Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suspected Malware/spyware


  • This topic is locked This topic is locked
25 replies to this topic

#1 funkapotam0s

funkapotam0s

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:50 AM

Posted 26 March 2008 - 01:22 PM

Hey guys,
I think I've got some bad malware issues. My browser (firefox) runs extremely slow unless I'm in safe mode. I get error popups on startup and throughout a session at the computer. The .exe errors seem to vary and are mostly located in the windows folder. That's about all I can explore since my computer sometimes restarts itself as well. Thanks in advance!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:17:28 PM, on 3/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AIM\aim.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [braviax] braviax.exe
O4 - HKLM\..\Run: [4420cdeb] rundll32.exe "C:\WINDOWS\system32\xxagprhr.dll",b
O4 - HKLM\..\Run: [BM4713fe77] Rundll32.exe "C:\WINDOWS\system32\polmjfvw.dll",s
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O22 - SharedTaskScheduler: Windows Installer Class - {020487CC-FC04-4B1E-863F-D9801796230B} - C:\DOCUME~1\Tyler\LOCALS~1\Temp\wndutl32.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.4 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 5081 bytes

BC AdBot (Login to Remove)

 


#2 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:03:50 PM

Posted 28 March 2008 - 04:45 PM

Hi funkapotam0s and welcome to Bleeping Computer.

I will be handling your log and helping you to get cleaned up.

Please take note of the following:

1. Please do not make any system changes yet. as any changes you make may well alter your log.
2. The cleaning process is not instant. Please continue to review my answers until I tell you that your computer is clean.
3. If there's anything that you don't understand, please ask your question(s) before proceeding with the fixes.
4. Please reply to this thread. Do not start a new topic.

Please give me some time to look over your log and I will get back to you as soon as possible.

Starbuck

BBPP6nz.png


#3 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:03:50 PM

Posted 28 March 2008 - 06:18 PM

Hi funkapotam0s

You certainly have a few things going on there.
Let's try and sort them out for you.

Step 1
It is not recommended that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please go to add or remove in the control panel and remove either AVG or Avast.

They are both good programs.... so the decision is yours.( but one of them has to go)

Step 2
Please disable Spybot S&D’s TeaTimer protection, because it is known to interfere with our fixes.
You can enable it again after you're clean.
Open Spybot and click on 'Mode' then click 'Advanced Mode'.
Click on 'Tools' in bottom left hand corner.
Click on the 'System Startup' icon.
Uncheck 'Teatimer' box and/or uncheck 'Resident'.
Click the 'Allow Change' box.
Then, check next to the computer clock to see if the icon for Spybot is still there.
If it is, right click it and choose 'exit Spybot-S&D Resident'.

Reboot the computer.

Step 3
Please download VundoFix.exe to your desktop
  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
  • Please post the contents of C:\vundofix.txt and a new HiJackThis log in a reply to this thread.
Note: It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button" when VundoFix appears upon rebooting.

Step 4
Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.

1. Close all applications and windows.
2. Double-click on dss.exe to run it, and follow the prompts.
3. When the scan is complete, it will create two text files - main.txt <- this one will be maximized and extra.txt <-this one will be minimized on your Taskbar.
4. Copy/paste both logs back here please (they will also be located at C:\Deckard\System Scanner).

Make sure you notice the extra.txt second log that will show as minimized on your Task Bar, "Maximize" that and be sure to paste those contents here as well.

In your next reply, please submit:
VundoFix.txt
DSS reports... both of them.

Thanks.

BBPP6nz.png


#4 funkapotam0s

funkapotam0s
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:50 AM

Posted 28 March 2008 - 09:01 PM

Okay here's the hijack and Vundofix

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:59:37 PM, on 3/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HelloWorldBHO - {02A60A63-4C18-4D14-A95F-28F57E533296} - C:\WINDOWS\System32\drivers\Adtool2.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {58AC45F7-1A40-46D7-BB60-5491F35E9446} - C:\WINDOWS\system32\geebb.dll
O2 - BHO: (no name) - {5C65505D-D768-47F0-BA4B-D06A82E2F989} - C:\WINDOWS\system32\mllmj.dll (file missing)
O2 - BHO: (no name) - {7A8CC59D-81A5-44A6-AFD1-AAA7C3D622CA} - C:\WINDOWS\system32\ddayy.dll (file missing)
O2 - BHO: (no name) - {FBD29C3C-C642-4843-A627-6E54A947B511} - C:\WINDOWS\system32\nnnnnoo.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [braviax] braviax.exe
O4 - HKLM\..\Run: [BM4713fe77] Rundll32.exe "C:\WINDOWS\system32\hsqdpbsw.dll",s
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: nnnnnoo - C:\WINDOWS\SYSTEM32\nnnnnoo.dll
O22 - SharedTaskScheduler: Windows Installer Class - {020487CC-FC04-4B1E-863F-D9801796230B} - C:\DOCUME~1\Tyler\LOCALS~1\Temp\wndutl32.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.4 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 5614 bytes



VundoFix V7.0.3

Scan started at 9:31:44 PM 3/28/2008

Listing files found while scanning....

C:\WINDOWS\system32\himbdvtp.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\himbdvtp.dll
C:\WINDOWS\system32\himbdvtp.dll Has been deleted!

Performing Repairs to the registry.
Done!

#5 funkapotam0s

funkapotam0s
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:50 AM

Posted 28 March 2008 - 09:17 PM

and here are both DSS logs :

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® M processor 1.60GHz
Percentage of Memory in Use: 41%
Physical Memory (total/avail): 1015.36 MiB / 593.95 MiB
Pagefile Memory (total/avail): 2442.16 MiB / 2165.29 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1945.71 MiB

C: is Fixed (NTFS) - 37.15 GiB total, 29.58 GiB free.
D: is CDROM (No Media)
E: is Fixed (FAT32) - 298.02 GiB total, 41.4 GiB free.
F: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - TOSHIBA MK4026GAX - 37.26 GiB - 2 partitions
\PARTITION0 - Unknown - 109.79 MiB
\PARTITION1 (bootable) - Installable File System - 37.15 GiB - C:

\\.\PHYSICALDRIVE1 - ST332062 0A USB Device - 298.09 GiB - 1 partition
\PARTITION0 - Unknown - 298.09 GiB - E:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.
UpdatesDisableNotify is set.

AV: avast! antivirus 4.7.1098 [VPS 080328-0] v4.7.1098 (ALWIL Software) Disabled

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Program Files\\AIM\\aim.exe"="C:\\Program Files\\AIM\\aim.exe:*:Enabled:AOL Instant Messenger"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Tyler\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=BSC-334A184CEFB
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Tyler
LOGONSERVER=\\BSC-334A184CEFB
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\SYSTEM32;C:\WINDOWS;C:\WINDOWS\SYSTEM32\WBEM;C:\PROGRAM FILES\QUICKTIME\QTSYSTEM\;C:\PROGRAM FILES\COMMON FILES\ADOBE\AGL
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 13 Stepping 8, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0d08
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0_03\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Tyler\LOCALS~1\Temp
TMP=C:\DOCUME~1\Tyler\LOCALS~1\Temp
USERDOMAIN=BSC-334A184CEFB
USERNAME=Tyler
USERPROFILE=C:\Documents and Settings\Tyler
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI


-- User Profiles ---------------------------------------------------------------

Tyler (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 8.1.1 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81100000003}
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
AOL Instant Messenger --> C:\Program Files\AIM\uninstll.exe -LOG= C:\Program Files\AIM\install.log -OEM=
Apple Mobile Device Support --> MsiExec.exe /I{B5C209B1-8DDB-4642-A573-375B951514CB}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
Audacity 1.2.6 --> "C:\Program Files\Audacity\unins000.exe"
avast! Antivirus --> rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup
Broadcom Advanced Control Suite 2 --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{64A77F14-0E08-4A97-A859-E93CFF428756} /l1033
Broadcom ASF Management Applications --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{25D24E84-64A9-40D2-85CF-540B1C4A6D52} /l1033
Broadcom Gigabit Integrated Controller --> MsiExec.exe /X{7E369B27-13E2-41A5-9879-358EE1C8B5AD}
C-Major Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
Cisco Clean Access Agent --> MsiExec.exe /X{41C18715-AFF0-49E9-B940-287A50532D33}
Citrus Alarm Clock 1.0.5 --> "C:\Program Files\Citrus Alarm Clock\unins000.exe"
Dell Wireless WLAN Card --> "C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Dell\Dell Wireless WLAN Card"
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Full Tilt Poker --> "C:\Program Files\InstallShield Installation Information\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}\setup.exe" -runfromtemp -l0x0009 -removeonly
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Intel® Graphics Media Accelerator Driver for Mobile --> RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2792 PCI\VEN_8086&DEV_2592
Intel® PROSet/Wireless Software --> C:\WINDOWS\Installer\iProInst.exe
iTunes --> MsiExec.exe /I{4F5CE18C-D97D-48FF-A510-A0D90C918294}
Java™ 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
K-Lite Codec Pack 3.5.7 Basic --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
Learn to Speak French Deluxe 9 --> MsiExec.exe /I{B7603DF7-DFD6-4ECD-8AF8-1182EE4BFF9F}
mCore --> MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver --> MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mDrWiFi --> MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
mHlpDell --> MsiExec.exe /I{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
mIWA --> MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView --> MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse --> MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mozilla Firefox (2.0.0.13) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
mPfMgr --> MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz --> MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe --> MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
mSCfg --> MsiExec.exe /I{829CD169-E692-48E8-9BDE-A3E8D8B65538}
mSSO --> MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
mWlsSafe --> MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mWMI --> MsiExec.exe /I{63DB9CCD-2B56-4217-9A3D-507AC78320CA}
mZConfig --> MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
PeerGuardian 2.0 --> "C:\Program Files\PeerGuardian2\unins000.exe"
PokerStars --> "C:\Program Files\PokerStars\PokerStarsUninstall.exe" /u:PokerStars
Power Tab Editor 1.7 --> MsiExec.exe /I{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}
QuickTime --> MsiExec.exe /I{9763E36A-08E9-4228-BBCE-12989A4EB1A8}
Spybot - Search & Destroy --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SpywareBlaster 4.0 --> "C:\Program Files\SpywareBlaster\unins000.exe"
USB PC Camera (SN9C103) --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EADAA6F7-991F-4CE9-B5CE-FCF3D81F7C7D}\Setup.exe" -l0x9
VideoLAN VLC media player 0.8.6c --> C:\Program Files\VideoLAN\VLC\uninstall.exe
Winamp --> "C:\Program Files\Winamp\UninstWA.exe"
Windows Live installer --> MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger --> MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe


-- Application Event Log -------------------------------------------------------

Event Record #/Type1511 / Error
Event Submitted/Written: 03/27/2008 01:04:50 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application firefox.exe, version 1.8.20080.31114, faulting module unknown, version 0.0.0.0, fault address 0x0013f059.
Processing media-specific event for [firefox.exe!ws!]

Event Record #/Type1510 / Error
Event Submitted/Written: 03/27/2008 00:56:54 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application firefox.exe, version 1.8.20080.31114, faulting module firefox.exe, version 1.8.20080.31114, fault address 0x0001d4af.
Processing media-specific event for [firefox.exe!ws!]

Event Record #/Type1509 / Error
Event Submitted/Written: 03/26/2008 06:00:02 PM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application firefox.exe, version 1.8.20080.20121, faulting module firefox.exe, version 1.8.20080.20121, fault address 0x0001d388.
Processing media-specific event for [firefox.exe!ws!]

Event Record #/Type1498 / Error
Event Submitted/Written: 03/25/2008 03:07:52 PM
Event ID/Source: 4609 / EventSystem
Event Description:
The COM+ Event System detected a bad return code during its internal processing. HRESULT was 8007043C from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.

Event Record #/Type1497 / Error
Event Submitted/Written: 03/25/2008 03:07:52 PM
Event ID/Source: 4609 / EventSystem
Event Description:
The COM+ Event System detected a bad return code during its internal processing. HRESULT was 8007043C from line 44 of d:\qxp_slp\com\com1x\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type2397 / Warning
Event Submitted/Written: 03/28/2008 10:07:17 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type2396 / Warning
Event Submitted/Written: 03/28/2008 09:53:34 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type2378 / Error
Event Submitted/Written: 03/28/2008 09:50:04 PM
Event ID/Source: 7026 / Service Control Manager
Event Description:
The following boot-start or system-start driver(s) failed to load:
Beep

Event Record #/Type2369 / Warning
Event Submitted/Written: 03/28/2008 09:36:28 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Event Record #/Type2368 / Warning
Event Submitted/Written: 03/28/2008 09:22:49 PM
Event ID/Source: 4226 / Tcpip
Event Description:
TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.



-- End of Deckard's System Scanner: finished at 2008-03-28 22:10:11 ------------






Deckard's System Scanner v20071014.68
Run by Tyler on 2008-03-28 22:06:33
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
105: 2008-03-29 02:06:52 UTC - RP128 - Deckard's System Scanner Restore Point
104: 2008-03-24 07:02:25 UTC - RP127 - Software Distribution Service 3.0
103: 2008-03-24 05:23:58 UTC - RP126 - System Checkpoint
102: 2008-03-13 22:13:30 UTC - RP125 - Restore Operation
101: 2008-03-12 20:10:35 UTC - RP124 - System Checkpoint


-- First Restore Point --
1: 2008-03-08 20:26:59 UTC - RP24 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Tyler.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:08:51 PM, on 3/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
C:\Documents and Settings\Tyler\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Tyler.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HelloWorldBHO - {02A60A63-4C18-4D14-A95F-28F57E533296} - C:\WINDOWS\System32\drivers\Adtool2.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {58AC45F7-1A40-46D7-BB60-5491F35E9446} - C:\WINDOWS\system32\geebb.dll
O2 - BHO: (no name) - {5C65505D-D768-47F0-BA4B-D06A82E2F989} - C:\WINDOWS\system32\mllmj.dll (file missing)
O2 - BHO: (no name) - {7A8CC59D-81A5-44A6-AFD1-AAA7C3D622CA} - C:\WINDOWS\system32\ddayy.dll (file missing)
O2 - BHO: (no name) - {FBD29C3C-C642-4843-A627-6E54A947B511} - C:\WINDOWS\system32\nnnnnoo.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [braviax] braviax.exe
O4 - HKLM\..\Run: [BM4713fe77] Rundll32.exe "C:\WINDOWS\system32\hsqdpbsw.dll",s
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: nnnnnoo - C:\WINDOWS\SYSTEM32\nnnnnoo.dll
O22 - SharedTaskScheduler: Windows Installer Class - {020487CC-FC04-4B1E-863F-D9801796230B} - C:\DOCUME~1\Tyler\LOCALS~1\Temp\wndutl32.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.4 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 5464 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.6.0.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.6.0.0>
R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 BAsfIpM (Broadcom ASF IP monitoring service v6.0.4) - c:\windows\system32\basfipm.exe <Not Verified; Broadcom Corp.; Broadcom ASF IP monitoring service>
R2 RegSrvc (Intel® PROSet/Wireless Registry Service) - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; Intel® PROSet/Wireless Registry Service>
R2 WLANKEEPER (Intel® PROSet/Wireless SSO Service) - c:\program files\intel\wireless\bin\wlkeeper.exe <Not Verified; Intel® Corporation; SSO Service>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Simple Communications Controller
Device ID: PCI\VEN_104C&DEV_8038&SUBSYS_01821028&REV_00\4&2FA23535&0&0DF0
Manufacturer:
Name: PCI Simple Communications Controller
PNP Device ID: PCI\VEN_104C&DEV_8038&SUBSYS_01821028&REV_00\4&2FA23535&0&0DF0
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Modem
Device ID: PCI\VEN_8086&DEV_266D&SUBSYS_542314F1&REV_03\3&61AAA01&0&F3
Manufacturer:
Name: PCI Modem
PNP Device ID: PCI\VEN_8086&DEV_266D&SUBSYS_542314F1&REV_03\3&61AAA01&0&F3
Service:


-- Files created between 2008-02-28 and 2008-03-28 -----------------------------

2008-03-28 21:31:44 0 d-------- C:\VundoFix Backups
2008-03-28 21:15:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-03-28 17:50:26 90688 --a------ C:\WINDOWS\system32\udhcbykq.dll
2008-03-27 17:50:33 92224 --a------ C:\WINDOWS\system32\nwvdmenp.dll
2008-03-26 17:50:26 90688 --a------ C:\WINDOWS\system32\tuemmrqu.dll
2008-03-25 17:48:21 90688 --a------ C:\WINDOWS\system32\polmjfvw.dll
2008-03-25 17:47:22 273913 --ahs---- C:\WINDOWS\system32\bbeeg.ini2
2008-03-25 17:47:18 272896 --a------ C:\WINDOWS\system32\geebb.dll
2008-03-25 16:17:17 272023 --ahs---- C:\WINDOWS\system32\yyadd.ini2
2008-03-25 15:13:24 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-23 21:33:54 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-23 21:33:43 0 d-------- C:\Program Files\SpywareBlaster
2008-03-23 21:11:20 0 d-------- C:\Program Files\Trend Micro
2008-03-23 20:20:48 747 --a------ C:\WINDOWS\system32\kfpjhcyp.dll
2008-03-23 20:19:36 0 d--hs---- C:\WINDOWS\CSC
2008-03-11 17:41:08 61 ---hs---- C:\WINDOWS\system32\drivers\iost.sys
2008-03-10 20:49:15 0 d-------- C:\Program Files\Alwil Software
2008-03-10 20:09:08 0 d-------- C:\WINDOWS\pss
2008-03-10 20:05:47 6656 --a------ C:\rdkeswt.exe
2008-03-10 20:05:46 147456 --a------ C:\WINDOWS\system32\drivers\Adtool2.dll <Not Verified; Microsoft inc.; Adtool2>
2008-03-10 20:05:39 75082 --a------ C:\roeca.exe
2008-03-10 20:05:38 58368 --a------ C:\xpmdxq.exe
2008-03-08 16:26:47 333907 --ahs---- C:\WINDOWS\system32\jmllm.ini2
2008-03-08 16:22:37 13776 --a------ C:\WINDOWS\system32\udydexuho.pif
2008-03-08 16:22:37 15401 --a------ C:\WINDOWS\system32\ijeguzatyv.scr
2008-03-08 16:22:37 12127 --a------ C:\WINDOWS\system32\eguwa.dll
2008-03-08 16:22:37 19831 --a------ C:\WINDOWS\fehobage.bin
2008-03-08 16:22:37 14359 --a------ C:\Documents and Settings\Tyler\Application Data\ymyzaw.bin
2008-03-08 16:22:37 18907 --a------ C:\Documents and Settings\Tyler\Application Data\odypisanut.scr
2008-03-08 16:22:36 10669 --a------ C:\WINDOWS\system32\inut.pif
2008-03-08 16:22:36 17767 --a------ C:\Documents and Settings\All Users\Application Data\otodolir.bat
2008-03-08 16:22:36 13252 --a------ C:\Documents and Settings\All Users\Application Data\ilerir.dll
2008-03-08 16:21:42 308712 --a------ C:\WINDOWS\system32\winivstr.exe
2008-03-08 16:20:47 143360 --a------ C:\d.exe
2008-03-08 16:20:47 2 --a------ C:\1143000388
2008-03-08 16:20:44 90 --a------ C:\WINDOWS\system32\delself.bat
2008-03-08 16:20:43 51200 --a------ C:\hkldvx.exe
2008-03-08 16:20:42 58368 --a------ C:\caxlkn.exe
2008-03-08 16:20:14 3584 --a------ C:\fsavfpk.exe
2008-03-08 16:20:10 51200 --a------ C:\rsvlqer.exe
2008-03-08 16:20:10 58368 --a------ C:\onhtp.exe
2008-03-08 16:20:09 59392 --a------ C:\ffdcahl.exe
2008-03-08 16:19:53 42496 --a------ C:\WINDOWS\system32\nnnnnoo.dll


-- Find3M Report ---------------------------------------------------------------

2008-03-13 18:08:58 0 d-------- C:\Documents and Settings\Tyler\Application Data\uTorrent
2008-03-10 20:50:59 0 d-------- C:\Program Files\PeerGuardian2
2008-03-08 16:22:36 0 d-------- C:\Program Files\Common Files
2008-03-08 16:22:36 14929 --a------ C:\Program Files\Common Files\feja.dl
2008-03-08 16:22:36 12213 --a------ C:\Program Files\Common Files\byveg.lib
2008-03-03 16:03:54 0 d-------- C:\Documents and Settings\Tyler\Application Data\Move Networks
2008-02-06 02:23:51 0 d-------- C:\Program Files\Full Tilt Poker
2008-02-06 02:17:52 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-04 17:59:36 0 d-------- C:\Program Files\Power Tab Software
2008-01-06 12:52:51 1643 --a------ C:\WINDOWS\mozver.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{02A60A63-4C18-4D14-A95F-28F57E533296}]
03/10/2008 08:05 PM 147456 --a------ C:\WINDOWS\System32\drivers\Adtool2.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{58AC45F7-1A40-46D7-BB60-5491F35E9446}]
03/25/2008 05:47 PM 272896 --a------ C:\WINDOWS\system32\geebb.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5C65505D-D768-47F0-BA4B-D06A82E2F989}]
C:\WINDOWS\system32\mllmj.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7A8CC59D-81A5-44A6-AFD1-AAA7C3D622CA}]
C:\WINDOWS\system32\ddayy.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FBD29C3C-C642-4843-A627-6E54A947B511}]
03/08/2008 04:19 PM 42496 --a------ C:\WINDOWS\system32\nnnnnoo.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [12/04/2007 08:00 AM]
"braviax"="braviax.exe" []
"BM4713fe77"="C:\WINDOWS\system32\hsqdpbsw.dll" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AIM"="C:\Program Files\AIM\aim.exe" [08/01/2006 04:35 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Clean Access Agent.lnk - C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe [6/28/2007 2:47:36 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"=1 (0x1)
"NoActiveDesktopChanges"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{020487CC-FC04-4B1E-863F-D9801796230B}"= C:\DOCUME~1\Tyler\LOCALS~1\Temp\wndutl32.dll [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{FBD29C3C-C642-4843-A627-6E54A947B511}"= C:\WINDOWS\system32\nnnnnoo.dll [03/08/2008 04:19 PM 42496]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnnnoo]
nnnnnoo.dll 03/08/2008 04:19 PM 42496 C:\WINDOWS\system32\nnnnnoo.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\geebb.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Tyler^Start Menu^Programs^Startup^Adobe Gamma.lnk]
path=C:\Documents and Settings\Tyler\Start Menu\Programs\Startup\Adobe Gamma.lnk
backup=C:\WINDOWS\pss\Adobe Gamma.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG7_CC]
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\braviax]
C:\WINDOWS\system32\braviax.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Broadcom Wireless Manager UI]
C:\WINDOWS\system32\WLTRAY.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
C:\WINDOWS\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
C:\WINDOWS\system32\igfxpers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
C:\WINDOWS\system32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
"C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig]
"C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PeerGuardian]
C:\Program Files\PeerGuardian2\pg2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SNPSTD2]
C:\WINDOWS\vsnpstd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\userinit]
C:\WINDOWS\system32\ntos.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe




-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

8032 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-03-28 22:10:11 ------------

#6 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:03:50 PM

Posted 29 March 2008 - 03:30 PM

Hi funkapotam0s

I'm afraid we have a lot of work for you to do!
You have a lot of infections there.

Please print out these instructions as you won't be able to see this page for some parts of the fix.

Step 1
Download HostsXpert.zip
  • Extract (unzip) HostsXpert.zip to a a permanent folder on your hard drive such as C:\HostsXpert
  • Double-click HostsXpert.exe to run the program.
  • Click "Make Hosts Writable?" in the upper left corner (Only If available).
  • Click "Restore Microsoft's Hosts file" and then click "OK".
  • Click the X to exit the program.
  • Note: If you were using a custom Hosts file you will need to replace any of those entries yourself.
Step 2
Run Hijackthis again, click scan, and Put a checkmark next to each of these items.
O2 - BHO: HelloWorldBHO - {02A60A63-4C18-4D14-A95F-28F57E533296} - C:\WINDOWS\System32\drivers\Adtool2.dll
O2 - BHO: (no name) - {58AC45F7-1A40-46D7-BB60-5491F35E9446} - C:\WINDOWS\system32\geebb.dll
O2 - BHO: (no name) - {5C65505D-D768-47F0-BA4B-D06A82E2F989} - C:\WINDOWS\system32\mllmj.dll (file missing)
O2 - BHO: (no name) - {7A8CC59D-81A5-44A6-AFD1-AAA7C3D622CA} - C:\WINDOWS\system32\ddayy.dll (file missing)
O2 - BHO: (no name) - {FBD29C3C-C642-4843-A627-6E54A947B511} - C:\WINDOWS\system32\nnnnnoo.dll
O4 - HKLM\..\Run: [braviax] braviax.exe
O4 - HKLM\..\Run: [BM4713fe77] Rundll32.exe "C:\WINDOWS\system32\hsqdpbsw.dll",s
O20 - Winlogon Notify: nnnnnoo - C:\WINDOWS\SYSTEM32\nnnnnoo.dll
O22 - SharedTaskScheduler: Windows Installer Class - {020487CC-FC04-4B1E-863F-D9801796230B} - C:\DOCUME~1\Tyler\LOCALS~1\Temp\wndutl32.dll (file missing)

Then close all other windows, browers etc--you should only see HijackThis on your Desktop--and click the Fix Checked button.

Step 3
  • Open a new notepad window
  • Paste the list of files from the quote box below into the notepad window.

    C:\WINDOWS\system32\nnnnnoo.dll
    C:\WINDOWS\system32\udhcbykq.dll
    C:\WINDOWS\system32\nwvdmenp.dll
    C:\WINDOWS\system32\tuemmrqu.dll
    C:\WINDOWS\system32\polmjfvw.dll
    C:\WINDOWS\system32\bbeeg.ini2
    C:\WINDOWS\system32\geebb.dll
    C:\WINDOWS\system32\yyadd.ini2
    C:\WINDOWS\system32\kfpjhcyp.dll
    C:\WINDOWS\system32\jmllm.ini2
    C:\WINDOWS\system32\eguwa.dll

  • Save this as vundofix.vft and Save as type "all files".
  • Double-click VundoFix.exe to run it.
  • Drag vundofix.vft onto the listbox (white box) of VundoFix.
(There's a screenshot below to help you with this)

Posted Image
  • Click the "Remove Vundo" button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
  • Please post the contents of C:\vundofix.txt and a new HiJackThis log in a reply to this thread.
Note: It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button" when VundoFix appears upon rebooting

Step 4
We need to backup the registry before we continue.
Registry edits can be potentially dangerous; we can revert to the backup if needed.
Go to Start ... Run ... type: regedit ... click OK.
  • On the leftside, click to highlight My Computer at the top.
  • Go up to File ... Export
    • Make sure in that window there is a tick next to "All" under Export Branch.
      Leave the "Save As Type" as "Registration Files".
      Under "Filename" put RegBackup.
  • Choose to save it to C:\
  • Click save and then go to File.... click Exit.
Now:

Open Notepad and copy and paste the following quotebox into a new text document. (Don't forget to copy and paste the word REGEDIT4!)
REGEDIT4

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"=hex(7):6d,73,76,31,5f,30,00,00

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\braviax]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\userinit]
Save this as fix.reg Choose to save as all files and save it to your Desktop.
From the desktop, double-click on fix.reg and when it asks you if you want to merge the contents to the registry, click Yes/OK.

Step 5
Please download the OTMoveIt2 by OldTimer.
  • Save it to your desktop.
  • Please double-click OTMoveIt2.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

    C:\WINDOWS\system32\udydexuho.pif
    C:\WINDOWS\system32\ijeguzatyv.scr
    C:\WINDOWS\system32\inut.pif
    C:\WINDOWS\system32\delself.bat
    C:\WINDOWS\system32\ntos.exe
    C:\WINDOWS\system32\braviax.exe
    C:\WINDOWS\system32\winivstr.exe
    C:\WINDOWS\fehobage.bin
    C:\Documents and Settings\Tyler\Application Data\ymyzaw.bin
    C:\Documents and Settings\Tyler\Application Data\odypisanut.scr
    C:\Documents and Settings\All Users\Application Data\otodolir.bat
    C:\Documents and Settings\All Users\Application Data\ilerir.dll
    C:\WINDOWS\system32\drivers\iost.sys
    C:\WINDOWS\system32\drivers\Adtool2.dll
    C:\Program Files\Common Files\feja.dl
    C:\Program Files\Common Files\byveg.lib
    C:\rdkeswt.exe
    C:\roeca.exe
    C:\xpmdxq.exe
    C:\d.exe
    C:\hkldvx.exe
    C:\caxlkn.exe
    C:\fsavfpk.exe
    C:\rsvlqer.exe
    C:\onhtp.exe
    C:\ffdcahl.exe
    C:\1143000388
  • Return to OTMoveIt2, right click in the "Paste Standard List of Files/Folders to Move" window (under the light blue bar) and choose Paste.
  • Click the red Moveit! button.
  • Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTMoveIt2
Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Step 5
Please run the F-Secure Online Scanner

Note: This Scanner is for Internet Explorer Only!

Follow the Instruction here for installation.
Accept the License Agreement.
Once the ActiveX installs, Click Full System Scan
Once the download completes, the scan will begin automatically.
The scan will take some time to finish, so please be patient.
When the scan completes, click the Automatic cleaning (recommended) button.

Click the Show Report button and Copy & Paste the entire report in your next reply.

In your next reply, please submit:
New VundoFix.txt
OTMoveIt report
F-Secure report
and a new Hjt log.

Thanks.

BBPP6nz.png


#7 funkapotam0s

funkapotam0s
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:50 AM

Posted 29 March 2008 - 05:39 PM

Here is the vundofix and hijack after performing step 3


VundoFix V7.0.3

Scan started at 9:31:44 PM 3/28/2008

Listing files found while scanning....

C:\WINDOWS\system32\himbdvtp.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\himbdvtp.dll
C:\WINDOWS\system32\himbdvtp.dll Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\bbeeg.ini2
C:\WINDOWS\system32\bbeeg.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\eguwa.dll
C:\WINDOWS\system32\eguwa.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\geebb.dll
C:\WINDOWS\system32\geebb.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\jmllm.ini2
C:\WINDOWS\system32\jmllm.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\kfpjhcyp.dll
C:\WINDOWS\system32\kfpjhcyp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\nnnnnoo.dll
C:\WINDOWS\system32\nnnnnoo.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\nwvdmenp.dll
C:\WINDOWS\system32\nwvdmenp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\polmjfvw.dll
C:\WINDOWS\system32\polmjfvw.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\tuemmrqu.dll
C:\WINDOWS\system32\tuemmrqu.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\udhcbykq.dll
C:\WINDOWS\system32\udhcbykq.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\yyadd.ini2
C:\WINDOWS\system32\yyadd.ini2 Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

Beginning removal...

VundoFix V7.0.3

Scan started at 6:26:24 PM 3/29/2008

Listing files found while scanning....

No infected files were found.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:37:29 PM, on 3/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HelloWorldBHO - {02A60A63-4C18-4D14-A95F-28F57E533296} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {58AC45F7-1A40-46D7-BB60-5491F35E9446} - C:\WINDOWS\system32\geebb.dll (file missing)
O2 - BHO: (no name) - {5C65505D-D768-47F0-BA4B-D06A82E2F989} - (no file)
O2 - BHO: (no name) - {7A8CC59D-81A5-44A6-AFD1-AAA7C3D622CA} - (no file)
O2 - BHO: (no name) - {FBD29C3C-C642-4843-A627-6E54A947B511} - C:\WINDOWS\SYSTEM32\nnnnnoo.dll (file missing)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.4 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 5233 bytes

#8 funkapotam0s

funkapotam0s
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:50 AM

Posted 29 March 2008 - 05:45 PM

Here is the OTMoveIt log

C:\WINDOWS\system32\udydexuho.pif moved successfully.
C:\WINDOWS\system32\ijeguzatyv.scr moved successfully.
C:\WINDOWS\system32\inut.pif moved successfully.
C:\WINDOWS\system32\delself.bat moved successfully.
File/Folder C:\WINDOWS\system32\ntos.exe not found.
File/Folder C:\WINDOWS\system32\braviax.exe not found.
C:\WINDOWS\system32\winivstr.exe moved successfully.
C:\WINDOWS\fehobage.bin moved successfully.
C:\Documents and Settings\Tyler\Application Data\ymyzaw.bin moved successfully.
C:\Documents and Settings\Tyler\Application Data\odypisanut.scr moved successfully.
C:\Documents and Settings\All Users\Application Data\otodolir.bat moved successfully.
LoadLibrary failed for C:\Documents and Settings\All Users\Application Data\ilerir.dll
C:\Documents and Settings\All Users\Application Data\ilerir.dll NOT unregistered.
C:\Documents and Settings\All Users\Application Data\ilerir.dll moved successfully.
C:\WINDOWS\system32\drivers\iost.sys moved successfully.
File/Folder C:\WINDOWS\system32\drivers\Adtool2.dll not found.
C:\Program Files\Common Files\feja.dl moved successfully.
C:\Program Files\Common Files\byveg.lib moved successfully.
C:\rdkeswt.exe moved successfully.
C:\roeca.exe moved successfully.
C:\xpmdxq.exe moved successfully.
C:\d.exe moved successfully.
C:\hkldvx.exe moved successfully.
C:\caxlkn.exe moved successfully.
File/Folder C:\fsavfpk.exe not found.
C:\rsvlqer.exe moved successfully.
C:\onhtp.exe moved successfully.
C:\ffdcahl.exe moved successfully.
C:\1143000388 moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.21 log created on 03292008_184335



Do I need to run FScanner if I use firefox?

Edited by funkapotam0s, 29 March 2008 - 05:48 PM.


#9 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:03:50 PM

Posted 29 March 2008 - 06:34 PM

Hi funkapotam0s

Do I need to run FScanner if I use firefox?

Yes please, you will still have IE on your system whether you use it or not.
If the link opens in 'Firefox'.... just copy the link, then open up IE ... and paste the link into the address bar.

Note: This Scanner is for Internet Explorer Only!

This means that this online scan is not compatible with Firefox.... that's all. that's why we have to use IE.

Thanks.

BBPP6nz.png


#10 funkapotam0s

funkapotam0s
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:50 AM

Posted 30 March 2008 - 05:39 PM

Here's the FSecure and new Hijack log

Scanning Report
Sunday, March 30, 2008 17:04:05 - 18:03:45

Computer name: BSC-334A184CEFB
Scanning type: Scan system for malware, rootkits
Target: C:\ E:\
Result: 17 malware found
Tracking Cookie (spyware)

* System

Trojan-Clicker.Win32.Costrat.ep (virus)

* C:\_OTMOVEIT\MOVEDFILES\03292008_184335\XPMDXQ.EXE (Renamed & Submitted)
* C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\CZA3CR2H\REIJANE[1].HTM (Renamed & Submitted)

Trojan-Downloader.Win32.Agent.kwe (virus)

* C:\_OTMOVEIT\MOVEDFILES\03292008_184335\CAXLKN.EXE (Renamed & Submitted)
* C:\_OTMOVEIT\MOVEDFILES\03292008_184335\ONHTP.EXE (Renamed & Submitted)
* C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\0DKB0TG5\RBFGG[1].HTM (Renamed & Submitted)

Trojan-Downloader.Win32.BHO.de (virus)

* C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\BACKUPS\BACKUP-20080329-174448-688.DLL (Renamed & Submitted)

Trojan-Downloader.Win32.Small.suq (virus)

* C:\_OTMOVEIT\MOVEDFILES\03292008_184335\RDKESWT.EXE (Renamed & Submitted)

Trojan-Dropper.Win32.FriJoiner.ms (virus)

* C:\_OTMOVEIT\MOVEDFILES\03292008_184335\HKLDVX.EXE (Renamed & Submitted)
* C:\_OTMOVEIT\MOVEDFILES\03292008_184335\RSVLQER.EXE (Renamed & Submitted)
* C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\CZA3CR2H\SCGTYL[1].HTM (Renamed & Submitted)

Trojan.Win32.Agent.giy (virus)

* C:\_OTMOVEIT\MOVEDFILES\03292008_184335\FFDCAHL.EXE (Renamed & Submitted)

Trojan.Win32.Pakes.chm (virus)

* C:\_OTMOVEIT\MOVEDFILES\03292008_184335\D.EXE (Renamed & Submitted)

Vundo.gen82 (virus)

* C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\BACKUPS\BACKUP-20080329-174448-346.DLL (Submitted)

W32/Vundo.gen142 (virus)

* C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\BACKUPS\BACKUP-20080329-174448-356.DLL (Submitted)
* C:\DECKARD\SYSTEM SCANNER\BACKUP\DOCUME~1\TYLER\LOCALS~1\TEMP\WXIJIQSO.DLL (Submitted)

not-virus:Hoax.Win32.Renos.bcd (virus)

* C:\DECKARD\SYSTEM SCANNER\BACKUP\WINDOWS\TEMP\WNDUTL32.DLL (Submitted)

Statistics
Scanned:

* Files: 28148
* System: 3016
* Not scanned: 7

Actions:

* Disinfected: 0
* Renamed: 12
* Deleted: 0
* None: 5
* Submitted: 16

Files not scanned:

* C:\PAGEFILE.SYS
* C:\WINDOWS\SYSTEM32\DRIVERS\SPTD.SYS
* C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
* C:\WINDOWS\SYSTEM32\CONFIG\SAM
* C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
* C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
* C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM

Options
Scanning engines:

* F-Secure USS: 2.30.0
* F-Secure Hydra: 2.8.8110, 2008-03-30
* F-Secure AVP: 7.0.171, 2008-03-30
* F-Secure Pegasus: 1.20.0, 2008-02-26
* F-Secure Blacklight: 1.0.64

Scanning options:

* Scan defined files: COM EXE SYS OV? BIN SCR DLL SHS HTM HTML HTT VBS JS INF VXD DO? XL? RTF CPL WIZ HTA PP? PWZ P?T MSO PIF . ACM ASP AX CNV CSC DRV INI MDB MPD MPP MPT OBD OBT OCX PCI TLB TSP WBK WBT WPC WSH VWP WML BOO HLP TD0 TT6 MSG ASD JSE VBE WSC CHM EML PRC SHB LNK WSF {* PDF ZL? XML ZIP XXX ANI AVB BAT CMD JPG LSP MAP MHT MIF PHP POT SWF WMF NWS TAR
* Use Advanced heuristics

Copyright © 1998-2007 Product support |Send virus sample to F-Secure
F-Secure assumes no responsibility for material created or published by third parties that F-Secure World Wide Web pages have a link to. Unless you have clearly stated otherwise, by submitting material to any of our servers, for example by E-mail or via our F-Secure's CGI E-mail, you agree that the material you make available may be published in the F-Secure World Wide Pages or hard-copy publications. You will reach F-Secure public web site by clicking on underlined links. While doing this, your access will be logged to our private access statistics with your domain name.This information will not be given to any third party. You agree not to take action against us in relation to material that you submit. Unless you have clearly stated otherwise, by submitting material you warrant that F-Secure may incorporate any concepts described in it in the F-Secure products/publications without liability.



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:37:54 PM, on 3/30/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\notepad.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\Tyler\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fsgk32.exe
C:\DOCUME~1\Tyler\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HelloWorldBHO - {02A60A63-4C18-4D14-A95F-28F57E533296} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {58AC45F7-1A40-46D7-BB60-5491F35E9446} - C:\WINDOWS\system32\geebb.dll (file missing)
O2 - BHO: (no name) - {5C65505D-D768-47F0-BA4B-D06A82E2F989} - (no file)
O2 - BHO: (no name) - {7A8CC59D-81A5-44A6-AFD1-AAA7C3D622CA} - (no file)
O2 - BHO: (no name) - {FBD29C3C-C642-4843-A627-6E54A947B511} - C:\WINDOWS\SYSTEM32\nnnnnoo.dll (file missing)
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.4 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 5723 bytes

#11 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:03:50 PM

Posted 01 April 2008 - 01:44 AM

Hi funkapotam0s

Well... that's made a dent in your malware!
Let's clean a few log entries, then we'll see what's left.

Step 1
Run Hijackthis again, click scan, and Put a checkmark next to each of these items.
O2 - BHO: HelloWorldBHO - {02A60A63-4C18-4D14-A95F-28F57E533296} - (no file)
O2 - BHO: (no name) - {58AC45F7-1A40-46D7-BB60-5491F35E9446} - C:\WINDOWS\system32\geebb.dll (file missing)
O2 - BHO: (no name) - {5C65505D-D768-47F0-BA4B-D06A82E2F989} - (no file)
O2 - BHO: (no name) - {7A8CC59D-81A5-44A6-AFD1-AAA7C3D622CA} - (no file)
O2 - BHO: (no name) - {FBD29C3C-C642-4843-A627-6E54A947B511} - C:\WINDOWS\SYSTEM32\nnnnnoo.dll (file missing)

Then close all other windows, browers etc--you should only see HijackThis on your Desktop--and click the Fix Checked button.

Reboot your computer to complete the process.

Step 2
I need to see another DSS scan. We need to run it slightly different this time. (some of the scans don't show on a 2nd run)
This is what i want you do:
Please run Deckard's System Scanner again, this time using these instructions:

Click the Windows 'Start' button > Select 'Run' - then copy/paste the following into the Run box & click OK.

"%userprofile%\desktop\dss.exe" /config

Put checks by these options and uncheck the others:


Temp Cleanup
HijackThis
:blink: Ignored
:thumbsup: Fixed
File Associations
Drivers
Services
Process Modules
Scheduled Tasks
Files Created/Modified
System Information
Security Center
User Profiles
Add/Remove Programs
Device Manager


Click Scan!

When finished, it shall produce a log for you. Post that log in your next reply.

Thanks.

BBPP6nz.png


#12 funkapotam0s

funkapotam0s
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:50 AM

Posted 01 April 2008 - 06:44 PM

Here is the DSS log after Step 1 and 2
the whole thing is too long for one post so it's in two parts

Deckard's System Scanner v20071014.68
Run by Tyler on 2008-04-01 17:59:56
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Performed disk cleanup.

-- HijackThis (run as Tyler.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:00:10 PM, on 4/1/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\basfipm.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Tyler\desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Tyler.exe

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - Global Startup: Clean Access Agent.lnk = C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.4 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel® PROSet/Wireless SSO Service (WLANKEEPER) - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 4912 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20080329-174448-136 O2 - BHO: (no name) - {5C65505D-D768-47F0-BA4B-D06A82E2F989} - C:\WINDOWS\system32\mllmj.dll (file missing)
backup-20080329-174448-168 O4 - HKLM\..\Run: [braviax] braviax.exe
backup-20080329-174448-346 O2 - BHO: (no name) - {FBD29C3C-C642-4843-A627-6E54A947B511} - C:\WINDOWS\system32\nnnnnoo.dll
backup-20080329-174448-356 O2 - BHO: (no name) - {58AC45F7-1A40-46D7-BB60-5491F35E9446} - C:\WINDOWS\system32\geebb.dll
backup-20080329-174448-435 O4 - HKLM\..\Run: [BM4713fe77] Rundll32.exe "C:\WINDOWS\system32\hsqdpbsw.dll",s
backup-20080329-174448-531 O2 - BHO: (no name) - {7A8CC59D-81A5-44A6-AFD1-AAA7C3D622CA} - C:\WINDOWS\system32\ddayy.dll (file missing)
backup-20080329-174448-634 O20 - Winlogon Notify: nnnnnoo - C:\WINDOWS\SYSTEM32\nnnnnoo.dll
backup-20080329-174448-688 O2 - BHO: HelloWorldBHO - {02A60A63-4C18-4D14-A95F-28F57E533296} - C:\WINDOWS\System32\drivers\Adtool2.dll
backup-20080329-174449-881 O22 - SharedTaskScheduler: Windows Installer Class - {020487CC-FC04-4B1E-863F-D9801796230B} - C:\DOCUME~1\Tyler\LOCALS~1\Temp\wndutl32.dll (file missing)
backup-20080401-175443-106 O2 - BHO: (no name) - {7A8CC59D-81A5-44A6-AFD1-AAA7C3D622CA} - (no file)
backup-20080401-175443-292 O2 - BHO: (no name) - {5C65505D-D768-47F0-BA4B-D06A82E2F989} - (no file)
backup-20080401-175443-324 O2 - BHO: HelloWorldBHO - {02A60A63-4C18-4D14-A95F-28F57E533296} - (no file)
backup-20080401-175443-834 O2 - BHO: (no name) - {58AC45F7-1A40-46D7-BB60-5491F35E9446} - C:\WINDOWS\system32\geebb.dll (file missing)
backup-20080401-175443-929 O2 - BHO: (no name) - {FBD29C3C-C642-4843-A627-6E54A947B511} - C:\WINDOWS\SYSTEM32\nnnnnoo.dll (file missing)

-- File Associations -----------------------------------------------------------

.bat - batfile - DefaultIcon - %SystemRoot%\System32\shell32.dll,-153
.bat - batfile - shell\open\command - "%1" %*
.bat - batfile - shell\edit\command - %SystemRoot%\System32\NOTEPAD.EXE %1
.cmd - cmdfile - DefaultIcon - %SystemRoot%\System32\shell32.dll,-153
.cmd - cmdfile - shell\open\command - "%1" %*
.cmd - cmdfile - shell\edit\command - %SystemRoot%\System32\NOTEPAD.EXE %1
.chm - chm.file - DefaultIcon - C:\WINDOWS\hh.exe,0
.chm - chm.file - shell\open\command - "C:\WINDOWS\hh.exe" %1
.com - comfile - DefaultIcon - %SystemRoot%\System32\shell32.dll,2
.com - comfile - shell\open\command - "%1" %*
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*
.exe - exefile - DefaultIcon - %1
.exe - exefile - shell\open\command - "%1" %*
.hlp - hlpfile - DefaultIcon - %SystemRoot%\System32\shell32.dll,23
.hlp - hlpfile - shell\open\command - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - DefaultIcon - %SystemRoot%\System32\shell32.dll,-151
.inf - inffile - shell\open\command - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - DefaultIcon - %SystemRoot%\System32\shell32.dll,-151
.ini - inifile - shell\open\command - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - DefaultIcon - %SystemRoot%\System32\WScript.exe,3
.js - JSFile - shell\open\command - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - CLSID - {00021401-0000-0000-C000-000000000046}
.pif - piffile - shell\open\command - "%1" %*
.reg - regfile - DefaultIcon - %SystemRoot%\regedit.exe,1
.reg - regfile - shell\open\command - regedit.exe "%1"
.reg - regfile - shell\edit\command - %SystemRoot%\system32\NOTEPAD.EXE %1
.scr - scrfile - shell\open\command - "%1" /S
.txt - txtfile - DefaultIcon - %SystemRoot%\system32\shell32.dll,-152
.txt - txtfile - shell\open\command - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - DefaultIcon - %SystemRoot%\System32\WScript.exe,2
.vbs - VBSFile - shell\open\command - %SystemRoot%\System32\WScript.exe "%1" %*
.vbs - VBSFile - shell\edit\command - %SystemRoot%\System32\Notepad.exe %1

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 ACPI (Microsoft ACPI Driver) - c:\windows\system32\drivers\acpi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 atapi (Standard IDE/ESDI Hard Disk Controller) - c:\windows\system32\drivers\atapi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Compbatt (Microsoft Composite Battery Driver) - c:\windows\system32\drivers\compbatt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Disk (Disk Driver) - c:\windows\system32\drivers\disk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 FltMgr - c:\windows\system32\drivers\fltmgr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Ftdisk (Volume Manager Driver) - c:\windows\system32\drivers\ftdisk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 IntelIde - c:\windows\system32\drivers\intelide.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 isapnp (PnP ISA/EISA Bus Driver) - c:\windows\system32\drivers\isapnp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 KSecDD - c:\windows\system32\drivers\ksecdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 MountMgr - c:\windows\system32\drivers\mountmgr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Mup - c:\windows\system32\drivers\mup.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 NDIS (NDIS System Driver) - c:\windows\system32\drivers\ndis.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PartMgr - c:\windows\system32\drivers\partmgr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PCI (PCI Bus Driver) - c:\windows\system32\drivers\pci.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PCIIde - c:\windows\system32\drivers\pciide.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 Pcmcia - c:\windows\system32\drivers\pcmcia.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 PxHelp20 - c:\windows\system32\drivers\pxhelp20.sys <Not Verified; Sonic Solutions; PxHelp20>
R0 sptd - c:\windows\system32\drivers\sptd.sys
R0 sr (System Restore Filter Driver) - c:\windows\system32\drivers\sr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R0 VolSnap - c:\windows\system32\drivers\volsnap.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Aavmker4 (avast! Asynchronous Virus Monitor) - c:\windows\system32\drivers\aavmker4.sys <Not Verified; ALWIL Software; avast! Antivirus System>
R1 AFD - c:\windows\system32\drivers\afd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 aswTdi (avast! Network Shield Support) - c:\windows\system32\drivers\aswtdi.sys <Not Verified; ALWIL Software; avast! Antivirus System>
R1 Cdrom (CD-ROM Driver) - c:\windows\system32\drivers\cdrom.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Fips - c:\windows\system32\drivers\fips.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 i8042prt (i8042 Keyboard and PS/2 Mouse Port Driver) - c:\windows\system32\drivers\i8042prt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Imapi (CD-Burning Filter Driver) - c:\windows\system32\drivers\imapi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 intelppm (Intel Processor Driver) - c:\windows\system32\drivers\intelppm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 IPSec (IPSEC driver) - c:\windows\system32\drivers\ipsec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Kbdclass (Keyboard Class Driver) - c:\windows\system32\drivers\kbdclass.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 mnmdd - c:\windows\system32\drivers\mnmdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Mouclass (Mouse Class Driver) - c:\windows\system32\drivers\mouclass.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 MRxSmb - c:\windows\system32\drivers\mrxsmb.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Msfs - c:\windows\system32\drivers\msfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 NetBIOS (NetBIOS Interface) - c:\windows\system32\drivers\netbios.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 NetBT (NetBios over Tcpip) - c:\windows\system32\drivers\netbt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Npfs - c:\windows\system32\drivers\npfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Null - c:\windows\system32\drivers\null.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 RasAcd (Remote Access Auto Connection Driver) - c:\windows\system32\drivers\rasacd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Rdbss - c:\windows\system32\drivers\rdbss.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 RDPCDD - c:\windows\system32\drivers\rdpcdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 redbook (Digital CD Audio Playback Filter Driver) - c:\windows\system32\drivers\redbook.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Serial (Serial port driver) - c:\windows\system32\drivers\serial.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 Tcpip (TCP/IP Protocol Driver) - c:\windows\system32\drivers\tcpip.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 TermDD (Terminal Device Driver) - c:\windows\system32\drivers\termdd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R1 VgaSave - c:\windows\system32\drivers\vga.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 AegisP (AEGIS Protocol (IEEE 802.1x) v3.6.0.0) - c:\windows\system32\drivers\aegisp.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.6.0.0>
R2 aswMon2 (avast! Standard Shield Support) - c:\windows\system32\drivers\aswmon2.sys <Not Verified; ALWIL Software; avast! Antivirus System>
R2 BASFND - c:\windows\system32\drivers\basfnd.sys <Not Verified; Broadcom Corporation; Broadcom NetDetect Driver>
R2 ParVdm - c:\windows\system32\drivers\parvdm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 s24trans (WLAN Transport) - c:\windows\system32\drivers\s24trans.sys <Not Verified; Intel Corporation; Intel Wireless LAN Packet Driver>
R3 aswRdr - c:\windows\system32\drivers\aswrdr.sys <Not Verified; ALWIL Software; avast! Antivirus System>
R3 audstub (Audio Stub Driver) - c:\windows\system32\drivers\audstub.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 b57w2k (Broadcom NetXtreme Gigabit Ethernet) - c:\windows\system32\drivers\b57xp32.sys <Not Verified; Broadcom Corporation; Broadcom NetXtreme Gigabit Ethernet Driver>
R3 CmBatt (Microsoft ACPI Control Method Battery Driver) - c:\windows\system32\drivers\cmbatt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 GEARAspiWDM - c:\windows\system32\drivers\gearaspiwdm.sys <Not Verified; GEAR Software Inc.; GEAR.wrks>
R3 Gpc (Generic Packet Classifier) - c:\windows\system32\drivers\msgpc.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 hidusb (Microsoft HID Class Driver) - c:\windows\system32\drivers\hidusb.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 HTTP - c:\windows\system32\drivers\http.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 ialm - c:\windows\system32\drivers\ialmnt5.sys <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows NT®>
R3 IpNat (IP Network Address Translator) - c:\windows\system32\drivers\ipnat.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 mouhid (Mouse HID Driver) - c:\windows\system32\drivers\mouhid.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 MRxDAV (WebDav Client Redirector) - c:\windows\system32\drivers\mrxdav.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 mssmbios (Microsoft System Management BIOS Driver) - c:\windows\system32\drivers\mssmbios.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NdisTapi (Remote Access NDIS TAPI Driver) - c:\windows\system32\drivers\ndistapi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Ndisuio (NDIS Usermode I/O Protocol) - c:\windows\system32\drivers\ndisuio.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NdisWan (Remote Access NDIS WAN Driver) - c:\windows\system32\drivers\ndiswan.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 NDProxy (NDIS Proxy) - c:\windows\system32\drivers\ndproxy.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Parport (Parallel port driver) - c:\windows\system32\drivers\parport.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 PptpMiniport (WAN Miniport (PPTP)) - c:\windows\system32\drivers\raspptp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 PSched (QoS Packet Scheduler) - c:\windows\system32\drivers\psched.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Ptilink (Direct Parallel Link Driver) - c:\windows\system32\drivers\ptilink.sys <Not Verified; Parallel Technologies, Inc.; Microsoft® Windows® Operating System>
R3 Rasl2tp (WAN Miniport (L2TP)) - c:\windows\system32\drivers\rasl2tp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 RasPppoe (Remote Access PPPOE Driver) - c:\windows\system32\drivers\raspppoe.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Raspti (Direct Parallel) - c:\windows\system32\drivers\raspti.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 rdpdr (Terminal Server Device Redirector Driver) - c:\windows\system32\drivers\rdpdr.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 serenum (Serenum Filter Driver) - c:\windows\system32\drivers\serenum.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Srv - c:\windows\system32\drivers\srv.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 STAC97 (SigmaTel C-Major Audio) - c:\windows\system32\drivers\stac97.sys <Not Verified; SigmaTel, Inc.; AC'97 Audio Controller with SigmaTel CODEC device driver.>
R3 swenum (Software Bus Driver) - c:\windows\system32\drivers\swenum.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 sysaudio (Microsoft Kernel System Audio Device) - c:\windows\system32\drivers\sysaudio.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Update (Microcode Update Driver) - c:\windows\system32\drivers\update.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbccgp (Microsoft USB Generic Parent Driver) - c:\windows\system32\drivers\usbccgp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - c:\windows\system32\drivers\usbehci.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbhub (USB2 Enabled Hub) - c:\windows\system32\drivers\usbhub.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 USBSTOR (USB Mass Storage Driver) - c:\windows\system32\drivers\usbstor.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 usbuhci (Microsoft USB Universal Host Controller Miniport Driver) - c:\windows\system32\drivers\usbuhci.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 w29n51 (Intel® PRO/Wireless 2915ABG Network Connection Driver for Windows XP) - c:\windows\system32\drivers\w29n51.sys <Not Verified; Intel® Corporation; Intel® Wireless LAN Adapter>
R3 Wanarp (Remote Access IP ARP Driver) - c:\windows\system32\drivers\wanarp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 wdmaud (Microsoft WINMM WDM Audio Compatibility Driver) - c:\windows\system32\drivers\wdmaud.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R4 Cdfs - c:\windows\system32\drivers\cdfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R4 Fastfat - c:\windows\system32\drivers\fastfat.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R4 Ntfs - c:\windows\system32\drivers\ntfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

S1 Cdaudio - c:\windows\system32\drivers\cdaudio.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 Fdc - c:\windows\system32\drivers\fdc.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 Flpydisk - c:\windows\system32\drivers\flpydisk.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S1 Sfloppy - c:\windows\system32\drivers\sfloppy.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 aec (Microsoft Kernel Acoustic Echo Canceller) - c:\windows\system32\drivers\aec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 AsyncMac (RAS Asynchronous Media Driver) - c:\windows\system32\drivers\asyncmac.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Atmarpc (ATM ARP Client Protocol) - c:\windows\system32\drivers\atmarpc.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 CCDECODE (Closed Caption Decoder) - c:\windows\system32\drivers\ccdecode.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 DMusic (Microsoft Kernel DLS Syntheiszer) - c:\windows\system32\drivers\dmusic.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 drmkaud (Microsoft Kernel DRM Audio Descrambler) - c:\windows\system32\drivers\drmkaud.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Ip6Fw (IPv6 Windows Firewall Driver) - c:\windows\system32\drivers\ip6fw.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IpFilterDriver (IP Traffic Filter Driver) - c:\windows\system32\drivers\ipfltdrv.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IpInIp (IP in IP Tunnel Driver) - c:\windows\system32\drivers\ipinip.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 IRENUM (IR Enumerator Service) - c:\windows\system32\drivers\irenum.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 kmixer (Microsoft Kernel Wave Audio Mixer) - c:\windows\system32\drivers\kmixer.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Modem - c:\windows\system32\drivers\modem.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 MSKSSRV (Microsoft Streaming Service Proxy) - c:\windows\system32\drivers\mskssrv.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 MSPCLOCK (Microsoft Streaming Clock Proxy) - c:\windows\system32\drivers\mspclock.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 MSPQM (Microsoft Streaming Quality Manager Proxy) - c:\windows\system32\drivers\mspqm.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 MSTEE (Microsoft Streaming Tee/Sink-to-Sink Converter) - c:\windows\system32\drivers\mstee.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NABTSFEC (NABTS/FEC VBI Codec) - c:\windows\system32\drivers\nabtsfec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NdisIP (Microsoft TV/Video Connection) - c:\windows\system32\drivers\ndisip.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NwlnkFlt (IPX Traffic Filter Driver) - c:\windows\system32\drivers\nwlnkflt.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NwlnkFwd (IPX Traffic Forwarder Driver) - c:\windows\system32\drivers\nwlnkfwd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RDPWD - c:\windows\system32\drivers\rdpwd.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Secdrv - c:\windows\system32\drivers\secdrv.sys <Not Verified; Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.; Macrovision SECURITY Driver>
S3 SLIP (BDA Slip De-Framer) - c:\windows\system32\drivers\slip.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 snpstd2 (USB PC Camera (SN9C103)) - c:\windows\system32\drivers\snpstd2.sys <Not Verified; ; PC Camera driver>
S3 splitter (Microsoft Kernel Audio Splitter) - c:\windows\system32\drivers\splitter.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 streamip (BDA IPSink) - c:\windows\system32\drivers\streamip.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 swmidi (Microsoft Kernel GS Wavetable Synthesizer) - c:\windows\system32\drivers\swmidi.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 TDPIPE - c:\windows\system32\drivers\tdpipe.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 TDTCP - c:\windows\system32\drivers\tdtcp.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 usbaudio (USB Audio Driver (WDM)) - c:\windows\system32\drivers\usbaudio.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 WSTCODEC (World Standard Teletext Codec) - c:\windows\system32\drivers\wstcodec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ACPIEC - c:\windows\system32\drivers\acpiec.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 cbidf2k - c:\windows\system32\drivers\cbidf2k.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 dmboot - c:\windows\system32\drivers\dmboot.sys <Not Verified; Microsoft Corp., Veritas Software; VERITAS® NT Disk Manager>
S4 dmio - c:\windows\system32\drivers\dmio.sys <Not Verified; Microsoft Corp., Veritas Software; VERITAS® NT Disk Manager>
S4 dmload - c:\windows\system32\drivers\dmload.sys <Not Verified; Microsoft Corp., Veritas Software.; Logical Disk Manager for Windows NT>
S4 Udfs - c:\windows\system32\drivers\udfs.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 WS2IFSL (Windows Socket 2.0 Non-IFS Service Provider Support Environment) - c:\windows\system32\drivers\ws2ifsl.sys <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 aawservice (Ad-Aware 2007 Service) - "c:\program files\lavasoft\ad-aware 2007\aawservice.exe" <Not Verified; Lavasoft; Ad-Aware 2007 Service>
R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 aswUpdSv (avast! iAVS4 Control Service) - "c:\program files\alwil software\avast4\aswupdsv.exe" <Not Verified; ALWIL Software; avast! Antivirus>
R2 AudioSrv (Windows Audio) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 avast! Antivirus - "c:\program files\alwil software\avast4\ashserv.exe" <Not Verified; ALWIL Software; avast! Antivirus>
R2 BAsfIpM (Broadcom ASF IP monitoring service v6.0.4) - c:\windows\system32\basfipm.exe <Not Verified; Broadcom Corp.; Broadcom ASF IP monitoring service>
R2 BITS (Background Intelligent Transfer Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Browser (Computer Browser) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 CryptSvc (Cryptographic Services) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 DcomLaunch (DCOM Server Process Launcher) - c:\windows\system32\svchost -k dcomlaunch <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Dhcp (DHCP Client) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Dnscache (DNS Client) - c:\windows\system32\svchost.exe -k networkservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 ERSvc (Error Reporting Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Eventlog (Event Log) - c:\windows\system32\services.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 EvtEng (Intel® PROSet/Wireless Event Log) - c:\program files\intel\wireless\bin\evteng.exe <Not Verified; Intel Corporation; Intel® PROSet/Wireless Event Log>
R2 helpsvc (Help and Support) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 lanmanserver (Server) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 lanmanworkstation (Workstation) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 LmHosts (TCP/IP NetBIOS Helper) - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 PlugPlay (Plug and Play) - c:\windows\system32\services.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 PolicyAgent (IPSEC Services) - c:\windows\system32\lsass.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 ProtectedStorage (Protected Storage) - c:\windows\system32\lsass.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 RegSrvc (Intel® PROSet/Wireless Registry Service) - c:\program files\intel\wireless\bin\regsrvc.exe <Not Verified; Intel Corporation; Intel® PROSet/Wireless Registry Service>
R2 RemoteRegistry (Remote Registry) - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 RpcSs (Remote Procedure Call (RPC)) - c:\windows\system32\svchost -k rpcss <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 S24EventMonitor (Intel® PROSet/Wireless Service) - c:\program files\intel\wireless\bin\s24evmon.exe <Not Verified; Intel Corporation; Intel® PROSet/Wireless Service>
R2 SamSs (Security Accounts Manager) - c:\windows\system32\lsass.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Schedule (Task Scheduler) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 seclogon (Secondary Logon) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 SENS (System Event Notification) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 SharedAccess (Windows Firewall/Internet Connection Sharing (ICS)) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 ShellHWDetection (Shell Hardware Detection) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Spooler (Print Spooler) - c:\windows\system32\spoolsv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 srservice (System Restore Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 stisvc (Windows Image Acquisition (WIA)) - c:\windows\system32\svchost.exe -k imgsvc <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 Themes - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 TrkWks (Distributed Link Tracking Client) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 W32Time (Windows Time) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 WebClient - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 winmgmt (Windows Management Instrumentation) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 WLANKEEPER (Intel® PROSet/Wireless SSO Service) - c:\program files\intel\wireless\bin\wlkeeper.exe <Not Verified; Intel® Corporation; SSO Service>
R2 wltrysvc (Dell Wireless WLAN Tray Service) - c:\windows\system32\wltrysvc.exe c:\windows\system32\bcmwltry.exe
R2 wscsvc (Security Center) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 wuauserv (Automatic Updates) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R2 WZCSVC (Wireless Zero Configuration) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 ALG (Application Layer Gateway Service) - c:\windows\system32\alg.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 avast! Mail Scanner - "c:\program files\alwil software\avast4\ashmaisv.exe" /service <Not Verified; ALWIL Software; avast! Antivirus>
R3 avast! Web Scanner - "c:\program files\alwil software\avast4\ashwebsv.exe" /service <Not Verified; ALWIL Software; avast! Antivirus>
R3 EventSystem (COM+ Event System) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 FastUserSwitchingCompatibility (Fast User Switching Compatibility) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Netman (Network Connections) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 Nla (Network Location Awareness (NLA)) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 SSDPSRV (SSDP Discovery Service) - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
R3 TermService (Terminal Services) - c:\windows\system32\svchost -k dcomlaunch <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

S3 Adobe LM Service - "c:\program files\common files\adobe systems shared\service\adobelmsvc.exe" <Not Verified; Adobe Systems; Adobe LM Service>
S3 AppMgmt (Application Management) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 CiSvc (Indexing Service) - c:\windows\system32\cisvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 COMSysApp (COM+ System Application) - c:\windows\system32\dllhost.exe /processid:{02d4b3f1-fd88-11d1-960d-00805fc79235} <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 dmadmin (Logical Disk Manager Administrative Service) - c:\windows\system32\dmadmin.exe /com <Not Verified; Microsoft Corp., Veritas Software; Logical Disk Manager for Windows NT>
S3 dmserver (Logical Disk Manager) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 HTTPFilter (HTTP SSL) - c:\windows\system32\svchost.exe -k httpfilter <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 ImapiService (IMAPI CD-Burning COM Service) - c:\windows\system32\imapi.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 iPod Service - "c:\program files\ipod\bin\ipodservice.exe" <Not Verified; Apple Inc.; iTunes>
S3 mnmsrvc (NetMeeting Remote Desktop Sharing) - c:\windows\system32\mnmsrvc.exe <Not Verified; Microsoft Corporation; Windows® NetMeeting®>
S3 MSDTC (Distributed Transaction Coordinator) - c:\windows\system32\msdtc.exe <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
S3 MSIServer (Windows Installer) - c:\windows\system32\msiexec.exe /v <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
S3 Netlogon (Net Logon) - c:\windows\system32\lsass.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NtLmSsp (NT LM Security Support Provider) - c:\windows\system32\lsass.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 NtmsSvc (Removable Storage) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 ose (Office Source Engine) - "c:\program files\common files\microsoft shared\source engine\ose.exe" <Not Verified; Microsoft Corporation; Office Source Engine>
S3 RasAuto (Remote Access Auto Connection Manager) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RasMan (Remote Access Connection Manager) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RDSessMgr (Remote Desktop Help Session Manager) - c:\windows\system32\sessmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RpcLocator (Remote Procedure Call (RPC) Locator) - c:\windows\system32\locator.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 RSVP (QoS RSVP) - c:\windows\system32\rsvp.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 SCardSvr (Smart Card) - c:\windows\system32\scardsvr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 SwPrv (MS Software Shadow Copy Provider) - c:\windows\system32\dllhost.exe /processid:{d065bc08-4a1c-4aae-863a-3a8d7d823b63} <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 SysmonLog (Performance Logs and Alerts) - c:\windows\system32\smlogsvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 TapiSrv (Telephony) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 upnphost (Universal Plug and Play Device Host) - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 UPS (Uninterruptible Power Supply) - c:\windows\system32\ups.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 usnjsvc (Messenger Sharing Folders USN Journal Reader service) - "c:\program files\windows live\messenger\usnsvc.exe" <Not Verified; Microsoft Corporation; Messenger>
S3 VSS (Volume Shadow Copy) - c:\windows\system32\vssvc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 WLSetupSvc (Windows Live Setup Service) - "c:\program files\windows live\installer\wlsetupsvc.exe" <Not Verified; Microsoft Corporation; Windows Live installer>
S3 WmdmPmSN (Portable Media Serial Number Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 Wmi (Windows Management Instrumentation Driver Extensions) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 WmiApSrv (WMI Performance Adapter) - c:\windows\system32\wbem\wmiapsrv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S3 xmlprov (Network Provisioning Service) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 Alerter - c:\windows\system32\svchost.exe -k localservice <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 ClipSrv (ClipBook) - c:\windows\system32\clipsrv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 HidServ (Human Interface Device Access) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 Messenger - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 NetDDE (Network DDE) - c:\windows\system32\netdde.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 NetDDEdsdm (Network DDE DSDM) - c:\windows\system32\netdde.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 RemoteAccess (Routing and Remote Access) - c:\windows\system32\svchost.exe -k netsvcs <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
S4 TlntSvr (Telnet) - c:\windows\system32\tlntsvr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Simple Communications Controller
Device ID: PCI\VEN_104C&DEV_8038&SUBSYS_01821028&REV_00\4&2FA23535&0&0DF0
Manufacturer:
Name: PCI Simple Communications Controller
PNP Device ID: PCI\VEN_104C&DEV_8038&SUBSYS_01821028&REV_00\4&2FA23535&0&0DF0
Service:

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: PCI Modem
Device ID: PCI\VEN_8086&DEV_266D&SUBSYS_542314F1&REV_03\3&61AAA01&0&F3
Manufacturer:
Name: PCI Modem
PNP Device ID: PCI\VEN_8086&DEV_266D&SUBSYS_542314F1&REV_03\3&61AAA01&0&F3
Service:


-- Process Modules -------------------------------------------------------------

C:\WINDOWS\system32\smss.exe (pid 800)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\WINDOWS\system32\winlogon.exe (pid 912)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-03-02 14:09:29 56832 --a------ C:\WINDOWS\system32\authz.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 597504 --a------ C:\WINDOWS\system32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 57344 --a------ C:\WINDOWS\system32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 17920 --a------ C:\WINDOWS\system32\nddeapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 27648 --a------ C:\WINDOWS\system32\profmap.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 08:28:27 332288 --a------ C:\WINDOWS\system32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 723456 --a------ C:\WINDOWS\system32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 23040 --a------ C:\WINDOWS\system32\psapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 49664 --a------ C:\WINDOWS\system32\regapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 983552 --a------ C:\WINDOWS\system32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 53760 --a------ C:\WINDOWS\system32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176640 --a------ C:\WINDOWS\system32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 144384 --a------ C:\WINDOWS\system32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 994304 --a------ C:\WINDOWS\system32\msgina.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:58 617472 --a------ C:\WINDOWS\system32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 249856 --a------ C:\WINDOWS\system32\odbc32.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 276992 --a------ C:\WINDOWS\system32\comdlg32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 94208 --a------ C:\WINDOWS\system32\odbcint.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2006-12-19 17:52:18 134656 --a------ C:\WINDOWS\system32\shsvcs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 5120 --a------ C:\WINDOWS\system32\sfc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 140288 --a------ C:\WINDOWS\system32\sfc_os.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 126976 --a------ C:\WINDOWS\system32\apphelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 99328 --a------ C:\WINDOWS\system32\winscard.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18432 --a------ C:\WINDOWS\system32\wtsapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-10-19 09:56:32 713216 --a------ C:\WINDOWS\system32\sxs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176128 --a------ C:\WINDOWS\system32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 101888 --a------ C:\WINDOWS\system32\cscdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 92672 --a------ C:\WINDOWS\system32\wlnotify.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 146432 --a------ C:\WINDOWS\system32\winspool.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 59904 --a------ C:\WINDOWS\system32\mpr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 152576 --a------ C:\WINDOWS\system32\rsaenh.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-10 15:00:46 236928 --a------ C:\WINDOWS\system32\WgaLogon.dll <Not Verified; Microsoft Corporation; Windows Genuine Advantage>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 08:00:00 118784 --a------ C:\WINDOWS\system32\ntmarta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 172032 --a------ C:\WINDOWS\system32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 64000 --a------ C:\WINDOWS\system32\samlib.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:43 498688 --a------ C:\WINDOWS\system32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 792064 --a------ C:\WINDOWS\system32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2007-03-16 19:10:48 770048 --a------ C:\WINDOWS\system32\BCMLogon.dll <Not Verified; Dell Inc.; Wireless Network Logon Provider>
2006-05-19 08:59:41 94720 --a------ C:\WINDOWS\system32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-16 19:10:54 1060864 --a------ C:\WINDOWS\system32\MFC71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2007-03-16 19:10:54 348160 --a------ C:\WINDOWS\system32\MSVCR71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2007-03-16 19:10:54 499712 --a------ C:\WINDOWS\system32\MSVCP71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2004-08-04 08:00:00 326656 --a------ C:\WINDOWS\system32\cscui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 2897920 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 129536 --a------ C:\WINDOWS\system32\msv1_0.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 01:56:58 23552 --a------ C:\WINDOWS\system32\wdmaud.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 20480 --a------ C:\WINDOWS\system32\msacm32.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 71680 --a------ C:\WINDOWS\system32\msacm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\midimap.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\WINDOWS\system32\services.exe (pid 956)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 723456 --a------ C:\WINDOWS\system32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 313856 --a------ C:\WINDOWS\system32\scesrv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-03-02 14:09:29 56832 --a------ C:\WINDOWS\system32\authz.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-08-22 23:35:42 123392 --a------ C:\WINDOWS\system32\umpnpmgr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 53760 --a------ C:\WINDOWS\system32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 08:28:27 332288 --a------ C:\WINDOWS\system32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 36352 --a------ C:\WINDOWS\system32\ncobjapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 413696 --a------ C:\WINDOWS\system32\msvcp60.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 08:00:00 65536 --a------ C:\WINDOWS\system32\shimeng.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 1852416 --a------ C:\WINDOWS\AppPatch\AcGenral.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176128 --a------ C:\WINDOWS\system32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 08:00:00 71680 --a------ C:\WINDOWS\system32\msacm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:58 617472 --a------ C:\WINDOWS\system32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 126976 --a------ C:\WINDOWS\system32\apphelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\eventlog.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 23040 --a------ C:\WINDOWS\system32\psapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18432 --a------ C:\WINDOWS\system32\wtsapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:14 615424 --a------ C:\WINDOWS\system32\urlmon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 144384 --a------ C:\WINDOWS\system32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 33280 --a------ C:\WINDOWS\system32\cryptdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 13:37:10 148480 --a------ C:\WINDOWS\system32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 1712128 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\GdiPlus.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 245248 --a------ C:\WINDOWS\system32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 344064 --a------ C:\WINDOWS\system32\hnetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\wshtcpip.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 16896 --a------ C:\WINDOWS\system32\winrnr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 172032 --a------ C:\WINDOWS\system32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 13:37:10 8192 --a------ C:\WINDOWS\system32\rasadhlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 08:59:41 94720 --a------ C:\WINDOWS\system32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\WINDOWS\system32\lsass.exe (pid 968)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-11-07 05:26:56 721920 --a------ C:\WINDOWS\system32\lsasrv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 59904 --a------ C:\WINDOWS\system32\mpr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 57344 --a------ C:\WINDOWS\system32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 08:28:27 332288 --a------ C:\WINDOWS\system32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 67072 --a------ C:\WINDOWS\system32\ntdsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 13:37:10 148480 --a------ C:\WINDOWS\system32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 172032 --a------ C:\WINDOWS\system32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 64000 --a------ C:\WINDOWS\system32\samlib.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 415744 --a------ C:\WINDOWS\system32\samsrv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 33280 --a------ C:\WINDOWS\system32\cryptdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 65536 --a------ C:\WINDOWS\system32\shimeng.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 1852416 --a------ C:\WINDOWS\AppPatch\AcGenral.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176128 --a------ C:\WINDOWS\system32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 08:00:00 71680 --a------ C:\WINDOWS\system32\msacm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 723456 --a------ C:\WINDOWS\system32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:58 617472 --a------ C:\WINDOWS\system32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 48128 --a------ C:\WINDOWS\system32\msprivs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-06-15 13:49:30 295936 --a------ C:\WINDOWS\system32\kerberos.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 129536 --a------ C:\WINDOWS\system32\msv1_0.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 08:59:41 94720 --a------ C:\WINDOWS\system32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 407040 --a------ C:\WINDOWS\system32\netlogon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 174592 --a------ C:\WINDOWS\system32\w32time.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 413696 --a------ C:\WINDOWS\system32\msvcp60.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2007-04-25 10:21:15 144896 --a------ C:\WINDOWS\system32\schannel.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 597504 --a------ C:\WINDOWS\system32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 49152 --a------ C:\WINDOWS\system32\wdigest.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 152576 --a------ C:\WINDOWS\system32\rsaenh.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 983552 --a------ C:\WINDOWS\system32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 180224 --a------ C:\WINDOWS\system32\scecli.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 182784 --a------ C:\WINDOWS\system32\ipsecsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-03-02 14:09:29 56832 --a------ C:\WINDOWS\system32\authz.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 266752 --a------ C:\WINDOWS\system32\oakley.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 32768 --a------ C:\WINDOWS\system32\winipsec.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 245248 --a------ C:\WINDOWS\system32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 344064 --a------ C:\WINDOWS\system32\hnetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\wshtcpip.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 34304 --a------ C:\WINDOWS\system32\pstorsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 96768 --a------ C:\WINDOWS\system32\psbase.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 137216 --a------ C:\WINDOWS\system32\dssenh.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\WINDOWS\system32\svchost.exe (pid 1124)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 65536 --a------ C:\WINDOWS\system32\shimeng.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 1852416 --a------ C:\WINDOWS\AppPatch\AcGenral.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176128 --a------ C:\WINDOWS\system32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 08:00:00 71680 --a------ C:\WINDOWS\system32\msacm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 723456 --a------ C:\WINDOWS\system32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:58 617472 --a------ C:\WINDOWS\system32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 118784 --a------ C:\WINDOWS\system32\ntmarta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 172032 --a------ C:\WINDOWS\system32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 64000 --a------ C:\WINDOWS\system32\samlib.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:49 397824 --a------ C:\WINDOWS\system32\rpcss.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 2897920 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:43 498688 --a------ C:\WINDOWS\system32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 792064 --a------ C:\WINDOWS\system32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 295424 --a------ C:\WINDOWS\system32\termsrv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 11264 --a------ C:\WINDOWS\system32\icaapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 983552 --a------ C:\WINDOWS\system32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176640 --a------ C:\WINDOWS\system32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 597504 --a------ C:\WINDOWS\system32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 57344 --a------ C:\WINDOWS\system32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 144384 --a------ C:\WINDOWS\system32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-03-02 14:09:29 56832 --a------ C:\WINDOWS\system32\authz.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 115712 --a------ C:\WINDOWS\system32\mstlsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 194048 --a------ C:\WINDOWS\system32\activeds.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 143360 --a------ C:\WINDOWS\system32\adsldpc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 08:28:27 332288 --a------ C:\WINDOWS\system32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 58880 --a------ C:\WINDOWS\system32\atl.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 08:00:00 49664 --a------ C:\WINDOWS\system32\regapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 152576 --a------ C:\WINDOWS\system32\rsaenh.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 126976 --a------ C:\WINDOWS\system32\apphelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\WINDOWS\system32\svchost.exe (pid 1340)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 65536 --a------ C:\WINDOWS\system32\shimeng.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 1852416 --a------ C:\WINDOWS\AppPatch\AcGenral.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176128 --a------ C:\WINDOWS\system32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 08:00:00 71680 --a------ C:\WINDOWS\system32\msacm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 723456 --a------ C:\WINDOWS\system32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:58 617472 --a------ C:\WINDOWS\system32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 118784 --a------ C:\WINDOWS\system32\ntmarta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 172032 --a------ C:\WINDOWS\system32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 64000 --a------ C:\WINDOWS\system32\samlib.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 2897920 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-12-19 17:52:18 134656 --a------ C:\WINDOWS\system32\shsvcs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 53760 --a------ C:\WINDOWS\system32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 08:28:27 332288 --a------ C:\WINDOWS\system32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 152576 --a------ C:\WINDOWS\system32\rsaenh.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 08:59:41 111616 --a------ C:\WINDOWS\system32\dhcpcsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 13:37:10 148480 --a------ C:\WINDOWS\system32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 08:59:41 94720 --a------ C:\WINDOWS\system32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 245248 --a------ C:\WINDOWS\system32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 344064 --a------ C:\WINDOWS\system32\hnetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\wshtcpip.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 359936 --a------ C:\WINDOWS\system32\wzcsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 44032 --a------ C:\WINDOWS\system32\rtutils.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 5632 --a------ C:\WINDOWS\system32\wmi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 597504 --a------ C:\WINDOWS\system32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 57344 --a------ C:\WINDOWS\system32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18432 --a------ C:\WINDOWS\system32\wtsapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-10-20 18:20:03 1082368 --a------ C:\WINDOWS\system32\esent.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 58880 --a------ C:\WINDOWS\system32\atl.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 08:00:00 112128 --a------ C:\WINDOWS\system32\rastls.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 512512 --a------ C:\WINDOWS\system32\cryptui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176640 --a------ C:\WINDOWS\system32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 144384 --a------ C:\WINDOWS\system32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:14 659456 --a------ C:\WINDOWS\system32\wininet.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 87040 --a------ C:\WINDOWS\system32\mprapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 194048 --a------ C:\WINDOWS\system32\activeds.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 143360 --a------ C:\WINDOWS\system32\adsldpc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 983552 --a------ C:\WINDOWS\system32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 236544 --a------ C:\WINDOWS\system32\rasapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 61440 --a------ C:\WINDOWS\system32\rasman.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 181760 --a------ C:\WINDOWS\system32\tapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-25 10:21:15 144896 --a------ C:\WINDOWS\system32\schannel.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 99328 --a------ C:\WINDOWS\system32\winscard.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 69632 --a------ C:\WINDOWS\system32\raschap.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 129536 --a------ C:\WINDOWS\system32\msv1_0.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:43 498688 --a------ C:\WINDOWS\system32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 792064 --a------ C:\WINDOWS\system32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 190976 --a------ C:\WINDOWS\system32\schedsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 67072 --a------ C:\WINDOWS\system32\ntdsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 6656 --a------ C:\WINDOWS\system32\msidle.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 42496 --a------ C:\WINDOWS\system32\audiosrv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 08:28:27 132096 --a------ C:\WINDOWS\system32\wkssvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 382464 --a------ C:\WINDOWS\system32\qmgr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 59904 --a------ C:\WINDOWS\system32\mpr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 25088 --a------ C:\WINDOWS\system32\shfolder.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 351232 --a------ C:\WINDOWS\system32\winhttp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 60416 --a------ C:\WINDOWS\system32\cryptsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 194560 --a------ C:\WINDOWS\system32\certcli.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 23040 --a------ C:\WINDOWS\system32\ersvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:45 243200 --a------ C:\WINDOWS\system32\es.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 38912 --a------ C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-12-07 15:32:34 96768 --a------ C:\WINDOWS\system32\srvsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-08-22 14:29:46 197632 --a------ C:\WINDOWS\system32\netman.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 1708032 --a------ C:\WINDOWS\system32\netshell.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 163840 --a------ C:\WINDOWS\system32\credui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 51712 --a------ C:\WINDOWS\system32\wzcsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\seclogon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 38912 --a------ C:\WINDOWS\system32\sens.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 170496 --a------ C:\WINDOWS\system32\srsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 17408 --a------ C:\WINDOWS\system32\powrprof.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 90624 --a------ C:\WINDOWS\system32\trkwks.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 174592 --a------ C:\WINDOWS\system32\w32time.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 413696 --a------ C:\WINDOWS\system32\msvcp60.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 08:00:00 144896 --a------ C:\WINDOWS\system32\wbem\wmisvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 430592 --a------ C:\WINDOWS\system32\vssapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 6656 --a------ C:\WINDOWS\system32\wuauserv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-30 20:19:42 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 146432 --a------ C:\WINDOWS\system32\winspool.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 59904 --a------ C:\WINDOWS\system32\cabinet.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 30208 --a------ C:\WINDOWS\system32\mspatcha.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-10-19 09:56:32 713216 --a------ C:\WINDOWS\system32\sxs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 81408 --a------ C:\WINDOWS\system32\wscsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-18 12:12:23 2854400 --a------ C:\WINDOWS\system32\msi.dll <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2004-08-04 08:00:00 77312 --a------ C:\WINDOWS\system32\browser.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 214528 --a------ C:\WINDOWS\system32\wbem\wbemcomn.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 530944 --a------ C:\WINDOWS\system32\wbem\wbemcore.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 247808 --a------ C:\WINDOWS\system32\wbem\esscli.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 472064 --a------ C:\WINDOWS\system32\wbem\fastprox.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 43520 --a------ C:\WINDOWS\system32\wbem\wbemsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 331264 --a------ C:\WINDOWS\system32\ipnathlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-03-02 14:09:29 56832 --a------ C:\WINDOWS\system32\authz.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 95232 --a------ C:\WINDOWS\system32\wbem\wmiutils.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 177152 --a------ C:\WINDOWS\system32\wbem\repdrvfs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 437248 --a------ C:\WINDOWS\system32\wbem\wmiprvsd.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 36352 --a------ C:\WINDOWS\system32\ncobjapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 273920 --a------ C:\WINDOWS\system32\wbem\wbemess.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:44 1267200 --a------ C:\WINDOWS\system32\comsvcs.dll <Not Verified; Microsoft Corporation; COM Services>
2005-07-26 00:39:43 60416 --a------ C:\WINDOWS\system32\colbact.dll <Not Verified; Microsoft Corporation; COM Services>
2006-03-01 15:42:42 66560 --a------ C:\WINDOWS\system32\mtxclu.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 22528 --a------ C:\WINDOWS\system32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 57856 --a------ C:\WINDOWS\system32\clusapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 58880 --a------ C:\WINDOWS\system32\resutils.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 5120 --a------ C:\WINDOWS\system32\sfc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 140288 --a------ C:\WINDOWS\system32\sfc_os.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 47104 --a------ C:\WINDOWS\system32\wbem\ncprov.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 13:37:10 8192 --a------ C:\WINDOWS\system32\rasadhlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 132608 --a------ C:\WINDOWS\system32\upnp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 34816 --a------ C:\WINDOWS\system32\ssdpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 657920 --a------ C:\WINDOWS\system32\rasdlg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 126976 --a------ C:\WINDOWS\system32\apphelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-30 20:19:12 43352 --a------ C:\WINDOWS\system32\wups2.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (pid 1392)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-02-21 12:11:56 901120 --a------ C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll <Not Verified; Intel Corporation; ProfileMgrApi Dynamic Link Library>
2006-03-08 10:21:36 1089536 --a------ C:\Program Files\Intel\Wireless\Bin\Libeay32.dll <Not Verified; The OpenSSL Project, http://www.openssl.org/; The OpenSSL Toolkit>
2004-08-04 08:00:00 22528 --a------ C:\WINDOWS\system32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-02-21 12:10:50 413696 --a------ C:\Program Files\Intel\Wireless\Bin\TraceAPI.dll <Not Verified; Intel Corporation; TraceAPI Module>
2007-02-21 12:10:36 516096 --a------ C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll <Not Verified; Intel Corporation; PsRegApi>
2004-08-04 08:00:00 983552 --a------ C:\WINDOWS\system32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 276992 --a------ C:\WINDOWS\system32\comdlg32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:58 617472 --a------ C:\WINDOWS\system32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 146432 --a------ C:\WINDOWS\system32\winspool.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 08:00:00 163328 --a------ C:\WINDOWS\system32\oleacc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 413696 --a------ C:\WINDOWS\system32\msvcp60.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-02-21 12:10:54 348160 --a------ C:\Program Files\Intel\Wireless\Bin\DbEngine.dll <Not Verified; Intel Corporation; Secure Database Egnine>
2007-02-21 12:11:00 348160 --a------ C:\Program Files\Intel\Wireless\Bin\IntStngs.dll <Not Verified; Intel Corporation; IntelSettings Dynamic Link Library>
2007-02-21 12:17:22 606208 --a------ C:\Program Files\Intel\Wireless\Bin\MurocApi.dll <Not Verified; Intel Corporation; MurocApi Dynamic Link Library>
2007-02-21 12:17:02 94208 --a------ C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll <Not Verified; Intel Corporation; Intel Mobile Unit Support Service>
2004-08-04 08:00:00 3584 --a------ C:\WINDOWS\system32\icmp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 08:59:41 94720 --a------ C:\WINDOWS\system32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 2897920 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:43 498688 --a------ C:\WINDOWS\system32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 792064 --a------ C:\WINDOWS\system32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2006-12-26 09:07:23 536576 --a------ C:\Program Files\Common Files\System\ado\msado15.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 151552 --a------ C:\WINDOWS\system32\msdart.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 487424 --a------ C:\Program Files\Common Files\System\Ole DB\oledb32.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 65536 --a------ C:\Program Files\Common Files\System\Ole DB\oledb32r.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 315392 --a------ C:\Program Files\Common Files\System\Ole DB\msdasql.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 94208 --a------ C:\Program Files\Common Files\System\Ole DB\msdatl3.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 249856 --a------ C:\WINDOWS\system32\odbc32.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 94208 --a------ C:\WINDOWS\system32\odbcint.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 16384 --a------ C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2005-07-26 00:39:44 1267200 --a------ C:\WINDOWS\system32\comsvcs.dll <Not Verified; Microsoft Corporation; COM Services>
2005-07-26 00:39:43 60416 --a------ C:\WINDOWS\system32\colbact.dll <Not Verified; Microsoft Corporation; COM Services>
2006-03-01 15:42:42 66560 --a------ C:\WINDOWS\system32\mtxclu.dll <Not Verified; Microsoft Corporation; COM Services>
2006-08-17 08:28:27 332288 --a------ C:\WINDOWS\system32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 57856 --a------ C:\WINDOWS\system32\clusapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 58880 --a------ C:\WINDOWS\system32\resutils.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 723456 --a------ C:\WINDOWS\system32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 278559 --a------ C:\WINDOWS\system32\odbcjt32.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 1507356 --a------ C:\WINDOWS\system32\msjet40.dll <Not Verified; Microsoft Corporation; Microsoft ® Jet>
2004-08-04 08:00:00 614429 --a------ C:\WINDOWS\system32\mswstr10.dll <Not Verified; Microsoft Corporation; Microsoft ® Jet>
2004-08-04 08:00:00 53279 --a------ C:\WINDOWS\system32\odbcji32.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 53279 --a------ C:\WINDOWS\system32\msjter40.dll <Not Verified; Microsoft Corporation; Microsoft ® Jet>
2004-08-04 08:00:00 151583 --a------ C:\WINDOWS\system32\msjint40.dll <Not Verified; Microsoft Corporation; Microsoft ® Jet>
2004-08-04 08:00:00 106496 --a------ C:\WINDOWS\system32\odbccp32.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 331776 --a------ C:\Program Files\Common Files\System\msadc\msadce.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 20480 --a------ C:\Program Files\Common Files\System\msadc\msadcer.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\wbem\wbemprox.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 214528 --a------ C:\WINDOWS\system32\wbem\wbemcomn.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 43520 --a------ C:\WINDOWS\system32\wbem\wbemsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 472064 --a------ C:\WINDOWS\system32\wbem\fastprox.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 67072 --a------ C:\WINDOWS\system32\ntdsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 13:37:10 148480 --a------ C:\WINDOWS\system32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 172032 --a------ C:\WINDOWS\system32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe (pid 1632)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-03-08 10:21:36 1089536 --a------ C:\Program Files\Intel\Wireless\Bin\Libeay32.dll <Not Verified; The OpenSSL Project, http://www.openssl.org/; The OpenSSL Toolkit>
2004-08-04 08:00:00 22528 --a------ C:\WINDOWS\system32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 983552 --a------ C:\WINDOWS\system32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-02-21 12:10:50 413696 --a------ C:\Program Files\Intel\Wireless\Bin\TraceAPI.dll <Not Verified; Intel Corporation; TraceAPI Module>
2007-02-21 12:10:36 516096 --a------ C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll <Not Verified; Intel Corporation; PsRegApi>
2004-08-04 08:00:00 276992 --a------ C:\WINDOWS\system32\comdlg32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:58 617472 --a------ C:\WINDOWS\system32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 146432 --a------ C:\WINDOWS\system32\winspool.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 08:00:00 163328 --a------ C:\WINDOWS\system32\oleacc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 413696 --a------ C:\WINDOWS\system32\msvcp60.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2006-05-19 08:59:41 94720 --a------ C:\WINDOWS\system32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 08:28:27 332288 --a------ C:\WINDOWS\system32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-02-21 12:11:00 348160 --a------ C:\Program Files\Intel\Wireless\Bin\IntStngs.dll <Not Verified; Intel Corporation; IntelSettings Dynamic Link Library>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-02-21 12:13:02 118784 --a------ C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:43 498688 --a------ C:\WINDOWS\system32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 792064 --a------ C:\WINDOWS\system32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 622080 --a------ C:\WINDOWS\system32\netcfgx.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 57856 --a------ C:\WINDOWS\system32\clusapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 13:37:10 148480 --a------ C:\WINDOWS\system32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-12-26 09:07:23 536576 --a------ C:\Program Files\Common Files\System\ado\msado15.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 151552 --a------ C:\WINDOWS\system32\msdart.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 2897920 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 487424 --a------ C:\Program Files\Common Files\System\Ole DB\oledb32.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 65536 --a------ C:\Program Files\Common Files\System\Ole DB\oledb32r.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 315392 --a------ C:\Program Files\Common Files\System\Ole DB\msdasql.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 94208 --a------ C:\Program Files\Common Files\System\Ole DB\msdatl3.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 249856 --a------ C:\WINDOWS\system32\odbc32.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 94208 --a------ C:\WINDOWS\system32\odbcint.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 16384 --a------ C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2005-07-26 00:39:44 1267200 --a------ C:\WINDOWS\system32\comsvcs.dll <Not Verified; Microsoft Corporation; COM Services>
2005-07-26 00:39:43 60416 --a------ C:\WINDOWS\system32\colbact.dll <Not Verified; Microsoft Corporation; COM Services>
2006-03-01 15:42:42 66560 --a------ C:\WINDOWS\system32\mtxclu.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 58880 --a------ C:\WINDOWS\system32\resutils.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 723456 --a------ C:\WINDOWS\system32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 278559 --a------ C:\WINDOWS\system32\odbcjt32.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 1507356 --a------ C:\WINDOWS\system32\msjet40.dll <Not Verified; Microsoft Corporation; Microsoft ® Jet>
2004-08-04 08:00:00 614429 --a------ C:\WINDOWS\system32\mswstr10.dll <Not Verified; Microsoft Corporation; Microsoft ® Jet>
2004-08-04 08:00:00 53279 --a------ C:\WINDOWS\system32\odbcji32.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 53279 --a------ C:\WINDOWS\system32\msjter40.dll <Not Verified; Microsoft Corporation; Microsoft ® Jet>
2004-08-04 08:00:00 151583 --a------ C:\WINDOWS\system32\msjint40.dll <Not Verified; Microsoft Corporation; Microsoft ® Jet>
2004-08-04 08:00:00 106496 --a------ C:\WINDOWS\system32\odbccp32.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 331776 --a------ C:\Program Files\Common Files\System\msadc\msadce.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 20480 --a------ C:\Program Files\Common Files\System\msadc\msadcer.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>

C:\WINDOWS\explorer.exe (pid 1732)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:12 1023488 --a------ C:\WINDOWS\system32\browseui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2007-12-06 21:07:13 1494528 --a------ C:\WINDOWS\system32\shdocvw.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 597504 --a------ C:\WINDOWS\system32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 57344 --a------ C:\WINDOWS\system32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 512512 --a------ C:\WINDOWS\system32\cryptui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176640 --a------ C:\WINDOWS\system32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 144384 --a------ C:\WINDOWS\system32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 08:28:27 332288 --a------ C:\WINDOWS\system32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:14 659456 --a------ C:\WINDOWS\system32\wininet.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 172032 --a------ C:\WINDOWS\system32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 65536 --a------ C:\WINDOWS\system32\shimeng.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 1852416 --a------ C:\WINDOWS\AppPatch\AcGenral.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176128 --a------ C:\WINDOWS\system32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 71680 --a------ C:\WINDOWS\system32\msacm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 723456 --a------ C:\WINDOWS\system32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:58 617472 --a------ C:\WINDOWS\system32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 126976 --a------ C:\WINDOWS\system32\apphelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:43 498688 --a------ C:\WINDOWS\system32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 792064 --a------ C:\WINDOWS\system32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 326656 --a------ C:\WINDOWS\system32\cscui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 101888 --a------ C:\WINDOWS\system32\cscdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 385536 --a------ C:\WINDOWS\system32\themeui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 4608 --a------ C:\WINDOWS\system32\msimg32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 2897920 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 101888 --a------ C:\WINDOWS\system32\actxprxy.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 64000 --a------ C:\WINDOWS\system32\samlib.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 983552 --a------ C:\WINDOWS\system32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-08-31 21:41:53 19968 --a------ C:\WINDOWS\system32\linkinfo.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 143872 --a------ C:\WINDOWS\system32\ntshrui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 58880 --a------ C:\WINDOWS\system32\atl.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2007-12-06 21:07:14 615424 --a------ C:\WINDOWS\system32\urlmon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 152576 --a------ C:\WINDOWS\system32\rsaenh.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-18 12:12:23 2854400 --a------ C:\WINDOWS\system32\msi.dll <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2004-08-04 08:00:00 53760 --a------ C:\WINDOWS\system32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 276480 --a------ C:\WINDOWS\system32\webcheck.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 22528 --a------ C:\WINDOWS\system32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 121856 --a------ C:\WINDOWS\system32\stobject.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 28672 --a------ C:\WINDOWS\system32\batmeter.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 17408 --a------ C:\WINDOWS\system32\powrprof.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18432 --a------ C:\WINDOWS\system32\wtsapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 01:56:58 23552 --a------ C:\WINDOWS\system32\wdmaud.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 20480 --a------ C:\WINDOWS\system32\msacm32.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\midimap.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 1708032 --a------ C:\WINDOWS\system32\netshell.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 44032 --a------ C:\WINDOWS\system32\rtutils.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 163840 --a------ C:\WINDOWS\system32\credui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 08:59:41 94720 --a------ C:\WINDOWS\system32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 51712 --a------ C:\WINDOWS\system32\wzcsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 59904 --a------ C:\WINDOWS\system32\mpr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 14336 --a------ C:\WINDOWS\system32\drprov.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 43520 --a------ C:\WINDOWS\system32\ntlanman.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 80896 --a------ C:\WINDOWS\system32\netui0.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 245760 --a------ C:\WINDOWS\system32\netui1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 12288 --a------ C:\WINDOWS\system32\netrap.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 24576 --a------ C:\WINDOWS\system32\davclnt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-10-19 09:56:32 713216 --a------ C:\WINDOWS\system32\sxs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 63488 --a------ C:\WINDOWS\system32\browselc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 549376 --a------ C:\WINDOWS\system32\shdoclc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe (pid 1744)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-02-21 12:11:56 901120 --a------ C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll <Not Verified; Intel Corporation; ProfileMgrApi Dynamic Link Library>
2006-03-08 10:21:36 1089536 --a------ C:\Program Files\Intel\Wireless\Bin\Libeay32.dll <Not Verified; The OpenSSL Project, http://www.openssl.org/; The OpenSSL Toolkit>
2004-08-04 08:00:00 22528 --a------ C:\WINDOWS\system32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-02-21 12:10:50 413696 --a------ C:\Program Files\Intel\Wireless\Bin\TraceAPI.dll <Not Verified; Intel Corporation; TraceAPI Module>
2007-02-21 12:10:36 516096 --a------ C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll <Not Verified; Intel Corporation; PsRegApi>
2004-08-04 08:00:00 983552 --a------ C:\WINDOWS\system32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 276992 --a------ C:\WINDOWS\system32\comdlg32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:58 617472 --a------ C:\WINDOWS\system32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 146432 --a------ C:\WINDOWS\system32\winspool.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 08:00:00 163328 --a------ C:\WINDOWS\system32\oleacc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 413696 --a------ C:\WINDOWS\system32\msvcp60.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-02-21 12:10:54 348160 --a------ C:\Program Files\Intel\Wireless\Bin\DbEngine.dll <Not Verified; Intel Corporation; Secure Database Egnine>
2007-02-21 12:11:00 348160 --a------ C:\Program Files\Intel\Wireless\Bin\IntStngs.dll <Not Verified; Intel Corporation; IntelSettings Dynamic Link Library>
2007-02-21 12:17:22 606208 --a------ C:\Program Files\Intel\Wireless\Bin\MurocApi.dll <Not Verified; Intel Corporation; MurocApi Dynamic Link Library>
2007-02-21 12:17:02 94208 --a------ C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll <Not Verified; Intel Corporation; Intel Mobile Unit Support Service>
2004-08-04 08:00:00 3584 --a------ C:\WINDOWS\system32\icmp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 08:59:41 94720 --a------ C:\WINDOWS\system32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 08:28:27 332288 --a------ C:\WINDOWS\system32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 99328 --a------ C:\WINDOWS\system32\winscard.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18432 --a------ C:\WINDOWS\system32\wtsapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 53760 --a------ C:\WINDOWS\system32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

Part 2!


2004-08-04 08:00:00 723456 --a------ C:\WINDOWS\system32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-02-21 12:12:58 765952 --a------ C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll <Not Verified; Intel Corporation; C8021XSettings Dynamic Link Library>
2004-08-04 08:00:00 597504 --a------ C:\WINDOWS\system32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 57344 --a------ C:\WINDOWS\system32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 23040 --a------ C:\WINDOWS\system32\psapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-10-16 12:15:00 122880 --a------ C:\WINDOWS\system32\oledlg.dll <Not Verified; Microsoft Corporation; Microsoft Windows™ OLE 2.0 User Interface Support>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:43 498688 --a------ C:\WINDOWS\system32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 792064 --a------ C:\WINDOWS\system32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2006-12-26 09:07:23 536576 --a------ C:\Program Files\Common Files\System\ado\msado15.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 151552 --a------ C:\WINDOWS\system32\msdart.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 2897920 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 487424 --a------ C:\Program Files\Common Files\System\Ole DB\oledb32.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 65536 --a------ C:\Program Files\Common Files\System\Ole DB\oledb32r.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 315392 --a------ C:\Program Files\Common Files\System\Ole DB\msdasql.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 94208 --a------ C:\Program Files\Common Files\System\Ole DB\msdatl3.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 249856 --a------ C:\WINDOWS\system32\odbc32.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 94208 --a------ C:\WINDOWS\system32\odbcint.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 16384 --a------ C:\Program Files\Common Files\System\Ole DB\msdasqlr.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2005-07-26 00:39:44 1267200 --a------ C:\WINDOWS\system32\comsvcs.dll <Not Verified; Microsoft Corporation; COM Services>
2005-07-26 00:39:43 60416 --a------ C:\WINDOWS\system32\colbact.dll <Not Verified; Microsoft Corporation; COM Services>
2006-03-01 15:42:42 66560 --a------ C:\WINDOWS\system32\mtxclu.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 57856 --a------ C:\WINDOWS\system32\clusapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 58880 --a------ C:\WINDOWS\system32\resutils.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 278559 --a------ C:\WINDOWS\system32\odbcjt32.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 1507356 --a------ C:\WINDOWS\system32\msjet40.dll <Not Verified; Microsoft Corporation; Microsoft ® Jet>
2004-08-04 08:00:00 614429 --a------ C:\WINDOWS\system32\mswstr10.dll <Not Verified; Microsoft Corporation; Microsoft ® Jet>
2004-08-04 08:00:00 53279 --a------ C:\WINDOWS\system32\odbcji32.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 53279 --a------ C:\WINDOWS\system32\msjter40.dll <Not Verified; Microsoft Corporation; Microsoft ® Jet>
2004-08-04 08:00:00 151583 --a------ C:\WINDOWS\system32\msjint40.dll <Not Verified; Microsoft Corporation; Microsoft ® Jet>
2004-08-04 08:00:00 106496 --a------ C:\WINDOWS\system32\odbccp32.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 331776 --a------ C:\Program Files\Common Files\System\msadc\msadce.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 20480 --a------ C:\Program Files\Common Files\System\msadc\msadcer.dll <Not Verified; Microsoft Corporation; Microsoft Data Access Components>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\wbem\wbemprox.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 214528 --a------ C:\WINDOWS\system32\wbem\wbemcomn.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 43520 --a------ C:\WINDOWS\system32\wbem\wbemsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 472064 --a------ C:\WINDOWS\system32\wbem\fastprox.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 67072 --a------ C:\WINDOWS\system32\ntdsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 13:37:10 148480 --a------ C:\WINDOWS\system32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 172032 --a------ C:\WINDOWS\system32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\WINDOWS\system32\WLTRYSVC.EXE (pid 424)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18432 --a------ C:\WINDOWS\system32\wtsapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 53760 --a------ C:\WINDOWS\system32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 08:28:27 332288 --a------ C:\WINDOWS\system32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-16 19:10:54 348160 --a------ C:\WINDOWS\system32\MSVCR71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>

C:\WINDOWS\system32\BCMWLTRY.EXE (pid 504)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:14 659456 --a------ C:\WINDOWS\system32\wininet.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 597504 --a------ C:\WINDOWS\system32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 57344 --a------ C:\WINDOWS\system32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 16896 --a------ C:\WINDOWS\system32\cfgmgr32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 983552 --a------ C:\WINDOWS\system32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 08:59:41 94720 --a------ C:\WINDOWS\system32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 17408 --a------ C:\WINDOWS\system32\powrprof.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-16 19:10:48 757760 --a------ C:\WINDOWS\system32\bcm1xsup.dll
2007-03-16 19:10:52 69632 --a------ C:\WINDOWS\system32\bcmwlpkt.dll <Not Verified; CACE Technologies; WinPcap low level packet library>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-16 19:10:54 348160 --a------ C:\WINDOWS\system32\MSVCR71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2007-03-16 19:10:54 1060864 --a------ C:\WINDOWS\system32\MFC71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-16 19:10:54 499712 --a------ C:\WINDOWS\system32\MSVCP71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2004-08-04 08:00:00 22528 --a------ C:\WINDOWS\system32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 99328 --a------ C:\WINDOWS\system32\winscard.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18432 --a------ C:\WINDOWS\system32\wtsapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 53760 --a------ C:\WINDOWS\system32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 08:28:27 332288 --a------ C:\WINDOWS\system32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:58 617472 --a------ C:\WINDOWS\system32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-16 19:10:48 89088 --a------ C:\WINDOWS\system32\ATL71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2007-03-16 19:10:54 44032 --a------ C:\WINDOWS\system32\wltrynt.dll <Not Verified; Broadcom Corporation; Wireless Notification Provider>
2005-07-26 00:39:43 498688 --a------ C:\WINDOWS\system32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 792064 --a------ C:\WINDOWS\system32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2005-07-26 00:39:45 243200 --a------ C:\WINDOWS\system32\es.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 2897920 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 126976 --a------ C:\WINDOWS\system32\apphelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 152576 --a------ C:\WINDOWS\system32\rsaenh.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176640 --a------ C:\WINDOWS\system32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 144384 --a------ C:\WINDOWS\system32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (pid 512)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-08 16:26:00 738664 --a------ C:\Program Files\Lavasoft\Ad-Aware 2007\CEAPI.dll <Not Verified; Lavasoft; CEAPI Dynamic Link Library>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-08 16:26:11 907096 --a------ C:\Program Files\Lavasoft\Ad-Aware 2007\PKArchive85u.dll <Not Verified; PKWARE, Inc.; PKWARE Archive API>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 597504 --a------ C:\WINDOWS\system32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 57344 --a------ C:\WINDOWS\system32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 172032 --a------ C:\WINDOWS\system32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 23040 --a------ C:\WINDOWS\system32\psapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:14 659456 --a------ C:\WINDOWS\system32\wininet.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2008-03-23 20:32:35 525664 --a------ C:\Program Files\Lavasoft\Ad-Aware 2007\update.dll <Not Verified; ; Update Dynamic Link Library>
2004-08-04 08:00:00 22528 --a------ C:\WINDOWS\system32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 723456 --a------ C:\WINDOWS\system32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:58 617472 --a------ C:\WINDOWS\system32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 152576 --a------ C:\WINDOWS\system32\rsaenh.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (pid 548)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 09:33:16 184320 --a------ C:\Program Files\Alwil Software\Avast4\aswCmnS.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 09:32:54 69632 --a------ C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-16 19:10:54 499712 --a------ C:\WINDOWS\system32\MSVCP71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2007-03-16 19:10:54 348160 --a------ C:\WINDOWS\system32\MSVCR71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2004-08-04 08:00:00 22528 --a------ C:\WINDOWS\system32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 09:33:01 131072 --a------ C:\Program Files\Alwil Software\Avast4\aswCmnB.dll <Not Verified; ALWIL Software; avast! Antivirus>

C:\Program Files\Alwil Software\Avast4\ashServ.exe (pid 600)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 09:35:47 659456 --a------ C:\Program Files\Alwil Software\Avast4\aswAux.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-03-16 19:10:54 499712 --a------ C:\WINDOWS\system32\MSVCP71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2007-03-16 19:10:54 348160 --a------ C:\WINDOWS\system32\MSVCR71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2007-12-04 09:33:01 131072 --a------ C:\Program Files\Alwil Software\Avast4\aswCmnB.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 09:32:54 69632 --a------ C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 22528 --a------ C:\WINDOWS\system32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 07:47:35 1204224 --a------ C:\Program Files\Alwil Software\Avast4\aswEngin.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 07:46:47 81920 --a------ C:\Program Files\Alwil Software\Avast4\aswScan.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 09:33:16 184320 --a------ C:\Program Files\Alwil Software\Avast4\aswCmnS.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2007-12-04 07:47:51 221184 --a------ C:\Program Files\Alwil Software\Avast4\ashBase.dll <Not Verified; ALWIL Software; avast! Antivirus>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 07:48:12 110592 --a------ C:\Program Files\Alwil Software\Avast4\ashTask.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 07:47:10 22528 --a------ C:\Program Files\Alwil Software\Avast4\aswInteg.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 09:36:28 4608 --a------ C:\Program Files\Alwil Software\Avast4\aswIdle.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 07:54:44 212992 --a------ C:\Program Files\Alwil Software\Avast4\Aavm4h.dll <Not Verified; ALWIL Software; avast! Antivirus>
2004-08-04 08:00:00 640000 --a------ C:\WINDOWS\system32\dbghelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 09:32:32 61440 --a------ C:\Program Files\Alwil Software\Avast4\ENGLISH\Base.dll <Not Verified; ALWIL Software; avast! Antivirus>
2005-07-01 08:29:48 75776 --a------ C:\Program Files\Alwil Software\Avast4\unacev2.dll
2004-08-04 08:00:00 18432 --a------ C:\WINDOWS\system32\wtsapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 53760 --a------ C:\WINDOWS\system32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 08:28:27 332288 --a------ C:\WINDOWS\system32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 07:55:24 35840 --a------ C:\Program Files\Alwil Software\Avast4\AhResMai.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 07:56:24 32768 --a------ C:\Program Files\Alwil Software\Avast4\ahResMes.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 07:55:37 31744 --a------ C:\Program Files\Alwil Software\Avast4\AhResNS.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 08:00:07 29696 --a------ C:\Program Files\Alwil Software\Avast4\AhResOut.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 07:56:12 32768 --a------ C:\Program Files\Alwil Software\Avast4\ahResP2P.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 08:01:10 43008 --a------ C:\Program Files\Alwil Software\Avast4\AhResStd.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 07:55:08 53248 --a------ C:\Program Files\Alwil Software\Avast4\AhResWS.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 07:48:53 233472 --a------ C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll <Not Verified; ALWIL Software; avast! Antivirus>
2005-07-26 00:39:43 498688 --a------ C:\WINDOWS\system32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 792064 --a------ C:\WINDOWS\system32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 2897920 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 08:59:41 94720 --a------ C:\WINDOWS\system32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 245248 --a------ C:\WINDOWS\system32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 13:37:10 148480 --a------ C:\WINDOWS\system32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 16896 --a------ C:\WINDOWS\system32\winrnr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 172032 --a------ C:\WINDOWS\system32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 13:37:10 8192 --a------ C:\WINDOWS\system32\rasadhlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 25088 --a------ C:\WINDOWS\system32\perfos.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\WINDOWS\system32\spoolsv.exe (pid 1556)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 65536 --a------ C:\WINDOWS\system32\shimeng.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 1852416 --a------ C:\WINDOWS\AppPatch\AcGenral.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176128 --a------ C:\WINDOWS\system32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 08:00:00 71680 --a------ C:\WINDOWS\system32\msacm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 723456 --a------ C:\WINDOWS\system32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:58 617472 --a------ C:\WINDOWS\system32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 74752 --a------ C:\WINDOWS\system32\spoolss.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 13:37:10 148480 --a------ C:\WINDOWS\system32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 13:37:10 8192 --a------ C:\WINDOWS\system32\rasadhlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 341504 --a------ C:\WINDOWS\system32\localspl.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 140288 --a------ C:\WINDOWS\system32\sfc_os.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176640 --a------ C:\WINDOWS\system32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 597504 --a------ C:\WINDOWS\system32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 57344 --a------ C:\WINDOWS\system32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 144384 --a------ C:\WINDOWS\system32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 146432 --a------ C:\WINDOWS\system32\winspool.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 08:28:27 332288 --a------ C:\WINDOWS\system32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 47104 --a------ C:\WINDOWS\system32\cnbjmon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 15360 --a------ C:\WINDOWS\system32\pjlmon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 45568 --a------ C:\WINDOWS\system32\tcpmon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 16896 --a------ C:\WINDOWS\system32\usbmon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 245248 --a------ C:\WINDOWS\system32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 16896 --a------ C:\WINDOWS\system32\winrnr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 172032 --a------ C:\WINDOWS\system32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 101888 --a------ C:\WINDOWS\system32\win32spl.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 12288 --a------ C:\WINDOWS\system32\netrap.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 67072 --a------ C:\WINDOWS\system32\ntdsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:43 498688 --a------ C:\WINDOWS\system32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 792064 --a------ C:\WINDOWS\system32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 75264 --a------ C:\WINDOWS\system32\inetpp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 2897920 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (pid 2028)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 22528 --a------ C:\WINDOWS\system32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 983552 --a------ C:\WINDOWS\system32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 245248 --a------ C:\WINDOWS\system32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 344064 --a------ C:\WINDOWS\system32\hnetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\wshtcpip.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176640 --a------ C:\WINDOWS\system32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 597504 --a------ C:\WINDOWS\system32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 57344 --a------ C:\WINDOWS\system32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 144384 --a------ C:\WINDOWS\system32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\WINDOWS\system32\BAsfIpM.exe (pid 248)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-04-23 13:31:02 233472 --a------ C:\WINDOWS\system32\BMAPI.dll <Not Verified; Broadcom Corporation; Broadcom Management Application Programming Interface>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 16896 --a------ C:\WINDOWS\system32\cfgmgr32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 983552 --a------ C:\WINDOWS\system32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 08:59:41 94720 --a------ C:\WINDOWS\system32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 08:00:00 2897920 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:43 498688 --a------ C:\WINDOWS\system32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 792064 --a------ C:\WINDOWS\system32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 622080 --a------ C:\WINDOWS\system32\netcfgx.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 57856 --a------ C:\WINDOWS\system32\clusapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 13:37:10 148480 --a------ C:\WINDOWS\system32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176640 --a------ C:\WINDOWS\system32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 597504 --a------ C:\WINDOWS\system32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 57344 --a------ C:\WINDOWS\system32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 144384 --a------ C:\WINDOWS\system32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (pid 328)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 983552 --a------ C:\WINDOWS\system32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 276992 --a------ C:\WINDOWS\system32\comdlg32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:58 617472 --a------ C:\WINDOWS\system32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 146432 --a------ C:\WINDOWS\system32\winspool.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 2897920 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:43 498688 --a------ C:\WINDOWS\system32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 792064 --a------ C:\WINDOWS\system32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\WINDOWS\system32\svchost.exe (pid 688)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 65536 --a------ C:\WINDOWS\system32\shimeng.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 1852416 --a------ C:\WINDOWS\AppPatch\AcGenral.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176128 --a------ C:\WINDOWS\system32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 08:00:00 71680 --a------ C:\WINDOWS\system32\msacm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 723456 --a------ C:\WINDOWS\system32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:58 617472 --a------ C:\WINDOWS\system32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-12-19 14:16:47 333824 --a------ C:\WINDOWS\system32\wiaservc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 16896 --a------ C:\WINDOWS\system32\cfgmgr32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 983552 --a------ C:\WINDOWS\system32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-06-28 21:46:00 74240 --a------ C:\WINDOWS\system32\mscms.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 146432 --a------ C:\WINDOWS\system32\winspool.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 53760 --a------ C:\WINDOWS\system32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 08:28:27 332288 --a------ C:\WINDOWS\system32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 2897920 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:43 498688 --a------ C:\WINDOWS\system32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 792064 --a------ C:\WINDOWS\system32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 176640 --a------ C:\WINDOWS\system32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 597504 --a------ C:\WINDOWS\system32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 57344 --a------ C:\WINDOWS\system32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 144384 --a------ C:\WINDOWS\system32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 101888 --a------ C:\WINDOWS\system32\actxprxy.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (pid 1724)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 22528 --a------ C:\WINDOWS\system32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 07:47:51 221184 --a------ C:\Program Files\Alwil Software\Avast4\ashBase.dll <Not Verified; ALWIL Software; avast! Antivirus>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2007-03-16 19:10:54 499712 --a------ C:\WINDOWS\system32\MSVCP71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2007-03-16 19:10:54 348160 --a------ C:\WINDOWS\system32\MSVCR71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2007-12-04 09:32:54 69632 --a------ C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 09:33:01 131072 --a------ C:\Program Files\Alwil Software\Avast4\aswCmnB.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 09:33:16 184320 --a------ C:\Program Files\Alwil Software\Avast4\aswCmnS.dll <Not Verified; ALWIL Software; avast! Antivirus>
2006-08-25 11:45:58 617472 --a------ C:\WINDOWS\system32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 07:54:44 212992 --a------ C:\Program Files\Alwil Software\Avast4\Aavm4h.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 07:48:12 110592 --a------ C:\Program Files\Alwil Software\Avast4\ashTask.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 09:35:47 659456 --a------ C:\Program Files\Alwil Software\Avast4\aswAux.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 07:55:24 35840 --a------ C:\Program Files\Alwil Software\Avast4\AhResMai.dll <Not Verified; ALWIL Software; avast! Antivirus>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 640000 --a------ C:\WINDOWS\system32\dbghelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 09:32:32 61440 --a------ C:\Program Files\Alwil Software\Avast4\ENGLISH\Base.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 07:47:35 1204224 --a------ C:\Program Files\Alwil Software\Avast4\aswEngin.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 07:46:47 81920 --a------ C:\Program Files\Alwil Software\Avast4\aswScan.dll <Not Verified; ALWIL Software; avast! Antivirus>
2004-08-04 08:00:00 245248 --a------ C:\WINDOWS\system32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 13:37:10 148480 --a------ C:\WINDOWS\system32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 16896 --a------ C:\WINDOWS\system32\winrnr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 172032 --a------ C:\WINDOWS\system32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 13:37:10 8192 --a------ C:\WINDOWS\system32\rasadhlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 07:50:40 307200 --a------ C:\Program Files\Alwil Software\Avast4\ashUInt.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 09:45:19 917504 --a------ C:\Program Files\Alwil Software\Avast4\XT1922.dll <Not Verified; Codejock Software; XTToolkit Dynamic Link Library>
2007-03-16 19:10:54 1060864 --a------ C:\WINDOWS\system32\MFC71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2006-11-27 10:54:06 433152 --a------ C:\WINDOWS\system32\riched20.dll <Not Verified; Microsoft Corporation; Microsoft RichEdit Control, version 3.0>
2007-12-04 09:32:37 2519040 --a------ C:\Program Files\Alwil Software\Avast4\ENGLISH\Lang.dll <Not Verified; ALWIL Software; avast! Antivirus>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 09:32:27 57344 --a------ C:\Program Files\Alwil Software\Avast4\ENGLISH\LangMai.dll <Not Verified; ALWIL Software; avast! Antivirus>
2004-08-04 08:00:00 23040 --a------ C:\WINDOWS\system32\psapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 344064 --a------ C:\WINDOWS\system32\hnetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\wshtcpip.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (pid 1884)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 07:47:51 221184 --a------ C:\Program Files\Alwil Software\Avast4\ashBase.dll <Not Verified; ALWIL Software; avast! Antivirus>
2004-08-04 08:00:00 22528 --a------ C:\WINDOWS\system32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2007-03-16 19:10:54 499712 --a------ C:\WINDOWS\system32\MSVCP71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2007-03-16 19:10:54 348160 --a------ C:\WINDOWS\system32\MSVCR71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2007-12-04 09:32:54 69632 --a------ C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 09:33:01 131072 --a------ C:\Program Files\Alwil Software\Avast4\aswCmnB.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 09:33:16 184320 --a------ C:\Program Files\Alwil Software\Avast4\aswCmnS.dll <Not Verified; ALWIL Software; avast! Antivirus>
2006-08-25 11:45:58 617472 --a------ C:\WINDOWS\system32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 07:54:44 212992 --a------ C:\Program Files\Alwil Software\Avast4\Aavm4h.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 07:48:12 110592 --a------ C:\Program Files\Alwil Software\Avast4\ashTask.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 09:35:47 659456 --a------ C:\Program Files\Alwil Software\Avast4\aswAux.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 640000 --a------ C:\WINDOWS\system32\dbghelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 09:32:32 61440 --a------ C:\Program Files\Alwil Software\Avast4\ENGLISH\Base.dll <Not Verified; ALWIL Software; avast! Antivirus>
2004-08-04 08:00:00 23040 --a------ C:\WINDOWS\system32\psapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 245248 --a------ C:\WINDOWS\system32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 344064 --a------ C:\WINDOWS\system32\hnetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\wshtcpip.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 5632 --a------ C:\WINDOWS\system32\security.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 07:59:41 118784 --a------ C:\Program Files\Alwil Software\Avast4\ashWsFtr.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 07:46:47 81920 --a------ C:\Program Files\Alwil Software\Avast4\aswScan.dll <Not Verified; ALWIL Software; avast! Antivirus>
2004-08-04 08:00:00 163328 --a------ C:\WINDOWS\system32\oleacc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 413696 --a------ C:\WINDOWS\system32\msvcp60.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 08:00:00 146432 --a------ C:\WINDOWS\system32\winspool.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 07:55:08 53248 --a------ C:\Program Files\Alwil Software\Avast4\AhResWS.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 07:47:35 1204224 --a------ C:\Program Files\Alwil Software\Avast4\aswEngin.dll <Not Verified; ALWIL Software; avast! Antivirus>

C:\Program Files\Alwil Software\Avast4\ashDisp.exe (pid 2516)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 09:32:54 69632 --a------ C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-16 19:10:54 499712 --a------ C:\WINDOWS\system32\MSVCP71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2007-03-16 19:10:54 348160 --a------ C:\WINDOWS\system32\MSVCR71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2004-08-04 08:00:00 22528 --a------ C:\WINDOWS\system32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 07:47:51 221184 --a------ C:\Program Files\Alwil Software\Avast4\ashBase.dll <Not Verified; ALWIL Software; avast! Antivirus>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2007-12-04 09:33:01 131072 --a------ C:\Program Files\Alwil Software\Avast4\aswCmnB.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 09:33:16 184320 --a------ C:\Program Files\Alwil Software\Avast4\aswCmnS.dll <Not Verified; ALWIL Software; avast! Antivirus>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 07:48:12 110592 --a------ C:\Program Files\Alwil Software\Avast4\ashTask.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 09:35:47 659456 --a------ C:\Program Files\Alwil Software\Avast4\aswAux.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 07:54:44 212992 --a------ C:\Program Files\Alwil Software\Avast4\Aavm4h.dll <Not Verified; ALWIL Software; avast! Antivirus>
2004-08-04 08:00:00 640000 --a------ C:\WINDOWS\system32\dbghelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 09:32:32 61440 --a------ C:\Program Files\Alwil Software\Avast4\ENGLISH\Base.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 09:32:37 2519040 --a------ C:\Program Files\Alwil Software\Avast4\ENGLISH\Lang.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-03-16 19:10:54 1060864 --a------ C:\WINDOWS\system32\MFC71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2007-12-04 07:54:34 20480 --a------ C:\Program Files\Alwil Software\Avast4\AavmRpch.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 07:57:57 65536 --a------ C:\Program Files\Alwil Software\Avast4\AhRuiMai.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 07:50:40 307200 --a------ C:\Program Files\Alwil Software\Avast4\ashUInt.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 09:45:19 917504 --a------ C:\Program Files\Alwil Software\Avast4\XT1922.dll <Not Verified; Codejock Software; XTToolkit Dynamic Link Library>
2007-12-04 07:56:21 36864 --a------ C:\Program Files\Alwil Software\Avast4\ahRuiMes.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 07:55:34 36864 --a------ C:\Program Files\Alwil Software\Avast4\AhRuiNS.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 07:58:23 90112 --a------ C:\Program Files\Alwil Software\Avast4\AhRuiOut.dll <Not Verified; ALWIL Software; avast! Antivirus>
2004-08-04 08:00:00 112128 --a------ C:\WINDOWS\system32\mapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 07:56:10 22016 --a------ C:\Program Files\Alwil Software\Avast4\ahRuiP2P.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 08:01:06 57344 --a------ C:\Program Files\Alwil Software\Avast4\AhRuiStd.dll <Not Verified; ALWIL Software; avast! Antivirus>
2007-12-04 07:57:37 49152 --a------ C:\Program Files\Alwil Software\Avast4\AhRuiWS.dll <Not Verified; ALWIL Software; avast! Antivirus>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\Program Files\AIM\aim.exe (pid 2528)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-07-25 13:54:18 110592 --a------ C:\Program Files\AIM\AIM_xmlp.dll
2004-07-22 11:41:46 135168 --a------ C:\Program Files\AIM\xprt.dll <Not Verified; America Online, Inc.; COOL Runtime Libraries>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-01 16:16:28 192512 --a------ C:\Program Files\AIM\oscore.dll <Not Verified; America Online, Inc.; AOL Instant Messenger>
2004-07-22 11:41:54 13824 --a------ C:\Program Files\AIM\xpcs.dll <Not Verified; America Online, Inc.; COOL Runtime Libraries>
2004-07-22 11:42:00 8192 --a------ C:\Program Files\AIM\xptl.dll <Not Verified; America Online, Inc.; COOL Runtime Libraries>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-01 16:15:54 4608 --a------ C:\Program Files\AIM\idlemon.dll <Not Verified; America Online, Inc.; AOL Instant Messenger>
2006-07-25 17:16:02 13312 --a------ C:\Program Files\AIM\oscres.dll
2002-07-18 12:00:02 139264 --a------ C:\Program Files\AIM\dunzip32.dll <Not Verified; Inner Media, Inc.; DynaZIP-32 Multi-Threading UnZIP DLL>
2004-08-04 08:00:00 276992 --a------ C:\WINDOWS\system32\comdlg32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-16 19:10:54 348160 --a------ C:\WINDOWS\system32\MSVCR71.DLL <Not Verified; Microsoft Corporation; Microsoft® Visual Studio .NET>
2006-08-01 16:16:14 192512 --a------ C:\Program Files\AIM\ate32.dll <Not Verified; America Online, Inc.; AOL Instant Messenger>
2004-08-04 08:00:00 110080 --a------ C:\WINDOWS\system32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176128 --a------ C:\WINDOWS\system32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 22528 --a------ C:\WINDOWS\system32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-06-16 18:46:26 81920 --a------ C:\Program Files\AIM\AIMToday.dll
2005-06-14 16:09:34 217088 --a------ C:\Program Files\AIM\xprt5.dll <Not Verified; America Online, Inc.; XPRT Runtime Library>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:43 498688 --a------ C:\WINDOWS\system32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 792064 --a------ C:\WINDOWS\system32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 59904 --a------ C:\WINDOWS\system32\devenum.dll
2004-08-04 08:00:00 983552 --a------ C:\WINDOWS\system32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176640 --a------ C:\WINDOWS\system32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 597504 --a------ C:\WINDOWS\system32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 57344 --a------ C:\WINDOWS\system32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 144384 --a------ C:\WINDOWS\system32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 14336 --a------ C:\WINDOWS\system32\msdmo.dll
2004-08-04 01:56:58 23552 --a------ C:\WINDOWS\system32\wdmaud.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 20480 --a------ C:\WINDOWS\system32\msacm32.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 71680 --a------ C:\WINDOWS\system32\msacm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\midimap.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 367616 --a------ C:\WINDOWS\system32\dsound.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-07-31 17:56:48 135168 --a------ C:\Program Files\AIM\sb.dll <Not Verified; AOL LLC; AIM Support DLL>
2007-12-06 21:07:14 615424 --a------ C:\WINDOWS\system32\urlmon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-07-22 11:42:46 73728 --a------ C:\Program Files\AIM\coolsocket.dll <Not Verified; America Online, Inc.; COOL Component Libraries>
2006-08-01 16:36:18 1511424 --a------ C:\Program Files\AIM\AimRes.dll <Not Verified; America Online, Inc.; AOL Instant Messenger>
2004-07-22 11:43:20 114688 --a------ C:\Program Files\AIM\coolbucky.dll <Not Verified; America Online, Inc.; COOL Component Libraries>
2006-08-01 16:24:04 192512 --a------ C:\Program Files\AIM\AimCoreSvcs.dll <Not Verified; America Online, Inc.; AOL Instant Messenger>
2004-07-22 11:43:40 184320 --a------ C:\Program Files\AIM\coolbos.dll <Not Verified; America Online, Inc.; COOL Component Libraries>
2006-08-01 16:27:54 233472 --a------ C:\Program Files\AIM\AimSecondarySvcs.dll <Not Verified; America Online, Inc.; AOL Instant Messenger>
2006-08-01 16:16:54 151552 --a------ C:\Program Files\AIM\oscarui.dll <Not Verified; America Online, Inc.; AOL Instant Messenger>
2006-08-01 16:21:18 229376 --a------ C:\Program Files\AIM\wndutils.dll <Not Verified; America Online, Inc.; AOL Instant Messenger>
2006-08-01 16:17:26 106496 --a------ C:\Program Files\AIM\aimax.dll
2006-07-25 12:57:36 34304 --a------ C:\Program Files\AIM\proto.ocm <Not Verified; America Online, Inc.; AOL Instant Messenger>
2004-07-22 11:43:08 61440 --a------ C:\Program Files\AIM\coolhttp.dll <Not Verified; America Online, Inc.; COOL Component Libraries>
2004-08-04 08:00:00 245248 --a------ C:\WINDOWS\system32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 344064 --a------ C:\WINDOWS\system32\hnetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\wshtcpip.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-01 16:22:10 39936 --a------ C:\Program Files\AIM\startup.ocm <Not Verified; America Online, Inc.; AOL Instant Messenger>
2004-08-04 08:00:00 18432 --a------ C:\WINDOWS\system32\wtsapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 53760 --a------ C:\WINDOWS\system32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 08:28:27 332288 --a------ C:\WINDOWS\system32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-01 16:23:30 114688 --a------ C:\Program Files\AIM\aimapi.dll <Not Verified; America Online, Inc.; AOL Instant Messenger>
2007-12-06 21:07:14 659456 --a------ C:\WINDOWS\system32\wininet.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 2897920 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-01 16:28:20 217088 --a------ C:\Program Files\AIM\buddyui.ocm <Not Verified; America Online, Inc.; AOL Instant Messenger>
2006-08-01 16:23:42 266240 --a------ C:\Program Files\AIM\icbmui.ocm <Not Verified; America Online, Inc.; AOL Instant Messenger>
2006-07-25 17:19:58 180224 --a------ C:\Program Files\AIM\rtvideo.dll <Not Verified; America Online, Inc.; AOL Live Video>
2006-08-01 16:23:20 151552 --a------ C:\Program Files\AIM\locateui.ocm <Not Verified; America Online, Inc.; AOL Instant Messenger>
2006-08-01 16:28:26 25088 --a------ C:\Program Files\AIM\browse.ocm <Not Verified; America Online, Inc.; AOL Instant Messenger>
2006-08-01 16:24:52 98304 --a------ C:\Program Files\AIM\ChatUI.ocm <Not Verified; America Online, Inc.; AOL Instant Messenger>
2006-08-01 16:23:34 94208 --a------ C:\Program Files\AIM\ticker.ocm <Not Verified; America Online, Inc.; AOL Instant Messenger>
2006-08-01 16:28:44 61440 --a------ C:\Program Files\AIM\AlertUI.ocm <Not Verified; America Online, Inc.; AOL Instant Messenger>
2005-08-31 21:41:53 19968 --a------ C:\WINDOWS\system32\linkinfo.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 143872 --a------ C:\WINDOWS\system32\ntshrui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 58880 --a------ C:\WINDOWS\system32\atl.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 08:00:00 723456 --a------ C:\WINDOWS\system32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 236544 --a------ C:\WINDOWS\system32\rasapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 61440 --a------ C:\WINDOWS\system32\rasman.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 181760 --a------ C:\WINDOWS\system32\tapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 44032 --a------ C:\WINDOWS\system32\rtutils.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-01 16:22:16 9216 --a------ C:\Program Files\AIM\oscmain.ocm <Not Verified; America Online, Inc.; AOL Instant Messenger>
2006-08-01 16:23:12 135168 --a------ C:\Program Files\AIM\miscui.ocm <Not Verified; America Online, Inc.; AOL Instant Messenger>
2004-08-04 08:00:00 152576 --a------ C:\WINDOWS\system32\rsaenh.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-01 16:22:20 69632 --a------ C:\Program Files\AIM\osclogin.ocm <Not Verified; America Online, Inc.; AOL Instant Messenger>
2006-06-26 13:37:10 148480 --a------ C:\WINDOWS\system32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 16896 --a------ C:\WINDOWS\system32\winrnr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 172032 --a------ C:\WINDOWS\system32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 13:37:10 8192 --a------ C:\WINDOWS\system32\rasadhlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-01 16:24:54 6656 --a------ C:\Program Files\AIM\stats.ocm
2006-08-01 16:21:34 13312 --a------ C:\Program Files\AIM\popup.ocm <Not Verified; America Online, Inc.; AOL Instant Messenger>
2006-08-01 16:22:00 86016 --a------ C:\Program Files\AIM\OscSrch.ocm <Not Verified; America Online, Inc.; AOL Instant Messenger>
2006-08-01 16:21:46 39936 --a------ C:\Program Files\AIM\rvapps.ocm <Not Verified; America Online, Inc.; AOL Instant Messenger>
2006-08-01 16:22:34 77824 --a------ C:\Program Files\AIM\OscMail.ocm <Not Verified; America Online, Inc.; AOL Instant Messenger>
2006-08-01 16:22:42 15360 --a------ C:\Program Files\AIM\NTP.ocm <Not Verified; America Online, Inc.; AOL Instant Messenger>
2006-08-01 16:28:50 131072 --a------ C:\Program Files\AIM\ateima32.dll <Not Verified; America Online, Inc.; AOL Instant Messenger>
2004-07-22 11:43:00 57344 --a------ C:\Program Files\AIM\coolsecnss.dll <Not Verified; America Online, Inc.; COOL Component Libraries>
2004-08-18 14:56:46 348160 --a------ C:\Program Files\AIM\nss3.dll <Not Verified; Netscape Communications Corporation; Network Security Services>
2004-08-18 14:56:48 372736 --a------ C:\Program Files\AIM\softokn3.dll <Not Verified; Netscape Communications Corporation; Network Security Services>
2004-01-09 12:38:16 28672 --a------ C:\Program Files\AIM\plc4.dll <Not Verified; Netscape Communications Corporation; Netscape Portable Runtime>
2004-01-09 12:38:16 159744 --a------ C:\Program Files\AIM\nspr4.dll <Not Verified; Netscape Communications Corporation; Netscape Portable Runtime>
2004-01-09 12:38:16 24576 --a------ C:\Program Files\AIM\plds4.dll <Not Verified; Netscape Communications Corporation; Netscape Portable Runtime>
2004-08-18 14:56:48 110592 --a------ C:\Program Files\AIM\ssl3.dll <Not Verified; Netscape Communications Corporation; Network Security Services>
2004-08-18 14:56:48 106496 --a------ C:\Program Files\AIM\smime3.dll <Not Verified; Netscape Communications Corporation; Network Security Services>
2004-08-18 14:56:48 176128 --a------ C:\Program Files\AIM\nssckbi.dll
2004-08-04 08:00:00 358400 --a------ C:\WINDOWS\system32\termmgr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-29 18:43:03 1287680 --a------ C:\WINDOWS\system32\quartz.dll
2004-08-04 08:00:00 853504 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Networking.Dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 120832 --a------ C:\WINDOWS\system32\msvfw32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 60928 --a------ C:\WINDOWS\system32\dpnhupnp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-07 10:37:14 3059200 --a------ C:\WINDOWS\system32\mshtml.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 146432 --a------ C:\WINDOWS\system32\msls31.dll <Not Verified; Microsoft Corporation; Microsoft® Line Services>
2004-08-04 08:00:00 23040 --a------ C:\WINDOWS\system32\psapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 1494528 --a------ C:\WINDOWS\system32\shdocvw.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 512512 --a------ C:\WINDOWS\system32\cryptui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 586240 --a------ C:\WINDOWS\system32\mlang.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 159232 --a------ C:\WINDOWS\system32\MSIMTF.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 294400 --a------ C:\WINDOWS\system32\MSCTF.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 6656 --a------ C:\WINDOWS\system32\sensapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 549376 --a------ C:\WINDOWS\system32\shdoclc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-25 10:21:15 144896 --a------ C:\WINDOWS\system32\schannel.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-11-14 03:26:56 450560 --a------ C:\WINDOWS\system32\jscript.dll <Not Verified; Microsoft Corporation; Microsoft ® JScript>
2006-10-19 09:56:32 713216 --a------ C:\WINDOWS\system32\sxs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-11-20 20:04:14 2987392 -ra------ C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx <Not Verified; Adobe Systems, Inc.; Shockwave Flash>
2006-07-25 14:03:56 229376 --a------ C:\Program Files\AIM\inetsocket.dll <Not Verified; ; INETsocket Dynamic Link Library>
2004-08-04 08:00:00 146432 --a------ C:\WINDOWS\system32\winspool.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgent.exe (pid 2568)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 1392671 --a------ C:\WINDOWS\system32\msvbvm60.dll <Not Verified; Microsoft Corporation; Visual Basic>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:43 498688 --a------ C:\WINDOWS\system32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 792064 --a------ C:\WINDOWS\system32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-18 12:12:23 2854400 --a------ C:\WINDOWS\system32\msi.dll <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2004-08-04 08:00:00 2897920 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-05-23 13:11:00 102400 --a------ C:\Program Files\Cisco Systems\Clean Access Agent\CCAAgentHelper.dll <Not Verified; Cisco Systems, Inc.; Cisco Clean Access Agent>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 08:59:41 94720 --a------ C:\WINDOWS\system32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176640 --a------ C:\WINDOWS\system32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 597504 --a------ C:\WINDOWS\system32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 57344 --a------ C:\WINDOWS\system32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 144384 --a------ C:\WINDOWS\system32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-07 16:22:44 86016 --a------ C:\Program Files\Cisco Systems\Clean Access Agent\AV41\CAntiVirusCOM.dll
2004-08-04 06:00:00 413696 --a------ C:\Program Files\Cisco Systems\Clean Access Agent\AV41\MSVCP60.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-07 16:10:32 104448 --a------ C:\Program Files\Cisco Systems\Clean Access Agent\AV41\OPSWATAVCommon.dll <Not Verified; OPSWAT, Inc.; >
2007-12-06 21:07:14 615424 --a------ C:\WINDOWS\system32\urlmon.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:14 659456 --a------ C:\WINDOWS\system32\wininet.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 23040 --a------ C:\WINDOWS\system32\psapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\wbem\wbemprox.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 214528 --a------ C:\WINDOWS\system32\wbem\wbemcomn.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 43520 --a------ C:\WINDOWS\system32\wbem\wbemsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 472064 --a------ C:\WINDOWS\system32\wbem\fastprox.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 67072 --a------ C:\WINDOWS\system32\ntdsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 13:37:10 148480 --a------ C:\WINDOWS\system32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 172032 --a------ C:\WINDOWS\system32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 08:28:27 332288 --a------ C:\WINDOWS\system32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 65024 --a------ C:\WINDOWS\system32\asycfilt.dll <Not Verified; Microsoft Corporation; >
2005-04-15 19:58:16 1071088 --a------ C:\WINDOWS\system32\MSCOMCTL.OCX <Not Verified; Microsoft Corporation; MSCOMCTL>
2004-08-04 08:00:00 276992 --a------ C:\WINDOWS\system32\comdlg32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:58 617472 --a------ C:\WINDOWS\system32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-10-19 09:56:32 713216 --a------ C:\WINDOWS\system32\sxs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2000-12-06 14:02:20 109248 --a------ C:\WINDOWS\system32\mswinsck.ocx <Not Verified; Microsoft Corporation; Microsoft Winsock Control>
2004-08-04 08:00:00 22528 --a------ C:\WINDOWS\system32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 245248 --a------ C:\WINDOWS\system32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 344064 --a------ C:\WINDOWS\system32\hnetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\wshtcpip.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 16896 --a------ C:\WINDOWS\system32\winrnr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 13:37:10 8192 --a------ C:\WINDOWS\system32\rasadhlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\WINDOWS\system32\wuauclt.exe (pid 3556)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 65536 --a------ C:\WINDOWS\system32\shimeng.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 1852416 --a------ C:\WINDOWS\AppPatch\AcGenral.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176128 --a------ C:\WINDOWS\system32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 71680 --a------ C:\WINDOWS\system32\msacm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 723456 --a------ C:\WINDOWS\system32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-30 20:19:42 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-10-20 18:20:03 1082368 --a------ C:\WINDOWS\system32\esent.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18432 --a------ C:\WINDOWS\system32\wtsapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 53760 --a------ C:\WINDOWS\system32\winsta.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 08:28:27 332288 --a------ C:\WINDOWS\system32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 146432 --a------ C:\WINDOWS\system32\winspool.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 08:59:41 94720 --a------ C:\WINDOWS\system32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 351232 --a------ C:\WINDOWS\system32\winhttp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176640 --a------ C:\WINDOWS\system32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 597504 --a------ C:\WINDOWS\system32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 57344 --a------ C:\WINDOWS\system32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 144384 --a------ C:\WINDOWS\system32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 59904 --a------ C:\WINDOWS\system32\cabinet.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 30208 --a------ C:\WINDOWS\system32\mspatcha.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 2897920 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:43 498688 --a------ C:\WINDOWS\system32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 792064 --a------ C:\WINDOWS\system32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2007-07-30 20:19:12 43352 --a------ C:\WINDOWS\system32\wups2.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\Program Files\Mozilla Firefox\firefox.exe (pid 3676)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-12 06:41:52 458856 --a------ C:\Program Files\Mozilla Firefox\js3250.dll <Not Verified; Netscape Communications Corporation; NETSCAPE>
2008-03-12 06:41:53 161392 --a------ C:\Program Files\Mozilla Firefox\nspr4.dll <Not Verified; Netscape Communications Corporation; Netscape Portable Runtime>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 22528 --a------ C:\WINDOWS\system32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176128 --a------ C:\WINDOWS\system32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-12 06:42:03 422000 --a------ C:\Program Files\Mozilla Firefox\xpcom_core.dll <Not Verified; Mozilla Foundation; Firefox>
2008-03-12 06:41:56 34424 --a------ C:\Program Files\Mozilla Firefox\plc4.dll <Not Verified; Netscape Communications Corporation; Netscape Portable Runtime>
2008-03-12 06:41:57 30320 --a------ C:\Program Files\Mozilla Firefox\plds4.dll <Not Verified; Netscape Communications Corporation; Netscape Portable Runtime>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-12 06:41:58 112232 --a------ C:\Program Files\Mozilla Firefox\smime3.dll <Not Verified; Mozilla Foundation; Network Security Services>
2008-03-12 06:41:54 378472 --a------ C:\Program Files\Mozilla Firefox\nss3.dll <Not Verified; Mozilla Foundation; Network Security Services>
2008-03-11 19:27:13 254060 --a------ C:\Program Files\Mozilla Firefox\softokn3.dll <Not Verified; Mozilla Foundation; Network Security Services>
2008-03-12 06:41:59 132712 --a------ C:\Program Files\Mozilla Firefox\ssl3.dll <Not Verified; Mozilla Foundation; Network Security Services>
2008-03-12 06:42:02 73848 --a------ C:\Program Files\Mozilla Firefox\xpcom_compat.dll <Not Verified; Mozilla Foundation; Firefox>
2004-08-04 08:00:00 276992 --a------ C:\WINDOWS\system32\comdlg32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 08:00:00 146432 --a------ C:\WINDOWS\system32\winspool.drv <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 983552 --a------ C:\WINDOWS\system32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:43 498688 --a------ C:\WINDOWS\system32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 792064 --a------ C:\WINDOWS\system32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2008-03-12 06:42:07 34952 --a------ C:\Program Files\Mozilla Firefox\components\myspell.dll <Not Verified; Mozilla Foundation; Firefox>
2004-08-04 08:00:00 245248 --a------ C:\WINDOWS\system32\mswsock.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 344064 --a------ C:\WINDOWS\system32\hnetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\wshtcpip.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-05-19 08:59:41 94720 --a------ C:\WINDOWS\system32\iphlpapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-12 06:42:06 67696 --a------ C:\Program Files\Mozilla Firefox\components\jar50.dll <Not Verified; Mozilla Foundation; Firefox>
2006-06-26 13:37:10 148480 --a------ C:\WINDOWS\system32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 16896 --a------ C:\WINDOWS\system32\winrnr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 172032 --a------ C:\WINDOWS\system32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 159232 --a------ C:\WINDOWS\system32\MSIMTF.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 294400 --a------ C:\WINDOWS\system32\MSCTF.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 2897920 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-11 19:27:13 200829 --a------ C:\Program Files\Mozilla Firefox\freebl3.dll <Not Verified; Mozilla Foundation; Network Security Services>
2008-03-12 06:41:55 276080 --a------ C:\Program Files\Mozilla Firefox\nssckbi.dll <Not Verified; Mozilla Foundation; Network Security Services>
2008-03-12 06:42:09 46720 --a------ C:\Program Files\Mozilla Firefox\components\spellchk.dll <Not Verified; Mozilla Foundation; Firefox>
2006-06-26 13:37:10 8192 --a------ C:\WINDOWS\system32\rasadhlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 4608 --a------ C:\WINDOWS\system32\msimg32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 110080 --a------ C:\WINDOWS\system32\imm32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>

C:\Documents and Settings\Tyler\Desktop\dss.exe (pid 2812)
2004-08-04 08:00:00 708096 --a------ C:\WINDOWS\system32\ntdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-04-16 11:52:53 984576 --a------ C:\WINDOWS\system32\kernel32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 616960 --a------ C:\WINDOWS\system32\advapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-07-09 09:09:42 584192 --a------ C:\WINDOWS\system32\rpcrt4.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 55808 --a------ C:\WINDOWS\system32\secur32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-25 11:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 343040 --a------ C:\WINDOWS\system32\msvcrt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-06-19 09:31:19 282112 --a------ C:\WINDOWS\system32\gdi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-03-08 11:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 474112 --a------ C:\WINDOWS\system32\shlwapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 276992 --a------ C:\WINDOWS\system32\comdlg32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-25 23:36:51 8454656 --a------ C:\WINDOWS\system32\shell32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 59904 --a------ C:\WINDOWS\system32\mpr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:48 1285120 --a------ C:\WINDOWS\system32\ole32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-04 14:38:13 550912 --a------ C:\WINDOWS\system32\oleaut32.dll <Not Verified; Microsoft Corporation; >
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\version.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176128 --a------ C:\WINDOWS\system32\winmm.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 22528 --a------ C:\WINDOWS\system32\wsock32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 82944 --a------ C:\WINDOWS\system32\ws2_32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 19968 --a------ C:\WINDOWS\system32\ws2help.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 983552 --a------ C:\WINDOWS\system32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2005-07-26 00:39:43 498688 --a------ C:\WINDOWS\system32\clbcatq.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 792064 --a------ C:\WINDOWS\system32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2004-08-04 08:00:00 151552 --a------ C:\WINDOWS\system32\scrrun.dll <Not Verified; Microsoft Corporation; Microsoft ® Script Runtime>
2004-08-04 08:00:00 1028096 --a------ C:\WINDOWS\system32\mfc42.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2006-10-19 09:56:32 713216 --a------ C:\WINDOWS\system32\sxs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 126976 --a------ C:\WINDOWS\system32\apphelp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:13 1494528 --a------ C:\WINDOWS\system32\shdocvw.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 597504 --a------ C:\WINDOWS\system32\crypt32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 57344 --a------ C:\WINDOWS\system32\msasn1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 512512 --a------ C:\WINDOWS\system32\cryptui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 176640 --a------ C:\WINDOWS\system32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 144384 --a------ C:\WINDOWS\system32\imagehlp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-08-17 08:28:27 332288 --a------ C:\WINDOWS\system32\netapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-12-06 21:07:14 659456 --a------ C:\WINDOWS\system32\wininet.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 172032 --a------ C:\WINDOWS\system32\wldap32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 90624 --a------ C:\WINDOWS\system32\mydocs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 143872 --a------ C:\WINDOWS\system32\ntshrui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 58880 --a------ C:\WINDOWS\system32\atl.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 08:00:00 723456 --a------ C:\WINDOWS\system32\userenv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2007-10-14 02:42:28 37888 --a------ C:\Documents and Settings\Tyler\Local Settings\Temp\~ufifwws.tmp\dss.dll
2004-08-04 08:00:00 178176 --a------ C:\WINDOWS\system32\wbem\wbemdisp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 413696 --a------ C:\WINDOWS\system32\msvcp60.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual C++>
2004-08-04 08:00:00 18944 --a------ C:\WINDOWS\system32\wbem\wbemprox.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 214528 --a------ C:\WINDOWS\system32\wbem\wbemcomn.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 95232 --a------ C:\WINDOWS\system32\wbem\wmiutils.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 2897920 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 43520 --a------ C:\WINDOWS\system32\wbem\wbemsvc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 472064 --a------ C:\WINDOWS\system32\wbem\fastprox.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 67072 --a------ C:\WINDOWS\system32\ntdsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-06-26 13:37:10 148480 --a------ C:\WINDOWS\system32\dnsapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2004-08-04 08:00:00 23040 --a------ C:\WINDOWS\system32\psapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Files created between 2008-03-01 and 2008-04-01 -----------------------------

2008-03-29 19:53:12 0 d-------- C:\fsaua.data
2008-03-29 18:43:16 0 d-------- C:\_OTMoveIt
2008-03-29 18:41:02 59438826 --a------ C:\RegBackup.reg
2008-03-29 17:40:35 0 d-------- C:\HostsXpert
2008-03-28 22:06:53 0 d-------- C:\WINDOWS\ERDNT
2008-03-28 22:06:19 0 d-------- C:\Deckard
2008-03-28 21:31:44 0 d-------- C:\VundoFix Backups
2008-03-28 21:15:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2008-03-25 15:13:24 0 d-------- C:\Program Files\Spybot - Search & Destroy
2008-03-25 15:13:24 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-23 21:33:54 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-23 21:33:43 0 d-------- C:\Program Files\SpywareBlaster
2008-03-23 21:11:20 0 d-------- C:\Program Files\Trend Micro
2008-03-23 20:19:36 0 d--hs---- C:\WINDOWS\CSC
2008-03-13 18:08:59 0 d-------- C:\Config.Msi
2008-03-10 20:49:53 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys <Not Verified; ALWIL Software; avast! Antivirus System>
2008-03-10 20:49:52 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys <Not Verified; ALWIL Software; avast! Antivirus System>
2008-03-10 20:49:51 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys <Not Verified; ALWIL Software; avast! Antivirus System>
2008-03-10 20:49:46 95608 --a------ C:\WINDOWS\system32\AvastSS.scr <Not Verified; ALWIL Software; avast! Antivirus>
2008-03-10 20:49:39 94544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys <Not Verified; ALWIL Software; avast! Antivirus System>
2008-03-10 20:49:39 93264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys <Not Verified; ALWIL Software; avast! Antivirus System>
2008-03-10 20:49:25 837496 --a------ C:\WINDOWS\system32\aswBoot.exe <Not Verified; ALWIL Software; avast! Antivirus>
2008-03-10 20:49:15 0 d-------- C:\Program Files\Alwil Software
2008-03-10 20:09:08 0 d-------- C:\WINDOWS\pss
2008-03-08 16:30:05 0 d-------- C:\WINDOWS\Minidump


-- Find3M Report ---------------------------------------------------------------

2008-04-01 17:58:03 0 d-------- C:\Program Files\Mozilla Firefox
2008-04-01 17:56:59 2048 --a-s---- C:\WINDOWS\bootstat.dat
2008-04-01 17:56:54 1598029824 --ahs---- C:\pagefile.sys
2008-03-31 19:44:43 0 d-------- C:\Documents and Settings\Tyler\Application Data\uTorrent
2008-03-29 18:43:43 0 d-------- C:\Program Files\Common Files
2008-03-28 21:14:41 0 d---s---- C:\Documents and Settings\Tyler\Application Data\Microsoft
2008-03-10 20:50:59 0 d-------- C:\Program Files\PeerGuardian2
2008-03-10 20:03:53 312172 --a------ C:\WINDOWS\system32\perfh009.dat
2008-03-10 20:03:53 40394 --a------ C:\WINDOWS\system32\perfc009.dat
2008-03-08 16:26:17 12632 --a------ C:\WINDOWS\system32\lsdelete.exe
2008-03-05 12:30:54 19148408 --a------ C:\WINDOWS\system32\MRT.exe <Not Verified; Microsoft Corporation; Microsoft Windows Malicious Software Removal Tool>
2008-03-03 16:03:54 0 d-------- C:\Documents and Settings\Tyler\Application Data\Move Networks
2008-02-28 04:13:16 113376 --a------ C:\WINDOWS\system32\FNTCACHE.DAT
2008-02-28 04:03:49 0 d-------- C:\Program Files\Common Files\Microsoft Shared
2008-02-13 04:02:44 0 d-------- C:\Program Files\Internet Explorer
2008-02-06 02:23:51 0 d-------- C:\Program Files\Full Tilt Poker
2008-02-06 02:17:52 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-02-04 17:59:36 0 d-------- C:\Program Files\Power Tab Software
2008-01-06 12:52:51 1643 --a------ C:\WINDOWS\mozver.dat


-- End of Deckard's System Scanner: finished at 2008-04-01 18:00:28 ------------

#13 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:03:50 PM

Posted 02 April 2008 - 06:57 PM

Hi funkapotam0s

Step 1
Please go to Start > Run. In the box that appears, carefully copy and paste the following:

"%Userprofile%\Desktop\dss.exe" /daft

Accept the disclaimer, and click the "Scan" button. Place a checkmark next to everything that appears and press "Fix". Afterwards, close the window.

Step 2
The DSS scan is showing that:

Windows Internal Firewall is disabled.

But i see no other Firewall in your log??
You need to be running a Firewall.

For the time being please turn on the 'Windows' Firewall via Start > Control Panel > Security Center > Windows Firewall. This is better than nothing but it only protects against incoming traffic. It doesn't protect you against outgoing baddies trying to "phone home". I strongly recommend that you install a firewall that monitors traffic in both directions. Please have a look at >this tutorial< about understanding and using firewalls.

Some free firewalls are:NOTE: If choosing Zone Alarm be aware that the free version also installs ZoneAlarm Spy Blocker. It is recommended however that you UNcheck this option.

Step 3
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. A malicious site could render Java content under older, vulnerable versions of Sun's software if the user has not removed them. Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) 6 Update 5 and save it to your desktop.
  • Scroll down to where it says "Java Runtime Environment (JRE) 6u5...allows end-users to run Java applications".
  • Click the "Download" button to the right.
  • Read the License Agreement and then check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u5-windows-i586-p.exe to install the newest version.
Step 4
* Clean your Cache and Cookies in IE:
  • Close all instances of Outlook Express and Internet Explorer
  • Go to Control Panel > Internet Options > General tab
  • Click the "Delete Cookies" button
  • Next to it, Click the "Delete Files" button
  • When prompted, place a check in: "Delete all offline content", click OK
* Clean your Cache and Cookies in Firefox (In case you also have Firefox installed):
  • Go to Tools > Options.
  • Click Privacy in the menu on the left side of the Options window.
  • Click the Clear button located to the right of each option (History, Cookies, Cache).
  • Click OK to close the Options window
    Alternatively, you can clear all information stored while browsing by clicking Clear All.
    A confirmation dialog box will be shown before clearing the information.
* Clean other Temporary files + Recycle bin
  • Go to start > run and type: cleanmgr and click ok.
  • Let it scan your system for files to remove.
  • Make sure Temporary Files, Temporary Internet Files, and Recycle Bin are the only things checked.
  • Press OK to remove them.
Step 5
I'd like to double check everything.
Download and scan with SUPERAntiSypware Free for Home Users
  • Double-click SUPERAntiSypware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
  • Under "Configuration and Preferences", click the Preferences button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.

    Now close SuperantiSpyware down.

    Next, please reboot your computer in Safe Mode by doing the following :

    * Restart your computer
    * After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
    * Instead of Windows loading as normal, a menu with options should appear;
    You will need to use the 'keyboard arrow keys' to navigate on this menu.
    * Select the first option, to run Windows in Safe Mode, then press "Enter".
    * Then choose your usual account.

    Restart SuperantiSpyware
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
Note:I've noticed that sometimes the scan report isn't visible.... if this is the case. Reboot into 'Safe Mode' and try the instructions again.
Sometimes the reports are visible in Safe Mode.

In your next reply, please submit :
SuperAntiSpyware scan results
and a new Hjt log.
Could you also let me know if things have improved and how everything's running now... any problems?

Thanks

BBPP6nz.png


#14 funkapotam0s

funkapotam0s
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:11:50 AM

Posted 02 April 2008 - 08:09 PM

When I perform step 1, it says "all associations okay" and nothing pops up

#15 Starbuck

Starbuck

    'r Brudiwr


  • Malware Response Team
  • 4,150 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Midlands, UK
  • Local time:03:50 PM

Posted 03 April 2008 - 02:01 PM

Hi funkapotam0s

Please continue with the rest of the steps.
When finished.... please post back another DSS scan report, following the previous instructions.

Thanks.

BBPP6nz.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users