Deckard's System Scanner v20071014.68 Run by Rob & April on 2008-07-23 15:05:27 Computer is in Normal Mode. -------------------------------------------------------------------------------- -- System Restore -------------------------------------------------------------- -- Last 5 Restore Point(s) -- 52: 2008-07-23 08:16:34 UTC - RP1433 - Deckard's System Scanner Restore Point 51: 2008-07-23 06:58:52 UTC - RP1432 - System Checkpoint 50: 2008-07-22 06:58:32 UTC - RP1431 - System Checkpoint 49: 2008-07-21 06:42:22 UTC - RP1430 - System Checkpoint 48: 2008-07-20 04:04:29 UTC - RP1429 - System Checkpoint -- First Restore Point -- 1: 2008-06-09 07:09:05 UTC - RP1382 - System Checkpoint [color=red]Total Physical Memory: 510 MiB (512 MiB recommended).[/color] -- HijackThis Clone ------------------------------------------------------------ Emulating logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2008-07-23 15:05:58 Platform: Windows XP Service Pack 2 (5.01.2600) MSIE: Internet Explorer (7.00.6000.16674) Boot mode: Normal Running processes: C:\WINDOWS\SYSTEM32\SMSS.EXE C:\WINDOWS\SYSTEM32\WINLOGON.EXE C:\WINDOWS\SYSTEM32\SERVICES.EXE C:\WINDOWS\SYSTEM32\LSASS.EXE C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\WINDOWS\explorer.exe C:\WINDOWS\SYSTEM32\LEXBCES.EXE C:\WINDOWS\SYSTEM32\LEXPPS.EXE C:\WINDOWS\SYSTEM32\spoolsv.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\SYSTEM32\snmp.exe C:\WINDOWS\SYSTEM32\SVCHOST.EXE C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\WINDOWS\SYSTEM32\dla\tfswctrl.exe C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_S0BIC1.EXE C:\WINDOWS\SYSTEM32\hkcmd.exe C:\WINDOWS\SYSTEM32\igfxpers.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\WINDOWS\SYSTEM32\CTFMON.EXE C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\SYSTEM32\WSCNTFY.EXE C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe C:\WINDOWS\SYSTEM32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Rob & April\Desktop\dss.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://safesearch.cyberdefender.com/smallsearch.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.yahoo.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr8/*http://www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\SYSTEM32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: (no name) - SITEguard - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar1.dll O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [IntelMeM] C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [EPSON Stylus C62 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S0BIC1.EXE /P23 "EPSON Stylus C62 Series" /O6 "USB002" /M "Stylus C62" O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [C:\Program Files\dfjdkjfdkjfldjf\dfjdkjfdkjfldjf\winlogin.exe] "C:\Program Files\dfjdkjfdkjfldjf\dfjdkjfdkjfldjf\systemclock.exe" /R O4 - HKLM\..\Run: [nvsvc16] C:\Program Files\myss\nvsvc16.exe O4 - HKLM\..\Run: [SendMail] C:\Program Files\myss\SendMail.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1 O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: VonageRestart.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\All Users\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - C:\Documents and Settings\All Users\Start Menu\Programs\Absolute Poker\Absolute Poker.lnk O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing) O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (file missing) O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (file missing) O9 - Extra button: MANSION - {CD03D14B-0EF6-4f5a-BB81-1ECAFFC676AF} - (file missing) O9 - Extra 'Tools' menuitem: MANSION - {CD03D14B-0EF6-4f5a-BB81-1ECAFFC676AF} - (file missing) O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL O18 - Protocol: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\puresp.dll O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL O20 - Winlogon Notify: crypt32chain - C:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet - C:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll - C:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: ScCertProp - C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule - C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: SensLogn - C:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv - C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: wlballoon - C:\WINDOWS\system32\wlnotify.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\SYSTEM32\STOBJECT.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\SYSTEM32\LEXBCES.EXE O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe /Embedding O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe O23 - Service: SysEnforce - Unknown owner - C:\PROGRA~1\TRISNA~1\SSI\SYSENF~1.EXE -- End of file - 10810 bytes -- File Associations ----------------------------------------------------------- All associations okay. -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 cbidf - c:\windows\system32\drivers\cbidf2k.sys R0 dac2w2k - c:\windows\system32\drivers\dac2w2k.sys R3 ialm - c:\windows\system32\drivers\ialmnt5.sys R3 smwdm - c:\windows\system32\drivers\smwdm.sys S3 bvrp_pci - c:\windows\system32\drivers\bvrp_pci.sys S3 MODEMCSA (Unimodem Streaming Filter Device) - c:\windows\system32\drivers\modemcsa.sys S3 mohfilt - c:\windows\system32\drivers\mohfilt.sys S3 SBAPIFS - c:\windows\system32\drivers\sbapifs.sys (file missing) S3 usbsermpt (Motorola USB Modem Driver for MPT) - c:\windows\system32\drivers\usbsermpt.sys S3 wanatw (WAN Miniport (ATW)) - c:\windows\system32\drivers\wanatw4.sys (file missing) S3 zlportio - c:\program files\winkeeper\zlportio.sys (file missing) -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- S2 MCVSRte (McAfee.com VirusScan Online Realtime Engine) - c:\progra~1\mcafee.com\vso\mcvsrte.exe /embedding (file missing) S2 SysEnforce - c:\progra~1\trisna~1\ssi\sysenf~1.exe (file missing) S3 nmraapache (Pure Networks Net2Go Service) - "c:\program files\pure networks\network magic\webserver\bin\nmraapache.exe" -k runservice -- Device Manager: Disabled ---------------------------------------------------- No disabled devices found. -- Process Modules ------------------------------------------------------------- C:\WINDOWS\SYSTEM32\WINLOGON.EXE (pid 624) 2004-08-04 03:00:00 708096 --a------ C:\WINDOWS\SYSTEM32\NTDLL.DLL 2004-08-04 03:00:00 616960 -----n--- C:\WINDOWS\SYSTEM32\ADVAPI32.DLL 2004-08-04 03:00:00 55808 --a------ C:\WINDOWS\SYSTEM32\SECUR32.DLL 2005-03-02 11:09:29 56832 --a------ C:\WINDOWS\SYSTEM32\authz.dll 2004-08-04 03:00:00 343040 -----n--- C:\WINDOWS\SYSTEM32\MSVCRT.DLL 2004-08-04 03:00:00 597504 --a------ C:\WINDOWS\SYSTEM32\CRYPT32.DLL 2004-08-04 03:00:00 57344 --a------ C:\WINDOWS\SYSTEM32\MSASN1.DLL 2004-08-04 03:00:00 17920 --a------ C:\WINDOWS\SYSTEM32\NDDEAPI.DLL 2004-08-04 03:00:00 27648 --a------ C:\WINDOWS\SYSTEM32\PROFMAP.DLL 2006-08-17 05:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll 2004-08-04 03:00:00 723456 --a------ C:\WINDOWS\SYSTEM32\USERENV.DLL 2004-08-04 03:00:00 23040 --a------ C:\WINDOWS\SYSTEM32\PSAPI.DLL 2004-08-04 03:00:00 49664 --a------ C:\WINDOWS\SYSTEM32\REGAPI.DLL 2004-08-04 03:00:00 983552 --a------ C:\WINDOWS\SYSTEM32\SETUPAPI.DLL 2004-08-04 03:00:00 18944 --a------ C:\WINDOWS\SYSTEM32\VERSION.DLL 2004-08-04 03:00:00 53760 --a------ C:\WINDOWS\SYSTEM32\WINSTA.DLL 2004-08-04 03:00:00 176640 --a------ C:\WINDOWS\SYSTEM32\WINTRUST.DLL 2004-08-04 03:00:00 144384 --a------ C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL 2004-08-04 03:00:00 82944 --a------ C:\WINDOWS\SYSTEM32\WS2_32.DLL 2004-08-04 03:00:00 19968 --a------ C:\WINDOWS\SYSTEM32\WS2HELP.DLL 2004-08-04 03:00:00 110080 --a------ C:\WINDOWS\SYSTEM32\IMM32.DLL 2004-08-04 03:00:00 994304 --a------ C:\WINDOWS\SYSTEM32\MSGINA.DLL 2006-08-25 08:45:58 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll 2004-08-04 03:00:00 276992 --a------ C:\WINDOWS\SYSTEM32\COMDLG32.DLL 2006-08-25 08:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 2006-12-19 14:52:18 134656 --a------ C:\WINDOWS\SYSTEM32\shsvcs.dll 2004-08-04 03:00:00 5120 --a------ C:\WINDOWS\SYSTEM32\SFC.DLL 2004-08-04 03:00:00 140288 --a------ C:\WINDOWS\SYSTEM32\SFC_OS.DLL 2005-07-25 21:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll 2004-08-04 03:00:00 126976 --a------ C:\WINDOWS\SYSTEM32\APPHELP.DLL 2004-08-04 03:00:00 177152 --a----c- C:\WINDOWS\SYSTEM32\MSCTFIME.IME 2004-08-04 03:00:00 99328 --a------ C:\WINDOWS\SYSTEM32\WINSCARD.DLL 2004-08-04 03:00:00 18432 --a------ C:\WINDOWS\SYSTEM32\WTSAPI32.DLL 2006-10-19 06:56:32 713216 --a------ C:\WINDOWS\SYSTEM32\sxs.dll 2004-08-04 03:00:00 218624 --a------ C:\WINDOWS\SYSTEM32\UXTHEME.DLL 2004-08-04 03:00:00 176128 --a------ C:\WINDOWS\SYSTEM32\WINMM.DLL 2004-08-04 03:00:00 101888 --a------ C:\WINDOWS\SYSTEM32\CSCDLL.DLL 2004-08-04 03:00:00 92672 --a------ C:\WINDOWS\SYSTEM32\WLNOTIFY.DLL 2004-08-04 03:00:00 146432 --a------ C:\WINDOWS\SYSTEM32\WINSPOOL.DRV 2004-08-04 03:00:00 59904 --a------ C:\WINDOWS\SYSTEM32\MPR.DLL 2004-08-04 03:00:00 152576 --a------ C:\WINDOWS\SYSTEM32\RSAENH.DLL 2004-08-04 03:00:00 118784 --a------ C:\WINDOWS\SYSTEM32\NTMARTA.DLL 2004-08-04 03:00:00 172032 --a------ C:\WINDOWS\SYSTEM32\WLDAP32.DLL 2004-08-04 03:00:00 64000 --a------ C:\WINDOWS\SYSTEM32\SAMLIB.DLL 2005-07-25 21:39:43 498688 --a------ C:\WINDOWS\SYSTEM32\clbcatq.dll 2004-08-04 03:00:00 792064 --a------ C:\WINDOWS\SYSTEM32\COMRES.DLL 2004-08-04 03:00:00 326656 --a------ C:\WINDOWS\SYSTEM32\CSCUI.DLL 2004-08-04 03:00:00 2897920 --a------ C:\WINDOWS\SYSTEM32\XPSP2RES.DLL 2004-08-04 03:00:00 129536 --a------ C:\WINDOWS\SYSTEM32\MSV1_0.DLL 2006-05-19 05:59:41 94720 --a------ C:\WINDOWS\SYSTEM32\iphlpapi.dll 2004-08-03 22:56:58 23552 --a------ C:\WINDOWS\SYSTEM32\wdmaud.drv 2004-08-04 03:00:00 20480 --a------ C:\WINDOWS\SYSTEM32\MSACM32.DRV 2004-08-04 03:00:00 71680 --a------ C:\WINDOWS\SYSTEM32\MSACM32.DLL 2004-08-04 03:00:00 18944 --a------ C:\WINDOWS\SYSTEM32\MIDIMAP.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE (pid 852) 2004-08-04 03:00:00 708096 --a------ C:\WINDOWS\SYSTEM32\NTDLL.DLL 2004-08-04 03:00:00 616960 -----n--- C:\WINDOWS\SYSTEM32\ADVAPI32.DLL 2004-08-04 03:00:00 55808 --a------ C:\WINDOWS\SYSTEM32\SECUR32.DLL 2004-08-04 03:00:00 65536 --a------ C:\WINDOWS\SYSTEM32\SHIMENG.DLL 2004-08-04 03:00:00 1852416 --a------ C:\WINDOWS\AppPatch\AcGenral.dll 2004-08-04 03:00:00 176128 --a------ C:\WINDOWS\SYSTEM32\WINMM.DLL 2005-07-25 21:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll 2004-08-04 03:00:00 343040 -----n--- C:\WINDOWS\SYSTEM32\MSVCRT.DLL 2004-08-04 03:00:00 71680 --a------ C:\WINDOWS\SYSTEM32\MSACM32.DLL 2004-08-04 03:00:00 18944 --a------ C:\WINDOWS\SYSTEM32\VERSION.DLL 2004-08-04 03:00:00 723456 --a------ C:\WINDOWS\SYSTEM32\USERENV.DLL 2004-08-04 03:00:00 218624 --a------ C:\WINDOWS\SYSTEM32\UXTHEME.DLL 2004-08-04 03:00:00 110080 --a------ C:\WINDOWS\SYSTEM32\IMM32.DLL 2006-08-25 08:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 2006-08-25 08:45:58 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll 2004-08-04 03:00:00 118784 --a------ C:\WINDOWS\SYSTEM32\NTMARTA.DLL 2004-08-04 03:00:00 172032 --a------ C:\WINDOWS\SYSTEM32\WLDAP32.DLL 2004-08-04 03:00:00 64000 --a------ C:\WINDOWS\SYSTEM32\SAMLIB.DLL 2005-07-25 21:39:49 397824 --a------ C:\WINDOWS\SYSTEM32\rpcss.dll 2004-08-04 03:00:00 82944 --a------ C:\WINDOWS\SYSTEM32\WS2_32.DLL 2004-08-04 03:00:00 19968 --a------ C:\WINDOWS\SYSTEM32\WS2HELP.DLL 2004-08-04 03:00:00 2897920 --a------ C:\WINDOWS\SYSTEM32\XPSP2RES.DLL 2005-07-25 21:39:43 498688 --a------ C:\WINDOWS\SYSTEM32\clbcatq.dll 2004-08-04 03:00:00 792064 --a------ C:\WINDOWS\SYSTEM32\COMRES.DLL 2004-08-04 03:00:00 126976 --a------ C:\WINDOWS\SYSTEM32\APPHELP.DLL 2004-08-04 03:00:00 295424 --a------ C:\WINDOWS\SYSTEM32\TERMSRV.DLL 2004-08-04 03:00:00 11264 --a------ C:\WINDOWS\SYSTEM32\ICAAPI.DLL 2004-08-04 03:00:00 983552 --a------ C:\WINDOWS\SYSTEM32\SETUPAPI.DLL 2004-08-04 03:00:00 176640 --a------ C:\WINDOWS\SYSTEM32\WINTRUST.DLL 2004-08-04 03:00:00 597504 --a------ C:\WINDOWS\SYSTEM32\CRYPT32.DLL 2004-08-04 03:00:00 57344 --a------ C:\WINDOWS\SYSTEM32\MSASN1.DLL 2004-08-04 03:00:00 144384 --a------ C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL 2005-03-02 11:09:29 56832 --a------ C:\WINDOWS\SYSTEM32\authz.dll 2004-08-04 03:00:00 115712 --a------ C:\WINDOWS\SYSTEM32\MSTLSAPI.DLL 2004-08-04 03:00:00 194048 --a------ C:\WINDOWS\SYSTEM32\ACTIVEDS.DLL 2004-08-04 03:00:00 143360 --a------ C:\WINDOWS\SYSTEM32\ADSLDPC.DLL 2006-08-17 05:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll 2004-08-04 03:00:00 49664 --a------ C:\WINDOWS\SYSTEM32\REGAPI.DLL 2004-08-04 03:00:00 152576 --a------ C:\WINDOWS\SYSTEM32\RSAENH.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE (pid 1020) 2004-08-04 03:00:00 708096 --a------ C:\WINDOWS\SYSTEM32\NTDLL.DLL 2004-08-04 03:00:00 616960 -----n--- C:\WINDOWS\SYSTEM32\ADVAPI32.DLL 2004-08-04 03:00:00 55808 --a------ C:\WINDOWS\SYSTEM32\SECUR32.DLL 2004-08-04 03:00:00 65536 --a------ C:\WINDOWS\SYSTEM32\SHIMENG.DLL 2004-08-04 03:00:00 1852416 --a------ C:\WINDOWS\AppPatch\AcGenral.dll 2004-08-04 03:00:00 176128 --a------ C:\WINDOWS\SYSTEM32\WINMM.DLL 2005-07-25 21:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll 2004-08-04 03:00:00 343040 -----n--- C:\WINDOWS\SYSTEM32\MSVCRT.DLL 2004-08-04 03:00:00 71680 --a------ C:\WINDOWS\SYSTEM32\MSACM32.DLL 2004-08-04 03:00:00 18944 --a------ C:\WINDOWS\SYSTEM32\VERSION.DLL 2004-08-04 03:00:00 723456 --a------ C:\WINDOWS\SYSTEM32\USERENV.DLL 2004-08-04 03:00:00 218624 --a------ C:\WINDOWS\SYSTEM32\UXTHEME.DLL 2004-08-04 03:00:00 110080 --a------ C:\WINDOWS\SYSTEM32\IMM32.DLL 2006-08-25 08:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 2006-08-25 08:45:58 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll 2004-08-04 03:00:00 118784 --a------ C:\WINDOWS\SYSTEM32\NTMARTA.DLL 2004-08-04 03:00:00 172032 --a------ C:\WINDOWS\SYSTEM32\WLDAP32.DLL 2004-08-04 03:00:00 64000 --a------ C:\WINDOWS\SYSTEM32\SAMLIB.DLL 2004-08-04 03:00:00 2897920 --a------ C:\WINDOWS\SYSTEM32\XPSP2RES.DLL 2006-12-19 14:52:18 134656 --a------ C:\WINDOWS\SYSTEM32\shsvcs.dll 2004-08-04 03:00:00 53760 --a------ C:\WINDOWS\SYSTEM32\WINSTA.DLL 2006-08-17 05:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll 2004-08-04 03:00:00 152576 --a------ C:\WINDOWS\SYSTEM32\RSAENH.DLL 2006-05-19 05:59:41 111616 --a------ C:\WINDOWS\SYSTEM32\dhcpcsvc.dll 2004-08-04 03:00:00 82944 --a------ C:\WINDOWS\SYSTEM32\WS2_32.DLL 2004-08-04 03:00:00 19968 --a------ C:\WINDOWS\SYSTEM32\WS2HELP.DLL 2006-05-19 05:59:41 94720 --a------ C:\WINDOWS\SYSTEM32\iphlpapi.dll 2004-08-04 03:00:00 344064 --a------ C:\WINDOWS\SYSTEM32\HNETCFG.DLL 2004-08-04 03:00:00 19968 --a------ C:\WINDOWS\SYSTEM32\WSHTCPIP.DLL 2004-08-04 03:00:00 359936 --a------ C:\WINDOWS\SYSTEM32\WZCSVC.DLL 2004-08-04 03:00:00 44032 --a------ C:\WINDOWS\SYSTEM32\RTUTILS.DLL 2004-08-04 03:00:00 5632 --a------ C:\WINDOWS\SYSTEM32\WMI.DLL 2004-08-04 03:00:00 597504 --a------ C:\WINDOWS\SYSTEM32\CRYPT32.DLL 2004-08-04 03:00:00 57344 --a------ C:\WINDOWS\SYSTEM32\MSASN1.DLL 2004-08-04 03:00:00 18432 --a------ C:\WINDOWS\SYSTEM32\WTSAPI32.DLL 2005-10-20 15:20:03 1082368 --a------ C:\WINDOWS\SYSTEM32\esent.dll 2004-08-04 03:00:00 112128 --a------ C:\WINDOWS\SYSTEM32\RASTLS.DLL 2004-08-04 03:00:00 512512 --a------ C:\WINDOWS\SYSTEM32\CRYPTUI.DLL 2004-08-04 03:00:00 176640 --a------ C:\WINDOWS\SYSTEM32\WINTRUST.DLL 2004-08-04 03:00:00 144384 --a------ C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL 2004-08-04 03:00:00 87040 --a------ C:\WINDOWS\SYSTEM32\MPRAPI.DLL 2004-08-04 03:00:00 194048 --a------ C:\WINDOWS\SYSTEM32\ACTIVEDS.DLL 2004-08-04 03:00:00 143360 --a------ C:\WINDOWS\SYSTEM32\ADSLDPC.DLL 2004-08-04 03:00:00 983552 --a------ C:\WINDOWS\SYSTEM32\SETUPAPI.DLL 2004-08-04 03:00:00 236544 --a------ C:\WINDOWS\SYSTEM32\RASAPI32.DLL 2004-08-04 03:00:00 61440 --a------ C:\WINDOWS\SYSTEM32\RASMAN.DLL 2004-08-04 03:00:00 181760 --a------ C:\WINDOWS\SYSTEM32\TAPI32.DLL 2004-08-04 03:00:00 99328 --a------ C:\WINDOWS\SYSTEM32\WINSCARD.DLL 2004-08-04 03:00:00 69632 --a------ C:\WINDOWS\SYSTEM32\RASCHAP.DLL 2004-08-04 03:00:00 129536 --a------ C:\WINDOWS\SYSTEM32\MSV1_0.DLL 2005-07-25 21:39:43 498688 --a------ C:\WINDOWS\SYSTEM32\clbcatq.dll 2004-08-04 03:00:00 792064 --a------ C:\WINDOWS\SYSTEM32\COMRES.DLL 2004-08-04 03:00:00 190976 --a------ C:\WINDOWS\SYSTEM32\SCHEDSVC.DLL 2004-08-04 03:00:00 67072 --a------ C:\WINDOWS\SYSTEM32\NTDSAPI.DLL 2004-08-04 03:00:00 6656 --a------ C:\WINDOWS\SYSTEM32\MSIDLE.DLL 2004-08-04 03:00:00 42496 --a------ C:\WINDOWS\SYSTEM32\AUDIOSRV.DLL 2006-08-17 05:28:27 132096 --a------ C:\WINDOWS\SYSTEM32\wkssvc.dll 2004-08-04 03:00:00 382464 --a------ C:\WINDOWS\SYSTEM32\QMGR.DLL 2004-08-04 03:00:00 59904 --a------ C:\WINDOWS\SYSTEM32\MPR.DLL 2004-08-04 03:00:00 25088 --a------ C:\WINDOWS\SYSTEM32\SHFOLDER.DLL 2004-08-04 03:00:00 351232 --a------ C:\WINDOWS\SYSTEM32\WINHTTP.DLL 2004-08-04 03:00:00 60416 --a------ C:\WINDOWS\SYSTEM32\CRYPTSVC.DLL 2004-08-04 03:00:00 194560 --a------ C:\WINDOWS\SYSTEM32\CERTCLI.DLL 2004-08-04 03:00:00 23040 --a------ C:\WINDOWS\SYSTEM32\ERSVC.DLL 2005-07-25 21:39:45 243200 --a------ C:\WINDOWS\SYSTEM32\es.dll 2004-08-04 03:00:00 38912 --a------ C:\WINDOWS\PCHEALTH\HELPCTR\BINARIES\PCHSVC.DLL 2004-12-07 12:32:34 96768 --a------ C:\WINDOWS\SYSTEM32\srvsvc.dll 2005-08-22 11:29:46 197632 --a------ C:\WINDOWS\SYSTEM32\netman.dll 2004-08-04 03:00:00 1708032 --a------ C:\WINDOWS\SYSTEM32\NETSHELL.DLL 2004-08-04 03:00:00 163840 --a------ C:\WINDOWS\SYSTEM32\CREDUI.DLL 2004-08-04 03:00:00 51712 --a------ C:\WINDOWS\SYSTEM32\WZCSAPI.DLL 2004-08-04 03:00:00 18944 --a------ C:\WINDOWS\SYSTEM32\SECLOGON.DLL 2004-08-04 03:00:00 38912 --a------ C:\WINDOWS\SYSTEM32\SENS.DLL 2004-08-04 03:00:00 170496 --a------ C:\WINDOWS\SYSTEM32\SRSVC.DLL 2004-08-04 03:00:00 17408 --a------ C:\WINDOWS\SYSTEM32\POWRPROF.DLL 2005-07-08 09:27:56 249344 --a------ C:\WINDOWS\SYSTEM32\tapisrv.dll 2004-08-04 03:00:00 23040 --a------ C:\WINDOWS\SYSTEM32\PSAPI.DLL 2006-10-19 06:56:32 713216 --a------ C:\WINDOWS\SYSTEM32\sxs.dll 2004-08-04 03:00:00 90624 --a------ C:\WINDOWS\SYSTEM32\TRKWKS.DLL 2004-08-04 03:00:00 174592 --a------ C:\WINDOWS\SYSTEM32\W32TIME.DLL 2004-08-04 03:00:00 144896 --a------ C:\WINDOWS\SYSTEM32\WBEM\WMISVC.DLL 2004-08-04 03:00:00 430592 --a------ C:\WINDOWS\SYSTEM32\VSSAPI.DLL 2004-08-04 03:00:00 6656 --a------ C:\WINDOWS\SYSTEM32\WUAUSERV.DLL 2004-08-04 03:00:00 146432 --a------ C:\WINDOWS\SYSTEM32\WINSPOOL.DRV 2004-08-04 03:00:00 59904 --a------ C:\WINDOWS\SYSTEM32\CABINET.DLL 2004-08-04 03:00:00 30208 --a------ C:\WINDOWS\SYSTEM32\MSPATCHA.DLL 2004-08-04 03:00:00 77312 --a------ C:\WINDOWS\SYSTEM32\BROWSER.DLL 2005-07-25 21:39:44 1267200 --a------ C:\WINDOWS\SYSTEM32\comsvcs.dll 2005-07-25 21:39:43 60416 --a------ C:\WINDOWS\SYSTEM32\colbact.dll 2006-03-01 12:42:42 66560 --a------ C:\WINDOWS\SYSTEM32\mtxclu.dll 2004-08-04 03:00:00 22528 --a------ C:\WINDOWS\SYSTEM32\WSOCK32.DLL 2004-08-04 03:00:00 57856 --a------ C:\WINDOWS\SYSTEM32\CLUSAPI.DLL 2004-08-04 03:00:00 58880 --a------ C:\WINDOWS\SYSTEM32\RESUTILS.DLL 2004-08-04 03:00:00 81408 --a------ C:\WINDOWS\SYSTEM32\WSCSVC.DLL 2004-08-04 03:00:00 214528 --a------ C:\WINDOWS\SYSTEM32\WBEM\WBEMCOMN.DLL 2004-08-04 03:00:00 530944 --a------ C:\WINDOWS\SYSTEM32\WBEM\WBEMCORE.DLL 2004-08-04 03:00:00 247808 --a------ C:\WINDOWS\SYSTEM32\WBEM\ESSCLI.DLL 2004-08-04 03:00:00 472064 --a------ C:\WINDOWS\SYSTEM32\WBEM\FASTPROX.DLL 2004-08-04 03:00:00 43520 --a------ C:\WINDOWS\SYSTEM32\WBEM\WBEMSVC.DLL 2004-08-04 03:00:00 95232 --a------ C:\WINDOWS\SYSTEM32\WBEM\WMIUTILS.DLL 2004-08-04 03:00:00 177152 --a------ C:\WINDOWS\SYSTEM32\WBEM\REPDRVFS.DLL 2004-08-04 03:00:00 437248 --a------ C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSD.DLL 2004-08-04 03:00:00 36352 --a------ C:\WINDOWS\SYSTEM32\NCOBJAPI.DLL 2004-08-04 03:00:00 331264 --a------ C:\WINDOWS\SYSTEM32\IPNATHLP.DLL 2005-03-02 11:09:29 56832 --a------ C:\WINDOWS\SYSTEM32\authz.dll 2004-08-04 03:00:00 273920 --a------ C:\WINDOWS\SYSTEM32\WBEM\WBEMESS.DLL 2004-08-04 03:00:00 5120 --a------ C:\WINDOWS\SYSTEM32\SFC.DLL 2004-08-04 03:00:00 140288 --a------ C:\WINDOWS\SYSTEM32\SFC_OS.DLL 2004-08-04 03:00:00 47104 --a------ C:\WINDOWS\SYSTEM32\WBEM\NCPROV.DLL 2004-08-04 03:00:00 126976 --a------ C:\WINDOWS\SYSTEM32\APPHELP.DLL 2006-06-26 10:37:10 8192 --a------ C:\WINDOWS\SYSTEM32\rasadhlp.dll 2004-08-04 03:00:00 622080 --a------ C:\WINDOWS\SYSTEM32\NETCFGX.DLL 2004-08-04 03:00:00 132608 --a------ C:\WINDOWS\SYSTEM32\UPNP.DLL 2004-08-04 03:00:00 34816 --a------ C:\WINDOWS\SYSTEM32\SSDPAPI.DLL 2006-06-22 03:47:18 181248 --a------ C:\WINDOWS\SYSTEM32\rasmans.dll 2004-08-04 03:00:00 32768 --a------ C:\WINDOWS\SYSTEM32\WINIPSEC.DLL 2004-08-04 03:00:00 58880 --a------ C:\WINDOWS\SYSTEM32\RASTAPI.DLL 2004-08-04 03:00:00 206848 --a------ C:\WINDOWS\SYSTEM32\UNIMDM.TSP 2004-08-04 03:00:00 13824 --a------ C:\WINDOWS\SYSTEM32\UNIPLAT.DLL 2004-08-04 03:00:00 137216 --a------ C:\WINDOWS\SYSTEM32\DSSENH.DLL 2004-08-04 03:00:00 33280 --a------ C:\WINDOWS\SYSTEM32\KMDDSP.TSP 2004-08-04 03:00:00 56832 --a------ C:\WINDOWS\SYSTEM32\NDPTSP.TSP 2004-08-04 03:00:00 17408 --a------ C:\WINDOWS\SYSTEM32\IPCONF.TSP 2004-08-04 03:00:00 265728 --a------ C:\WINDOWS\SYSTEM32\H323.TSP 2004-08-04 03:00:00 29696 --a------ C:\WINDOWS\SYSTEM32\HIDPHONE.TSP 2004-08-04 03:00:00 20992 --a------ C:\WINDOWS\SYSTEM32\HID.DLL 2004-08-04 03:00:00 16896 --a------ C:\WINDOWS\SYSTEM32\WINRNR.DLL 2004-08-04 03:00:00 206336 --a------ C:\WINDOWS\SYSTEM32\RASPPP.DLL 2004-08-04 03:00:00 8192 --a------ C:\WINDOWS\SYSTEM32\NTLSAPI.DLL 2005-06-15 10:49:30 295936 --a------ C:\WINDOWS\SYSTEM32\kerberos.dll 2004-08-04 03:00:00 33280 --a------ C:\WINDOWS\SYSTEM32\CRYPTDLL.DLL 2004-08-04 03:00:00 657920 --a------ C:\WINDOWS\SYSTEM32\RASDLG.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE (pid 1060) 2004-08-04 03:00:00 708096 --a------ C:\WINDOWS\SYSTEM32\NTDLL.DLL 2004-08-04 03:00:00 616960 -----n--- C:\WINDOWS\SYSTEM32\ADVAPI32.DLL 2004-08-04 03:00:00 55808 --a------ C:\WINDOWS\SYSTEM32\SECUR32.DLL 2004-08-04 03:00:00 65536 --a------ C:\WINDOWS\SYSTEM32\SHIMENG.DLL 2004-08-04 03:00:00 1852416 --a------ C:\WINDOWS\AppPatch\AcGenral.dll 2004-08-04 03:00:00 176128 --a------ C:\WINDOWS\SYSTEM32\WINMM.DLL 2005-07-25 21:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll 2004-08-04 03:00:00 343040 -----n--- C:\WINDOWS\SYSTEM32\MSVCRT.DLL 2004-08-04 03:00:00 71680 --a------ C:\WINDOWS\SYSTEM32\MSACM32.DLL 2004-08-04 03:00:00 18944 --a------ C:\WINDOWS\SYSTEM32\VERSION.DLL 2004-08-04 03:00:00 723456 --a------ C:\WINDOWS\SYSTEM32\USERENV.DLL 2004-08-04 03:00:00 218624 --a------ C:\WINDOWS\SYSTEM32\UXTHEME.DLL 2004-08-04 03:00:00 110080 --a------ C:\WINDOWS\SYSTEM32\IMM32.DLL 2006-08-25 08:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 2006-08-25 08:45:58 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll 2006-09-28 19:56:14 55808 -------c- C:\WINDOWS\SYSTEM32\WudfSvc.dll 2004-08-04 03:00:00 983552 --a------ C:\WINDOWS\SYSTEM32\SETUPAPI.DLL 2006-09-28 19:56:16 165376 -------c- C:\WINDOWS\SYSTEM32\WudfPlatform.dll 2004-08-04 03:00:00 176640 --a------ C:\WINDOWS\SYSTEM32\WINTRUST.DLL 2004-08-04 03:00:00 597504 --a------ C:\WINDOWS\SYSTEM32\CRYPT32.DLL 2004-08-04 03:00:00 57344 --a------ C:\WINDOWS\SYSTEM32\MSASN1.DLL 2004-08-04 03:00:00 144384 --a------ C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL C:\WINDOWS\explorer.exe (pid 1484) 2004-08-04 03:00:00 708096 --a------ C:\WINDOWS\SYSTEM32\NTDLL.DLL 2004-08-04 03:00:00 616960 -----n--- C:\WINDOWS\SYSTEM32\ADVAPI32.DLL 2004-08-04 03:00:00 55808 --a------ C:\WINDOWS\SYSTEM32\SECUR32.DLL 2004-08-04 03:00:00 343040 -----n--- C:\WINDOWS\SYSTEM32\MSVCRT.DLL 2005-07-25 21:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll 2004-08-04 03:00:00 597504 --a------ C:\WINDOWS\SYSTEM32\CRYPT32.DLL 2004-08-04 03:00:00 57344 --a------ C:\WINDOWS\SYSTEM32\MSASN1.DLL 2004-08-04 03:00:00 512512 --a------ C:\WINDOWS\SYSTEM32\CRYPTUI.DLL 2004-08-04 03:00:00 176640 --a------ C:\WINDOWS\SYSTEM32\WINTRUST.DLL 2004-08-04 03:00:00 144384 --a------ C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL 2006-08-17 05:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll 2004-08-04 03:00:00 172032 --a------ C:\WINDOWS\SYSTEM32\WLDAP32.DLL 2004-08-04 03:00:00 18944 --a------ C:\WINDOWS\SYSTEM32\VERSION.DLL 2004-08-04 03:00:00 218624 --a------ C:\WINDOWS\SYSTEM32\UXTHEME.DLL 2004-08-04 03:00:00 65536 --a------ C:\WINDOWS\SYSTEM32\SHIMENG.DLL 2004-08-04 03:00:00 1852416 --a------ C:\WINDOWS\AppPatch\AcGenral.dll 2004-08-04 03:00:00 176128 --a------ C:\WINDOWS\SYSTEM32\WINMM.DLL 2004-08-04 03:00:00 71680 --a------ C:\WINDOWS\SYSTEM32\MSACM32.DLL 2004-08-04 03:00:00 723456 --a------ C:\WINDOWS\SYSTEM32\USERENV.DLL 2004-08-04 03:00:00 110080 --a------ C:\WINDOWS\SYSTEM32\IMM32.DLL 2006-08-25 08:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 2006-08-25 08:45:58 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll 2004-08-04 03:00:00 177152 --a----c- C:\WINDOWS\SYSTEM32\MSCTFIME.IME 2004-08-04 03:00:00 126976 --a------ C:\WINDOWS\SYSTEM32\APPHELP.DLL 2005-07-25 21:39:43 498688 --a------ C:\WINDOWS\SYSTEM32\clbcatq.dll 2004-08-04 03:00:00 792064 --a------ C:\WINDOWS\SYSTEM32\COMRES.DLL 2004-08-04 03:00:00 326656 --a------ C:\WINDOWS\SYSTEM32\CSCUI.DLL 2004-08-04 03:00:00 101888 --a------ C:\WINDOWS\SYSTEM32\CSCDLL.DLL 2004-08-04 03:00:00 385536 --a------ C:\WINDOWS\SYSTEM32\THEMEUI.DLL 2004-08-04 03:00:00 4608 --a------ C:\WINDOWS\SYSTEM32\MSIMG32.DLL 2004-08-04 03:00:00 2897920 --a------ C:\WINDOWS\SYSTEM32\XPSP2RES.DLL 2004-08-04 03:00:00 101888 --a------ C:\WINDOWS\SYSTEM32\ACTXPRXY.DLL 2005-08-31 18:41:53 19968 --a------ C:\WINDOWS\SYSTEM32\linkinfo.dll 2004-08-04 03:00:00 143872 --a------ C:\WINDOWS\SYSTEM32\NTSHRUI.DLL 2004-08-04 03:00:00 983552 --a------ C:\WINDOWS\SYSTEM32\SETUPAPI.DLL 2004-08-04 03:00:00 23040 --a------ C:\WINDOWS\SYSTEM32\PSAPI.DLL 2004-08-04 03:00:00 1708032 --a------ C:\WINDOWS\SYSTEM32\NETSHELL.DLL 2004-08-04 03:00:00 44032 --a------ C:\WINDOWS\SYSTEM32\RTUTILS.DLL 2004-08-04 03:00:00 163840 --a------ C:\WINDOWS\SYSTEM32\CREDUI.DLL 2004-08-04 03:00:00 82944 --a------ C:\WINDOWS\SYSTEM32\WS2_32.DLL 2004-08-04 03:00:00 19968 --a------ C:\WINDOWS\SYSTEM32\WS2HELP.DLL 2006-05-19 05:59:41 94720 --a------ C:\WINDOWS\SYSTEM32\iphlpapi.dll 2004-08-04 03:00:00 152576 --a------ C:\WINDOWS\SYSTEM32\RSAENH.DLL 2004-08-04 03:00:00 53760 --a------ C:\WINDOWS\SYSTEM32\WINSTA.DLL 2004-08-04 03:00:00 586240 --a------ C:\WINDOWS\SYSTEM32\MLANG.DLL 2004-08-04 03:00:00 121856 --a------ C:\WINDOWS\SYSTEM32\STOBJECT.DLL 2004-08-04 03:00:00 28672 --a------ C:\WINDOWS\SYSTEM32\BATMETER.DLL 2004-08-04 03:00:00 17408 --a------ C:\WINDOWS\SYSTEM32\POWRPROF.DLL 2004-08-04 03:00:00 18432 --a------ C:\WINDOWS\SYSTEM32\WTSAPI32.DLL 2004-08-04 03:00:00 351232 --a------ C:\WINDOWS\SYSTEM32\WINHTTP.DLL 2004-08-04 03:00:00 90624 --a------ C:\WINDOWS\SYSTEM32\MYDOCS.DLL 2004-08-03 22:56:58 23552 --a------ C:\WINDOWS\SYSTEM32\wdmaud.drv 2004-08-04 03:00:00 20480 --a------ C:\WINDOWS\SYSTEM32\MSACM32.DRV 2004-08-04 03:00:00 18944 --a------ C:\WINDOWS\SYSTEM32\MIDIMAP.DLL 2004-08-04 03:00:00 562176 --a------ C:\WINDOWS\SYSTEM32\FXSST.DLL 2004-08-04 03:00:00 146432 --a------ C:\WINDOWS\SYSTEM32\WINSPOOL.DRV 2004-08-04 03:00:00 452096 --a------ C:\WINDOWS\SYSTEM32\FXSAPI.DLL 2004-08-04 03:00:00 118784 --a------ C:\WINDOWS\SYSTEM32\NTMARTA.DLL 2004-08-04 03:00:00 64000 --a------ C:\WINDOWS\SYSTEM32\SAMLIB.DLL 2004-08-04 03:00:00 59904 --a------ C:\WINDOWS\SYSTEM32\MPR.DLL 2004-08-04 03:00:00 14336 --a------ C:\WINDOWS\SYSTEM32\DRPROV.DLL 2004-08-04 03:00:00 43520 --a------ C:\WINDOWS\SYSTEM32\NTLANMAN.DLL 2004-08-04 03:00:00 80896 --a------ C:\WINDOWS\SYSTEM32\NETUI0.DLL 2004-08-04 03:00:00 245760 --a------ C:\WINDOWS\SYSTEM32\NETUI1.DLL 2004-08-04 03:00:00 12288 --a------ C:\WINDOWS\SYSTEM32\NETRAP.DLL 2004-08-04 03:00:00 24576 --a------ C:\WINDOWS\SYSTEM32\DAVCLNT.DLL 2006-10-19 06:56:32 713216 --a------ C:\WINDOWS\SYSTEM32\sxs.dll 2004-08-04 03:00:00 63488 --a------ C:\WINDOWS\SYSTEM32\BROWSELC.DLL C:\WINDOWS\SYSTEM32\SVCHOST.EXE (pid 172) 2004-08-04 03:00:00 708096 --a------ C:\WINDOWS\SYSTEM32\NTDLL.DLL 2004-08-04 03:00:00 616960 -----n--- C:\WINDOWS\SYSTEM32\ADVAPI32.DLL 2004-08-04 03:00:00 55808 --a------ C:\WINDOWS\SYSTEM32\SECUR32.DLL 2004-08-04 03:00:00 65536 --a------ C:\WINDOWS\SYSTEM32\SHIMENG.DLL 2004-08-04 03:00:00 1852416 --a------ C:\WINDOWS\AppPatch\AcGenral.dll 2004-08-04 03:00:00 176128 --a------ C:\WINDOWS\SYSTEM32\WINMM.DLL 2005-07-25 21:39:48 1285120 --a------ C:\WINDOWS\SYSTEM32\ole32.dll 2004-08-04 03:00:00 343040 -----n--- C:\WINDOWS\SYSTEM32\MSVCRT.DLL 2004-08-04 03:00:00 71680 --a------ C:\WINDOWS\SYSTEM32\MSACM32.DLL 2004-08-04 03:00:00 18944 --a------ C:\WINDOWS\SYSTEM32\VERSION.DLL 2004-08-04 03:00:00 723456 --a------ C:\WINDOWS\SYSTEM32\USERENV.DLL 2004-08-04 03:00:00 218624 --a------ C:\WINDOWS\SYSTEM32\UXTHEME.DLL 2004-08-04 03:00:00 110080 --a------ C:\WINDOWS\SYSTEM32\IMM32.DLL 2006-08-25 08:45:55 1054208 --a------ C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll 2006-08-25 08:45:58 617472 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll 2006-12-19 11:16:47 333824 --a------ C:\WINDOWS\SYSTEM32\wiaservc.dll 2004-08-04 03:00:00 16896 --a------ C:\WINDOWS\SYSTEM32\CFGMGR32.DLL 2004-08-04 03:00:00 983552 --a------ C:\WINDOWS\SYSTEM32\SETUPAPI.DLL 2005-06-28 18:46:00 74240 --a------ C:\WINDOWS\SYSTEM32\mscms.dll 2004-08-04 03:00:00 146432 --a------ C:\WINDOWS\SYSTEM32\WINSPOOL.DRV 2004-08-04 03:00:00 53760 --a------ C:\WINDOWS\SYSTEM32\WINSTA.DLL 2006-08-17 05:28:27 332288 --a------ C:\WINDOWS\SYSTEM32\netapi32.dll 2004-08-04 03:00:00 2897920 --a------ C:\WINDOWS\SYSTEM32\XPSP2RES.DLL 2005-07-25 21:39:43 498688 --a------ C:\WINDOWS\SYSTEM32\clbcatq.dll 2004-08-04 03:00:00 792064 --a------ C:\WINDOWS\SYSTEM32\COMRES.DLL 2004-08-04 03:00:00 176640 --a------ C:\WINDOWS\SYSTEM32\WINTRUST.DLL 2004-08-04 03:00:00 597504 --a------ C:\WINDOWS\SYSTEM32\CRYPT32.DLL 2004-08-04 03:00:00 57344 --a------ C:\WINDOWS\SYSTEM32\MSASN1.DLL 2004-08-04 03:00:00 144384 --a------ C:\WINDOWS\SYSTEM32\IMAGEHLP.DLL 2004-08-04 03:00:00 101888 --a------ C:\WINDOWS\SYSTEM32\ACTXPRXY.DLL -- Files created between 2008-06-23 and 2008-07-23 ----------------------------- 2008-07-21 21:26:25 0 d-------- C:\Documents and Settings\Rob & April\DoctorWeb 2008-07-21 20:08:50 4272 --a------ C:\WINDOWS\system32\drivers\bvrp_pci.sys 2008-07-21 19:38:44 0 d-------- C:\Program Files\Trend Micro 2008-07-19 14:15:51 0 d-------- C:\Program Files\Myss 2008-07-10 11:05:01 53248 --a------ C:\WINDOWS\system32\ciaXPRegSvr20.dll 2008-07-10 11:04:55 200704 --a------ C:\WINDOWS\system32\ciaSCls20.dll 2008-07-10 11:04:54 692224 --a------ C:\WINDOWS\system32\ciaResSvr20.dll 2008-07-10 11:04:50 278528 --a------ C:\WINDOWS\system32\duzactx.dll 2008-07-10 11:04:34 131072 --a------ C:\WINDOWS\perfsysdeam.dll 2008-07-10 11:04:31 0 d-------- C:\WINDOWS\fontstore 2008-07-10 10:58:08 0 d-------- C:\Program Files\WideStep Software 2008-07-10 10:52:39 12021 --a------ C:\WINDOWS\system32\drmcache.dll 2008-07-10 10:34:47 44544 -ra------ C:\WINDOWS\system32\msxml4a.dll 2008-07-09 12:10:50 0 d-------- C:\Documents and Settings\Rob & April\Application Data\{3F3C1848-EDD1-411D-B240-F91B269B86A0} 2008-06-25 22:59:49 169 --ah----- C:\Documents and Settings\NetworkService\hpothb07.dat 2008-06-25 22:35:00 0 --a------ C:\WINDOWS\system32\SBRC.dat 2008-06-25 22:35:00 0 --a------ C:\WINDOWS\system32\SBFC.dat 2008-06-25 22:33:45 0 d-------- C:\Documents and Settings\Rob & April\Application Data\Sunbelt Software -- Find3M Report --------------------------------------------------------------- 2008-07-22 02:00:59 0 d-------- C:\Program Files\PokerStars 2008-07-21 22:18:51 684 --a------ C:\Program Files\data.llp 2008-07-19 14:11:53 0 d-------- C:\Program Files\QuickTime 2008-07-17 11:39:44 0 d-------- C:\Program Files\Bodog Poker 2008-07-16 19:10:31 0 d-------- C:\Program Files\Apple Software Update 2008-07-16 19:09:44 0 d-------- C:\Program Files\Common Files 2008-07-13 22:22:31 0 d-------- C:\Program Files\Absolute Poker 2008-07-12 22:12:57 0 d-------- C:\Program Files\UltimateBet 2008-07-09 17:42:57 0 d-------- C:\Program Files\Enigma Software Group 2008-06-02 09:12:14 0 d-------- C:\Program Files\Google 2008-05-24 10:48:05 42796499 --a------ C:\WINDOWS\system32\wuacache.dll 2008-05-23 11:31:42 284672 -ra------ C:\WINDOWS\system32\sqlcese30.dll 2008-05-23 11:31:42 287232 -ra------ C:\WINDOWS\system32\sqlceca30.dll 2008-05-23 11:31:41 525824 -ra------ C:\WINDOWS\system32\sqlceqp30.dll 2008-05-23 11:31:41 133120 -ra------ C:\WINDOWS\system32\sqlceoledb30.dll 2008-05-23 11:31:41 44544 -ra------ C:\WINDOWS\system32\sqlceme30.dll 2008-05-23 11:31:41 129536 -ra------ C:\WINDOWS\system32\sqlceer30EN.dll 2008-05-23 11:31:41 52736 -ra------ C:\WINDOWS\system32\sqlcecompact30.dll -- Registry Dump --------------------------------------------------------------- *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [10/14/2004 12:42 PM] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM] "IntelMeM"="C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe" [09/03/2003 06:12 PM] "UpdateManager"="C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" [01/06/2004 11:01 PM] "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [12/05/2004 11:05 PM] "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 08:50 AM] "EPSON Stylus C62 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S0BIC1.exe" [04/10/2002 12:00 AM] "igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [09/20/2005 07:35 AM] "igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [09/20/2005 07:32 AM] "igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [09/20/2005 07:36 AM] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [12/11/2007 11:56 AM] "Share-to-Web Namespace Daemon"="c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [04/17/2002 10:42 AM] "C:\Program Files\dfjdkjfdkjfldjf\dfjdkjfdkjfldjf\winlogin.exe"="C:\Program Files\dfjdkjfdkjfldjf\dfjdkjfdkjfldjf\systemclock.exe" [] "nvsvc16"="C:\Program Files\myss\nvsvc16.exe" [] "SendMail"="C:\Program Files\myss\SendMail.exe" [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 03:00 AM] "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 09:24 AM] "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [03/30/2006 04:45 PM] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [05/16/2008 08:25 PM] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViewMgr] -- Hosts ----------------------------------------------------------------------- 127.0.0.1 007guard.com 127.0.0.1 www.007guard.com 127.0.0.1 008i.com 127.0.0.1 008k.com 127.0.0.1 www.008k.com 127.0.0.1 00hq.com 127.0.0.1 www.00hq.com 127.0.0.1 010402.com 127.0.0.1 032439.com 127.0.0.1 www.032439.com 6848 more entries in hosts file. -- End of Deckard's System Scanner: finished at 2008-07-23 15:07:39 ------------