/2009 12:27:04 AM File: c:\windows\system32\wuauserv.dll ok scanned
8/11/2009 12:27:04 AM Running module: svchost.exe\wuaueng.dll ok scanned
8/11/2009 12:27:05 AM File: C:\WINDOWS\system32\wuaueng.dll ok scanned
8/11/2009 12:27:05 AM Running module: svchost.exe\WINSPOOL.DRV ok scanned
8/11/2009 12:27:05 AM File: C:\WINDOWS\system32\WINSPOOL.DRV ok scanned
8/11/2009 12:27:05 AM Running module: svchost.exe\Cabinet.dll ok scanned
8/11/2009 12:27:05 AM File: C:\WINDOWS\system32\Cabinet.dll ok scanned
8/11/2009 12:27:05 AM Running module: svchost.exe\mspatcha.dll ok scanned
8/11/2009 12:27:05 AM File: C:\WINDOWS\system32\mspatcha.dll ok scanned
8/11/2009 12:27:05 AM Running module: svchost.exe\browser.dll ok scanned
8/11/2009 12:27:05 AM File: c:\windows\system32\browser.dll ok scanned
8/11/2009 12:27:05 AM Running module: svchost.exe\ipnathlp.dll ok scanned
8/11/2009 12:27:05 AM File: c:\windows\system32\ipnathlp.dll ok scanned
8/11/2009 12:27:05 AM Running module: svchost.exe\AUTHZ.dll ok scanned
8/11/2009 12:27:05 AM File: c:\windows\system32\AUTHZ.dll ok scanned
8/11/2009 12:27:05 AM Running module: svchost.exe\sfc.dll ok scanned
8/11/2009 12:27:05 AM File: C:\WINDOWS\system32\sfc.dll ok scanned
8/11/2009 12:27:05 AM Running module: svchost.exe\sfc_os.dll ok scanned
8/11/2009 12:27:05 AM File: C:\WINDOWS\system32\sfc_os.dll ok scanned
8/11/2009 12:27:05 AM Running module: svchost.exe\ncprov.dll ok scanned
8/11/2009 12:27:05 AM File: C:\WINDOWS\System32\wbem\ncprov.dll ok scanned
8/11/2009 12:27:05 AM Running module: svchost.exe\Apphelp.dll ok scanned
8/11/2009 12:27:06 AM File: C:\WINDOWS\system32\Apphelp.dll ok scanned
8/11/2009 12:27:06 AM Running module: svchost.exe\advpack.dll ok scanned
8/11/2009 12:27:06 AM File: C:\WINDOWS\system32\advpack.dll ok scanned
8/11/2009 12:27:06 AM Running module: svchost.exe\netcfgx.dll ok scanned
8/11/2009 12:27:06 AM File: C:\WINDOWS\System32\netcfgx.dll ok scanned
8/11/2009 12:27:06 AM Running module: svchost.exe\tapisrv.dll ok scanned
8/11/2009 12:27:06 AM File: c:\windows\system32\tapisrv.dll ok scanned
8/11/2009 12:27:06 AM Running module: svchost.exe\rasadhlp.dll ok scanned
8/11/2009 12:27:07 AM File: C:\WINDOWS\system32\rasadhlp.dll ok scanned
8/11/2009 12:27:07 AM Running module: svchost.exe\rasmans.dll ok scanned
8/11/2009 12:27:07 AM File: C:\WINDOWS\system32\rasmans.dll ok scanned
8/11/2009 12:27:07 AM Running module: svchost.exe\WINIPSEC.DLL ok scanned
8/11/2009 12:27:07 AM File: C:\WINDOWS\system32\WINIPSEC.DLL ok scanned
8/11/2009 12:27:07 AM Running module: svchost.exe\rastapi.dll ok scanned
8/11/2009 12:27:07 AM File: C:\WINDOWS\system32\rastapi.dll ok scanned
8/11/2009 12:27:07 AM Running module: svchost.exe\unimdm.tsp ok scanned
8/11/2009 12:27:07 AM File: C:\WINDOWS\system32\unimdm.tsp ok scanned
8/11/2009 12:27:07 AM Running module: svchost.exe\uniplat.dll ok scanned
8/11/2009 12:27:07 AM File: C:\WINDOWS\system32\uniplat.dll ok scanned
8/11/2009 12:27:07 AM Running module: svchost.exe\unimdmat.dll ok scanned
8/11/2009 12:27:07 AM File: C:\WINDOWS\system32\unimdmat.dll ok scanned
8/11/2009 12:27:07 AM Running module: svchost.exe\modemui.dll ok scanned
8/11/2009 12:27:07 AM File: C:\WINDOWS\system32\modemui.dll ok scanned
8/11/2009 12:27:07 AM Running module: svchost.exe\kmddsp.tsp ok scanned
8/11/2009 12:27:08 AM File: C:\WINDOWS\system32\kmddsp.tsp ok scanned
8/11/2009 12:27:08 AM Running module: svchost.exe\ndptsp.tsp ok scanned
8/11/2009 12:27:08 AM File: C:\WINDOWS\system32\ndptsp.tsp ok scanned
8/11/2009 12:27:08 AM Running module: svchost.exe\ipconf.tsp ok scanned
8/11/2009 12:27:08 AM File: C:\WINDOWS\system32\ipconf.tsp ok scanned
8/11/2009 12:27:08 AM Running module: svchost.exe\h323.tsp ok scanned
8/11/2009 12:27:08 AM File: C:\WINDOWS\system32\h323.tsp ok scanned
8/11/2009 12:27:08 AM Running module: svchost.exe\hidphone.tsp ok scanned
8/11/2009 12:27:08 AM File: C:\WINDOWS\system32\hidphone.tsp ok scanned
8/11/2009 12:27:08 AM Running module: svchost.exe\HID.DLL ok scanned
8/11/2009 12:27:08 AM File: C:\WINDOWS\system32\HID.DLL ok scanned
8/11/2009 12:27:08 AM Running module: svchost.exe\rasppp.dll ok scanned
8/11/2009 12:27:09 AM File: C:\WINDOWS\system32\rasppp.dll ok scanned
8/11/2009 12:27:09 AM Running module: svchost.exe\ntlsapi.dll ok scanned
8/11/2009 12:27:09 AM File: C:\WINDOWS\system32\ntlsapi.dll ok scanned
8/11/2009 12:27:09 AM Running module: svchost.exe\kerberos.dll ok scanned
8/11/2009 12:27:09 AM File: C:\WINDOWS\system32\kerberos.dll ok scanned
8/11/2009 12:27:09 AM Running module: svchost.exe\cryptdll.dll ok scanned
8/11/2009 12:27:09 AM File: C:\WINDOWS\system32\cryptdll.dll ok scanned
8/11/2009 12:27:09 AM Running module: svchost.exe\RASQEC.DLL ok scanned
8/11/2009 12:27:09 AM File: C:\WINDOWS\system32\RASQEC.DLL ok scanned
8/11/2009 12:27:09 AM Running module: svchost.exe\RASDLG.dll ok scanned
8/11/2009 12:27:09 AM File: C:\WINDOWS\system32\RASDLG.dll ok scanned
8/11/2009 12:27:10 AM Running module: MsMpEng.exe\MsMpEng.exe ok scanned
8/11/2009 12:27:10 AM File: C:\Program Files\Windows Defender\MsMpEng.exe ok scanned
8/11/2009 12:27:10 AM Running module: MsMpEng.exe\ntdll.dll ok scanned
8/11/2009 12:27:10 AM File: C:\WINDOWS\system32\ntdll.dll ok scanned
8/11/2009 12:27:10 AM Running module: MsMpEng.exe\kernel32.dll ok scanned
8/11/2009 12:27:10 AM File: C:\WINDOWS\system32\kernel32.dll ok scanned
8/11/2009 12:27:10 AM Running module: MsMpEng.exe\MSVCR80.dll ok scanned
8/11/2009 12:27:10 AM File: C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll ok scanned
8/11/2009 12:27:10 AM Running module: MsMpEng.exe\msvcrt.dll ok scanned
8/11/2009 12:27:10 AM File: C:\WINDOWS\system32\msvcrt.dll ok scanned
8/11/2009 12:27:10 AM Running module: MsMpEng.exe\MpSvc.dll ok scanned
8/11/2009 12:27:10 AM File: C:\Program Files\Windows Defender\MpSvc.dll ok scanned
8/11/2009 12:27:10 AM Running module: MsMpEng.exe\MSVCP80.dll ok scanned
8/11/2009 12:27:10 AM File: C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCP80.dll ok scanned
8/11/2009 12:27:10 AM Running module: MsMpEng.exe\ADVAPI32.dll ok scanned
8/11/2009 12:27:10 AM File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
8/11/2009 12:27:10 AM Running module: MsMpEng.exe\RPCRT4.dll ok scanned
8/11/2009 12:27:10 AM File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
8/11/2009 12:27:10 AM Running module: MsMpEng.exe\Secur32.dll ok scanned
8/11/2009 12:27:10 AM File: C:\WINDOWS\system32\Secur32.dll ok scanned
8/11/2009 12:27:10 AM Running module: MsMpEng.exe\VERSION.dll ok scanned
8/11/2009 12:27:10 AM File: C:\WINDOWS\system32\VERSION.dll ok scanned
8/11/2009 12:27:10 AM Running module: MsMpEng.exe\CRYPT32.dll ok scanned
8/11/2009 12:27:10 AM File: C:\WINDOWS\system32\CRYPT32.dll ok scanned
8/11/2009 12:27:10 AM Running module: MsMpEng.exe\MSASN1.dll ok scanned
8/11/2009 12:27:10 AM File: C:\WINDOWS\system32\MSASN1.dll ok scanned
8/11/2009 12:27:10 AM Running module: MsMpEng.exe\USER32.dll ok scanned
8/11/2009 12:27:10 AM File: C:\WINDOWS\system32\USER32.dll ok scanned
8/11/2009 12:27:10 AM Running module: MsMpEng.exe\GDI32.dll ok scanned
8/11/2009 12:27:10 AM File: C:\WINDOWS\system32\GDI32.dll ok scanned
8/11/2009 12:27:10 AM Running module: MsMpEng.exe\WINTRUST.dll ok scanned
8/11/2009 12:27:11 AM File: C:\WINDOWS\system32\WINTRUST.dll ok scanned
8/11/2009 12:27:11 AM Running module: MsMpEng.exe\IMAGEHLP.dll ok scanned
8/11/2009 12:27:11 AM File: C:\WINDOWS\system32\IMAGEHLP.dll ok scanned
8/11/2009 12:27:11 AM Running module: MsMpEng.exe\MpClient.dll ok scanned
8/11/2009 12:27:11 AM File: C:\Program Files\Windows Defender\MpClient.dll ok scanned
8/11/2009 12:27:11 AM Running module: MsMpEng.exe\SHELL32.dll ok scanned
8/11/2009 12:27:11 AM File: C:\WINDOWS\system32\SHELL32.dll ok scanned
8/11/2009 12:27:11 AM Running module: MsMpEng.exe\SHLWAPI.dll ok scanned
8/11/2009 12:27:11 AM File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
8/11/2009 12:27:11 AM Running module: MsMpEng.exe\ole32.dll ok scanned
8/11/2009 12:27:11 AM File: C:\WINDOWS\system32\ole32.dll ok scanned
8/11/2009 12:27:11 AM Running module: MsMpEng.exe\OLEAUT32.dll ok scanned
8/11/2009 12:27:11 AM File: C:\WINDOWS\system32\OLEAUT32.dll ok scanned
8/11/2009 12:27:11 AM Running module: MsMpEng.exe\USERENV.dll ok scanned
8/11/2009 12:27:11 AM File: C:\WINDOWS\system32\USERENV.dll ok scanned
8/11/2009 12:27:11 AM Running module: MsMpEng.exe\IMM32.DLL ok scanned
8/11/2009 12:27:11 AM File: C:\WINDOWS\system32\IMM32.DLL ok scanned
8/11/2009 12:27:11 AM Running module: MsMpEng.exe\guard32.dll ok scanned
8/11/2009 12:27:11 AM File: C:\WINDOWS\system32\guard32.dll ok scanned
8/11/2009 12:27:11 AM Running module: MsMpEng.exe\fltlib.dll ok scanned
8/11/2009 12:27:11 AM File: C:\WINDOWS\system32\fltlib.dll ok scanned
8/11/2009 12:27:11 AM Running module: MsMpEng.exe\comctl32.dll ok scanned
8/11/2009 12:27:11 AM File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ok scanned
8/11/2009 12:27:11 AM Running module: MsMpEng.exe\comctl32.dll ok scanned
8/11/2009 12:27:11 AM File: C:\WINDOWS\system32\comctl32.dll ok scanned
8/11/2009 12:27:11 AM Running module: MsMpEng.exe\rsaenh.dll ok scanned
8/11/2009 12:27:11 AM File: C:\WINDOWS\system32\rsaenh.dll ok scanned
8/11/2009 12:27:11 AM Running module: MsMpEng.exe\xpsp2res.dll ok scanned
8/11/2009 12:27:11 AM File: C:\WINDOWS\system32\xpsp2res.dll ok scanned
8/11/2009 12:27:11 AM Running module: MsMpEng.exe\uxtheme.dll ok scanned
8/11/2009 12:27:11 AM File: C:\WINDOWS\system32\uxtheme.dll ok scanned
8/11/2009 12:27:11 AM Running module: MsMpEng.exe\netapi32.dll ok scanned
8/11/2009 12:27:11 AM File: C:\WINDOWS\system32\netapi32.dll ok scanned
8/11/2009 12:27:11 AM Running module: MsMpEng.exe\mpengine.dll ok scanned
8/11/2009 12:27:12 AM File: C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{EF67E849-ED12-4D78-8F4B-0E303F4451BB}\mpengine.dll ok scanned
8/11/2009 12:27:12 AM Running module: MsMpEng.exe\iphlpapi.dll ok scanned
8/11/2009 12:27:12 AM File: C:\WINDOWS\system32\iphlpapi.dll ok scanned
8/11/2009 12:27:12 AM Running module: MsMpEng.exe\WS2_32.dll ok scanned
8/11/2009 12:27:12 AM File: C:\WINDOWS\system32\WS2_32.dll ok scanned
8/11/2009 12:27:12 AM Running module: MsMpEng.exe\WS2HELP.dll ok scanned
8/11/2009 12:27:12 AM File: C:\WINDOWS\system32\WS2HELP.dll ok scanned
8/11/2009 12:27:12 AM Running module: MsMpEng.exe\mprtplug.dll ok scanned
8/11/2009 12:27:12 AM File: C:\Program Files\Windows Defender\mprtplug.dll ok scanned
8/11/2009 12:27:12 AM Running module: MsMpEng.exe\PSAPI.DLL ok scanned
8/11/2009 12:27:12 AM File: C:\WINDOWS\system32\PSAPI.DLL ok scanned
8/11/2009 12:27:12 AM Running module: MsMpEng.exe\CLBCATQ.DLL ok scanned
8/11/2009 12:27:12 AM File: C:\WINDOWS\system32\CLBCATQ.DLL ok scanned
8/11/2009 12:27:12 AM Running module: MsMpEng.exe\COMRes.dll ok scanned
8/11/2009 12:27:12 AM File: C:\WINDOWS\system32\COMRes.dll ok scanned
8/11/2009 12:27:12 AM Running module: svchost.exe\svchost.exe ok scanned
8/11/2009 12:27:12 AM File: C:\WINDOWS\System32\svchost.exe ok scanned
8/11/2009 12:27:12 AM Running module: svchost.exe\ntdll.dll ok scanned
8/11/2009 12:27:12 AM File: C:\WINDOWS\system32\ntdll.dll ok scanned
8/11/2009 12:27:12 AM Running module: svchost.exe\kernel32.dll ok scanned
8/11/2009 12:27:12 AM File: C:\WINDOWS\system32\kernel32.dll ok scanned
8/11/2009 12:27:12 AM Running module: svchost.exe\ADVAPI32.dll ok scanned
8/11/2009 12:27:12 AM File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
8/11/2009 12:27:12 AM Running module: svchost.exe\RPCRT4.dll ok scanned
8/11/2009 12:27:12 AM File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
8/11/2009 12:27:12 AM Running module: svchost.exe\Secur32.dll ok scanned
8/11/2009 12:27:12 AM File: C:\WINDOWS\system32\Secur32.dll ok scanned
8/11/2009 12:27:12 AM Running module: svchost.exe\ShimEng.dll ok scanned
8/11/2009 12:27:12 AM File: C:\WINDOWS\System32\ShimEng.dll ok scanned
8/11/2009 12:27:12 AM Running module: svchost.exe\AcGenral.DLL ok scanned
8/11/2009 12:27:12 AM File: C:\WINDOWS\AppPatch\AcGenral.DLL ok scanned
8/11/2009 12:27:12 AM Running module: svchost.exe\USER32.dll ok scanned
8/11/2009 12:27:12 AM File: C:\WINDOWS\system32\USER32.dll ok scanned
8/11/2009 12:27:12 AM Running module: svchost.exe\GDI32.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\system32\GDI32.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\WINMM.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\System32\WINMM.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\ole32.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\system32\ole32.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\msvcrt.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\system32\msvcrt.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\OLEAUT32.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\system32\OLEAUT32.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\MSACM32.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\System32\MSACM32.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\VERSION.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\system32\VERSION.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\SHELL32.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\system32\SHELL32.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\SHLWAPI.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\USERENV.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\system32\USERENV.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\UxTheme.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\System32\UxTheme.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\IMM32.DLL ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\system32\IMM32.DLL ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\guard32.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\system32\guard32.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\fltlib.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\System32\fltlib.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\serwvdrv.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\System32\serwvdrv.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\umdmxfrm.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\System32\umdmxfrm.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\comctl32.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\comctl32.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\system32\comctl32.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\dnsrslvr.dll ok scanned
8/11/2009 12:27:13 AM File: c:\windows\system32\dnsrslvr.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\DNSAPI.dll ok scanned
8/11/2009 12:27:13 AM File: c:\windows\system32\DNSAPI.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\WS2_32.dll ok scanned
8/11/2009 12:27:13 AM File: c:\windows\system32\WS2_32.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\WS2HELP.dll ok scanned
8/11/2009 12:27:13 AM File: c:\windows\system32\WS2HELP.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\iphlpapi.dll ok scanned
8/11/2009 12:27:13 AM File: c:\windows\system32\iphlpapi.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\rsaenh.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\System32\rsaenh.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\mswsock.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\system32\mswsock.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\hnetcfg.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\System32\hnetcfg.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\wshtcpip.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\System32\wshtcpip.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\svchost.exe ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\system32\svchost.exe ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\ntdll.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\system32\ntdll.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\kernel32.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\system32\kernel32.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\ADVAPI32.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\RPCRT4.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\system32\RPCRT4.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\Secur32.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\system32\Secur32.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\ShimEng.dll ok scanned
8/11/2009 12:27:13 AM File: C:\WINDOWS\system32\ShimEng.dll ok scanned
8/11/2009 12:27:13 AM Running module: svchost.exe\AcGenral.DLL ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\AppPatch\AcGenral.DLL ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\USER32.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\USER32.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\GDI32.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\GDI32.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\WINMM.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\WINMM.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\ole32.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\ole32.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\msvcrt.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\msvcrt.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\OLEAUT32.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\OLEAUT32.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\MSACM32.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\MSACM32.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\VERSION.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\VERSION.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\SHELL32.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\SHELL32.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\SHLWAPI.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\SHLWAPI.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\USERENV.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\USERENV.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\UxTheme.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\UxTheme.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\IMM32.DLL ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\IMM32.DLL ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\guard32.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\guard32.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\fltlib.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\fltlib.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\serwvdrv.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\serwvdrv.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\umdmxfrm.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\umdmxfrm.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\comctl32.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\comctl32.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\comctl32.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\NTMARTA.DLL ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\NTMARTA.DLL ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\SAMLIB.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\SAMLIB.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\WLDAP32.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\WLDAP32.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\xpsp2res.dll ok scanned
8/11/2009 12:27:14 AM File: C:\WINDOWS\system32\xpsp2res.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\lmhsvc.dll ok scanned
8/11/2009 12:27:14 AM File: c:\windows\system32\lmhsvc.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\iphlpapi.dll ok scanned
8/11/2009 12:27:14 AM File: c:\windows\system32\iphlpapi.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\WS2_32.dll ok scanned
8/11/2009 12:27:14 AM File: c:\windows\system32\WS2_32.dll ok scanned
8/11/2009 12:27:14 AM Running module: svchost.exe\WS2HELP.dll ok scanned
8/11/2009 12:27:14 AM File: c:\windows\system32\WS2HELP.dll ok scanned
8/11/2009 12:27:14 AM Running module: AAWService.exe\AAWService.exe ok scanned
8/11/2009 12:27:15 AM File: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe ok scanned
8/11/2009 12:27:15 AM Running module: AAWService.exe\ntdll.dll ok scanned
8/11/2009 12:27:15 AM File: C:\WINDOWS\system32\ntdll.dll ok scanned
8/11/2009 12:27:15 AM Running module: AAWService.exe\kernel32.dll ok scanned
8/11/2009 12:27:15 AM File: C:\WINDOWS\system32\kernel32.dll ok scanned
8/11/2009 12:27:15 AM Running module: AAWService.exe\ADVAPI32.dll ok scanned
8/11/2009 12:27:15 AM File: C:\WINDOWS\system32\ADVAPI32.dll ok scanned
8/11/2009 12:27:15 AM Running module: AAWService.exe\RPCRT4.dll ok scanned

Thanks for all the help -----
Mac -----

#45 harrythook

Group: Malware Response Team
Posts: 4,151
Joined: 16-May 07
Gender:Male
Location:Philadelphia

Posted 17 August 2009 - 01:56 PM

Hey Mac,
re-run Combofix again and allow it to update. I need to check one thing from the log it will produce.
I would also like to see this run:
We Need to check for Rootkits with RootRepeal

Download RootRepeal from the following location and save it to your desktop.
- Direct Download (Recommended)
  - Primary Mirror
- Zip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
- Rar Mirrors - Only if you know what a RAR is and can extract it.
Extract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).
Open on your desktop.
Click the tab.
Click the button.
Check all seven boxes:
Push Ok
Check the box for your main system drive (Usually C:), and press Ok.
Allow RootRepeal to run a scan of your system. This may take some time.
Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.