Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus killing my PC


  • This topic is locked This topic is locked
28 replies to this topic

#1 KonohamaruHeaven

KonohamaruHeaven

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 02 October 2009 - 12:21 PM

i could not get the dds to run so this is all i could get
i can only get my pc to run in safe most

my apps are crashing
memory being eaten
pc crashing
links redirected

__________________________________
Malwarebytes' Anti-Malware 1.41
Database version: 2887
Windows 6.0.6001 Service Pack 1 (Safe Mode)

10/1/2009 5:50:49 PM
mbam-log-2009-10-01 (17-50-49).txt

Scan type: Full Scan (C:\|D:\|E:\|)
Objects scanned: 367130
Time elapsed: 2 hour(s), 22 minute(s), 52 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


________________________________________________________


ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/10/01 15:22
Program Version: Version 1.3.5.0
Windows Version: Windows Vista SP1
==================================================

Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\Windows\System32\Drivers\dump_atapi.sys
Address: 0x8AC79000 Size: 32768 File Visible: No Signed: -
Status: -

Name: dump_dumpata.sys
Image Path: C:\Windows\System32\Drivers\dump_dumpata.sys
Address: 0x8AC6E000 Size: 45056 File Visible: No Signed: -
Status: -

Name: rootrepeal.sys
Image Path: C:\Windows\system32\drivers\rootrepeal.sys
Address: 0x8AD73000 Size: 49152 File Visible: No Signed: -
Status: -

Hidden/Locked Files
-------------------
Path: C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{e1ac4087-ad73-11de-aefc-00038a000015}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\System Volume Information\{fb3bf375-ad4b-11de-9a80-00038a000015}{3808876b-c176-4e48-b7ae-04046e6cc752}
Status: Locked to the Windows API!

Path: C:\Windows\System32\GATHER~1.XSL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.0.0_none_3658456fda6654f6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_10b2f55f9bffb8f8.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_8e053e8c6967ba9d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_abac38a907ee8801.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_54c11df268b7c6d9.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_db5f52fb98cb24ad.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.9.0.microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_60a5df56e60dc5df.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_none_9193a620671dde41.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9848.0_none_b7e811287b298060.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8dd7dea5d5a7a18a.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_none_bcb86ed6ac711f91.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_dc990e4797f81af1.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.762_none_43efccf17831d131.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_0c178a139ee2a7ed.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_a6dea5dc0ea08098.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_58843c41d2730d3f.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2_6bd6b9abf345378f_4.20.9870.0_none_b7e00e6c7b30b69b.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.42_none_0e9c2a8d74fd3ce6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_365945b9da656e4d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_none_58b19c2866332652.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.762_none_8a14c0566bec5b24.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.42_none_5c4003bc63e949f6.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.1.microsoft.msxml2r_6bd6b9abf345378f_4.1.1.0_none_8b7b15c031cda6db.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.4.20.microsoft.msxml2_6bd6b9abf345378f_4.20.9848.0_none_a6e6a8980e994a5d.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_policy.8.0.microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_4ddfc6cd11929a02.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.762_none_7b33aa7d218504d2.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\Catalogs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.42_none_d6c3e7af9bae13a2.cat
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-ehome-ehtrace_31bf3856ad364e35_6.0.6000.16386_none_3686072516f4de5d\$$DeleteMe.ehtrace.dll.01c957c14c079dd0.000f
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-feedback-service_31bf3856ad364e35_6.0.6001.18000_none_79cbf36190e59fa9\$$DeleteMe.wersvc.dll.01c957c14582f9f0.0000
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-i..ersandsecurityzones_31bf3856ad364e35_6.0.6001.18148_none_b4bfdc61d6e322f6\$$DeleteMe.urlmon.dll.01c95c16d86e4130.0001
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\$$DeleteMe.kernel32.dll.01c9bf35bfc338c0.0005
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\$$DeleteMe.lsasrv.dll.01c9bf35bf36c7a0.0003
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\$$DeleteMe.secur32.dll.01c9bf35bf6b25e0.0004
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\ACTIVE~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MI14F6~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MI3203~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MIEB39~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MIFFBF~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MIF0C6~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MICB54~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MIDCF7~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MI246B~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MI5E06~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\GROUPP~2.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MICC23~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MI00EA~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MI6DFC~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MI8988~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MIFD4D~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MIE4F9~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MI47C0~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MI3D48~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MI84FA~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MIAAB6~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MI1F3F~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\APPLIC~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MI5820~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6001.18000_none_0278b57e8399bfdb\MIEAB3~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\ACTIVE~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\APPLIC~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MI14F6~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MIFF44~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MI5820~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MI7A16~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MI2DAF~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MIEAB3~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MICROS~2.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MICROS~4.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MI3D48~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\TERMIN~2.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\TERMIN~4.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\TERMIN~3.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MIEB39~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MIFFBF~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MIF0C6~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MICB54~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MIDCF7~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MI246B~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MICC23~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MI00EA~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MI6DFC~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MICROS~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MI8988~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MIFD4D~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MIE4F9~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MI3779~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MI47C0~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MI5E06~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MI3203~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MICROS~3.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\GROUPP~2.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MI84FA~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MIAAB6~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-m..-downlevelmanifests_31bf3856ad364e35_6.0.6002.18005_none_04642e8a80bb8b27\MI1F3F~1.MAN
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-p..ooler-core-localspl_31bf3856ad364e35_6.0.6001.18000_none_301b5dfb92ae18db\$$DeleteMe.localspl.dll.01c9eb37eec89830.0004
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-propsys_31bf3856ad364e35_6.0.6001.18000_none_025d66bd2e6eb866\$$DeleteMe.propsys.dll.01c957c1476af3d0.0009
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-slc-component-sku-ocur_31bf3856ad364e35_6.0.6002.18005_none_1a3913896b7e0bf6\SECURI~3.XRM
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-slc-component-sku-ocur_31bf3856ad364e35_6.0.6002.18005_none_1a3913896b7e0bf6\SECURI~1.XRM
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_microsoft-windows-slc-component-sku-ocur_31bf3856ad364e35_6.0.6002.18005_none_1a3913896b7e0bf6\SECURI~2.XRM
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_regsql_cfg_b03f5f7f11d50a3a_6.0.6000.16720_none_7c654fdc62654993\ASPNET~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_regsql_cfg_b03f5f7f11d50a3a_6.0.6000.20883_none_659d66807c078e86\ASPNET~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_regsql_cfg_b03f5f7f11d50a3a_6.0.6001.18111_none_7c40349262b75634\ASPNET~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_regsql_cfg_b03f5f7f11d50a3a_6.0.6001.22230_none_6574a52e7c5ccf47\ASPNET~1.CON
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallsqlstatetem_b03f5f7f11d50a3a_6.0.6000.16720_none_04c87b54ba4ac535\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallsqlstatetem_b03f5f7f11d50a3a_6.0.6000.20883_none_ee0091f8d3ed0a28\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallsqlstatetem_b03f5f7f11d50a3a_6.0.6001.18111_none_04a3600aba9cd1d6\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_uninstallsqlstatetem_b03f5f7f11d50a3a_6.0.6001.22230_none_edd7d0a6d4424ae9\UNINST~1.SQL
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\APPCON~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\APPSET~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\CREATE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\DEBUGA~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\DEFINE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\EDITAP~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4f196f15369ae496\SMTPSE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\APPCON~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\APPSET~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\CREATE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\DEBUGA~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\DEFINE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\EDITAP~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6000.20883_none_385185b9503d2989\SMTPSE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\APPCON~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\APPSET~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\CREATE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\DEBUGA~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\DEFINE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\EDITAP~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4ef453cb36ecf137\SMTPSE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\APPCON~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\APPSET~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\CREATE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\DEBUGA~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\DEFINE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\EDITAP~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appcfg_res_b03f5f7f11d50a3a_6.0.6001.22230_none_3828c46750926a4a\SMTPSE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.16720_none_4ef4fbb8699d6b09\CREATE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.16720_none_4ef4fbb8699d6b09\DEFINE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.16720_none_4ef4fbb8699d6b09\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.20883_none_382d125c833faffc\CREATE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.20883_none_382d125c833faffc\DEFINE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6000.20883_none_382d125c833faffc\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.18111_none_4ecfe06e69ef77aa\CREATE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.18111_none_4ecfe06e69ef77aa\DEFINE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_appconfig_b03f5f7f11d50a3a_6.0.6001.18111_none_4ecfe06e69ef77aa\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6000.16720_none_950a4e2fda3ee0ba\CREATE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6000.16720_none_950a4e2fda3ee0ba\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6000.20883_none_7e4264d3f3e125ad\CREATE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6000.20883_none_7e4264d3f3e125ad\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6001.18111_none_94e532e5da90ed5b\CREATE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6001.18111_none_94e532e5da90ed5b\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6001.22230_none_7e19a381f436666e\CREATE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_permissions_b03f5f7f11d50a3a_6.0.6001.22230_none_7e19a381f436666e\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4cb2b120b7498755\CREATE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6000.16720_none_4cb2b120b7498755\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6000.20883_none_35eac7c4d0ebcc48\CREATE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6000.20883_none_35eac7c4d0ebcc48\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4c8d95d6b79b93f6\CREATE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6001.18111_none_4c8d95d6b79b93f6\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6001.22230_none_35c20672d1410d09\CREATE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_perm_res_b03f5f7f11d50a3a_6.0.6001.22230_none_35c20672d1410d09\MANAGE~1.RES
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.16720_none_7325c867d7281910\CHOOSE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.16720_none_7325c867d7281910\MANAGE~1.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.16720_none_7325c867d7281910\MANAGE~2.ASP
Status: Locked to the Windows API!

Path: C:\Windows\winsxs\x86_netfx-aspnet_webadmin_providers_b03f5f7f11d50a3a_6.0.6000.20883_none_5c5ddf0bf0ca5e03\CHOOSE~1Processes
-------------------
Path: System
PID: 4 Status: Locked to the Windows API!

Stealth Objects
-------------------
Object: Hidden Module [Name: tdlcmd.dll]
Process: svchost.exe (PID: 724) Address: 0x10000000 Size: 24576

Object: Hidden Module [Name: tdlwsp.dll]
Process: Explorer.EXE (PID: 1676) Address: 0x10000000 Size: 28672

Object: Hidden Module [Name: tdlwsp.dll]
Process: iexplore.exe (PID: 1652) Address: 0x10000000 Size: 28672

Object: Hidden Module [Name: tdlwsp.dll]
Process: iexplore.exe (PID: 1684) Address: 0x10000000 Size: 28672

Object: Hidden Module [Name: tdlwsp.dll]
Process: iexplore.exe (PID: 1856) Address: 0x10000000 Size: 28672

Object: Hidden Module [Name: msgrvsta.thm]
Process: msnmsgr.exe (PID: 1544) Address: 0x70be0000 Size: 20480

==EOF==

BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,219 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:03 AM

Posted 02 October 2009 - 04:41 PM

Hi, KonohamaruHeaven :(

Welcome.

Please read and follow all these instructions very carefully.

Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved and renamed following this process directly to your desktop**
  • If you are using Firefox, make sure that your download settings are as follows:
    • Tools->Options->Main tab
    • Set to "Always ask me where to Save the files".
  • During the download, rename Combofix to Combo-Fix as follows:

    Posted Image

    Posted Image

  • It is important you rename Combofix during the download, but not after.
  • Please do not rename Combofix to other names, but only to the one indicated.
  • Close any open browsers.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    -----------------------------------------------------------

    • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
    • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

      -----------------------------------------------------------

    • Close any open browsers.
    • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
    • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
    • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.

    -----------------------------------------------------------

  • Double click on combo-Fix.exe & follow the prompts.
  • When finished, it will produce a report for you.
  • Please post the "C:\Combo-Fix.txt" .
**Note: Do not mouseclick combo-fix's window while it's running. That may cause it to stall**


Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.

Please do not install any new programs or update anything unless told to do so while we are fixing your problem.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 KonohamaruHeaven

KonohamaruHeaven
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 02 October 2009 - 07:31 PM

something may still be on my pc i had 14 gigs of free memory now only 10 gigs
links are still being redirected


ComboFix 09-10-01.05 - Jeremy Collier 10/02/2009 17:49:12.1.2 - NTFSx86 NETWORK
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1014.594 [GMT -5:00]
Running from: C:\Users\Jeremy Collier\Desktop\Combo-Fix.exe
AV: Norton 360 *On-access scanning disabled* (Outdated) {A5F1BC7C-EA33-4247-961C-0217208396C4}
FW: Norton 360 *disabled* {371C0A40-5A0C-4AD2-A6E5-69C02037FBF3}
SP: Norton 360 *disabled* (Outdated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
SP: Windows Defender *disabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
* Created a new restore point
.

Edited by KonohamaruHeaven, 02 October 2009 - 10:26 PM.


#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,219 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:03 AM

Posted 02 October 2009 - 10:03 PM

That report is incomplete. Did it run all the way?

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:

    :filefind
    tdlwsp.dll

  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 KonohamaruHeaven

KonohamaruHeaven
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 02 October 2009 - 10:31 PM

im in safe mode will that do anything to the scan

SystemLook v1.0 by jpshortstuff (29.08.09)
Log created at 22:29 on 02/10/2009 by Jeremy Collier (Administrator - Elevation successful)

========== filefind ==========

Searching for "tdlwsp.dll"
No files found.

-=End Of File=-

#6 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,219 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:03 AM

Posted 02 October 2009 - 10:49 PM

Hi, KonohamaruHeaven :(

No luck there.

Download pv.zip from Here and extract the zip file to your C: drive. Once it is extracted there will be a directory on your C: drive called PV. Inside the C:\PV directory will be a file called runme.bat . Simply double-click on the runme.bat file. A dos window will open. Select option 1 for explorer dlls by typing 1 and then pressing enter. Notepad will open with a log in it. Copy and paste the log into this thread. Usually pretty large and take more than one post. Please do option 2 for Internet Explorer dlls too.

Download GMER from Here. Note the file's name and save it to your root folder, such as C:\.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.
  • Click on this link to see a list of programs that should be disabled.
  • Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")
  • Allow the driver to load if asked.
  • You may be prompted to scan immediately if it detects rootkit activity.
  • If you are prompted to scan your system click "No", save the log and post back the results.
  • If not prompted, click the "Rootkit/Malware" tab.
  • On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked.
  • Select all drives that are connected to your system to be scanned.
  • Click the Scan button to begin. (Please be patient as it can take some time to complete)
  • When the scan is finished, click Save to save the scan results to your Desktop.
  • Save the file as Results.log and copy/paste the contents in your next reply.
  • Exit the program and re-enable all active protection when done.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#7 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,219 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:03 AM

Posted 02 October 2009 - 10:51 PM

In case there is also a problem with permissions, please save this file to your desktop. Double-click on it to run a scan. When it's finished, there will be a log called Win32kDiag.txt on your desktop. Please open it with notepad and post the contents here. Please allow enough time for this application to complete the scan.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#8 KonohamaruHeaven

KonohamaruHeaven
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 02 October 2009 - 11:06 PM

Module information for 'Explorer.EXE'
MODULE BASE SIZE PATH
Explorer.EXE e20000 2936832 C:\Windows\Explorer.EXE 6.0.6000.16386 (vista_rtm.061101-2205) Windows Explorer
ntdll.dll 76fc0000 1208320 C:\Windows\system32\ntdll.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) NT Layer DLL
kernel32.dll 75740000 897024 C:\Windows\system32\kernel32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows NT BASE API Client DLL
ADVAPI32.dll 75670000 811008 C:\Windows\system32\ADVAPI32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Advanced Windows 32 Base API
RPCRT4.dll 75f00000 794624 C:\Windows\system32\RPCRT4.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Remote Procedure Call Runtime
GDI32.dll 761a0000 307200 C:\Windows\system32\GDI32.dll 6.0.6001.18159 (vistasp1_gdr.081020-1655) GDI Client DLL
USER32.dll 75be0000 643072 C:\Windows\system32\USER32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Multi-User Windows USER API Client DLL
msvcrt.dll 759f0000 696320 C:\Windows\system32\msvcrt.dll 7.0.6001.18000 (longhorn_rtm.080118-1840) Windows NT CRT DLL
SHLWAPI.dll 75820000 360448 C:\Windows\system32\SHLWAPI.dll 6.0.6000.16386 (vista_rtm.061101-2205) Shell Light-weight Utility Library
SHELL32.dll 764b0000 11599872 C:\Windows\system32\SHELL32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Shell Common Dll
ole32.dll 75880000 1327104 C:\Windows\system32\ole32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft OLE for Windows
OLEAUT32.dll 75aa0000 577536 C:\Windows\system32\OLEAUT32.dll 6.0.6001.18000
SHDOCVW.dll 72da0000 1077248 C:\Windows\system32\SHDOCVW.dll 6.0.6000.16386 (vista_rtm.061101-2205) Shell Doc Object and Control Library
UxTheme.dll 74090000 258048 C:\Windows\system32\UxTheme.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft UxTheme Library
POWRPROF.dll 744e0000 106496 C:\Windows\system32\POWRPROF.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Power Profile Helper DLL
dwmapi.dll 74c70000 49152 C:\Windows\system32\dwmapi.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft Desktop Window Manager API
gdiplus.dll 73ce0000 1748992 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll 5.2.6001.18065 (vistasp1_gdr.080429-1705) Microsoft GDI+
slc.dll 75060000 237568 C:\Windows\system32\slc.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Software Licensing Client Dll
PROPSYS.dll 73f50000 765952 C:\Windows\system32\PROPSYS.dll 7.0.6001.16503 (longhorn(wmbla).080526-2159) Microsoft Property System
BROWSEUI.dll 72c50000 1335296 C:\Windows\system32\BROWSEUI.dll 6.0.6000.16386 (vista_rtm.061101-2205) Shell Browser UI Library
IMM32.dll 759d0000 122880 C:\Windows\system32\IMM32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Multi-User Windows IMM32 API Client DLL
MSCTF.dll 761f0000 819200 C:\Windows\system32\MSCTF.dll 6.0.6000.16386 (vista_rtm.061101-2205) MSCTF Server DLL
DUser.dll 74010000 196608 C:\Windows\system32\DUser.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows DirectUser Engine
LPK.DLL 770f0000 36864 C:\Windows\system32\LPK.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) Language Pack
USP10.dll 75b30000 512000 C:\Windows\system32\USP10.dll 1.0626.6001.18000 (longhorn_rtm.080118-1840) Uniscribe Unicode script processor
comctl32.dll 74e40000 1695744 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll 6.10 (longhorn_rtm.080118-1840) User Experience Controls Library
comdlg32.dll 76120000 471040 C:\Windows\system32\comdlg32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Common Dialogs DLL
winmm.dll 747d0000 204800 C:\Windows\system32\winmm.dll 6.0.6000.16386 (vista_rtm.061101-2205) MCI API DLL
OLEACC.dll 74790000 233472 C:\Windows\system32\OLEACC.dll 4.2.5406.0 (longhorn_rtm.080118-1840) Active Accessibility Core Component
opengl32.dll 74620000 831488 C:\Windows\system32\opengl32.dll 6.0.6000.16386 (vista_rtm.061101-2205) OpenGL Client DLL
GLU32.dll 745f0000 143360 C:\Windows\system32\GLU32.dll 6.0.6000.16386 (vista_rtm.061101-2205) OpenGL Utility Library DLL
DDRAW.dll 74500000 937984 C:\Windows\system32\DDRAW.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft DirectDraw
DCIMAN32.dll 74b80000 24576 C:\Windows\system32\DCIMAN32.dll 6.0.6001.18272 (vistasp1_gdr.090615-0258) DCI Manager
SETUPAPI.dll 75c80000 1613824 C:\Windows\system32\SETUPAPI.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Setup API
WININET.dll 75e10000 942080 C:\Windows\system32\WININET.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Internet Extensions for Win32
Normaliz.dll 75fd0000 12288 C:\Windows\system32\Normaliz.dll 6.0.6000.16386 (vista_rtm.061101-2205) Unicode Normalization DLL
urlmon.dll 75fe0000 1253376 C:\Windows\system32\urlmon.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) OLE32 Extensions for Win32
iertutil.dll 762c0000 1998848 C:\Windows\system32\iertutil.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Run time utility for Internet Explorer
imagehlp.dll 77100000 167936 C:\Windows\system32\imagehlp.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows NT Image Helper
mswsock.dll 74b00000 241664 C:\Windows\system32\mswsock.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Windows Sockets 2.0 Service Provider
WS2_32.dll 75bb0000 184320 C:\Windows\system32\WS2_32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Socket 2.0 32-Bit DLL
NSI.dll 771c0000 24576 C:\Windows\system32\NSI.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) NSI User-mode interface DLL
WindowsCodecs.dll 72b90000 733184 C:\Windows\system32\WindowsCodecs.dll 6.0.6001.18131 (vistasp1_gdr.080827-1507) Microsoft Windows Codecs Library
IconCodecService.dll 73020000 24576 C:\Windows\system32\IconCodecService.dll 6.0.6000.16386 (vista_rtm.061101-2205) Converts a PNG part of the icon to a legacy bmp icon
CLBCatQ.DLL 77130000 540672 C:\Windows\system32\CLBCatQ.DLL 2001.12.6931.18000 (longhorn_rtm.080118-1840) COM+ Configuration Catalog
rsaenh.dll 74870000 241664 C:\Windows\system32\rsaenh.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft Enhanced Cryptographic Provider
timedate.cpl 72ad0000 729088 C:\Windows\system32\timedate.cpl 6.0.6001.18000 (longhorn_rtm.080118-1840) Time Date Control Panel Applet
ATL.DLL 74050000 81920 C:\Windows\system32\ATL.DLL 3.05.2284 ATL Module for Windows XP (Unicode)
NETAPI32.dll 752d0000 479232 C:\Windows\system32\NETAPI32.dll 6.0.6001.18157 (vistasp1_gdr.081015-1604) Net Win32 API DLL
PSAPI.DLL 75660000 28672 C:\Windows\system32\PSAPI.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Process Status Helper
WINBRAND.dll 74940000 880640 C:\Windows\system32\WINBRAND.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Branding Resources
USERENV.dll 75520000 122880 C:\Windows\system32\USERENV.dll 6.0.6000.16386 (vista_rtm.061101-2205) Userenv
Secur32.dll 75500000 81920 C:\Windows\system32\Secur32.dll 6.0.6001.18272 (vistasp1_gdr.090615-0258) Security Support Provider Interface
apphelp.dll 72f60000 180224 C:\Windows\system32\apphelp.dll 6.0.6000.16386 (vista_rtm.061101-2205) Application Compatibility Client Library
msutb.dll 72a70000 176128 C:\Windows\system32\msutb.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) MSUTB Server DLL
WTSAPI32.dll 74400000 40960 C:\Windows\system32\WTSAPI32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Terminal Server SDK APIs
shacct.dll 74070000 90112 C:\Windows\System32\shacct.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Shell Accounts Classes
SAMLIB.dll 75200000 69632 C:\Windows\System32\SAMLIB.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) SAM Library DLL
msshsq.dll 729f0000 245760 C:\Windows\System32\msshsq.dll 7.0.6001.16503 (longhorn(wmbla).080526-2159) Structured Query
NaturalLanguage6.dll 72850000 811008 C:\Windows\System32\NaturalLanguage6.dll 6.0.6001.18098 (vistasp1_gdr.080625-1507) Natural Language Development Platform 6
CRYPT32.dll 74d40000 987136 C:\Windows\System32\CRYPT32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Crypto API32
MSASN1.dll 751e0000 73728 C:\Windows\System32\MSASN1.dll 6.0.6000.16386 (vista_rtm.061101-2205) ASN.1 Runtime APIs
NLSData0009.dll 71ef0000 4886528 C:\Windows\System32\NLSData0009.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft English Natural Language Server Data and Code
NLSLexicons0009.dll 71c60000 2650112 C:\Windows\System32\NLSLexicons0009.dll 6.0.6001.18098 (vistasp1_gdr.080625-1507) Microsoft English Natural Language Server Data and Code
authui.dll 74170000 1998848 C:\Windows\system32\authui.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Authentication UI
MSIMG32.dll 744d0000 20480 C:\Windows\system32\MSIMG32.dll 6.0.6000.16386 (vista_rtm.061101-2205) GDIEXT Client DLL
LINKINFO.dll 73040000 36864 C:\Windows\system32\LINKINFO.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Volume Tracking
ieframe.dll 711c0000 11083776 C:\Windows\system32\ieframe.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Internet Explorer
stobject.dll 727b0000 598016 C:\Windows\system32\stobject.dll 6.0.6000.16386 (vista_rtm.061101-2205) Systray shell service object
BatMeter.dll 72930000 745472 C:\Windows\system32\BatMeter.dll 6.0.6000.16386 (vista_rtm.061101-2205) Battery Meter Helper DLL
WINSTA.dll 75250000 151552 C:\Windows\system32\WINSTA.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Winstation Library
wdmaud.drv 72aa0000 192512 C:\Windows\system32\wdmaud.drv 6.0.6000.16386 (vista_rtm.061101-2205) Winmm audio system driver
ksuser.dll 72f50000 16384 C:\Windows\system32\ksuser.dll 6.0.6000.16386 (vista_rtm.061101-2205) User CSA Library
MMDevAPI.DLL 740e0000 159744 C:\Windows\system32\MMDevAPI.DLL 6.0.6000.16386 (vista_rtm.061101-2205) MMDevice API
AVRT.dll 74160000 28672 C:\Windows\system32\AVRT.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Multimedia Realtime Runtime
es.dll 72710000 290816 C:\Windows\system32\es.dll 2001.12.6931.18057 (vistasp1_gdr.080417-1550) COM+
ExplorerFrame.dll 74150000 36864 C:\Windows\system32\ExplorerFrame.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) ExplorerFrame
SndVolSSO.dll 726e0000 196608 C:\Windows\System32\SndVolSSO.dll 6.0.6000.16386 (vista_rtm.061101-2205) SCA Volume
NTMARTA.DLL 74810000 135168 C:\Windows\system32\NTMARTA.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Windows NT MARTA provider
WLDAP32.dll 771d0000 303104 C:\Windows\system32\WLDAP32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Win32 LDAP API DLL
ehSSO.dll 726b0000 135168 C:\Windows\ehome\ehSSO.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Media Center Shell Service Object
HID.DLL 72a40000 36864 C:\Windows\system32\HID.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Hid User Library
FirewallAPI.dll 74410000 417792 C:\Windows\system32\FirewallAPI.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Firewall API
VERSION.dll 74780000 32768 C:\Windows\system32\VERSION.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Version Checking and File Installation Libraries
netshell.dll 70eb0000 3190784 C:\Windows\System32\netshell.dll 6.0.6000.16386 (vista_rtm.061101-2205) Network Connections Shell
IPHLPAPI.DLL 75000000 102400 C:\Windows\System32\IPHLPAPI.DLL 6.0.6000.16386 (vista_rtm.061101-2205) IP Helper API
dhcpcsvc.DLL 74d00000 217088 C:\Windows\System32\dhcpcsvc.DLL 6.0.6000.16386 (vista_rtm.061101-2205) DHCP Client Service
DNSAPI.dll 75220000 180224 C:\Windows\System32\DNSAPI.dll 6.0.6000.16386 (vista_rtm.061101-2205) DNS Client API DLL
WINNSI.DLL 74ff0000 28672 C:\Windows\System32\WINNSI.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) Network Store Information RPC interface
dhcpcsvc6.DLL 74cd0000 135168 C:\Windows\System32\dhcpcsvc6.DLL 6.0.6000.16386 (vista_rtm.061101-2205) DHCPv6 Client
nlaapi.dll 743f0000 61440 C:\Windows\System32\nlaapi.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Network Location Awareness 2
ntshrui.dll 72660000 303104 C:\Windows\system32\ntshrui.dll 6.0.6000.16386 (vista_rtm.061101-2205) Shell extensions for sharing
pnidui.dll 724a0000 1830912 C:\Windows\system32\pnidui.dll 6.0.6000.16386 (vista_rtm.061101-2205) Network System Icon
QUtil.dll 72790000 94208 C:\Windows\system32\QUtil.dll 6.0.6000.16386 (vista_rtm.061101-2205) Quarantine Utilities
wevtapi.dll 75020000 262144 C:\Windows\system32\wevtapi.dll 6.0.6000.16386 (vista_rtm.061101-2205) Eventing Consumption and Configuration API
wlanutil.dll 737b0000 24576 C:\Windows\system32\wlanutil.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Wireless LAN 802.11 Utility DLL
cscapi.dll 72a30000 45056 C:\Windows\system32\cscapi.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Offline Files Win32 API
fdproxy.dll 72920000 36864 C:\Windows\system32\fdproxy.dll 6.0.6000.16386 (vista_rtm.061101-2205) Function Discovery Proxy Dll
npmproxy.dll 73030000 32768 C:\Windows\System32\npmproxy.dll 6.0.6000.16386 (vista_rtm.061101-2205) Network List Manager Proxy
Wlanapi.dll 723a0000 73728 C:\Windows\system32\Wlanapi.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows WLAN AutoConfig Client Side API DLL
OneX.DLL 737e0000 1556480 C:\Windows\system32\OneX.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) IEEE 802.1X supplicant library
eappprxy.dll 73ea0000 57344 C:\Windows\system32\eappprxy.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft EAPHost Peer Client DLL
eappcfg.dll 739f0000 147456 C:\Windows\system32\eappcfg.dll 6.0.6000.16386 (vista_rtm.061101-2205) Eap Peer Config
bcrypt.dll 74c20000 282624 C:\Windows\system32\bcrypt.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Cryptographic Primitives Library
AltTab.dll 72470000 53248 C:\Windows\System32\AltTab.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Shell Alt Tab
wpdshserviceobj.dll 70c20000 143360 C:\Windows\system32\wpdshserviceobj.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Portable Device Shell Service Object
WINHTTP.dll 73050000 389120 C:\Windows\system32\WINHTTP.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows HTTP Services
srchadmin.dll 70b80000 315392 C:\Windows\System32\srchadmin.dll 7.0.6001.16503 (longhorn(wmbla).080526-2159) Indexing Options
webcheck.dll 70b40000 249856 C:\Windows\System32\webcheck.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Web Site Monitor
MLANG.dll 70d80000 196608 C:\Windows\System32\MLANG.dll 6.0.6000.16386 (vista_rtm.061101-2205) Multi Language Support DLL
SyncCenter.dll 703a0000 2211840 C:\Windows\System32\SyncCenter.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Sync Center
wscntfy.dll 70be0000 233472 C:\Windows\system32\wscntfy.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Security Center Notification App
WSCAPI.dll 72760000 45056 C:\Windows\system32\WSCAPI.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Security Center API
ACTXPRXY.DLL 70a80000 339968 C:\Windows\system32\ACTXPRXY.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) ActiveX Interface Marshaling Library
imapi2.dll 70a20000 331776 C:\Windows\system32\imapi2.dll 6.0.6000.16386 (vista_rtm.061101-2205) Image Mastering API v2
WINTRUST.dll 73eb0000 184320 C:\Windows\system32\WINTRUST.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft Trust Verification APIs
msiltcfg.dll 70bd0000 28672 C:\Windows\system32\msiltcfg.dll 4.0.6000.16386 (vista_rtm.061101-2205) Windows Installer Configuration API Stub
msi.dll 705d0000 2105344 C:\Windows\system32\msi.dll 4.0.6001.18000 Windows Installer
bthprops.cpl 702a0000 1019904 C:\Windows\system32\bthprops.cpl 6.0.6000.16386 (vista_rtm.061101-2205) Bluetooth Control Panel Applet
PortableDeviceTypes.dll 70ae0000 176128 C:\Windows\system32\PortableDeviceTypes.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Portable Device (Parameter) Types Component
PortableDeviceApi.dll 709a0000 253952 C:\Windows\system32\PortableDeviceApi.dll 6.0.6001.18160 (vistasp1_gdr.081021-1528) Windows Portable Device API Components
QAgent.dll 709f0000 188416 C:\Windows\System32\QAgent.dll 6.0.6000.16386 (vista_rtm.061101-2205) Quarantine Agent Proxy
fwpuclnt.dll 733f0000 614400 C:\Windows\System32\fwpuclnt.dll 6.0.6000.16386 (vista_rtm.061101-2205) FWP/IPsec User-Mode API
wbemprox.dll 70b20000 45056 C:\Windows\system32\wbem\wbemprox.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) WMI
wbemcomn.dll 72eb0000 372736 C:\Windows\system32\wbemcomn.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) WMI
wbemsvc.dll 70b10000 65536 C:\Windows\system32\wbem\wbemsvc.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) WMI
SXS.DLL 75180000 389120 C:\Windows\system32\SXS.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Fusion 2.5
fastprox.dll 6fad0000 626688 C:\Windows\system32\wbem\fastprox.dll 6.0.6001.18226 (vistasp1_gdr.090302-1506) WMI Custom Marshaller
NTDSAPI.dll 750e0000 98304 C:\Windows\system32\NTDSAPI.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Active Directory Domain Services API
MPR.dll 750a0000 81920 C:\Windows\system32\MPR.dll 6.0.6000.16386 (vista_rtm.061101-2205) Multiple Provider Router DLL
thumbcache.dll 6f980000 90112 C:\Windows\system32\thumbcache.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Thumbnail Cache
oledb32.dll 6f240000 692224 C:\Program Files\Common Files\System\Ole DB\oledb32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) OLE DB Core Services
MSDART.DLL 6fa90000 126976 C:\Windows\system32\MSDART.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) OLE DB Runtime Routines
OLEDB32R.DLL 6f5c0000 94208 C:\Program Files\Common Files\System\Ole DB\OLEDB32R.DLL 6.0.6000.16386 (vista_rtm.061101-2205) OLE DB Core Services Resources
inetcomm.dll 6e940000 753664 C:\Windows\system32\inetcomm.dll 6.0.6001.18049 (vistasp1_gdr.080409-1644) Microsoft Internet Messaging API Resources
MSOERT2.dll 6f960000 118784 C:\Windows\system32\MSOERT2.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Windows Mail RT Lib
inetres.dll 6f360000 90112 C:\Windows\system32\inetres.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Internet Messaging API Resources
xmllite.dll 74110000 192512 C:\Windows\system32\xmllite.dll 1.2.1009.0 Microsoft XmlLite Library
msdmo.dll 70850000 45056 C:\Windows\system32\msdmo.dll 6.6.6001.18000 (longhorn_rtm.080118-1840) DMO Runtime
BIB.dll 6e4a0000 303104 C:\Program Files\Common Files\Adobe\Adobe Drive CS4\BIB.dll 1.2.01.1551 Bravo Interface Binder
VersionCue.DLL 61800000 1421312 C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Client\4.0.0\VersionCue.DLL 4.0.0.0client1 VersionCue
MSVCR80.dll 6f3a0000 634880 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll 8.00.50727.3053 Microsoft® C Runtime Library
MSVCP80.dll 6f440000 552960 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCP80.dll 8.00.50727.3053 Microsoft® C++ Runtime Library
ccL80U.dll 6ae10000 532480 C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccL80U.dll 108.1.1.10 Symantec Library
ncrypt.dll 74c90000 217088 C:\Windows\system32\ncrypt.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows cryptographic library
GPAPI.dll 748b0000 86016 C:\Windows\system32\GPAPI.dll 6.0.6000.16386 (vista_rtm.061101-2205) Group Policy Client API
ACLUI.dll 6f050000 139264 C:\Windows\system32\ACLUI.dll 6.0.6000.16386 (vista_rtm.061101-2205) Security Descriptor Editor
mscoree.dll 6e3c0000 286720 C:\Windows\system32\mscoree.dll 2.0.50727.3053 (netfxsp.050727-3000) Microsoft .NET Runtime Execution Engine
Shfusion.dll 641f0000 122880 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll 2.0.50727.3053 (netfxsp.050727-3000) Microsoft COM Runtime Fusion Assembly Viewer
Fusion.dll 60610000 24576 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Fusion.dll 2.0.50727.3053 (netfxsp.050727-3000) Assembly manager
culture.dll 60340000 32768 C:\Windows\Microsoft.NET\Framework\v2.0.50727\culture.dll 2.0.50727.3053 (netfxsp.050727-3000) Microsoft Globalization Support
ShFusRes.dll 64220000 98304 C:\Windows\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll 2.0.50727.3053 (netfxsp.050727-3000) Microsoft COM Runtime Fusion Assembly Viewer Resources
AUDIOSES.DLL 70200000 135168 C:\Windows\system32\AUDIOSES.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) Audio Session
audioeng.dll 6f2f0000 417792 C:\Windows\system32\audioeng.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Audio Engine
zipfldr.dll 6eab0000 356352 C:\Windows\system32\zipfldr.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Compressed (zipped) Folders
ADFSMenu.dll 4650000 1339392 C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll 4.0.0.0client1 Adobe Drive Menu
SASCTXMN.DLL 20c0000 61440 C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL 1, 0, 0, 1004 SUPERAntiSpyware Context Menu Extension
NavShExt.dll 677b0000 278528 C:\Program Files\Norton Internet Security\Engine\16.7.2.11\NavShExt.dll 16.7.2.11 Symantec Shared Component Shell Extension Module
PWRISOSH.DLL 2460000 192512 C:\Program Files\PowerISO\PWRISOSH.DLL 4, 5, 0, 0 PowerISOShell DLL
WINSPOOL.DRV 6f8e0000 270336 C:\Windows\system32\WINSPOOL.DRV 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Spooler Driver
mbamext.dll 2490000 73728 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll 1, 2, 0, 0 Malwarebytes' Anti-Malware
syncui.dll 6f590000 188416 C:\Windows\system32\syncui.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Briefcase
SYNCENG.dll 73a80000 90112 C:\Windows\system32\SYNCENG.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Briefcase Engine
MpOav.dll 72450000 90112 C:\Program Files\Windows Defender\MpOav.dll 1.1.1600.0 IOfficeAntiVirus Module
NetworkExplorer.dll 6e0c0000 2240512 C:\Windows\system32\NetworkExplorer.dll 6.0.6000.16386 (vista_rtm.061101-2205) Network Explorer
tiptsf.dll 6eb70000 393216 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll 6.0.6000.16386 (vista_rtm.061101-2205) Tablet PC Input Panel Text Services Framework


_____________________________________________________________________________


Module information for 'iexplore.exe'
MODULE BASE SIZE PATH
iexplore.exe e50000 638976 C:\Program Files\Internet Explorer\iexplore.exe 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Internet Explorer
ntdll.dll 76fc0000 1208320 C:\Windows\system32\ntdll.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) NT Layer DLL
kernel32.dll 75740000 897024 C:\Windows\system32\kernel32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows NT BASE API Client DLL
ADVAPI32.dll 75670000 811008 C:\Windows\system32\ADVAPI32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Advanced Windows 32 Base API
RPCRT4.dll 75f00000 794624 C:\Windows\system32\RPCRT4.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Remote Procedure Call Runtime
USER32.dll 75be0000 643072 C:\Windows\system32\USER32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Multi-User Windows USER API Client DLL
GDI32.dll 761a0000 307200 C:\Windows\system32\GDI32.dll 6.0.6001.18159 (vistasp1_gdr.081020-1655) GDI Client DLL
msvcrt.dll 759f0000 696320 C:\Windows\system32\msvcrt.dll 7.0.6001.18000 (longhorn_rtm.080118-1840) Windows NT CRT DLL
SHLWAPI.dll 75820000 360448 C:\Windows\system32\SHLWAPI.dll 6.0.6000.16386 (vista_rtm.061101-2205) Shell Light-weight Utility Library
SHELL32.dll 764b0000 11599872 C:\Windows\system32\SHELL32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Shell Common Dll
ole32.dll 75880000 1327104 C:\Windows\system32\ole32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft OLE for Windows
iertutil.dll 762c0000 1998848 C:\Windows\system32\iertutil.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Run time utility for Internet Explorer
urlmon.dll 75fe0000 1253376 C:\Windows\system32\urlmon.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) OLE32 Extensions for Win32
OLEAUT32.dll 75aa0000 577536 C:\Windows\system32\OLEAUT32.dll 6.0.6001.18000
IMM32.DLL 759d0000 122880 C:\Windows\system32\IMM32.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) Multi-User Windows IMM32 API Client DLL
MSCTF.dll 761f0000 819200 C:\Windows\system32\MSCTF.dll 6.0.6000.16386 (vista_rtm.061101-2205) MSCTF Server DLL
LPK.DLL 770f0000 36864 C:\Windows\system32\LPK.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) Language Pack
USP10.dll 75b30000 512000 C:\Windows\system32\USP10.dll 1.0626.6001.18000 (longhorn_rtm.080118-1840) Uniscribe Unicode script processor
comctl32.dll 74e40000 1695744 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll 6.10 (longhorn_rtm.080118-1840) User Experience Controls Library
comdlg32.dll 76120000 471040 C:\Windows\system32\comdlg32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Common Dialogs DLL
COMCTL32.dll 746f0000 544768 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll 5.82 (longhorn_rtm.080118-1840) Common Controls Library
winmm.dll 747d0000 204800 C:\Windows\system32\winmm.dll 6.0.6000.16386 (vista_rtm.061101-2205) MCI API DLL
OLEACC.dll 74790000 233472 C:\Windows\system32\OLEACC.dll 4.2.5406.0 (longhorn_rtm.080118-1840) Active Accessibility Core Component
opengl32.dll 74620000 831488 C:\Windows\system32\opengl32.dll 6.0.6000.16386 (vista_rtm.061101-2205) OpenGL Client DLL
GLU32.dll 745f0000 143360 C:\Windows\system32\GLU32.dll 6.0.6000.16386 (vista_rtm.061101-2205) OpenGL Utility Library DLL
DDRAW.dll 74500000 937984 C:\Windows\system32\DDRAW.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft DirectDraw
DCIMAN32.dll 74b80000 24576 C:\Windows\system32\DCIMAN32.dll 6.0.6001.18272 (vistasp1_gdr.090615-0258) DCI Manager
SETUPAPI.dll 75c80000 1613824 C:\Windows\system32\SETUPAPI.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Setup API
dwmapi.dll 74c70000 49152 C:\Windows\system32\dwmapi.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft Desktop Window Manager API
WININET.dll 75e10000 942080 C:\Windows\system32\WININET.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Internet Extensions for Win32
Normaliz.dll 75fd0000 12288 C:\Windows\system32\Normaliz.dll 6.0.6000.16386 (vista_rtm.061101-2205) Unicode Normalization DLL
imagehlp.dll 77100000 167936 C:\Windows\system32\imagehlp.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows NT Image Helper
mswsock.dll 74b00000 241664 C:\Windows\system32\mswsock.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Windows Sockets 2.0 Service Provider
WS2_32.dll 75bb0000 184320 C:\Windows\system32\WS2_32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Socket 2.0 32-Bit DLL
NSI.dll 771c0000 24576 C:\Windows\system32\NSI.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) NSI User-mode interface DLL
IEFRAME.dll 711c0000 11083776 C:\Windows\system32\IEFRAME.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Internet Explorer
Secur32.dll 75500000 81920 C:\Windows\system32\Secur32.dll 6.0.6001.18272 (vistasp1_gdr.090615-0258) Security Support Provider Interface
NTMARTA.DLL 74810000 135168 C:\Windows\system32\NTMARTA.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Windows NT MARTA provider
WLDAP32.dll 771d0000 303104 C:\Windows\system32\WLDAP32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Win32 LDAP API DLL
PSAPI.DLL 75660000 28672 C:\Windows\system32\PSAPI.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Process Status Helper
SAMLIB.dll 75200000 69632 C:\Windows\system32\SAMLIB.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) SAM Library DLL
VERSION.dll 74780000 32768 C:\Windows\system32\VERSION.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Version Checking and File Installation Libraries
wshtcpip.dll 744c0000 20480 C:\Windows\System32\wshtcpip.dll 6.0.6000.16386 (vista_rtm.061101-2205) Winsock2 Helper DLL (TL/IPv4)
wship6.dll 74b70000 20480 C:\Windows\System32\wship6.dll 6.0.6000.16386 (vista_rtm.061101-2205) Winsock2 Helper DLL (TL/IPv6)
NLAapi.dll 743f0000 61440 C:\Windows\system32\NLAapi.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Network Location Awareness 2
IPHLPAPI.DLL 75000000 102400 C:\Windows\system32\IPHLPAPI.DLL 6.0.6000.16386 (vista_rtm.061101-2205) IP Helper API
dhcpcsvc.DLL 74d00000 217088 C:\Windows\system32\dhcpcsvc.DLL 6.0.6000.16386 (vista_rtm.061101-2205) DHCP Client Service
DNSAPI.dll 75220000 180224 C:\Windows\system32\DNSAPI.dll 6.0.6000.16386 (vista_rtm.061101-2205) DNS Client API DLL
WINNSI.DLL 74ff0000 28672 C:\Windows\system32\WINNSI.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) Network Store Information RPC interface
dhcpcsvc6.DLL 74cd0000 135168 C:\Windows\system32\dhcpcsvc6.DLL 6.0.6000.16386 (vista_rtm.061101-2205) DHCPv6 Client
napinsp.dll 72a50000 61440 C:\Windows\system32\napinsp.dll 6.0.6000.16386 (vista_rtm.061101-2205) E-mail Naming Shim Provider
pnrpnsp.dll 70960000 73728 C:\Windows\system32\pnrpnsp.dll 6.0.6000.16386 (vista_rtm.061101-2205) PNRP Name Space Provider
winrnr.dll 70990000 32768 C:\Windows\System32\winrnr.dll 6.0.6000.16386 (vista_rtm.061101-2205) LDAP RnR Provider DLL
rasadhlp.dll 72a60000 24576 C:\Windows\system32\rasadhlp.dll 6.0.6000.16386 (vista_rtm.061101-2205) Remote Access AutoDial Helper
rsaenh.dll 74870000 241664 C:\Windows\system32\rsaenh.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft Enhanced Cryptographic Provider
apphelp.dll 72f60000 180224 C:\Windows\system32\apphelp.dll 6.0.6000.16386 (vista_rtm.061101-2205) Application Compatibility Client Library
CLBCatQ.DLL 77130000 540672 C:\Windows\system32\CLBCatQ.DLL 2001.12.6931.18000 (longhorn_rtm.080118-1840) COM+ Configuration Catalog
RASAPI32.dll 730f0000 303104 C:\Windows\system32\RASAPI32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Remote Access API
rasman.dll 73730000 81920 C:\Windows\system32\rasman.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Remote Access Connection Manager
NETAPI32.dll 752d0000 479232 C:\Windows\system32\NETAPI32.dll 6.0.6001.18157 (vistasp1_gdr.081015-1604) Net Win32 API DLL
TAPI32.dll 730b0000 200704 C:\Windows\system32\TAPI32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft® Windows™ Telephony API Client DLL
rtutils.dll 73780000 49152 C:\Windows\system32\rtutils.dll 6.0.6000.16386 (vista_rtm.061101-2205) Routing Utilities
USERENV.dll 75520000 122880 C:\Windows\system32\USERENV.dll 6.0.6000.16386 (vista_rtm.061101-2205) Userenv
IEUI.dll 70930000 172032 C:\Windows\system32\IEUI.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Internet Explorer UI Engine
MSIMG32.dll 744d0000 20480 C:\Windows\system32\MSIMG32.dll 6.0.6000.16386 (vista_rtm.061101-2205) GDIEXT Client DLL
ACTXPRXY.DLL 70a80000 339968 C:\Windows\system32\ACTXPRXY.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) ActiveX Interface Marshaling Library
ieproxy.dll 708b0000 262144 C:\Program Files\Internet Explorer\ieproxy.dll 8.00.6001.18813 (longhorn_ie8_gdr.090721-0930) IE ActiveX Interface Marshaling Library
UxTheme.dll 74090000 258048 C:\Windows\system32\UxTheme.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft UxTheme Library
xmllite.dll 74110000 192512 C:\Windows\system32\xmllite.dll 1.2.1009.0 Microsoft XmlLite Library
SXS.DLL 75180000 389120 C:\Windows\system32\SXS.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Fusion 2.5
MLANG.dll 70d80000 196608 C:\Windows\system32\MLANG.dll 6.0.6000.16386 (vista_rtm.061101-2205) Multi Language Support DLL
PROPSYS.dll 73f50000 765952 C:\Windows\system32\PROPSYS.dll 7.0.6001.16503 (longhorn(wmbla).080526-2159) Microsoft Property System
CRYPT32.dll 74d40000 987136 C:\Windows\system32\CRYPT32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Crypto API32
MSASN1.dll 751e0000 73728 C:\Windows\system32\MSASN1.dll 6.0.6000.16386 (vista_rtm.061101-2205) ASN.1 Runtime APIs
msxml3.dll 70c50000 1204224 C:\Windows\System32\msxml3.dll 8.100.1048.0 MSXML 3.0 SP10
WindowsCodecs.dll 72b90000 733184 C:\Windows\system32\WindowsCodecs.dll 6.0.6001.18131 (vistasp1_gdr.080827-1507) Microsoft Windows Codecs Library
mshtml.dll 6fb70000 5951488 C:\Windows\system32\mshtml.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Microsoft ® HTML Viewer
msls31.dll 70880000 167936 C:\Windows\system32\msls31.dll 3.10.349.0 Microsoft Line Services library file
tiptsf.dll 6eb70000 393216 C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll 6.0.6000.16386 (vista_rtm.061101-2205) Tablet PC Input Panel Text Services Framework
NaturalLanguage6.dll 72850000 811008 C:\Windows\System32\NaturalLanguage6.dll 6.0.6001.18098 (vistasp1_gdr.080625-1507) Natural Language Development Platform 6
NLSData0009.dll 71ef0000 4886528 C:\Windows\System32\NLSData0009.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft English Natural Language Server Data and Code
NLSLexicons0009.dll 71c60000 2650112 C:\Windows\System32\NLSLexicons0009.dll 6.0.6001.18098 (vistasp1_gdr.080625-1507) Microsoft English Natural Language Server Data and Code
gdiplus.dll 73ce0000 1748992 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll 5.2.6001.18065 (vistasp1_gdr.080429-1705) Microsoft GDI+
ADFSMenu.dll 4330000 1339392 C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll 4.0.0.0client1 Adobe Drive Menu
mbamext.dll 3050000 73728 C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll 1, 2, 0, 0 Malwarebytes' Anti-Malware
ATL.DLL 74050000 81920 C:\Windows\system32\ATL.DLL 3.05.2284 ATL Module for Windows XP (Unicode)
DUser.dll 74010000 196608 C:\Windows\system32\DUser.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows DirectUser Engine
shdocvw.dll 72da0000 1077248 C:\Windows\System32\shdocvw.dll 6.0.6000.16386 (vista_rtm.061101-2205) Shell Doc Object and Control Library
thumbcache.dll 6f980000 90112 C:\Windows\system32\thumbcache.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Thumbnail Cache
IconCodecService.dll 73020000 24576 C:\Windows\system32\IconCodecService.dll 6.0.6000.16386 (vista_rtm.061101-2205) Converts a PNG part of the icon to a legacy bmp icon
Module information for 'iexplore.exe'
MODULE BASE SIZE PATH
iexplore.exe e50000 638976 C:\Program Files\Internet Explorer\iexplore.exe 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Internet Explorer
ntdll.dll 76fc0000 1208320 C:\Windows\system32\ntdll.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) NT Layer DLL
kernel32.dll 75740000 897024 C:\Windows\system32\kernel32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows NT BASE API Client DLL
ADVAPI32.dll 75670000 811008 C:\Windows\system32\ADVAPI32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Advanced Windows 32 Base API
RPCRT4.dll 75f00000 794624 C:\Windows\system32\RPCRT4.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Remote Procedure Call Runtime
USER32.dll 75be0000 643072 C:\Windows\system32\USER32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Multi-User Windows USER API Client DLL
GDI32.dll 761a0000 307200 C:\Windows\system32\GDI32.dll 6.0.6001.18159 (vistasp1_gdr.081020-1655) GDI Client DLL
msvcrt.dll 759f0000 696320 C:\Windows\system32\msvcrt.dll 7.0.6001.18000 (longhorn_rtm.080118-1840) Windows NT CRT DLL
SHLWAPI.dll 75820000 360448 C:\Windows\system32\SHLWAPI.dll 6.0.6000.16386 (vista_rtm.061101-2205) Shell Light-weight Utility Library
SHELL32.dll 764b0000 11599872 C:\Windows\system32\SHELL32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Shell Common Dll
ole32.dll 75880000 1327104 C:\Windows\system32\ole32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft OLE for Windows
iertutil.dll 762c0000 1998848 C:\Windows\system32\iertutil.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Run time utility for Internet Explorer
urlmon.dll 75fe0000 1253376 C:\Windows\system32\urlmon.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) OLE32 Extensions for Win32
OLEAUT32.dll 75aa0000 577536 C:\Windows\system32\OLEAUT32.dll 6.0.6001.18000
IMM32.DLL 759d0000 122880 C:\Windows\system32\IMM32.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) Multi-User Windows IMM32 API Client DLL
MSCTF.dll 761f0000 819200 C:\Windows\system32\MSCTF.dll 6.0.6000.16386 (vista_rtm.061101-2205) MSCTF Server DLL
LPK.DLL 770f0000 36864 C:\Windows\system32\LPK.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) Language Pack
USP10.dll 75b30000 512000 C:\Windows\system32\USP10.dll 1.0626.6001.18000 (longhorn_rtm.080118-1840) Uniscribe Unicode script processor
comctl32.dll 74e40000 1695744 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll 6.10 (longhorn_rtm.080118-1840) User Experience Controls Library
comdlg32.dll 76120000 471040 C:\Windows\system32\comdlg32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Common Dialogs DLL
COMCTL32.dll 746f0000 544768 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll 5.82 (longhorn_rtm.080118-1840) Common Controls Library
winmm.dll 747d0000 204800 C:\Windows\system32\winmm.dll 6.0.6000.16386 (vista_rtm.061101-2205) MCI API DLL
OLEACC.dll 74790000 233472 C:\Windows\system32\OLEACC.dll 4.2.5406.0 (longhorn_rtm.080118-1840) Active Accessibility Core Component
opengl32.dll 74620000 831488 C:\Windows\system32\opengl32.dll 6.0.6000.16386 (vista_rtm.061101-2205) OpenGL Client DLL
GLU32.dll 745f0000 143360 C:\Windows\system32\GLU32.dll 6.0.6000.16386 (vista_rtm.061101-2205) OpenGL Utility Library DLL
DDRAW.dll 74500000 937984 C:\Windows\system32\DDRAW.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft DirectDraw
DCIMAN32.dll 74b80000 24576 C:\Windows\system32\DCIMAN32.dll 6.0.6001.18272 (vistasp1_gdr.090615-0258) DCI Manager
SETUPAPI.dll 75c80000 1613824 C:\Windows\system32\SETUPAPI.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Setup API
dwmapi.dll 74c70000 49152 C:\Windows\system32\dwmapi.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft Desktop Window Manager API
WININET.dll 75e10000 942080 C:\Windows\system32\WININET.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Internet Extensions for Win32
Normaliz.dll 75fd0000 12288 C:\Windows\system32\Normaliz.dll 6.0.6000.16386 (vista_rtm.061101-2205) Unicode Normalization DLL
imagehlp.dll 77100000 167936 C:\Windows\system32\imagehlp.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows NT Image Helper
mswsock.dll 74b00000 241664 C:\Windows\system32\mswsock.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Windows Sockets 2.0 Service Provider
WS2_32.dll 75bb0000 184320 C:\Windows\system32\WS2_32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Socket 2.0 32-Bit DLL
NSI.dll 771c0000 24576 C:\Windows\system32\NSI.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) NSI User-mode interface DLL
IEFRAME.dll 711c0000 11083776 C:\Windows\system32\IEFRAME.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Internet Explorer
IEShims.dll 708f0000 208896 C:\Program Files\Internet Explorer\IEShims.dll 8.00.6001.18813 (longhorn_ie8_gdr.090721-0930) Internet Explorer Compatibility Shims
Secur32.dll 75500000 81920 C:\Windows\system32\Secur32.dll 6.0.6001.18272 (vistasp1_gdr.090615-0258) Security Support Provider Interface
rsaenh.dll 74870000 241664 C:\Windows\system32\rsaenh.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft Enhanced Cryptographic Provider
CLBCatQ.DLL 77130000 540672 C:\Windows\system32\CLBCatQ.DLL 2001.12.6931.18000 (longhorn_rtm.080118-1840) COM+ Configuration Catalog
ieproxy.dll 708b0000 262144 C:\Program Files\Internet Explorer\ieproxy.dll 8.00.6001.18813 (longhorn_ie8_gdr.090721-0930) IE ActiveX Interface Marshaling Library
ACTXPRXY.DLL 70a80000 339968 C:\Windows\system32\ACTXPRXY.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) ActiveX Interface Marshaling Library
apphelp.dll 72f60000 180224 C:\Windows\system32\apphelp.dll 6.0.6000.16386 (vista_rtm.061101-2205) Application Compatibility Client Library
NTMARTA.DLL 74810000 135168 C:\Windows\system32\NTMARTA.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Windows NT MARTA provider
WLDAP32.dll 771d0000 303104 C:\Windows\system32\WLDAP32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Win32 LDAP API DLL
PSAPI.DLL 75660000 28672 C:\Windows\system32\PSAPI.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Process Status Helper
SAMLIB.dll 75200000 69632 C:\Windows\system32\SAMLIB.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) SAM Library DLL
VERSION.dll 74780000 32768 C:\Windows\system32\VERSION.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Version Checking and File Installation Libraries
USERENV.dll 75520000 122880 C:\Windows\system32\USERENV.dll 6.0.6000.16386 (vista_rtm.061101-2205) Userenv
PROPSYS.dll 73f50000 765952 C:\Windows\system32\PROPSYS.dll 7.0.6001.16503 (longhorn(wmbla).080526-2159) Microsoft Property System
RASAPI32.dll 730f0000 303104 C:\Windows\system32\RASAPI32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Remote Access API
rasman.dll 73730000 81920 C:\Windows\system32\rasman.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Remote Access Connection Manager
NETAPI32.dll 752d0000 479232 C:\Windows\system32\NETAPI32.dll 6.0.6001.18157 (vistasp1_gdr.081015-1604) Net Win32 API DLL
TAPI32.dll 730b0000 200704 C:\Windows\system32\TAPI32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft® Windows™ Telephony API Client DLL
rtutils.dll 73780000 49152 C:\Windows\system32\rtutils.dll 6.0.6000.16386 (vista_rtm.061101-2205) Routing Utilities
wshtcpip.dll 744c0000 20480 C:\Windows\System32\wshtcpip.dll 6.0.6000.16386 (vista_rtm.061101-2205) Winsock2 Helper DLL (TL/IPv4)
MLANG.dll 70d80000 196608 C:\Windows\system32\MLANG.dll 6.0.6000.16386 (vista_rtm.061101-2205) Multi Language Support DLL
NLAapi.dll 743f0000 61440 C:\Windows\system32\NLAapi.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Network Location Awareness 2
IPHLPAPI.DLL 75000000 102400 C:\Windows\system32\IPHLPAPI.DLL 6.0.6000.16386 (vista_rtm.061101-2205) IP Helper API
dhcpcsvc.DLL 74d00000 217088 C:\Windows\system32\dhcpcsvc.DLL 6.0.6000.16386 (vista_rtm.061101-2205) DHCP Client Service
DNSAPI.dll 75220000 180224 C:\Windows\system32\DNSAPI.dll 6.0.6000.16386 (vista_rtm.061101-2205) DNS Client API DLL
WINNSI.DLL 74ff0000 28672 C:\Windows\system32\WINNSI.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) Network Store Information RPC interface
dhcpcsvc6.DLL 74cd0000 135168 C:\Windows\system32\dhcpcsvc6.DLL 6.0.6000.16386 (vista_rtm.061101-2205) DHCPv6 Client
rasadhlp.dll 72a60000 24576 C:\Windows\system32\rasadhlp.dll 6.0.6000.16386 (vista_rtm.061101-2205) Remote Access AutoDial Helper
UxTheme.dll 74090000 258048 C:\Windows\system32\UxTheme.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft UxTheme Library
SXS.DLL 75180000 389120 C:\Windows\system32\SXS.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Fusion 2.5
wship6.dll 74b70000 20480 C:\Windows\System32\wship6.dll 6.0.6000.16386 (vista_rtm.061101-2205) Winsock2 Helper DLL (TL/IPv6)
napinsp.dll 72a50000 61440 C:\Windows\system32\napinsp.dll 6.0.6000.16386 (vista_rtm.061101-2205) E-mail Naming Shim Provider
pnrpnsp.dll 70960000 73728 C:\Windows\system32\pnrpnsp.dll 6.0.6000.16386 (vista_rtm.061101-2205) PNRP Name Space Provider
winrnr.dll 70990000 32768 C:\Windows\System32\winrnr.dll 6.0.6000.16386 (vista_rtm.061101-2205) LDAP RnR Provider DLL
mshtml.dll 6fb70000 5951488 C:\Windows\system32\mshtml.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Microsoft ® HTML Viewer
msls31.dll 70880000 167936 C:\Windows\system32\msls31.dll 3.10.349.0 Microsoft Line Services library file
msimtf.dll 70980000 45056 C:\Windows\system32\msimtf.dll 6.0.6000.16386 (vista_rtm.061101-2205) Active IMM Server DLL
jscript.dll 6f4d0000 737280 C:\Windows\system32\jscript.dll 5.8.6001.18702 Microsoft ® JScript
WINSPOOL.DRV 6f8e0000 270336 C:\Windows\system32\WINSPOOL.DRV 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Spooler Driver
ImgUtil.dll 709e0000 49152 C:\Windows\system32\ImgUtil.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) IE plugin image decoder support DLL
pngfilt.dll 70860000 57344 C:\Windows\system32\pngfilt.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) IE PNG plugin image decoder
gdiplus.dll 73ce0000 1748992 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll 5.2.6001.18065 (vistasp1_gdr.080429-1705) Microsoft GDI+
wdmaud.drv 72aa0000 192512 C:\Windows\system32\wdmaud.drv 6.0.6000.16386 (vista_rtm.061101-2205) Winmm audio system driver
ksuser.dll 72f50000 16384 C:\Windows\system32\ksuser.dll 6.0.6000.16386 (vista_rtm.061101-2205) User CSA Library
MMDevAPI.DLL 740e0000 159744 C:\Windows\system32\MMDevAPI.DLL 6.0.6000.16386 (vista_rtm.061101-2205) MMDevice API
AVRT.dll 74160000 28672 C:\Windows\system32\AVRT.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Multimedia Realtime Runtime
CRYPT32.dll 74d40000 987136 C:\Windows\system32\CRYPT32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Crypto API32
MSASN1.dll 751e0000 73728 C:\Windows\system32\MSASN1.dll 6.0.6000.16386 (vista_rtm.061101-2205) ASN.1 Runtime APIs
wintrust.dll 73eb0000 184320 C:\Windows\system32\wintrust.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft Trust Verification APIs
schannel.dll 748f0000 282624 C:\Windows\system32\schannel.dll 6.0.6001.18272 (vistasp1_gdr.090615-0258) TLS / SSL Security Provider
credssp.dll 74c80000 28672 C:\Windows\system32\credssp.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) TS Single Sign On Security Package
dssenh.dll 707f0000 155648 C:\Windows\system32\dssenh.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider
ncrypt.dll 74c90000 217088 C:\Windows\system32\ncrypt.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows cryptographic library
bcrypt.dll 74c20000 282624 C:\Windows\system32\bcrypt.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Cryptographic Primitives Library
Flash10a.ocx 6ebd0000 4673536 C:\Windows\system32\macromed\flash\Flash10a.ocx 10,0,12,36 Adobe Flash Player 10.0 r12
mscms.dll 6f5e0000 401408 C:\Windows\system32\mscms.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Color Matching System DLL
GPAPI.dll 748b0000 86016 C:\Windows\system32\GPAPI.dll 6.0.6000.16386 (vista_rtm.061101-2205) Group Policy Client API
slc.dll 75060000 237568 C:\Windows\system32\slc.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Software Licensing Client Dll
MSVCP80.dll 6f440000 552960 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCP80.dll 8.00.50727.3053 Microsoft® C++ Runtime Library
MSVCR80.dll 6f3a0000 634880 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll 8.00.50727.3053 Microsoft® C Runtime Library
ccL80U.dll 6ae10000 532480 C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccL80U.dll 108.1.1.10 Symantec Library
cryptnet.dll 70230000 110592 C:\Windows\system32\cryptnet.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Crypto Network Related API
SensApi.dll 70870000 24576 C:\Windows\system32\SensApi.dll 6.0.6000.16386 (vista_rtm.061101-2205) SENS Connectivity API DLL
Cabinet.dll 73760000 86016 C:\Windows\system32\Cabinet.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft® Cabinet File API
Dxtrans.dll 73aa0000 233472 C:\Windows\system32\Dxtrans.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) DirectX Media -- DirectX Transform Core
ATL.DLL 74050000 81920 C:\Windows\system32\ATL.DLL 3.05.2284 ATL Module for Windows XP (Unicode)
ddrawex.dll 73b00000 40960 C:\Windows\system32\ddrawex.dll 6.0.6000.16386 (vista_rtm.061101-2205) Direct Draw Ex
Dxtmsft.dll 6eb10000 356352 C:\Windows\system32\Dxtmsft.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) DirectX Media -- Image DirectX Transforms
D3DIM700.DLL 6e2f0000 835584 C:\Windows\system32\D3DIM700.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft Direct3D
vbscript.dll 6f1d0000 434176 C:\Windows\system32\vbscript.dll 5.8.6001.18702 Microsoft ® VBScript
MSIMG32.dll 744d0000 20480 C:\Windows\system32\MSIMG32.dll 6.0.6000.16386 (vista_rtm.061101-2205) GDIEXT Client DLL
Wpc.dll 6f180000 311296 C:\Windows\System32\Wpc.dll 1.0.0.1 WPC Settings Library
WTSAPI32.dll 74400000 40960 C:\Windows\System32\WTSAPI32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Terminal Server SDK APIs
fwpuclnt.dll 733f0000 614400 C:\Windows\System32\fwpuclnt.dll 6.0.6000.16386 (vista_rtm.061101-2205) FWP/IPsec User-Mode API
wevtapi.dll 75020000 262144 C:\Windows\System32\wevtapi.dll 6.0.6000.16386 (vista_rtm.061101-2205) Eventing Consumption and Configuration API
msxml3.dll 70c50000 1204224 C:\Windows\System32\msxml3.dll 8.100.1048.0 MSXML 3.0 SP10
MSRATING.dll 6f9a0000 208896 C:\Windows\system32\MSRATING.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Internet Ratings and Local User Management DLL
dispex.dll 73ae0000 32768 C:\Windows\system32\dispex.dll 5.7.0.18000 Microsoft ® DispEx
mscoree.dll 6e3c0000 286720 C:\Windows\system32\mscoree.dll 2.0.50727.3053 (netfxsp.050727-3000) Microsoft .NET Runtime Execution Engine
mscorie.dll 63f00000 49152 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll 2.0.50727.3053 (netfxsp.050727-3000) Microsoft .NET IE MIME Filter
iepeers.dll 70820000 192512 C:\Windows\system32\iepeers.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Internet Explorer Peer Objects
WindowsCodecs.dll 72b90000 733184 C:\Windows\system32\WindowsCodecs.dll 6.0.6001.18131 (vistasp1_gdr.080827-1507) Microsoft Windows Codecs Library
Module information for 'iexplore.exe'
MODULE BASE SIZE PATH
iexplore.exe e50000 638976 C:\Program Files\Internet Explorer\iexplore.exe 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Internet Explorer
ntdll.dll 76fc0000 1208320 C:\Windows\system32\ntdll.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) NT Layer DLL
kernel32.dll 75740000 897024 C:\Windows\system32\kernel32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows NT BASE API Client DLL
ADVAPI32.dll 75670000 811008 C:\Windows\system32\ADVAPI32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Advanced Windows 32 Base API
RPCRT4.dll 75f00000 794624 C:\Windows\system32\RPCRT4.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Remote Procedure Call Runtime
USER32.dll 75be0000 643072 C:\Windows\system32\USER32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Multi-User Windows USER API Client DLL
GDI32.dll 761a0000 307200 C:\Windows\system32\GDI32.dll 6.0.6001.18159 (vistasp1_gdr.081020-1655) GDI Client DLL
msvcrt.dll 759f0000 696320 C:\Windows\system32\msvcrt.dll 7.0.6001.18000 (longhorn_rtm.080118-1840) Windows NT CRT DLL
SHLWAPI.dll 75820000 360448 C:\Windows\system32\SHLWAPI.dll 6.0.6000.16386 (vista_rtm.061101-2205) Shell Light-weight Utility Library
SHELL32.dll 764b0000 11599872 C:\Windows\system32\SHELL32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Shell Common Dll
ole32.dll 75880000 1327104 C:\Windows\system32\ole32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft OLE for Windows
iertutil.dll 762c0000 1998848 C:\Windows\system32\iertutil.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Run time utility for Internet Explorer
urlmon.dll 75fe0000 1253376 C:\Windows\system32\urlmon.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) OLE32 Extensions for Win32
OLEAUT32.dll 75aa0000 577536 C:\Windows\system32\OLEAUT32.dll 6.0.6001.18000
IMM32.DLL 759d0000 122880 C:\Windows\system32\IMM32.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) Multi-User Windows IMM32 API Client DLL
MSCTF.dll 761f0000 819200 C:\Windows\system32\MSCTF.dll 6.0.6000.16386 (vista_rtm.061101-2205) MSCTF Server DLL
LPK.DLL 770f0000 36864 C:\Windows\system32\LPK.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) Language Pack
USP10.dll 75b30000 512000 C:\Windows\system32\USP10.dll 1.0626.6001.18000 (longhorn_rtm.080118-1840) Uniscribe Unicode script processor
comctl32.dll 74e40000 1695744 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll 6.10 (longhorn_rtm.080118-1840) User Experience Controls Library
comdlg32.dll 76120000 471040 C:\Windows\system32\comdlg32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Common Dialogs DLL
COMCTL32.dll 746f0000 544768 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\COMCTL32.dll 5.82 (longhorn_rtm.080118-1840) Common Controls Library
winmm.dll 747d0000 204800 C:\Windows\system32\winmm.dll 6.0.6000.16386 (vista_rtm.061101-2205) MCI API DLL
OLEACC.dll 74790000 233472 C:\Windows\system32\OLEACC.dll 4.2.5406.0 (longhorn_rtm.080118-1840) Active Accessibility Core Component
opengl32.dll 74620000 831488 C:\Windows\system32\opengl32.dll 6.0.6000.16386 (vista_rtm.061101-2205) OpenGL Client DLL
GLU32.dll 745f0000 143360 C:\Windows\system32\GLU32.dll 6.0.6000.16386 (vista_rtm.061101-2205) OpenGL Utility Library DLL
DDRAW.dll 74500000 937984 C:\Windows\system32\DDRAW.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft DirectDraw
DCIMAN32.dll 74b80000 24576 C:\Windows\system32\DCIMAN32.dll 6.0.6001.18272 (vistasp1_gdr.090615-0258) DCI Manager
SETUPAPI.dll 75c80000 1613824 C:\Windows\system32\SETUPAPI.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Setup API
dwmapi.dll 74c70000 49152 C:\Windows\system32\dwmapi.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft Desktop Window Manager API
WININET.dll 75e10000 942080 C:\Windows\system32\WININET.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Internet Extensions for Win32
Normaliz.dll 75fd0000 12288 C:\Windows\system32\Normaliz.dll 6.0.6000.16386 (vista_rtm.061101-2205) Unicode Normalization DLL
imagehlp.dll 77100000 167936 C:\Windows\system32\imagehlp.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows NT Image Helper
mswsock.dll 74b00000 241664 C:\Windows\system32\mswsock.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Windows Sockets 2.0 Service Provider
WS2_32.dll 75bb0000 184320 C:\Windows\system32\WS2_32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Socket 2.0 32-Bit DLL
NSI.dll 771c0000 24576 C:\Windows\system32\NSI.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) NSI User-mode interface DLL
IEFRAME.dll 711c0000 11083776 C:\Windows\system32\IEFRAME.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Internet Explorer
IEShims.dll 708f0000 208896 C:\Program Files\Internet Explorer\IEShims.dll 8.00.6001.18813 (longhorn_ie8_gdr.090721-0930) Internet Explorer Compatibility Shims
USERENV.dll 75520000 122880 C:\Windows\system32\USERENV.dll 6.0.6000.16386 (vista_rtm.061101-2205) Userenv
Secur32.dll 75500000 81920 C:\Windows\system32\Secur32.dll 6.0.6001.18272 (vistasp1_gdr.090615-0258) Security Support Provider Interface
PROPSYS.dll 73f50000 765952 C:\Windows\system32\PROPSYS.dll 7.0.6001.16503 (longhorn(wmbla).080526-2159) Microsoft Property System
CLBCatQ.DLL 77130000 540672 C:\Windows\system32\CLBCatQ.DLL 2001.12.6931.18000 (longhorn_rtm.080118-1840) COM+ Configuration Catalog
rsaenh.dll 74870000 241664 C:\Windows\system32\rsaenh.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft Enhanced Cryptographic Provider
ieproxy.dll 708b0000 262144 C:\Program Files\Internet Explorer\ieproxy.dll 8.00.6001.18813 (longhorn_ie8_gdr.090721-0930) IE ActiveX Interface Marshaling Library
ACTXPRXY.DLL 70a80000 339968 C:\Windows\system32\ACTXPRXY.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) ActiveX Interface Marshaling Library
NTMARTA.DLL 74810000 135168 C:\Windows\system32\NTMARTA.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Windows NT MARTA provider
WLDAP32.dll 771d0000 303104 C:\Windows\system32\WLDAP32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Win32 LDAP API DLL
PSAPI.DLL 75660000 28672 C:\Windows\system32\PSAPI.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Process Status Helper
SAMLIB.dll 75200000 69632 C:\Windows\system32\SAMLIB.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) SAM Library DLL
VERSION.dll 74780000 32768 C:\Windows\system32\VERSION.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Version Checking and File Installation Libraries
MLANG.dll 70d80000 196608 C:\Windows\system32\MLANG.dll 6.0.6000.16386 (vista_rtm.061101-2205) Multi Language Support DLL
UxTheme.dll 74090000 258048 C:\Windows\system32\UxTheme.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft UxTheme Library
SXS.DLL 75180000 389120 C:\Windows\system32\SXS.DLL 6.0.6000.16386 (vista_rtm.061101-2205) Fusion 2.5
apphelp.dll 72f60000 180224 C:\Windows\system32\apphelp.dll 6.0.6000.16386 (vista_rtm.061101-2205) Application Compatibility Client Library
RASAPI32.dll 730f0000 303104 C:\Windows\system32\RASAPI32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Remote Access API
rasman.dll 73730000 81920 C:\Windows\system32\rasman.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Remote Access Connection Manager
NETAPI32.dll 752d0000 479232 C:\Windows\system32\NETAPI32.dll 6.0.6001.18157 (vistasp1_gdr.081015-1604) Net Win32 API DLL
TAPI32.dll 730b0000 200704 C:\Windows\system32\TAPI32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft® Windows™ Telephony API Client DLL
rtutils.dll 73780000 49152 C:\Windows\system32\rtutils.dll 6.0.6000.16386 (vista_rtm.061101-2205) Routing Utilities
wshtcpip.dll 744c0000 20480 C:\Windows\System32\wshtcpip.dll 6.0.6000.16386 (vista_rtm.061101-2205) Winsock2 Helper DLL (TL/IPv4)
NLAapi.dll 743f0000 61440 C:\Windows\system32\NLAapi.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Network Location Awareness 2
IPHLPAPI.DLL 75000000 102400 C:\Windows\system32\IPHLPAPI.DLL 6.0.6000.16386 (vista_rtm.061101-2205) IP Helper API
dhcpcsvc.DLL 74d00000 217088 C:\Windows\system32\dhcpcsvc.DLL 6.0.6000.16386 (vista_rtm.061101-2205) DHCP Client Service
DNSAPI.dll 75220000 180224 C:\Windows\system32\DNSAPI.dll 6.0.6000.16386 (vista_rtm.061101-2205) DNS Client API DLL
WINNSI.DLL 74ff0000 28672 C:\Windows\system32\WINNSI.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) Network Store Information RPC interface
dhcpcsvc6.DLL 74cd0000 135168 C:\Windows\system32\dhcpcsvc6.DLL 6.0.6000.16386 (vista_rtm.061101-2205) DHCPv6 Client
rasadhlp.dll 72a60000 24576 C:\Windows\system32\rasadhlp.dll 6.0.6000.16386 (vista_rtm.061101-2205) Remote Access AutoDial Helper
wship6.dll 74b70000 20480 C:\Windows\System32\wship6.dll 6.0.6000.16386 (vista_rtm.061101-2205) Winsock2 Helper DLL (TL/IPv6)
napinsp.dll 72a50000 61440 C:\Windows\system32\napinsp.dll 6.0.6000.16386 (vista_rtm.061101-2205) E-mail Naming Shim Provider
pnrpnsp.dll 70960000 73728 C:\Windows\system32\pnrpnsp.dll 6.0.6000.16386 (vista_rtm.061101-2205) PNRP Name Space Provider
winrnr.dll 70990000 32768 C:\Windows\System32\winrnr.dll 6.0.6000.16386 (vista_rtm.061101-2205) LDAP RnR Provider DLL
mshtml.dll 6fb70000 5951488 C:\Windows\system32\mshtml.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Microsoft ® HTML Viewer
msls31.dll 70880000 167936 C:\Windows\system32\msls31.dll 3.10.349.0 Microsoft Line Services library file
msimtf.dll 70980000 45056 C:\Windows\system32\msimtf.dll 6.0.6000.16386 (vista_rtm.061101-2205) Active IMM Server DLL
iepeers.dll 70820000 192512 C:\Windows\system32\iepeers.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Internet Explorer Peer Objects
WINSPOOL.DRV 6f8e0000 270336 C:\Windows\system32\WINSPOOL.DRV 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Spooler Driver
jscript.dll 6f4d0000 737280 C:\Windows\system32\jscript.dll 5.8.6001.18702 Microsoft ® JScript
ImgUtil.dll 709e0000 49152 C:\Windows\system32\ImgUtil.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) IE plugin image decoder support DLL
pngfilt.dll 70860000 57344 C:\Windows\system32\pngfilt.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) IE PNG plugin image decoder
gdiplus.dll 73ce0000 1748992 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18065_none_9e7abe2ec9c13222\gdiplus.dll 5.2.6001.18065 (vistasp1_gdr.080429-1705) Microsoft GDI+
wdmaud.drv 72aa0000 192512 C:\Windows\system32\wdmaud.drv 6.0.6000.16386 (vista_rtm.061101-2205) Winmm audio system driver
ksuser.dll 72f50000 16384 C:\Windows\system32\ksuser.dll 6.0.6000.16386 (vista_rtm.061101-2205) User CSA Library
MMDevAPI.DLL 740e0000 159744 C:\Windows\system32\MMDevAPI.DLL 6.0.6000.16386 (vista_rtm.061101-2205) MMDevice API
AVRT.dll 74160000 28672 C:\Windows\system32\AVRT.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Multimedia Realtime Runtime
Flash10a.ocx 6ebd0000 4673536 C:\Windows\system32\macromed\flash\Flash10a.ocx 10,0,12,36 Adobe Flash Player 10.0 r12
CRYPT32.dll 74d40000 987136 C:\Windows\system32\CRYPT32.dll 6.0.6000.16386 (vista_rtm.061101-2205) Crypto API32
MSASN1.dll 751e0000 73728 C:\Windows\system32\MSASN1.dll 6.0.6000.16386 (vista_rtm.061101-2205) ASN.1 Runtime APIs
mscms.dll 6f5e0000 401408 C:\Windows\system32\mscms.dll 6.0.6000.16386 (vista_rtm.061101-2205) Microsoft Color Matching System DLL
credssp.dll 74c80000 28672 C:\Windows\system32\credssp.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) TS Single Sign On Security Package
schannel.dll 748f0000 282624 C:\Windows\system32\schannel.dll 6.0.6001.18272 (vistasp1_gdr.090615-0258) TLS / SSL Security Provider
msxml3.dll 70c50000 1204224 C:\Windows\System32\msxml3.dll 8.100.1048.0 MSXML 3.0 SP10
ddrawex.dll 73b00000 40960 C:\Windows\system32\ddrawex.dll 6.0.6000.16386 (vista_rtm.061101-2205) Direct Draw Ex
WINTRUST.dll 73eb0000 184320 C:\Windows\system32\WINTRUST.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft Trust Verification APIs
D3DIM700.DLL 6e2f0000 835584 C:\Windows\system32\D3DIM700.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft Direct3D
vbscript.dll 6f1d0000 434176 C:\Windows\system32\vbscript.dll 5.8.6001.18702 Microsoft ® VBScript
MSIMG32.dll 744d0000 20480 C:\Windows\system32\MSIMG32.dll 6.0.6000.16386 (vista_rtm.061101-2205) GDIEXT Client DLL
Dxtrans.dll 73aa0000 233472 C:\Windows\system32\Dxtrans.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) DirectX Media -- DirectX Transform Core
ATL.DLL 74050000 81920 C:\Windows\system32\ATL.DLL 3.05.2284 ATL Module for Windows XP (Unicode)
Dxtmsft.dll 6eb10000 356352 C:\Windows\system32\Dxtmsft.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) DirectX Media -- Image DirectX Transforms
dispex.dll 73ae0000 32768 C:\Windows\system32\dispex.dll 5.7.0.18000 Microsoft ® DispEx
WindowsCodecs.dll 72b90000 733184 C:\Windows\system32\WindowsCodecs.dll 6.0.6001.18131 (vistasp1_gdr.080827-1507) Microsoft Windows Codecs Library
Wpc.dll 6f180000 311296 C:\Windows\System32\Wpc.dll 1.0.0.1 WPC Settings Library
WTSAPI32.dll 74400000 40960 C:\Windows\System32\WTSAPI32.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Terminal Server SDK APIs
fwpuclnt.dll 733f0000 614400 C:\Windows\System32\fwpuclnt.dll 6.0.6000.16386 (vista_rtm.061101-2205) FWP/IPsec User-Mode API
wevtapi.dll 75020000 262144 C:\Windows\System32\wevtapi.dll 6.0.6000.16386 (vista_rtm.061101-2205) Eventing Consumption and Configuration API
dssenh.dll 707f0000 155648 C:\Windows\system32\dssenh.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft Enhanced DSS and Diffie-Hellman Cryptographic Provider
ncrypt.dll 74c90000 217088 C:\Windows\system32\ncrypt.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows cryptographic library
bcrypt.dll 74c20000 282624 C:\Windows\system32\bcrypt.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Windows Cryptographic Primitives Library
GPAPI.dll 748b0000 86016 C:\Windows\system32\GPAPI.dll 6.0.6000.16386 (vista_rtm.061101-2205) Group Policy Client API
slc.dll 75060000 237568 C:\Windows\system32\slc.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Software Licensing Client Dll
MSVCP80.dll 6f440000 552960 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCP80.dll 8.00.50727.3053 Microsoft® C++ Runtime Library
MSVCR80.dll 6f3a0000 634880 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.3053_none_d08d7bba442a9b36\MSVCR80.dll 8.00.50727.3053 Microsoft® C Runtime Library
ccL80U.dll 6ae10000 532480 C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccL80U.dll 108.1.1.10 Symantec Library
cryptnet.dll 70230000 110592 C:\Windows\system32\cryptnet.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Crypto Network Related API
SensApi.dll 70870000 24576 C:\Windows\system32\SensApi.dll 6.0.6000.16386 (vista_rtm.061101-2205) SENS Connectivity API DLL
Cabinet.dll 73760000 86016 C:\Windows\system32\Cabinet.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Microsoft® Cabinet File API
AUDIOSES.DLL 70200000 135168 C:\Windows\system32\AUDIOSES.DLL 6.0.6001.18000 (longhorn_rtm.080118-1840) Audio Session
audioeng.dll 6f2f0000 417792 C:\Windows\system32\audioeng.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Audio Engine
MFPlat.DLL 6f0c0000 221184 C:\Windows\system32\MFPlat.DLL 11.0.6001.7000 (longhorn_rtm.080118-1840) Media Foundation Platform DLL
MSRATING.dll 6f9a0000 208896 C:\Windows\system32\MSRATING.dll 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) Internet Ratings and Local User Management DLL
browseui.dll 72c50000 1335296 C:\Windows\system32\browseui.dll 6.0.6000.16386 (vista_rtm.061101-2205) Shell Browser UI Library
DUser.dll 74010000 196608 C:\Windows\system32\DUser.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows DirectUser Engine
NetworkExplorer.dll 6e0c0000 2240512 C:\Windows\system32\NetworkExplorer.dll 6.0.6000.16386 (vista_rtm.061101-2205) Network Explorer
ntshrui.dll 72660000 303104 C:\Windows\system32\ntshrui.dll 6.0.6000.16386 (vista_rtm.061101-2205) Shell extensions for sharing
cscapi.dll 72a30000 45056 C:\Windows\system32\cscapi.dll 6.0.6001.18000 (longhorn_rtm.080118-1840) Offline Files Win32 API
msshsq.dll 729f0000 245760 C:\Windows\System32\msshsq.dll 7.0.6001.16503 (longhorn(wmbla).080526-2159) Structured Query
SHDOCVW.dll 72da0000 1077248 C:\Windows\system32\SHDOCVW.dll 6.0.6000.16386 (vista_rtm.061101-2205) Shell Doc Object and Control Library
LINKINFO.dll 73040000 36864 C:\Windows\system32\LINKINFO.dll 6.0.6000.16386 (vista_rtm.061101-2205) Windows Volume Tracking
MpOav.dll 72450000 90112 C:\Program Files\Windows Defender\MpOav.dll 1.1.1600.0 IOfficeAntiVirus Module
mscoree.dll 6e3c0000 286720 C:\Windows\system32\mscoree.dll 2.0.50727.3053 (netfxsp.050727-3000) Microsoft .NET Runtime Execution Engine
mscorie.dll 63f00000 49152 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorie.dll 2.0.50727.3053 (netfxsp.050727-3000) Microsoft .NET IE MIME Filter
IconCodecService.dll 73020000 24576 C:\Windows\system32\IconCodecService.dll 6.0.6000.16386 (vista_rtm.061101-2205) Converts a PNG part of the icon to a legacy bmp icon

Edited by KonohamaruHeaven, 02 October 2009 - 11:09 PM.


#9 KonohamaruHeaven

KonohamaruHeaven
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 02 October 2009 - 11:25 PM

went i did the last step.while it was scanning the app stopped working and when i tryed to re open it my pc crashed.i will try the scan again

#10 KonohamaruHeaven

KonohamaruHeaven
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 02 October 2009 - 11:35 PM

it still crashed
just tryed the win32... it didnt work

Edited by KonohamaruHeaven, 02 October 2009 - 11:44 PM.


#11 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,219 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:03 AM

Posted 03 October 2009 - 12:01 AM

Was there an indication of a rootkit activity?

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#12 KonohamaruHeaven

KonohamaruHeaven
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 03 October 2009 - 12:03 AM

no
what would i see

Edited by KonohamaruHeaven, 03 October 2009 - 12:09 AM.


#13 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,219 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:03 AM

Posted 03 October 2009 - 12:14 AM

Run RootRepeal. Under the Stealth Objects, find the tdlwsp.dll Object. Select the object, then Tools from the menu. Wipe or delete this object.

Restart and post a fresh RootRepeal log

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#14 KonohamaruHeaven

KonohamaruHeaven
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:03 PM

Posted 03 October 2009 - 12:26 AM

when i tryed to delete or wipe
i got a error message saying

attempt to read from address: 0x7ecf626

Edited by KonohamaruHeaven, 03 October 2009 - 12:27 AM.


#15 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,219 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:12:03 AM

Posted 03 October 2009 - 12:40 AM

Something is missing.
  • Copy the entire contents of the Quote Box below to Notepad.
  • Name the file as Query.bat
  • Change the Save as Type to All Files
  • and Save it on the desktop
  • Once saved, double click on the Query.bat file and post the resulting report.

@Echo OFF
cd /d %~dp0
sc query type= driver group= "SCSI Miniport" > Logit.txt
Start Logit.txt


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users