Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow Computer, Mouse Pauses, Slow Videos


  • Please log in to reply
15 replies to this topic

#1 Joe4alb

Joe4alb

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:30 PM

Posted 24 October 2007 - 12:27 PM

** I have tried everything, disk checks, defrags, cleaner, reg cleaners, checked startup programs, background programs, EVERYTHING... PLEASE HELP!! **

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:27:18 PM, on 10/24/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\HPZinw12.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Netscape\Navigator 9\navigator.exe
C:\Program Files\HijackThis\HiJackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: The nssfrch - {61AB8A39-FCCB-47CC-BAF3-750D1834E773} - C:\WINDOWS\nssfrch.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Startup: Shortcut to hpqtra08.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office Shortcut Bar.lnk = ?
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZR
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200203...meInstaller.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://echat.us.dell.com/Media/VisitorChatENU/TLIEFlash.CAB
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/su/ocx/15016/CTPID.cab
O18 - Protocol: bw+0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {525CB895-6BFC-48D0-B8B9-0C8C5E6E4094} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - (no file)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

--
End of file - 18663 bytes

Edited by Joe4alb, 25 October 2007 - 10:19 AM.


BC AdBot (Login to Remove)

 


#2 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:30 AM

Posted 06 November 2007 - 08:38 AM

Hi Joe4alb,

Our apologies for the delay. Your log does show signs of infection. If you still require help, please post a new fresh log so I can see if anything has changed.

If you have not done so already, please do the initial cleanup steps in the following instructions before posting your new log: Preparation Guide For Use Before Posting A Hijackthis Log

The thing about people

is they change

when they walk away.--Mipso


#3 Joe4alb

Joe4alb
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:30 PM

Posted 07 November 2007 - 09:05 PM

Sorry for my delay now :thumbsup: I was away for a couple of days, I am going to post the new Log in a little bit. Thanks!

Here it is!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:50:18 PM, on 11/7/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Startup: Shortcut to hpqtra08.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office Shortcut Bar.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200203...meInstaller.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://echat.us.dell.com/Media/VisitorChatENU/TLIEFlash.CAB
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/su/ocx/15016/CTPID.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - (no file)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

--
End of file - 5887 bytes

Edited by Joe4alb, 07 November 2007 - 09:50 PM.


#4 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:30 AM

Posted 08 November 2007 - 12:05 AM

Wow, that almost looks like a different computer. The malware in your first log is gone, just one line to fix to repair a reg entry.

Scan again with HijackThis and put a checkmark next to the following entries:

R3 - URLSearchHook: (no name) - - (no file)

Close all other windows--you should only see HijackThis on your Desktop and Taskbar--and then click the "Fix checked" button.

Close HijackThis, reboot and post a new log.

How is the computer running now? Still having the same problems?

The thing about people

is they change

when they walk away.--Mipso


#5 Joe4alb

Joe4alb
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:30 PM

Posted 08 November 2007 - 06:52 AM

THe computer itself still boots up rather slow and the only time I have any issues with it is if I am watching a video, and I move the mouse around, then the video begins to skip. THis happens also If I have a few programs running and try to watch a vid, which should happen I have plenty of RAM and over HD space with a 2ghz processor.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:50:33 AM, on 11/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\HPZinw12.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Startup: Shortcut to hpqtra08.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office Shortcut Bar.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200203...meInstaller.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://echat.us.dell.com/Media/VisitorChatENU/TLIEFlash.CAB
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/su/ocx/15016/CTPID.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - (no file)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

--
End of file - 6064 bytes

#6 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:30 AM

Posted 08 November 2007 - 10:08 AM

OK, the video and mouse thing doesn't sound like a malware related problem--slowness may or may not be.

From one entry in your log I would think that some of the problem is with Registry Mechanic's protection.

O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - (no file)

Just the use of a reg cleaner may cause some of the problems you describe. General registry cleaners are not recommended as they often cause more troubles than they cure, especially if you allow them to fix everything they find. In my personal opinion, iolo's products are a waste of money.

There is really no reason to have this type of program running in the background and taking up resources, especially considering you also have Norton installed which is a also a resource hog. This could be a software conflict as they both do some of the the same things.

My suggestion at this point is to disable iolo System Guard, then go to Add/Remove programs via Control Panel and uninstall Registry Mechanic. Reboot, then test to see if it has helped. Don't fix anything with HJT yet or reinstall RM--there are a couple of other things I would like to try.

Then please do the following:

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.
  • Close all applications and windows.
  • Double-click on dss.exe to run it, and follow the prompts. If your anti-virus or firewall complains, please allow this script to run as it is not malicious.
  • When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
  • Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt and the extra.txt in your next reply. If you have any problems with the logs, both can be found in C:\Deckard\System Scanner.

The thing about people

is they change

when they walk away.--Mipso


#7 Joe4alb

Joe4alb
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:30 PM

Posted 08 November 2007 - 10:44 AM

Ok, thanks for the info. I will be home from work tonight at 8:00pm EST. I will work on it as soon as I get there and post a new long once all your suggestions are completed.

Edited by Joe4alb, 08 November 2007 - 10:45 AM.


#8 Joe4alb

Joe4alb
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:30 PM

Posted 08 November 2007 - 08:40 PM

Here are the two logs from DSS.exe...

My only concern is that I am not sure how to disable the systemguard (pertaining to your last post). I uninstalled system mechanic months ago. How do I go about doing this. Thanks!

MAIN.TXT

Deckard's System Scanner v20071014.68
Run by Joe on 2007-11-08 20:29:43
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2007-11-09 01:29:49 UTC - RP1 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Joe.exe) -------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:34:48 PM, on 11/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\HPZinw12.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Joe\Desktop\dss.exe
C:\PROGRA~1\Trend Micro\HijackThis\Joe.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Startup: Shortcut to hpqtra08.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office Shortcut Bar.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200203...meInstaller.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://echat.us.dell.com/Media/VisitorChatENU/TLIEFlash.CAB
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/su/ocx/15016/CTPID.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - (no file)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

--
End of file - 6115 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\Trend Micro\HijackThis\backups\) ------

backup-20071108-063750-740 R3 - URLSearchHook: (no name) - - (no file)
backup-20071108-065014-255 O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
backup-20071108-065015-240 O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - (no file)
backup-20071108-065015-460 O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe

-- File Associations -----------------------------------------------------------

.js - JSFile - shell\open\command - NOTEPAD.EXE %1
.vbs - VBSFile - shell\open\command - NOTEPAD.EXE %1


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 OMCI - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys
R2 LBeepKE - c:\windows\system32\drivers\lbeepke.sys <Not Verified; Logitech, Inc.; Logitech SetPoint™>

S3 catchme - c:\docume~1\joe\locals~1\temp\catchme.sys (file missing)
S3 cdspacex - c:\windows\system32\drivers\cdspacex.sys (file missing)
S3 L8042mou (Logitech SetPoint PS/2 Mouse Filter Driver) - c:\windows\system32\drivers\l8042mou.sys <Not Verified; Logitech, Inc.; Logitech SetPoint™>
S3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>
S3 TwoRabts (Two Rabbits Live Bus) - c:\windows\system32\drivers\tworabts.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>

S2 IOLO_SRV (iolo System Guard) -


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2007-11-08 20:34:04 366 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job
2007-11-06 14:01:00 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2007-10-08 and 2007-11-08 -----------------------------

2007-11-07 21:49:50 0 d-------- C:\Program Files\Trend Micro
2007-10-26 22:14:20 0 d-------- C:\Documents and Settings\LocalService\Application Data\Identities
2007-10-26 22:13:17 0 d-------- C:\Program Files\Windows Desktop Search
2007-10-26 22:10:56 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-10-26 22:02:04 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-10-23 20:30:29 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-10-23 20:29:59 0 d-------- C:\Program Files\SUPERAntiSpyware
2007-10-23 20:29:59 0 d-------- C:\Documents and Settings\Joe\Application Data\SUPERAntiSpyware.com
2007-10-23 07:40:12 360 --a------ C:\WINDOWS\system32\tmp.reg
2007-10-23 07:39:13 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-10-23 07:39:13 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2007-10-23 07:39:13 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-10-23 07:39:12 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2007-10-23 07:39:12 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
2007-10-22 21:16:08 668160 --a------ C:\WINDOWS\is-INDA8.exe <Not Verified; ; Inno Setup>
2007-10-22 20:38:02 0 d-------- C:\Documents and Settings\Joe\Application Data\BitTorrent
2007-10-22 20:26:56 108544 --a------ C:\WINDOWS\kthemup.exe
2007-10-22 20:26:55 321536 --a------ C:\WINDOWS\ocgrep.dll
2007-10-22 20:26:55 295936 --a------ C:\WINDOWS\bxsbang.dll
2007-10-22 20:15:09 0 d-------- C:\Documents and Settings\Joe\Application Data\iolo
2007-10-21 11:10:08 0 d-------- C:\Documents and Settings\Joe\Application Data\Aim
2007-10-21 11:06:43 0 d-------- C:\Program Files\AIM
2007-10-20 22:55:44 0 d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2007-10-20 22:13:42 0 d-------- C:\Documents and Settings\Joe\Application Data\Logitech
2007-10-20 22:09:30 13568 --a------ C:\WINDOWS\system32\drivers\L8042Kbd.SYS <Not Verified; Logitech, Inc.; Logitech SetPoint™>
2007-10-20 22:09:05 71680 --a------ C:\WINDOWS\system32\drivers\LMouKE.Sys <Not Verified; Logitech, Inc.; Logitech SetPoint™>
2007-10-20 22:09:05 56064 --a------ C:\WINDOWS\system32\drivers\L8042MOU.SYS <Not Verified; Logitech, Inc.; Logitech SetPoint™>
2007-10-20 22:08:44 3712 --a------ C:\WINDOWS\system32\drivers\LBeepKE.sys <Not Verified; Logitech, Inc.; Logitech SetPoint™>
2007-10-20 22:08:42 69632 --a------ C:\WINDOWS\system32\KemXML.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2007-10-20 22:08:42 110592 --a------ C:\WINDOWS\system32\KemWnd.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2007-10-20 22:08:42 135168 --a------ C:\WINDOWS\system32\KemUtil.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2007-10-20 22:08:42 163840 --a------ C:\WINDOWS\system32\kemutb.dll <Not Verified; Logitech Inc.; Logitech SetPoint>
2007-10-20 21:27:08 0 d-------- C:\Documents and Settings\Joe\Application Data\Printer Info Cache
2007-10-20 21:27:05 0 d-------- C:\Documents and Settings\Joe\Application Data\Image Zone Express
2007-10-20 19:51:55 0 d-------- C:\Documents and Settings\Joe\Application Data\Uniblue


-- Find3M Report ---------------------------------------------------------------

2007-11-08 06:45:18 24 --a------ C:\WINDOWS\system32\DVCStateBkp-{00000002-00000000-00000002-00001102-00000002-80221102}.dat
2007-11-08 06:45:18 24 --a------ C:\WINDOWS\system32\DVCState-{00000002-00000000-00000002-00001102-00000002-80221102}.dat
2007-11-07 21:40:44 0 d-------- C:\Program Files\Common Files
2007-11-06 22:08:23 0 d-------- C:\Program Files\Java
2007-10-24 16:30:04 0 d-------- C:\Program Files\Logitech
2007-10-21 11:06:56 0 d-------- C:\Program Files\AOD
2007-10-20 22:55:09 0 d-------- C:\Program Files\Common Files\Logitech
2007-10-20 22:07:09 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-10-20 22:03:18 0 d-------- C:\Documents and Settings\Joe\Application Data\HP
2007-10-20 21:56:01 0 d-------- C:\Program Files\Common Files\AOL
2007-10-20 21:45:19 117020 --a------ C:\WINDOWS\hpoins11.dat
2007-10-14 09:18:11 246904 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
2007-10-07 13:09:18 0 d-------- C:\Program Files\Apple Software Update
2007-10-07 13:04:21 0 d-------- C:\Program Files\iTunes
2007-10-07 13:03:56 0 d-------- C:\Program Files\iPod
2007-10-03 19:24:17 0 d-------- C:\Program Files\Symantec


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [10/06/2003 02:16 PM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"ALUAlert"=C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe

C:\Documents and Settings\Joe\Start Menu\Programs\Startup\
DESKTOP.INI [11/15/2001 7:31:16 AM]
Shortcut to hpqtra08.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2/19/2006 4:21:22 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DESKTOP.INI [11/15/2001 7:31:16 AM]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [10/20/2007 10:08:40 PM]
Microsoft Office Shortcut Bar.lnk - C:\WINDOWS\Installer\{90280409-6000-11D3-8CFE-0050048383C9}\misc.exe [7/4/2002 10:18:43 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
@=

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
@=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 01:55 PM 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Launcher]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tsa2]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
C:\WINDOWS\Updreg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"BITS"=2 (0x2)




-- Hosts -----------------------------------------------------------------------

127.0.0.1 007guard.com
127.0.0.1 www.007guard.com
127.0.0.1 008i.com
127.0.0.1 008k.com
127.0.0.1 www.008k.com
127.0.0.1 00hq.com
127.0.0.1 www.00hq.com
127.0.0.1 010402.com
127.0.0.1 032439.com
127.0.0.1 www.032439.com

7432 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2007-11-08 20:37:16 ------------

EXTRA.TXT

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® 4 CPU 2.00GHz
Percentage of Memory in Use: 47%
Physical Memory (total/avail): 766.8 MiB / 405.43 MiB
Pagefile Memory (total/avail): 1107.81 MiB / 785.32 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1929.91 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 37.24 GiB total, 20.29 GiB free.
D: is CDROM (No Media)
E: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - ST340016A - 37.27 GiB - 2 partitions
\PARTITION0 - Unknown - 31.35 MiB
\PARTITION1 (bootable) - Installable File System - 37.24 GiB - C:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

AntivirusOverride is set.


[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"="C:\\Program Files\\Real\\RealPlayer\\realplay.exe:*:Disabled:RealPlayer"
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"="C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe:*:Enabled:AOL Loader"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\\setup\\HPZNET01.EXE"="D:\\setup\\HPZNET01.EXE:*:Enabled:hpznet01.exe"
"D:\\setup\\HPONICIFS01.EXE"="D:\\setup\\HPONICIFS01.EXE:*:Enabled:hponicifs01.exe"
"C:\\WINDOWS\\SYSTEM32\\spoolsv.exe"="C:\\WINDOWS\\SYSTEM32\\spoolsv.exe:*:Enabled:Spooler SubSystem App"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\BitTorrent_DNA\\dna.exe"="C:\\Program Files\\BitTorrent_DNA\\dna.exe:*:Enabled:BitTorrent DNA"
"C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Joe\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=DESKTOP
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Joe
LOGONSERVER=\\DESKTOP
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Adaptec Shared\System;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0204
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Joe\LOCALS~1\Temp
TMP=C:\DOCUME~1\Joe\LOCALS~1\Temp
USERDOMAIN=DESKTOP
USERNAME=Joe
USERPROFILE=C:\Documents and Settings\Joe
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Owner (admin)
Joe (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Program Files\Creative\SBLive\Program\Ctzapxx.EXE" /X /U /S
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\SBLive\CTMixer.isu"
--> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Creative\Uninstall\Installer.isu"
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58582977-44D2-44A0-A09B-031CC2AE5938}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58582977-44D2-44A0-A09B-031CC2AE5938}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A731533B-B325-4D9C-91A4-D93C8E294C19}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A731533B-B325-4D9C-91A4-D93C8E294C19}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9 /remove
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Download Manager 1.2 (Remove Only) --> "C:\Program Files\Common Files\Adobe\ESD\uninst.exe"
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
AOL Instant Messenger --> C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
Apple Mobile Device Support --> MsiExec.exe /I{3EBD3749-304E-4A4C-9575-C00E5F015217}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Canon Camera Window for ZoomBrowser EX --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{093625E3-7B87-49D3-AA53-AD0FCFABAF49}
Canon PhotoRecord --> C:\WINDOWS\IsUninst.exe -fC:\PROGRA~1\Canon\PhotoRecord\Uninst.isu -c"C:\PROGRA~1\Canon\PhotoRecord\Program\uninstdll.dll"
Canon PowerShot S45 WIA Driver --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{25E671BE-87A0-40F1-ABE5-BCBC6E65B0F5}
Canon Utilities File Viewer Utility 1.2 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{EF0DD8B7-471C-463B-A298-6066C2FABAF5}
Canon Utilities PhotoStitch 3.1 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{03CDDD00-BD57-4326-9480-4C74449AF597}
Canon Utilities RemoteCapture 2.7 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{BEB03A1A-1EB6-48EB-9985-8B97315EE5C0}
Canon Utilities ZoomBrowser EX --> MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}
CDDRV_Installer --> MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
CleanUp! --> C:\Program Files\CleanUp!\uninstall.exe
Conexant HSF V92 56K RTAD Speakerphone PCI Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2016&SUBSYS_021913E0\HxFSETUP.EXE -U -IVEN_14F1&DEV_2016&SUBSYS_021913E0
Data Desk/XL --> C:\WINDOWS\uninst.exe -f"C:\Program Files\DDXL\DeIsL2.isu" -cC:\PROGRA~1\DDXL\_ISREG32.DLL
Dell Picture Studio - Dell Image Expert --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{A9915D9A-D08A-4CDB-87FD-FC60CF15A11E}
Diablo II --> C:\WINDOWS\DIIUnin.exe C:\WINDOWS\DIIUnin.dat
Easy CD Creator 5 Basic --> MsiExec.exe /I{609F7AC8-C510-11D4-A788-009027ABA5D0}
HighMAT Extension to Microsoft Windows XP CD Writing Wizard --> MsiExec.exe /X{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}
HijackThis 2.0.2 --> "C:\Program Files\HijackThis\HijackThis.exe" /uninstall
HP Customer Participation Program 7.0 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Document Viewer 7.0 --> C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Imaging Device Functions 7.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photosmart Essential --> MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP Photosmart Premier Software 6.5 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Photosmart, Officejet and Deskjet 7.0.A --> C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
HP Solution Center 7.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
iPod for Windows 2006-01-10 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{3D047C15-C859-45F7-81CE-F2681778069B} /l1033
iTunes --> MsiExec.exe /I{B045B608-4A47-4C77-9EAD-06C394503306}
J2SE Runtime Environment 5.0 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150010}
J2SE Runtime Environment 5.0 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
J2SE Runtime Environment 5.0 Update 4 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150040}
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java 2 Runtime Environment, SE v1.4.0_01 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7CF31609-270B-11D6-9445-000102308676}\Setup.exe" Anytext
Java 2 Runtime Environment, SE v1.4.0_03 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC1E4C93-C1E7-11D6-9D10-00010240CE95}\Setup.exe" Anytext
Java 2 Runtime Environment, SE v1.4.1_02 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFCE5837-FC21-11D6-9D24-00010240CE95}\setup.exe" Anytext
Java Web Start --> "C:\Program Files\Java Web Start\uninst-javaws.exe"
Java™ 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java™ SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
KhalSetup --> MsiExec.exe /I{C89C8D86-4423-4A58-AA40-DD259ACE07C1}
LiveReg (Symantec Corporation) --> C:\Program Files\Common Files\Symantec Shared\LiveReg\VcSetup.exe /REMOVE
LiveUpdate 3.1 (Symantec Corporation) --> "C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
Logitech SetPoint --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x9 -removeonly
Macromedia Shockwave Player --> C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~2\Install.log
Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Converter Pack --> MsiExec.exe /X{6EECB283-E65F-40EF-86D3-D51BF02A8D43}
Microsoft Office PowerPoint Viewer 2003 --> MsiExec.exe /X{90AF0409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Office XP Professional with FrontPage --> MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9}
Microsoft SQL Server 2005 Compact Edition [ENU] --> MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
MyDataBase --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB856C83-7CA0-4EB5-8D86-792B29EB4A10}\setup.exe" -l0x9
MyLabel Designer Deluxe --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D9C6FD3-1B43-43D7-AA90-94E643A312BD}\setup.exe" -l0x9
MySoftware Fonts --> RunDll32 C:\Program Files\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6C6F0968-2B86-42B4-AF34-46A5F06E8FA4}\setup.exe" -uninst
Norton AntiVirus 2002 --> MsiExec.exe /I{3075C5C3-0807-4924-AF8F-FF27052C12AE}
NVIDIA Display Driver --> C:\WINDOWS\system32\nvudisp.exe Uninstall C:\WINDOWS\system32\nvdisp.nvu,NVIDIA Display Driver
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OCR Software by I.R.I.S 7.0 --> C:\Program Files\HP\Digital Imaging\OCR\hpzscr01.exe -datfile hpqbud11.dat
QuickTime --> MsiExec.exe /I{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek RTL8139 Diagnostics Program --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7FC2AF73-10ED-404E-84A8-636B452404FD}\setup.exe"
Security Update for CAPICOM (KB931906) --> MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906) --> MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Step By Step Interactive Training (KB898458) --> "C:\WINDOWS\$NtUninstallKB898458$\spuninst\spuninst.exe"
Security Update for Step By Step Interactive Training (KB923723) --> "C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe"
Shockwave --> C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\SYSTEM32\Macromed\SHOCKW~1\Install.log
SimCity 4 --> C:\Program Files\Maxis\SimCity 4\EAUninstall.exe
Sound Blaster Live! Value --> C:\Program Files\Creative\Uninstall\CTUNINST.EXE /U:UNINST1.INI
Sound Blaster Live! Web 2K/XP --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FCAADB8-EB1B-11D6-AB2D-0090271A23A2}\Setup.exe" -l0x9
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
USB Storage Driver --> DelUIDrv.exe
WinAce Archiver 2.0 --> C:\Program Files\WinAce\SXUNINST.EXE C:\Program Files\WinAce\SXUNINST.INI
Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Live OneCare safety scanner --> RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format SDK Hotfix - KB891122 --> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
WinZip --> "C:\Program Files\WinZip\WINZIP32.EXE" /uninstall


-- Application Event Log -------------------------------------------------------

Event Record #/Type10479 / Error
Event Submitted/Written: 11/07/2007 09:46:18 PM
Event ID/Source: 101 / Automatic LiveUpdate Scheduler
Event Description:
Information Level: error

Initialization of the COM subsystem failed. Error code: 0x8007041D

Event Record #/Type10477 / Error
Event Submitted/Written: 11/07/2007 09:29:00 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application aim.exe, version 5.9.6089.0, faulting module unknown, version 0.0.0.0, fault address 0x1221254f.
Processing media-specific event for [aim.exe!ws!]

Event Record #/Type10072 / Error
Event Submitted/Written: 10/24/2007 04:08:59 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application navigator.exe, version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x03145591.
Processing media-specific event for [navigator.exe!ws!]

Event Record #/Type10028 / Error
Event Submitted/Written: 10/22/2007 10:30:54 PM
Event ID/Source: 4097 / Norton AntiVirus
Event Description:
The file
C:\DOCUME~1\Joe\LOCALS~1\Temp\ac8zt2\nsduo.dll
is infected with the Trojan Horse virus.Access to the file was denied.

Event Record #/Type10027 / Error
Event Submitted/Written: 10/22/2007 10:30:54 PM
Event ID/Source: 4097 / Norton AntiVirus
Event Description:
The file
C:\DOCUME~1\Joe\LOCALS~1\Temp\ac8zt2\nsduo.dll
is infected with the Trojan Horse virus.Unable to repair this file.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type47534 / Warning
Event Submitted/Written: 11/08/2007 08:26:27 PM
Event ID/Source: 36 / W32Time
Event Description:
The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.

Event Record #/Type47503 / Error
Event Submitted/Written: 11/08/2007 06:47:38 AM
Event ID/Source: 7023 / Service Control Manager
Event Description:
The HID Input Service service terminated with the following error:
%%2

Event Record #/Type47502 / Error
Event Submitted/Written: 11/08/2007 06:47:38 AM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The Creative Service for CDROM Access service failed to start due to the following error:
%%3

Event Record #/Type47501 / Error
Event Submitted/Written: 11/08/2007 06:47:38 AM
Event ID/Source: 7003 / Service Control Manager
Event Description:
The Workstation service depends on the following nonexistent service: ccEvtMgr

Event Record #/Type47485 / Error
Event Submitted/Written: 11/07/2007 09:46:22 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The LiveUpdate service failed to start due to the following error:
%%1053



-- End of Deckard's System Scanner: finished at 2007-11-08 20:37:16 ------------

#9 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:30 AM

Posted 09 November 2007 - 12:49 PM

OK, System Mechanic didn't uninstall properly then--the DMV service, which some have complained of causing a slowdown, still shows in your registry along with an incompletely removed service reg entryI already mentioned. They aren't running any longer, since you fixed them with HJT--did you notice any improvement after that? We can clean up what we can see that is left tho.

Another possible cause of the mouse and keyboard problem is a bad or buggy install of Logitech Set Point. If you don't require your mouse or keyboard (are they both Logitech?) to have special functionality, then you can uninstall SetPoint and see if that helps. Even if you do need the special functions, please uninstall it anyway and see if the basic mouse and keyboard performance is OK. If we can isolate this as a Logitech driver problem, then you can contact their support for resolution for that.

There are a few files present that appear to be left over from a previous infection. They don't appear to be active any longer. Also file associations appear to be damaged. Let's run ComboFix and we can also use it in the next round to remove the old drivers and services. Please do the following and I would like to see the logs run only after you've uninstalled SetPoint.

Run DSS again, using these instructions:

Click START> Run - then copy the following bold blue text and paste it into the Run box & click OK

"%userprofile%\desktop\dss.exe" /daft

Read the disclaimer and click OK.

Click on Scan.

Place a checkmark next to the entries displayed when the scan is finished then Click on Fix.

Repeat the scan; you should get a message "All Associations OK!"

Next, click Save Log, and post this log in your next reply.


If you have used ComboFix previously, please delete it or allow the new download to overwrite the file if it is still on your desktop. Please use this newest version

Please download Combofix to your desktop.

Doubleclick ComboFix.exe to launch the application.

Follow the prompts that will be displayed on the screen.

Don't click on the window while the fix is running, because that will cause your system to hang.

When finished, it should produce a log, combofix.txt. Note that some cleaning may require a reboot, so it won't be finished until that is done.

Post this log in your next reply along with a fresh HijackThis log.

The thing about people

is they change

when they walk away.--Mipso


#10 Joe4alb

Joe4alb
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:30 PM

Posted 09 November 2007 - 09:52 PM

1) Hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:38:01 PM, on 11/9/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\HPZinw12.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - Startup: Shortcut to hpqtra08.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200203...meInstaller.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://echat.us.dell.com/Media/VisitorChatENU/TLIEFlash.CAB
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/su/ocx/15016/CTPID.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

--
End of file - 5512 bytes

2) DSS.exe
DAFT Log saved on 2007-11-09 22:37:35
-----------------------------------------------------------------------
All associations okay!

3) Combofix

ComboFix 07-11-08.1 - Joe 2007-11-09 22:28:35.3 - NTFSx86
Running from: C:\Documents and Settings\Joe\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2007-10-10 to 2007-11-10 )))))))))))))))))))))))))))))))
.

2007-11-09 19:49 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-08 20:29 <DIR> d-------- C:\Deckard
2007-11-07 21:49 <DIR> d-------- C:\Program Files\Trend Micro
2007-10-26 22:17 3,426,072 --a------ C:\WINDOWS\SYSTEM32\d3dx9_32.dll
2007-10-26 22:13 <DIR> d-------- C:\Program Files\Windows Desktop Search
2007-10-26 22:10 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-10-26 22:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-10-23 20:30 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2007-10-23 20:29 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-10-23 20:29 <DIR> d-------- C:\Documents and Settings\Joe\Application Data\SUPERAntiSpyware.com
2007-10-23 07:40 360 --a------ C:\WINDOWS\SYSTEM32\tmp.reg
2007-10-23 07:39 289,144 --a------ C:\WINDOWS\SYSTEM32\VCCLSID.exe
2007-10-23 07:39 288,417 --a------ C:\WINDOWS\SYSTEM32\SrchSTS.exe
2007-10-23 07:39 53,248 --a------ C:\WINDOWS\SYSTEM32\Process.exe
2007-10-23 07:39 51,200 --a------ C:\WINDOWS\SYSTEM32\dumphive.exe
2007-10-23 07:39 25,600 --a------ C:\WINDOWS\SYSTEM32\WS2Fix.exe
2007-10-22 21:16 668,160 --a------ C:\WINDOWS\is-INDA8.exe
2007-10-22 20:38 <DIR> d-------- C:\Documents and Settings\Joe\Application Data\BitTorrent
2007-10-22 20:15 <DIR> d-------- C:\Documents and Settings\Joe\Application Data\iolo
2007-10-21 11:10 <DIR> d-------- C:\Documents and Settings\Joe\Application Data\Aim
2007-10-21 11:06 <DIR> d-------- C:\Program Files\AIM
2007-10-20 21:27 <DIR> d-------- C:\Documents and Settings\Joe\Application Data\Printer Info Cache
2007-10-20 21:27 <DIR> d-------- C:\Documents and Settings\Joe\Application Data\Image Zone Express
2007-10-20 19:51 <DIR> d-------- C:\Documents and Settings\Joe\Application Data\Uniblue

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-10 03:24 --------- d-----w C:\Program Files\Logitech
2007-11-10 03:10 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-10 03:10 --------- d-----w C:\Program Files\Common Files\Logitech
2007-11-10 03:03 --------- d-----w C:\Program Files\Norton AntiVirus
2007-11-09 02:22 --------- d-----w C:\Program Files\Java
2007-10-23 04:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2007-10-23 04:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\iolo
2007-10-23 03:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-10-21 16:06 --------- d-----w C:\Program Files\AOD
2007-10-21 03:03 --------- d-----w C:\Documents and Settings\Joe\Application Data\HP
2007-10-21 02:56 --------- d-----w C:\Program Files\Common Files\AOL
2007-10-21 02:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2007-10-07 18:09 --------- d-----w C:\Program Files\Apple Software Update
2007-10-07 18:04 --------- d-----w C:\Program Files\iTunes
2007-10-07 18:03 --------- d-----w C:\Program Files\iPod
2007-10-07 17:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL Downloads
2007-10-04 00:24 805 -c--a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
2007-10-04 00:24 60,800 -c--a-w C:\WINDOWS\SYSTEM32\S32EVNT1.DLL
2007-10-04 00:24 123,952 -c--a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-10-04 00:24 10,740 -c--a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2007-10-04 00:24 --------- d-----w C:\Program Files\Symantec
2007-10-03 14:05 378,216 ----a-w C:\WINDOWS\SYSTEM32\Incinerator.dll
2007-09-12 20:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft
2007-08-21 06:15 683,520 ----a-w C:\WINDOWS\SYSTEM32\inetcomm.dll
2007-08-21 06:15 683,520 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\inetcomm.dll
2007-08-20 10:04 824,832 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\wininet.dll
2007-08-20 10:04 671,232 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mstime.dll
2007-08-20 10:04 63,488 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\icardie.dll
2007-08-20 10:04 6,058,496 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieframe.dll
2007-08-20 10:04 52,224 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msfeedsbs.dll
2007-08-20 10:04 477,696 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtmled.dll
2007-08-20 10:04 459,264 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msfeeds.dll
2007-08-20 10:04 44,544 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\iernonce.dll
2007-08-20 10:04 384,512 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\iedkcs32.dll
2007-08-20 10:04 383,488 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieapfltr.dll
2007-08-20 10:04 3,584,512 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtml.dll
2007-08-20 10:04 27,648 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\jsproxy.dll
2007-08-20 10:04 267,776 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iertutil.dll
2007-08-20 10:04 232,960 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\webcheck.dll
2007-08-20 10:04 230,400 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\ieaksie.dll
2007-08-20 10:04 214,528 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtrans.dll
2007-08-20 10:04 193,024 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msrating.dll
2007-08-20 10:04 153,088 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\ieakeng.dll
2007-08-20 10:04 132,608 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\extmgr.dll
2007-08-20 10:04 124,928 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\advpack.dll
2007-08-20 10:04 105,984 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\url.dll
2007-08-20 10:04 102,400 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\occache.dll
2007-08-20 10:04 1,152,000 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\urlmon.dll
2007-08-17 10:21 625,152 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\iexplore.exe
2007-08-17 10:20 63,488 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\ie4uinit.exe
2007-08-17 10:20 13,824 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieudinit.exe
2007-08-17 07:34 161,792 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\ieakui.dll
2006-02-19 08:28 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2003-10-06 14:16]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"ALUAlert"=C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe

C:\Documents and Settings\Joe\Start Menu\Programs\Startup\
Shortcut to hpqtra08.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
@=

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
@=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Launcher]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tsa2]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
C:\WINDOWS\Updreg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"BITS"=2 (0x2)

S3 cdspacex;cdspacex;C:\WINDOWS\system32\DRIVERS\CDSPACEX.sys
S3 TwoRabts;Two Rabbits Live Bus;C:\WINDOWS\system32\DRIVERS\TwoRabts.sys
S4 hpt3xx;hpt3xx;C:\WINDOWS\system32\DRIVERS\hpt3xx.sys

.
Contents of the 'Scheduled Tasks' folder
"2007-11-06 19:01:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-10 03:34:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDetect.exe
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-09 22:35:27
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-09 22:37:05
C:\ComboFix2.txt ... 2007-11-09 22:22
C:\ComboFix3.txt ... 2007-11-09 20:04
.
--- E O F ---



ALSO.. I always have svchost.exe running (as seen in taskmanager) and it always seem to use up a lot of resources. Can anything be done?

Edited by Joe4alb, 09 November 2007 - 10:41 PM.


#11 Papakid

Papakid

    Guru at being a Newbie


  • Malware Response Team
  • 6,595 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:30 AM

Posted 14 November 2007 - 10:18 PM

Hi, please pardon the long response time. The ComboFix log didn't show some of the results I expected. None of iolo's drivers or services show up in either CF or HijackThis. Did you fix those on your own and if so, how? There are several methods. Normally we have to instruct how to do this, but if you already know, that's fine. It just makes it difficult for me to understand what is happening--what works and what doesn't work or if there is a problem with one of our tools. It is better that you not fix things on your own, but follow only the instructions given or at least tell me what you've done between posts.

If you have not been fixing things on your own then my apologies.

I see Setpoint is mostly gone as well, but one of its startups remains. Could you tell me, please, how uninstalling that went and if it had any effect on your problems with the mouse? And if it's been reinstalled now?

Also did you disable the BITS service intentionally using the services tab in msconfig? Your Event Viewer logs show some problems with services and that could also have something to do with svchost.exe taking up a lot of CPU cycles. We can investigate this a little later, but for now, go to Task Manager and let me know the numbers--how much CPU is the problem svchost.exe taking up?

Then please do the following:

1. Click Start, then Run and type Notepad and click OK.

2. Now copy/paste the entire contents of the codebox below into the Notepad window:

http://www.bleepingcomputer.com/forums/t/113528/slow-computer-mouse-pauses-slow-videos/?p=658096

Suspect::[1]
C:\WINDOWS\is-INDA8.exe

3. Name the Notepad file CFScript.txt and Save it to your desktop.

4. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

Posted Image


5. ComboFix will generate the following files on your desktop
-A zipped file on your desktop called Submit [Date Time].zip
-And another file named - CF-Submit.htm<--don't concern yourself with this one
6. ComboFix may need to reboot to finish its work. Let it.

7. When CF has finished running, it will generate the ComboFix.log which will appear on your screen.

8. Next, a window will popup prompting you to "Submit Files for further analysis". Click "OK"

9. Your system's browser will automatically respond by loading the CF-Submit.htm file and open a window :
-Click the "Browse" button and locate the Submit [Date Time].zip file on your desktop.
-Click on the file to Select it.
-Submit the file by clicking "OK"
10. Once the file has been submitted, you may DELETE both files on your desktop.
11. Post the ComboFix.log contents in your next reply.


Please run Deckard's System Scanner again, this time using these instructions:

Click the Windows 'Start' button > Select 'Run' - then copy/paste the following into the Run box & click OK.

"%userprofile%\desktop\dss.exe" /config

Put checks by these options and uncheck the others:


HijackThis
:blink: Ignored
:thumbsup: Fixed
File Associations
Drivers
Services
Process Modules
Scheduled Tasks
Files Created/Modified
Registry Dump
Event Logs


Click Scan!

When finished, it shall produce a log for you. Post that log in your next reply.


Please perform this online scan: Kaspersky Webscan
Note that you need to run this scan with Internet Explorer for it to work correctly.

1. Read the Requirements and Privacy statement, then select "Accept"
2. A dialogue box will appear asking "Do you want to install this software?" Name: kavwebscan_unicode.cab
NOTE: If you are running XP SP2, you may need to click on the Information Bar to allow the ActiveX to install and may need to repeat step 1.
3. Select "Install" to download the ActiveX controls that allows Kaspersky to run.
4. If running MSAS beta you may receive an alert that an IE ActiveX program requires your approval. Click "Allow"
5. Wait for the scanner to initialize and update its databases. When the download is complete it will say ready, click "Next"
6. Click "Scan Settings" and check the option to use the EXTENDED DATABASE, then click "OK"
7. Select a target to scan: Click on "My Computer" and the scan will begin.
8. When the scan is complete choose save the results by clicking "Save Report As HTML" Give the Report a name and save it to your desktop. If you have any problem saving the report, copy its text to the clipboard, then paste it into an empty Notepad and save it to your desktop.
9. Post the Kaspersky scan results in your next reply.

If you have any problem running the scan to completion, disable your Antivirus and/or firewall temporarily, just refrain from surfing around while the scan is running and be sure to re-enable when done.

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the license, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license is accepted, reset to 100%.


Post back with the logs I've asked for. If they take more than one post, that's OK. Also be sure to answer the questions I've asked.

The thing about people

is they change

when they walk away.--Mipso


#12 Joe4alb

Joe4alb
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:30 PM

Posted 16 November 2007 - 09:24 AM

Hi, Thank you for your time with everything. I was able to fix the issues with Iolo on my own (I have been working with computers for some time so I do have some background knowledge. As for the overall system performance. I actually found the issue to be Microsoft related. Microsoft has acknowledged an issue in Windows XP where svchost and also the windows update agent use excessive CPU % and memory resources. I did some research into the issue and so far has been 100% successful for my computer with an amazing increase in performance.

All in all, everything you have shown me has helped tremendously and I can't thank you enough. As of right now everything seems A.O.K.

P.S. I removed Iolo from the registry via regedit.

I am currently at work but I will follow your above instructions and post new logs for you tonight. Thank you again.

#13 Joe4alb

Joe4alb
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:30 PM

Posted 17 November 2007 - 06:01 PM

Here r the logs you requested.

1) I did not reinstall setpoint and did not notice any change after removing it

2) I removed Iolo via regedit

3) I did not do anything with BITS service

ComboFix 07-11-08.1 - Joe 2007-11-16 18:32:20.4 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.383 [GMT -5:00]
Running from: C:\Documents and Settings\Joe\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Joe\Desktop\CFScript.txt
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2007-10-16 to 2007-11-16 )))))))))))))))))))))))))))))))
.

2007-11-13 23:11 <DIR> d-------- C:\WINDOWS\LastGood
2007-11-13 23:02 <DIR> d-------- C:\Program Files\Symantec
2007-11-13 23:02 <DIR> d-------- C:\Program Files\Norton AntiVirus
2007-11-13 22:08 <DIR> d-------- C:\Program Files\Common Files\Symantec Shared
2007-11-13 22:00 <DIR> d-------- C:\Program Files\iTunes
2007-11-13 21:57 <DIR> d-------- C:\Program Files\QuickTime
2007-11-13 21:16 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2007-11-13 21:13 <DIR> d-------- C:\WINDOWS\SYSTEM32\LogFiles
2007-11-13 21:13 <DIR> d-------- C:\WINDOWS\SYSTEM32\DRIVERS\UMDF
2007-11-12 20:35 <DIR> d-------- C:\Deckard
2007-11-09 19:49 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-07 21:49 <DIR> d-------- C:\Program Files\Trend Micro
2007-10-26 22:17 3,426,072 --a------ C:\WINDOWS\SYSTEM32\d3dx9_32.dll
2007-10-26 22:13 <DIR> d-------- C:\Program Files\Windows Desktop Search
2007-10-26 22:10 <DIR> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-10-26 22:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-10-23 20:29 <DIR> d-------- C:\Documents and Settings\Joe\Application Data\SUPERAntiSpyware.com
2007-10-23 07:40 360 --a------ C:\WINDOWS\SYSTEM32\tmp.reg
2007-10-23 07:39 289,144 --a------ C:\WINDOWS\SYSTEM32\VCCLSID.exe
2007-10-23 07:39 288,417 --a------ C:\WINDOWS\SYSTEM32\SrchSTS.exe
2007-10-23 07:39 53,248 --a------ C:\WINDOWS\SYSTEM32\Process.exe
2007-10-23 07:39 51,200 --a------ C:\WINDOWS\SYSTEM32\dumphive.exe
2007-10-23 07:39 25,600 --a------ C:\WINDOWS\SYSTEM32\WS2Fix.exe
2007-10-22 21:16 668,160 --a------ C:\WINDOWS\is-INDA8.exe
2007-10-22 20:38 <DIR> d-------- C:\Documents and Settings\Joe\Application Data\BitTorrent
2007-10-22 20:15 <DIR> d-------- C:\Documents and Settings\Joe\Application Data\iolo
2007-10-21 11:10 <DIR> d-------- C:\Documents and Settings\Joe\Application Data\Aim
2007-10-21 11:06 <DIR> d-------- C:\Program Files\AIM
2007-10-20 21:27 <DIR> d-------- C:\Documents and Settings\Joe\Application Data\Printer Info Cache
2007-10-20 21:27 <DIR> d-------- C:\Documents and Settings\Joe\Application Data\Image Zone Express
2007-10-20 19:51 <DIR> d-------- C:\Documents and Settings\Joe\Application Data\Uniblue

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-14 04:03 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-11-14 03:01 --------- d-----w C:\Program Files\iPod
2007-11-13 02:25 --------- d-----w C:\Program Files\Java
2007-11-12 00:51 --------- d-----w C:\Program Files\Diablo II
2007-11-10 03:24 --------- d-----w C:\Program Files\Logitech
2007-11-10 03:10 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-10 03:10 --------- d-----w C:\Program Files\Common Files\Logitech
2007-10-26 03:34 8,460,288 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\shell32.dll
2007-10-23 04:04 --------- d-----w C:\Documents and Settings\All Users\Application Data\Viewpoint
2007-10-23 03:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-10-21 16:06 --------- d-----w C:\Program Files\AOD
2007-10-21 03:03 --------- d-----w C:\Documents and Settings\Joe\Application Data\HP
2007-10-21 02:56 --------- d-----w C:\Program Files\Common Files\AOL
2007-10-21 02:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL
2007-10-07 18:09 --------- d-----w C:\Program Files\Apple Software Update
2007-10-07 17:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\AOL Downloads
2007-10-04 00:24 805 -c--a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF
2007-10-04 00:24 60,800 -c--a-w C:\WINDOWS\SYSTEM32\S32EVNT1.DLL
2007-10-04 00:24 123,952 -c--a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-10-04 00:24 10,740 -c--a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2007-10-03 14:05 378,216 ----a-w C:\WINDOWS\SYSTEM32\Incinerator.dll
2007-08-21 06:15 683,520 ----a-w C:\WINDOWS\SYSTEM32\inetcomm.dll
2007-08-21 06:15 683,520 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\inetcomm.dll
2007-08-20 10:04 824,832 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\wininet.dll
2007-08-20 10:04 671,232 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mstime.dll
2007-08-20 10:04 63,488 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\icardie.dll
2007-08-20 10:04 6,058,496 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieframe.dll
2007-08-20 10:04 52,224 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msfeedsbs.dll
2007-08-20 10:04 477,696 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtmled.dll
2007-08-20 10:04 459,264 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\msfeeds.dll
2007-08-20 10:04 44,544 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\iernonce.dll
2007-08-20 10:04 384,512 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\iedkcs32.dll
2007-08-20 10:04 383,488 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieapfltr.dll
2007-08-20 10:04 3,584,512 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtml.dll
2007-08-20 10:04 27,648 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\jsproxy.dll
2007-08-20 10:04 267,776 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iertutil.dll
2007-08-20 10:04 232,960 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\webcheck.dll
2007-08-20 10:04 230,400 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\ieaksie.dll
2007-08-20 10:04 214,528 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\dxtrans.dll
2007-08-20 10:04 193,024 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\msrating.dll
2007-08-20 10:04 153,088 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\ieakeng.dll
2007-08-20 10:04 132,608 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\extmgr.dll
2007-08-20 10:04 124,928 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\advpack.dll
2007-08-20 10:04 105,984 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\url.dll
2007-08-20 10:04 102,400 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\occache.dll
2007-08-20 10:04 1,152,000 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\urlmon.dll
2007-08-17 10:21 625,152 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\iexplore.exe
2007-08-17 10:20 63,488 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\ie4uinit.exe
2007-08-17 10:20 13,824 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\ieudinit.exe
2007-08-17 07:34 161,792 ----a-w C:\WINDOWS\SYSTEM32\DLLCACHE\ieakui.dll
2006-02-19 08:28 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2003-10-06 14:16]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 20:16]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-02 18:36]
"NAV Agent"="C:\PROGRA~1\NORTON~1\navapw32.exe" [2001-08-16 17:52]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIM"="C:\Program Files\AIM\aim.exe" [2006-08-01 15:35]

C:\Documents and Settings\Joe\Start Menu\Programs\Startup\
Shortcut to hpqtra08.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
@=

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
@=

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Launcher]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tsa2]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
C:\WINDOWS\Updreg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"BITS"=2 (0x2)

S3 cdspacex;cdspacex;C:\WINDOWS\system32\DRIVERS\CDSPACEX.sys
S3 TwoRabts;Two Rabbits Live Bus;C:\WINDOWS\system32\DRIVERS\TwoRabts.sys
S4 hpt3xx;hpt3xx;C:\WINDOWS\system32\DRIVERS\hpt3xx.sys

*Newly Created Service* - SBSERVICE
.
Contents of the 'Scheduled Tasks' folder
"2007-11-06 19:01:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-17 00:15:05 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-16 18:36:52
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-16 22:38:32
.
--- E O F ---

Attached Files



#14 Joe4alb

Joe4alb
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:30 PM

Posted 17 November 2007 - 06:06 PM

Deckard's System Scanner v20071014.68
Run by Joe on 2007-11-17 17:55:35
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Joe.exe) -------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:56:08 PM, on 11/17/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\HPZinw12.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\Joe\desktop\dss.exe
C:\PROGRA~1\Trend Micro\HijackThis\Joe.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Startup: Shortcut to hpqtra08.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: http://www.adobe.com
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www1.snapfish.com/SnapfishActivia.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab
O16 - DPF: {94B82441-A413-4E43-8422-D49930E69764} (TLIEFlashObj Class) - https://echat.us.dell.com/Media/VisitorChatENU/TLIEFlash.CAB
O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - http://www.creative.com/su/ocx/15016/CTPID.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO.EXE
O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

--
End of file - 5603 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\Trend Micro\HijackThis\backups\) ------

backup-20071108-063750-740 R3 - URLSearchHook: (no name) - - (no file)
backup-20071108-065014-255 O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
backup-20071108-065015-240 O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - (no file)
backup-20071108-065015-460 O23 - Service: iolo DMV Service (ioloDMV) - Unknown owner - C:\Program Files\iolo\Common\Lib\ioloDMVSvc.exe
backup-20071112-203938-594 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
backup-20071112-203938-822 O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200203...meInstaller.exe

-- File Associations -----------------------------------------------------------

.bat - batfile - DefaultIcon - %SystemRoot%\System32\shell32.dll,-153
.bat - batfile - shell\open\command - "%1" %*
.bat - batfile - shell\edit\command - %SystemRoot%\System32\NOTEPAD.EXE %1
.cmd - cmdfile - DefaultIcon - %SystemRoot%\System32\shell32.dll,-153
.cmd - cmdfile - shell\open\command - "%1" %*
.cmd - cmdfile - shell\edit\command - %SystemRoot%\System32\NOTEPAD.EXE %1
.chm - chm.file - DefaultIcon - C:\WINDOWS\hh.exe,0
.chm - chm.file - shell\open\command - "C:\WINDOWS\hh.exe" %1
.com - comfile - DefaultIcon - %SystemRoot%\System32\shell32.dll,2
.com - comfile - shell\open\command - "%1" %*
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*
.exe - exefile - DefaultIcon - %1
.exe - exefile - shell\open\command - "%1" %*
.hlp - hlpfile - DefaultIcon - %SystemRoot%\System32\shell32.dll,23
.hlp - hlpfile - shell\open\command - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - DefaultIcon - %SystemRoot%\System32\shell32.dll,-151
.inf - inffile - shell\open\command - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - DefaultIcon - %SystemRoot%\System32\shell32.dll,-151
.ini - inifile - shell\open\command - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - jsfile - DefaultIcon - %SystemRoot%\System32\WScript.exe,3
.js - jsfile - shell\open\command - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - CLSID - {00021401-0000-0000-C000-000000000046}
.pif - piffile - shell\open\command - "%1" %*
.reg - regfile - DefaultIcon - %SystemRoot%\regedit.exe,1
.reg - regfile - shell\open\command - regedit.exe "%1"
.reg - regfile - shell\edit\command - %SystemRoot%\system32\NOTEPAD.EXE %1
.scr - scrfile - shell\open\command - "%1" /s
.txt - txtfile - DefaultIcon - %SystemRoot%\system32\shell32.dll,-152
.txt - txtfile - shell\open\command - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - DefaultIcon - %SystemRoot%\System32\WScript.exe,2
.vbs - VBSFile - shell\open\command - %SystemRoot%\System32\WScript.exe "%1" %*
.vbs - VBSFile - shell\edit\command - %SystemRoot%\System32\Notepad.exe %1

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 ACPI (Microsoft ACPI Driver) - c:\windows\system32\drivers\acpi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 agp440 (Intel AGP Bus Filter) - c:\windows\system32\drivers\agp440.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 atapi (Standard IDE/ESDI Hard Disk Controller) - c:\windows\system32\drivers\atapi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Disk (Disk Driver) - c:\windows\system32\drivers\disk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 FltMgr - c:\windows\system32\drivers\fltmgr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Ftdisk (Volume Manager Driver) - c:\windows\system32\drivers\ftdisk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 isapnp (PnP ISA/EISA Bus Driver) - c:\windows\system32\drivers\isapnp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 KSecDD - c:\windows\system32\drivers\ksecdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 MountMgr (Mount Point Manager) - c:\windows\system32\drivers\mountmgr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Mup - c:\windows\system32\drivers\mup.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 NDIS (NDIS System Driver) - c:\windows\system32\drivers\ndis.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PartMgr (Partition Manager) - c:\windows\system32\drivers\partmgr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PCI (PCI Bus Driver) - c:\windows\system32\drivers\pci.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PCIIde - c:\windows\system32\drivers\pciide.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PxHelp20 - c:\windows\system32\drivers\pxhelp20.sys <Not Verified; Sonic Solutions; PxHelp20>
R0 sr (System Restore Filter Driver) - c:\windows\system32\drivers\sr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 VolSnap - c:\windows\system32\drivers\volsnap.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 AFD (AFD Networking Support Environment) - c:\windows\system32\drivers\afd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Beep - c:\windows\system32\drivers\beep.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Cdr4_xp - c:\windows\system32\drivers\cdr4_xp.sys <Not Verified; Sonic Solutions; Drag-to-Disc>
R1 Cdralw2k - c:\windows\system32\drivers\cdralw2k.sys <Not Verified; Sonic Solutions; Drag-to-Disc>
R1 Cdrom (CD-ROM Driver) - c:\windows\system32\drivers\cdrom.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 cdudf_xp - c:\windows\system32\drivers\cdudf_xp.sys <Not Verified; Roxio; DirectCD>
R1 Fips - c:\windows\system32\drivers\fips.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 i2omgmt - c:\windows\system32\drivers\i2omgmt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Imapi - c:\windows\system32\drivers\imapi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 intelppm (Intel Processor Driver) - c:\windows\system32\drivers\intelppm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 IPSec (IPSEC driver) - c:\windows\system32\drivers\ipsec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Kbdclass (Keyboard Class Driver) - c:\windows\system32\drivers\kbdclass.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 kbdhid (Keyboard HID Driver) - c:\windows\system32\drivers\kbdhid.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 mnmdd - c:\windows\system32\drivers\mnmdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Mouclass (Mouse Class Driver) - c:\windows\system32\drivers\mouclass.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 MRxSmb - c:\windows\system32\drivers\mrxsmb.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Msfs - c:\windows\system32\drivers\msfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 NetBIOS (NetBIOS Interface) - c:\windows\system32\drivers\netbios.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 NetBT - c:\windows\system32\drivers\netbt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Npfs - c:\windows\system32\drivers\npfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Null - c:\windows\system32\drivers\null.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 OMCI - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>
R1 pwd_2k - c:\windows\system32\drivers\pwd_2k.sys <Not Verified; Roxio; DirectCD>
R1 RasAcd (Remote Access Auto Connection Driver) - c:\windows\system32\drivers\rasacd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Rdbss - c:\windows\system32\drivers\rdbss.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 RDPCDD - c:\windows\system32\drivers\rdpcdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 redbook (Digital CD Audio Playback Filter Driver) - c:\windows\system32\drivers\redbook.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Serial (Serial port driver) - c:\windows\system32\drivers\serial.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Tcpip (TCP/IP Protocol Driver) - c:\windows\system32\drivers\tcpip.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 TermDD (Terminal Device Driver) - c:\windows\system32\drivers\termdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 UdfReadr_xp - c:\windows\system32\drivers\udfreadr_xp.sys <Not Verified; Roxio; DirectCD>
R1 VgaSave (VGA Display Controller.) - c:\windows\system32\drivers\vga.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Fallback - c:\windows\system32\drivers\fallback.sys <Not Verified; Conexant Systems; SoftK56>
R2 Fsks - c:\windows\system32\drivers\fsksnt.sys <Not Verified; Conexant Systems; SoftK56>
R2 K56 - c:\windows\system32\drivers\k56nt.sys <Not Verified; Conexant Systems; SoftK56>
R2 MxlW2k - c:\windows\system32\drivers\mxlw2k.sys <Not Verified; MusicMatch, Inc.; MusicMatch Access Layer>
R2 ParVdm - c:\windows\system32\drivers\parvdm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 PfModNT - c:\windows\system32\pfmodnt.sys <Not Verified; Creative Technology Ltd.; PfModNT>
R2 Secdrv - c:\windows\system32\drivers\secdrv.sys <Not Verified; Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.; Macrovision SECURITY Driver>
R2 SoftFax - c:\windows\system32\drivers\faxnt.sys <Not Verified; Conexant Systems; SoftK56>
R2 SpeakerPhone - c:\windows\system32\drivers\spkpnt.sys <Not Verified; Conexant Systems; SoftK56>
R2 SYMTDI - c:\windows\system32\drivers\symtdi.sys <Not Verified; Symantec Corporation; Symantec Security Drivers>
R2 Tones - c:\windows\system32\drivers\tonesnt.sys <Not Verified; Conexant Systems; SoftK56>
R2 V124 - c:\windows\system32\drivers\v124nt.sys <Not Verified; Conexant Systems; SoftK56>
R3 audstub (Audio Stub Driver) - c:\windows\system32\drivers\audstub.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 basic2 - c:\windows\system32\drivers\basic2.sys <Not Verified; Conexant Systems; SoftK56>
R3 catchme - c:\docume~1\joe\locals~1\temp\catchme.sys (file missing)
R3 ctac32k (Creative AC3 Software Decoder) - c:\windows\system32\drivers\ctac32k.sys <Not Verified; Creative Technology Ltd; Creative Audio Product>
R3 ctaud2k (Creative Audio Driver (WDM)) - c:\windows\system32\drivers\ctaud2k.sys <Not Verified; Creative Technology Ltd; Creative Audio Product>
R3 ctprxy2k (Creative Proxy Driver) - c:\windows\system32\drivers\ctprxy2k.sys <Not Verified; Creative Technology Ltd; Creative Audio Product>
R3 ctsfm2k (Creative SoundFont Management Device Driver) - c:\windows\system32\drivers\ctsfm2k.sys <Not Verified; Creative Technology Ltd; Creative Audio Product>
R3 emupia (E-mu Plug-in Architecture Driver) - c:\windows\system32\drivers\emupia2k.sys <Not Verified; Creative Technology Ltd; E-mu Plug-In Architecture>
R3 Fdc (Floppy Disk Controller Driver) - c:\windows\system32\drivers\fdc.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Flpydisk (Floppy Disk Driver) - c:\windows\system32\drivers\flpydisk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 gameenum (Game Port Enumerator) - c:\windows\system32\drivers\gameenum.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 GEARAspiWDM - c:\windows\system32\drivers\gearaspiwdm.sys <Not Verified; GEAR Software Inc.; GEAR.wrks>
R3 Gpc (Generic Packet Classifier) - c:\windows\system32\drivers\msgpc.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 ha10kx2k (Creative Hardware Abstract Layer Driver) - c:\windows\system32\drivers\ha10kx2k.sys <Not Verified; Creative Technology Ltd; Creative Audio Product>
R3 HidUsb (Microsoft HID Class Driver) - c:\windows\system32\drivers\hidusb.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 HTTP - c:\windows\system32\drivers\http.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 IpNat (IP Network Address Translator) - c:\windows\system32\drivers\ipnat.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 kmixer (Microsoft Kernel Wave Audio Mixer) - c:\windows\system32\drivers\kmixer.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 mmc_2K - c:\windows\system32\drivers\mmc_2k.sys <Not Verified; Roxio; DirectCD>
R3 Modem - c:\windows\system32\drivers\modem.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 MODEMCSA (Unimodem Streaming Filter Device) - c:\windows\system32\drivers\modemcsa.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 mouhid (Mouse HID Driver) - c:\windows\system32\drivers\mouhid.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 MRxDAV (WebDav Client Redirector) - c:\windows\system32\drivers\mrxdav.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 mssmbios (Microsoft System Management BIOS Driver) - c:\windows\system32\drivers\mssmbios.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NAVAP - c:\windows\system32\drivers\navap.sys
R3 NAVENG - c:\program files\common files\symantec shared\virusdefs\20071107.018\naveng.sys <Not Verified; Symantec Corporation; Symantec Antivirus Engine>
R3 NAVEX15 - c:\program files\common files\symantec shared\virusdefs\20071107.018\navex15.sys <Not Verified; Symantec Corporation; Symantec Antivirus Engine>
R3 NdisTapi (Remote Access NDIS TAPI Driver) - c:\windows\system32\drivers\ndistapi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Ndisuio (NDIS Usermode I/O Protocol) - c:\windows\system32\drivers\ndisuio.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NdisWan (Remote Access NDIS WAN Driver) - c:\windows\system32\drivers\ndiswan.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NDProxy (NDIS Proxy) - c:\windows\system32\drivers\ndproxy.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 nv - c:\windows\system32\drivers\nv4_mini.sys <Not Verified; NVIDIA Corporation; NVIDIA Compatible Windows 2000 Miniport Driver, Version 52.16>
R3 ossrv (Creative OS Services Driver) - c:\windows\system32\drivers\ctoss2k.sys <Not Verified; Creative Technology Ltd.; Creative Audio Product>
R3 Parport (Parallel port driver) - c:\windows\system32\drivers\parport.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 PptpMiniport (WAN Miniport (PPTP)) - c:\windows\system32\drivers\raspptp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 PSched (QoS Packet Scheduler) - c:\windows\system32\drivers\psched.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Ptilink (Direct Parallel Link Driver) - c:\windows\system32\drivers\ptilink.sys <Not Verified; Parallel Technologies, Inc.; Microsoft® Windows® Operating System>
R3 Rasl2tp (WAN Miniport (L2TP)) - c:\windows\system32\drivers\rasl2tp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 RasPppoe (Remote Access PPPOE Driver) - c:\windows\system32\drivers\raspppoe.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Raspti (Direct Parallel) - c:\windows\system32\drivers\raspti.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Rksample - c:\windows\system32\drivers\rksample.sys <Not Verified; Conexant Systems; SoftK56>
R3 rtl8139 (Realtek RTL8139/810X Family PCI Fast Ethernet NIC NT Driver) - c:\windows\system32\drivers\rtl8139.sys <Not Verified; Realtek Semiconductor Corporation; GVC-REALTEK Ethernet 10/100 PCI Adapter>
R3 serenum (Serenum Filter Driver) - c:\windows\system32\drivers\serenum.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 StillCam (Still Serial Digital Camera Driver) - c:\windows\system32\drivers\serscan.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 swenum (Software Bus Driver) - c:\windows\system32\drivers\swenum.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 SymEvent - c:\program files\symantec\symevent.sys <Not Verified; Symantec Corporation; SYMEVENT>
R3 SYMREDRV - c:\windows\system32\drivers\symredrv.sys <Not Verified; Symantec Corporation; Symantec Security Drivers>
R3 sysaudio (Microsoft Kernel System Audio Device) - c:\windows\system32\drivers\sysaudio.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Update (Microcode Update Driver) - c:\windows\system32\drivers\update.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbccgp (Microsoft USB Generic Parent Driver) - c:\windows\system32\drivers\usbccgp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - c:\windows\system32\drivers\usbehci.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbhub (USB Root Hub (usbport)) - c:\windows\system32\drivers\usbhub.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbuhci (Microsoft USB Universal Host Controller Miniport Driver) - c:\windows\system32\drivers\usbuhci.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Wanarp (Remote Access IP ARP Driver) - c:\windows\system32\drivers\wanarp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 wdmaud (Microsoft WINMM WDM Audio Compatibility Driver) - c:\windows\system32\drivers\wdmaud.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 winachsf - c:\windows\system32\drivers\hsf_cnxt.sys <Not Verified; Conexant Systems; SoftK56>
R4 Cdfs - c:\windows\system32\drivers\cdfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R4 Fastfat - c:\windows\system32\drivers\fastfat.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R4 Ntfs - c:\windows\system32\drivers\ntfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

S1 Cdaudio - c:\windows\system32\drivers\cdaudio.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 i8042prt (i8042 Keyboard and PS/2 Mouse Port Driver) - c:\windows\system32\drivers\i8042prt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 P3 (Intel PentiumIII Processor Driver) - c:\windows\system32\drivers\p3.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 Processor (Processor Driver) - c:\windows\system32\drivers\processr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 Sfloppy - c:\windows\system32\drivers\sfloppy.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 aec (Microsoft Kernel Acoustic Echo Canceller) - c:\windows\system32\drivers\aec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 AsyncMac (RAS Asynchronous Media Driver) - c:\windows\system32\drivers\asyncmac.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Atmarpc (ATM ARP Client Protocol) - c:\windows\system32\drivers\atmarpc.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 cdspacex - c:\windows\system32\drivers\cdspacex.sys (file missing)
S3 ctljystk (Creative SBLive! Gameport) - c:\windows\system32\drivers\ctljystk.sys <Not Verified; Creative Technology Ltd.; Creative Labs SoundBlaster 16 Joystick Driver>
S3 DMusic (Microsoft Kernel DLS Syntheiszer) - c:\windows\system32\drivers\dmusic.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 drmkaud (Microsoft Kernel DRM Audio Descrambler) - c:\windows\system32\drivers\drmkaud.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 dvd_2K - c:\windows\system32\drivers\dvd_2k.sys <Not Verified; Roxio; DirectCD>
S3 EL90XBC (3Com EtherLink XL 90XB/C Adapter Driver) - c:\windows\system32\drivers\el90xbc5.sys <Not Verified; 3Com Corporation; 3Com EtherLink PCI>
S3 emu10k (Creative SB Live! Value (WDM)) - c:\windows\system32\drivers\emu10k1f.sys <Not Verified; Creative Technology Ltd.; Creative SB Live! Driver (WDM)>
S3 emu10k1 (Creative Interface Manager Driver (WDM)) - c:\windows\system32\drivers\ctlface.sys <Not Verified; Creative Technology Ltd.; Creative SB Live!>
S3 hidgame (Microsoft Hid to Joystick Port Enabler) - c:\windows\system32\drivers\hidgame.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 hsf_msft - c:\windows\system32\drivers\hsf_msft.sys <Not Verified; Conexant; SoftK56>
S3 Ip6Fw (IPv6 Windows Firewall Driver) - c:\windows\system32\drivers\ip6fw.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IpFilterDriver (IP Traffic Filter Driver) - c:\windows\system32\drivers\ipfltdrv.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IpInIp (IP in IP Tunnel Driver) - c:\windows\system32\drivers\ipinip.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IRENUM (IR Enumerator Service) - c:\windows\system32\drivers\irenum.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 L8042Kbd (Logitech SetPoint Keyboard Driver) - c:\windows\system32\drivers\l8042kbd.sys (file missing)
S3 L8042mou (Logitech SetPoint PS/2 Mouse Filter Driver) - c:\windows\system32\drivers\l8042mou.sys (file missing)
S3 LHidFilt (Logitech SetPoint KMDF HID Filter Driver) - c:\windows\system32\drivers\lhidfilt.sys <Not Verified; Logitech, Inc.; Logitech SetPoint™>
S3 LMouFilt (Logitech SetPoint KMDF Mouse Filter Driver) - c:\windows\system32\drivers\lmoufilt.sys <Not Verified; Logitech, Inc.; Logitech SetPoint™>
S3 LMouKE (Logitech SetPoint Mouse Filter Driver) - c:\windows\system32\drivers\lmouke.sys (file missing)
S3 MSKSSRV (Microsoft Streaming Service Proxy) - c:\windows\system32\drivers\mskssrv.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 MSPCLOCK (Microsoft Streaming Clock Proxy) - c:\windows\system32\drivers\mspclock.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 MSPQM (Microsoft Streaming Quality Manager Proxy) - c:\windows\system32\drivers\mspqm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 ndiscm (Motorola SurfBoard USB Cable Modem Windows Driver) - c:\windows\system32\drivers\netmotcm.sys <Not Verified; Motorola Inc.; Motorola USB Cable Modem>
S3 ntgrip (Gravis GamePort device driver) - c:\windows\system32\drivers\ntgrip.sys <Not Verified; Kensington Technology Group; Gravis Xperience GamePort driver for Windows 2000>
S3 nv4 - c:\windows\system32\drivers\nv4.sys <Not Verified; NVIDIA Corporation; NVIDIA Compatible Windows XP Miniport Driver, Version 12.40.20>
S3 NwlnkFlt (IPX Traffic Filter Driver) - c:\windows\system32\drivers\nwlnkflt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NwlnkFwd (IPX Traffic Forwarder Driver) - c:\windows\system32\drivers\nwlnkfwd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 rdpdr (Terminal Server Device Redirector Driver) - c:\windows\system32\drivers\rdpdr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RDPWD - c:\windows\system32\drivers\rdpwd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 sfman (Creative SoundFont Manager Driver (WDM)) - c:\windows\system32\drivers\sfman.sys <Not Verified; Creative Technology Ltd.; SoundFont® Manager>
S3 splitter (Microsoft Kernel Audio Splitter) - c:\windows\system32\drivers\splitter.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 swmidi (Microsoft Kernel GS Wavetable Synthesizer) - c:\windows\system32\drivers\swmidi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 TDPIPE - c:\windows\system32\drivers\tdpipe.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 TDTCP - c:\windows\system32\drivers\tdtcp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 TwoRabts (Two Rabbits Live Bus) - c:\windows\system32\drivers\tworabts.sys (file missing)
S3 usbbus (LGE CDMA Composite USB Device) - c:\windows\system32\drivers\lgusbbus.sys <Not Verified; LG Electronics Inc.; LG CDMA USB Multi function Driver>
S3 UsbDiag (LGE CDMA USB Serial Port) - c:\windows\system32\drivers\lgusbdiag.sys <Not Verified; LG Electronics Inc.; LG CDMA USB Diagnostics Driver>
S3 USBModem (LGE CDMA USB Modem) - c:\windows\system32\drivers\lgusbmodem.sys <Not Verified; LG Electronics Inc.; LG CDMA USB Modem Driver>
S3 usbprint (Microsoft USB PRINTER Class) - c:\windows\system32\drivers\usbprint.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 usbscan (USB Scanner Driver) - c:\windows\system32\drivers\usbscan.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 USBSTOR (USB Mass Storage Driver) - c:\windows\system32\drivers\usbstor.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Wdf01000 - c:\windows\system32\drivers\wdf01000.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - c:\windows\system32\drivers\wudfpf.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 WudfRd (Windows Driver Foundation - User-mode Driver Framework Reflector) - c:\windows\system32\drivers\wudfrd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 abp480n5 - c:\windows\system32\drivers\abp480n5.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ACPIEC - c:\windows\system32\drivers\acpiec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 adpu160m - c:\windows\system32\drivers\adpu160m.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 agpCPQ (Compaq AGP Bus Filter) - c:\windows\system32\drivers\agpcpq.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 Aha154x - c:\windows\system32\drivers\aha154x.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 aic78u2 - c:\windows\system32\drivers\aic78u2.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 aic78xx - c:\windows\system32\drivers\aic78xx.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 AliIde - c:\windows\system32\drivers\aliide.sys <Not Verified; Acer Laboratories Inc.; ALi mini IDE Driver>
S4 alim1541 (ALI AGP Bus Filter) - c:\windows\system32\drivers\alim1541.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 amdagp (AMD AGP Bus Filter Driver) - c:\windows\system32\drivers\amdagp.sys <Not Verified; Advanced Micro Devices, Inc.; Windows ® 2000 DDK Driver>
S4 amsint - c:\windows\system32\drivers\amsint.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 asc - c:\windows\system32\drivers\asc.sys <Not Verified; Advanced System Products, Inc.; AdvanSys SCSI driver>
S4 asc3350p - c:\windows\system32\drivers\asc3350p.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 asc3550 - c:\windows\system32\drivers\asc3550.sys <Not Verified; Advanced System Products, Inc.; AdvanSys PCI Ultra Wide SCSI Driver>
S4 cbidf - c:\windows\system32\drivers\cbidf2k.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 cbidf2k - c:\windows\system32\drivers\cbidf2k.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 cd20xrnt - c:\windows\system32\drivers\cd20xrnt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 CmdIde - c:\windows\system32\drivers\cmdide.sys <Not Verified; CMD Technology, Inc.; Microsoft® Windows® Operating System>
S4 Cpqarray - c:\windows\system32\drivers\cpqarray.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 dac2w2k - c:\windows\system32\drivers\dac2w2k.sys <Not Verified; Mylex Corporation; Mylex Disk Array Controller Driver>
S4 dac960nt - c:\windows\system32\drivers\dac960nt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 dmboot - c:\windows\system32\drivers\dmboot.sys <Not Verified; Microsoft Corp., Veritas Software; VERITAS® NT Disk Manager>
S4 dmio - c:\windows\system32\drivers\dmio.sys <Not Verified; Microsoft Corp., Veritas Software; VERITAS® NT Disk Manager>
S4 dmload - c:\windows\system32\drivers\dmload.sys <Not Verified; Microsoft Corp., Veritas Software.; Logical Disk Manager for Windows NT>
S4 dpti2o - c:\windows\system32\drivers\dpti2o.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 hpn - c:\windows\system32\drivers\hpn.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 hpt3xx - c:\windows\system32\drivers\hpt3xx.sys <Not Verified; HighPoint Technologies, Inc.; HPT370>
S4 i2omp - c:\windows\system32\drivers\i2omp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ini910u - c:\windows\system32\drivers\ini910u.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 IntelIde - c:\windows\system32\drivers\intelide.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 mraid35x - c:\windows\system32\drivers\mraid35x.sys <Not Verified; American Megatrends Inc.; MegaRAID Miniport Driver for Windows Whistler 32>
S4 Pcmcia - c:\windows\system32\drivers\pcmcia.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 perc2 - c:\windows\system32\drivers\perc2.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 perc2hib - c:\windows\system32\drivers\perc2hib.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ql1080 - c:\windows\system32\drivers\ql1080.sys <Not Verified; QLogic Corporation; Miniport Driver for QLogic ISP PCI Adapters>
S4 Ql10wnt - c:\windows\system32\drivers\ql10wnt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ql12160 - c:\windows\system32\drivers\ql12160.sys <Not Verified; QLogic Corporation; Miniport Driver for QLogic ISP PCI Adapters>
S4 ql1240 - c:\windows\system32\drivers\ql1240.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ql1280 - c:\windows\system32\drivers\ql1280.sys <Not Verified; QLogic Corporation; Miniport Driver for QLogic ISP PCI Adapters>
S4 sisagp (SIS AGP Bus Filter) - c:\windows\system32\drivers\sisagp.sys <Not Verified; Silicon Integrated Systems Corporation; SiS ® NT AGP Filter>
S4 Sparrow - c:\windows\system32\drivers\sparrow.sys <Not Verified; Adaptec, Inc.; Microsoft® Windows ® 2000 Operating System>
S4 sym_hi - c:\windows\system32\drivers\sym_hi.sys <Not Verified; LSI Logic; Microsoft® Windows® Operating System>
S4 sym_u3 - c:\windows\system32\drivers\sym_u3.sys <Not Verified; LSI Logic; Microsoft® Windows® Operating System>
S4 symc810 - c:\windows\system32\drivers\symc810.sys <Not Verified; Symbios Logic Inc.; Microsoft® Windows ® 2000 Operating System>
S4 symc8xx - c:\windows\system32\drivers\symc8xx.sys <Not Verified; LSI Logic; Microsoft® Windows ® 2000 Operating System>
S4 TosIde - c:\windows\system32\drivers\toside.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 Udfs - c:\windows\system32\drivers\udfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ultra - c:\windows\system32\drivers\ultra.sys <Not Verified; Promise Technology, Inc.; Promise ultra66 Miniport Driver for WindowsNT>
S4 viaagp (VIA AGP Bus Filter) - c:\windows\system32\drivers\viaagp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ViaIde - c:\windows\system32\drivers\viaide.sys <Not Verified; Microsoft Corporation; Microsoft® Windows NT® Operating System>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 AudioSrv (Windows Audio) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 BITS (Background Intelligent Transfer Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 DcomLaunch (DCOM Server Process Launcher) - c:\windows\system32\svchost -k dcomlaunch <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Dhcp (DHCP Client) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Dnscache (DNS Client) - c:\windows\system32\svchost.exe -k networkservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 ERSvc (Error Reporting Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Eventlog (Event Log) - c:\windows\system32\services.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 helpsvc (Help and Support) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 LmHosts (TCP/IP NetBIOS Helper) - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 MDM (Machine Debug Manager) - "c:\program files\common files\microsoft shared\vs7debug\mdm.exe" <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
R2 navapsvc (Norton AntiVirus Auto Protect Service) - c:\program files\norton antivirus\navapsvc.exe <Not Verified; Symantec Corporation; Norton AntiVirus>
R2 NVSvc (NVIDIA Display Driver Service) - c:\windows\system32\nvsvc32.exe <Not Verified; NVIDIA Corporation; NVIDIA Driver Helper Service, Version 52.16>
R2 PlugPlay (Plug and Play) - c:\windows\system32\services.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Pml Driver HPZ12 - c:\windows\system32\hpzipm12.exe <Not Verified; HP; HP PML>
R2 PolicyAgent (IPSEC Services) - c:\windows\system32\lsass.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 ProtectedStorage (Protected Storage) - c:\windows\system32\lsass.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 RpcSs (Remote Procedure Call (RPC)) - c:\windows\system32\svchost -k rpcss <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 SamSs (Security Accounts Manager) - c:\windows\system32\lsass.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Schedule (Task Scheduler) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 seclogon (Secondary Logon) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 SENS (System Event Notification) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 SharedAccess (Windows Firewall/Internet Connection Sharing (ICS)) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 ShellHWDetection (Shell Hardware Detection) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Spooler (Print Spooler) - c:\windows\system32\spoolsv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 srservice (System Restore Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 stisvc (Windows Image Acquisition (WIA)) - c:\windows\system32\svchost.exe -k imgsvc <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Themes - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 TrkWks (Distributed Link Tracking Client) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 w32time (Windows Time) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 WebClient - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 winmgmt (Windows Management Instrumentation) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 WMDM PMSP Service - c:\windows\system32\mspmspsv.exe <Not Verified; Microsoft Corporation; Microsoft ® DRM>
R2 wscsvc (Security Center) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 wuauserv (Automatic Updates) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 WZCSVC (Wireless Zero Configuration) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 ALG (Application Layer Gateway Service) - c:\windows\system32\alg.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 CryptSvc (Cryptographic Services) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 EventSystem (COM+ Event System) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 FastUserSwitchingCompatibility (Fast User Switching Compatibility) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 iPod Service - "c:\program files\ipod\bin\ipodservice.exe" <Not Verified; Apple Inc.; iTunes>
R3 Netman (Network Connections) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Nla (Network Location Awareness (NLA)) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 RasMan (Remote Access Connection Manager) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 SSDPSRV (SSDP Discovery Service) - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 TapiSrv (Telephony) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 TermService (Terminal Services) - c:\windows\system32\svchost -k dcomlaunch <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

S2 CLTNetCnService (Symantec Lic NetConnect service) - "c:\program files\common files\symantec shared\ccsvchst.exe" /h cccommon (file missing)
S2 Creative Service for CDROM Access -
S2 HidServ (HID Input Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S2 IOLO_SRV (iolo System Guard) -
S2 lanmanworkstation (Workstation) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S2 SBService (ScriptBlocking Service) - c:\progra~1\common~1\symant~1\script~1\sbserv.exe <Not Verified; Symantec Corporation; Symantec ScriptBlocking>
S2 spupdsvc (Windows Service Pack Installer update service) - c:\windows\system32\spupdsvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 AppMgmt (Application Management) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 aspnet_state (ASP.NET State Service) - c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
S3 Browser (Computer Browser) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 cisvc (Indexing Service) - c:\windows\system32\cisvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 clr_optimization_v2.0.50727_32 (.NET Runtime Optimization Service v2.0.50727_X86) - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
S3 COMSysApp (COM+ System Application) - c:\windows\system32\dllhost.exe /processid:{02d4b3f1-fd88-11d1-960d-00805fc79235} <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 dmadmin (Logical Disk Manager Administrative Service) - c:\windows\system32\dmadmin.exe /com <Not Verified; Microsoft Corp., Veritas Software; Logical Disk Manager for Windows NT>
S3 dmserver (Logical Disk Manager) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 HP Port Resolver - c:\windows\system32\spool\drivers\w32x86\3\hpbpro.exe <Not Verified; Hewlett-Packard Company; PortResolver Module>
S3 HP Status Server - c:\windows\system32\spool\drivers\w32x86\3\hpboid.exe <Not Verified; Hewlett-Packard Company; HP Status Server>
S3 HTTPFilter (HTTP SSL) - c:\windows\system32\svchost.exe -k httpfilter <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IDriverT (InstallDriver Table Manager) - "c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe" <Not Verified; Macrovision Corporation; InstallShield ®>
S3 ImapiService (IMAPI CD-Burning COM Service) - c:\windows\system32\imapi.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 mnmsrvc (NetMeeting Remote Desktop Sharing) - c:\windows\system32\mnmsrvc.exe <Not Verified; Microsoft Corporation; Windows® NetMeeting®>
S3 MSDTC (Distributed Transaction Coordinator) - c:\windows\system32\msdtc.exe <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
S3 MSIServer (Windows Installer) - c:\windows\system32\msiexec.exe /v <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
S3 Netlogon (Net Logon) - c:\windows\system32\lsass.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NtLmSsp (NT LM Security Support Provider) - c:\windows\system32\lsass.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NtmsSvc (Removable Storage) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 ose (Office Source Engine) - "c:\program files\common files\microsoft shared\source engine\ose.exe" <Not Verified; Microsoft Corporation; Office Source Engine>
S3 RasAuto (Remote Access Auto Connection Manager) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RDSessMgr (Remote Desktop Help Session Manager) - c:\windows\system32\sessmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RpcLocator (Remote Procedure Call (RPC) Locator) - c:\windows\system32\locator.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RSVP (QoS RSVP) - c:\windows\system32\rsvp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 SCardSvr (Smart Card) - c:\windows\system32\scardsvr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 SwPrv (MS Software Shadow Copy Provider) - c:\windows\system32\dllhost.exe /processid:{b0a2456c-f1a2-47d9-8a39-cb9111f04968} <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 SysmonLog (Performance Logs and Alerts) - c:\windows\system32\smlogsvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 upnphost (Universal Plug and Play Device Host) - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 UPS (Uninterruptible Power Supply) - c:\windows\system32\ups.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 VSS (Volume Shadow Copy) - c:\windows\system32\vssvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 WmdmPmSN (Portable Media Serial Number Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 WmiApSrv (WMI Performance Adapter) - c:\windows\system32\wbem\wmiapsrv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 WudfSvc (Windows Driver Foundation - User-mode Driver Framework) - c:\windows\system32\svchost.exe -k wudfservicegroup <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 xmlprov (Network Provisioning Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 Alerter - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ClipSrv (ClipBook) - c:\windows\system32\clipsrv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 Messenger - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 NetDDE (Network DDE) - c:\windows\system32\netdde.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 NetDDEdsdm (Network DDE DSDM) - c:\windows\system32\netdde.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 RemoteAccess (Routing and Remote Access) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Process Modules -------------------------------------------------------------

C:\WINDOWS\SYSTEM32\smss.exe (pid 496)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\WINDOWS\SYSTEM32\winlogon.exe (pid 584)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-03-02 13:09:29 56832 --a------ C:\WINDOWS\SYSTEM32\authz.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 597504 --a------ C:\WINDOWS\SYSTEM32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 57344 --a------ C:\WINDOWS\SYSTEM32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 17920 --a------ C:\WINDOWS\SYSTEM32\nddeapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 27648 --a------ C:\WINDOWS\SYSTEM32\profmap.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 07:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 723456 --a------ C:\WINDOWS\SYSTEM32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 23040 --a------ C:\WINDOWS\SYSTEM32\psapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 49664 --a------ C:\WINDOWS\SYSTEM32\regapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 55808 --a------ C:\WINDOWS\SYSTEM32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-03 23:56:46 983552 --a------ C:\WINDOWS\SYSTEM32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 53760 --a------ C:\WINDOWS\SYSTEM32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 176640 --a------ C:\WINDOWS\SYSTEM32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 144384 --a------ C:\WINDOWS\SYSTEM32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 82944 --a------ C:\WINDOWS\SYSTEM32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2004-08-04 02:56:43 994304 --a------ C:\WINDOWS\SYSTEM32\msgina.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 22:34:01 8460288 --a------ C:\WINDOWS\SYSTEM32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-09-23 12:12:50 474112 --a------ C:\WINDOWS\SYSTEM32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:58 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 249856 --a------ C:\WINDOWS\SYSTEM32\odbc32.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 02:56:41 276992 --a------ C:\WINDOWS\SYSTEM32\comdlg32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:22 94208 --a------ C:\WINDOWS\SYSTEM32\odbcint.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2006-12-19 16:52:18 134656 --a------ C:\WINDOWS\SYSTEM32\shsvcs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 5120 --a------ C:\WINDOWS\SYSTEM32\sfc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 140288 --a------ C:\WINDOWS\SYSTEM32\sfc_os.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 126976 --a------ C:\WINDOWS\SYSTEM32\apphelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:13 177152 --a------ C:\WINDOWS\SYSTEM32\msctfime.ime <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 99328 --a------ C:\WINDOWS\SYSTEM32\winscard.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18432 --a------ C:\WINDOWS\SYSTEM32\wtsapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-10-19 08:56:32 713216 --a------ C:\WINDOWS\SYSTEM32\sxs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 218624 --a------ C:\WINDOWS\SYSTEM32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 176128 --a------ C:\WINDOWS\SYSTEM32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-18 06:00:00 14848 --a------ C:\WINDOWS\SYSTEM32\SERWVDRV.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-18 06:00:00 13312 --a------ C:\WINDOWS\SYSTEM32\UMDMXFRM.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 101888 --a------ C:\WINDOWS\SYSTEM32\cscdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 92672 --a------ C:\WINDOWS\SYSTEM32\wlnotify.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:57 146432 --a------ C:\WINDOWS\SYSTEM32\winspool.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 59904 --a------ C:\WINDOWS\SYSTEM32\mpr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 00:31:43 152576 --a------ C:\WINDOWS\SYSTEM32\rsaenh.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-15 18:16:42 236928 --a------ C:\WINDOWS\SYSTEM32\WgaLogon.dll <Not Verified; Microsoft Corporation; Windows Genuine Advantage>
2007-05-17 06:28:05 549376 --a------ C:\WINDOWS\SYSTEM32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 02:56:44 118784 --a------ C:\WINDOWS\SYSTEM32\ntmarta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 172032 --a------ C:\WINDOWS\SYSTEM32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 64000 --a------ C:\WINDOWS\SYSTEM32\samlib.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:43 498688 --a------ C:\WINDOWS\SYSTEM32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:41 792064 --a------ C:\WINDOWS\SYSTEM32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:41 326656 --a------ C:\WINDOWS\SYSTEM32\cscui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:36 2897920 -----n--- C:\WINDOWS\SYSTEM32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 129536 --a------ C:\WINDOWS\SYSTEM32\msv1_0.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 07:59:41 94720 --a------ C:\WINDOWS\SYSTEM32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:57 23552 --a------ C:\WINDOWS\SYSTEM32\wdmaud.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-18 06:00:00 20480 --a------ C:\WINDOWS\SYSTEM32\MSACM32.DRV <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 71680 --a------ C:\WINDOWS\SYSTEM32\msacm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 18944 --a------ C:\WINDOWS\SYSTEM32\midimap.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\WINDOWS\SYSTEM32\services.exe (pid 628)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 723456 --a------ C:\WINDOWS\SYSTEM32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 313856 --a------ C:\WINDOWS\SYSTEM32\scesrv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-03-02 13:09:29 56832 --a------ C:\WINDOWS\SYSTEM32\authz.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-06-29 21:02:39 118272 --a------ C:\WINDOWS\SYSTEM32\umpnpmgr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 53760 --a------ C:\WINDOWS\SYSTEM32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 07:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 36352 --a------ C:\WINDOWS\SYSTEM32\ncobjapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 413696 --a------ C:\WINDOWS\SYSTEM32\msvcp60.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 02:56:45 65536 --a------ C:\WINDOWS\SYSTEM32\shimeng.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-10-04 09:05:26 39424 -----n--- C:\WINDOWS\AppPatch\acadproc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2004-08-04 02:56:44 55808 --a------ C:\WINDOWS\SYSTEM32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 126976 --a------ C:\WINDOWS\SYSTEM32\apphelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 55808 --a------ C:\WINDOWS\SYSTEM32\eventlog.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 82944 --a------ C:\WINDOWS\SYSTEM32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 23040 --a------ C:\WINDOWS\SYSTEM32\psapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18432 --a------ C:\WINDOWS\SYSTEM32\wtsapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\WINDOWS\SYSTEM32\lsass.exe (pid 640)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 07:28:27 721920 --a------ C:\WINDOWS\SYSTEM32\lsasrv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 59904 --a------ C:\WINDOWS\SYSTEM32\mpr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 57344 --a------ C:\WINDOWS\SYSTEM32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 07:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 67072 --a------ C:\WINDOWS\SYSTEM32\ntdsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 12:37:10 148480 --a------ C:\WINDOWS\SYSTEM32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 82944 --a------ C:\WINDOWS\SYSTEM32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 172032 --a------ C:\WINDOWS\SYSTEM32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 55808 --a------ C:\WINDOWS\SYSTEM32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 64000 --a------ C:\WINDOWS\SYSTEM32\samlib.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 415744 --a------ C:\WINDOWS\SYSTEM32\samsrv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 33280 --a------ C:\WINDOWS\SYSTEM32\cryptdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:45 65536 --a------ C:\WINDOWS\SYSTEM32\shimeng.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 1852416 --a------ C:\WINDOWS\AppPatch\acgenral.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 176128 --a------ C:\WINDOWS\SYSTEM32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-05-17 06:28:05 549376 --a------ C:\WINDOWS\SYSTEM32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 02:56:42 71680 --a------ C:\WINDOWS\SYSTEM32\msacm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 22:34:01 8460288 --a------ C:\WINDOWS\SYSTEM32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-09-23 12:12:50 474112 --a------ C:\WINDOWS\SYSTEM32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 723456 --a------ C:\WINDOWS\SYSTEM32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 218624 --a------ C:\WINDOWS\SYSTEM32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2001-08-18 06:00:00 14848 --a------ C:\WINDOWS\SYSTEM32\SERWVDRV.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-18 06:00:00 13312 --a------ C:\WINDOWS\SYSTEM32\UMDMXFRM.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:58 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:18 48128 --a------ C:\WINDOWS\SYSTEM32\msprivs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-06-15 12:49:30 295936 --a------ C:\WINDOWS\SYSTEM32\kerberos.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 129536 --a------ C:\WINDOWS\SYSTEM32\msv1_0.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 07:59:41 94720 --a------ C:\WINDOWS\SYSTEM32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 407040 --a------ C:\WINDOWS\SYSTEM32\netlogon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 174592 --a------ C:\WINDOWS\SYSTEM32\w32time.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 413696 --a------ C:\WINDOWS\SYSTEM32\msvcp60.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2007-04-25 09:21:15 144896 --a------ C:\WINDOWS\SYSTEM32\schannel.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 597504 --a------ C:\WINDOWS\SYSTEM32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-03-23 23:37:50 49152 --a------ C:\WINDOWS\SYSTEM32\wdigest.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 00:31:43 152576 --a------ C:\WINDOWS\SYSTEM32\rsaenh.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 180224 --a------ C:\WINDOWS\SYSTEM32\scecli.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-03 23:56:46 983552 --a------ C:\WINDOWS\SYSTEM32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 182784 --a------ C:\WINDOWS\SYSTEM32\ipsecsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-03-02 13:09:29 56832 --a------ C:\WINDOWS\SYSTEM32\authz.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 266752 --a------ C:\WINDOWS\SYSTEM32\oakley.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 32768 --a------ C:\WINDOWS\SYSTEM32\winipsec.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 34304 --a------ C:\WINDOWS\SYSTEM32\pstorsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 245248 --a------ C:\WINDOWS\SYSTEM32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 344064 --a------ C:\WINDOWS\SYSTEM32\hnetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\wshtcpip.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 96768 --a------ C:\WINDOWS\SYSTEM32\psbase.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 00:31:43 137216 --a------ C:\WINDOWS\SYSTEM32\dssenh.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\WINDOWS\SYSTEM32\svchost.exe (pid 784)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:45 65536 --a------ C:\WINDOWS\SYSTEM32\shimeng.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 1852416 --a------ C:\WINDOWS\AppPatch\acgenral.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 176128 --a------ C:\WINDOWS\SYSTEM32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-05-17 06:28:05 549376 --a------ C:\WINDOWS\SYSTEM32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 02:56:42 71680 --a------ C:\WINDOWS\SYSTEM32\msacm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 22:34:01 8460288 --a------ C:\WINDOWS\SYSTEM32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-09-23 12:12:50 474112 --a------ C:\WINDOWS\SYSTEM32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 723456 --a------ C:\WINDOWS\SYSTEM32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 218624 --a------ C:\WINDOWS\SYSTEM32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2001-08-18 06:00:00 14848 --a------ C:\WINDOWS\SYSTEM32\SERWVDRV.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-18 06:00:00 13312 --a------ C:\WINDOWS\SYSTEM32\UMDMXFRM.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:58 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 118784 --a------ C:\WINDOWS\SYSTEM32\ntmarta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 172032 --a------ C:\WINDOWS\SYSTEM32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 64000 --a------ C:\WINDOWS\SYSTEM32\samlib.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:49 397824 --a------ C:\WINDOWS\SYSTEM32\rpcss.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 55808 --a------ C:\WINDOWS\SYSTEM32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 82944 --a------ C:\WINDOWS\SYSTEM32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:36 2897920 -----n--- C:\WINDOWS\SYSTEM32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18432 --a------ C:\WINDOWS\SYSTEM32\wtsapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 53760 --a------ C:\WINDOWS\SYSTEM32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 07:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 129536 --a------ C:\WINDOWS\SYSTEM32\msv1_0.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 07:59:41 94720 --a------ C:\WINDOWS\SYSTEM32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:43 498688 --a------ C:\WINDOWS\SYSTEM32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:41 792064 --a------ C:\WINDOWS\SYSTEM32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:46 295424 --a------ C:\WINDOWS\SYSTEM32\termsrv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 11264 --a------ C:\WINDOWS\SYSTEM32\icaapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-03 23:56:46 983552 --a------ C:\WINDOWS\SYSTEM32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 176640 --a------ C:\WINDOWS\SYSTEM32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 597504 --a------ C:\WINDOWS\SYSTEM32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 57344 --a------ C:\WINDOWS\SYSTEM32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 144384 --a------ C:\WINDOWS\SYSTEM32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-03-02 13:09:29 56832 --a------ C:\WINDOWS\SYSTEM32\authz.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 115712 --a------ C:\WINDOWS\SYSTEM32\mstlsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 194048 --a------ C:\WINDOWS\SYSTEM32\activeds.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 143360 --a------ C:\WINDOWS\SYSTEM32\adsldpc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 58880 --a------ C:\WINDOWS\SYSTEM32\atl.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 02:56:44 49664 --a------ C:\WINDOWS\SYSTEM32\regapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 00:31:43 152576 --a------ C:\WINDOWS\SYSTEM32\rsaenh.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-18 11:12:23 2854400 --a------ C:\WINDOWS\SYSTEM32\msi.dll <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2004-08-04 02:56:41 126976 --a------ C:\WINDOWS\SYSTEM32\apphelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\WINDOWS\SYSTEM32\svchost.exe (pid 912)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:45 65536 --a------ C:\WINDOWS\SYSTEM32\shimeng.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 1852416 --a------ C:\WINDOWS\AppPatch\acgenral.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 176128 --a------ C:\WINDOWS\SYSTEM32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-05-17 06:28:05 549376 --a------ C:\WINDOWS\SYSTEM32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 02:56:42 71680 --a------ C:\WINDOWS\SYSTEM32\msacm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 22:34:01 8460288 --a------ C:\WINDOWS\SYSTEM32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-09-23 12:12:50 474112 --a------ C:\WINDOWS\SYSTEM32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 723456 --a------ C:\WINDOWS\SYSTEM32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 218624 --a------ C:\WINDOWS\SYSTEM32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2001-08-18 06:00:00 14848 --a------ C:\WINDOWS\SYSTEM32\SERWVDRV.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-18 06:00:00 13312 --a------ C:\WINDOWS\SYSTEM32\UMDMXFRM.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:58 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 118784 --a------ C:\WINDOWS\SYSTEM32\ntmarta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 172032 --a------ C:\WINDOWS\SYSTEM32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 64000 --a------ C:\WINDOWS\SYSTEM32\samlib.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:36 2897920 -----n--- C:\WINDOWS\SYSTEM32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-12-19 16:52:18 134656 --a------ C:\WINDOWS\SYSTEM32\shsvcs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 53760 --a------ C:\WINDOWS\SYSTEM32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 07:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 00:31:43 152576 --a------ C:\WINDOWS\SYSTEM32\rsaenh.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 07:59:41 111616 --a------ C:\WINDOWS\SYSTEM32\dhcpcsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 12:37:10 148480 --a------ C:\WINDOWS\SYSTEM32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 82944 --a------ C:\WINDOWS\SYSTEM32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 07:59:41 94720 --a------ C:\WINDOWS\SYSTEM32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 55808 --a------ C:\WINDOWS\SYSTEM32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 245248 --a------ C:\WINDOWS\SYSTEM32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 344064 --a------ C:\WINDOWS\SYSTEM32\hnetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\wshtcpip.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 359936 --a------ C:\WINDOWS\SYSTEM32\wzcsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 44032 --a------ C:\WINDOWS\SYSTEM32\rtutils.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:35 5632 --a------ C:\WINDOWS\SYSTEM32\wmi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 597504 --a------ C:\WINDOWS\SYSTEM32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 57344 --a------ C:\WINDOWS\SYSTEM32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18432 --a------ C:\WINDOWS\SYSTEM32\wtsapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-10-20 17:20:03 1082368 --a------ C:\WINDOWS\SYSTEM32\esent.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 58880 --a------ C:\WINDOWS\SYSTEM32\atl.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 02:56:44 112128 --a------ C:\WINDOWS\SYSTEM32\rastls.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 512512 --a------ C:\WINDOWS\SYSTEM32\cryptui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 176640 --a------ C:\WINDOWS\SYSTEM32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 144384 --a------ C:\WINDOWS\SYSTEM32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:43 824832 --a------ C:\WINDOWS\SYSTEM32\wininet.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2006-06-29 07:05:44 23552 -----n--- C:\WINDOWS\SYSTEM32\normaliz.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:38 267776 --a------ C:\WINDOWS\SYSTEM32\iertutil.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2004-08-04 02:56:42 87040 --a------ C:\WINDOWS\SYSTEM32\mprapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 194048 --a------ C:\WINDOWS\SYSTEM32\activeds.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 143360 --a------ C:\WINDOWS\SYSTEM32\adsldpc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-03 23:56:46 983552 --a------ C:\WINDOWS\SYSTEM32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 236544 --a------ C:\WINDOWS\SYSTEM32\rasapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 61440 --a------ C:\WINDOWS\SYSTEM32\rasman.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 181760 --a------ C:\WINDOWS\SYSTEM32\tapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-25 09:21:15 144896 --a------ C:\WINDOWS\SYSTEM32\schannel.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 99328 --a------ C:\WINDOWS\SYSTEM32\winscard.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 69632 --a------ C:\WINDOWS\SYSTEM32\raschap.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 129536 --a------ C:\WINDOWS\SYSTEM32\msv1_0.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:43 498688 --a------ C:\WINDOWS\SYSTEM32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:41 792064 --a------ C:\WINDOWS\SYSTEM32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:44 190976 --a------ C:\WINDOWS\SYSTEM32\schedsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 67072 --a------ C:\WINDOWS\SYSTEM32\ntdsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 6656 --a------ C:\WINDOWS\SYSTEM32\msidle.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 42496 --a------ C:\WINDOWS\SYSTEM32\audiosrv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 382464 --a------ C:\WINDOWS\SYSTEM32\qmgr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 59904 --a------ C:\WINDOWS\SYSTEM32\mpr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:45 25088 --a------ C:\WINDOWS\SYSTEM32\shfolder.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 351232 --a------ C:\WINDOWS\SYSTEM32\winhttp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 23040 --a------ C:\WINDOWS\SYSTEM32\ersvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:45 243200 --a------ C:\WINDOWS\SYSTEM32\es.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:44 38912 --a------ C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\pchsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-08-22 13:29:46 197632 --a------ C:\WINDOWS\SYSTEM32\netman.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 1708032 --a------ C:\WINDOWS\SYSTEM32\netshell.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 163840 --a------ C:\WINDOWS\SYSTEM32\credui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 51712 --a------ C:\WINDOWS\SYSTEM32\wzcsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 18944 --a------ C:\WINDOWS\SYSTEM32\seclogon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 38912 --a------ C:\WINDOWS\SYSTEM32\sens.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:45 170496 --a------ C:\WINDOWS\SYSTEM32\srsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 17408 --a------ C:\WINDOWS\SYSTEM32\powrprof.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 90624 --a------ C:\WINDOWS\SYSTEM32\trkwks.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 174592 --a------ C:\WINDOWS\SYSTEM32\w32time.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 413696 --a------ C:\WINDOWS\SYSTEM32\msvcp60.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2006-10-19 08:56:32 713216 --a------ C:\WINDOWS\SYSTEM32\sxs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 144896 --a------ C:\WINDOWS\SYSTEM32\WBEM\wmisvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 430592 --a------ C:\WINDOWS\SYSTEM32\vssapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 81408 -----n--- C:\WINDOWS\SYSTEM32\wscsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-18 11:12:23 2854400 --a------ C:\WINDOWS\SYSTEM32\msi.dll <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2004-08-04 02:56:46 6656 --a------ C:\WINDOWS\SYSTEM32\wuauserv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-30 19:19:42 1712984 --a------ C:\WINDOWS\SYSTEM32\wuaueng.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:57 146432 --a------ C:\WINDOWS\SYSTEM32\winspool.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 59904 --a------ C:\WINDOWS\SYSTEM32\cabinet.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 30208 --a------ C:\WINDOWS\SYSTEM32\mspatcha.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 331264 --a------ C:\WINDOWS\SYSTEM32\ipnathlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-03-02 13:09:29 56832 --a------ C:\WINDOWS\SYSTEM32\authz.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 214528 --a------ C:\WINDOWS\SYSTEM32\WBEM\wbemcomn.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 530944 --a------ C:\WINDOWS\SYSTEM32\WBEM\wbemcore.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 247808 --a------ C:\WINDOWS\SYSTEM32\WBEM\esscli.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 472064 --a------ C:\WINDOWS\SYSTEM32\WBEM\fastprox.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:44 1267200 --a------ C:\WINDOWS\SYSTEM32\comsvcs.dll <Not Verified; Microsoft Corporation; COM Services>
2005-07-25 23:39:43 60416 --a------ C:\WINDOWS\SYSTEM32\colbact.dll <Not Verified; Microsoft Corporation; COM Services>
2006-03-01 14:42:42 66560 --a------ C:\WINDOWS\SYSTEM32\mtxclu.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:46 22528 --a------ C:\WINDOWS\SYSTEM32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 57856 --a------ C:\WINDOWS\SYSTEM32\clusapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 58880 --a------ C:\WINDOWS\SYSTEM32\resutils.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 43520 --a------ C:\WINDOWS\SYSTEM32\WBEM\wbemsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 95232 --a------ C:\WINDOWS\SYSTEM32\WBEM\wmiutils.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 177152 --a------ C:\WINDOWS\SYSTEM32\WBEM\repdrvfs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 437248 --a------ C:\WINDOWS\SYSTEM32\WBEM\wmiprvsd.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 36352 --a------ C:\WINDOWS\SYSTEM32\ncobjapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 273920 --a------ C:\WINDOWS\SYSTEM32\WBEM\wbemess.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 5120 --a------ C:\WINDOWS\SYSTEM32\sfc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 140288 --a------ C:\WINDOWS\SYSTEM32\sfc_os.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 132608 --a------ C:\WINDOWS\SYSTEM32\upnp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:45 34816 --a------ C:\WINDOWS\SYSTEM32\ssdpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 622080 --a------ C:\WINDOWS\SYSTEM32\netcfgx.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 47104 --a------ C:\WINDOWS\SYSTEM32\WBEM\ncprov.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-14 03:44:08 181248 --a------ C:\WINDOWS\SYSTEM32\rasmans.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 32768 --a------ C:\WINDOWS\SYSTEM32\winipsec.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-08 11:27:56 249344 --a------ C:\WINDOWS\SYSTEM32\tapisrv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 23040 --a------ C:\WINDOWS\SYSTEM32\psapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 58880 --a------ C:\WINDOWS\SYSTEM32\rastapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 12:37:10 8192 --a------ C:\WINDOWS\SYSTEM32\rasadhlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:57 206848 --a------ C:\WINDOWS\SYSTEM32\unimdm.tsp <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 13824 --a------ C:\WINDOWS\SYSTEM32\uniplat.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 74240 --a------ C:\WINDOWS\SYSTEM32\unimdmat.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 153600 --a------ C:\WINDOWS\SYSTEM32\modemui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:57 33280 --a------ C:\WINDOWS\SYSTEM32\kmddsp.tsp <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:57 56832 --a------ C:\WINDOWS\SYSTEM32\ndptsp.tsp <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:57 17408 --a------ C:\WINDOWS\SYSTEM32\ipconf.tsp <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:57 265728 --a------ C:\WINDOWS\SYSTEM32\h323.tsp <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:57 29696 --a------ C:\WINDOWS\SYSTEM32\hidphone.tsp <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 20992 --a------ C:\WINDOWS\SYSTEM32\hid.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 206336 --a------ C:\WINDOWS\SYSTEM32\rasppp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 8192 --a------ C:\WINDOWS\SYSTEM32\ntlsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-06-15 12:49:30 295936 --a------ C:\WINDOWS\SYSTEM32\kerberos.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 33280 --a------ C:\WINDOWS\SYSTEM32\cryptdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 657920 --a------ C:\WINDOWS\SYSTEM32\rasdlg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 126976 --a------ C:\WINDOWS\SYSTEM32\apphelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:34 124928 --a------ C:\WINDOWS\SYSTEM32\advpack.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-06-26 01:08:16 1104896 --a------ C:\WINDOWS\SYSTEM32\msxml3.dll <Not Verified; Microsoft Corporation; Microsoft® MSXML 3.0 SP9>
2004-08-04 02:56:46 16896 --a------ C:\WINDOWS\SYSTEM32\winrnr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 00:31:43 137216 --a------ C:\WINDOWS\SYSTEM32\dssenh.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 60416 --a------ C:\WINDOWS\SYSTEM32\cryptsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 194560 --a------ C:\WINDOWS\SYSTEM32\certcli.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:43 625152 --a------ C:\WINDOWS\SYSTEM32\catsrvut.dll <Not Verified; Microsoft Corporation; COM Services>
2005-07-25 23:39:42 225792 --a------ C:\WINDOWS\SYSTEM32\catsrv.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:42 22528 --a----c- C:\WINDOWS\SYSTEM32\mfcsubs.dll <Not Verified; Microsoft Corporation; COM Services>
2007-08-20 05:04:42 1152000 --a------ C:\WINDOWS\SYSTEM32\urlmon.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-07-30 19:19:12 43352 --a------ C:\WINDOWS\SYSTEM32\wups2.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\WBEM\wbemprox.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\WINDOWS\SYSTEM32\spoolsv.exe (pid 1404)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:45 65536 --a------ C:\WINDOWS\SYSTEM32\shimeng.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 1852416 --a------ C:\WINDOWS\AppPatch\acgenral.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 176128 --a------ C:\WINDOWS\SYSTEM32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-05-17 06:28:05 549376 --a------ C:\WINDOWS\SYSTEM32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 02:56:42 71680 --a------ C:\WINDOWS\SYSTEM32\msacm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 22:34:01 8460288 --a------ C:\WINDOWS\SYSTEM32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-09-23 12:12:50 474112 --a------ C:\WINDOWS\SYSTEM32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 723456 --a------ C:\WINDOWS\SYSTEM32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 218624 --a------ C:\WINDOWS\SYSTEM32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2001-08-18 06:00:00 14848 --a------ C:\WINDOWS\SYSTEM32\SERWVDRV.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-18 06:00:00 13312 --a------ C:\WINDOWS\SYSTEM32\UMDMXFRM.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:58 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:45 74752 --a------ C:\WINDOWS\SYSTEM32\spoolss.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 82944 --a------ C:\WINDOWS\SYSTEM32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 12:37:10 148480 --a------ C:\WINDOWS\SYSTEM32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 12:37:10 8192 --a------ C:\WINDOWS\SYSTEM32\rasadhlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 341504 --a------ C:\WINDOWS\SYSTEM32\localspl.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 55808 --a------ C:\WINDOWS\SYSTEM32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 140288 --a------ C:\WINDOWS\SYSTEM32\sfc_os.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 176640 --a------ C:\WINDOWS\SYSTEM32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 597504 --a------ C:\WINDOWS\SYSTEM32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 57344 --a------ C:\WINDOWS\SYSTEM32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 144384 --a------ C:\WINDOWS\SYSTEM32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:57 146432 --a------ C:\WINDOWS\SYSTEM32\winspool.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 07:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 47104 --a------ C:\WINDOWS\SYSTEM32\cnbjmon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-12-23 13:12:22 155648 --a------ C:\WINDOWS\SYSTEM32\HPTcpMon.dll <Not Verified; Hewlett Packard; HP® Standard Port Monitor>
2006-01-26 15:06:52 139264 --a------ C:\WINDOWS\SYSTEM32\hpzjrd01.dll <Not Verified; Hewlett Packard; Hewlett Packard Rediscovery Library>
2005-12-23 13:14:44 233472 --a------ C:\WINDOWS\SYSTEM32\HPTcpMUI.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-12-23 13:11:02 102400 --a------ C:\WINDOWS\SYSTEM32\HPTcpMib.dll <Not Verified; Hewlett Packard; HP® Standard Port Monitor>
2004-08-04 02:56:42 14848 --a----c- C:\WINDOWS\SYSTEM32\mgmtapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:45 18944 --a------ C:\WINDOWS\SYSTEM32\snmpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 42496 --a----c- C:\WINDOWS\SYSTEM32\wsnmp32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-03-22 17:17:05 24816 --a------ C:\WINDOWS\SYSTEM32\mdimon.dll <Not Verified; Microsoft Corporation; Microsoft Office Document Imaging>
2007-04-18 11:12:23 2854400 --a------ C:\WINDOWS\SYSTEM32\msi.dll <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2006-04-10 14:03:02 38400 --a------ C:\WINDOWS\SYSTEM32\hpz3l054.dll <Not Verified; Hewlett-Packard Company; Language Monitor>
2004-08-04 02:56:44 15360 --a------ C:\WINDOWS\SYSTEM32\pjlmon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 45568 --a------ C:\WINDOWS\SYSTEM32\tcpmon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 16896 --a------ C:\WINDOWS\SYSTEM32\usbmon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-04-10 14:02:32 74240 --a------ C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\hpzpp054.dll <Not Verified; Hewlett-Packard Corporation; HP Print Processor>
2004-03-22 17:17:06 25840 --a------ C:\WINDOWS\SYSTEM32\SPOOL\PRTPROCS\W32X86\mdippr.dll <Not Verified; Microsoft Corporation; Microsoft Office Document Imaging>
2004-08-04 02:56:44 245248 --a------ C:\WINDOWS\SYSTEM32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 16896 --a------ C:\WINDOWS\SYSTEM32\winrnr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 172032 --a------ C:\WINDOWS\SYSTEM32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 101888 --a------ C:\WINDOWS\SYSTEM32\win32spl.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 12288 --a------ C:\WINDOWS\SYSTEM32\netrap.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 67072 --a------ C:\WINDOWS\SYSTEM32\ntdsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 75264 --a------ C:\WINDOWS\SYSTEM32\inetpp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:43 498688 --a------ C:\WINDOWS\SYSTEM32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:41 792064 --a------ C:\WINDOWS\SYSTEM32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:36 2897920 -----n--- C:\WINDOWS\SYSTEM32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 344064 --a------ C:\WINDOWS\SYSTEM32\hnetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 1708032 --a------ C:\WINDOWS\SYSTEM32\netshell.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 44032 --a------ C:\WINDOWS\SYSTEM32\rtutils.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 163840 --a------ C:\WINDOWS\SYSTEM32\credui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 58880 --a------ C:\WINDOWS\SYSTEM32\atl.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2006-05-19 07:59:41 94720 --a------ C:\WINDOWS\SYSTEM32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\wshtcpip.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:13 177152 --a------ C:\WINDOWS\SYSTEM32\msctfime.ime <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (pid 1640)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 22528 --a------ C:\WINDOWS\SYSTEM32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 82944 --a------ C:\WINDOWS\SYSTEM32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-03 23:56:46 983552 --a------ C:\WINDOWS\SYSTEM32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2004-08-04 02:56:44 245248 --a------ C:\WINDOWS\SYSTEM32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 344064 --a------ C:\WINDOWS\SYSTEM32\hnetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\wshtcpip.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 176640 --a------ C:\WINDOWS\SYSTEM32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 597504 --a------ C:\WINDOWS\SYSTEM32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 57344 --a------ C:\WINDOWS\SYSTEM32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 144384 --a------ C:\WINDOWS\SYSTEM32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE (pid 1700)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-05-17 06:28:05 549376 --a------ C:\WINDOWS\SYSTEM32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2007-10-25 22:34:01 8460288 --a------ C:\WINDOWS\SYSTEM32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-09-23 12:12:50 474112 --a------ C:\WINDOWS\SYSTEM32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2006-08-25 10:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:58 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 23040 --a------ C:\WINDOWS\SYSTEM32\psapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:36 2897920 -----n--- C:\WINDOWS\SYSTEM32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:43 498688 --a------ C:\WINDOWS\SYSTEM32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:41 792064 --a------ C:\WINDOWS\SYSTEM32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2002-01-05 08:03:46 176128 --a------ C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>

C:\Program Files\Norton AntiVirus\Navapsvc.exe (pid 1744)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 413696 --a------ C:\WINDOWS\SYSTEM32\msvcp60.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-05-17 06:28:05 549376 --a------ C:\WINDOWS\SYSTEM32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2004-08-04 02:56:36 2897920 -----n--- C:\WINDOWS\SYSTEM32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:43 498688 --a------ C:\WINDOWS\SYSTEM32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:41 792064 --a------ C:\WINDOWS\SYSTEM32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-18 11:12:23 2854400 --a------ C:\WINDOWS\SYSTEM32\msi.dll <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2006-10-19 08:56:32 713216 --a------ C:\WINDOWS\SYSTEM32\sxs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 218624 --a------ C:\WINDOWS\SYSTEM32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\Program Files\Norton AntiVirus\Navapw32.exe (pid 1772)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 22:34:01 8460288 --a------ C:\WINDOWS\SYSTEM32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-09-23 12:12:50 474112 --a------ C:\WINDOWS\SYSTEM32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-05-17 06:28:05 549376 --a------ C:\WINDOWS\SYSTEM32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2001-08-16 16:28:28 36864 --a------ C:\Program Files\Norton AntiVirus\Apwutil.dll <Not Verified; Symantec Corporation; Norton AntiVirus>
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2006-08-25 10:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-16 16:36:44 94208 --a------ C:\Program Files\Norton AntiVirus\Apwcmdnt.dll <Not Verified; Symantec Corporation; Norton AntiVirus>
2004-08-04 02:56:43 413696 --a------ C:\WINDOWS\SYSTEM32\msvcp60.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 02:56:46 218624 --a------ C:\WINDOWS\SYSTEM32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:13 177152 --a------ C:\WINDOWS\SYSTEM32\msctfime.ime <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-16 16:45:10 208896 --a------ C:\Program Files\Norton AntiVirus\DefAlert.dll <Not Verified; Symantec Corporation; Norton AntiVirus>
2004-08-04 02:56:41 58880 --a------ C:\WINDOWS\SYSTEM32\atl.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2007-08-20 05:04:43 824832 --a------ C:\WINDOWS\SYSTEM32\wininet.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2006-06-29 07:05:44 23552 -----n--- C:\WINDOWS\SYSTEM32\normaliz.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:38 267776 --a------ C:\WINDOWS\SYSTEM32\iertutil.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-16 16:33:12 106496 --a------ C:\Program Files\Norton AntiVirus\NAVProxy.dll <Not Verified; Symantec Corporation; Norton AntiVirus>
2001-08-06 12:10:14 29808 --a------ C:\WINDOWS\SYSTEM32\SymRedir.dll <Not Verified; Symantec Corporation; Symantec Security Drivers>
2004-08-04 02:56:46 82944 --a------ C:\WINDOWS\SYSTEM32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 245248 --a------ C:\WINDOWS\SYSTEM32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 344064 --a------ C:\WINDOWS\SYSTEM32\hnetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\wshtcpip.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 597504 --a------ C:\WINDOWS\SYSTEM32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 57344 --a------ C:\WINDOWS\SYSTEM32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 00:31:43 152576 --a------ C:\WINDOWS\SYSTEM32\rsaenh.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:36 2897920 -----n--- C:\WINDOWS\SYSTEM32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 723456 --a------ C:\WINDOWS\SYSTEM32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 55808 --a------ C:\WINDOWS\SYSTEM32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 07:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 63488 --a------ C:\WINDOWS\SYSTEM32\cryptnet.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 172032 --a------ C:\WINDOWS\SYSTEM32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 351232 --a------ C:\WINDOWS\SYSTEM32\winhttp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 6656 --a------ C:\WINDOWS\SYSTEM32\sensapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:43 498688 --a------ C:\WINDOWS\SYSTEM32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:41 792064 --a------ C:\WINDOWS\SYSTEM32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2007-04-18 11:12:23 2854400 --a------ C:\WINDOWS\SYSTEM32\msi.dll <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2006-10-19 08:56:32 713216 --a------ C:\WINDOWS\SYSTEM32\sxs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-03 23:56:46 983552 --a------ C:\WINDOWS\SYSTEM32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:42 1152000 --a------ C:\WINDOWS\SYSTEM32\urlmon.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2004-08-04 02:56:41 126976 --a------ C:\WINDOWS\SYSTEM32\apphelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\WINDOWS\SYSTEM32\nvsvc32.exe (pid 1792)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 723456 --a------ C:\WINDOWS\SYSTEM32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2004-08-04 02:56:46 18432 --a------ C:\WINDOWS\SYSTEM32\wtsapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 53760 --a------ C:\WINDOWS\SYSTEM32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 07:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-09-23 12:12:50 474112 --a------ C:\WINDOWS\SYSTEM32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:58 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 218624 --a------ C:\WINDOWS\SYSTEM32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:13 177152 --a------ C:\WINDOWS\SYSTEM32\msctfime.ime <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 55808 --a------ C:\WINDOWS\SYSTEM32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 129536 --a------ C:\WINDOWS\SYSTEM32\msv1_0.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 82944 --a------ C:\WINDOWS\SYSTEM32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 07:59:41 94720 --a------ C:\WINDOWS\SYSTEM32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 126976 --a------ C:\WINDOWS\SYSTEM32\apphelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>



C:\WINDOWS\SYSTEM32\HPZipm12.exe (pid 1804)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 22528 --a------ C:\WINDOWS\SYSTEM32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 82944 --a------ C:\WINDOWS\SYSTEM32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2004-08-04 02:56:44 118784 --a------ C:\WINDOWS\SYSTEM32\ntmarta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 172032 --a------ C:\WINDOWS\SYSTEM32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 64000 --a------ C:\WINDOWS\SYSTEM32\samlib.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 218624 --a------ C:\WINDOWS\SYSTEM32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-03-03 21:02:04 57344 --a------ C:\WINDOWS\SYSTEM32\HPZisn12.dll <Not Verified; HP; HP SNMP Windows>
2006-03-03 21:02:30 94208 --a------ C:\WINDOWS\SYSTEM32\HPZipt12.dll <Not Verified; HP; HP SNMP Windows>
2004-08-04 02:56:44 245248 --a------ C:\WINDOWS\SYSTEM32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 344064 --a------ C:\WINDOWS\SYSTEM32\hnetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\wshtcpip.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\WINDOWS\SYSTEM32\svchost.exe (pid 1936)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:45 65536 --a------ C:\WINDOWS\SYSTEM32\shimeng.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 1852416 --a------ C:\WINDOWS\AppPatch\acgenral.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 176128 --a------ C:\WINDOWS\SYSTEM32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-05-17 06:28:05 549376 --a------ C:\WINDOWS\SYSTEM32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 02:56:42 71680 --a------ C:\WINDOWS\SYSTEM32\msacm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 22:34:01 8460288 --a------ C:\WINDOWS\SYSTEM32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-09-23 12:12:50 474112 --a------ C:\WINDOWS\SYSTEM32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 723456 --a------ C:\WINDOWS\SYSTEM32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 218624 --a------ C:\WINDOWS\SYSTEM32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2001-08-18 06:00:00 14848 --a------ C:\WINDOWS\SYSTEM32\SERWVDRV.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-18 06:00:00 13312 --a------ C:\WINDOWS\SYSTEM32\UMDMXFRM.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:58 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-12-19 13:16:47 333824 --a------ C:\WINDOWS\SYSTEM32\wiaservc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:00 16896 --a------ C:\WINDOWS\SYSTEM32\cfgmgr32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-03 23:56:46 983552 --a------ C:\WINDOWS\SYSTEM32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-06-28 20:46:00 74240 --a------ C:\WINDOWS\SYSTEM32\mscms.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:57 146432 --a------ C:\WINDOWS\SYSTEM32\winspool.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 53760 --a------ C:\WINDOWS\SYSTEM32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 07:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:36 2897920 -----n--- C:\WINDOWS\SYSTEM32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:43 498688 --a------ C:\WINDOWS\SYSTEM32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:41 792064 --a------ C:\WINDOWS\SYSTEM32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:46 176640 --a------ C:\WINDOWS\SYSTEM32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 597504 --a------ C:\WINDOWS\SYSTEM32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 57344 --a------ C:\WINDOWS\SYSTEM32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 144384 --a------ C:\WINDOWS\SYSTEM32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-04-12 19:02:35 659456 -ra------ C:\WINDOWS\SYSTEM32\hpowiax2.dll <Not Verified; Hewlett-Packard; hpowiax2.dll>
2004-08-04 02:56:41 101888 --a------ C:\WINDOWS\SYSTEM32\actxprxy.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:45 67584 --a------ C:\WINDOWS\SYSTEM32\sti.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\WINDOWS\SYSTEM32\MsPMSPSv.exe (pid 1988)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2004-08-04 02:56:44 118784 --a------ C:\WINDOWS\SYSTEM32\ntmarta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 172032 --a------ C:\WINDOWS\SYSTEM32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 64000 --a------ C:\WINDOWS\SYSTEM32\samlib.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (pid 180)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-05-17 06:28:05 549376 --a------ C:\WINDOWS\SYSTEM32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2006-08-25 10:45:58 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 413696 --a------ C:\WINDOWS\SYSTEM32\msvcp60.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2004-08-04 02:56:46 218624 --a------ C:\WINDOWS\SYSTEM32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:13 177152 --a------ C:\WINDOWS\SYSTEM32\msctfime.ime <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:36 2897920 -----n--- C:\WINDOWS\SYSTEM32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:43 498688 --a------ C:\WINDOWS\SYSTEM32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:41 792064 --a------ C:\WINDOWS\SYSTEM32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2006-02-19 03:46:02 147456 --a------ C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2006-09-23 12:12:50 474112 --a------ C:\WINDOWS\SYSTEM32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:45 25088 --a------ C:\WINDOWS\SYSTEM32\shfolder.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18432 --a------ C:\WINDOWS\SYSTEM32\wtsapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 53760 --a------ C:\WINDOWS\SYSTEM32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 07:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-18 11:12:23 2854400 --a------ C:\WINDOWS\SYSTEM32\msi.dll <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2006-02-19 04:20:44 102400 --a------ C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2007-10-25 22:34:01 8460288 --a------ C:\WINDOWS\SYSTEM32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-02-19 03:44:32 65536 --a------ C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2006-02-19 03:45:52 65536 --a------ C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2006-10-19 08:56:32 713216 --a------ C:\WINDOWS\SYSTEM32\sxs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-04-20 21:16:24 212992 --a------ C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2004-08-04 02:56:57 146432 --a------ C:\WINDOWS\SYSTEM32\winspool.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-03 23:56:46 983552 --a------ C:\WINDOWS\SYSTEM32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:00 16896 --a------ C:\WINDOWS\SYSTEM32\cfgmgr32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-04-20 21:09:10 28672 --a------ C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2006-02-19 04:18:28 90112 --a------ C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2006-02-19 04:20:06 827445 --a------ C:\Program Files\HP\Digital Imaging\bin\hpodio08.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2004-08-04 02:56:46 22528 --a------ C:\WINDOWS\SYSTEM32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 82944 --a------ C:\WINDOWS\SYSTEM32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-02-19 05:37:24 53248 --a------ C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2006-02-19 05:35:18 237568 --a------ C:\Program Files\HP\Digital Imaging\bin\hpqrif08.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2006-02-09 16:46:34 77824 --a------ C:\Program Files\HP\Digital Imaging\Unload\hpnkhTA.dll <Not Verified; Hewlett-Packard; TrayAppPlugin Module>
2003-03-19 13:19:58 1060864 --a------ C:\WINDOWS\SYSTEM32\MFC71.dll <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2003-02-21 20:42:20 348160 -----n--- C:\WINDOWS\SYSTEM32\msvcr71.dll <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2003-03-18 21:05:50 89088 --a------ C:\WINDOWS\SYSTEM32\atl71.dll <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2003-08-27 15:43:16 499712 --a------ C:\WINDOWS\SYSTEM32\msvcp71.dll <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2003-03-18 20:44:38 57344 --a------ C:\WINDOWS\SYSTEM32\MFC71ENU.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2006-02-19 05:23:26 241664 --a------ C:\Program Files\HP\Digital Imaging\bin\hpqmif08.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2006-02-19 05:37:06 77312 --a------ C:\Program Files\HP\Digital Imaging\bin\hpodvd09.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2006-02-19 05:36:44 91648 --a------ C:\Program Files\HP\Digital Imaging\bin\hpoddcomm09.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2006-03-03 21:03:38 282680 --a------ C:\WINDOWS\SYSTEM32\HPZidr12.dll <Not Verified; HP; HP Dot4Rtl>
2006-03-03 21:02:58 204800 --a------ C:\WINDOWS\SYSTEM32\HPZipr12.dll <Not Verified; HP; HP PmlRtl>
2006-02-19 05:26:04 286720 --a------ C:\Program Files\HP\Digital Imaging\bin\hpocxi08.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2004-08-04 02:56:42 59904 --a------ C:\WINDOWS\SYSTEM32\mpr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 14336 --a------ C:\WINDOWS\SYSTEM32\drprov.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 43520 --a------ C:\WINDOWS\SYSTEM32\ntlanman.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 80896 --a------ C:\WINDOWS\SYSTEM32\netui0.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 245760 --a------ C:\WINDOWS\SYSTEM32\netui1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 12288 --a------ C:\WINDOWS\SYSTEM32\netrap.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 64000 --a------ C:\WINDOWS\SYSTEM32\samlib.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 24576 --a------ C:\WINDOWS\SYSTEM32\davclnt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 101888 --a------ C:\WINDOWS\SYSTEM32\cscdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-03-14 14:49:44 659528 --a------ C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\hpcdmc32.dll <Not Verified; HP; DMC>
2007-08-20 05:04:43 824832 --a------ C:\WINDOWS\SYSTEM32\wininet.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2006-06-29 07:05:44 23552 -----n--- C:\WINDOWS\SYSTEM32\normaliz.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:38 267776 --a------ C:\WINDOWS\SYSTEM32\iertutil.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2004-08-04 02:56:44 58880 --a------ C:\WINDOWS\SYSTEM32\resutils.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 723456 --a------ C:\WINDOWS\SYSTEM32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 57856 --a------ C:\WINDOWS\SYSTEM32\clusapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 118784 --a------ C:\WINDOWS\SYSTEM32\ntmarta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 172032 --a------ C:\WINDOWS\SYSTEM32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-02-19 04:17:06 344064 --a------ C:\Program Files\HP\Digital Imaging\bin\hpqusg.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2004-08-04 02:56:44 55808 --a------ C:\WINDOWS\SYSTEM32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:42 1152000 --a------ C:\WINDOWS\SYSTEM32\urlmon.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2004-08-04 02:56:44 236544 --a------ C:\WINDOWS\SYSTEM32\rasapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 61440 --a------ C:\WINDOWS\SYSTEM32\rasman.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 181760 --a------ C:\WINDOWS\SYSTEM32\tapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 44032 --a------ C:\WINDOWS\SYSTEM32\rtutils.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 176128 --a------ C:\WINDOWS\SYSTEM32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-18 06:00:00 14848 --a------ C:\WINDOWS\SYSTEM32\SERWVDRV.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-18 06:00:00 13312 --a------ C:\WINDOWS\SYSTEM32\UMDMXFRM.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 129536 --a------ C:\WINDOWS\SYSTEM32\msv1_0.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 07:59:41 94720 --a------ C:\WINDOWS\SYSTEM32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 6656 --a------ C:\WINDOWS\SYSTEM32\sensapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 245248 --a------ C:\WINDOWS\SYSTEM32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 12:37:10 148480 --a------ C:\WINDOWS\SYSTEM32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 16896 --a------ C:\WINDOWS\SYSTEM32\winrnr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 12:37:10 8192 --a------ C:\WINDOWS\SYSTEM32\rasadhlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 87040 --a------ C:\WINDOWS\SYSTEM32\mprapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 194048 --a------ C:\WINDOWS\SYSTEM32\activeds.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 143360 --a------ C:\WINDOWS\SYSTEM32\adsldpc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 58880 --a------ C:\WINDOWS\SYSTEM32\atl.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 02:56:42 344064 --a------ C:\WINDOWS\SYSTEM32\hnetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\wshtcpip.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe (pid 944)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-05-17 06:28:05 549376 --a------ C:\WINDOWS\SYSTEM32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 02:56:45 25088 --a------ C:\WINDOWS\SYSTEM32\shfolder.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 413696 --a------ C:\WINDOWS\SYSTEM32\msvcp60.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2004-08-04 02:56:46 218624 --a------ C:\WINDOWS\SYSTEM32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:36 2897920 -----n--- C:\WINDOWS\SYSTEM32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:13 177152 --a------ C:\WINDOWS\SYSTEM32\msctfime.ime <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-09-23 12:12:50 474112 --a------ C:\WINDOWS\SYSTEM32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:58 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:43 498688 --a------ C:\WINDOWS\SYSTEM32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:41 792064 --a------ C:\WINDOWS\SYSTEM32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-18 11:12:23 2854400 --a------ C:\WINDOWS\SYSTEM32\msi.dll <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2006-10-19 08:56:32 713216 --a------ C:\WINDOWS\SYSTEM32\sxs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-01-26 15:06:52 139264 --a------ C:\WINDOWS\SYSTEM32\hpzjrd01.dll <Not Verified; Hewlett Packard; Hewlett Packard Rediscovery Library>
2004-08-04 02:56:46 82944 --a------ C:\WINDOWS\SYSTEM32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 245248 --a------ C:\WINDOWS\SYSTEM32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 12:37:10 148480 --a------ C:\WINDOWS\SYSTEM32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 172032 --a------ C:\WINDOWS\SYSTEM32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 344064 --a------ C:\WINDOWS\SYSTEM32\hnetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 1708032 --a------ C:\WINDOWS\SYSTEM32\netshell.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 44032 --a------ C:\WINDOWS\SYSTEM32\rtutils.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 163840 --a------ C:\WINDOWS\SYSTEM32\credui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 22:34:01 8460288 --a------ C:\WINDOWS\SYSTEM32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 58880 --a------ C:\WINDOWS\SYSTEM32\atl.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2006-05-19 07:59:41 94720 --a------ C:\WINDOWS\SYSTEM32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\WBEM\wbemprox.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 214528 --a------ C:\WINDOWS\SYSTEM32\WBEM\wbemcomn.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 43520 --a------ C:\WINDOWS\SYSTEM32\WBEM\wbemsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 472064 --a------ C:\WINDOWS\SYSTEM32\WBEM\fastprox.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 67072 --a------ C:\WINDOWS\SYSTEM32\ntdsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 07:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 55808 --a------ C:\WINDOWS\SYSTEM32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 12:37:10 8192 --a------ C:\WINDOWS\SYSTEM32\rasadhlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-01-27 08:56:20 28672 --a------ C:\WINDOWS\SYSTEM32\hpzjfw01.dll <Not Verified; Hewlett-Packard; Firewall>
2004-08-04 02:56:46 16896 --a------ C:\WINDOWS\SYSTEM32\winrnr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:45 74752 --a------ C:\WINDOWS\SYSTEM32\spoolss.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (pid 2360)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-02-19 03:30:04 143360 --a------ C:\Program Files\HP\Digital Imaging\bin\hpqmfc09.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2004-08-04 02:56:43 120832 --a------ C:\WINDOWS\SYSTEM32\msvfw32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 176128 --a------ C:\WINDOWS\SYSTEM32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 22:34:01 8460288 --a------ C:\WINDOWS\SYSTEM32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-09-23 12:12:50 474112 --a------ C:\WINDOWS\SYSTEM32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:58 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-02-19 03:02:46 53248 --a------ C:\Program Files\HP\Digital Imaging\bin\hpqtap08.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2004-08-04 02:56:42 1028096 --a------ C:\WINDOWS\SYSTEM32\mfc42.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2005-07-25 23:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-05-17 06:28:05 549376 --a------ C:\WINDOWS\SYSTEM32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 02:56:43 413696 --a------ C:\WINDOWS\SYSTEM32\msvcp60.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 02:56:58 1712128 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:57 146432 --a------ C:\WINDOWS\SYSTEM32\winspool.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2001-08-18 06:00:00 14848 --a------ C:\WINDOWS\SYSTEM32\SERWVDRV.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-18 06:00:00 13312 --a------ C:\WINDOWS\SYSTEM32\UMDMXFRM.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 218624 --a------ C:\WINDOWS\SYSTEM32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:43 498688 --a------ C:\WINDOWS\SYSTEM32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:41 792064 --a------ C:\WINDOWS\SYSTEM32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-02-19 03:46:02 147456 --a------ C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2004-08-04 02:56:45 25088 --a------ C:\WINDOWS\SYSTEM32\shfolder.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:13 177152 --a------ C:\WINDOWS\SYSTEM32\msctfime.ime <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-02-19 05:31:54 172032 --a------ C:\Program Files\HP\Digital Imaging\bin\hpqste08.rsc <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2007-08-20 05:04:37 6058496 --a------ C:\WINDOWS\SYSTEM32\ieframe.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2004-08-04 02:56:44 23040 --a------ C:\WINDOWS\SYSTEM32\psapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:38 267776 --a------ C:\WINDOWS\SYSTEM32\iertutil.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:43 824832 --a------ C:\WINDOWS\SYSTEM32\wininet.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2006-06-29 07:05:44 23552 -----n--- C:\WINDOWS\SYSTEM32\normaliz.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 55808 --a------ C:\WINDOWS\SYSTEM32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 82944 --a------ C:\WINDOWS\SYSTEM32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 126976 --a------ C:\WINDOWS\SYSTEM32\apphelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-10-19 08:56:32 713216 --a------ C:\WINDOWS\SYSTEM32\sxs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:42 1152000 --a------ C:\WINDOWS\SYSTEM32\urlmon.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2004-08-03 23:56:46 983552 --a------ C:\WINDOWS\SYSTEM32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:41 3584512 --a------ C:\WINDOWS\SYSTEM32\mshtml.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2006-10-17 12:33:40 156160 --a------ C:\WINDOWS\SYSTEM32\msls31.dll <Not Verified; Microsoft Corporation; Microsoft® Line Services>
2002-01-05 15:05:48 180224 --a------ C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\PDM.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2004-08-04 02:56:36 2897920 -----n--- C:\WINDOWS\SYSTEM32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2002-01-05 08:03:46 176128 --a------ C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2004-08-04 02:56:43 159232 --a------ C:\WINDOWS\SYSTEM32\msimtf.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 294400 --a------ C:\WINDOWS\SYSTEM32\msctf.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 723456 --a------ C:\WINDOWS\SYSTEM32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 586240 --a------ C:\WINDOWS\SYSTEM32\mlang.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-18 11:12:23 2854400 --a------ C:\WINDOWS\SYSTEM32\msi.dll <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2006-02-19 05:31:04 147456 --a------ C:\Program Files\HP\Digital Imaging\bin\hpqsti08.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2006-02-19 04:18:28 90112 --a------ C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2006-02-19 05:25:12 139264 --a------ C:\Program Files\HP\Digital Imaging\bin\hpqstp08.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2006-02-19 04:20:06 827445 --a------ C:\Program Files\HP\Digital Imaging\bin\hpodio08.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2004-08-04 02:56:46 22528 --a------ C:\WINDOWS\SYSTEM32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18432 --a------ C:\WINDOWS\SYSTEM32\wtsapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 53760 --a------ C:\WINDOWS\SYSTEM32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 07:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-02-19 05:26:04 286720 --a------ C:\Program Files\HP\Digital Imaging\bin\hpocxi08.dll <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2006-03-03 21:03:38 282680 --a------ C:\WINDOWS\SYSTEM32\HPZidr12.dll <Not Verified; HP; HP Dot4Rtl>
2006-02-19 05:27:20 667648 --a------ C:\Program Files\HP\Digital Imaging\bin\hpqsem08.rsc <Not Verified; Hewlett-Packard Development Company, L.P.; hp digital imaging>
2006-03-03 21:02:58 204800 --a------ C:\WINDOWS\SYSTEM32\HPZipr12.dll <Not Verified; HP; HP PmlRtl>
2007-04-13 03:21:14 271360 --a------ C:\WINDOWS\SYSTEM32\mscoree.dll <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
2005-09-23 07:28:50 9216 --a------ C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
2006-12-01 22:54:32 626688 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll <Not Verified; Microsoft Corporation; Microsoft® Visual Studio® 2005>
2007-04-13 03:21:12 5634048 --a------ C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
2005-10-25 14:13:40 204800 --a------ C:\Program Files\HP\Digital Imaging\bin\crm\hpqcrmcm.dll <Not Verified; Hewlett-Packard Company; HP CRM Content Manager>
2005-10-20 10:36:08 65536 -ra------ C:\Program Files\HP\Digital Imaging\bin\crm\xmlparse.dll <Not Verified; ; xmlparse Dynamic Link Library>
2005-10-20 10:36:08 77824 -ra------ C:\Program Files\HP\Digital Imaging\bin\crm\xmltok.dll <Not Verified; ; xmltok Dynamic Link Library>
2005-11-02 11:00:02 813568 -ra------ C:\Program Files\HP\Digital Imaging\bin\dbghelp.dll <Not Verified; Microsoft Corporation; Debugging Tools for Windows®>

C:\Program Files\iPod\bin\iPodService.exe (pid 2744)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:00 16896 --a------ C:\WINDOWS\SYSTEM32\cfgmgr32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-03 23:56:46 983552 --a------ C:\WINDOWS\SYSTEM32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-05-17 06:28:05 549376 --a------ C:\WINDOWS\SYSTEM32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2007-11-02 18:36:32 43520 --a------ C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll <Not Verified; Apple Inc.; iTunes>
2007-11-02 18:36:32 42496 --a------ C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll <Not Verified; Apple Inc.; iTunes>
2004-08-04 02:56:36 2897920 -----n--- C:\WINDOWS\SYSTEM32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:43 498688 --a------ C:\WINDOWS\SYSTEM32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:41 792064 --a------ C:\WINDOWS\SYSTEM32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2007-04-18 11:12:23 2854400 --a------ C:\WINDOWS\SYSTEM32\msi.dll <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2006-10-19 08:56:32 713216 --a------ C:\WINDOWS\SYSTEM32\sxs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 218624 --a------ C:\WINDOWS\SYSTEM32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18432 --a------ C:\WINDOWS\SYSTEM32\wtsapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 53760 --a------ C:\WINDOWS\SYSTEM32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 07:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 176640 --a------ C:\WINDOWS\SYSTEM32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 597504 --a------ C:\WINDOWS\SYSTEM32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 57344 --a------ C:\WINDOWS\SYSTEM32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 144384 --a------ C:\WINDOWS\SYSTEM32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\WINDOWS\explorer.exe (pid 3228)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-09-23 12:12:50 1022976 --a------ C:\WINDOWS\SYSTEM32\browseui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-09-23 12:12:50 474112 --a------ C:\WINDOWS\SYSTEM32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-05-17 06:28:05 549376 --a------ C:\WINDOWS\SYSTEM32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2006-09-04 01:12:56 1497088 --a------ C:\WINDOWS\SYSTEM32\shdocvw.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 597504 --a------ C:\WINDOWS\SYSTEM32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 57344 --a------ C:\WINDOWS\SYSTEM32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 512512 --a------ C:\WINDOWS\SYSTEM32\cryptui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 176640 --a------ C:\WINDOWS\SYSTEM32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 144384 --a------ C:\WINDOWS\SYSTEM32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 07:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:43 824832 --a------ C:\WINDOWS\SYSTEM32\wininet.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2006-06-29 07:05:44 23552 -----n--- C:\WINDOWS\SYSTEM32\normaliz.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:38 267776 --a------ C:\WINDOWS\SYSTEM32\iertutil.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2004-08-04 02:56:46 172032 --a------ C:\WINDOWS\SYSTEM32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 22:34:01 8460288 --a------ C:\WINDOWS\SYSTEM32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 218624 --a------ C:\WINDOWS\SYSTEM32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:45 65536 --a------ C:\WINDOWS\SYSTEM32\shimeng.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 1852416 --a------ C:\WINDOWS\AppPatch\acgenral.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 176128 --a------ C:\WINDOWS\SYSTEM32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 71680 --a------ C:\WINDOWS\SYSTEM32\msacm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 723456 --a------ C:\WINDOWS\SYSTEM32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2006-08-25 10:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:58 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-18 06:00:00 14848 --a------ C:\WINDOWS\SYSTEM32\SERWVDRV.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-18 06:00:00 13312 --a------ C:\WINDOWS\SYSTEM32\UMDMXFRM.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:13 177152 --a------ C:\WINDOWS\SYSTEM32\msctfime.ime <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 126976 --a------ C:\WINDOWS\SYSTEM32\apphelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:43 498688 --a------ C:\WINDOWS\SYSTEM32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:41 792064 --a------ C:\WINDOWS\SYSTEM32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:41 326656 --a------ C:\WINDOWS\SYSTEM32\cscui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 101888 --a------ C:\WINDOWS\SYSTEM32\cscdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 385536 --a------ C:\WINDOWS\SYSTEM32\themeui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 55808 --a------ C:\WINDOWS\SYSTEM32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 4608 --a------ C:\WINDOWS\SYSTEM32\msimg32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:36 2897920 -----n--- C:\WINDOWS\SYSTEM32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-08-31 20:41:53 19968 --a------ C:\WINDOWS\SYSTEM32\linkinfo.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 143872 --a------ C:\WINDOWS\SYSTEM32\ntshrui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 58880 --a------ C:\WINDOWS\SYSTEM32\atl.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 02:56:44 64000 --a------ C:\WINDOWS\SYSTEM32\samlib.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-03 23:56:46 983552 --a------ C:\WINDOWS\SYSTEM32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-18 11:12:23 2854400 --a------ C:\WINDOWS\SYSTEM32\msi.dll <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2007-08-20 05:04:37 6058496 --a------ C:\WINDOWS\SYSTEM32\ieframe.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2004-08-04 02:56:44 23040 --a------ C:\WINDOWS\SYSTEM32\psapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:42 1152000 --a------ C:\WINDOWS\SYSTEM32\urlmon.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2004-08-04 02:56:42 586240 --a------ C:\WINDOWS\SYSTEM32\mlang.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 1708032 --a------ C:\WINDOWS\SYSTEM32\netshell.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 44032 --a------ C:\WINDOWS\SYSTEM32\rtutils.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 163840 --a------ C:\WINDOWS\SYSTEM32\credui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 82944 --a------ C:\WINDOWS\SYSTEM32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 07:59:41 94720 --a------ C:\WINDOWS\SYSTEM32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 53760 --a------ C:\WINDOWS\SYSTEM32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:42 232960 --a------ C:\WINDOWS\SYSTEM32\webcheck.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2004-08-04 02:56:45 121856 --a------ C:\WINDOWS\SYSTEM32\stobject.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 28672 --a------ C:\WINDOWS\SYSTEM32\batmeter.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 17408 --a------ C:\WINDOWS\SYSTEM32\powrprof.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18432 --a------ C:\WINDOWS\SYSTEM32\wtsapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-10-18 21:47:22 133632 -----n--- C:\WINDOWS\SYSTEM32\WPDShServiceObj.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 351232 --a------ C:\WINDOWS\SYSTEM32\winhttp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 90624 --a------ C:\WINDOWS\SYSTEM32\mydocs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-10-18 21:47:18 166912 -----n--- C:\WINDOWS\SYSTEM32\PortableDeviceTypes.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-10-18 21:47:18 284160 -----n--- C:\WINDOWS\SYSTEM32\PortableDeviceApi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:57 23552 --a------ C:\WINDOWS\SYSTEM32\wdmaud.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-18 06:00:00 20480 --a------ C:\WINDOWS\SYSTEM32\MSACM32.DRV <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 18944 --a------ C:\WINDOWS\SYSTEM32\midimap.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 59904 --a------ C:\WINDOWS\SYSTEM32\mpr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 14336 --a------ C:\WINDOWS\SYSTEM32\drprov.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 43520 --a------ C:\WINDOWS\SYSTEM32\ntlanman.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 80896 --a------ C:\WINDOWS\SYSTEM32\netui0.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 245760 --a------ C:\WINDOWS\SYSTEM32\netui1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 12288 --a------ C:\WINDOWS\SYSTEM32\netrap.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 24576 --a------ C:\WINDOWS\SYSTEM32\davclnt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-10-19 08:56:32 713216 --a------ C:\WINDOWS\SYSTEM32\sxs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2002-06-17 02:20:00 163328 --a------ C:\Program Files\WinAce\arcext.dll <Not Verified; e-merge GmbH; WinAce-Archiver>
2002-06-17 02:20:00 231424 --a------ C:\Program Files\WinAce\ace.dll <Not Verified; ACE Compression Software; WinAce>
2001-11-27 07:10:00 20552 --a------ C:\Program Files\WinZip\WZSHLSTB.DLL <Not Verified; WinZip Computing, Inc.; WinZip>
2003-05-15 14:43:24 119808 --a------ C:\Program Files\WinRAR\RarExt.dll
2001-08-16 16:35:10 102400 --a------ C:\Program Files\Norton AntiVirus\NAVShExt.dll <Not Verified; Symantec Corporation; Norton AntiVirus>
2004-08-04 02:56:43 413696 --a------ C:\WINDOWS\SYSTEM32\msvcp60.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 02:55:59 63488 --a------ C:\WINDOWS\SYSTEM32\browselc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 00:31:43 152576 --a------ C:\WINDOWS\SYSTEM32\rsaenh.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 101888 --a------ C:\WINDOWS\SYSTEM32\actxprxy.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-01-28 13:44:28 86016 --a------ C:\WINDOWS\SYSTEM32\wmpshell.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Media Player>
2003-10-06 14:16:00 5058560 --a------ C:\WINDOWS\SYSTEM32\nvcpl.dll <Not Verified; NVIDIA Corporation; NVIDIA Compatible Windows 2000 Display driver, Version 52.16>
2004-08-04 02:56:41 276992 --a------ C:\WINDOWS\SYSTEM32\comdlg32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:57 146432 --a------ C:\WINDOWS\SYSTEM32\winspool.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-31 16:46:14 1122128 --a------ C:\Program Files\Spybot - Search & Destroy\SDHelper.dll <Not Verified; Safer Networking Limited; Spybot - Search & Destroy>
2004-08-04 02:56:42 80384 --a------ C:\WINDOWS\SYSTEM32\faultrep.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 83456 --a------ C:\WINDOWS\SYSTEM32\olepro32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 02:56:42 304128 --a------ C:\WINDOWS\SYSTEM32\duser.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 994304 --a------ C:\WINDOWS\SYSTEM32\msgina.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 249856 --a------ C:\WINDOWS\SYSTEM32\odbc32.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 02:56:22 94208 --a------ C:\WINDOWS\SYSTEM32\odbcint.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 02:56:44 118784 --a------ C:\WINDOWS\SYSTEM32\ntmarta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-10-18 21:47:22 2450944 --a------ C:\WINDOWS\SYSTEM32\wmvcore.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-10-18 21:47:18 222208 --a------ C:\WINDOWS\SYSTEM32\WMASF.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:58 1712128 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 14336 --a------ C:\WINDOWS\SYSTEM32\msdmo.dll
2006-10-18 21:47:14 212992 -----n--- C:\WINDOWS\SYSTEM32\MFPLAT.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2003-10-06 14:16:00 430152 --a------ C:\WINDOWS\SYSTEM32\nvshell.dll <Not Verified; NVIDIA Corporation; NVIDIA Desktop Explorer, Version 52.16>
2004-08-04 02:56:27 549376 --a------ C:\WINDOWS\SYSTEM32\shdoclc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:45 67584 --a------ C:\WINDOWS\SYSTEM32\sti.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:00 16896 --a------ C:\WINDOWS\SYSTEM32\cfgmgr32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-04-16 15:39:02 37808 --------- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx <Not Verified; ; AcroIEHelper Module>
2003-07-14 22:52:58 67128 --a------ C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL <Not Verified; Microsoft Corporation; Microsoft Office 2003>

C:\WINDOWS\SYSTEM32\HPZinw12.exe (pid 1360)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 22528 --a------ C:\WINDOWS\SYSTEM32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 82944 --a------ C:\WINDOWS\SYSTEM32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2004-08-04 02:56:44 118784 --a------ C:\WINDOWS\SYSTEM32\ntmarta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 172032 --a------ C:\WINDOWS\SYSTEM32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 64000 --a------ C:\WINDOWS\SYSTEM32\samlib.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 218624 --a------ C:\WINDOWS\SYSTEM32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:13 177152 --a------ C:\WINDOWS\SYSTEM32\msctfime.ime <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 245248 --a------ C:\WINDOWS\SYSTEM32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 344064 --a------ C:\WINDOWS\SYSTEM32\hnetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\wshtcpip.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\Program Files\Internet Explorer\iexplore.exe (pid 680)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-09-23 12:12:50 474112 --a------ C:\WINDOWS\SYSTEM32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 22:34:01 8460288 --a------ C:\WINDOWS\SYSTEM32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:42 1152000 --a------ C:\WINDOWS\SYSTEM32\urlmon.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-05-17 06:28:05 549376 --a------ C:\WINDOWS\SYSTEM32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2007-08-20 05:04:38 267776 --a------ C:\WINDOWS\SYSTEM32\iertutil.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2006-08-25 10:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:58 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:37 6058496 --a------ C:\WINDOWS\SYSTEM32\ieframe.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2004-08-04 02:56:44 23040 --a------ C:\WINDOWS\SYSTEM32\psapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 218624 --a------ C:\WINDOWS\SYSTEM32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:36 2897920 -----n--- C:\WINDOWS\SYSTEM32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:13 177152 --a------ C:\WINDOWS\SYSTEM32\msctfime.ime <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-10-17 12:33:40 180736 -----n--- C:\WINDOWS\SYSTEM32\ieui.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2004-08-04 02:56:43 4608 --a------ C:\WINDOWS\SYSTEM32\msimg32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:58 1712128 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-07-14 10:51:51 121856 -----n--- C:\WINDOWS\SYSTEM32\xmllite.dll <Not Verified; Microsoft Corporation; Microsoft XML Core Services>
2004-08-04 02:56:41 126976 --a------ C:\WINDOWS\SYSTEM32\apphelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:43 498688 --a------ C:\WINDOWS\SYSTEM32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:41 792064 --a------ C:\WINDOWS\SYSTEM32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:43 159232 --a------ C:\WINDOWS\SYSTEM32\msimtf.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 294400 --a------ C:\WINDOWS\SYSTEM32\msctf.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 326656 --a------ C:\WINDOWS\SYSTEM32\cscui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 101888 --a------ C:\WINDOWS\SYSTEM32\cscdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-03 23:56:46 983552 --a------ C:\WINDOWS\SYSTEM32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2003-07-14 22:52:58 67128 --a------ C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL <Not Verified; Microsoft Corporation; Microsoft Office 2003>
2004-08-04 02:56:44 55808 --a------ C:\WINDOWS\SYSTEM32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-10-17 12:33:40 287744 -----n--- C:\Program Files\Internet Explorer\ieproxy.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2006-09-04 01:12:56 1497088 --a------ C:\WINDOWS\SYSTEM32\shdocvw.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 597504 --a------ C:\WINDOWS\SYSTEM32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 57344 --a------ C:\WINDOWS\SYSTEM32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 512512 --a------ C:\WINDOWS\SYSTEM32\cryptui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 176640 --a------ C:\WINDOWS\SYSTEM32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 144384 --a------ C:\WINDOWS\SYSTEM32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 07:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:43 824832 --a------ C:\WINDOWS\SYSTEM32\wininet.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2006-06-29 07:05:44 23552 -----n--- C:\WINDOWS\SYSTEM32\normaliz.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 172032 --a------ C:\WINDOWS\SYSTEM32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-18 11:12:23 2854400 --a------ C:\WINDOWS\SYSTEM32\msi.dll <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2006-10-19 08:56:32 713216 --a------ C:\WINDOWS\SYSTEM32\sxs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 586240 --a------ C:\WINDOWS\SYSTEM32\mlang.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 82944 --a------ C:\WINDOWS\SYSTEM32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-04-16 15:39:02 37808 --------- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx <Not Verified; ; AcroIEHelper Module>
2007-08-31 16:46:14 1122128 --a------ C:\Program Files\Spybot - Search & Destroy\SDHelper.dll <Not Verified; Safer Networking Limited; Spybot - Search & Destroy>
2004-08-04 02:56:42 80384 --a------ C:\WINDOWS\SYSTEM32\faultrep.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 723456 --a------ C:\WINDOWS\SYSTEM32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 53760 --a------ C:\WINDOWS\SYSTEM32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 18432 --a------ C:\WINDOWS\SYSTEM32\wtsapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 83456 --a------ C:\WINDOWS\SYSTEM32\olepro32.dll <Not Verified; Microsoft Corporation; >
2007-07-12 04:00:35 501136 --a------ C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll <Not Verified; Sun Microsystems, Inc.; Java™ Platform SE 6 U2>
2007-07-12 04:14:24 348160 --a------ C:\Program Files\Java\jre1.6.0_02\bin\msvcr71.dll <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2001-08-16 16:35:10 102400 --a------ C:\Program Files\Norton AntiVirus\NAVShExt.dll <Not Verified; Symantec Corporation; Norton AntiVirus>
2004-08-04 02:56:41 58880 --a------ C:\WINDOWS\SYSTEM32\atl.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 02:56:43 413696 --a------ C:\WINDOWS\SYSTEM32\msvcp60.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 02:56:44 245248 --a------ C:\WINDOWS\SYSTEM32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 344064 --a------ C:\WINDOWS\SYSTEM32\hnetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\wshtcpip.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 236544 --a------ C:\WINDOWS\SYSTEM32\rasapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 61440 --a------ C:\WINDOWS\SYSTEM32\rasman.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 181760 --a------ C:\WINDOWS\SYSTEM32\tapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 44032 --a------ C:\WINDOWS\SYSTEM32\rtutils.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 176128 --a------ C:\WINDOWS\SYSTEM32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-18 06:00:00 14848 --a------ C:\WINDOWS\SYSTEM32\SERWVDRV.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-18 06:00:00 13312 --a------ C:\WINDOWS\SYSTEM32\UMDMXFRM.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 129536 --a------ C:\WINDOWS\SYSTEM32\msv1_0.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 07:59:41 94720 --a------ C:\WINDOWS\SYSTEM32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 101888 --a------ C:\WINDOWS\SYSTEM32\actxprxy.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 6656 --a------ C:\WINDOWS\SYSTEM32\sensapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 12:37:10 8192 --a------ C:\WINDOWS\SYSTEM32\rasadhlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 12:37:10 148480 --a------ C:\WINDOWS\SYSTEM32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 16896 --a------ C:\WINDOWS\SYSTEM32\winrnr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 87040 --a------ C:\WINDOWS\SYSTEM32\mprapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 194048 --a------ C:\WINDOWS\SYSTEM32\activeds.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 143360 --a------ C:\WINDOWS\SYSTEM32\adsldpc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 64000 --a------ C:\WINDOWS\SYSTEM32\samlib.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:41 3584512 --a------ C:\WINDOWS\SYSTEM32\mshtml.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2006-10-17 12:33:40 156160 --a------ C:\WINDOWS\SYSTEM32\msls31.dll <Not Verified; Microsoft Corporation; Microsoft® Line Services>
2007-08-20 05:04:35 383488 --a------ C:\WINDOWS\SYSTEM32\ieapfltr.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2004-08-04 02:56:44 118784 --a------ C:\WINDOWS\SYSTEM32\ntmarta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-13 23:18:54 103560 --a------ C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrAuth.dll <Not Verified; Symantec Corporation; Symantec ScriptBlocking>
2001-08-13 23:19:14 119944 --a------ C:\Program Files\Common Files\Symantec Shared\Script Blocking\ScrBlock.dll <Not Verified; Symantec Corporation; Symantec ScriptBlocking>
2004-08-04 00:31:43 152576 --a------ C:\WINDOWS\SYSTEM32\rsaenh.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 63488 --a------ C:\WINDOWS\SYSTEM32\cryptnet.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 351232 --a------ C:\WINDOWS\SYSTEM32\winhttp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-10-17 12:00:00 491520 --a------ C:\WINDOWS\SYSTEM32\jscript.dll <Not Verified; Microsoft Corporation; Microsoft ® JScript>
2006-10-17 12:33:40 191488 --a------ C:\WINDOWS\SYSTEM32\iepeers.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2004-08-04 02:56:57 146432 --a------ C:\WINDOWS\SYSTEM32\winspool.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-10-17 11:57:58 36352 --a------ C:\WINDOWS\SYSTEM32\imgutil.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-06-26 01:08:16 1104896 --a------ C:\WINDOWS\SYSTEM32\msxml3.dll <Not Verified; Microsoft Corporation; Microsoft® MSXML 3.0 SP9>
2006-10-17 11:58:08 44544 --a------ C:\WINDOWS\SYSTEM32\pngfilt.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:41 477696 --a------ C:\WINDOWS\SYSTEM32\mshtmled.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2001-08-18 06:00:00 163328 --a------ C:\WINDOWS\SYSTEM32\OLEACC.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:39 459264 --a------ C:\WINDOWS\SYSTEM32\msfeeds.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2004-08-04 02:56:57 23552 --a------ C:\WINDOWS\SYSTEM32\wdmaud.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-18 06:00:00 20480 --a------ C:\WINDOWS\SYSTEM32\MSACM32.DRV <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 71680 --a------ C:\WINDOWS\SYSTEM32\msacm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 18944 --a------ C:\WINDOWS\SYSTEM32\midimap.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:34 214528 --a------ C:\WINDOWS\SYSTEM32\dxtrans.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2004-08-04 02:56:42 27136 --a------ C:\WINDOWS\SYSTEM32\ddrawex.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 266240 --a------ C:\WINDOWS\SYSTEM32\ddraw.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 8704 --a------ C:\WINDOWS\SYSTEM32\dciman32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-10-17 11:58:06 346624 --a------ C:\WINDOWS\SYSTEM32\dxtmsft.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2004-08-04 02:56:41 276992 --a------ C:\WINDOWS\SYSTEM32\comdlg32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-09-23 12:12:50 1022976 --a------ C:\WINDOWS\SYSTEM32\browseui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 143872 --a------ C:\WINDOWS\SYSTEM32\ntshrui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-08-31 20:41:53 19968 --a------ C:\WINDOWS\SYSTEM32\linkinfo.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-18 06:00:00 45083 --a------ C:\WINDOWS\SYSTEM32\DISPEX.DLL <Not Verified; Microsoft Corporation; Microsoft ® DispEx>

C:\Documents and Settings\Joe\Desktop\dss.exe (pid 1048)
2004-08-04 02:56:36 708096 --a------ C:\WINDOWS\SYSTEM32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 10:52:53 984576 --a------ C:\WINDOWS\SYSTEM32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 616960 --a------ C:\WINDOWS\SYSTEM32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 08:16:16 582656 --a------ C:\WINDOWS\SYSTEM32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 10:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 343040 --a------ C:\WINDOWS\SYSTEM32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 08:31:19 282112 --a------ C:\WINDOWS\SYSTEM32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 10:36:28 577536 --a------ C:\WINDOWS\SYSTEM32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-09-23 12:12:50 474112 --a------ C:\WINDOWS\SYSTEM32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 276992 --a------ C:\WINDOWS\SYSTEM32\comdlg32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 22:34:01 8460288 --a------ C:\WINDOWS\SYSTEM32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 59904 --a------ C:\WINDOWS\SYSTEM32\mpr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-05-17 06:28:05 549376 --a------ C:\WINDOWS\SYSTEM32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 176128 --a------ C:\WINDOWS\SYSTEM32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 22528 --a------ C:\WINDOWS\SYSTEM32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 82944 --a------ C:\WINDOWS\SYSTEM32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 19968 --a------ C:\WINDOWS\SYSTEM32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 110080 --a------ C:\WINDOWS\SYSTEM32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 22016 --a------ C:\WINDOWS\SYSTEM32\lpk.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 406528 --a------ C:\WINDOWS\SYSTEM32\usp10.dll <Not Verified; Microsoft Corporation; Microsoft® Uniscribe Unicode script processor>
2001-08-18 06:00:00 14848 --a------ C:\WINDOWS\SYSTEM32\SERWVDRV.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2001-08-18 06:00:00 13312 --a------ C:\WINDOWS\SYSTEM32\UMDMXFRM.DLL <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 218624 --a------ C:\WINDOWS\SYSTEM32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-03 23:56:46 983552 --a------ C:\WINDOWS\SYSTEM32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:13 177152 --a------ C:\WINDOWS\SYSTEM32\msctfime.ime <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-25 23:39:43 498688 --a------ C:\WINDOWS\SYSTEM32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:41 792064 --a------ C:\WINDOWS\SYSTEM32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 02:56:44 151552 --a------ C:\WINDOWS\SYSTEM32\scrrun.dll <Not Verified; Microsoft Corporation; Microsoft ® Script Runtime>
2004-08-04 02:56:42 1028096 --a------ C:\WINDOWS\SYSTEM32\mfc42.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2006-10-19 08:56:32 713216 --a------ C:\WINDOWS\SYSTEM32\sxs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 55808 --a------ C:\WINDOWS\SYSTEM32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-14 01:42:28 37888 --a------ C:\Documents and Settings\Joe\Local Settings\Temp\~mqeozps.tmp\dss.dll
2004-08-04 02:56:46 176640 --a------ C:\WINDOWS\SYSTEM32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 597504 --a------ C:\WINDOWS\SYSTEM32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 57344 --a------ C:\WINDOWS\SYSTEM32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 144384 --a------ C:\WINDOWS\SYSTEM32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:41 126976 --a------ C:\WINDOWS\SYSTEM32\apphelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 178176 --a----c- C:\WINDOWS\SYSTEM32\WBEM\wbemdisp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:43 413696 --a------ C:\WINDOWS\SYSTEM32\msvcp60.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 02:56:46 18944 --a------ C:\WINDOWS\SYSTEM32\WBEM\wbemprox.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 214528 --a------ C:\WINDOWS\SYSTEM32\WBEM\wbemcomn.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 95232 --a------ C:\WINDOWS\SYSTEM32\WBEM\wmiutils.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:36 2897920 -----n--- C:\WINDOWS\SYSTEM32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 43520 --a------ C:\WINDOWS\SYSTEM32\WBEM\wbemsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:42 472064 --a------ C:\WINDOWS\SYSTEM32\WBEM\fastprox.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 67072 --a------ C:\WINDOWS\SYSTEM32\ntdsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 12:37:10 148480 --a------ C:\WINDOWS\SYSTEM32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:46 172032 --a------ C:\WINDOWS\SYSTEM32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 07:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 02:56:44 23040 --a------ C:\WINDOWS\SYSTEM32\psapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Scheduled Tasks -------------------------------------------------------------

2007-11-17 15:15:04 408 --a------ C:\WINDOWS\Tasks\Symantec NetDetect.job
2007-11-06 14:01:00 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2007-10-17 and 2007-11-17 -----------------------------

2007-11-16 22:45:49 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-11-16 22:45:45 0 d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-11-16 22:38:54 0 d-------- C:\WINDOWS\TEMP
2007-11-16 18:31:00 0 d-------- C:\qoobox
2007-11-14 03:01:57 0 d--h---c- C:\WINDOWS\$NtUninstallKB929399$
2007-11-13 23:11:18 0 d-------- C:\WINDOWS\LastGood
2007-11-13 23:02:45 0 d-------- C:\Program Files\Symantec
2007-11-13 23:02:19 0 d-------- C:\Program Files\Norton AntiVirus
2007-11-13 22:08:21 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-11-13 22:00:58 0 d-------- C:\Program Files\iTunes
2007-11-13 21:57:52 0 d-------- C:\Program Files\QuickTime
2007-11-13 21:18:34 0 d--h---c- C:\WINDOWS\$NtUninstallKB926239$
2007-11-13 21:17:33 14640 -----n--- C:\WINDOWS\system32\spmsg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-11-13 21:17:32 0 d--h---c- C:\WINDOWS\$NtUninstallMSCompPackV1$
2007-11-13 21:16:41 0 d-------- C:\Program Files\Windows Media Connect 2
2007-11-13 21:14:25 0 d--h---c- C:\WINDOWS\$NtUninstallWMFDist11$
2007-11-13 21:13:46 0 d-------- C:\WINDOWS\system32\LogFiles
2007-11-13 21:13:46 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-11-13 21:13:39 0 d--h---c- C:\WINDOWS\$NtUninstallWudf01000$
2007-11-13 21:03:15 0 d--h---c- C:\WINDOWS\$NtUninstallKB943460$
2007-11-13 20:50:03 0 d-------- C:\WINDOWS\SoftwareDistribution
2007-11-12 20:35:38 0 d-------- C:\Deckard
2007-11-11 22:06:15 804114432 --ahs---- C:\hiberfil.sys
2007-11-11 21:38:25 0 dr------- C:\Documents and Settings\Administrator\My Documents
2007-11-09 19:49:58 51200 --a------ C:\WINDOWS\NirCmd.exe <Not Verified; NirSoft; NirCmd>
2007-11-09 19:49:58 136192 --a------ C:\WINDOWS\catchme.exe
2007-11-09 19:49:57 49152 --a------ C:\WINDOWS\system32\VFind.exe
2007-11-08 20:29:50 0 d-------- C:\WINDOWS\ERDNT
2007-11-07 21:49:50 0 d-------- C:\Program Files\Trend Micro
2007-10-26 22:17:34 3426072 --a------ C:\WINDOWS\system32\d3dx9_32.dll <Not Verified; Microsoft Corporation; Microsoft® DirectX for Windows®>
2007-10-26 22:14:22 0 d--h---c- C:\WINDOWS\$NtUninstallWIC$
2007-10-26 22:14:20 0 d-------- C:\Documents and Settings\LocalService\Application Data\Identities
2007-10-26 22:13:17 0 d-------- C:\Program Files\Windows Desktop Search
2007-10-26 22:12:27 0 d--h---c- C:\WINDOWS\$NtUninstallKB915800$
2007-10-26 22:10:56 0 d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-10-26 22:02:04 0 d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-10-24 13:25:59 0 d-------- C:\Program Files\HijackThis
2007-10-23 20:29:59 0 d-------- C:\Documents and Settings\Joe\Application Data\SUPERAntiSpyware.com
2007-10-23 07:40:12 360 --a------ C:\WINDOWS\system32\tmp.reg
2007-10-23 07:39:13 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-10-23 07:39:13 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2007-10-23 07:39:13 79360 --a------ C:\WINDOWS\system32\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2007-10-23 07:39:13 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-10-23 07:39:12 40960 --a------ C:\WINDOWS\system32\swsc.exe
2007-10-23 07:39:12 279552 --a------ C:\WINDOWS\system32\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2007-10-23 07:39:12 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2007-10-23 07:39:12 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
2007-10-22 21:16:08 668160 --a------ C:\WINDOWS\is-INDA8.exe <Not Verified; ; Inno Setup>
2007-10-22 20:54:38 0 d-------- C:\Program Files\Spybot - Search & Destroy
2007-10-22 20:38:02 0 d-------- C:\Documents and Settings\Joe\Application Data\BitTorrent
2007-10-22 20:15:09 0 d-------- C:\Documents and Settings\Joe\Application Data\iolo
2007-10-21 11:10:08 0 d-------- C:\Documents and Settings\Joe\Application Data\Aim
2007-10-21 11:06:43 0 d-------- C:\Program Files\AIM
2007-10-20 21:27:08 0 d-------- C:\Documents and Settings\Joe\Application Data\Printer Info Cache
2007-10-20 21:27:05 0 d-------- C:\Documents and Settings\Joe\Application Data\Image Zone Express
2007-10-20 19:51:55 0 d-------- C:\Documents and Settings\Joe\Application Data\Uniblue


-- Find3M Report ---------------------------------------------------------------

2007-11-16 23:08:54 0 d-------- C:\Program Files\Java
2007-11-13 23:08:12 2048 --a-s---- C:\WINDOWS\BOOTSTAT.DAT
2007-11-13 23:07:56 402653184 --ahs---- C:\pagefile.sys
2007-11-13 23:06:31 24 --a------ C:\WINDOWS\system32\DVCStateBkp-{00000002-00000000-00000002-00001102-00000002-80221102}.dat
2007-11-13 23:06:31 24 --a------ C:\WINDOWS\system32\DVCState-{00000002-00000000-00000002-00001102-00000002-80221102}.dat
2007-11-13 22:48:53 0 d-------- C:\Program Files\Common Files
2007-11-13 22:01:25 0 d-------- C:\Program Files\iPod
2007-11-13 21:16:56 0 d-------- C:\Program Files\Windows Media Player
2007-11-11 19:51:17 0 d-------- C:\Program Files\Diablo II
2007-11-09 22:24:47 0 d-------- C:\Program Files\Logitech
2007-11-09 22:10:42 0 d---s---- C:\Documents and Settings\Joe\Application Data\Microsoft
2007-11-09 22:10:41 0 d-------- C:\Program Files\Common Files\Logitech
2007-11-09 22:10:34 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-02 02:12:57 18238072 --a------ C:\WINDOWS\system32\MRT.exe <Not Verified; Microsoft Corporation; Microsoft Windows Malicious Software Removal Tool>
2007-10-29 05:04:03 350720 --a------ C:\WINDOWS\system32\xpsp3res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-26 22:39:19 0 d-------- C:\Program Files\Common Files\Microsoft Shared
2007-10-26 22:36:28 404298 --a----c- C:\WINDOWS\system32\PERFH009.DAT
2007-10-26 22:36:28 63392 --a------ C:\WINDOWS\system32\PERFC009.DAT
2007-10-25 22:34:01 8460288 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 22:08:23 0 d-------- C:\Program Files\Internet Explorer
2007-10-21 11:06:56 0 d-------- C:\Program Files\AOD
2007-10-20 22:03:18 0 d-------- C:\Documents and Settings\Joe\Application Data\HP
2007-10-20 21:56:01 0 d-------- C:\Program Files\Common Files\AOL
2007-10-20 21:45:19 117020 --a------ C:\WINDOWS\hpoins11.dat
2007-10-14 09:18:11 246904 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
2007-10-14 09:15:01 707192 --a------ C:\WINDOWS\system32\FNTCACHE.DAT
2007-10-14 09:06:04 0 d-------- C:\Program Files\Microsoft Office
2007-10-07 13:09:18 0 d-------- C:\Program Files\Apple Software Update
2007-10-03 19:24:12 60800 --a----c- C:\WINDOWS\system32\S32EVNT1.DLL <Not Verified; Symantec Corporation; SYMEVENT>
2007-10-03 09:05:48 378216 --a------ C:\WINDOWS\system32\Incinerator.dll
2007-08-21 01:15:44 683520 --a------ C:\WINDOWS\system32\inetcomm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-08-20 05:04:43 824832 --a------ C:\WINDOWS\system32\wininet.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:42 232960 --a------ C:\WINDOWS\system32\webcheck.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:42 1152000 --a------ C:\WINDOWS\system32\urlmon.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:42 105984 --a------ C:\WINDOWS\system32\url.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:42 102400 --a------ C:\WINDOWS\system32\occache.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:42 671232 --a------ C:\WINDOWS\system32\mstime.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:41 193024 --a------ C:\WINDOWS\system32\msrating.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:41 477696 --a------ C:\WINDOWS\system32\mshtmled.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:41 3584512 --a------ C:\WINDOWS\system32\mshtml.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:39 52224 --a------ C:\WINDOWS\system32\msfeedsbs.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:39 459264 --a------ C:\WINDOWS\system32\msfeeds.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:39 27648 --a------ C:\WINDOWS\system32\jsproxy.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:38 267776 --a------ C:\WINDOWS\system32\iertutil.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:38 44544 --a------ C:\WINDOWS\system32\iernonce.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:37 6058496 --a------ C:\WINDOWS\system32\ieframe.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:35 384512 --a------ C:\WINDOWS\system32\iedkcs32.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:35 383488 --a------ C:\WINDOWS\system32\ieapfltr.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:35 230400 --a------ C:\WINDOWS\system32\ieaksie.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:34 153088 --a------ C:\WINDOWS\system32\ieakeng.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:34 63488 --a------ C:\WINDOWS\system32\icardie.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:34 132608 --a------ C:\WINDOWS\system32\extmgr.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:34 214528 --a------ C:\WINDOWS\system32\dxtrans.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-20 05:04:34 124928 --a------ C:\WINDOWS\system32\advpack.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-17 05:20:54 13824 --a------ C:\WINDOWS\system32\ieudinit.exe <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-17 05:20:54 63488 --a------ C:\WINDOWS\system32\ie4uinit.exe <Not Verified; Microsoft Corporation; Windows® Internet Explorer>
2007-08-17 02:34:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll <Not Verified; Microsoft Corporation; Windows® Internet Explorer>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [10/06/2003 02:16 PM]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [10/19/2007 08:16 PM]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [11/02/2007 06:36 PM]
"NAV Agent"="C:\PROGRA~1\NORTON~1\navapw32.exe" [08/16/2001 05:52 PM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIM"="C:\Program Files\AIM\aim.exe" [08/01/2006 03:35 PM]

C:\Documents and Settings\Joe\Start Menu\Programs\Startup\
DESKTOP.INI [11/15/2001 7:31:16 AM]
Shortcut to hpqtra08.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2/19/2006 4:21:22 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
DESKTOP.INI [11/15/2001 7:31:16 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
@=

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
@=

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative Launcher]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tsa2]


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
C:\WINDOWS\Updreg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"BITS"=2 (0x2)

*Newly Created Service* - SBSERVICE



-- End of Deckard's System Scanner: finished at 2007-11-17 17:57:30 ------------

#15 Joe4alb

Joe4alb
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:12:30 PM

Posted 17 November 2007 - 06:07 PM

LAST PART

SORRY FOR THE MULTIPLE REPLIES BUT THE FILES WERE TOO LARGE


Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- Application Event Log -------------------------------------------------------

Event Record #/Type10741 / Error
Event Submitted/Written: 11/16/2007 06:37:13 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application sed.cfexe, version 0.0.0.0, faulting module sed.cfexe, version 0.0.0.0, fault address 0x000106ac.
Processing media-specific event for [sed.cfexe!ws!]

Event Record #/Type10661 / Error
Event Submitted/Written: 11/13/2007 10:22:02 PM
Event ID/Source: 11 / crypt32
Event Description:
Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Event Record #/Type10660 / Error
Event Submitted/Written: 11/13/2007 10:22:02 PM
Event ID/Source: 11 / crypt32
Event Description:
Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Event Record #/Type10553 / Error
Event Submitted/Written: 11/09/2007 10:35:44 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application sed.cfexe, version 0.0.0.0, faulting module sed.cfexe, version 0.0.0.0, fault address 0x000106ac.
Processing media-specific event for [sed.cfexe!ws!]

Event Record #/Type10543 / Error
Event Submitted/Written: 11/09/2007 10:21:26 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application sed.cfexe, version 0.0.0.0, faulting module sed.cfexe, version 0.0.0.0, fault address 0x000106ac.
Processing media-specific event for [sed.cfexe!ws!]



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type48980 / Warning
Event Submitted/Written: 11/14/2007 00:47:36 PM
Event ID/Source: 36 / W32Time
Event Description:
The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.

Event Record #/Type48943 / Error
Event Submitted/Written: 11/13/2007 11:08:28 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
SASDIFSV
SASKUTIL

Event Record #/Type48942 / Error
Event Submitted/Written: 11/13/2007 11:08:26 PM
Event ID/Source: 7023 / Service Control Manager
Event Description:
The HID Input Service service terminated with the following error:
%%2

Event Record #/Type48941 / Error
Event Submitted/Written: 11/13/2007 11:08:26 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
The Creative Service for CDROM Access service failed to start due to the following error:
%%3

Event Record #/Type48940 / Error
Event Submitted/Written: 11/13/2007 11:08:26 PM
Event ID/Source: 7003 / Service Control Manager
Event Description:
The Workstation service depends on the following nonexistent service: ccEvtMgr



-- End of Deckard's System Scanner: finished at 2007-11-17 17:57:30 ------------

Edited by Joe4alb, 17 November 2007 - 06:08 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users