Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HJT LOG - pamd


  • Please log in to reply
26 replies to this topic

#1 pamd

pamd

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:41 AM

Posted 06 January 2005 - 03:45 PM

Logfile of HijackThis v1.99.0
Scan saved at 20:28:58, on 06/01/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\MMDiag.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Outlook Express\msimn.exe
C:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) = http://fastsearchweb.com/srh.php?q=%s
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by blueyonder
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O3 - Toolbar: FreshBar - {06ABAA2D-34AB-4902-A326-409BD9B9A7A5} - C:\WINDOWS\System32\iecust.dll (file missing)
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [MimBoot] C:\Program Files\Musicmatch\Musicmatch Jukebox\mimboot.exe
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - Startup: msimn.lnk = C:\Program Files\Outlook Express\msimn.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.broadband.blueyonder.co.uk
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: http://*.search-soft.net
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5co...b?1101063504021
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab
O23 - Service: AVG7 Alert Manager Server - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Sygate Personal Firewall - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: StyleXPService - Unknown - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

Hi,
when i run AVG it finds a Trojan Downloader.Agent.6.l in c:\windows\system32
the file name is ms**.dll (where * is a random letter) - when I get AVG to heal & delete the file it re-appears the next time I boot up
Any help will be greatly received

BC AdBot (Login to Remove)

 


m

#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:41 AM

Posted 06 January 2005 - 11:51 PM

You have a new nasty one...when you open IE does it go to:

shdoclc.dll/navcancl.htm ?

Reboot, dont run AVG, and do a search on the computer for files that start with ms and are a dll.. For example:

ms*.dll

Tell me what it finds

#3 pamd

pamd
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:41 AM

Posted 07 January 2005 - 11:17 AM

Grinler,
many thanx for speedy response.

I checked for files with ms*.dll but there are over 750
check of files with ms??.dll gave 9 replies

msoe.dll in C:\Program Files\Outlook Express
msoe.dll in C:\WINDOWS\$NtServicePackUninstall$
msab.dll in C:\WINDOWS\system32
msef.dll in C:\WINDOWS\system32
mstu.dll in C:\WINDOWS\system32
msyz.dll in C:\WINDOWS\system32
MSOC.DLL in C:\Program Files\Microsoft Office\Office
msoe.dll in C:\WINDOWS\ServicePackFiles\i386
msoe.dll in C:\WINDOWS\SoftwareDistribution\Download\6ca7b3a8efd5a9b6f87fff395a2eb989

IE was defaulting to somewhere else but I seem to have that back to normal now

latest AVG scan identified the 4 files in system32 above as viruses.

#4 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:41 AM

Posted 07 January 2005 - 07:27 PM

Try this:

Ok I made a better batch file that will make it easier for us to find the infection.

Download the following file:

Download FindHalox.zip

Save the file to your desktop and extract it there. Then double-click on the findhalox folder and then double-click on the findhalox.bat file. Select option 1 and wait until a notepad is opened.

Paste the contents of that notepad as a reply to this topic

#5 pamd

pamd
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:41 AM

Posted 08 January 2005 - 12:50 PM

Grinler,
I assume you mean select 2, as selecting 1 didn't appear to do anything.
Here is the list of files.

Volume in drive C has no label.
Volume Serial Number is E8A3-6CB5

Directory of C:\WINDOWS\system32

08/01/2005 17:23 11,776 mshi.dll
10/12/2004 19:43 503,808 msvcp71.dll
10/12/2004 19:43 348,160 msvcr71.dll
29/09/2004 18:47 3,004,928 mshtml.dll
11/08/2004 01:45 311,296 MSWMDM.dll
11/08/2004 01:45 360,176 MSSCP.dll
11/08/2004 01:45 25,088 MsPMSNSv.dll
11/08/2004 01:45 169,472 MsPMSP.dll
11/08/2004 01:45 141,312 msnetobj.dll
04/08/2004 00:56 245,248 mswsock.dll
04/08/2004 00:56 701,440 msxml2.dll
04/08/2004 00:56 204,288 mswebdvd.dll
04/08/2004 00:56 831,519 mswdat10.dll
04/08/2004 00:56 1,236,480 msxml3.dll
04/08/2004 00:56 614,429 mswstr10.dll
04/08/2004 00:56 506,368 msxml.dll
04/08/2004 00:56 348,189 msxbde40.dll
04/08/2004 00:56 17,408 msyuv.dll
04/08/2004 00:56 58,880 msdtclog.dll
04/08/2004 00:56 425,472 msdtcprx.dll
04/08/2004 00:56 949,248 msdtctm.dll
04/08/2004 00:56 161,280 msdtcuiu.dll
04/08/2004 00:56 1,392,671 msvbvm60.dll
04/08/2004 00:56 129,536 msv1_0.dll
04/08/2004 00:56 512,029 msexch40.dll
04/08/2004 00:56 195,072 msutb.dll
04/08/2004 00:56 319,517 msexcl40.dll
04/08/2004 00:56 115,712 mstlsapi.dll
04/08/2004 00:56 537,088 msftedit.dll
04/08/2004 00:56 994,304 msgina.dll
04/08/2004 00:56 33,792 msgsvc.dll
04/08/2004 00:56 14,336 msdmo.dll
04/08/2004 00:56 151,552 msdart.dll
04/08/2004 00:56 448,512 mshtmled.dll
04/08/2004 00:56 530,432 mstime.dll
04/08/2004 00:56 2,804,224 msi.dll
04/08/2004 00:56 51,712 msident.dll
04/08/2004 00:56 6,656 msidle.dll
04/08/2004 00:56 118,784 msdadiag.dll
04/08/2004 00:56 248,832 msieftp.dll
04/08/2004 00:56 331,264 msihnd.dll
04/08/2004 00:56 4,608 msimg32.dll
04/08/2004 00:56 69,120 msctfp.dll
04/08/2004 00:56 72,704 msw3prt.dll
04/08/2004 00:56 159,232 msimtf.dll
04/08/2004 00:56 274,944 mstask.dll
04/08/2004 00:56 294,400 msctf.dll
04/08/2004 00:56 44,032 msisip.dll
04/08/2004 00:56 36,864 mscpxl32.dll
04/08/2004 00:56 134,656 mssap.dll
04/08/2004 00:56 54,784 msvcirt.dll
04/08/2004 00:56 1,507,356 msjet40.dll
04/08/2004 00:56 11,264 msrle32.dll
04/08/2004 00:56 69,632 msconf.dll
04/08/2004 00:56 151,583 msjint40.dll
04/08/2004 00:56 73,728 mscms.dll
04/08/2004 00:56 53,279 msjter40.dll
04/08/2004 00:56 241,693 msjtes40.dll
04/08/2004 00:56 25,088 mslbui.dll
04/08/2004 00:56 552,989 msrepl40.dll
04/08/2004 00:56 213,023 msltus40.dll
04/08/2004 00:56 413,696 msvcp60.dll
04/08/2004 00:56 290,816 msnsspc.dll
04/08/2004 00:56 57,344 msasn1.dll
04/08/2004 00:56 252,928 msoeacct.dll
04/08/2004 00:56 105,984 msoert2.dll
04/08/2004 00:56 86,016 msapsspc.dll
04/08/2004 00:56 143,360 msorcl32.dll
04/08/2004 00:56 315,423 msrd3x40.dll
04/08/2004 00:56 30,208 mspatcha.dll
04/08/2004 00:56 348,189 mspbde40.dll
04/08/2004 00:56 343,040 msvcrt.dll
04/08/2004 00:56 71,680 msacm32.dll
04/08/2004 00:56 421,919 msrd2x40.dll
04/08/2004 00:56 120,832 msvfw32.dll
04/08/2004 00:56 258,077 mstext40.dll
04/08/2004 00:56 146,432 msrating.dll
04/08/2004 00:56 1,428,480 msvidctl.dll
04/08/2004 00:56 20,480 msorc32r.dll
04/08/2004 00:56 48,128 msprivs.dll
04/08/2004 00:56 884,736 msimsg.dll
04/08/2004 00:56 56,832 mshtmler.dll
04/08/2004 00:56 12,288 mscpx32r.dll
04/08/2004 00:56 4,126 msdxmlc.dll
04/08/2004 00:56 3,584 msafd.dll
03/08/2004 22:59 655,360 mstscax.dll
03/08/2004 22:58 61,440 msvcrt40.dll
17/07/2004 11:34 358,976 msjetoledb40.dll
28/02/2003 18:26 21,264 msjdbc10.dll
28/02/2003 18:26 947,472 msjava.dll
28/02/2003 18:26 154,384 msawt.dll
05/01/2002 11:40 487,424 msvcp70.dll
05/01/2002 11:38 54,784 msvci70.dll
05/01/2002 11:37 344,064 msvcr70.dll
18/08/2001 12:00 13,312 msswch.dll
18/08/2001 12:00 37,916 msxml2r.dll
18/08/2001 12:00 69,632 msr2c.dll
18/08/2001 12:00 14,848 msidntld.dll
18/08/2001 12:00 33,280 msobjs.dll
18/08/2001 12:00 368,710 msisam11.dll
18/08/2001 12:00 28,746 msrecr40.dll
18/08/2001 12:00 241,725 msuni11.dll
18/08/2001 12:00 26,624 msxmlr.dll
18/08/2001 12:00 94,282 msencode.dll
18/08/2001 12:00 1,355,776 msvbvm50.dll
18/08/2001 12:00 73,802 msrclr40.dll
18/08/2001 12:00 4,608 mssip32.dll
18/08/2001 12:00 102,912 msaatext.dll
18/08/2001 12:00 565,760 msvcp50.dll
18/08/2001 12:00 7,168 mscat32.dll
18/08/2001 12:00 35,840 mssign32.dll
18/08/2001 12:00 44,032 msxml3r.dll
18/08/2001 12:00 146,432 msls31.dll
18/08/2001 12:00 65,024 msaudite.dll
18/08/2001 12:00 60,416 msratelc.dll
18/08/2001 12:00 253,952 msvcrt20.dll
18/08/2001 12:00 41,984 msports.dll
18/08/2001 12:00 61,168 msacm.dll
18/08/2001 12:00 25,600 msvidc32.dll
18/08/2001 12:00 7,168 msr2cenu.dll
18/08/2001 12:00 126,912 msvideo.dll
14/03/2000 11:04 118,784 MSSTDFMT.DLL
01/06/1998 00:00 176,128 MSTEXT35.DLL
01/06/1998 00:00 417,792 MSREPL35.DLL
01/06/1998 00:00 262,144 MSEXCL35.DLL
01/06/1998 00:00 262,144 MSRD2X35.DLL
01/06/1998 00:00 589,824 MSPST32.DLL
01/06/1998 00:00 36,864 MSJTER35.DLL
01/06/1998 00:00 294,912 MSXBSE35.DLL
01/06/1998 00:00 139,264 MSJINT35.DLL
01/06/1998 00:00 1,056,768 MSJET35.DLL
01/06/1998 00:00 561,152 MSFS32.DLL
11/07/1997 00:00 139,264 MSIMUSIC.DLL
11/07/1997 00:00 376,832 MSRDO20.DLL
11/07/1997 00:00 11,776 MSOTHUNK.DLL
11/07/1997 00:00 32,768 MSIMRT.DLL
136 File(s) 41,491,080 bytes
0 Dir(s) 5,145,740,800 bytes free

#6 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:41 AM

Posted 08 January 2005 - 07:21 PM

What happened when you pressed 1? I did want you to do option 1

#7 pamd

pamd
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:41 AM

Posted 08 January 2005 - 07:52 PM

Grinler,
It didn't appear to do anything the 1st time but I've tried it again - got a message saying 'please be patient. this will take a while' then when notepad came up this was all that was in it

------------------------------------------------------------------------------
# #
# This log will contain a series of tests. Some of the files that are found #
# could be legitimate so do not delete anything without supervision. #
# #
# Please provide the output of this listing as a reply to the topic #
# where you are receiving help. #
# #
------------------------------------------------------------------------------


---- Test1: Files that contain the string getc.php? ----


---- Test2: Files that contain the string xaloH ----


---- Test3: Files that are packed with UPX ----

#8 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:41 AM

Posted 08 January 2005 - 09:24 PM

Can you please zip and email the following files to grinler@yahoo.com:

c:\windows\system32\mshi.dll

When you email me, please include a link to this topic. In your reply let us know if you sent the files.

Thanks

#9 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:41 AM

Posted 08 January 2005 - 09:36 PM

Also redownload findhalox:

http://www.bleepingcomputer.com/files/findhalox.php

I have updated it. Run option 1 again and post the log.

#10 pamd

pamd
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:41 AM

Posted 09 January 2005 - 07:39 AM

Grinler,
Here is the result using new Halox

This log will contain a series of tests. Some of the files that are found
could be legitimate so do not delete anything without supervision.

Please provide the output of this listing as a reply to the topic #
where you are receiving help. #


---- Test 1: Files that contain the string getc.php? ----


---- Test 2: Files that contain the string xaloH ----


---- Test 3: Files that are packed with UPX ----


---- Test 4: Files in C:\WINDOWS\SYSTEM32 matching *.da0 ----
Volume in drive C has no label.
Volume Serial Number is E8A3-6CB5

Directory of C:\WINDOWS\system32



---- Test 5: Files in C:\WINDOWS\SYSTEM32 matching *.cfg ----
Volume in drive C has no label.
Volume Serial Number is E8A3-6CB5

Directory of C:\WINDOWS\system32



I cannot zip the file as i get the following error in Winzip

Action: Add (and replace) files Include subfolders: no Save full path: no
Include system and hidden files: yes
Adding msde.dll
Warning: could not open for reading: C:/WINDOWS/system32/msde.dll
copying Zip file

#11 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:41 AM

Posted 09 January 2005 - 10:14 PM

Reboot into safe mode and see if you can copy the c:\windows\system32\msde.dll file to your c:\ drive. Then zip it up and send it.

Also redownload findhalox.zip and run option 1 again and post its log.

#12 pamd

pamd
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:41 AM

Posted 10 January 2005 - 02:08 PM

Grinler,
Latest halox result below. I think I've managed to zip a couple of the infected files in safe mode and have emailed them to you.


This log will contain a series of tests. Some of the files that are found
could be legitimate so do not delete anything without supervision.

Please provide the output of this listing as a reply to the topic #
where you are receiving help. #


---- Test 1: Files that contain the string getc.php? ----


---- Test 2: Files that contain the string xaloH ----


---- Test 3: Files that are packed with UPX ----


---- Test 4: Files in C:\WINDOWS\SYSTEM32 matching *.da0 ----

No matches found.


---- Test 5: Files in C:\WINDOWS\SYSTEM32 matching *.cfg ----

No matches found.

#13 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:41 AM

Posted 10 January 2005 - 11:42 PM

Download this file:

http://www.bleepingcomputer.com/files/pv.php

and extract it to c:\pv.

Navigate to that directory and double-click on the runme.bat file. Then press the number 1 when its done it will open a notepad.

Then do the same thing for options 2 and 3. Paste all three logs in here as a reply and let me look it over. This is the last thing I can think of.

#14 pamd

pamd
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:02:41 AM

Posted 11 January 2005 - 02:12 PM

Pv option 3 showed the following in the window but the notepad had nothing in it
'pv: No matching process found"

options 1 & 2 below...


Module information for 'Explorer.EXE'
MODULE BASE SIZE PATH
Explorer.EXE 1000000 1044480 C:\WINDOWS\Explorer.EXE 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Windows Explorer
ntdll.dll 7c900000 720896 C:\WINDOWS\system32\ntdll.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) NT Layer DLL
kernel32.dll 7c800000 999424 C:\WINDOWS\system32\kernel32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT BASE API Client DLL
msvcrt.dll 77c10000 360448 C:\WINDOWS\system32\msvcrt.dll 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT CRT DLL
ADVAPI32.dll 77dd0000 634880 C:\WINDOWS\system32\ADVAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Advanced Windows 32 Base API
RPCRT4.dll 77e70000 593920 C:\WINDOWS\system32\RPCRT4.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Remote Procedure Call Runtime
GDI32.dll 77f10000 286720 C:\WINDOWS\system32\GDI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) GDI Client DLL
USER32.dll 77d40000 589824 C:\WINDOWS\system32\USER32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows XP USER API Client DLL
SHLWAPI.dll 77f60000 483328 C:\WINDOWS\system32\SHLWAPI.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Shell Light-weight Utility Library
SHELL32.dll 7c9c0000 8470528 C:\WINDOWS\system32\SHELL32.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Windows Shell Common Dll
ole32.dll 774e0000 1294336 C:\WINDOWS\system32\ole32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft OLE for Windows
OLEAUT32.dll 77120000 573440 C:\WINDOWS\system32\OLEAUT32.dll 5.1.2600.2180
BROWSEUI.dll 75f80000 1032192 C:\WINDOWS\system32\BROWSEUI.dll 6.00.2900.2518 (xpsp_sp2_gdr.040919-1056) Shell Browser UI Library
SHDOCVW.dll 77760000 1490944 C:\WINDOWS\system32\SHDOCVW.dll 6.00.2900.2518 (xpsp_sp2_gdr.040919-1056) Shell Doc Object and Control Library
CRYPT32.dll 77a80000 606208 C:\WINDOWS\system32\CRYPT32.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Crypto API32
MSASN1.dll 77b20000 73728 C:\WINDOWS\system32\MSASN1.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ASN.1 Runtime APIs
CRYPTUI.dll 754d0000 524288 C:\WINDOWS\system32\CRYPTUI.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Trust UI Provider
WINTRUST.dll 76c30000 188416 C:\WINDOWS\system32\WINTRUST.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Trust Verification APIs
IMAGEHLP.dll 76c90000 163840 C:\WINDOWS\system32\IMAGEHLP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT Image Helper
NETAPI32.dll 5b860000 344064 C:\WINDOWS\system32\NETAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Net Win32 API DLL
WININET.dll 771b0000 679936 C:\WINDOWS\system32\WININET.dll 6.00.2900.2518 (xpsp_sp2_gdr.040919-1056) Internet Extensions for Win32
WLDAP32.dll 76f60000 180224 C:\WINDOWS\system32\WLDAP32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Win32 LDAP API DLL
VERSION.dll 77c00000 32768 C:\WINDOWS\system32\VERSION.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Version Checking and File Installation Libraries
UxTheme.dll 5ad70000 229376 C:\WINDOWS\system32\UxTheme.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Microsoft UxTheme Library
ShimEng.dll 5cb70000 155648 C:\WINDOWS\system32\ShimEng.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Shim Engine DLL
AcGenral.DLL 6f880000 1875968 C:\WINDOWS\AppPatch\AcGenral.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Compatibility DLL
WINMM.dll 76b40000 184320 C:\WINDOWS\system32\WINMM.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) MCI API DLL
MSACM32.dll 77be0000 86016 C:\WINDOWS\system32\MSACM32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft ACM Audio Filter
USERENV.dll 769c0000 733184 C:\WINDOWS\system32\USERENV.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Userenv
comctl32.dll 773d0000 1056768 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll 6.0 (xpsp_sp2_rtm.040803-2158) User Experience Controls Library
comctl32.dll 5d090000 618496 C:\WINDOWS\system32\comctl32.dll 5.82 (xpsp_sp2_rtm.040803-2158) Common Controls Library
appHelp.dll 77b40000 139264 C:\WINDOWS\system32\appHelp.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Application Compatibility Client Library
CLBCATQ.DLL 76fd0000 520192 C:\WINDOWS\system32\CLBCATQ.DLL 2001.12.4414.258
COMRes.dll 77050000 806912 C:\WINDOWS\system32\COMRes.dll 2001.12.4414.258
cscui.dll 77a20000 344064 C:\WINDOWS\System32\cscui.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Client Side Caching UI
CSCDLL.dll 76600000 118784 C:\WINDOWS\System32\CSCDLL.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Offline Network Agent
themeui.dll 5ba60000 462848 C:\WINDOWS\System32\themeui.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Windows Theme API
Secur32.dll 77fe0000 69632 C:\WINDOWS\System32\Secur32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Security Support Provider Interface
MSIMG32.dll 76380000 20480 C:\WINDOWS\System32\MSIMG32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) GDIEXT Client DLL
xpsp2res.dll 20000000 2904064 C:\WINDOWS\system32\xpsp2res.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Service Pack 2 Messages
ACTXPRXY.DLL 71d40000 114688 C:\WINDOWS\system32\ACTXPRXY.DLL 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ActiveX Interface Marshaling Library
urlmon.dll 77260000 647168 C:\WINDOWS\system32\urlmon.dll 6.00.2900.2518 (xpsp_sp2_gdr.040919-1056) OLE32 Extensions for Win32
LINKINFO.dll 76980000 32768 C:\WINDOWS\system32\LINKINFO.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Volume Tracking
ntshrui.dll 76990000 151552 C:\WINDOWS\system32\ntshrui.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Shell extensions for sharing
ATL.DLL 76b20000 69632 C:\WINDOWS\system32\ATL.DLL 3.05.2284 ATL Module for Windows XP (Unicode)
SAMLIB.dll 71bf0000 77824 C:\WINDOWS\system32\SAMLIB.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) SAM Library DLL
SETUPAPI.dll 77920000 995328 C:\WINDOWS\system32\SETUPAPI.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Setup API
NETSHELL.dll 76400000 1728512 C:\WINDOWS\system32\NETSHELL.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Network Connections Shell
rtutils.dll 76e80000 57344 C:\WINDOWS\system32\rtutils.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Routing Utilities
credui.dll 76c00000 188416 C:\WINDOWS\system32\credui.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Credential Manager User Interface
WS2_32.dll 71ab0000 94208 C:\WINDOWS\system32\WS2_32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 32-Bit DLL
WS2HELP.dll 71aa0000 32768 C:\WINDOWS\system32\WS2HELP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 Helper for Windows NT
iphlpapi.dll 76d60000 102400 C:\WINDOWS\system32\iphlpapi.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) IP Helper API
WINSTA.dll 76360000 65536 C:\WINDOWS\system32\WINSTA.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Winstation Library
webcheck.dll 74b30000 286720 C:\WINDOWS\System32\webcheck.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Web Site Monitor
WSOCK32.dll 71ad0000 36864 C:\WINDOWS\System32\WSOCK32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 32-Bit DLL
stobject.dll 76280000 135168 C:\WINDOWS\System32\stobject.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Systray shell service object
BatMeter.dll 74af0000 40960 C:\WINDOWS\System32\BatMeter.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Battery Meter Helper DLL
POWRPROF.dll 74ad0000 32768 C:\WINDOWS\System32\POWRPROF.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Power Profile Helper DLL
WTSAPI32.dll 76f50000 32768 C:\WINDOWS\System32\WTSAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Terminal Server SDK APIs
wdmaud.drv 72d20000 36864 C:\WINDOWS\system32\wdmaud.drv 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) WDM Audio driver mapper
msacm32.drv 72d10000 32768 C:\WINDOWS\system32\msacm32.drv 5.1.2600.0 (xpclient.010817-1148) Microsoft Sound Mapper
midimap.dll 77bd0000 28672 C:\WINDOWS\system32\midimap.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft MIDI Mapper
rsaenh.dll ffd0000 163840 C:\WINDOWS\system32\rsaenh.dll 5.1.2600.2161 (xpsp.040706-1629) Microsoft Enhanced Cryptographic Provider
MPR.dll 71b20000 73728 C:\WINDOWS\system32\MPR.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Multiple Provider Router DLL
drprov.dll 75f60000 28672 C:\WINDOWS\System32\drprov.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Terminal Server Network Provider
ntlanman.dll 71c10000 57344 C:\WINDOWS\System32\ntlanman.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft® Lan Manager
NETUI0.dll 71cd0000 94208 C:\WINDOWS\System32\NETUI0.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) NT LM UI Common Code - GUI Classes
NETUI1.dll 71c90000 262144 C:\WINDOWS\System32\NETUI1.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) NT LM UI Common Code - Networking classes
NETRAP.dll 71c80000 28672 C:\WINDOWS\System32\NETRAP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Net Remote Admin Protocol DLL
davclnt.dll 75f70000 36864 C:\WINDOWS\System32\davclnt.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Web DAV Client DLL
SSSensor.dll 61f0000 86016 C:\WINDOWS\system32\SSSensor.dll 5. 5. 0. 5 ScreenSaver Sensor
avgse.dll 621a0000 57344 C:\Program Files\Grisoft\AVG Free\avgse.dll 7,1,0,285 AVG Shell Extension
MSVCP71.dll 7c3c0000 503808 C:\WINDOWS\system32\MSVCP71.dll 7.10.4301.0 Microsoft® C++ Runtime Library
MSVCR71.dll 7c360000 352256 C:\WINDOWS\system32\MSVCR71.dll 7.10.6014.4 Microsoft® C Runtime Library
WZSHLSTB.DLL 16200000 24576 C:\PROGRA~1\WinZip\WZSHLSTB.DLL 3.0 (32-bit) WinZip Shell Extension DLL
arshellext.dll 10000000 94208 C:\Program Files\Mythicsoft\Agent Ransack\arshellext.dll 1, 0, 0, 1 AgentRansackShellExt Module
browselc.dll 15e0000 73728 C:\WINDOWS\system32\browselc.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Shell Browser UI Library
DUSER.dll 6c1b0000 315392 C:\WINDOWS\system32\DUSER.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows DirectUser Engine
shdoclc.dll 2740000 557056 C:\WINDOWS\system32\shdoclc.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Shell Doc Object and Control Library
MSGINA.dll 75970000 1011712 C:\WINDOWS\system32\MSGINA.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT Logon GINA DLL
ODBC32.dll 74320000 249856 C:\WINDOWS\system32\ODBC32.dll 3.525.1117.0 (xpsp_sp2_rtm.040803-2158) Microsoft Data Access - ODBC Driver Manager
comdlg32.dll 763b0000 299008 C:\WINDOWS\system32\comdlg32.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Common Dialogs DLL
odbcint.dll 28d0000 94208 C:\WINDOWS\system32\odbcint.dll 3.525.1117.0 (xpsp_sp2_rtm.040803-2158) Microsoft Data Access - ODBC Resources
mshtml.dll 7d4a0000 3026944 C:\WINDOWS\System32\mshtml.dll 6.00.2900.2523 (xpsp_sp2_gdr.040919-1056) Microsoft ® HTML Viewer
msls31.dll 746c0000 159744 C:\WINDOWS\System32\msls31.dll 3.10.349.0 Microsoft Line Services library file
mlang.dll 75cf0000 593920 C:\WINDOWS\system32\mlang.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Multi Language Support DLL
MSISIP.DLL 605f0000 57344 C:\WINDOWS\system32\MSISIP.DLL 3.0.3790.2180 MSI Signature SIP Provider
wshext.dll 74ea0000 65536 C:\WINDOWS\System32\wshext.dll 5.6.0.8820 Microsoft ® Shell Extension for Windows Script Host
MFC42.DLL 73dd0000 1040384 C:\WINDOWS\system32\MFC42.DLL 6.02.4131.0 MFCDLL Shared Library - Retail Version



Module information for 'iexplore.exe'
MODULE BASE SIZE PATH
iexplore.exe 400000 102400 C:\Program Files\Internet Explorer\iexplore.exe 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Internet Explorer
ntdll.dll 7c900000 720896 C:\WINDOWS\system32\ntdll.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) NT Layer DLL
kernel32.dll 7c800000 999424 C:\WINDOWS\system32\kernel32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT BASE API Client DLL
msvcrt.dll 77c10000 360448 C:\WINDOWS\system32\msvcrt.dll 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT CRT DLL
USER32.dll 77d40000 589824 C:\WINDOWS\system32\USER32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows XP USER API Client DLL
GDI32.dll 77f10000 286720 C:\WINDOWS\system32\GDI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) GDI Client DLL
SHLWAPI.dll 77f60000 483328 C:\WINDOWS\system32\SHLWAPI.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Shell Light-weight Utility Library
ADVAPI32.dll 77dd0000 634880 C:\WINDOWS\system32\ADVAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Advanced Windows 32 Base API
RPCRT4.dll 77e70000 593920 C:\WINDOWS\system32\RPCRT4.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Remote Procedure Call Runtime
SHDOCVW.dll 77760000 1490944 C:\WINDOWS\system32\SHDOCVW.dll 6.00.2900.2518 (xpsp_sp2_gdr.040919-1056) Shell Doc Object and Control Library
CRYPT32.dll 77a80000 606208 C:\WINDOWS\system32\CRYPT32.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Crypto API32
MSASN1.dll 77b20000 73728 C:\WINDOWS\system32\MSASN1.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ASN.1 Runtime APIs
CRYPTUI.dll 754d0000 524288 C:\WINDOWS\system32\CRYPTUI.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Trust UI Provider
WINTRUST.dll 76c30000 188416 C:\WINDOWS\system32\WINTRUST.dll 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Trust Verification APIs
IMAGEHLP.dll 76c90000 163840 C:\WINDOWS\system32\IMAGEHLP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows NT Image Helper
OLEAUT32.dll 77120000 573440 C:\WINDOWS\system32\OLEAUT32.dll 5.1.2600.2180
ole32.dll 774e0000 1294336 C:\WINDOWS\system32\ole32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft OLE for Windows
NETAPI32.dll 5b860000 344064 C:\WINDOWS\system32\NETAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Net Win32 API DLL
WININET.dll 771b0000 679936 C:\WINDOWS\system32\WININET.dll 6.00.2900.2518 (xpsp_sp2_gdr.040919-1056) Internet Extensions for Win32
WLDAP32.dll 76f60000 180224 C:\WINDOWS\system32\WLDAP32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Win32 LDAP API DLL
VERSION.dll 77c00000 32768 C:\WINDOWS\system32\VERSION.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Version Checking and File Installation Libraries
comctl32.dll 773d0000 1056768 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll 6.0 (xpsp_sp2_rtm.040803-2158) User Experience Controls Library
hdhg.dll 10000000 24576 C:\WINDOWS\system32\hdhg.dll
SHELL32.dll 7c9c0000 8470528 C:\WINDOWS\system32\SHELL32.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Windows Shell Common Dll
comctl32.dll 5d090000 618496 C:\WINDOWS\system32\comctl32.dll 5.82 (xpsp_sp2_rtm.040803-2158) Common Controls Library
uxtheme.dll 5ad70000 229376 C:\WINDOWS\system32\uxtheme.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Microsoft UxTheme Library
BROWSEUI.dll 75f80000 1032192 C:\WINDOWS\system32\BROWSEUI.dll 6.00.2900.2518 (xpsp_sp2_gdr.040919-1056) Shell Browser UI Library
browselc.dll 20000000 73728 C:\WINDOWS\system32\browselc.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Shell Browser UI Library
appHelp.dll 77b40000 139264 C:\WINDOWS\system32\appHelp.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Application Compatibility Client Library
CLBCATQ.DLL 76fd0000 520192 C:\WINDOWS\system32\CLBCATQ.DLL 2001.12.4414.258
COMRes.dll 77050000 806912 C:\WINDOWS\system32\COMRes.dll 2001.12.4414.258
urlmon.dll 77260000 647168 C:\WINDOWS\system32\urlmon.dll 6.00.2900.2518 (xpsp_sp2_gdr.040919-1056) OLE32 Extensions for Win32
Secur32.dll 77fe0000 69632 C:\WINDOWS\system32\Secur32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Security Support Provider Interface
cscui.dll 77a20000 344064 C:\WINDOWS\System32\cscui.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Client Side Caching UI
CSCDLL.dll 76600000 118784 C:\WINDOWS\System32\CSCDLL.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Offline Network Agent
SETUPAPI.dll 77920000 995328 C:\WINDOWS\system32\SETUPAPI.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Setup API
USERENV.dll 769c0000 733184 C:\WINDOWS\system32\USERENV.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Userenv
googletoolbar1.dll 15a0000 708608 c:\program files\google\googletoolbar1.dll 2, 0, 114, 9 Google IE Client Toolbar
WSOCK32.dll 71ad0000 36864 C:\WINDOWS\system32\WSOCK32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 32-Bit DLL
WS2_32.dll 71ab0000 94208 C:\WINDOWS\system32\WS2_32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 32-Bit DLL
WS2HELP.dll 71aa0000 32768 C:\WINDOWS\system32\WS2HELP.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Socket 2.0 Helper for Windows NT
WINMM.dll 76b40000 184320 C:\WINDOWS\system32\WINMM.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) MCI API DLL
DBGHELP.DLL 59a60000 659456 C:\WINDOWS\system32\DBGHELP.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Image Helper
RASAPI32.DLL 76ee0000 245760 C:\WINDOWS\system32\RASAPI32.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Remote Access API
rasman.dll 76e90000 73728 C:\WINDOWS\system32\rasman.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Remote Access Connection Manager
TAPI32.dll 76eb0000 192512 C:\WINDOWS\system32\TAPI32.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft® Windows™ Telephony API Client DLL
rtutils.dll 76e80000 57344 C:\WINDOWS\system32\rtutils.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Routing Utilities
msv1_0.dll 77c70000 143360 C:\WINDOWS\system32\msv1_0.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Authentication Package v1.0
iphlpapi.dll 76d60000 102400 C:\WINDOWS\system32\iphlpapi.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) IP Helper API
sensapi.dll 722b0000 20480 C:\WINDOWS\system32\sensapi.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) SENS Connectivity API DLL
shdoclc.dll 1870000 557056 C:\WINDOWS\system32\shdoclc.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Shell Doc Object and Control Library
xpsp2res.dll 1b30000 2904064 C:\WINDOWS\system32\xpsp2res.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Service Pack 2 Messages
nzdd.dll 11000000 1159168 C:\WINDOWS\system32\nzdd.dll 4.0.0.42 RealDownload
comdlg32.dll 763b0000 299008 C:\WINDOWS\system32\comdlg32.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Common Dialogs DLL
mlang.dll 75cf0000 593920 C:\WINDOWS\system32\mlang.dll 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) Multi Language Support DLL
mswsock.dll 71a50000 258048 C:\WINDOWS\system32\mswsock.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Microsoft Windows Sockets 2.0 Service Provider
hnetcfg.dll 662b0000 360448 C:\WINDOWS\system32\hnetcfg.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Home Networking Configuration Manager
wshtcpip.dll 71a90000 32768 C:\WINDOWS\System32\wshtcpip.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows Sockets Helper DLL
rasadhlp.dll 76fc0000 24576 C:\WINDOWS\system32\rasadhlp.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Remote Access AutoDial Helper
DNSAPI.dll 76f20000 159744 C:\WINDOWS\system32\DNSAPI.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) DNS Client API DLL
winrnr.dll 76fb0000 32768 C:\WINDOWS\System32\winrnr.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) LDAP RnR Provider DLL
SSSensor.dll 61f0000 86016 C:\WINDOWS\system32\SSSensor.dll 5. 5. 0. 5 ScreenSaver Sensor
SXS.DLL 75e90000 720896 C:\WINDOWS\system32\SXS.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Fusion 2.5
mshtml.dll 7d4a0000 3026944 C:\WINDOWS\System32\mshtml.dll 6.00.2900.2523 (xpsp_sp2_gdr.040919-1056) Microsoft ® HTML Viewer
msls31.dll 746c0000 159744 C:\WINDOWS\System32\msls31.dll 3.10.349.0 Microsoft Line Services library file
msimtf.dll 746f0000 172032 C:\WINDOWS\System32\msimtf.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Active IMM Server DLL
MSCTF.dll 74720000 307200 C:\WINDOWS\System32\MSCTF.dll 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) MSCTF Server DLL
IMM32.DLL 76390000 118784 C:\WINDOWS\system32\IMM32.DLL 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) Windows XP IMM32 API Client DLL
jscript.dll 75c50000 450560 c:\windows\system32\jscript.dll 5.6.0.8820 Microsoft ® JScript

#15 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:41 AM

Posted 11 January 2005 - 06:46 PM

OK lets try something else:

1. Download: "StartDreck" from:

http://www.niksoft.at/download/startdreck.htm

2. Extract the file into c:\startdreck.

3. Navigate to c:\startdreck and double-click on Startdreck.exe

4. When the program opens click on the Config button.

5. Then click on the unmark all button.

6. Then put checkmarks in the following checkboxes:

Under Registry put a checkmark in the Run Keys checkbox.

Under System/Drivers put a check in the Running Proccess checkbox.

7. Press the OK button.

8. Press the Save button. Type in the location you want to save the log to, or use the defaults which will save the log into the directory you are running the program from. If you choose the defaults the filename for the log will be StartDreck.log.

9. Post a copy of the log as a reply to this post.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users