i surfed the net & now my pc has spyware pop ups,i copied the highjacker file for you to help me out [page 5/6]

AfterDawn.com

Mobile/PDA About Us Advertise here


		User name	Password

		Not registered yet? Register here. Lost your password? Click here.

Advertise at AfterDawn.com

Link to us!

Private messages

Compose a private message

List of all updated threads

Threads without replies

Search messages

Sunday 9.3.2025 / 09:04

Search AfterDawn Forums:

In English

Suomeksi

På svenska

afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > i surfed the net & now my pc has spyware pop ups,i copied the highjacker file for you to help me out

Browse by topic

Forums

Forums

Start a new thread

i surfed the net & now my pc has spyware pop ups,i copied the highjacker file for you to help me out

Jump to:

Posted

Message

Page:	< Previous	1	2	3	4	5	6	Next >

engin123

Account closed as per user's own request

31. March 2008 @ 06:25

Link to this message

ON ALL THE SEARCHES IT CAME UP WITH A BOX WITH THE RED CIRCLE IN IT WITH THE X IN IT MAKING THAT NOISE IT SAYS'SPELL IT CORRECTLY OR IT SAYS IT CANT FIND IT ON ONE OF THE FILES IT WONT EVEN OPEN UP ON THE SEARCH BAR YOU COPY PASTE IT BUT IT WONT APPEAR, THESE ARE THE 4 U-TORRENT FILES IVE COPIED FOR YOU TO SEE,IM A BIT SAD AS I HAVE NOT SEEN THEM YET,THEY ARE IN MY MY DOCUMENTS,I DID IT THROUGH EXPLORER 7 NO LUCK IN ANY SEARCH AT THE BOTOM OF THIS MESSAGE YOU WILL SEE THE LAST SEARCH I DID WHERE IT SAYS COPY THE ULR INTO THE BOX & INTO THE BOX BELLOW PUT IN YOUR SEARCH DETAILS I DID BUT IT COULDN'T FIND ANYTHING,IT JUST SAID TIME TO TIME PROPRODACLY YOU CAN CHECK BACK TO TRY AGAIN LATER SO WHAT I DID WAS TO GO TO START & SEARCH &THAT WAY I WAS ABLE TO DELETE a few the other ones said it was not on the hardrive

Submit your site to Live Search
Learn more about:
Getting your site indexed

Advertising

Generally our web crawler, MSNBot, can find most pages on the Internet. However if your site does not appear on Live Search, you can send us the address (URL).

Type the characters from the picture
In the box below, type the characters that you see in the picture. This helps ensure that a person, not an automated program, is submitting the URL.

If you don't see the picture, make sure your browser is set to allow images. If you change the image setting, refresh this page to continue.

Characters:

Type the URL of your homepage
MSNBot follows links from your homepage to find other pages on your site.

Example: http://www.example.com/.

© 2008 Microsoft | Privacy | Legal

Advertisement

engin123

Account closed as per user's own request

31. March 2008 @ 06:34

Link to this message

did you tell me to delete the videoLAN vlc media player 0.8.6d as well,i just wanted to know,iv'e done everything im up to the stage for you to reply to my last message & this one then i can reboot then do a highjacker this scan then send it to you back

Member

31. March 2008 @ 06:40

Link to this message

Hey,

Nope I didn't ask you to delete videoLAN vlc media player 0.8.6d. The reason I asked you to delete the following programs is because they are not safe to have on your computer, and can bring in lots of viruses.

Programs that are not safe:

AdvancedCleaner Free
SopCast
uTorrent
LimeWire

---> You can proceed to post me a HijackThis log, and please do the online scan and post me the online scan log as well.

Windows and system security is my priority.

engin123

Account closed as per user's own request

31. March 2008 @ 06:43

Link to this message

this one wont even open up i don't even know what it belongs to ake whats the proper name for it

C:\WINDOWS\system32\299914\

& the same for this one what is this called,no problem with this one but what software is it or both of them called,so if anything ever want wrong with one of my softwares or what usually happens is a dill goes missing or a hreg key is corrupt or missing is that because of cc advanced cleaner & other bad programs like them that for some bad reason does a clean up but a lot of them clean up the files or temporary files you need because only after you have done it & then you start to use your software you realise that it wont work good no more

Member

31. March 2008 @ 06:51

Link to this message

Why do you need to open it? Just right click on it and select "Delete". Tell me if you have difficulty removing it.

Anyway, are you able to do the online scan?

Windows and system security is my priority.

engin123

Account closed as per user's own request

31. March 2008 @ 06:56

Link to this message

ok i will do that now ive deleted the rest but i have to download the latest java what do i do first if you have sent me the link for the java can i delete the old ones firs then download the new one or download the new one first

Member

31. March 2008 @ 06:58

Link to this message

My instructions said it clearly, download first (don't install yet) and delete the other version first before installing.

Windows and system security is my priority.

engin123

Account closed as per user's own request

31. March 2008 @ 07:10

Link to this message

heres the log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:11:41, on 31/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\MemInfo\meminfo.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Kontiki\KService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /StartUp
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [WinPatrol Helper DLL] C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [DS Clock] "C:\Program Files\DS Clock\dsclock.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MemInfo.lnk = C:\Program Files\MemInfo\meminfo.exe
O4 - Startup: WordWeb.lnk = C:\Documents and Settings\EDDY\My Documents\WordWeb\wweb32.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsof...b?1201727103468
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsof...b?1201727078062
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/j...ows-i586-jc.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{99525DF8-A407-4756-8479-1E90AA2806D3}: NameServer = 62.30.112.39,194.117.134.19
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe

--
End of file - 6437 bytes

Member

31. March 2008 @ 07:22

Link to this message

How is your computer doing?

Windows and system security is my priority.

engin123

Account closed as per user's own request

31. March 2008 @ 07:30

Link to this message

well i sent you the log from highjacker now ive done the java successfully now im onto the Do an online scan with Panda Active Scan,
so when i go to do the panda scan now do i have to copy & paste this into it or jut do the scan the part underneath which starts with [url="http://www.nanoscan

Please go [url="http://www.nanoscan.com/as/index/"][color="red"]HERE[/color][/url] to run Panda's TotalScan[list]
[*]Select the bubble for Full scan

engin123

Account closed as per user's own request

31. March 2008 @ 07:34

Link to this message

yes my java has varified that was a successfull instalation & that it was the correct one

Verified Java Version

Congratulations!

You have the recommended Java installed (Version 6 Update 5).

If you want to download Java for another computer or Operating System, see all Java downloads here.

For updates on Java and Java-enabled applications (desktop and mobile),please sign up for the java.com newsletter.

Member

31. March 2008 @ 08:24

Link to this message

Good job! Please post the log of the Panda Active scan when you are done.

Windows and system security is my priority.

engin123

Account closed as per user's own request

31. March 2008 @ 08:33

Link to this message

its been on for 20 minutes then this box opened up i thought it was for my outloot express e-mail that i have with virgin media,but it wasn't.the scan was only 20 % through yet there was maybe another 80 % to go,i was not sure what to do it said outlook in one white box in another new in another it said ok after i clicked ok then the result scan picture came up with the results at the bottom it says in green disinfect,what do i do copy the report only & then send you that only after iv'e done the hichhicker this scan log & save then send them,let me know jackie chan or jet lee,i love kung fu

engin123

Account closed as per user's own request

31. March 2008 @ 08:40

Link to this message

anyway this is what the total scan said,would it have been better to have left it to finish the scan,but mind you i can always leave it on later while im out to do a full scan because it might take 1 or 2 hours 2 do,so do i have to do another one later,im going to do the second scan now with highjacker this then send it to you

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-03-31 13:37:36
PROTECTIONS: 1
MALWARE: 28
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
AVG 7.5.519 7.5.519 No Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00003428 adware/memorywatcher Adware No 0 Yes No hkey_classes_root\vbrad.trayicon
00139535 Application/Processor HackTools No 0 Yes No C:\WINDOWS\system32\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP118\A0051413.exe
00139535 Application/Processor HackTools No 0 Yes No C:\y\SDFix\apps\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\SDFix\apps\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\EDDY\Desktop\y\SDFix\apps\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\EDDY\Desktop\SmitfraudFix\Process.exe
00139535 Application/Processor HackTools No 0 No No C:\Documents and Settings\EDDY\Desktop\SDFix.exe[SDFix\apps\Process.exe]
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\EDDY\Cookies\eddy@tradedoubler[2].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\EDDY\Cookies\eddy@com[1].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\EDDY\Cookies\eddy@ads.pointroll[1].txt
00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Documents and Settings\EDDY\Cookies\eddy@adviva[2].txt
00286736 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Documents and Settings\EDDY\Cookies\eddy@www6.addfreestats[1].txt
00509861 Hacktool/AngryScan HackTools No 1 Yes No C:\UBCD4Win\plugin\Network\ipscan\ipscan.exe
00511944 Application/SuperFast HackTools No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP90\A0044231.exe
00511944 Application/SuperFast HackTools No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP31\A0002579.exe
00517584 Application/SuperFast HackTools No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP31\A0002578.exe
00517584 Application/SuperFast HackTools No 0 Yes No C:\Documents and Settings\EDDY\Desktop\SmitfraudFix\restart.exe
00517584 Application/SuperFast HackTools No 0 Yes No C:\Program Files\XP Smoker\restart.exe
00530899 Application/NirCmd.A HackTools No 0 Yes No C:\UBCD4Win\oem1\PEUtils\nircmd.exe
00530899 Application/NirCmd.A HackTools No 0 Yes No C:\UBCD4Win\plugin\AntiVirus\AV7PE\nircmd.exe
01203898 Adware/BraveSentry Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP104\A0046974.exe
02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\Documents and Settings\EDDY\Desktop\SmitfraudFix\Reboot.exe
02870155 Application/VirusRanger HackTools No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP103\A0046955.dll
02870162 Application/VirusRanger HackTools No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP103\A0046956.dll
02885332 Adware/SpyShredder Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP107\A0047609.exe
02893893 Trj/Bancos.RQ Virus/Trojan No 0 No No C:\Documents and Settings\EDDY\Desktop\ComboFix.exe[327882R2FWJFW\pv.cfexe]
02893893 Trj/Bancos.RQ Virus/Trojan No 0 No No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP115\A0050087.exe[327882R2FWJFW\pv.cfexe]
02905336 Application/BarreraIntegral HackTools No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP48\A0012302.old
02905349 Application/BarreraIntegral HackTools No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP48\A0012301.old
02905665 Hacktool/Rootkit.AH HackTools No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP103\A0046920.exe
02907233 Application/VirusHeat HackTools No 0 No No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP119\A0051472.exe[VirusHeat 4.3.exe]
02908176 Application/PCPrivacyTool HackTools No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP103\A0046921.dll
02908177 Application/PCPrivacyTool HackTools No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP103\A0046922.exe
02908179 Application/PCPrivacyTool HackTools No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP113\A0049933.exe
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP103\A0046925.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP107\A0047501.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP103\A0046947.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP103\A0046913.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP107\A0047492.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP107\A0047989.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP106\A0047440.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP107\A0048192.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP103\A0046891.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP107\A0048237.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP107\A0049237.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP109\A0049248.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP110\A0049542.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP110\A0049829.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP111\A0049880.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP105\A0047323.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP105\A0047421.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP116\A0050151.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP116\A0051139.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP117\A0051186.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP117\A0051196.dll
02909516 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP118\A0051397.dll
02909523 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP118\A0051211.exe
02909524 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP107\A0048195.exe
02909528 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP107\A0048191.exe
02909528 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP107\A0047502.exe
02909528 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP107\A0047491.exe
02909528 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP106\A0047441.exe
02909528 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP105\A0047422.exe
02909528 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP105\A0047324.exe
02909528 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP103\A0046946.exe
02909528 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP103\A0046926.exe
02909528 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP103\A0046912.exe
02909528 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP103\A0046890.exe
02909528 Adware/Netproject Adware No 0 Yes No C:\System Volume Information\_restore{A2A512DA-21E6-45F1-9B1D-6020CD41E4FC}\RP107\A0047988.exe
;===================================================================================================================================================================================
SUSPECTS
Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================

engin123

Account closed as per user's own request

31. March 2008 @ 08:43

Link to this message

& here is the highjacker log,there you go bruce,whats next

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:44:14, on 31/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\MemInfo\meminfo.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Kontiki\KService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /StartUp
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [WinPatrol Helper DLL] C:\Program Files\BillP Studios\WinPatrol\patrolpro.dll
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [DS Clock] "C:\Program Files\DS Clock\dsclock.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MemInfo.lnk = C:\Program Files\MemInfo\meminfo.exe
O4 - Startup: WordWeb.lnk = C:\Documents and Settings\EDDY\My Documents\WordWeb\wweb32.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/microsof...b?1201727103468
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsof...b?1201727078062
O17 - HKLM\System\CCS\Services\Tcpip\..\{99525DF8-A407-4756-8479-1E90AA2806D3}: NameServer = 62.30.112.39,194.117.134.19
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe

--
End of file - 6967 bytes

Member

31. March 2008 @ 09:23

Link to this message

Hey,

Good job. Your logs are fine now. :)

Time for some housekeeping

[*] Click START then RUN
[*] Now type Combofix /u in the runbox and click OK

[*] When shown the disclaimer, Select "2"

The above procedure will:

[*] Delete the following:
[*] ComboFix and its associated files and folders.
[*] VundoFix backups, if present
[*] The C:\Deckard folder, if present
[*] The C:_OtMoveIt folder, if present

[*] Reset the clock settings.
[*] Hide file extensions, if required.
[*] Hide System/Hidden files, if required.
[*] Reset System Restore.

--------------------------------------------------------------------
Now that your log is fine, I have some recommended downloads for you. Please have a look at them and decide for yourself what you would like to use as protection for your system. After you have chosen the protection softwares you want to download, please don't forget to set them to automatic updating so that you have the latest protection.

[*]Spybot Search & Destroy- An excellent and free anti-spyware software with Immunize functionability that will help prevent future infections. PGPhantom has written a very comprehensive instruction set for Spybot, available here.

[*]SpywareBlaster - A wonderful prevention tool to protect yourself from installation of malicious codes. SpywareBlaster tutorial (by Grinler) is available here.

[*]IE-SpyAd - It puts over 5000 sites in your restricted zone and protect your Internet browser from being redirected to a malicious site. Lawrence Abrams has written an excellent tutorial about IE-SpyAd here.

Special Note: It is vital to know that you should only have ONE anti-spyware resident protection and ONE anti-virus resident protection running. Running more than one resident protection can slow down your system and cause conflicts between the protection softwares.

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein.

~Ltangel~

Windows and system security is my priority.

This message has been edited since posting. Last time this message was edited on 31. March 2008 @ 09:25

engin123

Account closed as per user's own request

31. March 2008 @ 10:22

Link to this message

thank you,now i have got to the end im just now downloading the VundoFix,do i run it or save it to my desktop then install it or do i just follow the promps of how afterdawn.com tell you how to use it whch iv'e copied for you to tell me what shall i do
VundoFix v6.5.0
VundoFix is a removal tool developed to remove Virtumonde infections. To use the tool follow the instrctions below.

Download VundoFix to your desktop and extract it (if zipped).

Double-click VundoFix.exe to run it.
When VundoFix re-opens, click the Scan for Vundo button.
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will reboot your computer, click OK.

[*] Delete the following:
[*] ComboFix and its associated files and folders.
[*] VundoFix backups, if present
[*] The C:\Deckard folder, if present
[*] The C:_OtMoveIt folder, if present

[*] Reset the clock settings.
[*] Hide file extensions, if required.
[*] Hide System/Hidden files, if required.
[*] Reset System Restore.

Member

31. March 2008 @ 10:43

Link to this message

Why do you need to download VundoFix when you have no vundo infection?

It's best not to download tools like these as they can damage your system if you use without supervision. Tools like ComboFix and VundoFix are only to be used under supervision from malware experts.

Now please take a look at the softwares I recommended you to download and ensure your computer is well protected.

Safe surfing!

Windows and system security is my priority.

engin123

Account closed as per user's own request

31. March 2008 @ 11:01

Link to this message

are you still there bruce, this one you want it deleted that is all my folders with all my passwords information in them sites that if i lose them i got them in there,is it because they are on the desktop can i move them to my documents,i wouldn,t have thought that this file & the other one is harmfull because of my memory i make them folders up,The C:_OtMoveIt folder, if present The C:\Deckard folder, if present this folder has a copy of all our transactions for me to ever read them again or try to help myself when others don't want to help out,that whistleing noise is still happening,it might seem like we are finished but tomorrow uk time what time do you get back from work so i know when to be around so we can finish off what little bits are left you can get me to check that evrything is running fine & then after i ask you to help me with the 2 or 3 small items left thats it,but how do i get rid of that noise,my clock was reset to,but in the future if i ever want to do a system restore does it work now for me to use it if i have to

engin123

Account closed as per user's own request

31. March 2008 @ 14:28

Link to this message

hi bruce thanks for your help but i am not trying to be funny but because iv'e found such good people like yourselves in s.afterdawn.com/ i just want to return the favour if i can,is there anyone at management level that i could speak to on your behalf to let them know how much i apriciate what kindness & helpfulness you gave me through this week of torture that iv'e been through

,please im in all day again tomorrow so it will be very important if you can help me out with the few finishing tests to make sure everything is in working order otherwise im back to square one again,thats why becvause of my condion like you i don't want to rush anything,so if thats ok with you i would just like to have tuesday & wednesday & maybe friday to for the finishing touches to be sorted out,it might even drag into the weekend but to be honest with you im getting better at this with your help are you sure you are not a teacher or an it technition,

you are very good at what you do,i mean there are things you have even answered yet & we will have to go through them agan tomorrow so please when you wake up the same time that you usually would send me a message please do it around that time so you can tell me what time in uk time you will be home then just send me a message then we can get started because the last two or more message you did not reply to them,

one thing was we need to first get this whistling sound off,i will check if its only doing it in the explorer browser,if it doesn't do it in the firefox browser then tomorrow i will let you know no2 i asked you what do you think of the avg 8.0. version which is free also & it goes along with the 7.5. version hand in hand,can i download that one,i want to stick with avg,

spybot is rubish in my eyes its to crazy it party's to much,it delete things that you need its stopping all my goog sites from coming through it takes everything as a threat,

its going off all the time the firewall prevents downloads from coming on,i don't understand the settings fare enough but i want stability spybot wont give it to me

engin123

Account closed as per user's own request

1. April 2008 @ 03:05

Link to this message

good afternoon bruce i did a scan on the superantiware4.0.& it found 17 adawrare cookies as it was ticked i deleted them,i was sick last night worrying about my pc,to be honest with you i don't really keep any friends of such they are a rarity to find these day,so i will be a member of afterdawn.com for life,

i looked into it but i don't havethe expertise as you do to pin point what is the problem,i will help you out for you to help me out,2 out of my 3 browsers are making the whitle noises when moving from page to page, you know the 2 iv'e mentioned it a lot,

thr 3rd one which is free from it is called avant browser,i did a search all that keeps popping up is about this browsers problem but nothing about the whistling,im not good with wording my words correctly if i did maybe the answers to what i want to know will be there for me to see,so what keeps being mentioned,

about bugs in the browsers of some IE7 browsers where when microsoft was trying out new test to improve on there browsers they got bugs in them along the way,but there was also talk about IE8 & THAT PEOPLE FOUND THAT TO BE MORE STABLE THEN IE7,THEN THERE WAS TALK ON IE6 BEING VERY STABLE & THAT THEY HAD A SHARE OF THE BROWSER NETWORKS AT LEAST 95% OF THEM & THAT IT WAS GOOD ALL IT NEEDED WAS UPDATING SO THERE YOU GO,

WE NEED A BROWSER ANTISPYWARE FOR FREE IT LOOKS LIKE TO TAKE OUT THIS BUG WHICH IS THE NOISE,PLEASE I AWAIT YOUR REPLY AS SOON AS YOU GET BACK IN FOR TODAY,

I KNOW WHAT I WANT TO BE OUTLINED FOR WHAT I WANT SO BE PATIENT BECAUSE I DON'T WANT TO BE PUSHED FROM PILLOW TO POST'YOU ARE A NICE MAN BRUCE WITH SUPER INTELLIGENCE,I CANT THOUGHT THAT I APLORED THAT

Member

1. April 2008 @ 07:52

Link to this message

About the whistling sound, it might be due to some hardware problems in your computer. I am not a hardware expert, so I cannot help you with hardware issues.

You might consider using Mozilla Firefox as your alternative web browser, it's safer and it's much faster. Just go to www.mozilla.org and you will be able to download Firefox 2.

Also, as a word of caution, don't download softwares that you are not sure of. Not all antivirus and antispyware softwares are trustworthy and many are actually viruses themselves. Please only download the ones I've recommended.

That's about all. Look at what I have written earlier to help prevent your computer from viruses. Can we close this issue now since we've cleaned your computer?

Windows and system security is my priority.

engin123

Account closed as per user's own request

1. April 2008 @ 08:05

Link to this message

i would love to but theres more still to do i did send you a report of 19 detections found from lavasoft adaware 2007 it was very important & a script that was important for you to read i sent it on a feedback to findland head quatres as well as complimenting you so much so you should be hearing from them soon,how can i get back that reply meassage i sent you do you know it dissapeard & its not the first time its dissapeard,we need about another couple of days to completly finish otherwise i would forget everything we did together & we went through to much to end it so soon i have my list of what is left the noise is mainly IE7 CAN I UNINSTAL IT & JUST USE AVANT BROWSER & THE FIREFOX MOZILLA 2,A LOT OF PEOPLE SAY THAT THIS ACTIVEX Control is bad news,so iwant to send you the log of the lavasoft adaware 2007 & the information,or can you retreive the lost reply message i sent to you about 1145am uk time

engin123

Account closed as per user's own request

1. April 2008 @ 08:18

Link to this message

heres the information read it then tell me what the threats are & what they mean,& i will install firefox mozilla what do you think of windows live oncare is that good

this is the link to the page just scroll down until you see spybot read it from there http://ph.answers.yahoo.com/question/ind...4430AAtxhqQ/now i pasted it you don't need to use the link just read this,i will send you the log for the scan in a minute

Spybot ? Search and Destroy
=====================
Download spybot search and destroy. Through its immunize page and link to javacools spyblaster, spybot can manage activex problems which is extremely difficult for antispyware programs to find. Also just run the scan for first attack.
http://www.spybot.info/en/download/index...
.

Windows Live Onecare
===================
Onecare safety scan fixes registry and finds temp files that nothing else seems to find.
Choose the Beta Edition link for vista users.
It does registry, spyware , virus , disk clean up and defrag

XP Users http://onecare.live.com/site/en-ca/defau...
Vista Users
http://onecare.live.com/site/en-ca/cente...

Run the full safety scanner, it takes a few seconds to install the scanning files but when you start the scan, it takes 2 hours or more. Let it load the scanning tools, then start the Safety Scan. So once it starts to load the safety scans' x file of x , you can leave the computer and go to bed etc.

Then at the end of the scan it asks you to set it running full time.

Think twice about setting it to run in the background as it could be another thing to slow you down. However, it may be worth while if you have no other security programs running.

Consider the following options:
I personally run Norton 360 which is full internet security and run superantispyware when I want to.

So if you don?t have a decent internet security program then perhaps run the superantispyware with your antivirus in the background.

If you sick of antivirus programs that don?t work perhaps run onecare full time and run superantispyware whenever.

Now you should be flying and Onecare has even set up a new system restore point for you.
Note onecare does other stuff as well. Click on the menus on the LHS column., but all of this is done if you click Safety Scan.
add onecare to your favourites

IE7
Over time IE7 seems to set its own (or programs do) tick boxes in the advance tab.
In IE7 Tools >Internet Options >Advance Tab
Click Restore advance settings defaults
Tick empty temp files when browser closes (this empties the cache, which if not empty, will stop you from going online).
Bullet disable phishing filter
Delete Browser History, cookies, add ons the whole lot regularly.
Close the browser to set the settings.
NOTE: 2008 will be the year of add on malware and spyware. I advise NOT to install active x when asked to on unknown websites. If you allow an active x install and it contains adware or such, no antivirus or anti-spyware will find it, because you have given permission to install it. The cleanup programs think that you want it installed. It will be very difficult to remove.

Phishing Filter
When first released, phishing filter slowed IE7. Apparently, Microsoft has fixed this through the windows updates. If you like you could try to run it - bullet the enable.
Only run one phishing filter program, and only run one firewall program.
.
Fixing Your Computer
Run the scans of the three programs above. If your computer is still faulty then you have to go deeper with the features mentioned.

Advertisement

engin123

Account closed as per user's own request

1. April 2008 @ 08:44

Link to this message

heres the log scan report now what do i do & what do i delete,i want more details on dills hreg keys temp -files *& cookies,when in the past i used cc advanced cleaner it made the pc faster but a little after that the pc was telling me things that makes the operating system is missing dills are missing hreg keys are missing some sites needs cookies as well otherwise they wont let you on there,in detail i need a guide by guide report on this for my future reference,please don't end it we still have until the weekend to finish all that i need off my chest heres the report what is a misc/the first name is called hacktool.keyfinder,ubcd4win thats the name
Scan Results
Ad-Aware 2007 Free Edition
Log File Created on:2008-04-0113:30:05
Using Definitions File:C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware 2007\core.aawdef
Computer name:EDDY1
Name of user performing scan:SYSTEM
Name of user ordering scan:EDDY
Scan completed successfully

System Information
File Version Information
Ad-Aware 2007 Settings
Extended Ad-Aware 2007 Settings
Database Information
Scan Statistics
Scan Detailed Statistics
Infections Found
Listing of running processes
System Information
Number of processors:1
Processor type:AMD Athlon(tm) 64 Processor 3200+
Memory Available:52%
Total Physical Memory:1072152576 Bytes
Available Physical Memory:552316928 Bytes
Total Page File Size:2579165184 Bytes
Available On Page File:2084765696 Bytes
Total Virtual Memory:2147352576 Bytes
Available Virtual Memory:1921122304 Bytes
OS:Microsoft Windows XP 5.1 (Build 2600)
[to top]
File Verion Information
File Version
CEAPI.dll 7,0,2,6
aawservice.exe 7,0,2,7
Ad-Aware2007.exe 7.0.2.6
[to top]
Ad-Aware 2007 Settings
Skipping files larger than:1048576 Bytes
Ignoring infections with lower TAI than:3
Safe Mode:False
[to top]
Extended Ad-Aware 2007 Settings
Unload malicious processes and modules
Unload Modules
Let Windows remove files at Start-Up
Deactivate Ad-Watch
Re-analyze Scan Result
Delete Restored Items
Write Protect System Files
Play a sound if scan locates an infection
Create Log file
Include basic settings
Include advanced settings
Include user and computer name
Environment information
Running processes
Running processes and modules
Include info about ignored objects in log file
[to top]
Database Info
Version number:65
Build Number:0
Build Date and Time:2008/03/2708:40:06
[to top]
Scan Statistics
Method:Full

Items Scanned:293703
Infections Detected:20
Infections Removed:0
Infections Quarantined:0
Infections Ignored:0
[to top]
Scan Detailed Statistics
Type Critical Total
Process Scan 0 0
Registry Scan 0 0
Registry PE Scan 0 0
Hosts Scan 0 0
File Scan 0 0
Folder Scan 0 0
LSP Scan 0 0
ADS Scan 0 0
Cookie Scan 19 19
File Hash Scan 1 1
[to top]
Infections Found
Family Id Name Category TAI
725 Tracking Cookie DataMiner 3
[600000212] Browser: Internet Explorer Cookie: C:\Documents and Settings\NetworkService\Cookies\index.dat 2o7.net s_vi_ex7Bfi9kge /
[600000212] Browser: Internet Explorer Cookie: C:\Documents and Settings\EDDY\Cookies\index.dat setanta.112.2o7.net s_vi /
[600000212] Browser: Internet Explorer Cookie: C:\Documents and Settings\EDDY\Cookies\index.dat msnportal.112.2o7.net s_vi /
[600000212] Browser: Internet Explorer Cookie: C:\Documents and Settings\EDDY\Cookies\index.dat 2o7.net s_vi_x60x7Eczdcbchnlx7Fh /
[600000212] Browser: Internet Explorer Cookie: C:\Documents and Settings\EDDY\Cookies\index.dat 2o7.net s_vi_x60x7Eczax7Enjabola /
[600000212] Browser: Internet Explorer Cookie: C:\Documents and Settings\EDDY\Cookies\index.dat 2o7.net s_vi_ex7Bfi9kge /
[600000190] Browser: Internet Explorer Cookie: C:\Documents and Settings\EDDY\Cookies\index.dat www.googleadservices.com Conversion /pagead/conversion/1062308990/
[600000661] Browser: Internet Explorer Cookie: C:\Documents and Settings\EDDY\Cookies\index.dat kontera.com cluid /
[600000661] Browser: Internet Explorer Cookie: C:\Documents and Settings\EDDY\Cookies\index.dat kontera.com imprs /
[600000661] Browser: Internet Explorer Cookie: C:\Documents and Settings\EDDY\Cookies\index.dat kontera.com limps /
[600000661] Browser: Internet Explorer Cookie: C:\Documents and Settings\EDDY\Cookies\index.dat kontera.com clcks /
[600000661] Browser: Internet Explorer Cookie: C:\Documents and Settings\EDDY\Cookies\index.dat te.kontera.com ai /
[600000661] Browser: Internet Explorer Cookie: C:\Documents and Settings\EDDY\Cookies\index.dat te.kontera.com ki /
[600000661] Browser: Internet Explorer Cookie: C:\Documents and Settings\EDDY\Cookies\index.dat te.kontera.com cn /
[600000661] Browser: Internet Explorer Cookie: C:\Documents and Settings\EDDY\Cookies\index.dat te.kontera.com rf /
[600000661] Browser: Internet Explorer Cookie: C:\Documents and Settings\EDDY\Cookies\index.dat te.kontera.com agi /
[600000661] Browser: Internet Explorer Cookie: C:\Documents and Settings\EDDY\Cookies\index.dat te.kontera.com ci /
[600000208] Browser: Internet Explorer Cookie: C:\Documents and Settings\EDDY\Cookies\index.dat 7search.com SurferID /
[600000208] Browser: Internet Explorer Cookie: C:\Documents and Settings\EDDY\Cookies\index.dat 7search.com Conversion /

392 Hacktool.Keyfinder Misc 3
[7528] File: C:\UBCD4Win\plugin\System-Info\Information\keyfinderpe\keyfinder.exe

Quarantined Objects
Family Id Name Category TAI

Removed Objects
Family Id Name Category TAI
[to top]
Listing of Running Processes
C:\WINDOWS\SYSTEM32\SMSS.EXE
c:\windows\system32\smss.exe
c:\windows\system32\ntdll.dll
C:\WINDOWS\SYSTEM32\CSRSS.EXE
c:\windows\system32\csrss.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\csrsrv.dll
c:\windows\system32\basesrv.dll
c:\windows\system32\winsrv.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\sxs.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
c:\windows\system32\winlogon.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\authz.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\nddeapi.dll
c:\windows\system32\profmap.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\psapi.dll
c:\windows\system32\regapi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\version.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msgina.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\odbc32.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\odbcint.dll
c:\windows\system32\shsvcs.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\ole32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\winscard.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\sxs.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\winmm.dll
c:\program files\superantispyware\saswinlo.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\ati2evxx.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\wlnotify.dll
c:\windows\system32\winspool.drv
c:\windows\system32\mpr.dll
c:\windows\system32\wgalogon.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\cscui.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\msacm32.drv
c:\windows\system32\msacm32.dll
c:\windows\system32\midimap.dll
C:\WINDOWS\SYSTEM32\SERVICES.EXE
c:\windows\system32\services.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\scesrv.dll
c:\windows\system32\authz.dll
c:\windows\system32\umpnpmgr.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\ncobjapi.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acadproc.dll
c:\windows\system32\imm32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\version.dll
c:\windows\system32\eventlog.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
C:\WINDOWS\SYSTEM32\LSASS.EXE
c:\windows\system32\lsass.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\lsasrv.dll
c:\windows\system32\mpr.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\samsrv.dll
c:\windows\system32\cryptdll.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\msprivs.dll
c:\windows\system32\kerberos.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\netlogon.dll
c:\windows\system32\w32time.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\schannel.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\wdigest.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\scecli.dll
c:\windows\system32\ipsecsvc.dll
c:\windows\system32\authz.dll
c:\windows\system32\oakley.dll
c:\windows\system32\winipsec.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\pstorsvc.dll
c:\windows\system32\psbase.dll
c:\windows\system32\dssenh.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\sensapi.dll
C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\ati2edxx.dll
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\rpcss.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\termsrv.dll
c:\windows\system32\icaapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\authz.dll
c:\windows\system32\mstlsapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\atl.dll
c:\windows\system32\regapi.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\rdpwsx.dll
c:\windows\system32\winspool.drv
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\rpcss.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\program files\bonjour\mdnsnsp.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
C:\PROGRAM FILES\MICROSOFT WINDOWS ONECARE LIVE\ANTIVIRUS\MSMPENG.EXE
c:\program files\microsoft windows onecare live\antivirus\msmpeng.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\program files\microsoft windows onecare live\antivirus\mpsvc.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\version.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\program files\microsoft windows onecare live\antivirus\mpclient.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\secur32.dll
c:\windows\system32\netapi32.dll
c:\documents and settings\all users\application data\microsoft\onecare protection\definition updates\{37c69e58-9532-4ad1-9ddb-c8182e849fb1}\mpengine.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\psapi.dll
c:\windows\system32\iphlpapi.dll
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\shsvcs.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\wzcsvc.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\wmi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\esent.dll
c:\windows\system32\atl.dll
c:\windows\system32\rastls.dll
c:\windows\system32\cryptui.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\schannel.dll
c:\windows\system32\winscard.dll
c:\windows\system32\raschap.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\schedsvc.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\msidle.dll
c:\windows\system32\audiosrv.dll
c:\windows\system32\wkssvc.dll
c:\windows\system32\cryptsvc.dll
c:\windows\system32\certcli.dll
c:\windows\system32\ersvc.dll
c:\windows\system32\es.dll
c:\windows\system32\hidserv.dll
c:\windows\system32\hid.dll
c:\windows\system32\netman.dll
c:\windows\system32\netshell.dll
c:\windows\system32\credui.dll
c:\windows\system32\wzcsapi.dll
c:\windows\system32\sens.dll
c:\windows\system32\srsvc.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\wbem\wmisvc.dll
c:\windows\system32\vssapi.dll
c:\windows\system32\wuauserv.dll
c:\windows\system32\wuaueng.dll
c:\windows\system32\winspool.drv
c:\windows\system32\winhttp.dll
c:\windows\system32\cabinet.dll
c:\windows\system32\mspatcha.dll
c:\windows\system32\sxs.dll
c:\windows\system32\comsvcs.dll
c:\windows\system32\colbact.dll
c:\windows\system32\mtxclu.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\clusapi.dll
c:\windows\system32\resutils.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wscsvc.dll
c:\windows\system32\msi.dll
c:\windows\system32\wbem\wbemcomn.dll
c:\windows\system32\wbem\wbemcore.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\wbem\esscli.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\ipnathlp.dll
c:\windows\system32\authz.dll
c:\windows\system32\wbem\wmiutils.dll
c:\windows\system32\wbem\repdrvfs.dll
c:\windows\system32\wbem\wmiprvsd.dll
c:\windows\system32\ncobjapi.dll
c:\windows\system32\wbem\wbemess.dll
c:\windows\system32\netcfgx.dll
c:\windows\system32\wbem\ncprov.dll
c:\windows\system32\rasmans.dll
c:\windows\system32\winipsec.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\tapisrv.dll
c:\windows\system32\psapi.dll
c:\windows\system32\rastapi.dll
c:\windows\system32\unimdm.tsp
c:\windows\system32\uniplat.dll
c:\windows\system32\qmgr.dll
c:\windows\system32\mpr.dll
c:\windows\system32\shfolder.dll
c:\windows\system32\unimdmat.dll
c:\windows\system32\modemui.dll
c:\windows\system32\kmddsp.tsp
c:\windows\system32\ndptsp.tsp
c:\windows\system32\ipconf.tsp
c:\windows\system32\h323.tsp
c:\windows\system32\hidphone.tsp
c:\windows\system32\rasppp.dll
c:\windows\system32\ntlsapi.dll
c:\windows\system32\kerberos.dll
c:\windows\system32\cryptdll.dll
c:\windows\system32\rasdlg.dll
c:\windows\system32\dssenh.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\winrnr.dll
c:\program files\bonjour\mdnsnsp.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\wups2.dll
c:\windows\system32\qmgrprxy.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\dnsrslvr.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE
c:\program files\lavasoft\ad-aware 2007\aawservice.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\program files\lavasoft\ad-aware 2007\ceapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\program files\lavasoft\ad-aware 2007\pkarchive85u.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\psapi.dll
c:\windows\system32\version.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\userenv.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\secur32.dll
C:\WINDOWS\SYSTEM32\ATI2EVXX.EXE
c:\windows\system32\ati2evxx.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\ati2edxx.dll
c:\windows\system32\msctf.dll
C:\WINDOWS\EXPLORER.EXE
c:\windows\explorer.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\browseui.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\cryptui.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\apphelp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\progra~1\micros~2\office12\gra8e1~1.dll
c:\progra~1\micros~2\office12\grooveutil.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
c:\progra~1\micros~2\office12\groovenew.dll
c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\atl80.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\themeui.dll
c:\windows\system32\secur32.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\actxprxy.dll
c:\windows\system32\samlib.dll
c:\progra~1\micros~2\office12\gr99d3~1.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\atl.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\netshell.dll
c:\windows\system32\credui.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\msi.dll
c:\windows\system32\mlang.dll
c:\windows\system32\msctf.dll
c:\progra~1\micros~2\office12\gr326c~1.dll
c:\windows\system32\winsta.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\stobject.dll
c:\windows\system32\batmeter.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\mydocs.dll
c:\windows\system32\upnpui.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\msacm32.drv
c:\windows\system32\midimap.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\program files\superantispyware\sasseh.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\sensapi.dll
c:\program files\common files\ahead\lib\nerodigitalext.dll
c:\program files\common files\ahead\lib\mfc71.dll
c:\program files\common files\ahead\lib\msvcr71.dll
c:\program files\common files\ahead\lib\msvcp71.dll
c:\windows\system32\sxs.dll
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
c:\windows\system32\spoolsv.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\spoolss.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\localspl.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\winspool.drv
c:\windows\system32\netapi32.dll
c:\windows\system32\cnbjmon.dll
c:\windows\system32\pjlmon.dll
c:\windows\system32\msonpmon.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
c:\windows\system32\msi.dll
c:\windows\system32\tcpmon.dll
c:\windows\system32\usbmon.dll
c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\program files\bonjour\mdnsnsp.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\win32spl.dll
c:\windows\system32\netrap.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\inetpp.dll
c:\windows\system32\xpsp2res.dll
C:\PROGRAM FILES\ITUNES\ITUNESHELPER.EXE
c:\program files\itunes\ituneshelper.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\version.dll
c:\windows\system32\wininet.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\secur32.dll
c:\program files\itunes\ituneshelper.resources\en.lproj\ituneshelperlocalized.dll
c:\program files\itunes\ituneshelper.resources\ituneshelper.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msi.dll
c:\windows\system32\sxs.dll
C:\WINDOWS\VM_STI.EXE
c:\windows\vm_sti.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ksproxy.ax
c:\windows\system32\setupapi.dll
c:\windows\system32\ksuser.dll
c:\windows\system32\imm32.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\version.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\devenum.dll
c:\windows\system32\winmm.dll
c:\windows\system32\kswdmcap.ax
c:\windows\system32\mfc42.dll
c:\windows\system32\vm31bprp.ax
c:\windows\system32\comdlg32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\msctf.dll
C:\PROGRAM FILES\IOBIT\IOBIT SMARTDEFRAG\IOBIT SMARTDEFRAG.EXE
c:\program files\iobit\iobit smartdefrag\iobit smartdefrag.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\version.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\olepro32.dll
c:\windows\system32\wship6.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\secur32.dll
c:\program files\iobit\iobit smartdefrag\taskdll.dll
c:\program files\iobit\iobit smartdefrag\workdll.dll
c:\windows\system32\mstask.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\mpr.dll
c:\windows\system32\userenv.dll
c:\program files\iobit\iobit smartdefrag\isdcom.dll
c:\program files\iobit\iobit smartdefrag\isdfat.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\winrnr.dll
c:\program files\bonjour\mdnsnsp.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\mlang.dll
C:\PROGRAM FILES\JAVA\JRE1.6.0_05\BIN\JUSCHED.EXE
c:\program files\java\jre1.6.0_05\bin\jusched.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\ole32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\dnsapi.dll
c:\program files\bonjour\mdnsnsp.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
C:\PROGRAM FILES\MICROSOFT WINDOWS ONECARE LIVE\WINSSNOTIFY.EXE
c:\program files\microsoft windows onecare live\winssnotify.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
c:\windows\system32\msvcrt.dll
c:\program files\microsoft windows onecare live\winssnotifylib.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
c:\windows\system32\winspool.drv
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\winmm.dll
c:\program files\microsoft windows onecare live\winsscommon.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\userenv.dll
c:\program files\microsoft windows onecare live\winssplatform.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\version.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\mpr.dll
c:\program files\microsoft windows onecare live\cert.dll
c:\program files\microsoft windows onecare live\providersclient.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\setupapi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\progra~1\micros~2\office12\gra8e1~1.dll
c:\progra~1\micros~2\office12\grooveutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\progra~1\micros~2\office12\groovenew.dll
c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\atl80.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\msimg32.dll
c:\progra~1\micros~2\office12\gr99d3~1.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\msxml3.dll
c:\program files\superantispyware\sasseh.dll
c:\windows\system32\secur32.dll
c:\windows\system32\psapi.dll
C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSNMSGR.EXE
c:\program files\windows live\messenger\msnmsgr.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msimg32.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
c:\program files\windows live\messenger\msncore.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\version.dll
c:\windows\system32\winmm.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\msacm32.dll
c:\program files\windows live\messenger\msidcrl40.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\program files\windows live\messenger\contactsux.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\userenv.dll
c:\windows\system32\secur32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\inetcomm.dll
c:\windows\system32\msoert2.dll
c:\windows\system32\inetres.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\mlang.dll
c:\program files\windows live\messenger\msgslang.8.5.1302.1018.dll
c:\program files\windows live\messenger\msgsres.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\es.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\sxs.dll
c:\program files\windows live\messenger\msgswcam.dll
c:\windows\system32\sirenacm.dll
c:\windows\system32\devenum.dll
c:\windows\system32\msdmo.dll
c:\windows\system32\ksproxy.ax
c:\windows\system32\ksuser.dll
c:\windows\system32\kswdmcap.ax
c:\windows\system32\mfc42.dll
c:\windows\system32\vm31bprp.ax
c:\windows\system32\comdlg32.dll
c:\windows\system32\riched20.dll
c:\windows\system32\msimtf.dll
c:\windows\system32\msi.dll
c:\program files\windows live\messenger\lmcdata.dll
c:\program files\windows live\messenger\contact.dll
c:\windows\system32\schannel.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\dnsapi.dll
c:\program files\bonjour\mdnsnsp.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\dssenh.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\atl.dll
c:\windows\system32\samlib.dll
c:\windows\system32\ieframe.dll
c:\program files\windows live\messenger\abssm.dll
c:\windows\system32\apphelp.dll
c:\program files\windows live\messenger\dfsr.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
c:\windows\system32\esent.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\jscript.dll
c:\windows\system32\dpnhupnp.dll
c:\windows\system32\netshell.dll
c:\windows\system32\credui.dll
c:\program files\windows live\messenger\custsat.dll
c:\windows\system32\dxtrans.dll
c:\windows\system32\ddrawex.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\windows\system32\dxtmsft.dll
c:\program files\windows live\messenger\usnsvcps.dll
c:\windows\system32\imgutil.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\msacm32.drv
c:\windows\system32\midimap.dll
c:\progra~1\micros~2\office12\gra8e1~1.dll
c:\progra~1\micros~2\office12\grooveutil.dll
c:\progra~1\micros~2\office12\groovenew.dll
c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\atl80.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\wmvcore.dll
c:\windows\system32\wmasf.dll
c:\windows\system32\dsound.dll
c:\windows\system32\wmadmod.dll
c:\windows\system32\mfplat.dll
c:\progra~1\wi1f86~1\messen~1\msgsc8~1.dll
C:\WINDOWS\SYSTEM32\CTFMON.EXE
c:\windows\system32\ctfmon.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msutb.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\msctfime.ime
C:\PROGRAM FILES\KONTIKI\KHOST.EXE
c:\program files\kontiki\khost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\version.dll
c:\windows\system32\wininet.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\msi.dll
c:\windows\system32\sxs.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\secur32.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\msimtf.dll
c:\windows\system32\userenv.dll
c:\windows\system32\jscript.dll
c:\windows\system32\mlang.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\imgutil.dll
c:\windows\system32\pngfilt.dll
c:\windows\system32\usp10.dll
c:\windows\system32\mshtmled.dll
C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
c:\program files\superantispyware\superantispyware.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\version.dll
c:\windows\system32\imagehlp.dll
c:\program files\superantispyware\deupx.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\hhctrl.ocx
c:\windows\system32\setupapi.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\psapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\secur32.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\msimtf.dll
c:\windows\system32\mlang.dll
c:\windows\system32\netapi32.dll
c:\progra~1\micros~2\office12\gra8e1~1.dll
c:\progra~1\micros~2\office12\grooveutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
c:\progra~1\micros~2\office12\groovenew.dll
c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\atl80.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\msimg32.dll
c:\progra~1\micros~2\office12\gr99d3~1.dll
c:\windows\system32\msxml3.dll
c:\program files\superantispyware\sasseh.dll
C:\PROGRAM FILES\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE
c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
C:\PROGRAM FILES\BONJOUR\MDNSRESPONDER.EXE
c:\program files\bonjour\mdnsresponder.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\atl.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\samlib.dll
c:\windows\system32\setupapi.dll
C:\PROGRAM FILES\KONTIKI\KSERVICE.EXE
c:\program files\kontiki\kservice.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\version.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\winmm.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\secur32.dll
c:\windows\system32\netcfgx.dll
c:\windows\system32\clusapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\atl.dll
c:\windows\system32\icmp.dll
c:\windows\system32\dmusic.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\dsound.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\msi.dll
c:\windows\system32\sxs.dll
c:\windows\system32\userenv.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\urlmon.dll
c:\program files\bonjour\mdnsnsp.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\schannel.dll
c:\windows\system32\dssenh.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\winrnr.dll
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\wiaservc.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\mscms.dll
c:\windows\system32\winspool.drv
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\brwia07a.dll
c:\windows\system32\brusi07a.dll
c:\windows\system32\wiavusd.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
c:\windows\system32\shfolder.dll
c:\windows\system32\actxprxy.dll
c:\windows\system32\sti.dll
C:\PROGRAM FILES\MICROSOFT WINDOWS ONECARE LIVE\WINSS.EXE
c:\program files\microsoft windows onecare live\winss.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\ole32.dll
c:\program files\microsoft windows onecare live\winsscommon.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\userenv.dll
c:\program files\microsoft windows onecare live\winssplatform.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\version.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\mpr.dll
c:\program files\microsoft windows onecare live\cert.dll
c:\program files\microsoft windows onecare live\conflictingappmodule.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\esent.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\httpapi.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\secur32.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\netman.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\atl.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\netshell.dll
c:\windows\system32\credui.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wzcsapi.dll
c:\windows\system32\wzcsvc.dll
c:\windows\system32\wmi.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbem\wbemcomn.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\ntdsapi.dll
c:\program files\microsoft windows onecare live\providers.dll
c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\atl80.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\pdh.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\odbc32.dll
c:\windows\system32\odbcbcp.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\winspool.drv
c:\windows\system32\odbcint.dll
c:\windows\system32\rsaenh.dll
c:\program files\microsoft windows onecare live\antivirus\mpclient.dll
c:\windows\system32\apphelp.dll
c:\program files\microsoft windows onecare live\backupengine.dll
c:\program files\microsoft windows onecare live\primosdk.dll
c:\windows\system32\vssapi.dll
c:\program files\microsoft windows onecare live\firewall\msfwapi.dll
c:\program files\microsoft windows onecare live\firewall\mpscatapi.dll
c:\program files\microsoft windows onecare live\msidcrl40.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\psapi.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\msv1_0.dll
c:\program files\bonjour\mdnsnsp.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\es.dll
c:\windows\system32\wuapi.dll
c:\windows\system32\cabinet.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\actxprxy.dll
c:\windows\system32\wups.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\schannel.dll
c:\windows\system32\dssenh.dll
c:\windows\system32\sxs.dll
c:\windows\system32\qmgrprxy.dll
C:\WINDOWS\SYSTEM32\WBEM\WMIPRVSE.EXE
c:\windows\system32\wbem\wmiprvse.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\wbem\wbemcomn.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ncobjapi.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\wmiutils.dll
c:\windows\system32\wbem\wmiprov.dll
c:\windows\system32\wmi.dll
c:\windows\system32\wbem\esscli.dll
C:\PROGRAM FILES\IPOD\BIN\IPODSERVICE.EXE
c:\program files\ipod\bin\ipodservice.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\version.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\program files\ipod\bin\ipodservice.resources\en.lproj\ipodservicelocalized.dll
c:\program files\ipod\bin\ipodservice.resources\ipodservice.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\msi.dll
c:\windows\system32\sxs.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
C:\WINDOWS\SYSTEM32\WSCNTFY.EXE
c:\windows\system32\wscntfy.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\ole32.dll
C:\WINDOWS\SYSTEM32\ALG.EXE
c:\windows\system32\alg.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\atl.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\xpsp2res.dll
C:\PROGRAM FILES\MEMINFO\MEMINFO.EXE
c:\program files\meminfo\meminfo.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\version.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\shell32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\uxtheme.dll
C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\USNSVC.EXE
c:\program files\windows live\messenger\usnsvc.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\version.dll
c:\program files\windows live\messenger\usnsvcps.dll
c:\windows\system32\rsaenh.dll
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
c:\program files\internet explorer\iexplore.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\version.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msctf.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\ieui.dll
c:\windows\system32\msimg32.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
c:\windows\system32\xmllite.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\msimtf.dll
c:\windows\system32\secur32.dll
c:\progra~1\micros~2\office12\gra8e1~1.dll
c:\progra~1\micros~2\office12\grooveutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
c:\progra~1\micros~2\office12\groovenew.dll
c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\atl80.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\setupapi.dll
c:\program files\microsoft office\office12\msohevi.dll
c:\program files\internet explorer\ieproxy.dll
c:\windows\system32\mlang.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\program files\google\googletoolbar2.dll
c:\windows\system32\msi.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\asycfilt.dll
c:\windows\system32\userenv.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\atl.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\mpr.dll
c:\windows\system32\drprov.dll
c:\windows\system32\ntlanman.dll
c:\windows\system32\netui0.dll
c:\windows\system32\netui1.dll
c:\windows\system32\netrap.dll
c:\windows\system32\samlib.dll
c:\windows\system32\davclnt.dll
c:\windows\system32\portabledeviceapi.dll
c:\windows\system32\msgina.dll
c:\windows\system32\winsta.dll
c:\windows\system32\odbc32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\odbcint.dll
c:\program files\java\jre1.6.0_05\bin\ssv.dll
c:\program files\java\jre1.6.0_05\bin\msvcr71.dll
c:\windows\system32\sti.dll
c:\windows\system32\cfgmgr32.dll
c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
c:\program files\common files\microsoft shared\windows live\msidcrl40.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\sxs.dll
c:\windows\system32\actxprxy.dll
c:\windows\system32\schannel.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\dnsapi.dll
c:\program files\bonjour\mdnsnsp.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\dssenh.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\ieapfltr.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\jscript.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\msacm32.drv
c:\windows\system32\msacm32.dll
c:\windows\system32\midimap.dll
c:\windows\system32\imgutil.dll
c:\windows\system32\pngfilt.dll
c:\windows\system32\mshtmled.dll
c:\windows\system32\usp10.dll
c:\progra~1\wi1f86~1\messen~1\msgsc8~1.dll
c:\windows\system32\macromed\flash\flash9e.ocx
c:\windows\system32\dxtrans.dll
c:\windows\system32\ddrawex.dll
c:\windows\system32\ddraw.dll
c:\windows\system32\dciman32.dll
c:\windows\system32\dxtmsft.dll
c:\windows\system32\extmgr.dll
c:\windows\system32\occache.dll
c:\windows\system32\browseui.dll
C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBARNOTIFIER\1.2.1128.5462\GOOGLETOOLBARNOTIFIER.EXE
c:\program files\google\googletoolbarnotifier\1.2.1128.5462\googletoolbarnotifier.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\psapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\version.dll
c:\windows\system32\xpsp2res.dll
c:\program files\google\googletoolbarnotifier\1.2.1128.5462\res_en.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\sxs.dll
c:\program files\google\googletoolbarnotifier\1.2.1128.5462\swg.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\shell32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\msi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\winmm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\sensapi.dll
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLLOGINPROXY.EXE
c:\program files\common files\microsoft shared\windows live\wlloginproxy.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msctf.dll
c:\program files\common files\microsoft shared\windows live\msidcrl40.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\version.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\userenv.dll
c:\windows\system32\secur32.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\msi.dll
c:\windows\system32\sxs.dll
C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AD-AWARE2007.EXE
c:\program files\lavasoft\ad-aware 2007\ad-aware2007.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\version.dll
c:\windows\system32\mpr.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\shfolder.dll
c:\program files\lavasoft\ad-aware 2007\lavalicense.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\inetmib1.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\snmpapi.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\atl.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\samlib.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\uxtheme.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\progra~1\micros~2\office12\gra8e1~1.dll
c:\progra~1\micros~2\office12\grooveutil.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
c:\progra~1\micros~2\office12\groovenew.dll
c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\atl80.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\olepro32.dll
c:\windows\system32\secur32.dll
c:\program files\lavasoft\ad-aware 2007\lavamessage.dll
[to top]

Page:	< Previous	1	2	3	4	5	6	Next >

Start a new thread

afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > i surfed the net & now my pc has spyware pop ups,i copied the highjacker file for you to help me out

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team

© 1999-2025 by AfterDawn Ltd.