Need help removing Total Security!!

View previous topic View next topic Go down

Need help removing Total Security!!

Post by frontierjaguar09 on 6th October 2009, 3:25 am

Hi,
I have already downloaded Malwarebytes' Anti-Malware; but when I click on the icon on my desktop to let it scan, after 2 seconds at the most it closes itself out! It can barely even begin the scan before exiting. Can anybody help or have an answer?

frontierjaguar09
Novice
Novice

Posts Posts : 6
Joined Joined : 2009-10-05
OS OS : Vista
Points Points : 26240
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Need help removing Total Security!!

Post by Dr Jay on 6th October 2009, 6:04 am

Hi

Please download ComboFix from [You must be registered and logged in to see this link.]

* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective
    programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : [You must be registered and logged in to see this link.]
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. Vista will not allow the recovery console to be installed. Click No at the prompt.


When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Need help removing Total Security!!

Post by frontierjaguar09 on 6th October 2009, 3:05 pm

Hi-I ran Combo Fix and this is what the results where:

ComboFix 09-10-05.01 - ben 10/06/2009 10:38.1.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2038.1001 [GMT -4:00]
Running from: c:\users\ben\Music\New Folder\ComboFix.exe
AV: Windows Live OneCare *On-access scanning disabled* (Outdated) {427ADFC3-B354-4A51-BE34-A9D4218E45C4}
FW: Windows Live OneCare Firewall *disabled* {A3899D22-27E6-4A7E-AE4E-2C106646DAAB}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Windows Live OneCare *disabled* (Outdated) {CC7E50BA-BA8C-4DDE-B5AC-EA53BC38D01B}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\$recycle.bin\S-1-5-21-1271714759-4186987804-190592565-500
c:\$recycle.bin\S-1-5-21-2822659754-3525345811-707038534-500
c:\programdata\Microsoft\Network\Downloader\qmgr0.dat
c:\programdata\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\system32\Ijl11.dll

----- BITS: Possible infected sites -----

[You must be registered and logged in to see this link.]
.
((((((((((((((((((((((((( Files Created from 2009-09-06 to 2009-10-06 )))))))))))))))))))))))))))))))
.

2009-10-06 14:02 . 2009-10-06 14:02 148992 ----a-w- c:\windows\system32\41-v5.exe
2009-10-06 04:16 . 2008-12-11 12:38 159600 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2009-10-06 04:16 . 2009-08-24 18:05 206256 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2009-10-06 04:16 . 2009-08-19 15:01 86888 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2009-10-06 04:15 . 2009-10-06 04:17 -------- d-----w- c:\program files\Common Files\PC Tools
2009-10-06 04:15 . 2008-12-10 15:36 64392 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2009-10-06 04:15 . 2009-10-06 14:01 -------- d-----w- c:\program files\Spyware Doctor
2009-10-06 04:15 . 2009-10-06 04:15 -------- d-----w- c:\users\ben\AppData\Roaming\PC Tools
2009-10-06 04:15 . 2009-10-06 04:15 -------- d-----w- c:\programdata\PC Tools
2009-10-05 14:00 . 2009-10-05 14:00 -------- d-----w- c:\users\ben\AppData\Roaming\Malwarebytes
2009-10-05 14:00 . 2009-09-10 18:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-05 14:00 . 2009-10-06 03:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-05 14:00 . 2009-10-05 14:00 -------- d-----w- c:\programdata\Malwarebytes
2009-10-05 14:00 . 2009-09-10 18:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-05 03:18 . 2009-10-05 03:18 -------- d-----w- c:\program files\VS Revo Group
2009-10-03 16:06 . 2009-10-03 16:06 -------- d-----w- c:\program files\Common Files\TSUninstall
2009-10-03 16:05 . 2009-10-06 14:18 -------- d-----w- c:\program files\TS
2009-09-09 17:18 . 2009-08-14 17:07 897608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-09-09 17:18 . 2009-08-14 16:29 104960 ----a-w- c:\windows\system32\netiohlp.dll
2009-09-09 17:18 . 2009-08-14 14:16 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-09-09 17:18 . 2009-08-14 14:16 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-09-09 17:18 . 2009-08-14 14:16 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-09-09 17:18 . 2009-08-14 14:16 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-09-09 17:18 . 2009-08-14 14:16 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-09-09 17:18 . 2009-08-14 14:16 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-09-09 17:18 . 2009-08-14 14:16 10240 ----a-w- c:\windows\system32\finger.exe
2009-09-09 17:18 . 2009-08-14 16:29 17920 ----a-w- c:\windows\system32\netevent.dll
2009-09-09 17:16 . 2009-07-11 19:32 513024 ----a-w- c:\windows\system32\wlansvc.dll
2009-09-09 17:16 . 2009-07-11 19:32 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-09-09 17:16 . 2009-07-11 19:32 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-09-09 17:16 . 2009-07-11 19:29 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-09-09 17:16 . 2009-06-10 12:11 2868224 ----a-w- c:\windows\system32\mf.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-05 18:39 . 2009-02-07 17:32 -------- d-----w- c:\users\ben\AppData\Roaming\FileZilla
2009-10-03 20:02 . 2009-02-05 22:34 -------- d-----w- c:\program files\Microsoft Windows OneCare Live
2009-10-01 20:26 . 2009-02-07 14:27 224 ----a-w- c:\users\ben\AppData\Roaming\wklnhst.dat
2009-09-28 15:46 . 2009-02-07 17:32 -------- d-----w- c:\program files\FileZilla FTP Client
2009-09-10 21:58 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-02 19:39 . 2009-04-20 20:50 -------- d-----w- c:\users\ben\AppData\Roaming\AVS4YOU
2009-09-02 18:39 . 2009-08-15 19:26 -------- d-----w- c:\users\ben\AppData\Roaming\Any Video Converter
2009-08-28 12:39 . 2009-09-03 13:35 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-28 10:15 . 2009-09-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-19 14:44 . 2009-02-06 17:33 -------- d-----w- c:\users\ben\AppData\Roaming\Sony Corporation
2009-08-15 19:26 . 2009-08-15 19:26 -------- d-----w- c:\program files\Any Video Converter
2009-08-14 10:58 . 2009-10-06 04:16 7396 ----a-w- c:\windows\system32\drivers\pctcore.cat
2009-07-18 16:06 . 2009-07-29 12:53 827904 ----a-w- c:\windows\system32\wininet.dll
2009-07-18 16:01 . 2009-07-29 12:53 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-07-18 09:46 . 2009-07-29 12:53 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-17 14:35 . 2009-08-12 23:20 71680 ----a-w- c:\windows\system32\atl.dll
2009-07-14 13:00 . 2009-08-12 23:20 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-14 12:59 . 2009-08-12 23:19 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-14 12:58 . 2009-08-12 23:19 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-07-14 10:59 . 2009-08-12 23:19 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2008-03-19 20:50 . 2009-02-06 23:00 97280 ----a-w- c:\program files\Common Files\pcsbClean.exe
2008-03-07 00:31 . 2009-02-06 23:00 134656 ----a-w- c:\program files\Common Files\PCSBoff.exe
2009-06-08 17:14 . 2009-03-07 19:28 88 --sha-r- c:\windows\System32\8FBC2460AB.sys
2009-06-08 17:14 . 2009-03-07 19:28 3452 --sha-w- c:\windows\System32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AOLOverlayIcon]
@="{AB0C8BE3-041C-47d6-8195-E089D32B38DD}"
[HKEY_CLASSES_ROOT\CLSID\{AB0C8BE3-041C-47d6-8195-E089D32B38DD}]
2008-02-03 00:27 303104 ----a-w- c:\ddi\OverIcon.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2008-01-21 2153472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-05 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-05 137752]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2008-02-23 122880]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-11-21 311296]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0\bin\jusched.exe" [2008-03-31 77824]
"VAIOMyMemCenter"="c:\program files\Sony\VAIO My Memory Center\VAIO MyMemCenter.exe" [2008-02-29 679936]
"VWLASU"="c:\program files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe" [2008-02-19 24576]
"OneCareUI"="c:\program files\Microsoft Windows OneCare Live\winssnotify.exe" [2007-10-01 66600]
"VAIO Help and Support Demo"="c:\program files\Sony\VAIO Help and Support Demo\LaunchVHSD.exe" [2007-08-28 290816]
"VAIORegistration"="c:\program files\Sony\First Experience\WelcomeLauncher.exe" [2007-10-17 20480]
"VAIOSurvey"="c:\program files\Sony\VAIO Survey\Vista VAIO Survey.exe" [2007-07-20 577536]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-07 1601304]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-01-23 4718592]

c:\users\ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AOLDDI.lnk - c:\ddi\AOLICON.exe [2008-3-31 764928]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2007-11-13 972064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-08-15 03:05 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=""
"FirewallOverride"=""
"UpdatesDisableNotify"=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{B57BBDA6-0AD0-4E1C-B61F-7E8AD149176D}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{EE60AE5E-CFCF-4E7F-9D22-7C2BF6E15EB9}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{6DD1A770-D597-43A6-BA02-612392F20F3A}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe
"{056BB559-D08F-49EC-A627-4ED7D174AF96}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{5B26F101-54C5-4138-BD95-E77C1608435F}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 PCTCore;PCTools KDS;c:\windows\System32\drivers\PCTCore.sys [10/6/2009 12:16 AM 206256]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [2/6/2009 8:03 PM 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [2/6/2009 8:03 PM 107272]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2/6/2009 8:02 PM 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2/6/2009 8:02 PM 298264]
R2 regi;regi;c:\windows\System32\drivers\regi.sys [4/18/2007 12:09 AM 11032]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys [3/31/2008 1:15 PM 9344]
R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [3/31/2008 1:13 PM 812544]
S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [10/6/2009 12:15 AM 348824]
S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2/5/2009 6:48 PM 104288]
S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2/5/2009 6:48 PM 350048]
S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2/5/2009 6:48 PM 63328]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [3/31/2008 2:12 PM 333088]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [3/31/2008 2:13 PM 87328]

--- Other Services/Drivers In Memory ---

*Deregistered* - mchInjDrv
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
IE: &AOL Toolbar Search - c:\programdata\AOL\ieToolbar\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
DPF: {8646A6AF-0AE4-4BF8-B716-DB1513803972} - [You must be registered and logged in to see this link.]
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-10-06 10:47
Windows 6.0.6001 Service Pack 1 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-10-06 10:49
ComboFix-quarantined-files.txt 2009-10-06 14:49

Pre-Run: 97,422,315,520 bytes free
Post-Run: 97,939,861,504 bytes free

196 --- E O F --- 2009-09-10 13:52

frontierjaguar09
Novice
Novice

Posts Posts : 6
Joined Joined : 2009-10-05
OS OS : Vista
Points Points : 26240
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Need help removing Total Security!!

Post by Dr Jay on 7th October 2009, 3:33 am

Hi

I have noticed that you have 4 antispyware programs installed on your computer.
These are:
  • 1. Spyware Doctor
  • 2. Windows Live OneCare
  • 3. AVG
  • 4. Windows Defender
Warning!
Running more than one resident protection program of the same type (antivirus, firewall or antispyware program) at the same time can result in unwanted conflict.
This can reduce the effectiveness of all your antispyware programs individually.
If you want to keep all your antispyware programs then please make sure they are not in resident mode at the same time.

I notice that you are using more than one antivirus program.
  • AVG
  • Windows Live OneCare

This is very dangerous, as multiple AVs can interfere with one another and actually allow MORE viruses to get through.
It is important that only ONE antivirus program is running realtime protection.
I strongly suggest you either (1) uninstall all but one antivirus program, and all but one antispyware program through Control Panel->Add or remove Programs,
OR (2) keep the programs, but leave all but one of them disabled most of the time.
You can still use them for scanning your computer.

Out of the software you already have, if you have a subscription to Windows Live OneCare, then stay with it and uninstall the rest. Otherwise, I recommend to use only AVG.

==

Re-running ComboFix to remove infections:

  1. Close any open browsers.
  2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
  3. Open notepad and copy/paste the text in the quotebox below into it:

    Suspect::
    c:\windows\system32\41-v5.exe

    Folder::
    c:\program files\Common Files\TSUninstall
    c:\program files\TS
  4. Save this as CFScript.txt, in the same location as ComboFix.exe



  5. Referring to the picture above, drag CFScript into ComboFix.exe
  6. When finished, it shall produce a log for you at C:\ComboFix.txt
  7. Please post the contents of the log in your next reply.


==

Please open Malwarebytes, click the Update tab, and click Check for Updates. Then, click the Scanner tab, select Perform Quick Scan, and press Scan. When the scan has finished, click the Show Results and the Remove selected buttons, and post the log in your next reply.

==

Please include the ComboFix and Malwarebytes logs in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Need help removing Total Security!!

Post by frontierjaguar09 on 7th October 2009, 5:58 am

Hi here are the contents from the ComboFix:

ComboFix 09-10-05.01 - ben 10/07/2009 1:29.2.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.2038.1174 [GMT -4:00]
Running from: c:\users\ben\Music\New Folder\ComboFix.exe
Command switches used :: c:\users\ben\Music\New Folder\CFScript.txt
AV: Windows Live OneCare *On-access scanning disabled* (Outdated) {427ADFC3-B354-4A51-BE34-A9D4218E45C4}
FW: Windows Live OneCare Firewall *enabled* {A3899D22-27E6-4A7E-AE4E-2C106646DAAB}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Windows Live OneCare *disabled* (Outdated) {CC7E50BA-BA8C-4DDE-B5AC-EA53BC38D01B}

file zipped: c:\windows\System32\41-v5.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\TS

.
((((((((((((((((((((((((( Files Created from 2009-09-07 to 2009-10-07 )))))))))))))))))))))))))))))))
.

2009-10-07 05:41 . 2009-10-07 05:41 -------- d-----w- c:\users\ben\AppData\Local\temp
2009-10-07 05:41 . 2009-10-07 05:41 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-10-07 05:41 . 2009-10-07 05:41 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-10-06 14:02 . 2009-10-06 14:02 148992 ----a-w- c:\windows\system32\41-v5.exe
2009-10-05 14:00 . 2009-10-05 14:00 -------- d-----w- c:\users\ben\AppData\Roaming\Malwarebytes
2009-10-05 14:00 . 2009-09-10 18:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-10-05 14:00 . 2009-10-06 03:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-10-05 14:00 . 2009-10-05 14:00 -------- d-----w- c:\programdata\Malwarebytes
2009-10-05 14:00 . 2009-09-10 18:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-10-05 03:18 . 2009-10-05 03:18 -------- d-----w- c:\program files\VS Revo Group
2009-09-09 17:18 . 2009-08-14 17:07 897608 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-09-09 17:18 . 2009-08-14 16:29 104960 ----a-w- c:\windows\system32\netiohlp.dll
2009-09-09 17:18 . 2009-08-14 14:16 27136 ----a-w- c:\windows\system32\NETSTAT.EXE
2009-09-09 17:18 . 2009-08-14 14:16 19968 ----a-w- c:\windows\system32\ARP.EXE
2009-09-09 17:18 . 2009-08-14 14:16 9728 ----a-w- c:\windows\system32\TCPSVCS.EXE
2009-09-09 17:18 . 2009-08-14 14:16 17920 ----a-w- c:\windows\system32\ROUTE.EXE
2009-09-09 17:18 . 2009-08-14 14:16 11264 ----a-w- c:\windows\system32\MRINFO.EXE
2009-09-09 17:18 . 2009-08-14 14:16 8704 ----a-w- c:\windows\system32\HOSTNAME.EXE
2009-09-09 17:18 . 2009-08-14 14:16 10240 ----a-w- c:\windows\system32\finger.exe
2009-09-09 17:18 . 2009-08-14 16:29 17920 ----a-w- c:\windows\system32\netevent.dll
2009-09-09 17:16 . 2009-07-11 19:32 513024 ----a-w- c:\windows\system32\wlansvc.dll
2009-09-09 17:16 . 2009-07-11 19:32 302592 ----a-w- c:\windows\system32\wlansec.dll
2009-09-09 17:16 . 2009-07-11 19:32 293376 ----a-w- c:\windows\system32\wlanmsm.dll
2009-09-09 17:16 . 2009-07-11 19:29 127488 ----a-w- c:\windows\system32\L2SecHC.dll
2009-09-09 17:16 . 2009-06-10 12:11 2868224 ----a-w- c:\windows\system32\mf.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-10-06 15:18 . 2009-02-07 14:27 224 ----a-w- c:\users\ben\AppData\Roaming\wklnhst.dat
2009-10-05 18:39 . 2009-02-07 17:32 -------- d-----w- c:\users\ben\AppData\Roaming\FileZilla
2009-10-03 20:02 . 2009-02-05 22:34 -------- d-----w- c:\program files\Microsoft Windows OneCare Live
2009-09-28 15:46 . 2009-02-07 17:32 -------- d-----w- c:\program files\FileZilla FTP Client
2009-09-10 21:58 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-09-02 19:39 . 2009-04-20 20:50 -------- d-----w- c:\users\ben\AppData\Roaming\AVS4YOU
2009-09-02 18:39 . 2009-08-15 19:26 -------- d-----w- c:\users\ben\AppData\Roaming\Any Video Converter
2009-08-28 12:39 . 2009-09-03 13:35 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-08-28 10:15 . 2009-09-03 13:35 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-08-19 14:44 . 2009-02-06 17:33 -------- d-----w- c:\users\ben\AppData\Roaming\Sony Corporation
2009-08-15 19:26 . 2009-08-15 19:26 -------- d-----w- c:\program files\Any Video Converter
2009-07-18 16:06 . 2009-07-29 12:53 827904 ----a-w- c:\windows\system32\wininet.dll
2009-07-18 16:01 . 2009-07-29 12:53 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-07-18 09:46 . 2009-07-29 12:53 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-17 14:35 . 2009-08-12 23:20 71680 ----a-w- c:\windows\system32\atl.dll
2009-07-14 13:00 . 2009-08-12 23:20 313344 ----a-w- c:\windows\system32\wmpdxm.dll
2009-07-14 12:59 . 2009-08-12 23:19 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-07-14 12:58 . 2009-08-12 23:19 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-07-14 10:59 . 2009-08-12 23:19 8147456 ----a-w- c:\windows\system32\wmploc.DLL
2008-03-19 20:50 . 2009-02-06 23:00 97280 ----a-w- c:\program files\Common Files\pcsbClean.exe
2008-03-07 00:31 . 2009-02-06 23:00 134656 ----a-w- c:\program files\Common Files\PCSBoff.exe
2009-06-08 17:14 . 2009-03-07 19:28 88 --sha-r- c:\windows\System32\8FBC2460AB.sys
2009-06-08 17:14 . 2009-03-07 19:28 3452 --sha-w- c:\windows\System32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( [You must be registered and logged in to see this link.] )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-21 01:58 . 2009-10-07 05:14 43040 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2006-11-02 13:05 . 2009-10-07 05:14 67742 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2009-05-07 17:08 . 2009-10-06 17:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-05-07 17:08 . 2009-10-03 21:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-05-07 17:08 . 2009-10-03 21:02 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-05-07 17:08 . 2009-10-06 17:02 32768 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-05-07 17:08 . 2009-10-03 21:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-05-07 17:08 . 2009-10-06 17:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-02-06 22:45 . 2009-10-07 05:14 8526 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2822659754-3525345811-707038534-1000_UserData.bin
- 2009-10-06 14:01 . 2009-10-06 14:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-10-07 05:12 . 2009-10-07 05:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2009-10-07 05:12 . 2009-10-07 05:12 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-10-06 14:01 . 2009-10-06 14:09 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-02-10 14:36 . 2009-10-06 22:18 233504 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2008-03-31 19:57 . 2009-10-07 04:36 238230 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AOLOverlayIcon]
@="{AB0C8BE3-041C-47d6-8195-E089D32B38DD}"
[HKEY_CLASSES_ROOT\CLSID\{AB0C8BE3-041C-47d6-8195-E089D32B38DD}]
2008-02-03 00:27 303104 ----a-w- c:\ddi\OverIcon.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"WindowsWelcomeCenter"="oobefldr.dll" - c:\windows\System32\oobefldr.dll [2008-01-21 2153472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-05 154136]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-05 137752]
"Apoint"="c:\program files\Apoint\Apoint.exe" [2008-02-23 122880]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792]
"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-11-21 311296]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0\bin\jusched.exe" [2008-03-31 77824]
"VAIOMyMemCenter"="c:\program files\Sony\VAIO My Memory Center\VAIO MyMemCenter.exe" [2008-02-29 679936]
"VWLASU"="c:\program files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe" [2008-02-19 24576]
"OneCareUI"="c:\program files\Microsoft Windows OneCare Live\winssnotify.exe" [2007-10-01 66600]
"VAIO Help and Support Demo"="c:\program files\Sony\VAIO Help and Support Demo\LaunchVHSD.exe" [2007-08-28 290816]
"VAIORegistration"="c:\program files\Sony\First Experience\WelcomeLauncher.exe" [2007-10-17 20480]
"VAIOSurvey"="c:\program files\Sony\VAIO Survey\Vista VAIO Survey.exe" [2007-07-20 577536]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-01-23 4718592]

c:\users\ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2007-12-7 101440]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AOLDDI.lnk - c:\ddi\AOLICON.exe [2008-3-31 764928]
QuickBooks Update Agent.lnk - c:\program files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe [2007-11-13 972064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2007-08-15 03:05 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\OneCareMP]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=""
"FirewallOverride"=""
"UpdatesDisableNotify"=""

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{B57BBDA6-0AD0-4E1C-B61F-7E8AD149176D}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{EE60AE5E-CFCF-4E7F-9D22-7C2BF6E15EB9}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R2 regi;regi;c:\windows\System32\drivers\regi.sys [4/18/2007 12:09 AM 11032]
R3 SFEP;Sony Firmware Extension Parser;c:\windows\System32\drivers\SFEP.sys [3/31/2008 1:15 PM 9344]
R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [3/31/2008 1:13 PM 812544]
S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\Sony\VAIO Media plus\SOHCImp.exe [2/5/2009 6:48 PM 104288]
S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\Sony\VAIO Media plus\SOHDms.exe [2/5/2009 6:48 PM 350048]
S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\Sony\VAIO Media plus\SOHDs.exe [2/5/2009 6:48 PM 63328]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [3/31/2008 2:12 PM 333088]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe [3/31/2008 2:13 PM 87328]
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
IE: &AOL Toolbar Search - c:\programdata\AOL\ieToolbar\resources\en-US\local\search.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
DPF: {8646A6AF-0AE4-4BF8-B716-DB1513803972} - [You must be registered and logged in to see this link.]
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [You must be registered and logged in to see this link.]
Rootkit scan 2009-10-07 01:41
Windows 6.0.6001 Service Pack 1 NTFS

scanning hȋdden processes ...

scanning hȋdden autostart entries ...

scanning hȋdden files ...

scan completed successfully
hȋdden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(3184)
c:\ddi\overicon.dll
.
Completion time: 2009-10-07 1:44
ComboFix-quarantined-files.txt 2009-10-07 05:44
ComboFix2.txt 2009-10-06 14:49

Pre-Run: 98,734,850,048 bytes free
Post-Run: 98,386,206,720 bytes free

190 --- E O F --- 2009-09-10 13:52

frontierjaguar09
Novice
Novice

Posts Posts : 6
Joined Joined : 2009-10-05
OS OS : Vista
Points Points : 26240
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Need help removing Total Security!!

Post by frontierjaguar09 on 7th October 2009, 6:06 am

Here is the result from the Malwarebytes scan as well:

Malwarebytes' Anti-Malware 1.41
Database version: 2917
Windows 6.0.6001 Service Pack 1

10/7/2009 2:05:36 AM
mbam-log-2009-10-07 (02-05-36).txt

Scan type: Quick Scan
Objects scanned: 89069
Time elapsed: 5 minute(s), 48 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

frontierjaguar09
Novice
Novice

Posts Posts : 6
Joined Joined : 2009-10-05
OS OS : Vista
Points Points : 26240
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Need help removing Total Security!!

Post by Dr Jay on 7th October 2009, 8:08 am

Hi

Please download [You must be registered and logged in to see this link.] and save it to your Desktop.
  • Right-click on SpiderKill.zip and click Extract All. Follow the prompts and read carefully, to save it to your Desktop.
  • Double-click on the SpiderKill folder, and then double-click on SpiderKill.bat and follow all the prompts in the program.
  • Within a minute, it will save its log titled SpiderKill.txt. Please post that in your next reply. You may have to use two or three posts to be able to fit the information in.


==

Download Security Check by screen317 from [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.].
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


==

Please include the SpiderKill and Security Check logs in your next reply.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

Re: Need help removing Total Security!!

Post by frontierjaguar09 on 7th October 2009, 3:53 pm

SpiderKill by DragonMaster Jay ( Oct 2009 )


Microsoft Windows [Version 6.0.6001]

********************Drivers list********************


Volume in drive C is VISTA
Volume Serial Number is 74AA-7C97

Directory of C:\Windows\System32\Drivers

10/07/2009 02:17 AM .
10/07/2009 02:17 AM ..
01/20/2008 10:23 PM 53,376 1394bus.sys
01/20/2008 10:23 PM 266,808 acpi.sys
01/20/2008 10:23 PM 422,968 adp94xx.sys
01/20/2008 10:23 PM 300,600 adpahci.sys
01/20/2008 10:23 PM 101,432 adpu160m.sys
01/20/2008 10:23 PM 149,560 adpu320.sys
01/20/2008 10:24 PM 273,920 afd.sys
01/20/2008 10:23 PM 56,376 AGP440.sys
01/20/2008 10:23 PM 17,464 aliide.sys
01/20/2008 10:23 PM 57,400 AMDAGP.SYS
01/20/2008 10:23 PM 17,976 amdide.sys
01/20/2008 10:23 PM 41,472 amdk7.sys
01/20/2008 10:23 PM 44,032 amdk8.sys
02/22/2008 08:38 PM 164,400 Apfiltr.sys
01/20/2008 10:23 PM 79,416 arc.sys
01/20/2008 10:23 PM 79,928 arcsas.sys
01/20/2008 10:24 PM 17,408 asyncmac.sys
01/20/2008 10:23 PM 21,560 atapi.sys
01/20/2008 10:23 PM 110,136 ataport.sys
01/20/2008 10:23 PM 28,216 battc.sys
01/20/2008 10:23 PM 12,288 bdasup.sys
01/20/2008 10:23 PM 6,144 beep.sys
01/20/2008 10:23 PM 45,568 blbdrive.sys
01/20/2008 10:23 PM 69,632 bowser.sys
11/02/2006 04:24 AM 13,568 BrFiltLo.sys
11/02/2006 04:24 AM 5,248 BrFiltUp.sys
01/20/2008 10:23 PM 93,696 bridge.sys
11/02/2006 04:25 AM 71,808 BrSerId.sys
11/02/2006 04:24 AM 62,336 BrSerWdm.sys
11/02/2006 04:24 AM 12,160 BrUsbMdm.sys
11/02/2006 04:24 AM 11,904 BrUsbSer.sys
11/02/2006 04:55 AM 39,936 bthmodem.sys
01/20/2008 10:23 PM 70,144 cdfs.sys
02/02/2007 03:00 AM 9,336 cdr4_xp.sys
02/02/2007 03:00 AM 9,464 cdralw2k.sys
01/20/2008 10:23 PM 67,072 cdrom.sys
01/20/2008 10:23 PM 35,328 circlass.sys
01/20/2008 10:24 PM 127,544 Classpnp.sys
01/20/2008 10:23 PM 14,208 CmBatt.sys
01/20/2008 10:23 PM 19,000 cmdide.sys
01/20/2008 10:23 PM 20,792 compbatt.sys
01/20/2008 10:23 PM 36,408 crashdmp.sys
01/20/2008 10:23 PM 24,632 crcdisk.sys
01/20/2008 10:23 PM 40,960 crusoe.sys
01/20/2008 10:24 PM 75,264 dfsc.sys
01/20/2008 10:23 PM 55,352 disk.sys
01/20/2008 10:24 PM 19,968 Diskdump.sys
11/02/2006 05:50 AM 71,272 djsvs.sys
12/13/2007 08:40 PM 10,216 DMICall.sys
01/20/2008 10:23 PM 130,048 drmk.sys
01/20/2008 10:23 PM 5,632 drmkaud.sys
01/20/2008 10:24 PM 29,240 Dumpata.sys
01/20/2008 10:24 PM 13,312 dxapi.sys
01/20/2008 10:24 PM 76,288 dxg.sys
08/01/2008 09:01 PM 625,152 dxgkrnl.sys
01/20/2008 10:23 PM 118,784 E1G60I32.sys
01/20/2008 10:23 PM 143,416 ecache.sys
01/20/2008 10:23 PM 342,584 elxstor.sys
01/20/2008 10:34 PM en-US
01/20/2008 10:23 PM 6,656 errdev.sys
11/02/2006 07:18 AM etc
01/20/2008 10:25 PM 136,192 exfat.sys
01/20/2008 10:24 PM 143,360 fastfat.sys
01/20/2008 10:23 PM 25,088 fdc.sys
01/20/2008 10:24 PM 58,936 fileinfo.sys
01/20/2008 10:24 PM 27,648 filetrace.sys
01/20/2008 10:23 PM 20,480 flpydisk.sys
01/20/2008 10:24 PM 192,056 fltMgr.sys
01/20/2008 10:24 PM 12,800 fs_rec.sys
01/20/2008 10:23 PM 101,432 FWPKCLNT.SYS
01/20/2008 10:23 PM 61,496 GAGP30KX.SYS
09/18/2006 05:26 PM 3,440,660 gm.dls
09/18/2006 05:26 PM 646 gmreadme.txt
01/20/2008 10:23 PM 53,760 hdaudbus.sys
11/02/2006 03:36 AM 235,520 HdAudio.sys
11/02/2006 04:55 AM 29,184 hidbth.sys
01/20/2008 10:23 PM 38,912 hidclass.sys
11/02/2006 04:55 AM 21,504 hidir.sys
01/20/2008 10:23 PM 25,472 hidparse.sys
01/20/2008 10:23 PM 12,288 hidusb.sys
01/20/2008 10:23 PM 40,504 HpCISSs.sys
02/05/2008 08:06 PM 207,360 HSXHWAZL.sys
02/05/2008 08:06 PM 659,968 HSX_CNXT.sys
02/05/2008 08:06 PM 985,600 HSX_DPV.sys
01/20/2008 10:23 PM 401,408 http.sys
01/20/2008 10:23 PM 19,000 i2omgmt.sys
01/20/2008 10:23 PM 30,264 i2omp.sys
01/20/2008 10:23 PM 54,784 i8042prt.sys
02/28/2007 08:03 PM 277,784 iaStor.sys
01/20/2008 10:23 PM 235,064 iaStorV.sys
02/04/2008 08:08 PM 1,776,128 igdkmd32.sys
11/02/2006 05:50 AM 41,576 iirsp.sys
01/20/2008 10:23 PM 17,976 intelide.sys
01/20/2008 10:23 PM 41,472 intelppm.sys
01/20/2008 10:24 PM 47,616 ipfltdrv.sys
01/20/2008 10:23 PM 64,512 IPMIDrv.sys
01/20/2008 10:24 PM 100,864 ipnat.sys
01/20/2008 10:24 PM 95,744 irda.sys
01/20/2008 10:23 PM 13,312 irenum.sys
01/20/2008 10:23 PM 49,720 isapnp.sys
11/02/2006 05:50 AM 35,944 iteatapi.sys
11/02/2006 05:50 AM 35,944 iteraid.sys
01/20/2008 10:23 PM 35,384 kbdclass.sys
01/20/2008 10:23 PM 15,872 kbdhid.sys
01/20/2008 10:24 PM 148,992 ks.sys
06/15/2009 02:20 PM 439,896 ksecdd.sys
01/20/2008 10:24 PM 47,104 lltdio.sys
01/20/2008 10:23 PM 96,312 lsi_fc.sys
01/20/2008 10:23 PM 89,656 lsi_sas.sys
01/20/2008 10:23 PM 96,312 lsi_scsi.sys
01/20/2008 10:24 PM 84,480 luafv.sys
09/10/2009 02:53 PM 19,160 mbam.sys
09/10/2009 02:54 PM 38,224 mbamswissarmy.sys
01/20/2008 10:24 PM 18,944 mcd.sys
02/05/2008 08:06 PM 12,672 mdmxsdk.sys
01/20/2008 10:23 PM 31,288 megasas.sys
01/20/2008 10:23 PM 386,616 MegaSR.sys
01/20/2008 10:24 PM 31,744 modem.sys
01/20/2008 10:23 PM 41,984 monitor.sys
01/20/2008 10:23 PM 34,360 mouclass.sys
01/20/2008 10:23 PM 15,872 mouhid.sys
01/20/2008 10:23 PM 57,400 mountmgr.sys
05/15/2008 04:15 PM 53,168 MpFilter.sys
01/20/2008 10:23 PM 105,016 mpio.sys
01/20/2008 10:24 PM 64,000 mpsdrv.sys
11/02/2006 05:49 AM 33,384 Mraid35x.sys
01/20/2008 10:23 PM 110,080 mrxdav.sys
01/20/2008 10:24 PM 105,472 mrxsmb.sys
08/26/2008 09:05 PM 212,480 mrxsmb10.sys
01/20/2008 10:24 PM 78,848 mrxsmb20.sys
01/20/2008 10:23 PM 28,728 msahci.sys
01/20/2008 10:23 PM 94,776 msdsm.sys
01/20/2008 10:23 PM 22,528 msfs.sys
01/20/2008 10:23 PM 3 MsftWdf_Kernel_01007_Inbox_Critical.Wdf
11/27/2007 10:45 PM 91,200 msfwdrv.sys
11/27/2007 10:44 PM 37,440 msfwhlpr.sys
01/20/2008 10:23 PM 16,440 msisadrv.sys
01/20/2008 10:23 PM 181,304 msiscsi.sys
01/20/2008 10:24 PM 8,192 mskssrv.sys
01/20/2008 10:24 PM 5,888 mspclock.sys
01/20/2008 10:24 PM 5,504 mspqm.sys
01/20/2008 10:24 PM 163,384 msrpc.sys
01/20/2008 10:23 PM 31,288 mssmbios.sys
01/20/2008 10:24 PM 6,016 mstee.sys
01/20/2008 10:24 PM 49,720 mup.sys
01/20/2008 10:23 PM 529,464 ndis.sys
01/20/2008 10:24 PM 20,992 ndistapi.sys
01/20/2008 10:24 PM 16,896 ndisuio.sys
01/20/2008 10:24 PM 121,344 ndiswan.sys
01/20/2008 10:24 PM 49,664 ndproxy.sys
01/20/2008 10:24 PM 35,840 netbios.sys
01/20/2008 10:24 PM 184,320 netbt.sys
01/20/2008 10:24 PM 223,288 netio.sys
01/20/2008 10:23 PM 2,225,664 NETw3v32.sys
09/18/2007 11:29 PM 2,222,080 NETw4v32.sys
11/02/2006 05:50 AM 45,160 nfrd960.sys
01/20/2008 10:23 PM 34,816 npfs.sys
01/20/2008 10:24 PM 16,384 nsiproxy.sys
01/20/2008 10:23 PM 1,081,912 ntfs.sys
11/02/2006 03:36 AM 20,608 ntrigdigi.sys
01/20/2008 10:23 PM 4,608 null.sys
01/20/2008 10:23 PM 102,968 nvraid.sys
01/20/2008 10:23 PM 45,112 nvstor.sys
01/20/2008 10:23 PM 109,112 NV_AGP.SYS
05/19/2008 10:07 PM 148,480 nwifi.sys
01/20/2008 10:23 PM 61,952 ohci1394.sys
04/04/2008 09:21 PM 72,192 pacer.sys
11/02/2006 04:51 AM 79,360 parport.sys
01/20/2008 10:24 PM 56,376 partmgr.sys
11/02/2006 04:51 AM 8,704 parvdm.sys
01/20/2008 10:23 PM 151,096 pci.sys
01/20/2008 10:23 PM 16,440 pciide.sys
01/20/2008 10:23 PM 45,112 pciidex.sys
01/20/2008 10:23 PM 179,256 pcmcia.sys
11/02/2006 05:04 AM 878,080 PEAuth.sys
01/20/2008 10:23 PM 167,936 portcls.sys
01/20/2008 10:23 PM 40,960 processr.sys
12/20/2007 07:00 AM 44,608 pxhelp20.sys
01/20/2008 10:23 PM 1,122,360 ql2300.sys
11/02/2006 05:50 AM 106,088 ql40xx.sys
01/20/2008 10:23 PM 31,232 qwavedrv.sys
01/20/2008 10:24 PM 11,776 rasacd.sys
01/20/2008 10:24 PM 76,288 rasl2tp.sys
01/20/2008 10:24 PM 41,472 raspppoe.sys
01/20/2008 10:24 PM 62,976 raspptp.sys
01/20/2008 10:25 PM 69,120 rassstp.sys
01/20/2008 10:24 PM 224,768 rdbss.sys
01/20/2008 10:24 PM 6,144 RDPCDD.sys
01/20/2008 10:23 PM 248,832 rdpdr.sys
01/20/2008 10:24 PM 6,144 RDPENCDD.sys
01/20/2008 10:24 PM 181,248 rdpwd.sys
04/18/2007 12:09 AM 11,032 regi.sys
05/09/2008 09:33 PM 113,664 rmcast.sys
01/20/2008 10:24 PM 33,280 RNDISMP.sys
01/20/2008 10:24 PM 8,192 rootmdm.sys
01/20/2008 10:24 PM 60,416 rspndr.sys
01/22/2008 08:11 PM 2,032,280 RTKVHDA.sys
11/02/2006 05:50 AM 76,392 sbp2port.sys
01/20/2008 10:23 PM 142,904 scsiport.sys
11/02/2006 02:37 AM 20,480 secdrv.sys
11/02/2006 04:51 AM 17,920 serenum.sys
11/02/2006 04:51 AM 83,456 serial.sys
01/20/2008 10:23 PM 19,968 sermouse.sys
12/16/2007 09:57 PM 9,344 SFEP.sys
01/20/2008 10:23 PM 13,312 sffdisk.sys
01/20/2008 10:23 PM 12,288 sffp_mmc.sys
01/20/2008 10:23 PM 11,776 sffp_sd.sys
11/02/2006 04:51 AM 13,312 sfloppy.sys
01/20/2008 10:23 PM 55,864 SISAGP.SYS
01/20/2008 10:23 PM 41,016 sisraid2.sys
01/20/2008 10:23 PM 74,808 sisraid4.sys
01/20/2008 10:25 PM 66,560 smb.sys
01/20/2008 10:24 PM 17,408 smclib.sys
02/05/2008 08:06 PM 140,914 SnyHDAN.cty
01/20/2008 10:24 PM 21,048 spldr.sys
01/20/2008 10:24 PM 681,984 spsys.sys
12/15/2008 10:42 PM 288,768 srv.sys
01/20/2008 10:24 PM 144,384 srv2.sys
01/20/2008 10:23 PM 98,304 srvnet.sys
01/20/2008 10:24 PM 123,960 Storport.sys
01/20/2008 10:24 PM 52,992 stream.sys
01/20/2008 10:23 PM 15,288 swenum.sys
11/02/2006 05:50 AM 35,944 symc8xx.sys
11/02/2006 05:49 AM 31,848 sym_hi.sys
11/02/2006 05:50 AM 34,920 sym_u3.sys
01/20/2008 10:24 PM 24,576 tape.sys
08/14/2009 01:07 PM 897,608 tcpip.sys
01/20/2008 10:23 PM 30,208 tcpipreg.sys
01/20/2008 10:24 PM 20,992 tdi.sys
01/20/2008 10:24 PM 17,920 tdpipe.sys
01/20/2008 10:24 PM 29,184 tdtcp.sys
01/20/2008 10:24 PM 71,680 tdx.sys
01/20/2008 10:23 PM 54,328 termdd.sys
06/05/2007 08:00 PM 812,544 ti21sony.sys
01/20/2008 10:24 PM 23,552 tssecsrv.sys
01/20/2008 10:24 PM 15,360 TUNMP.SYS
01/20/2008 10:24 PM 23,040 tunnel.sys
01/20/2008 10:23 PM 59,448 UAGP35.SYS
01/20/2008 10:23 PM 226,816 udfs.sys
01/20/2008 10:23 PM 60,984 ULIAGPKX.SYS
01/20/2008 10:23 PM 238,648 uliahci.sys
11/02/2006 05:50 AM 98,408 ulsata.sys
01/20/2008 10:23 PM 115,816 ulsata2.sys
01/20/2008 10:23 PM 34,816 umbus.sys
03/31/2008 01:13 PM UMDF
01/20/2008 10:23 PM 7,680 umpass.sys
01/20/2008 10:24 PM 15,872 usb8023.sys
01/20/2008 10:24 PM 25,728 USBCAMD.sys
01/20/2008 10:24 PM 25,728 USBCAMD2.sys
01/20/2008 10:23 PM 73,216 usbccgp.sys
11/02/2006 04:55 AM 68,608 usbcir.sys
01/20/2008 10:23 PM 5,888 usbd.sys
01/20/2008 10:23 PM 39,424 usbehci.sys
01/20/2008 10:23 PM 194,560 usbhub.sys
11/02/2006 04:55 AM 19,456 usbohci.sys
01/20/2008 10:23 PM 226,304 usbport.sys
01/20/2008 10:23 PM 18,944 usbprint.sys
01/20/2008 10:23 PM 35,328 usbscan.sys
01/20/2008 10:23 PM 23,552 usbuhci.sys
01/20/2008 10:24 PM 25,088 vga.sys
01/20/2008 10:23 PM 26,112 vgapnp.sys
01/20/2008 10:23 PM 56,888 VIAAGP.SYS
01/20/2008 10:23 PM 41,472 viac7.sys
01/20/2008 10:23 PM 20,024 viaide.sys
01/20/2008 10:23 PM 110,080 videoprt.sys
01/20/2008 10:23 PM 52,792 volmgr.sys
01/20/2008 10:24 PM 294,456 volmgrx.sys
01/20/2008 10:23 PM 227,896 volsnap.sys
01/20/2008 10:23 PM 130,616 vsmraid.sys
01/20/2008 10:23 PM 200,704 VSTAZL3.SYS
01/20/2008 10:23 PM 654,336 VSTCNXT3.SYS
01/20/2008 10:23 PM 133,972 VSTDProf.cty
01/20/2008 10:23 PM 987,648 VSTDPV3.SYS
01/20/2008 10:23 PM 133,528 VSTEProf.cty
01/20/2008 10:23 PM 141,611 VSTProf.cty
01/20/2008 10:23 PM 141,572 VSTSProf.cty
11/02/2006 04:52 AM 20,608 wacompen.sys
01/20/2008 10:24 PM 62,464 wanarp.sys
01/20/2008 10:24 PM 32,768 watchdog.sys
01/20/2008 10:23 PM 22,072 wd.sys
01/20/2008 10:23 PM 503,864 Wdf01000.sys
01/20/2008 10:23 PM 35,896 WdfLdr.sys
05/26/2007 04:03 AM 128,104 WimFltr.sys
01/20/2008 10:23 PM 11,264 wmiacpi.sys
01/20/2008 10:23 PM 17,976 wmilib.sys
01/20/2008 10:24 PM 15,872 ws2ifsl.sys
01/20/2008 10:24 PM 51,200 WUDFPf.sys
01/20/2008 10:24 PM 83,328 WUDFRd.sys
02/05/2008 08:06 PM 386,560 XAudio.exe
02/05/2008 08:06 PM 8,192 XAudio.sys
02/05/2008 08:05 PM 246,784 yk60x86.sys
288 File(s) 42,541,138 bytes

Directory of C:\Windows\System32\Drivers\en-US

01/20/2008 10:34 PM .
01/20/2008 10:34 PM ..
11/02/2006 08:41 AM 9,728 acpi.sys.mui
11/02/2006 08:41 AM 8,704 afd.sys.mui
11/02/2006 08:41 AM 3,072 AGP440.sys.mui
11/02/2006 08:41 AM 3,072 AMDAGP.SYS.mui
11/02/2006 08:40 AM 2,560 amdide.sys.mui
11/02/2006 08:40 AM 14,848 amdk7.sys.mui
11/02/2006 08:40 AM 14,848 amdk8.sys.mui
11/02/2006 08:41 AM 3,072 ati2mpad.sys.mui
11/02/2006 08:41 AM 3,584 ati2mtag.sys.mui
11/02/2006 08:40 AM 3,072 atikmdag.sys.mui
01/20/2008 10:25 PM 5,120 b57nd60x.sys.mui
11/02/2006 08:40 AM 7,680 battc.sys.mui
11/02/2006 08:40 AM 5,120 bcm4sbxp.sys.mui
11/02/2006 08:40 AM 2,560 BrParwdm.sys.mui
11/02/2006 08:41 AM 10,240 BrSerId.sys.mui
11/02/2006 08:40 AM 5,120 bthpan.sys.mui
11/02/2006 08:41 AM 7,168 bthport.sys.mui
11/02/2006 08:41 AM 3,072 cmbp0wdm.sys.mui
11/02/2006 08:40 AM 14,848 crusoe.sys.mui
11/02/2006 08:41 AM 3,072 cxbp0wdm.sys.mui
11/02/2006 08:40 AM 3,072 Dot4usb.sys.mui
11/02/2006 08:40 AM 4,096 dxgkrnl.sys.mui
11/02/2006 08:41 AM 5,120 e100b325.sys.mui
01/20/2008 10:25 PM 19,968 e1e6032.sys.mui
01/20/2008 10:25 PM 16,896 E1G60I32.sys.mui
11/02/2006 08:40 AM 5,120 fltmgr.sys.mui
11/02/2006 08:40 AM 3,072 GAGP30KX.SYS.mui
11/02/2006 08:41 AM 3,584 gpr400.sys.mui
11/02/2006 08:41 AM 4,096 grserial.sys.mui
11/02/2006 08:41 AM 3,584 hidbth.sys.mui
01/20/2008 10:25 PM 36,864 http.sys.mui
11/02/2006 08:41 AM 10,752 i8042prt.sys.mui
11/02/2006 08:40 AM 14,848 intelppm.sys.mui
11/02/2006 08:41 AM 6,144 IPMIDrv.sys.mui
11/02/2006 08:41 AM 4,096 ipnat.sys.mui
11/02/2006 08:41 AM 4,096 isapnp.sys.mui
11/02/2006 08:41 AM 4,608 kbdclass.sys.mui
11/02/2006 08:41 AM 3,072 kbdhid.sys.mui
11/02/2006 08:41 AM 9,728 ltmdmnt.sys.mui
01/20/2008 10:25 PM 6,656 luafv.sys.mui
11/02/2006 08:41 AM 4,096 modem.sys.mui
11/02/2006 08:41 AM 4,608 mouclass.sys.mui
11/02/2006 08:41 AM 3,072 mouhid.sys.mui
01/20/2008 10:25 PM 20,480 mpio.sys.mui
11/02/2006 08:41 AM 4,096 msdsm.sys.mui
11/02/2006 08:41 AM 3,584 mssmbios.sys.mui
11/02/2006 08:41 AM 65,536 ntfs.sys.mui
11/02/2006 08:40 AM 4,096 ntrigdigi.sys.mui
11/02/2006 08:41 AM 5,120 nv4_mini.sys.mui
11/02/2006 08:41 AM 3,072 NV_AGP.SYS.mui
11/02/2006 08:40 AM 12,288 ohci1394.sys.mui
11/02/2006 08:41 AM 3,584 pacer.sys.mui
11/02/2006 08:40 AM 4,096 parport.sys.mui
11/02/2006 08:40 AM 3,072 parvdm.sys.mui
11/02/2006 08:41 AM 8,704 pci.sys.mui
11/02/2006 08:41 AM 4,608 pcmcia.sys.mui
11/02/2006 08:41 AM 3,072 pnpmem.sys.mui
11/02/2006 08:40 AM 14,848 processr.sys.mui
11/02/2006 08:41 AM 4,096 pscr.sys.mui
11/02/2006 08:41 AM 3,072 qwavedrv.sys.mui
11/02/2006 08:40 AM 3,584 RNDISMP.sys.mui
11/02/2006 08:41 AM 3,584 rndismpx.sys.mui
11/02/2006 08:41 AM 4,096 scmstcs.sys.mui
11/02/2006 08:41 AM 4,096 SCR111.sys.mui
11/02/2006 08:41 AM 3,584 scsiport.sys.mui
11/02/2006 08:40 AM 10,752 serial.sys.mui
11/02/2006 08:41 AM 5,632 sermouse.sys.mui
11/02/2006 08:41 AM 3,072 serscan.sys.mui
11/02/2006 08:41 AM 3,072 SISAGP.SYS.mui
11/02/2006 08:41 AM 3,072 srv.sys.mui
11/02/2006 08:41 AM 3,072 stcusb.sys.mui
01/20/2008 10:25 PM 5,120 tpm.sys.mui
11/02/2006 08:40 AM 3,072 UAGP35.SYS.mui
11/02/2006 08:41 AM 3,072 ULIAGPKX.SYS.mui
11/02/2006 08:40 AM 3,584 umbus.sys.mui
11/02/2006 08:41 AM 3,072 VIAAGP.SYS.mui
11/02/2006 08:40 AM 14,848 viac7.sys.mui
01/20/2008 10:25 PM 32,768 volsnap.sys.mui
11/02/2006 08:41 AM 4,608 wacompen.sys.mui
11/02/2006 08:41 AM 2,560 wd.sys.mui
01/20/2008 10:25 PM 3,072 wdf01000.sys.mui
11/02/2006 08:41 AM 5,632 yk60x86.sys.mui
82 File(s) 608,256 bytes

Directory of C:\Windows\System32\Drivers\etc

11/02/2006 07:18 AM .
11/02/2006 07:18 AM ..
09/18/2006 05:41 PM 761 hosts
09/18/2006 05:41 PM 3,683 lmhosts.sam
09/18/2006 05:41 PM 407 networks
09/18/2006 05:41 PM 1,358 protocol
09/18/2006 05:41 PM 17,244 services
5 File(s) 23,453 bytes

Directory of C:\Windows\System32\Drivers\UMDF

03/31/2008 01:13 PM .
03/31/2008 01:13 PM ..
11/02/2006 08:42 AM en-US
01/20/2008 10:23 PM 220,160 WpdFs.dll
1 File(s) 220,160 bytes

Directory of C:\Windows\System32\Drivers\UMDF\en-US

11/02/2006 08:42 AM .
11/02/2006 08:42 AM ..
11/02/2006 08:40 AM 6,144 WpdMtpDr.dll.mui
1 File(s) 6,144 bytes

Total Files Listed:
377 File(s) 43,399,151 bytes
14 Dir(s) 99,797,733,376 bytes free


***********************Hidden Drivers********************
Volume in drive C is VISTA
Volume Serial Number is 74AA-7C97

Directory of C:\Windows\System32\Drivers

03/31/2008 01:41 PM 0 Msft_Kernel_Apfiltr_01001.Wdf
03/31/2008 01:14 PM 0 Msft_User_WpdFs_01_00_00.Wdf
02/05/2009 06:42 PM 0 Sony_VGN-NR430E.mrk
3 File(s) 0 bytes
0 Dir(s) 99,797,741,568 bytes free


*********************Processes*******************


PROCESS PID PRIO PATH
Dwm.exe 1772 High C:\Windows\system32\Dwm.exe
Explorer.EXE 1848 Normal C:\Windows\Explorer.EXE
taskeng.exe 1856 Normal C:\Windows\system32\taskeng.exe
hkcmd.exe 736 Normal C:\Windows\System32\hkcmd.exe
igfxsrvc.exe 2176 Normal C:\Windows\system32\igfxsrvc.exe
igfxpers.exe 2264 Normal C:\Windows\System32\igfxpers.exe
Apoint.exe 2608 Normal C:\Program Files\Apoint\Apoint.exe
ISBMgr.exe 2624 Normal C:\Program Files\Sony\ISB Utility\ISBMgr.exe
jusched.exe 2656 Normal C:\Program Files\Java\jre1.6.0\bin\jusched.exe
AutoLaunchWLASU.exe 2684 Normal C:\Program Files\Sony\VAIO Wireless Wizard\AutoLaunchWLASU.exe
Vista VAIO Survey.exe 2716 Normal C:\Program Files\Sony\VAIO Survey\Vista VAIO Survey.exe
winssnotify.exe 2748 Normal C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
sidebar.exe 2756 Normal C:\Program Files\Windows Sidebar\sidebar.exe
ehtray.exe 3388 Normal C:\Windows\ehome\ehtray.exe
wmpnscfg.exe 3416 Normal C:\Program Files\Windows Media Player\wmpnscfg.exe
ehmsas.exe 3424 Normal C:\Windows\ehome\ehmsas.exe
AOLICON.exe 3444 Normal C:\DDI\AOLICON.exe
ONENOTEM.EXE 3888 Normal C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
sidebar.exe 316 Normal C:\Program Files\Windows Sidebar\sidebar.exe
ieuser.exe 296 Normal C:\Program Files\Internet Explorer\ieuser.exe
iexplore.exe 292 Normal C:\Program Files\Internet Explorer\iexplore.exe
mobsync.exe 2196 Normal C:\Windows\System32\mobsync.exe
Apntex.exe 4460 Normal C:\Program Files\Apoint\Apntex.exe
AolTbServer.exe 4840 Normal c:\program files\aol\aol toolbar 5.0\AolTbServer.exe
wuauclt.exe 4872 Normal C:\Windows\system32\wuauclt.exe
NOTEPAD.EXE 4832 Normal C:\Windows\system32\NOTEPAD.EXE
cmd.exe 3792 Normal C:\Windows\system32\cmd.exe
processes.exe 3776 Normal C:\Users\ben\Music\New Folder\SpiderKill\SpiderKill\processes.exe


Module information for 'Explorer.EXE'(1848)
MODULE BASE SIZE PATH
Explorer.EXE 4c0000 2936832 C:\Windows\Explorer.EXE 6.0.6000.16386 (vista_rtm.061101-2205) Windows Explorer
ntdll.dll 77590000 1208320 C:\Windows\system32\ntdll.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) NT Layer DLL
kernel32.dll 77210000 897024 C:\Windows\system32\kernel32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows NT BASE API Client DLL
ADVAPI32.dll 761a0000 811008 C:\Windows\system32\ADVAPI32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Advanced Windows 32 Base API
RPCRT4.dll 762c0000 794624 C:\Windows\system32\RPCRT4.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Remote Procedure Call Runtime
GDI32.dll 76400000 307200 C:\Windows\system32\GDI32.dll 6.0.6001.18159 (vistasp1_gdr.081020-1655) GDI Client DLL
USER32.dll 76000000 643072 C:\Windows\system32\USER32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Multi-User Windows USER API Client DLL
msvcrt.dll 76520000 696320 C:\Windows\system32\msvcrt.dll 7.0.6001.18000 (longhorn_rtm.080118-1840) Windows NT CRT DLL
SHLWAPI.dll 76390000 360448 C:\Windows\system32\SHLWAPI.dll 6.0.6000.16386 (vista_rtm.061101-2205) Shell Light-weight Utility Library
SHELL32.dll 76680000 11599872 C:\Windows\system32\SHELL32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Shell Common Dll
ole32.dll 75e10000 1327104 C:\Windows\system32\ole32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft OLE for Windows
OLEAUT32.dll 75f60000 577536 C:\Windows\system32\OLEAUT32.dll 6.0.6001.18000 6.0.6001.18000
SHDOCVW.dll 732c0000 1077248 C:\Windows\system32\SHDOCVW.dll 6.0.6000.16386 (vista_rtm.061101-2205) Shell Doc Object and Control Library
UxTheme.dll 74b40000 258048 C:\Windows\system32\UxTheme.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft UxTheme Library
POWRPROF.dll 75130000 106496 C:\Windows\system32\POWRPROF.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Power Profile Helper DLL
dwmapi.dll 73bf0000 49152 C:\Windows\system32\dwmapi.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft Desktop Window Manager API
gdiplus.dll 747e0000 1748992 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll 5.2.6001.18065 (vistasp1_gdr.080429-1705) Microsoft GDI+
slc.dll 75700000 237568 C:\Windows\system32\slc.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Software Licensing Client Dll
PROPSYS.dll 74440000 765952 C:\Windows\system32\PROPSYS.dll 7.0.6001.16503 (longhorn(wmbla).080526-2159) Microsoft Property System
BROWSEUI.dll 72a60000 1335296 C:\Windows\system32\BROWSEUI.dll 6.0.6000.16386 (vista_rtm.061101-2205) Shell Browser UI Library
IMM32.dll 76180000 122880 C:\Windows\system32\IMM32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Multi-User Windows IMM32 API Client DLL
MSCTF.dll 76450000 819200 C:\Windows\system32\MSCTF.dll 6.0.6000.16386 (vista_rtm.061101-2205) MSCTF Server DLL
DUser.dll 74b10000 196608 C:\Windows\system32\DUser.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows DirectUser Engine
LPK.DLL 760a0000 36864 C:\Windows\system32\LPK.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) Language Pack
USP10.dll 77510000 512000 C:\Windows\system32\USP10.dll 1.0626.6001.18000 (longhorn_rtm.080118-1840) Uniscribe Unicode script processor
comctl32.dll 74b80000 1695744 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll 5.82 (longhorn_rtm.080118-1840) Common Controls Library
WindowsCodecs.dll 73f40000 733184 C:\Windows\system32\WindowsCodecs.dll 6.0.6001.18131 (vistasp1_gdr.080827-1507) Microsoft Windows Codecs Library
apphelp.dll 75c40000 180224 C:\Windows\system32\apphelp.dll 6.0.6000.16386 (vista_rtm.061101-2205) Application Compatibility Client Library
CLBCatQ.DLL 77480000 540672 C:\Windows\system32\CLBCatQ.DLL 2001.12.6931.18000 (longhorn_rtm.080118-1840) COM+ Configuration Catalog
overicon.dll 10000000 311296 C:\DDI\overicon.dll 1.0.0.1 TODO:
IconCodecService.dll 732a0000 24576 C:\Windows\system32\IconCodecService.dll 6.0.6000.16386 (vista_rtm.061101-2205) Converts a PNG part of the icon to a legacy bmp icon
Secur32.dll 75ca0000 81920 C:\Windows\system32\Secur32.dll 6.0.6001.18272 (vistasp1_gdr.090615-0258) Security Support Provider Interface
rsaenh.dll 751e0000 241664 C:\Windows\system32\rsaenh.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft Enhanced Cryptographic Provider
timedate.cpl 72790000 729088 C:\Windows\system32\timedate.cpl 6.0.6001.18000 (longhorn_rtm.080118-1840) Time Date Control Panel Applet
ATL.DLL 74610000 81920 C:\Windows\system32\ATL.DLL 3.05.2284 ATL Module for Windows XP (Unicode)
NETAPI32.dll 75940000 479232 C:\Windows\system32\NETAPI32.dll 6.0.6001.18157 (vistasp1_gdr.081015-1604) Net Win32 API DLL
PSAPI.DLL 75e00000 28672 C:\Windows\system32\PSAPI.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Process Status Helper
OLEACC.dll 74720000 233472 C:\Windows\system32\OLEACC.dll 4.2.5406.0 (longhorn_rtm.080118-1840) Active Accessibility Core Component
actxprxy.dll 72590000 339968 C:\Windows\System32\actxprxy.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) ActiveX Interface Marshaling Library
USERENV.dll 75cc0000 122880 C:\Windows\system32\USERENV.dll 6.0.6000.16386 (vista_rtm.061101-2205) Userenv
wmpband.dll 72680000 110592 C:\PROGRA~1\WI4EB4~1\wmpband.dll 11.0.6000.6324 (vista_rtm.061101-2205) Windows Media Player Deskband
MPR.dll 75840000 81920 C:\Windows\system32\MPR.dll 6.0.6000.16386 (vista_rtm.061101-2205) Multiple Provider Router DLL
WINBRAND.dll 752a0000 880640 C:\Windows\system32\WINBRAND.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Branding Resources
shacct.dll 74690000 90112 C:\Windows\System32\shacct.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Shell Accounts Classes
SAMLIB.dll 758c0000 69632 C:\Windows\System32\SAMLIB.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) SAM Library DLL
msshsq.dll 72600000 245760 C:\Windows\System32\msshsq.dll 7.0.6001.16503 (longhorn(wmbla).080526-2159) Structured Query
NaturalLanguage6.dll 723f0000 811008 C:\Windows\System32\NaturalLanguage6.dll 6.0.6001.18098 (vistasp1_gdr.080625-1507) Natural Language Development Platform 6
CRYPT32.dll 75740000 987136 C:\Windows\System32\CRYPT32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Crypto API32
MSASN1.dll 758a0000 73728 C:\Windows\System32\MSASN1.dll 6.0.6000.16386 (vista_rtm.061101-2205) ASN.1 Runtime APIs
NLSData0009.dll 71a90000 4886528 C:\Windows\System32\NLSData0009.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft English Natural Language Server Data and Code
NLSLexicons0009.dll 71800000 2650112 C:\Windows\System32\NLSLexicons0009.dll 6.0.6001.18098 (vistasp1_gdr.080625-1507) Microsoft English Natural Language Server Data and Code
authui.dll 74d20000 1998848 C:\Windows\system32\authui.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Authentication UI
MSIMG32.dll 75120000 20480 C:\Windows\system32\MSIMG32.dll 6.0.6000.16386 (vista_rtm.061101-2205) GDIEXT Client DLL
LINKINFO.dll 72910000 36864 C:\Windows\system32\LINKINFO.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Volume Tracking
urlmon.dll 776c0000 1216512 C:\Windows\system32\urlmon.dll 7.00.6001.18000 (longhorn_rtm.080118-1840) OLE32 Extensions for Win32
iertutil.dll 76270000 286720 C:\Windows\system32\iertutil.dll 7.00.6001.18294 (vistasp1_gdr.090717-2341) Run time utility for Internet Explorer
ieframe.dll 71230000 6086656 C:\Windows\system32\ieframe.dll 7.00.6000.16386 (vista_rtm.061101-2205) Internet Explorer
NTMARTA.DLL 75150000 135168 C:\Windows\system32\NTMARTA.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Windows NT MARTA provider
WLDAP32.dll 76600000 303104 C:\Windows\system32\WLDAP32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Win32 LDAP API DLL
WS2_32.dll 765d0000 184320 C:\Windows\system32\WS2_32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Socket 2.0 32-Bit DLL
NSI.dll 75ff0000 24576 C:\Windows\system32\NSI.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) NSI User-mode interface DLL
WINMM.dll 74760000 204800 C:\Windows\system32\WINMM.dll 6.0.6000.16386 (vista_rtm.061101-2205) MCI API DLL
wdmaud.drv 72650000 192512 C:\Windows\system32\wdmaud.drv 6.0.6000.16386 (vista_rtm.061101-2205) Winmm audio system driver
ksuser.dll 726b0000 16384 C:\Windows\system32\ksuser.dll 6.0.6000.16386 (vista_rtm.061101-2205) User CSA Library
MMDevAPI.DLL 74660000 159744 C:\Windows\system32\MMDevAPI.DLL 6.0.6000.16386 (vista_rtm.061101-2205) MMDevice API
AVRT.dll 746e0000 28672 C:\Windows\system32\AVRT.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Multimedia Realtime Runtime
cscapi.dll 74aa0000 45056 C:\Windows\system32\cscapi.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Offline Files Win32 API
ExplorerFrame.dll 74a90000 36864 C:\Windows\system32\ExplorerFrame.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) ExplorerFrame
WININET.dll 760b0000 851968 C:\Windows\system32\WININET.dll 7.00.6000.16386 (vista_rtm.061101-2205) Internet Extensions for Win32
Normaliz.dll 763f0000 12288 C:\Windows\system32\Normaliz.dll 6.0.6000.16386 (vista_rtm.061101-2205) Unicode Normalization DLL
msiltcfg.dll 74a80000 28672 C:\Windows\system32\msiltcfg.dll 4.0.6000.16386 (vista_rtm.061101-2205) Windows Installer Configuration API Stub
VERSION.dll 754d0000 32768 C:\Windows\system32\VERSION.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Version Checking and File Installation Libraries
msi.dll 70170000 2105344 C:\Windows\system32\msi.dll 4.0.6001.18000 Windows Installer
SETUPAPI.dll 772f0000 1613824 C:\Windows\system32\SETUPAPI.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Setup API
WINTRUST.dll 750e0000 184320 C:\Windows\system32\WINTRUST.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft Trust Verification APIs
imagehlp.dll 76650000 167936 C:\Windows\system32\imagehlp.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows NT Image Helper
stobject.dll 70030000 598016 C:\Windows\system32\stobject.dll 6.0.6000.16386 (vista_rtm.061101-2205) Systray shell service object
BatMeter.dll 6ff70000 745472 C:\Windows\system32\BatMeter.dll 6.0.6000.16386 (vista_rtm.061101-2205) Battery Meter Helper DLL
WTSAPI32.dll 746f0000 40960 C:\Windows\system32\WTSAPI32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Terminal Server SDK APIs
WINSTA.dll 751b0000 151552 C:\Windows\system32\WINSTA.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Winstation Library
AUDIOSES.DLL 72520000 135168 C:\Windows\system32\AUDIOSES.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) Audio Session
audioeng.dll 72380000 417792 C:\Windows\system32\audioeng.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Audio Engine
msacm32.drv 726a0000 36864 C:\Windows\system32\msacm32.drv 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Sound Mapper
MSACM32.dll 72570000 81920 C:\Windows\system32\MSACM32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft ACM Audio Filter
midimap.dll 72640000 28672 C:\Windows\system32\midimap.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft MIDI Mapper
es.dll 74000000 290816 C:\Windows\system32\es.dll 2001.12.6931.18057 (vistasp1_gdr.080417-1550) COM+
SndVolSSO.dll 749f0000 196608 C:\Windows\System32\SndVolSSO.dll 6.0.6000.16386 (vista_rtm.061101-2205) SCA Volume
ehSSO.dll 72260000 135168 C:\Windows\ehome\ehSSO.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Media Center Shell Service Object
HID.DLL 74600000 36864 C:\Windows\system32\HID.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Hid User Library
netshell.dll 6f950000 3190784 C:\Windows\System32\netshell.dll 6.0.6000.16386 (vista_rtm.061101-2205) Network Connections Shell
IPHLPAPI.DLL 756a0000 102400 C:\Windows\System32\IPHLPAPI.DLL 6.0.6000.16386 (vista_rtm.061101-2205) IP Helper API
dhcpcsvc.DLL 75660000 217088 C:\Windows\System32\dhcpcsvc.DLL 6.0.6000.16386 (vista_rtm.061101-2205) DHCP Client Service
DNSAPI.dll 758f0000 180224 C:\Windows\System32\DNSAPI.dll 6.0.6000.16386 (vista_rtm.061101-2205) DNS Client API DLL
WINNSI.DLL 75650000 28672 C:\Windows\System32\WINNSI.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) Network Store Information RPC interface
dhcpcsvc6.DLL 75620000 135168 C:\Windows\System32\dhcpcsvc6.DLL 6.0.6000.16386 (vista_rtm.061101-2205) DHCPv6 Client
nlaapi.dll 746d0000 61440 C:\Windows\System32\nlaapi.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Network Location Awareness 2
FirewallAPI.dll 75010000 417792 C:\Windows\system32\FirewallAPI.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Firewall API
pnidui.dll 6fdb0000 1830912 C:\Windows\system32\pnidui.dll 6.0.6000.16386 (vista_rtm.061101-2205) Network System Icon
QUtil.dll 746b0000 94208 C:\Windows\system32\QUtil.dll 6.0.6000.16386 (vista_rtm.061101-2205) Quarantine Utilities
wevtapi.dll 756c0000 262144 C:\Windows\system32\wevtapi.dll 6.0.6000.16386 (vista_rtm.061101-2205) Eventing Consumption and Configuration API
wlanutil.dll 73c30000 24576 C:\Windows\system32\wlanutil.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Wireless LAN 802.11 Utility DLL
FunDisc.dll 70880000 159744 C:\Windows\system32\FunDisc.dll 6.0.6000.16386 (vista_rtm.061101-2205) Function Discovery Dll
fdproxy.dll 74a20000 36864 C:\Windows\system32\fdproxy.dll 6.0.6000.16386 (vista_rtm.061101-2205) Function Discovery Proxy Dll
SXS.DLL 75b80000 389120 C:\Windows\system32\SXS.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Fusion 2.5
RASAPI32.dll 749a0000 303104 C:\Windows\system32\RASAPI32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Remote Access API
rasman.dll 74ff0000 81920 C:\Windows\system32\rasman.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Remote Access Connection Manager
TAPI32.dll 747a0000 200704 C:\Windows\system32\TAPI32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft® Windows(TM) Telephony API Client DLL
rtutils.dll 74990000 49152 C:\Windows\system32\rtutils.dll 6.0.6000.16386 (vista_rtm.061101-2205) Routing Utilities
sensapi.dll 72310000 24576 C:\Windows\system32\sensapi.dll 6.0.6000.16386 (vista_rtm.061101-2205) SENS Connectivity API DLL
rasadhlp.dll 722b0000 24576 C:\Windows\system32\rasadhlp.dll 6.0.6000.16386 (vista_rtm.061101-2205) Remote Access AutoDial Helper
mswsock.dll 75460000 241664 C:\Windows\system32\mswsock.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Windows Sockets 2.0 Service Provider
wshtcpip.dll 75110000 20480 C:\Windows\System32\wshtcpip.dll 6.0.6000.16386 (vista_rtm.061101-2205) Winsock2 Helper DLL (TL/IPv4)
wship6.dll 754c0000 20480 C:\Windows\System32\wship6.dll 6.0.6000.16386 (vista_rtm.061101-2205) Winsock2 Helper DLL (TL/IPv6)
napinsp.dll 72290000 61440 C:\Windows\system32\napinsp.dll 6.0.6000.16386 (vista_rtm.061101-2205) E-mail Naming Shim Provider
pnrpnsp.dll 72240000 73728 C:\Windows\system32\pnrpnsp.dll 6.0.6000.16386 (vista_rtm.061101-2205) PNRP Name Space Provider
winrnr.dll 72230000 32768 C:\Windows\System32\winrnr.dll 6.0.6000.16386 (vista_rtm.061101-2205) LDAP RnR Provider DLL
oobefldr.dll 6f530000 2162688 C:\Windows\system32\oobefldr.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Welcome Center
MLANG.dll 6d1e0000 196608 C:\Windows\system32\MLANG.dll 6.0.6000.16386 (vista_rtm.061101-2205) Multi Language Support DLL
mscms.dll 6d170000 401408 C:\Windows\system32\mscms.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Color Matching System DLL
WINSPOOL.DRV 722c0000 270336 C:\Windows\system32\WINSPOOL.DRV 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Spooler Driver
WinSATAPI.dll 6d0b0000 393216 C:\Windows\system32\WinSATAPI.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows System Assessment Tool API
Cabinet.dll 73c00000 86016 C:\Windows\system32\Cabinet.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft® Cabinet File API
credssp.dll 75570000 28672 C:\Windows\system32\credssp.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) TS Single Sign On Security Package
schannel.dll 75250000 282624 C:\Windows\system32\schannel.dll 6.0.6001.18272 (vistasp1_gdr.090615-0258) TLS / SSL Security Provider
npmproxy.dll 70400000 32768 C:\Windows\System32\npmproxy.dll 6.0.6000.16386 (vista_rtm.061101-2205) Network List Manager Proxy
Wlanapi.dll 6ce40000 73728 C:\Windows\system32\Wlanapi.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows WLAN AutoConfig Client Side API DLL
OneX.DLL 73ca0000 1556480 C:\Windows\system32\OneX.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) IEEE 802.1X supplicant library
eappprxy.dll 740e0000 57344 C:\Windows\system32\eappprxy.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft EAPHost Peer Client DLL
eappcfg.dll 73c70000 147456 C:\Windows\system32\eappcfg.dll 6.0.6000.16386 (vista_rtm.061101-2205) Eap Peer Config
bcrypt.dll 75580000 282624 C:\Windows\system32\bcrypt.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Cryptographic Primitives Library
AltTab.dll 6a0f0000 53248 C:\Windows\System32\AltTab.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Shell Alt Tab
wpdshserviceobj.dll 67f20000 143360 C:\Windows\system32\wpdshserviceobj.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Portable Device Shell Service Object
WINHTTP.dll 72a00000 389120 C:\Windows\system32\WINHTTP.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows HTTP Services
srchadmin.dll 660c0000 315392 C:\Windows\System32\srchadmin.dll 7.0.6001.16503 (longhorn(wmbla).080526-2159) Indexing Options
fzshellext.dll 67080000 114688 C:\Program Files\FileZilla FTP Client\fzshellext.dll 3, 2, 7, 1 fzshellext Dynamic Link Library
webcheck.dll 66040000 245760 C:\Windows\system32\webcheck.dll 7.00.6000.16386 (vista_rtm.061101-2205) Web Site Monitor
SyncCenter.dll 67780000 2211840 C:\Windows\System32\SyncCenter.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Sync Center
ntshrui.dll 65d60000 303104 C:\Windows\system32\ntshrui.dll 6.0.6000.16386 (vista_rtm.061101-2205) Shell extensions for sharing
wscntfy.dll 66080000 233472 C:\Windows\system32\wscntfy.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Security Center Notification App
WSCAPI.dll 6a8e0000 45056 C:\Windows\system32\WSCAPI.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Security Center API
mssprxy.dll 70410000 45056 C:\Windows\system32\mssprxy.dll 7.0.6001.16503 (longhorn(wmbla).080526-2159) Microsoft Search Proxy
imapi2.dll 65ca0000 331776 C:\Windows\system32\imapi2.dll 6.0.6000.16386 (vista_rtm.061101-2205) Image Mastering API v2
PortableDeviceTypes.dll 6e5f0000 176128 C:\Windows\system32\PortableDeviceTypes.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Portable Device (Parameter) Types Component
PortableDeviceApi.dll 6f770000 253952 C:\Windows\system32\PortableDeviceApi.dll 6.0.6001.18160 (vistasp1_gdr.081021-1528) Windows Portable Device API Components
bthprops.cpl 65640000 1019904 C:\Windows\system32\bthprops.cpl 6.0.6000.16386 (vista_rtm.061101-2205) Bluetooth Control Panel Applet
ntlanman.dll 6e9e0000 77824 C:\Windows\System32\ntlanman.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft® Lan Manager
drprov.dll 6ea10000 32768 C:\Windows\System32\drprov.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Terminal Server Network Provider
davclnt.dll 6ea00000 61440 C:\Windows\System32\davclnt.dll 6.0.6000.16386 (vista_rtm.061101-2205) Web DAV Client DLL
QAgent.dll 724f0000 188416 C:\Windows\System32\QAgent.dll 6.0.6000.16386 (vista_rtm.061101-2205) Quarantine Agent Proxy
fwpuclnt.dll 733d0000 614400 C:\Windows\System32\fwpuclnt.dll 6.0.6000.16386 (vista_rtm.061101-2205) FWP/IPsec User-Mode API
zipfldr.dll 6b610000 356352 C:\Windows\system32\zipfldr.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Compressed (zipped) Folders
tiptsf.dll 6c7b0000 393216 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll 6.0.6000.16386 (vista_rtm.061101-2205) Tablet PC Input Panel Text Services Framework
AcroIEHelper.dll 2ff0000 65536 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll 8.0.0.2006102200 Adobe PDF Helper for Internet Explorer
MSVCR80.dll 70ed0000 634880 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll 8.00.50727.3053 Microsoft® C Runtime Library
xmllite.dll 74a50000 192512 C:\Windows\system32\xmllite.dll 1.2.1009.0 Microsoft XmlLite Library
thumbcache.dll 6ce60000 90112 C:\Windows\system32\thumbcache.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Thumbnail Cache
MpOav.dll 74270000 90112 C:\Program Files\Windows Defender\MpOav.dll 1.1.1600.0 IOfficeAntiVirus Module
MSISIP.DLL 74290000 32768 C:\Windows\system32\MSISIP.DLL 4.0.6001.18000 (longhorn_rtm.080118-1840) MSI Signature SIP Provider
wshext.dll 6e800000 90112 C:\Windows\system32\wshext.dll 5.7.0.6000 Microsoft (R) Shell Extension for Windows script Host



******************************************
EOF










Results of screen317's Security Check version 0.99.0
Windows Vista Service Pack 1 (UAC is enabled)
Out of date service pack!!
``````````````````````````````
Antivirus/Firewall Check:

Windows Firewall Disabled!
SonicStage Mastering Studio Audio Filter Custom Preset
Windows Live OneCare
Microsoft Windows OneCare Live v2.5.2900.28 Idcrl Install
Microsoft Windows Live OneCare Resources v2.5.2900.28
GTOneCare
Microsoft Windows OneCare Live v2.5.2900.28
Microsoft Windows OneCare Live AntiSpyware and AntiVirus
WMIC entry does not exist for antivirus; attempting automatic update.
``````````````````````````````
Anti-malware/Other Utilities Check:

Microsoft Windows OneCare Live AntiSpyware and AntiVirus
Java(TM) SE Runtime Environment 6
Adobe Flash Player 10
Adobe Reader 8.1.2
Out of date Adobe Reader installed!
``````````````````````````````
Process Check:
objlist.exe by Laurent

Windows Defender MSMpEng.exe
``````````````````````````````
DNS Vulnerability Check:

GREAT! (Not vulnerable to DNS cache poisoning)

`````````End of Log```````````

frontierjaguar09
Novice
Novice

Posts Posts : 6
Joined Joined : 2009-10-05
OS OS : Vista
Points Points : 26240
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Need help removing Total Security!!

Post by Dr Jay on 7th October 2009, 9:35 pm

Hi

Please download the newest version of Adobe Acrobat Reader from [You must be registered and logged in to see this link.]

Before installing: it is important to remove older versions of Acrobat Reader since it does not do so automatically and old versions still leave you vulnerable.
Go to the Control Panel and enter Add or Remove Programs.
Search in the list for all previous installed versions of Adobe Acrobat Reader. Uninstall/Remove each of them.

Once old versions are gone, please install the newest version.

==

Please consider updating to Windows Vista Service Pack 2 (SP2).
Windows Vista Service Pack 2 (SP2) contains all the updates released since SP1 plus support for new types of hardware and emerging hardware standards.
It is now available via [You must be registered and logged in to see this link.] or as a standalone installation [You must be registered and logged in to see this link.].


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14310
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302971
# Likes # Likes : 10

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum