Sign in to follow this  
edwardbill

Win32.Trojandownloader.Zlob troubles

Recommended Posts

After reading through many of the forum entries, I can't seem to find one that mirrors my exact situation. I'm running Windows XP with SP2, Avast 4.7, Windows Defender, Spybot, AdAware 2007. I recently aqured HiJackThis and have that log ready. I've also downloaded ComboFix.exe and it is on my desktop. This is my first time on the Lavasoft Support Forum and I would really appreciate any help.

Sincerely,

Billy-boy

Share this post


Link to post
Share on other sites

Welcome to the Lavasoft Support Forums Billy-boy ;)

 

If you're still in need of assistance, please post a fresh HijackThis log.

Share this post


Link to post
Share on other sites
Welcome to the Lavasoft Support Forums Billy-boy :angry:

 

If you're still in need of assistance, please post a fresh HijackThis log.

 

Thank you, thank you, thank you! I have attached a fresh HijackThis log.

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:52:25 AM, on 12/2/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\System32\CTsvcCDA.EXE

C:\WINDOWS\System32\DVDRAMSV.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\Program Files\Dantz\Retrospect\retrorun.exe

C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

C:\Program Files\Microsoft Hardware\Mouse\point32.exe

C:\WINDOWS\System32\umonit.exe

C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Trend Micro\Anti-Spam For OE\TMAS_OEMon.exe

C:\WINDOWS\system32\WDBtnMgr.exe

C:\WINDOWS\system32\CTHELPER.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

J:\My Music\iTunesHelper.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

C:\Program Files\PC Connectivity Solution\NclBTHandler.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe

C:\WINDOWS\system32\RAMASST.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/flash/index.cfm

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: ALOT eMusic Toolbar - {8260C2B8-E0D1-448a-B062-33D12D468BF0} - C:\Program Files\alot\bin\alot.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll

O3 - Toolbar: ALOT eMusic Toolbar - {8260C2B8-E0D1-448a-B062-33D12D468BF0} - C:\Program Files\alot\bin\alot.dll

O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe

O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [POINTER] C:\Program Files\Microsoft Hardware\Mouse\point32.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [uMonit] C:\WINDOWS\System32\umonit.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [OE] "C:\Program Files\Trend Micro\Anti-Spam For OE\TMAS_OEMon.exe"

O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe

O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE

O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [iTunesHelper] "J:\My Music\iTunesHelper.exe"

O4 - HKLM\..\Run: [18a0fc62] rundll32.exe "C:\WINDOWS\system32\phmsxnon.dll",b

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')

O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Bluetooth.lnk = ?

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?

O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su-newocx/ocx/15012/CTSUEng.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200312...meInstaller.exe

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1160572156171

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.winkflash.com/photo/loaders/ImageUploader4.cab

O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/1450/ftp...02/cpbrkpie.cab

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.adoramapix.com/components/ImageUploader3.cab

O16 - DPF: {C68F9105-04FD-4B48-B6CC-2A076F711C35} (HpodPCFileCtrl2 Class) - file://D:\MEMDISC\ALBUM_A\VIEW\PLUGIN\HPODPCFC.CAB

O16 - DPF: {CBD8B1CB-2F5F-415F-93E8-A297B33DCBB2} (CentrinoCheck Control) - http://entriq.vo.llnwd.net/o1/NBCUniversal...eck_1_0_0_4.cab

O16 - DPF: {CE7D2BF2-D173-4CE2-9DAF-15EA153B5B43} - http://entriq.vo.llnwd.net/o1/NBCUniversal...0_15_Silent.cab

O16 - DPF: {DE0FB644-C59B-46D1-B650-88BA945BC98F} - http://entriq.vo.llnwd.net/o1/NBCUniversal...sal_1_0_0_3.cab

O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - https://rr.esecurecare.net/rnt/rnl/java/RntX.cab

O16 - DPF: {E9A7F56F-C40F-4928-8C6F-7A72F2A25222} (AxRUploadControl Object) - http://www.imagestation.com/common/classes....cab?v=1,0,0,38

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su-newocx/ocx/15012/CTPID.cab

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE

O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe

O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe

O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

 

--

End of file - 14550 bytes

hijackthis.log

Edited by noahdfear
posted attached log

Share this post


Link to post
Share on other sites

Download Deckard's System Scanner (dss.exe) and save it to your desktop.

 

Download VundoFix by Atribune, saving it to your desktop.

  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.

Note: It is possible that VundoFix encounters a file it could not remove. In this case, VundoFix will run on reboot. If that happens, follow the above instructions starting from "Click the Scan for Vundo button" when VundoFix appears upon rebooting.

 

 

Next;

  • Close all applications and windows.
  • Double click on dss.exe to run it and follow the prompts.
  • When the scan is complete, two text files will open; main.txt, which will be maximized and extra.txt, which will be minimized.

Post the contents of main.txt and C:\VundoFix.txt

 

Please copy/paste the logs into your reply rather than attachments. Thanks!

Share this post


Link to post
Share on other sites
Download Deckard's System Scanner (dss.exe) and save it to your desktop.

 

Download VundoFix by Atribune, saving it to your desktop.

  • Double-click VundoFix.exe to run it.
  • Click the Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.

Note: It is possible that VundoFix encounters a file it could not remove. In this case, VundoFix will run on reboot. If that happens, follow the above instructions starting from "Click the Scan for Vundo button" when VundoFix appears upon rebooting.

Next;

  • Close all applications and windows.
  • Double click on dss.exe to run it and follow the prompts.
  • When the scan is complete, two text files will open; main.txt, which will be maximized and extra.txt, which will be minimized.

Post the contents of main.txt and C:\VundoFix.txt

 

Please copy/paste the logs into your reply rather than attachments. Thanks!

 

 

Here are the two logs you requested. Thanks again.

 

 

Deckard's System Scanner v20071014.68

Run by Billy on 2007-12-02 12:19:52

Computer is in Normal Mode.

--------------------------------------------------------------------------------

 

-- System Restore --------------------------------------------------------------

 

Successfully created a Deckard's System Scanner Restore Point.

 

 

-- Last 5 Restore Point(s) --

27: 2007-12-02 17:20:03 UTC - RP1637 - Deckard's System Scanner Restore Point

26: 2007-12-02 16:16:20 UTC - RP1636 - System Checkpoint

25: 2007-11-30 13:39:44 UTC - RP1635 - Software Distribution Service 3.0

24: 2007-11-29 19:59:24 UTC - RP1634 - System Checkpoint

23: 2007-11-28 19:13:01 UTC - RP1633 - Software Distribution Service 3.0

 

 

-- First Restore Point --

1: 2007-11-18 18:33:47 UTC - RP1611 - System Checkpoint

 

 

Backed up registry hives.

Performed disk cleanup.

 

Total Physical Memory: 511 MiB (512 MiB recommended).

System Drive C: has 7.46 GiB (less than 15%) free.

 

 

-- HijackThis (run as Billy.exe) -----------------------------------------------

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:22:45 PM, on 12/2/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\System32\CTsvcCDA.EXE

C:\WINDOWS\System32\DVDRAMSV.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\Program Files\Dantz\Retrospect\retrorun.exe

C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

C:\Program Files\Microsoft Hardware\Mouse\point32.exe

C:\WINDOWS\System32\umonit.exe

C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Trend Micro\Anti-Spam For OE\TMAS_OEMon.exe

C:\WINDOWS\system32\WDBtnMgr.exe

C:\WINDOWS\system32\CTHELPER.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

J:\My Music\iTunesHelper.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

C:\Program Files\PC Connectivity Solution\NclBTHandler.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe

C:\WINDOWS\system32\RAMASST.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

C:\Documents and Settings\Billy\Desktop\dss.exe

C:\PROGRA~1\TRENDM~1\HIJACK~1\Billy.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/flash/index.cfm

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: ALOT eMusic Toolbar - {8260C2B8-E0D1-448a-B062-33D12D468BF0} - C:\Program Files\alot\bin\alot.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll

O3 - Toolbar: ALOT eMusic Toolbar - {8260C2B8-E0D1-448a-B062-33D12D468BF0} - C:\Program Files\alot\bin\alot.dll

O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe

O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [POINTER] C:\Program Files\Microsoft Hardware\Mouse\point32.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [uMonit] C:\WINDOWS\System32\umonit.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [OE] "C:\Program Files\Trend Micro\Anti-Spam For OE\TMAS_OEMon.exe"

O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe

O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE

O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [iTunesHelper] "J:\My Music\iTunesHelper.exe"

O4 - HKLM\..\Run: [18a0fc62] rundll32.exe "C:\WINDOWS\system32\phmsxnon.dll",b

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')

O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Bluetooth.lnk = ?

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?

O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su-newocx/ocx/15012/CTSUEng.cab

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200312...meInstaller.exe

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1160572156171

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.winkflash.com/photo/loaders/ImageUploader4.cab

O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/1450/ftp...02/cpbrkpie.cab

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.adoramapix.com/components/ImageUploader3.cab

O16 - DPF: {C68F9105-04FD-4B48-B6CC-2A076F711C35} (HpodPCFileCtrl2 Class) - file://D:\MEMDISC\ALBUM_A\VIEW\PLUGIN\HPODPCFC.CAB

O16 - DPF: {CBD8B1CB-2F5F-415F-93E8-A297B33DCBB2} (CentrinoCheck Control) - http://entriq.vo.llnwd.net/o1/NBCUniversal...eck_1_0_0_4.cab

O16 - DPF: {CE7D2BF2-D173-4CE2-9DAF-15EA153B5B43} - http://entriq.vo.llnwd.net/o1/NBCUniversal...0_15_Silent.cab

O16 - DPF: {DE0FB644-C59B-46D1-B650-88BA945BC98F} - http://entriq.vo.llnwd.net/o1/NBCUniversal...sal_1_0_0_3.cab

O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - https://rr.esecurecare.net/rnt/rnl/java/RntX.cab

O16 - DPF: {E9A7F56F-C40F-4928-8C6F-7A72F2A25222} (AxRUploadControl Object) - http://www.imagestation.com/common/classes....cab?v=1,0,0,38

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su-newocx/ocx/15012/CTPID.cab

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE

O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe

O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe

O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

 

--

End of file - 14535 bytes

 

-- File Associations -----------------------------------------------------------

 

All associations okay.

 

 

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

 

R0 BsStor (B.H.A Storage Helper Driver) - c:\windows\system32\drivers\bsstor.sys <Not Verified; B.H.A Co.,Ltd.; >

R1 cdrbsvsd - c:\windows\system32\drivers\cdrbsvsd.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD7>

R1 meiudf - c:\windows\system32\drivers\meiudf.sys <Not Verified; Matsushita Electric Industrial Co.,Ltd.; >

R1 OMCI - c:\windows\system32\drivers\omci.sys <Not Verified; Dell Computer Corporation; OMCI Driver>

R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys

R1 SASKUTIL - c:\program files\superantispyware\saskutil.sys

R2 BCMNTIO - c:\program files\checkit\diagnostics\bcmntio.sys

R2 BTSERIAL (Bluetooth Serial Driver) - c:\windows\system32\drivers\btserial.sys <Not Verified; Broadcom Corporation.; Bluetooth Software 4.0.1.2400>

R2 BTSLBCSP (Bluetooth Port Client Driver) - c:\windows\system32\drivers\btslbcsp.sys <Not Verified; Broadcom Corporation.; Bluetooth Software 4.0.1.2400>

R2 MAPMEM - c:\program files\checkit\diagnostics\mapmem.sys

R3 fixustor - c:\windows\system32\drivers\fixustor.sys <Not Verified; Genesys Logic; USB storage patch driver>

R3 Pcatip - c:\windows\system32\drivers\pcatip.sys <Not Verified; VSO Software; Patin-Couffin Autoplay support driver>

R3 Pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>

R3 pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys <Not Verified; Padus, Inc.; Padus® ASPI Shell>

R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>

 

S1 InCDPass - c:\windows\system32\drivers\incdpass.sys (file missing)

S1 InCDRm (InCD Reader) - c:\windows\system32\drivers\incdrm.sys (file missing)

S3 btwmodem (Bluetooth Modem) - c:\windows\system32\drivers\btwmodem.sys <Not Verified; Broadcom Corporation.; Bluetooth Software 4.0.1.2400>

S3 catchme - c:\docume~1\billy\locals~1\temp\catchme.sys (file missing)

S3 vsdatant - c:\windows\system32\vsdatant.sys (file missing)

S4 InCDFs (InCD File System) - c:\windows\system32\drivers\incdfs.sys (file missing)

 

 

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

 

R2 Apple Mobile Device - "c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>

R2 DVD-RAM_Service - c:\windows\system32\dvdramsv.exe <Not Verified; Matsushita Electric Industrial Co., Ltd.; >

R2 RetroLauncher (Retrospect Launcher) - c:\program files\dantz\retrospect\retrorun.exe <Not Verified; Dantz Development Corporation; Retrospect>

R2 RetroWDSvc (Retrospect WD Service) - c:\progra~1\dantz\retros~1\wdsvc.exe <Not Verified; Dantz Development Corporation; Retrospect>

R2 Viewpoint Manager Service - "c:\program files\viewpoint\common\viewpointservice.exe" <Not Verified; Viewpoint Corporation; Viewpoint Manager>

R3 ServiceLayer - "c:\program files\pc connectivity solution\servicelayer.exe" <Not Verified; Nokia.; PC Connectivity Solution>

 

 

-- Device Manager: Disabled ----------------------------------------------------

 

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}

Description: Nokia Windows Portable Device Driver

Device ID: ROOT\WPD00

Manufacturer: Nokia

Name: Nokia 8801

PNP Device ID: ROOT\WPD00

Service: WUDFRd

 

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}

Description: Nokia Windows Portable Device Driver

Device ID: ROOT\WPD01

Manufacturer: Nokia

Name: Billy

PNP Device ID: ROOT\WPD01

Service: WUDFRd

 

Class GUID: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}

Description: Nokia Windows Portable Device Driver

Device ID: ROOT\WPD02

Manufacturer: Nokia

Name: Nokia 6103

PNP Device ID: ROOT\WPD02

Service: WUDFRd

 

 

-- Scheduled Tasks -------------------------------------------------------------

 

2007-12-02 10:41:11 330 --ah----- C:\WINDOWS\Tasks\MP Scheduled Scan.job

 

 

-- Files created between 2007-11-02 and 2007-12-02 -----------------------------

 

2007-11-29 14:32:42 0 d-------- C:\Documents and Settings\Nasrin\Application Data\Leadertech

2007-11-27 12:19:19 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

2007-11-27 12:19:02 0 d-------- C:\Program Files\SUPERAntiSpyware

2007-11-27 12:19:02 0 d-------- C:\Documents and Settings\Billy\Application Data\SUPERAntiSpyware.com

2007-11-27 11:07:07 0 d-------- C:\Program Files\Enigma Software Group

2007-11-27 09:33:09 0 d-------- C:\VundoFix Backups

2007-11-26 00:20:51 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft

2007-11-26 00:19:34 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard

2007-11-25 11:56:20 0 d-------- C:\WINDOWS\system32\rMa02yy

2007-11-09 13:13:56 0 d-------- C:\Documents and Settings\Nasrin\Application Data\alot

2007-11-04 14:26:49 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP

2007-11-04 14:26:12 0 d-------- C:\Program Files\WMA-MP3.com

 

 

-- Find3M Report ---------------------------------------------------------------

 

2007-12-02 11:38:46 0 d-------- C:\Documents and Settings\Billy\Application Data\Skype

2007-12-01 21:23:57 24 --a------ C:\WINDOWS\system32\DVCStateBkp-{00000002-00000000-00000002-00001102-00000002-80221102}.dat

2007-12-01 21:23:57 24 --a------ C:\WINDOWS\system32\DVCState-{00000002-00000000-00000002-00001102-00000002-80221102}.dat

2007-11-26 12:00:09 0 d-------- C:\Program Files\Trend Micro

2007-11-26 00:20:52 0 d-------- C:\Program Files\Lavasoft

2007-11-26 00:19:34 0 d-------- C:\Program Files\Common Files

2007-11-26 00:08:08 0 d-------- C:\Documents and Settings\Billy\Application Data\Lavasoft

2007-11-21 12:56:52 0 d-------- C:\Documents and Settings\Billy\Application Data\Canon

2007-11-19 18:01:23 0 d-------- C:\Documents and Settings\Billy\Application Data\alot

2007-11-08 18:53:07 0 d-------- C:\Documents and Settings\Billy\Application Data\Nokia Multimedia Player

2007-10-31 14:54:57 0 d-------- C:\Documents and Settings\Billy\Application Data\Mozilla

2007-10-31 14:54:56 0 d-------- C:\Documents and Settings\Billy\Application Data\eMusic

2007-10-31 14:37:46 0 d-------- C:\Program Files\alot

2007-10-31 14:37:39 0 d-------- C:\Program Files\eMusic Remote

2007-10-21 14:04:05 0 d-------- C:\Documents and Settings\Billy\Application Data\Datalayer

2007-10-21 14:04:04 0 d-------- C:\Documents and Settings\Billy\Application Data\Ahead

2007-10-18 18:46:26 0 d-------- C:\Program Files\iPod

2007-10-18 18:39:54 0 d-------- C:\Program Files\Apple Software Update

2007-10-12 12:23:42 0 d-------- C:\Program Files\Avery Dennison

2007-10-12 12:23:41 0 d--h----- C:\Program Files\InstallShield Installation Information

2007-10-11 10:36:01 0 d-------- C:\Program Files\Picasa2

2007-10-02 16:54:47 0 d-------- C:\Program Files\Common Files\Nokia

2007-10-02 16:54:44 0 d-------- C:\Program Files\Nokia

 

 

-- Registry Dump ---------------------------------------------------------------

 

*Note* empty entries & legit default entries are not shown

 

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8260C2B8-E0D1-448a-B062-33D12D468BF0}]

08/10/2007 04:38 PM 551208 --a------ C:\Program Files\alot\bin\alot.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"WorksFUD"="C:\Program Files\Microsoft Works\wkfud.exe" [10/05/2001 07:34 PM]

"Microsoft Works Portfolio"="C:\Program Files\Microsoft Works\WksSb.exe" [08/23/2001 04:52 PM]

"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [08/16/2001 11:41 PM]

"MoneyStartUp10.0"="C:\Program Files\Microsoft Money\System\Activation.exe" [07/25/2001 09:00 AM]

"UpdReg"="C:\WINDOWS\UpdReg.EXE" [05/11/2000 01:00 AM]

"AHQInit"="C:\Program Files\Creative\SBLive\Program\AHQInit.exe" [03/27/2001 08:00 PM]

"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [10/06/2003 02:16 PM]

"POINTER"="C:\Program Files\Microsoft Hardware\Mouse\point32.exe" [04/11/2002 01:47 PM]

"nwiz"="nwiz.exe" [10/06/2003 02:16 PM C:\WINDOWS\system32\nwiz.exe]

"UMonit"="C:\WINDOWS\System32\umonit.exe" [04/21/2003 10:23 AM]

"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [12/08/2003 04:35 PM]

"MediaFace Integration"="C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe" [08/18/2003 05:46 PM]

"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [07/26/2006 11:00 PM]

"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [01/19/2005 11:05 AM]

"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [01/19/2005 11:45 AM]

"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [01/19/2005 11:39 AM]

"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [11/03/2006 06:20 PM]

"OE"="C:\Program Files\Trend Micro\Anti-Spam For OE\TMAS_OEMon.exe" [12/29/2005 05:38 PM]

"WD Button Manager"="WDBtnMgr.exe" [02/01/2007 12:42 PM C:\WINDOWS\system32\WDBtnMgr.exe]

"WINDVDPatch"="CTHELPER.EXE" [07/02/2002 05:56 PM C:\WINDOWS\system32\CTHELPER.EXE]

"Jet Detection"="C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" [11/29/2001 01:00 AM]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [10/25/2007 11:20 AM]

"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [03/23/2007 12:20 PM]

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 09:50 AM]

"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [03/09/2007 10:09 AM]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 07:51 PM]

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [06/29/2007 05:24 AM]

"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [09/03/2007 10:54 AM]

"iTunesHelper"="J:\My Music\iTunesHelper.exe" [09/26/2007 01:42 PM]

"18a0fc62"="C:\WINDOWS\system32\phmsxnon.dll" []

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 11:24 AM]

"PowerBar"="" []

"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [10/13/2006 05:20 PM]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe" []

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 02:56 AM]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [11/24/2005 02:38 PM]

"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [06/21/2007 02:06 PM]

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

"Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe

 

C:\Documents and Settings\Billy\Start Menu\Programs\Startup\

Picture Motion Browser Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [7/2/2007 5:59:12 PM]

 

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [12/6/2004 9:43:55 PM]

Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [7/7/2005 3:21:00 PM]

Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 12:01:04 AM]

Microsoft Works Calendar Reminders.lnk - C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe [8/7/2001 6:06:54 PM]

RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [4/15/2004 9:47:03 AM]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

@=

"NoViewOnDrive"=0 (0x0)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 01:55 PM 77824]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

@="Volume shadow copy"

 

 

 

 

-- End of Deckard's System Scanner: finished at 2007-12-02 12:24:12 ------------

 

 

 

VundoFix V6.6.2

 

Checking Java version...

 

Scan started at 9:33:09 AM 11/27/2007

 

Listing files found while scanning....

 

C:\WINDOWS\system32\xxyvvwt.dll

 

Beginning removal...

 

Attempting to delete C:\WINDOWS\system32\xxyvvwt.dll

C:\WINDOWS\system32\xxyvvwt.dll Could not be deleted.

 

Performing Repairs to the registry.

Done!

 

Beginning removal...

 

Attempting to delete C:\WINDOWS\system32\xxyvvwt.dll

C:\WINDOWS\system32\xxyvvwt.dll Has been deleted!

 

Performing Repairs to the registry.

Done!

 

VundoFix V6.6.2

 

Checking Java version...

 

Scan started at 10:01:54 AM 11/27/2007

 

Listing files found while scanning....

 

No infected files were found.

 

 

VundoFix V6.6.2

 

Checking Java version...

 

Scan started at 10:49:42 AM 11/27/2007

 

Listing files found while scanning....

 

No infected files were found.

 

 

VundoFix V6.6.2

 

Checking Java version...

 

Scan started at 12:00:42 2007-11-27

 

Listing files found while scanning....

 

No infected files were found.

 

 

VundoFix V6.7.0

 

Checking Java version...

 

Scan started at 11:39:13 AM 12/2/2007

 

Listing files found while scanning....

 

No infected files were found.

Share this post


Link to post
Share on other sites

Open Add/Remove programs and uninstall the ALOT eMusic Toolbar if listed.

 

Scan again with HijackThis and place a check next to the following entries if present, close all other windows then click Fix Checked.

 

O2 - BHO: ALOT eMusic Toolbar - {8260C2B8-E0D1-448a-B062-33D12D468BF0} - C:\Program Files\alot\bin\alot.dll

O3 - Toolbar: ALOT eMusic Toolbar - {8260C2B8-E0D1-448a-B062-33D12D468BF0} - C:\Program Files\alot\bin\alot.dll

O4 - HKLM\..\Run: [18a0fc62] rundll32.exe "C:\WINDOWS\system32\phmsxnon.dll",b

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200312...meInstaller.exe

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

 

 

Close HijackThis and delete the following folders if present.

 

C:\Program Files\alot

C:\WINDOWS\system32\rMa02yy

 

 

Reboot and do another dss scan then post the log. Let me know how your computer is performing.

Share this post


Link to post
Share on other sites
Open Add/Remove programs and uninstall the ALOT eMusic Toolbar if listed.

 

Scan again with HijackThis and place a check next to the following entries if present, close all other windows then click Fix Checked.

 

O2 - BHO: ALOT eMusic Toolbar - {8260C2B8-E0D1-448a-B062-33D12D468BF0} - C:\Program Files\alot\bin\alot.dll

O3 - Toolbar: ALOT eMusic Toolbar - {8260C2B8-E0D1-448a-B062-33D12D468BF0} - C:\Program Files\alot\bin\alot.dll

O4 - HKLM\..\Run: [18a0fc62] rundll32.exe "C:\WINDOWS\system32\phmsxnon.dll",b

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/200312...meInstaller.exe

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

Close HijackThis and delete the following folders if present.

 

C:\Program Files\alot

C:\WINDOWS\system32\rMa02yy

Reboot and do another dss scan then post the log. Let me know how your computer is performing.

 

Hi Dave. I did what you said and deleted the files that remained. As for the performance of my computer, everything seems OK except that loading the Lavasoft Support page was very slow. I also was wondering if my laptop which is connected (wireless) to my network is in any danger? Thank you for all of you help.

Here is the main.txt log

 

Deckard's System Scanner v20071014.68

Run by Billy on 2007-12-02 14:07:20

Computer is in Normal Mode.

--------------------------------------------------------------------------------

 

Percentage of Memory in Use: 82% (more than 75%).

Total Physical Memory: 511 MiB (512 MiB recommended).

System Drive C: has 7.56 GiB (less than 15%) free.

 

 

-- HijackThis (run as Billy.exe) -----------------------------------------------

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 2:07:40 PM, on 12/2/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\System32\CTsvcCDA.EXE

C:\WINDOWS\System32\DVDRAMSV.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\Program Files\Dantz\Retrospect\retrorun.exe

C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

C:\Program Files\Microsoft Hardware\Mouse\point32.exe

C:\WINDOWS\System32\umonit.exe

C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Trend Micro\Anti-Spam For OE\TMAS_OEMon.exe

C:\WINDOWS\system32\WDBtnMgr.exe

C:\WINDOWS\system32\CTHELPER.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

J:\My Music\iTunesHelper.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\PC Connectivity Solution\NclBTHandler.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe

C:\WINDOWS\system32\RAMASST.exe

C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Documents and Settings\Billy\Desktop\dss.exe

C:\PROGRA~1\TRENDM~1\HIJACK~1\Billy.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/flash/index.cfm

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll

O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe

O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [POINTER] C:\Program Files\Microsoft Hardware\Mouse\point32.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [uMonit] C:\WINDOWS\System32\umonit.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [OE] "C:\Program Files\Trend Micro\Anti-Spam For OE\TMAS_OEMon.exe"

O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe

O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE

O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [iTunesHelper] "J:\My Music\iTunesHelper.exe"

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')

O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Bluetooth.lnk = ?

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?

O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su-newocx/ocx/15012/CTSUEng.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1160572156171

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.winkflash.com/photo/loaders/ImageUploader4.cab

O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/1450/ftp...02/cpbrkpie.cab

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.adoramapix.com/components/ImageUploader3.cab

O16 - DPF: {C68F9105-04FD-4B48-B6CC-2A076F711C35} (HpodPCFileCtrl2 Class) - file://D:\MEMDISC\ALBUM_A\VIEW\PLUGIN\HPODPCFC.CAB

O16 - DPF: {CBD8B1CB-2F5F-415F-93E8-A297B33DCBB2} (CentrinoCheck Control) - http://entriq.vo.llnwd.net/o1/NBCUniversal...eck_1_0_0_4.cab

O16 - DPF: {CE7D2BF2-D173-4CE2-9DAF-15EA153B5B43} - http://entriq.vo.llnwd.net/o1/NBCUniversal...0_15_Silent.cab

O16 - DPF: {DE0FB644-C59B-46D1-B650-88BA945BC98F} - http://entriq.vo.llnwd.net/o1/NBCUniversal...sal_1_0_0_3.cab

O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - https://rr.esecurecare.net/rnt/rnl/java/RntX.cab

O16 - DPF: {E9A7F56F-C40F-4928-8C6F-7A72F2A25222} (AxRUploadControl Object) - http://www.imagestation.com/common/classes....cab?v=1,0,0,38

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su-newocx/ocx/15012/CTPID.cab

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE

O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe

O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe

O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

 

--

End of file - 13857 bytes

 

-- Files created between 2007-11-02 and 2007-12-02 -----------------------------

 

2007-11-29 14:32:42 0 d-------- C:\Documents and Settings\Nasrin\Application Data\Leadertech

2007-11-27 12:19:19 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

2007-11-27 12:19:02 0 d-------- C:\Program Files\SUPERAntiSpyware

2007-11-27 12:19:02 0 d-------- C:\Documents and Settings\Billy\Application Data\SUPERAntiSpyware.com

2007-11-27 11:07:07 0 d-------- C:\Program Files\Enigma Software Group

2007-11-27 09:33:09 0 d-------- C:\VundoFix Backups

2007-11-26 00:20:51 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft

2007-11-26 00:19:34 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard

2007-11-09 13:13:56 0 d-------- C:\Documents and Settings\Nasrin\Application Data\alot

2007-11-04 14:26:49 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP

2007-11-04 14:26:12 0 d-------- C:\Program Files\WMA-MP3.com

 

 

-- Find3M Report ---------------------------------------------------------------

 

2007-12-02 14:06:00 0 d-------- C:\Documents and Settings\Billy\Application Data\Skype

2007-12-02 14:00:54 24 --a------ C:\WINDOWS\system32\DVCStateBkp-{00000002-00000000-00000002-00001102-00000002-80221102}.dat

2007-12-02 14:00:54 24 --a------ C:\WINDOWS\system32\DVCState-{00000002-00000000-00000002-00001102-00000002-80221102}.dat

2007-12-02 13:42:20 0 d-------- C:\Program Files\eMusic Remote

2007-11-26 12:00:09 0 d-------- C:\Program Files\Trend Micro

2007-11-26 00:20:52 0 d-------- C:\Program Files\Lavasoft

2007-11-26 00:19:34 0 d-------- C:\Program Files\Common Files

2007-11-26 00:08:08 0 d-------- C:\Documents and Settings\Billy\Application Data\Lavasoft

2007-11-21 12:56:52 0 d-------- C:\Documents and Settings\Billy\Application Data\Canon

2007-11-08 18:53:07 0 d-------- C:\Documents and Settings\Billy\Application Data\Nokia Multimedia Player

2007-10-31 14:54:57 0 d-------- C:\Documents and Settings\Billy\Application Data\Mozilla

2007-10-31 14:54:56 0 d-------- C:\Documents and Settings\Billy\Application Data\eMusic

2007-10-21 14:04:05 0 d-------- C:\Documents and Settings\Billy\Application Data\Datalayer

2007-10-21 14:04:04 0 d-------- C:\Documents and Settings\Billy\Application Data\Ahead

2007-10-18 18:46:26 0 d-------- C:\Program Files\iPod

2007-10-18 18:39:54 0 d-------- C:\Program Files\Apple Software Update

2007-10-12 12:23:42 0 d-------- C:\Program Files\Avery Dennison

2007-10-12 12:23:41 0 d--h----- C:\Program Files\InstallShield Installation Information

2007-10-11 10:36:01 0 d-------- C:\Program Files\Picasa2

2007-10-02 16:54:47 0 d-------- C:\Program Files\Common Files\Nokia

2007-10-02 16:54:44 0 d-------- C:\Program Files\Nokia

 

 

-- Registry Dump ---------------------------------------------------------------

 

*Note* empty entries & legit default entries are not shown

 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"WorksFUD"="C:\Program Files\Microsoft Works\wkfud.exe" [10/05/2001 07:34 PM]

"Microsoft Works Portfolio"="C:\Program Files\Microsoft Works\WksSb.exe" [08/23/2001 04:52 PM]

"Microsoft Works Update Detection"="C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe" [08/16/2001 11:41 PM]

"MoneyStartUp10.0"="C:\Program Files\Microsoft Money\System\Activation.exe" [07/25/2001 09:00 AM]

"UpdReg"="C:\WINDOWS\UpdReg.EXE" [05/11/2000 01:00 AM]

"AHQInit"="C:\Program Files\Creative\SBLive\Program\AHQInit.exe" [03/27/2001 08:00 PM]

"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [10/06/2003 02:16 PM]

"POINTER"="C:\Program Files\Microsoft Hardware\Mouse\point32.exe" [04/11/2002 01:47 PM]

"nwiz"="nwiz.exe" [10/06/2003 02:16 PM C:\WINDOWS\system32\nwiz.exe]

"UMonit"="C:\WINDOWS\System32\umonit.exe" [04/21/2003 10:23 AM]

"RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [12/08/2003 04:35 PM]

"MediaFace Integration"="C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe" [08/18/2003 05:46 PM]

"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [07/26/2006 11:00 PM]

"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [01/19/2005 11:05 AM]

"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [01/19/2005 11:45 AM]

"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [01/19/2005 11:39 AM]

"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [11/03/2006 06:20 PM]

"OE"="C:\Program Files\Trend Micro\Anti-Spam For OE\TMAS_OEMon.exe" [12/29/2005 05:38 PM]

"WD Button Manager"="WDBtnMgr.exe" [02/01/2007 12:42 PM C:\WINDOWS\system32\WDBtnMgr.exe]

"WINDVDPatch"="CTHELPER.EXE" [07/02/2002 05:56 PM C:\WINDOWS\system32\CTHELPER.EXE]

"Jet Detection"="C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe" [11/29/2001 01:00 AM]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [10/25/2007 11:20 AM]

"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [03/23/2007 12:20 PM]

"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [07/09/2001 09:50 AM]

"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe" [03/09/2007 10:09 AM]

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 07:51 PM]

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [06/29/2007 05:24 AM]

"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [09/03/2007 10:54 AM]

"iTunesHelper"="J:\My Music\iTunesHelper.exe" [09/26/2007 01:42 PM]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 11:24 AM]

"PowerBar"="" []

"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [10/13/2006 05:20 PM]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe" []

"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 02:56 AM]

"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" [11/24/2005 02:38 PM]

"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [06/21/2007 02:06 PM]

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"DWQueuedReporting"="C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t

"Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

"Picasa Media Detector"=C:\Program Files\Picasa2\PicasaMediaDetector.exe

 

C:\Documents and Settings\Billy\Start Menu\Programs\Startup\

Picture Motion Browser Media Check Tool.lnk - C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [7/2/2007 5:59:12 PM]

 

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\

Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [12/6/2004 9:43:55 PM]

Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [7/7/2005 3:21:00 PM]

Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2/13/2001 12:01:04 AM]

Microsoft Works Calendar Reminders.lnk - C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe [8/7/2001 6:06:54 PM]

RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe [4/15/2004 9:47:03 AM]

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

@=

"NoViewOnDrive"=0 (0x0)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [12/20/2006 01:55 PM 77824]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 04/19/2007 01:41 PM 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]

@="Service"

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

@="Volume shadow copy"

 

 

 

 

-- End of Deckard's System Scanner: finished at 2007-12-02 14:08:20 ------------

Share this post


Link to post
Share on other sites

Looks good. Delete the following files and folders too.

 

VundoFix.exe

C:\VundoFix Backups

C:\Documents and Settings\Nasrin\Application Data\alot

 

 

Download ATF Cleaner by Atribune and save it to your Desktop.

  • Double click ATF-Cleaner.exe to run the program.
  • Check the boxes to the left of:
     
    • Windows Temp
    • Current User Temp
    • All Users Temp
    • Temporary Internet Files
    • Prefetch
    • Java Cache
    • Recycle bin

     

    [*]The rest are optional - if you want it to remove everything check "Select All".

    [*]Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK then exit.

Reboot

 

Lets make sure we haven't missed something. Please do an online scan with Kaspersky WebScanner

 

Click on Kaspersky Online Scanner

 

You will be promted to install an ActiveX component from Kaspersky, Click Yes.

  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT

  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:

      Extended (if available otherwise Standard)

    • Scan Options:

      Scan Archives
      Scan Mail Bases

    [*]Click OK

    [*]Now under select a target to scan:

      Select My Computer

    [*]This will program will start and scan your system.

    [*]The scan will take a while so be patient and let it run.

    [*]Once the scan is complete it will display if your system has been infected.

    • Now click on the Save as Text button:

    [*]Save the file to your desktop.

Post the Kaspersky log.

 

 

Your laptop should be unaffected, but we can take a look at it when we're done if you like.

Share this post


Link to post
Share on other sites
I also found this file VUNDOFIX.EXE-2CB79933.pf

Should I delete it also?

 

 

Hi Dave. Of course you were right about that file being removed by ATF. It looks as if my computer is still infected. Here is the Kapersky log. Thanks for your time,

Billy

 

 

KASPERSKY ONLINE SCANNER REPORT

Sunday, December 02, 2007 9:09:05 PM

Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.98.0

Kaspersky Anti-Virus database last update: 3/12/2007

Kaspersky Anti-Virus database records: 470539

 

 

Scan Settings

Scan using the following antivirus database extended

Scan Archives true

Scan Mail Bases true

 

Scan Target My Computer

A:\

C:\

D:\

E:\

F:\

G:\

H:\

I:\

J:\

 

Scan Statistics

Total number of scanned objects 102729

Number of viruses found 20

Number of infected objects 42

Number of suspicious objects 1

Duration of the scan process 01:44:09

 

Infected Object Name Virus Name Last Action

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Support\MPLog-12052006-235526.log Object is locked skipped

 

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine49251FF Infected: Email-Worm.Win32.Bagle.c skipped

 

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine58E0FB7 Infected: Email-Worm.Win32.NetSky.d skipped

 

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine7690E3F.tmp Infected: Email-Worm.Win32.NetSky.q skipped

 

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\14BD7E8B.exe Infected: Trojan-Dropper.Win32.Agent.og skipped

 

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\24E24070 Infected: Email-Worm.Win32.Bagle.c skipped

 

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\24E91469 Infected: Email-Worm.Win32.Bagle.c skipped

 

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\28F62493 Infected: Backdoor.Win32.Ruledor.c skipped

 

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\37C14C6A/readme.htm .scr Infected: Email-Worm.Win32.Mydoom.a skipped

 

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\37C14C6A ZIP: infected - 1 skipped

 

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\37C14C6A CryptFF: infected - 1 skipped

 

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\411C6974 Infected: Email-Worm.Win32.NetSky.q skipped

 

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\419B4EE8 Suspicious: Exploit.HTML.Iframe.FileDownload skipped

 

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\4FCB3E51.dll Infected: Trojan-Dropper.Win32.Agent.of skipped

 

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6A02039B/details.txt .pif Infected: Email-Worm.Win32.NetSky.q skipped

 

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6A02039B ZIP: infected - 1 skipped

 

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\6A02039B CryptFF: infected - 1 skipped

 

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\732C5E75/data.exe Infected: Email-Worm.Win32.Mydoom.a skipped

 

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\732C5E75 ZIP: infected - 1 skipped

 

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\732C5E75 CryptFF: infected - 1 skipped

 

C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Quarantine\77752358 Infected: Backdoor.Win32.Ruledor.c skipped

 

C:\Documents and Settings\Billy\Application Data\Skype\edwardbill\call256.dbb Object is locked skipped

 

C:\Documents and Settings\Billy\Application Data\Skype\edwardbill\callmember256.dbb Object is locked skipped

 

C:\Documents and Settings\Billy\Application Data\Skype\edwardbill\chat2048.dbb Object is locked skipped

 

C:\Documents and Settings\Billy\Application Data\Skype\edwardbill\chat256.dbb Object is locked skipped

 

C:\Documents and Settings\Billy\Application Data\Skype\edwardbill\chat4096.dbb Object is locked skipped

 

C:\Documents and Settings\Billy\Application Data\Skype\edwardbill\chat512.dbb Object is locked skipped

 

C:\Documents and Settings\Billy\Application Data\Skype\edwardbill\chatmsg2048.dbb Object is locked skipped

 

C:\Documents and Settings\Billy\Application Data\Skype\edwardbill\chatmsg256.dbb Object is locked skipped

 

C:\Documents and Settings\Billy\Application Data\Skype\edwardbill\chatmsg512.dbb Object is locked skipped

 

C:\Documents and Settings\Billy\Application Data\Skype\edwardbill\contactgroup256.dbb Object is locked skipped

 

C:\Documents and Settings\Billy\Application Data\Skype\edwardbill\index2.dat Object is locked skipped

 

C:\Documents and Settings\Billy\Application Data\Skype\edwardbill\message256.dbb Object is locked skipped

 

C:\Documents and Settings\Billy\Application Data\Skype\edwardbill\profile16384.dbb Object is locked skipped

 

C:\Documents and Settings\Billy\Application Data\Skype\edwardbill\transfer256.dbb Object is locked skipped

 

C:\Documents and Settings\Billy\Application Data\Skype\edwardbill\transfer512.dbb Object is locked skipped

 

C:\Documents and Settings\Billy\Application Data\Skype\edwardbill\user1024.dbb Object is locked skipped

 

C:\Documents and Settings\Billy\Application Data\Skype\edwardbill\user4096.dbb Object is locked skipped

 

C:\Documents and Settings\Billy\Application Data\Skype\edwardbill\voicemail256.dbb Object is locked skipped

 

C:\Documents and Settings\Billy\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SUPERANTISPYWARE.LOG Object is locked skipped

 

C:\Documents and Settings\Billy\Cookies\index.dat Object is locked skipped

 

C:\Documents and Settings\Billy\Desktop\tightvnc-1.2.9-setup.exe/data0002 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.h skipped

 

C:\Documents and Settings\Billy\Desktop\tightvnc-1.2.9-setup.exe/data0003 Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.b skipped

 

C:\Documents and Settings\Billy\Desktop\tightvnc-1.2.9-setup.exe Inno: infected - 2 skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\dbc2e.ht1 Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\dbdam Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\dbdao Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\dbeam Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\dbeao Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\dbm Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\dbu2d.ht1 Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\dbvm.cf1 Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\dbvmh.ht1 Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\fii.cf1 Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\fiih.ht1 Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\hp Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\hpt2i.ht1 Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\rpm.cf1 Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\rpmh.ht1 Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-black-enchashm.cf1 Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-black-enchashmh.ht1 Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-black-urlm.cf1 Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-black-urlmh.ht1 Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-malware-domainm.cf1 Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-malware-domainmh.ht1 Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-white-domainm.cf1 Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-white-domainmh.ht1 Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Application Data\Microsoft\Windows Defender\FileTracker\{4EB3316C-726F-474D-B1F1-9C1AC299A32E} Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\History\History.IE5\index.dat Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Temp\~DF4F01.tmp Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Temp\~DF4FE6.tmp Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Temp\~DFB34.tmp Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped

 

C:\Documents and Settings\Billy\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

 

C:\Documents and Settings\Billy\My Documents\Downloaded Files\emusic_setup_bundle.exe/stream/data0283/data0003 Infected: not-a-virus:AdWare.Win32.Comet.be skipped

 

C:\Documents and Settings\Billy\My Documents\Downloaded Files\emusic_setup_bundle.exe/stream/data0283 Infected: not-a-virus:AdWare.Win32.Comet.be skipped

 

C:\Documents and Settings\Billy\My Documents\Downloaded Files\emusic_setup_bundle.exe/stream Infected: not-a-virus:AdWare.Win32.Comet.be skipped

 

C:\Documents and Settings\Billy\My Documents\Downloaded Files\emusic_setup_bundle.exe NSIS: infected - 3 skipped

 

C:\Documents and Settings\Billy\My Documents\dvd_fab_express_2_9_6_5_keygen.exe/data.rar/keygen.exe Infected: Trojan-Downloader.Win32.LoadAdv.gen skipped

 

C:\Documents and Settings\Billy\My Documents\dvd_fab_express_2_9_6_5_keygen.exe/data.rar/crack.exe Infected: not-a-virus:AdWare.Win32.Virtumonde.bq skipped

 

C:\Documents and Settings\Billy\My Documents\dvd_fab_express_2_9_6_5_keygen.exe/data.rar/serial.exe Infected: Trojan.Win32.Dialer.qn skipped

 

C:\Documents and Settings\Billy\My Documents\dvd_fab_express_2_9_6_5_keygen.exe/data.rar Infected: Trojan.Win32.Dialer.qn skipped

 

C:\Documents and Settings\Billy\My Documents\dvd_fab_express_2_9_6_5_keygen.exe RarSFX: infected - 4 skipped

 

C:\Documents and Settings\Billy\ntuser.dat Object is locked skipped

 

C:\Documents and Settings\Billy\NTUSER.DAT.LOG Object is locked skipped

 

C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped

 

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

 

C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

 

C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat Object is locked skipped

 

C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies\index.dat Object is locked skipped

 

C:\Documents and Settings\LocalService\Local Settings\Temp\History\History.IE5\index.dat Object is locked skipped

 

C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

 

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped

 

C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped

 

C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped

 

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped

 

C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped

 

C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped

 

C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped

 

C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped

 

C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped

 

C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped

 

C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped

 

C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped

 

C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped

 

C:\Program Files\Alwil Software\Avast4\DATA\report\Resident protection.txt Object is locked skipped

 

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcrst.dll Object is locked skipped

 

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsys.dll Object is locked skipped

 

C:\Program Files\Microsoft AntiSpyware\Quarantine\D5464145-F819-4EFC-AB9C-E6169D\7798D3FC-C93E-4B45-B393-C5648B Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.h skipped

 

C:\Program Files\Microsoft AntiSpyware\Quarantine\D5464145-F819-4EFC-AB9C-E6169D\BBF17524-505B-4BD8-869F-0EC35F Infected: not-a-virus:RemoteAdmin.Win32.WinVNC-based.b skipped

 

C:\qoobox\Quarantine\C\WINDOWS\winshow.exe.vir Infected: Trojan-Downloader.Win32.VB.bvj skipped

 

C:\RECYCLER\NPROTECT041089.ldb Object is locked skipped

 

C:\RECYCLER\NPROTECT041101.DIC Object is locked skipped

 

C:\RECYCLER\NPROTECT041102.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041103.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041104.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041105.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041106.DOC Object is locked skipped

 

C:\RECYCLER\NPROTECT041122.cab Object is locked skipped

 

C:\RECYCLER\NPROTECT041130.cab Object is locked skipped

 

C:\RECYCLER\NPROTECT041143 Object is locked skipped

 

C:\RECYCLER\NPROTECT041144.KC Object is locked skipped

 

C:\RECYCLER\NPROTECT041200.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT041201.ldb Object is locked skipped

 

C:\RECYCLER\NPROTECT041213.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT041265 Object is locked skipped

 

C:\RECYCLER\NPROTECT041327.ldb Object is locked skipped

 

C:\RECYCLER\NPROTECT041375.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT041411.MTX Object is locked skipped

 

C:\RECYCLER\NPROTECT041412.MTX Object is locked skipped

 

C:\RECYCLER\NPROTECT041413.MTX Object is locked skipped

 

C:\RECYCLER\NPROTECT041451.DIC Object is locked skipped

 

C:\RECYCLER\NPROTECT041452.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041453.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041454.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041455.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041456.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041457.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041499.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041531.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041532.DOT Object is locked skipped

 

C:\RECYCLER\NPROTECT041535.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041536.JPG Object is locked skipped

 

C:\RECYCLER\NPROTECT041557.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041558.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041559.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041560.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041561.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041562.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041566.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041567.DOC Object is locked skipped

 

C:\RECYCLER\NPROTECT041568.DOT Object is locked skipped

 

C:\RECYCLER\NPROTECT041570.DOC Object is locked skipped

 

C:\RECYCLER\NPROTECT041571.ASD Object is locked skipped

 

C:\RECYCLER\NPROTECT041634.ldb Object is locked skipped

 

C:\RECYCLER\NPROTECT041636 Object is locked skipped

 

C:\RECYCLER\NPROTECT041639.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041640.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041641.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041643.dat Object is locked skipped

 

C:\RECYCLER\NPROTECT041644.dat Object is locked skipped

 

C:\RECYCLER\NPROTECT041646.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041647.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041649.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041650.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041652.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041653.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041654.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041655.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041656.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041657.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041658.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041659.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041660.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041661.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041662.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041663.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041664.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041665.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041666.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041667.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041668.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041669.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041677.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041678.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041695.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041696.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041698.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041699.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041701.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041702.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041703.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041704.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041705.TXT Object is locked skipped

 

C:\RECYCLER\NPROTECT041716.DOC Object is locked skipped

 

C:\RECYCLER\NPROTECT041717.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041718.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041728.cab Object is locked skipped

 

C:\RECYCLER\NPROTECT041736.cab Object is locked skipped

 

C:\RECYCLER\NPROTECT041749 Object is locked skipped

 

C:\RECYCLER\NPROTECT041750.KC Object is locked skipped

 

C:\RECYCLER\NPROTECT041756.vdm Object is locked skipped

 

C:\RECYCLER\NPROTECT041757.vdm Object is locked skipped

 

C:\RECYCLER\NPROTECT041758.dll Object is locked skipped

 

C:\RECYCLER\NPROTECT041765.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT041788.lo_ Object is locked skipped

 

C:\RECYCLER\NPROTECT041819.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT041822.ldb Object is locked skipped

 

C:\RECYCLER\NPROTECT041833 Object is locked skipped

 

C:\RECYCLER\NPROTECT041908.JPG Object is locked skipped

 

C:\RECYCLER\NPROTECT041910.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041911.DIC Object is locked skipped

 

C:\RECYCLER\NPROTECT041912.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041913.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041914.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041915.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041919.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041920.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041923.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041924.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041927.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041928.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041929.DOC Object is locked skipped

 

C:\RECYCLER\NPROTECT041930.DOT Object is locked skipped

 

C:\RECYCLER\NPROTECT041931.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041932.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041933.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041934.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041937.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041938.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041939.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041940.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041941.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041943.JPG Object is locked skipped

 

C:\RECYCLER\NPROTECT041954.DOC Object is locked skipped

 

C:\RECYCLER\NPROTECT041955.DOC Object is locked skipped

 

C:\RECYCLER\NPROTECT041956.DOC Object is locked skipped

 

C:\RECYCLER\NPROTECT041957.ASD Object is locked skipped

 

C:\RECYCLER\NPROTECT041960.doc Object is locked skipped

 

C:\RECYCLER\NPROTECT041961.doc Object is locked skipped

 

C:\RECYCLER\NPROTECT041962.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT041963.LNK Object is locked skipped

 

C:\RECYCLER\NPROTECT042009.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT042010.MTX Object is locked skipped

 

C:\RECYCLER\NPROTECT042011.MTX Object is locked skipped

 

C:\RECYCLER\NPROTECT042012.MTX Object is locked skipped

 

C:\RECYCLER\NPROTECT042080.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT042082.ldb Object is locked skipped

 

C:\RECYCLER\NPROTECT042203.ldb Object is locked skipped

 

C:\RECYCLER\NPROTECT042212.cab Object is locked skipped

 

C:\RECYCLER\NPROTECT042220.cab Object is locked skipped

 

C:\RECYCLER\NPROTECT042296.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT042298.ldb Object is locked skipped

 

C:\RECYCLER\NPROTECT042299 Object is locked skipped

 

C:\RECYCLER\NPROTECT042301.KC Object is locked skipped

 

C:\RECYCLER\NPROTECT042318.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT042365 Object is locked skipped

 

C:\RECYCLER\NPROTECT042397.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT042399 Object is locked skipped

 

C:\RECYCLER\NPROTECT042401.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT042402.MTX Object is locked skipped

 

C:\RECYCLER\NPROTECT042403.MTX Object is locked skipped

 

C:\RECYCLER\NPROTECT042404.MTX Object is locked skipped

 

C:\RECYCLER\NPROTECT042415 Object is locked skipped

 

C:\RECYCLER\NPROTECT042416.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT042427 Object is locked skipped

 

C:\RECYCLER\NPROTECT042428.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT042430 Object is locked skipped

 

C:\RECYCLER\NPROTECT042431.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT042433 Object is locked skipped

 

C:\RECYCLER\NPROTECT042478.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT042480.ldb Object is locked skipped

 

C:\RECYCLER\NPROTECT042482.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT042518 Object is locked skipped

 

C:\RECYCLER\NPROTECT042519.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT042534 Object is locked skipped

 

C:\RECYCLER\NPROTECT042535.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT042564 Object is locked skipped

 

C:\RECYCLER\NPROTECT042565.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT042573 Object is locked skipped

 

C:\RECYCLER\NPROTECT042574.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT042585.DB Object is locked skipped

 

C:\RECYCLER\NPROTECT042597.MSI Object is locked skipped

 

C:\RECYCLER\NPROTECT042600 Object is locked skipped

 

C:\RECYCLER\NPROTECT042601.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT042634.DAT Object is locked skipped

 

C:\RECYCLER\NPROTECT042635.dll Object is locked skipped

 

C:\RECYCLER\NPROTECT042636.cat Object is locked skipped

 

C:\RECYCLER\NPROTECT042637.INF Object is locked skipped

 

C:\RECYCLER\NPROTECT042638.sys Object is locked skipped

 

C:\RECYCLER\NPROTECT042639.cat Object is locked skipped

 

C:\RECYCLER\NPROTECT042640.INF Object is locked skipped

 

C:\RECYCLER\NPROTECT042641.sys Object is locked skipped

 

C:\RECYCLER\NPROTECT042642.dll Object is locked skipped

 

C:\RECYCLER\NPROTECT042643.dat Object is locked skipped

 

C:\RECYCLER\NPROTECT042644.dat Object is locked skipped

 

C:\RECYCLER\NPROTECT042645.sys Object is locked skipped

 

C:\RECYCLER\NPROTECT042646.vxd Object is locked skipped

 

C:\RECYCLER\NPROTECT042647.dll Object is locked skipped

 

C:\RECYCLER\NPROTECT042648.grd Object is locked skipped

 

C:\RECYCLER\NPROTECT042649.sig Object is locked skipped

 

C:\RECYCLER\NPROTECT042650.DAT Object is locked skipped

 

C:\RECYCLER\NPROTECT042651.dat Object is locked skipped

 

C:\RECYCLER\NPROTECT042658.DB Object is locked skipped

 

C:\RECYCLER\NPROTECT042662 Object is locked skipped

 

C:\RECYCLER\NPROTECT042667.cab Object is locked skipped

 

C:\RECYCLER\NPROTECT042675.cab Object is locked skipped

 

C:\RECYCLER\NPROTECT042688 Object is locked skipped

 

C:\RECYCLER\NPROTECT042689.KC Object is locked skipped

 

C:\RECYCLER\NPROTECT042695.vdm Object is locked skipped

 

C:\RECYCLER\NPROTECT042696.vdm Object is locked skipped

 

C:\RECYCLER\NPROTECT042697.dll Object is locked skipped

 

C:\RECYCLER\NPROTECT042757.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT042758.log Object is locked skipped

 

C:\RECYCLER\NPROTECT042760.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT042763.ldb Object is locked skipped

 

C:\RECYCLER\NPROTECT042818 Object is locked skipped

 

C:\RECYCLER\NPROTECT042825 Object is locked skipped

 

C:\RECYCLER\NPROTECT042827.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT042845 Object is locked skipped

 

C:\RECYCLER\NPROTECT042846.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT042897.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT042898.ldb Object is locked skipped

 

C:\RECYCLER\NPROTECT042920 Object is locked skipped

 

C:\RECYCLER\NPROTECT042921.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT042933.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT042948 Object is locked skipped

 

C:\RECYCLER\NPROTECT042949.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT042976.MTX Object is locked skipped

 

C:\RECYCLER\NPROTECT042977.MTX Object is locked skipped

 

C:\RECYCLER\NPROTECT042978.MTX Object is locked skipped

 

C:\RECYCLER\NPROTECT042990 Object is locked skipped

 

C:\RECYCLER\NPROTECT042994.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043010 Object is locked skipped

 

C:\RECYCLER\NPROTECT043011.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043031 Object is locked skipped

 

C:\RECYCLER\NPROTECT043032.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043049 Object is locked skipped

 

C:\RECYCLER\NPROTECT043050.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043058 Object is locked skipped

 

C:\RECYCLER\NPROTECT043059.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043087 Object is locked skipped

 

C:\RECYCLER\NPROTECT043088.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043097 Object is locked skipped

 

C:\RECYCLER\NPROTECT043098.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043113 Object is locked skipped

 

C:\RECYCLER\NPROTECT043114.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043122 Object is locked skipped

 

C:\RECYCLER\NPROTECT043123.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043139.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043141.ldb Object is locked skipped

 

C:\RECYCLER\NPROTECT043179.cab Object is locked skipped

 

C:\RECYCLER\NPROTECT043188.cab Object is locked skipped

 

C:\RECYCLER\NPROTECT043198.KC Object is locked skipped

 

C:\RECYCLER\NPROTECT043203 Object is locked skipped

 

C:\RECYCLER\NPROTECT043234.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043282 Object is locked skipped

 

C:\RECYCLER\NPROTECT043296.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043301.MTX Object is locked skipped

 

C:\RECYCLER\NPROTECT043302.MTX Object is locked skipped

 

C:\RECYCLER\NPROTECT043303.MTX Object is locked skipped

 

C:\RECYCLER\NPROTECT043316 Object is locked skipped

 

C:\RECYCLER\NPROTECT043319.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043323 Object is locked skipped

 

C:\RECYCLER\NPROTECT043324.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043335 Object is locked skipped

 

C:\RECYCLER\NPROTECT043336.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043352 Object is locked skipped

 

C:\RECYCLER\NPROTECT043353.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043361 Object is locked skipped

 

C:\RECYCLER\NPROTECT043362.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043369.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043370.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043371.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043372.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043374 Object is locked skipped

 

C:\RECYCLER\NPROTECT043375.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043403.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043404.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043405.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043407 Object is locked skipped

 

C:\RECYCLER\NPROTECT043408.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043422.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043423.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043424.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043425.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043427 Object is locked skipped

 

C:\RECYCLER\NPROTECT043430.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043436.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043437.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043438.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043439.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043440.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043441.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043443.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043444.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043445.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043446.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043447.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043449 Object is locked skipped

 

C:\RECYCLER\NPROTECT043451.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043452.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043453.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043454.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043455.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043456.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043458 Object is locked skipped

 

C:\RECYCLER\NPROTECT043459.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043460.ldb Object is locked skipped

 

C:\RECYCLER\NPROTECT043462.dat Object is locked skipped

 

C:\RECYCLER\NPROTECT043463.dat Object is locked skipped

 

C:\RECYCLER\NPROTECT043464.dat Object is locked skipped

 

C:\RECYCLER\NPROTECT043465.dat Object is locked skipped

 

C:\RECYCLER\NPROTECT043466.dat Object is locked skipped

 

C:\RECYCLER\NPROTECT043467.dat Object is locked skipped

 

C:\RECYCLER\NPROTECT043468.dat Object is locked skipped

 

C:\RECYCLER\NPROTECT043472.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043478.cab Object is locked skipped

 

C:\RECYCLER\NPROTECT043486.cab Object is locked skipped

 

C:\RECYCLER\NPROTECT043545.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043548.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043549.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043550.ldb Object is locked skipped

 

C:\RECYCLER\NPROTECT043551.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043556.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043561.KC Object is locked skipped

 

C:\RECYCLER\NPROTECT043562.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043563 Object is locked skipped

 

C:\RECYCLER\NPROTECT043581.edb Object is locked skipped

 

C:\RECYCLER\NPROTECT043636.DB Object is locked skipped

 

C:\RECYCLER\NPROTECT043638.xml Object is locked skipped

 

C:\RECYCLER\NPROTECT043639 Object is locked skipped

 

C:\RECYCLER\NPROTECT043644.CON Object is locked skipped

 

C:\RECYCLER\NPROTECT043645.CON Object is locked skipped

 

C:\RECYCLER\NPROTECT043646.CON Object is locked skipped

 

C:\RECYCLER\NPROTECT043647.CON Object is locked skipped

 

C:\RECYCLER\NPROTECT043648.CON Object is locked skipped

 

C:\RECYCLER\NPROTECT043649.CON Object is locked skipped

 

C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

 

C:\System Volume Information\_restore{171EBE35-B93D-4377-ACB8-CB9DC4DA2AF7}\RP1628\A0185759.exe Infected: Trojan-Downloader.Win32.VB.bvj skipped

 

C:\System Volume Information\_restore{171EBE35-B93D-4377-ACB8-CB9DC4DA2AF7}\RP1630\A0185800.exe Infected: Trojan-Downloader.Win32.VB.bto skipped

 

C:\System Volume Information\_restore{171EBE35-B93D-4377-ACB8-CB9DC4DA2AF7}\RP1637\change.log Object is locked skipped

 

C:\Temp\u900Y714.exe/data0002 Infected: Trojan-Downloader.Win32.Small.buy skipped

 

C:\Temp\u900Y714.exe/data0003 Infected: not-a-virus:AdWare.Win32.Agent.co skipped

 

C:\Temp\u900Y714.exe/data0004 Infected: Trojan-Downloader.Win32.Small.guf skipped

 

C:\Temp\u900Y714.exe/data0005/data0002 Infected: not-a-virus:AdWare.Win32.TTC.a skipped

 

C:\Temp\u900Y714.exe/data0005 Infected: not-a-virus:AdWare.Win32.TTC.a skipped

 

C:\Temp\u900Y714.exe NSIS: infected - 5 skipped

 

C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped

 

C:\WINDOWS\SchedLgU.Txt Object is locked skipped

 

C:\WINDOWS\SoftwareDistribution\EventCache\{7BD17137-78EB-4285-B6CB-CE30D7490284}.bin Object is locked skipped

 

C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped

 

C:\WINDOWS\Sti_Trace.log Object is locked skipped

 

C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped

 

C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped

 

C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped

 

C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped

 

C:\WINDOWS\system32\config\default Object is locked skipped

 

C:\WINDOWS\system32\config\default.LOG Object is locked skipped

 

C:\WINDOWS\system32\config\Internet.evt Object is locked skipped

 

C:\WINDOWS\system32\config\SAM Object is locked skipped

 

C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped

 

C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped

 

C:\WINDOWS\system32\config\SECURITY Object is locked skipped

 

C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped

 

C:\WINDOWS\system32\config\software Object is locked skipped

 

C:\WINDOWS\system32\config\software.LOG Object is locked skipped

 

C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped

 

C:\WINDOWS\system32\config\system Object is locked skipped

 

C:\WINDOWS\system32\config\system.LOG Object is locked skipped

 

C:\WINDOWS\system32\h323log.txt Object is locked skipped

 

C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped

 

C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped

 

C:\WINDOWS\Temp\Perflib_Perfdata_520.dat Object is locked skipped

 

C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped

 

C:\WINDOWS\wiadebug.log Object is locked skipped

 

C:\WINDOWS\wiaservc.log Object is locked skipped

 

C:\WINDOWS\WindowsUpdate.log Object is locked skipped

 

J:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped

 

Scan process completed.

Share this post


Link to post
Share on other sites

Looking really good. Delete the following infected files.

 

C:\Documents and Settings\Billy\My Documents\Downloaded Files\emusic_setup_bundle.exe

C:\Documents and Settings\Billy\My Documents\dvd_fab_express_2_9_6_5_keygen.exe

 

Open C:\Temp and delete everything.

Delete C:\qoobox and C:\Deckard

 

Open your Norton antivirus interface and remove all quarantined items.

Remove all quarantined items from Microsoft Antispyware.

 

Empty the recycle bin.

 

If you're satisfied that the computer is working properly, clear the System Restore points. They are infected.

 

Clear past system restore points and create a new one.

Right click My Computer and select Properties. On the System Restore tab, check the box to turn System Restore off. Click Apply. Now, uncheck the box and click Apply. Click OK, then OK to close the System Properties dialog.

 

Verify a new restore point was created.

Click Start>All Programs>Accessories>System Tools>System Restore

Select 'Restore my computer to an earlier time', then click next.

You should have a newly created System Checkpoint available. If so, click Cancel. If not, click Back and select 'Create a restore point' then click Next. Give the restore point a name and click next.

 

 

That should wrap things up. How the computer running now?

Share this post


Link to post
Share on other sites
Looking really good. Delete the following infected files.

 

C:\Documents and Settings\Billy\My Documents\Downloaded Files\emusic_setup_bundle.exe

C:\Documents and Settings\Billy\My Documents\dvd_fab_express_2_9_6_5_keygen.exe

 

Open C:\Temp and delete everything.

Delete C:\qoobox and C:\Deckard

 

Open your Norton antivirus interface and remove all quarantined items.

Remove all quarantined items from Microsoft Antispyware.

 

Empty the recycle bin.

 

If you're satisfied that the computer is working properly, clear the System Restore points. They are infected.

 

Clear past system restore points and create a new one.

Right click My Computer and select Properties. On the System Restore tab, check the box to turn System Restore off. Click Apply. Now, uncheck the box and click Apply. Click OK, then OK to close the System Properties dialog.

 

Verify a new restore point was created.

Click Start>All Programs>Accessories>System Tools>System Restore

Select 'Restore my computer to an earlier time', then click next.

You should have a newly created System Checkpoint available. If so, click Cancel. If not, click Back and select 'Create a restore point' then click Next. Give the restore point a name and click next.

That should wrap things up. How the computer running now?

 

 

Thank you! I think everything is good but would appreciate a look at the new HijackThis log file just to make sure I did everything correctly. Also, did you happen to see anything else that I could get rid of or change? I know I have a lot of "running processes" and probably don't need them all. As part of my previous defense, I normally ran AdAware, Spybot and Windows Defender once per week. Any recommendations there? How about all of the new Anti-Spyware I added to get rid of this problem? I added ComboFix, Hijack This, Super AntiSpyware, DSS, ATF and Kapersky. Should I keep all of these and if so, should I move them?

Thank you again for everything.

Billy

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 10:40:14 PM, on 12/2/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\System32\CTsvcCDA.EXE

C:\WINDOWS\System32\DVDRAMSV.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\Program Files\Dantz\Retrospect\retrorun.exe

C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\Program Files\Viewpoint\Common\ViewpointService.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

C:\Program Files\Microsoft Hardware\Mouse\point32.exe

C:\WINDOWS\System32\umonit.exe

C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Logitech\Video\LogiTray.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Trend Micro\Anti-Spam For OE\TMAS_OEMon.exe

C:\WINDOWS\system32\WDBtnMgr.exe

C:\WINDOWS\system32\CTHELPER.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

J:\My Music\iTunesHelper.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files\Logitech\Video\FxSvr2.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\PC Connectivity Solution\NclBTHandler.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe

C:\WINDOWS\system32\RAMASST.exe

C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

C:\Program Files\iPod\bin\iPodService.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/flash/index.cfm

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll

O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe

O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers

O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe

O4 - HKLM\..\Run: [MoneyStartUp10.0] "C:\Program Files\Microsoft Money\System\Activation.exe"

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [AHQInit] C:\Program Files\Creative\SBLive\Program\AHQInit.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [POINTER] C:\Program Files\Microsoft Hardware\Mouse\point32.exe

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [uMonit] C:\WINDOWS\System32\umonit.exe

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [MediaFace Integration] C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [OE] "C:\Program Files\Trend Micro\Anti-Spam For OE\TMAS_OEMon.exe"

O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe

O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE

O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [iTunesHelper] "J:\My Music\iTunesHelper.exe"

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')

O4 - Startup: Picture Motion Browser Media Check Tool.lnk = C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Bluetooth.lnk = ?

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?

O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll

O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su-newocx/ocx/15012/CTSUEng.cab

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/u...can_unicode.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1160572156171

O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.winkflash.com/photo/loaders/ImageUploader4.cab

O16 - DPF: {9522B3FB-7A2B-4646-8AF6-36E7F593073C} - http://a19.g.akamai.net/7/19/7125/1450/ftp...02/cpbrkpie.cab

O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.adoramapix.com/components/ImageUploader3.cab

O16 - DPF: {C68F9105-04FD-4B48-B6CC-2A076F711C35} (HpodPCFileCtrl2 Class) - file://D:\MEMDISC\ALBUM_A\VIEW\PLUGIN\HPODPCFC.CAB

O16 - DPF: {CBD8B1CB-2F5F-415F-93E8-A297B33DCBB2} (CentrinoCheck Control) - http://entriq.vo.llnwd.net/o1/NBCUniversal...eck_1_0_0_4.cab

O16 - DPF: {CE7D2BF2-D173-4CE2-9DAF-15EA153B5B43} - http://entriq.vo.llnwd.net/o1/NBCUniversal...0_15_Silent.cab

O16 - DPF: {DE0FB644-C59B-46D1-B650-88BA945BC98F} - http://entriq.vo.llnwd.net/o1/NBCUniversal...sal_1_0_0_3.cab

O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - https://rr.esecurecare.net/rnt/rnl/java/RntX.cab

O16 - DPF: {E9A7F56F-C40F-4928-8C6F-7A72F2A25222} (AxRUploadControl Object) - http://www.imagestation.com/common/classes....cab?v=1,0,0,38

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su-newocx/ocx/15012/CTPID.cab

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE

O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe

O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Program Files\Dantz\Retrospect\retrorun.exe

O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

 

--

End of file - 13965 bytes

Share this post


Link to post
Share on other sites

Your HijackThis log is clean. ;)

 

Definitely remove ComboFix. It's updated regularly and should not be run as a standard routine anyway. dss get's updated oftentimes too, so it would be a good idea to remove it as well.

 

If there is a listing in Add/Remove for Kaspersky Web Scanner, remove it, otherwise don't worry about it.

 

ATF Cleaner is a keeper. I'd recommend running it prior to any scans. Removing temp files first can help prevent common hangs.

 

HijackThis is primarily a reporting tool and safe to keep, but it's your option.

 

I have no opinion one way or the other about SuperAntispyware. Again, your option.

 

 

As for the startups, check the exe associated with the 04 entries in your HijackThis log at one of the following sites, or Google, to identify them and determine whether or not they are needed at startup.

 

http://www.sysinfo.org/startuplist.php?

http://www.answersthatwork.com/Tasklist_pages/tasklist.htm

http://www.castlecops.com/StartupList.html

http://www.bleepingcomputer.com/startups/

 

You can prevent them from starting up by fixing the entry with HijackThis, unchecking it in msconfig or using a third party application such as Mike Lin's Startup Control Panel or the more comprehensive Autoruns from Microsoft's Sysinternals.

 

 

I'd say your scan routine is pretty sound. miekiemoes has put together a great page full of prevention information and tips that I recommend you check out.

 

Surf safe!

Share this post


Link to post
Share on other sites
Your HijackThis log is clean. ;)

 

Definitely remove ComboFix. It's updated regularly and should not be run as a standard routine anyway. dss get's updated oftentimes too, so it would be a good idea to remove it as well.

 

If there is a listing in Add/Remove for Kaspersky Web Scanner, remove it, otherwise don't worry about it.

 

ATF Cleaner is a keeper. I'd recommend running it prior to any scans. Removing temp files first can help prevent common hangs.

 

HijackThis is primarily a reporting tool and safe to keep, but it's your option.

 

I have no opinion one way or the other about SuperAntispyware. Again, your option.

As for the startups, check the exe associated with the 04 entries in your HijackThis log at one of the following sites, or Google, to identify them and determine whether or not they are needed at startup.

 

http://www.sysinfo.org/startuplist.php?

http://www.answersthatwork.com/Tasklist_pages/tasklist.htm

http://www.castlecops.com/StartupList.html

http://www.bleepingcomputer.com/startups/

 

You can prevent them from starting up by fixing the entry with HijackThis, unchecking it in msconfig or using a third party application such as Mike Lin's Startup Control Panel or the more comprehensive Autoruns from Microsoft's Sysinternals.

I'd say your scan routine is pretty sound. miekiemoes has put together a great page full of prevention information and tips that I recommend you check out.

 

Surf safe!

 

 

Hello Dave. Thank you so much for all of your time and patience. You saved the day! I will take to heart your valuable advice and hopefully surf safe. You wrote that my laptop shouldn't be affected but that we could look at it. Is that necessary? Thanks again,

Billy

Share this post


Link to post
Share on other sites

You're most welcome. Glad I could help! ;)

 

Not necessary to check the laptop, but I'm more than happy to have a look if you're concerned.

Share this post


Link to post
Share on other sites
You're most welcome. Glad I could help! ;)

 

Not necessary to check the laptop, but I'm more than happy to have a look if you're concerned.

 

Hello again Dave. I just did an AdAware 2007 scan and found some infections. Are these just cookies or something worse? Here is the AdAware log file. It seems that I have had more problems or questins with the new AdAware 2007 version than with AAware SE. Any thoughts or suggestions in regard to AdAware 2007?

Thanks, Billy

 

Scan Results

Ad-Aware 2007 Free Edition

Log File Created on:2007-12-0418:01:51

Using Definitions File:C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware 2007\core.aawdef

Computer name:GIMP

Name of user performing scan:SYSTEM

Name of user ordering scan:Billy

Scan completed successfully

 

System Information

File Version Information

Ad-Aware 2007 Settings

Extended Ad-Aware 2007 Settings

Database Information

Scan Statistics

Scan Detailed Statistics

Infections Found

Listing of running processes

System Information

Number of processors:1

Processor type:Intel® Pentium® 4 CPU 2.40GHz

Memory Available:25%

Total Physical Memory:535609344 Bytes

Available Physical Memory:132608000 Bytes

Total Page File Size:1308696576 Bytes

Available On Page File:712482816 Bytes

Total Virtual Memory:2147352576 Bytes

Available Virtual Memory:1933946880 Bytes

OS:Microsoft Windows XP 5.1 (Build 2600)

[to top]

File Verion Information

File Version

CEAPI.dll 7, 0, 2, 3

aawservice.exe 7, 0, 2, 5

Ad-Aware2007.exe 7.0.2.5

[to top]

Ad-Aware 2007 Settings

Skipping files larger than:1048576 Bytes

Ignoring infections with lower TAI than:3

Safe Mode:False

[to top]

Extended Ad-Aware 2007 Settings

Unload malicious processes and modules

Unload Modules

Let Windows remove files at Start-Up

Deactivate Ad-Watch

Re-analyze Scan Result

Delete Restored Items

Write Protect System Files

Create Log file

Include basic settings

Include advanced settings

Include user and computer name

Environment information

Running processes

Running processes and modules

Include info about ignored objects in log file

Consider definitions File Outdated after x days

Proxy URL

Proxy Port

[to top]

Database Info

Version number:38

Build Number:0

Build Date and Time:2007/12/0303:47:00

[to top]

Scan Statistics

Method:Full

 

Items Scanned:168324

Infections Detected:21

Infections Removed:0

Infections Quarantined:0

Infections Ignored:0

[to top]

Scan Detailed Statistics

Type Critical Total

Process Scan 0 0

Registry Scan 0 0

Registry PE Scan 0 0

Hosts Scan 0 0

File Scan 0 0

Folder Scan 0 0

LSP Scan 0 0

ADS Scan 0 0

Cookie Scan 21 21

File Hash Scan 0 0

[to top]

Infections Found

Family Id Name Category TAI

725 Tracking Cookie DataMiner 3

[600000093] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat ads.pointroll.com PRID /

[600000093] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat ads.pointroll.com PRimp /

[600000093] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat ads.pointroll.com PRca /

[600000093] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat ads.pointroll.com PRcp /

[600000093] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat ads.pointroll.com PRpl /

[600000093] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat ads.pointroll.com PRcr /

[600000093] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat ads.pointroll.com PRpc /

[600000212] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat 2o7.net s_vi_mcx60x7Fbx7Fx7Fekbeb /

[600000212] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat 2o7.net s_vi_gijupe /

[600000212] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat 2o7.net s_vi_lbax60hx60zhox60lda /

[600000212] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat 2o7.net s_vi_hfejfddld /

[600000173] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat bluestreak.com id /

[600000187] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat advertising.com ACID /

[600000187] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat advertising.com C2 /

[600000187] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat advertising.com BASE /

[600000187] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat advertising.com ROLL /

[600000187] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat advertising.com F1 /

[600000144] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat doubleclick.net id /

[600000179] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat atdmt.com AA002 /

[600000085] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat questionmarket.com CS1 /

[600000085] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat questionmarket.com ES /

 

 

Quarantined Objects

Family Id Name Category TAI

 

Removed Objects

Family Id Name Category TAI

725 Tracking Cookie DataMiner 3

[600000093] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat ads.pointroll.com PRID /

[600000093] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat ads.pointroll.com PRimp /

[600000093] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat ads.pointroll.com PRca /

[600000093] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat ads.pointroll.com PRcp /

[600000093] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat ads.pointroll.com PRpl /

[600000093] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat ads.pointroll.com PRcr /

[600000093] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat ads.pointroll.com PRpc /

[600000212] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat 2o7.net s_vi_mcx60x7Fbx7Fx7Fekbeb /

[600000212] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat 2o7.net s_vi_gijupe /

[600000212] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat 2o7.net s_vi_lbax60hx60zhox60lda /

[600000212] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat 2o7.net s_vi_hfejfddld /

[600000187] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat advertising.com ACID /

[600000187] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat advertising.com C2 /

[600000187] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat advertising.com BASE /

[600000187] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat advertising.com ROLL /

[600000187] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat advertising.com F1 /

[600000179] Browser: Internet Explorer Cookie: C:\Documents and Settings\Billy\Cookies\index.dat atdmt.com AA002 /

 

[to top]

Listing of Running Processes

C:\WINDOWS\SYSTEM32\SMSS.EXE

c:\windows\system32\smss.exe

c:\windows\system32\ntdll.dll

C:\WINDOWS\SYSTEM32\CSRSS.EXE

c:\windows\system32\csrss.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\csrsrv.dll

c:\windows\system32\basesrv.dll

c:\windows\system32\winsrv.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\sxs.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\version.dll

C:\WINDOWS\SYSTEM32\WINLOGON.EXE

c:\windows\system32\winlogon.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\authz.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\nddeapi.dll

c:\windows\system32\profmap.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\userenv.dll

c:\windows\system32\psapi.dll

c:\windows\system32\regapi.dll

c:\windows\system32\secur32.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\version.dll

c:\windows\system32\winsta.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\imm32.dll

c:\windows\system32\msgina.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\odbc32.dll

c:\windows\system32\comdlg32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\odbcint.dll

c:\windows\system32\shsvcs.dll

c:\windows\system32\sfc.dll

c:\windows\system32\sfc_os.dll

c:\windows\system32\ole32.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\winscard.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\sxs.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\winmm.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\program files\superantispyware\saswinlo.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\normaliz.dll

c:\windows\system32\iertutil.dll

c:\windows\system32\cscdll.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\wlnotify.dll

c:\windows\system32\winspool.drv

c:\windows\system32\mpr.dll

c:\windows\system32\wgalogon.dll

c:\windows\system32\ntmarta.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\samlib.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\msv1_0.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\cscui.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\drprov.dll

c:\windows\system32\ntlanman.dll

c:\windows\system32\netui0.dll

c:\windows\system32\netui1.dll

c:\windows\system32\netrap.dll

c:\windows\system32\davclnt.dll

c:\windows\system32\mprui.dll

c:\windows\system32\netui2.dll

c:\windows\system32\netmsg.dll

c:\windows\system32\wdmaud.drv

c:\windows\system32\msacm32.drv

c:\windows\system32\msacm32.dll

c:\windows\system32\midimap.dll

C:\WINDOWS\SYSTEM32\SERVICES.EXE

c:\windows\system32\services.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\userenv.dll

c:\windows\system32\scesrv.dll

c:\windows\system32\authz.dll

c:\windows\system32\umpnpmgr.dll

c:\windows\system32\winsta.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\ncobjapi.dll

c:\windows\system32\msvcp60.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acadproc.dll

c:\windows\system32\imm32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\version.dll

c:\windows\system32\eventlog.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\psapi.dll

c:\windows\system32\wtsapi32.dll

C:\WINDOWS\SYSTEM32\LSASS.EXE

c:\windows\system32\lsass.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\lsasrv.dll

c:\windows\system32\mpr.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\ntdsapi.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\samlib.dll

c:\windows\system32\samsrv.dll

c:\windows\system32\cryptdll.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acgenral.dll

c:\windows\system32\winmm.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\version.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\imm32.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\msprivs.dll

c:\windows\system32\kerberos.dll

c:\windows\system32\msv1_0.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\netlogon.dll

c:\windows\system32\w32time.dll

c:\windows\system32\msvcp60.dll

c:\windows\system32\schannel.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\wdigest.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\scecli.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\ipsecsvc.dll

c:\windows\system32\authz.dll

c:\windows\system32\oakley.dll

c:\windows\system32\winipsec.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\pstorsvc.dll

c:\windows\system32\psbase.dll

c:\windows\system32\dssenh.dll

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

c:\windows\system32\svchost.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acgenral.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\ole32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\version.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\imm32.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\ntmarta.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\samlib.dll

c:\windows\system32\rpcss.dll

c:\windows\system32\secur32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\termsrv.dll

c:\windows\system32\icaapi.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\authz.dll

c:\windows\system32\mstlsapi.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\atl.dll

c:\windows\system32\regapi.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\system32\msv1_0.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\svchost.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acgenral.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\ole32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\version.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\imm32.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\rpcss.dll

c:\windows\system32\secur32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\rasadhlp.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\msi.dll

C:\PROGRAM FILES\WINDOWS DEFENDER\MSMPENG.EXE

c:\program files\windows defender\msmpeng.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll

c:\windows\system32\msvcrt.dll

c:\program files\windows defender\mpsvc.dll

c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\version.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\imagehlp.dll

c:\program files\windows defender\mpclient.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\userenv.dll

c:\windows\system32\imm32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\secur32.dll

c:\windows\system32\netapi32.dll

c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{21a6cfed-dfad-4fed-902f-593b4e9bfc1f}\mpengine.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\psapi.dll

c:\windows\system32\iphlpapi.dll

c:\program files\windows defender\mprtplug.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\program files\windows defender\mpasdesc.dll

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

c:\windows\system32\svchost.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acgenral.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\ole32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\version.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\imm32.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\ntmarta.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\samlib.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\shsvcs.dll

c:\windows\system32\winsta.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\dhcpcsvc.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\secur32.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\wzcsvc.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\wmi.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\esent.dll

c:\windows\system32\atl.dll

c:\windows\system32\rastls.dll

c:\windows\system32\cryptui.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\wininet.dll

c:\windows\system32\normaliz.dll

c:\windows\system32\iertutil.dll

c:\windows\system32\mprapi.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\schannel.dll

c:\windows\system32\winscard.dll

c:\windows\system32\raschap.dll

c:\windows\system32\msv1_0.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\schedsvc.dll

c:\windows\system32\ntdsapi.dll

c:\windows\system32\msidle.dll

c:\windows\system32\audiosrv.dll

c:\windows\system32\wkssvc.dll

c:\windows\system32\cryptsvc.dll

c:\windows\system32\certcli.dll

c:\windows\system32\ersvc.dll

c:\windows\system32\es.dll

c:\windows\pchealth\helpctr\binaries\pchsvc.dll

c:\windows\system32\srvsvc.dll

c:\windows\system32\netman.dll

c:\windows\system32\netshell.dll

c:\windows\system32\credui.dll

c:\windows\system32\wzcsapi.dll

c:\windows\system32\winspool.drv

c:\windows\system32\seclogon.dll

c:\windows\system32\sens.dll

c:\windows\system32\srsvc.dll

c:\windows\system32\powrprof.dll

c:\windows\system32\trkwks.dll

c:\windows\system32\w32time.dll

c:\windows\system32\msvcp60.dll

c:\windows\system32\wbem\wmisvc.dll

c:\windows\system32\vssapi.dll

c:\windows\system32\wscsvc.dll

c:\windows\system32\msi.dll

c:\windows\system32\browser.dll

c:\windows\system32\wuauserv.dll

c:\windows\system32\wuaueng.dll

c:\windows\system32\winhttp.dll

c:\windows\system32\cabinet.dll

c:\windows\system32\mspatcha.dll

c:\windows\system32\ipnathlp.dll

c:\windows\system32\authz.dll

c:\windows\system32\wbem\wbemcomn.dll

c:\windows\system32\sxs.dll

c:\windows\system32\wbem\wbemcore.dll

c:\windows\system32\wbem\esscli.dll

c:\windows\system32\wbem\fastprox.dll

c:\windows\system32\comsvcs.dll

c:\windows\system32\colbact.dll

c:\windows\system32\mtxclu.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\clusapi.dll

c:\windows\system32\resutils.dll

c:\windows\system32\wbem\wmiutils.dll

c:\windows\system32\sfc.dll

c:\windows\system32\sfc_os.dll

c:\windows\system32\wbem\repdrvfs.dll

c:\windows\system32\wbem\wmiprvsd.dll

c:\windows\system32\ncobjapi.dll

c:\windows\system32\wbem\wbemess.dll

c:\windows\system32\wbem\ncprov.dll

c:\windows\system32\tapisrv.dll

c:\windows\system32\psapi.dll

c:\windows\system32\rasmans.dll

c:\windows\system32\winipsec.dll

c:\windows\system32\netcfgx.dll

c:\windows\system32\rastapi.dll

c:\windows\system32\rasadhlp.dll

c:\windows\system32\unimdm.tsp

c:\windows\system32\uniplat.dll

c:\windows\system32\unimdmat.dll

c:\windows\system32\modemui.dll

c:\windows\system32\kmddsp.tsp

c:\windows\system32\ndptsp.tsp

c:\windows\system32\ipconf.tsp

c:\windows\system32\h323.tsp

c:\windows\system32\hidphone.tsp

c:\windows\system32\hid.dll

c:\windows\system32\rasppp.dll

c:\windows\system32\ntlsapi.dll

c:\windows\system32\kerberos.dll

c:\windows\system32\cryptdll.dll

c:\windows\system32\msxml3.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\advpack.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\dssenh.dll

c:\windows\system32\upnp.dll

c:\windows\system32\ssdpapi.dll

c:\windows\system32\rasdlg.dll

c:\windows\system32\catsrvut.dll

c:\windows\system32\catsrv.dll

c:\windows\system32\mfcsubs.dll

c:\windows\system32\mpr.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\wups2.dll

c:\windows\system32\wbem\wbemsvc.dll

c:\windows\system32\actxprxy.dll

c:\windows\system32\svchost.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acgenral.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\ole32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\version.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\imm32.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\wudfsvc.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\wudfplatform.dll

c:\windows\system32\secur32.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\svchost.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acgenral.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\ole32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\version.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\imm32.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\dnsrslvr.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\svchost.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acgenral.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\ole32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\version.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\imm32.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\ntmarta.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\samlib.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\lmhsvc.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\webclnt.dll

c:\windows\system32\wininet.dll

c:\windows\system32\normaliz.dll

c:\windows\system32\iertutil.dll

c:\windows\system32\secur32.dll

c:\windows\system32\ssdpsrv.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\wshtcpip.dll

C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE

c:\program files\lavasoft\ad-aware 2007\aawservice.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\program files\lavasoft\ad-aware 2007\ceapi.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\program files\lavasoft\ad-aware 2007\pkarchive84cb.dll

c:\windows\system32\shell32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\ole32.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\psapi.dll

c:\windows\system32\version.dll

c:\windows\system32\wininet.dll

c:\windows\system32\normaliz.dll

c:\windows\system32\iertutil.dll

c:\program files\lavasoft\ad-aware 2007\update.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\userenv.dll

c:\windows\system32\imm32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\rasadhlp.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\secur32.dll

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE

c:\program files\alwil software\avast4\aswupdsv.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\program files\alwil software\avast4\aswcmns.dll

c:\program files\alwil software\avast4\aswcmnos.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\msvcp71.dll

c:\windows\system32\msvcr71.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\ws2help.dll

c:\program files\alwil software\avast4\aswcmnb.dll

c:\windows\system32\imm32.dll

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE

c:\program files\alwil software\avast4\ashserv.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\advapi32.dll

c:\program files\alwil software\avast4\aswaux.dll

c:\windows\system32\msvcp71.dll

c:\windows\system32\msvcr71.dll

c:\program files\alwil software\avast4\aswcmnb.dll

c:\program files\alwil software\avast4\aswcmnos.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\ws2help.dll

c:\program files\alwil software\avast4\aswengin.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\ole32.dll

c:\program files\alwil software\avast4\aswscan.dll

c:\program files\alwil software\avast4\aswcmns.dll

c:\windows\system32\oleaut32.dll

c:\program files\alwil software\avast4\ashbase.dll

c:\windows\system32\version.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\program files\alwil software\avast4\ashtask.dll

c:\program files\alwil software\avast4\aswinteg.dll

c:\program files\alwil software\avast4\aswidle.dll

c:\program files\alwil software\avast4\aavm4h.dll

c:\windows\system32\imm32.dll

c:\windows\system32\dbghelp.dll

c:\program files\alwil software\avast4\english\base.dll

c:\program files\alwil software\avast4\unacev2.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\system32\netapi32.dll

c:\program files\alwil software\avast4\ahresmai.dll

c:\program files\alwil software\avast4\ahresmes.dll

c:\program files\alwil software\avast4\ahresns.dll

c:\program files\alwil software\avast4\ahresout.dll

c:\program files\alwil software\avast4\ahresp2p.dll

c:\program files\alwil software\avast4\ahresstd.dll

c:\program files\alwil software\avast4\ahresws.dll

c:\program files\alwil software\avast4\ashssqlt.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\rasadhlp.dll

c:\windows\system32\perfos.dll

c:\program files\alwil software\avast4\aswres.dll

c:\windows\system32\secur32.dll

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE

c:\windows\system32\spoolsv.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acgenral.dll

c:\windows\system32\winmm.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\version.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\imm32.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\spoolss.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\rasadhlp.dll

c:\windows\system32\localspl.dll

c:\windows\system32\secur32.dll

c:\windows\system32\sfc_os.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\winspool.drv

c:\windows\system32\netapi32.dll

c:\windows\system32\cnbjmon.dll

c:\windows\system32\bthcrp.dll

c:\windows\system32\widcommsdk.dll

c:\windows\system32\wbtapi.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\msi.dll

c:\windows\system32\mfc42.dll

c:\windows\system32\msvcp60.dll

c:\windows\system32\cncupm2k.dll

c:\windows\system32\cnmlmya.dll

c:\windows\system32\psapi.dll

c:\windows\system32\pjlmon.dll

c:\windows\system32\prtdlink.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\tcpmon.dll

c:\windows\system32\usbmon.dll

c:\windows\system32\spool\prtprocs\w32x86\cnmpdya.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\win32spl.dll

c:\windows\system32\netrap.dll

c:\windows\system32\ntdsapi.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\inetpp.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\winsta.dll

c:\windows\system32\spool\drivers\w32x86\3\cnmuiya.dll

c:\windows\system32\comdlg32.dll

c:\windows\system32\msimg32.dll

C:\PROGRAM FILES\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE

c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\imm32.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

C:\PROGRAM FILES\WIDCOMM\BLUETOOTH SOFTWARE\BIN\BTWDINS.EXE

c:\program files\widcomm\bluetooth software\bin\btwdins.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\imm32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\hid.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\imagehlp.dll

C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE

c:\windows\system32\ctsvccda.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\imm32.dll

C:\WINDOWS\SYSTEM32\DVDRAMSV.EXE

c:\windows\system32\dvdramsv.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\winspool.drv

c:\windows\system32\msvcrt.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\imm32.dll

c:\windows\system32\uxtheme.dll

C:\WINDOWS\SYSTEM32\NVSVC32.EXE

c:\windows\system32\nvsvc32.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\userenv.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\imm32.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\comctl32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\ole32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\msv1_0.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\version.dll

c:\windows\system32\apphelp.dll

C:\PROGRAM FILES\DANTZ\RETROSPECT\RETRORUN.EXE

c:\program files\dantz\retrospect\retrorun.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\shell32.dll

c:\program files\dantz\retrospect\bdrockui.dll

c:\windows\system32\msvcrt40.dll

c:\program files\dantz\retrospect\bdrock20.dll

c:\windows\system32\version.dll

c:\windows\system32\mpr.dll

c:\windows\system32\imm32.dll

c:\windows\system32\comdlg32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\ole32.dll

c:\windows\system32\msvcr70.dll

c:\windows\system32\secur32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\normaliz.dll

c:\windows\system32\iertutil.dll

c:\windows\system32\winmm.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\system32\psapi.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\mapi32.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\atl.dll

c:\windows\system32\msimg32.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\setupapi.dll

C:\PROGRA~1\DANTZ\RETROS~1\WDSVC.EXE

c:\progra~1\dantz\retros~1\wdsvc.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\progra~1\dantz\retros~1\bdrock20.dll

c:\windows\system32\msvcrt40.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shell32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\version.dll

c:\windows\system32\mpr.dll

c:\windows\system32\imm32.dll

c:\windows\system32\comdlg32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\ole32.dll

c:\windows\system32\secur32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\normaliz.dll

c:\windows\system32\iertutil.dll

c:\windows\system32\winmm.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\system32\psapi.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\mapi32.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\atl.dll

c:\windows\system32\msimg32.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\setupapi.dll

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

c:\windows\system32\svchost.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acgenral.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\ole32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\version.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\imm32.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\wiaservc.dll

c:\windows\system32\cfgmgr32.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\mscms.dll

c:\windows\system32\winspool.drv

c:\windows\system32\winsta.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\wiavusd.dll

c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\actxprxy.dll

c:\windows\system32\sti.dll

c:\windows\system32\cncsif50.dll

c:\windows\system32\cncsut50.dll

c:\windows\system32\cncsdo50.dll

c:\windows\system32\cncscm50.dll

c:\windows\system32\cncstr50.dll

c:\windows\system32\wtsapi32.dll

C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE

c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\version.dll

c:\windows\system32\ole32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\imm32.dll

c:\program files\common files\symantec shared\ccpd-lc\symlcnet.dll

c:\windows\system32\msvcr71.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\wbem\wbemprox.dll

c:\windows\system32\wbem\wbemcomn.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\wbem\wbemsvc.dll

c:\windows\system32\wbem\fastprox.dll

c:\windows\system32\msvcp60.dll

c:\windows\system32\ntdsapi.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\secur32.dll

C:\PROGRAM FILES\VIEWPOINT\COMMON\VIEWPOINTSERVICE.EXE

c:\program files\viewpoint\common\viewpointservice.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shell32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\atl.dll

c:\windows\system32\imm32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\apphelp.dll

C:\WINDOWS\SYSTEM32\MSPMSPSV.EXE

c:\windows\system32\mspmspsv.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\imm32.dll

c:\windows\system32\ntmarta.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\ole32.dll

c:\windows\system32\samlib.dll

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE

c:\program files\alwil software\avast4\ashmaisv.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\program files\alwil software\avast4\ashbase.dll

c:\windows\system32\version.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msvcp71.dll

c:\windows\system32\msvcr71.dll

c:\program files\alwil software\avast4\aswcmnos.dll

c:\program files\alwil software\avast4\aswcmnb.dll

c:\program files\alwil software\avast4\aswcmns.dll

c:\windows\system32\comctl32.dll

c:\program files\alwil software\avast4\aavm4h.dll

c:\program files\alwil software\avast4\ashtask.dll

c:\program files\alwil software\avast4\aswaux.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\program files\alwil software\avast4\ahresmai.dll

c:\windows\system32\imm32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\dbghelp.dll

c:\program files\alwil software\avast4\english\base.dll

c:\program files\alwil software\avast4\aswengin.dll

c:\program files\alwil software\avast4\aswscan.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\rasadhlp.dll

c:\program files\alwil software\avast4\ashuint.dll

c:\program files\alwil software\avast4\xt1922.dll

c:\windows\system32\mfc71.dll

c:\windows\system32\mfc71enu.dll

c:\windows\system32\riched20.dll

c:\program files\alwil software\avast4\english\lang.dll

c:\windows\system32\uxtheme.dll

c:\program files\alwil software\avast4\english\langmai.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\psapi.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\wshtcpip.dll

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE

c:\program files\alwil software\avast4\ashwebsv.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\program files\alwil software\avast4\ashbase.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\version.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msvcp71.dll

c:\windows\system32\msvcr71.dll

c:\program files\alwil software\avast4\aswcmnos.dll

c:\program files\alwil software\avast4\aswcmnb.dll

c:\program files\alwil software\avast4\aswcmns.dll

c:\windows\system32\comctl32.dll

c:\program files\alwil software\avast4\aavm4h.dll

c:\program files\alwil software\avast4\ashtask.dll

c:\program files\alwil software\avast4\aswaux.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\imm32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\dbghelp.dll

c:\program files\alwil software\avast4\english\base.dll

c:\windows\system32\psapi.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\security.dll

c:\windows\system32\secur32.dll

c:\program files\alwil software\avast4\ashwsftr.dll

c:\program files\alwil software\avast4\aswscan.dll

c:\windows\system32\oleacc.dll

c:\windows\system32\msvcp60.dll

c:\windows\system32\winspool.drv

c:\progra~1\alwils~1\avast4\ahresws.dll

c:\program files\alwil software\avast4\aswengin.dll

C:\WINDOWS\SYSTEM32\ALG.EXE

c:\windows\system32\alg.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\atl.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acgenral.dll

c:\windows\system32\winmm.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\version.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\imm32.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\wshtcpip.dll

C:\PROGRAM FILES\VIEWPOINT\VIEWPOINT MANAGER\VIEWMGR.EXE

c:\program files\viewpoint\viewpoint manager\viewmgr.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\wininet.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\normaliz.dll

c:\windows\system32\iertutil.dll

c:\windows\system32\version.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\imm32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctfime.ime

c:\program files\viewpoint\viewpoint manager\viewmgrcore.dll

c:\windows\system32\shell32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\oleacc.dll

c:\windows\system32\msvcp60.dll

c:\windows\system32\mprapi.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\atl.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\samlib.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\sxs.dll

c:\windows\system32\secur32.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\system32\userenv.dll

c:\windows\system32\msv1_0.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\sensapi.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\schannel.dll

c:\windows\system32\rasadhlp.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\dssenh.dll

c:\windows\system32\cryptnet.dll

c:\windows\system32\winhttp.dll

c:\program files\viewpoint\viewpoint manager\vetscriptinterpreter.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\shdocvw.dll

c:\windows\system32\cryptui.dll

c:\windows\system32\btncopy.dll

c:\windows\system32\mydocs.dll

c:\program files\nokia\nokia pc suite 6\phonebrowser.dll

c:\program files\nokia\nokia pc suite 6\pcscm.dll

c:\windows\system32\msimg32.dll

c:\windows\system32\olepro32.dll

c:\windows\system32\comdlg32.dll

c:\windows\system32\msvcp71.dll

c:\windows\system32\msvcr71.dll

c:\program files\nokia\nokia pc suite 6\lang\phonebrowser_eng-us.nlr

c:\program files\nokia\nokia pc suite 6\resource\phonebrowser_nokia.ngr

c:\windows\system32\ntshrui.dll

C:\WINDOWS\EXPLORER.EXE

c:\windows\explorer.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\browseui.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\ole32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\shdocvw.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\cryptui.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\normaliz.dll

c:\windows\system32\iertutil.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\version.dll

c:\windows\system32\shell32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acgenral.dll

c:\windows\system32\winmm.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\userenv.dll

c:\windows\system32\imm32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\apphelp.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\cscui.dll

c:\windows\system32\cscdll.dll

c:\windows\system32\themeui.dll

c:\windows\system32\secur32.dll

c:\windows\system32\msimg32.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\actxprxy.dll

c:\windows\system32\msutb.dll

c:\windows\system32\msctf.dll

c:\windows\system32\samlib.dll

c:\windows\system32\linkinfo.dll

c:\windows\system32\ntshrui.dll

c:\windows\system32\atl.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\psapi.dll

c:\windows\system32\netshell.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\credui.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\iphlpapi.dll

c:\progra~1\window~4\mpshhook.dll

c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll

c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\winsta.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\stobject.dll

c:\windows\system32\batmeter.dll

c:\windows\system32\powrprof.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\wpdshserviceobj.dll

c:\windows\system32\winhttp.dll

c:\windows\system32\wdmaud.drv

c:\windows\system32\msacm32.drv

c:\windows\system32\midimap.dll

c:\windows\system32\btncopy.dll

c:\windows\system32\mydocs.dll

c:\program files\nokia\nokia pc suite 6\phonebrowser.dll

c:\program files\nokia\nokia pc suite 6\pcscm.dll

c:\windows\system32\olepro32.dll

c:\windows\system32\comdlg32.dll

c:\windows\system32\msvcp71.dll

c:\windows\system32\msvcr71.dll

c:\program files\nokia\nokia pc suite 6\lang\phonebrowser_eng-us.nlr

c:\program files\nokia\nokia pc suite 6\resource\phonebrowser_nokia.ngr

c:\program files\microsoft hardware\mouse\msh_zwf.dll

c:\windows\system32\portabledevicetypes.dll

c:\windows\system32\msi.dll

c:\windows\system32\portabledeviceapi.dll

c:\windows\system32\mlang.dll

c:\windows\system32\mpr.dll

c:\windows\system32\drprov.dll

c:\windows\system32\ntlanman.dll

c:\windows\system32\netui0.dll

c:\windows\system32\netui1.dll

c:\windows\system32\netrap.dll

c:\windows\system32\davclnt.dll

c:\windows\system32\ctagent.dll

c:\windows\system32\dsound.dll

c:\program files\microsoft hardware\mouse\point32.dll

c:\windows\system32\sxs.dll

c:\windows\system32\browselc.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\duser.dll

c:\windows\system32\lqcui2.dll

c:\windows\system32\winspool.drv

c:\program files\nero\nero 7\nero backitup\nbshell.dll

c:\program files\nero\nero 7\nero backitup\mfc71u.dll

c:\windows\system32\mfc71enu.dll

c:\program files\alwil software\avast4\ashshell.dll

c:\program files\fellowes\mediaface 4.0\mfshlext.dll

c:\program files\fellowes\mediaface 4.0\mfextres.dll

c:\program files\widcomm\bluetooth software\btkeyind.dll

c:\windows\system32\zipfldr.dll

c:\windows\system32\sendmail.dll

c:\program files\common files\ahead\lib\medialibrarynse.dll

c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll

c:\program files\logitech\video\namespc2.dll

c:\windows\system32\mfc71.dll

c:\program files\logitech\video\albudbps.dll

c:\windows\system32\wpdshext.dll

c:\windows\system32\shgina.dll

c:\windows\system32\msgina.dll

c:\windows\system32\odbc32.dll

c:\windows\system32\odbcint.dll

c:\windows\system32\audiodev.dll

c:\windows\system32\wmvcore.dll

c:\windows\system32\wmasf.dll

c:\windows\system32\wiashext.dll

c:\windows\system32\sti.dll

c:\windows\system32\cfgmgr32.dll

c:\program files\common files\ahead\lib\nerodigitalext.dll

c:\program files\common files\adobe\acrobat\activex\pdfshell.dll

c:\windows\system32\mscms.dll

c:\windows\system32\shmedia.dll

c:\windows\system32\msvfw32.dll

c:\windows\system32\avifil32.dll

c:\windows\system32\ntmarta.dll

c:\windows\system32\msdmo.dll

c:\windows\system32\mfplat.dll

c:\windows\system32\cabinet.dll

c:\windows\system32\xpsp1res.dll

c:\windows\system32\shdoclc.dll

c:\windows\system32\asfsipc.dll

c:\windows\system32\msisip.dll

c:\windows\system32\wshext.dll

c:\windows\system32\mfc42.dll

c:\progra~1\micros~4\office10\mcps.dll

c:\windows\system32\msvcp60.dll

C:\PROGRAM FILES\MICROSOFT HARDWARE\MOUSE\POINT32.EXE

c:\program files\microsoft hardware\mouse\point32.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shell32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shlwapi.dll

c:\program files\microsoft hardware\mouse\cmtool32.dll

c:\windows\system32\version.dll

c:\program files\microsoft hardware\mouse\mshlocal.dll

c:\program files\microsoft hardware\mouse\mslng32.dll

c:\program files\microsoft hardware\mouse\msh_zwf.dll

c:\program files\microsoft hardware\mouse\point32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\normaliz.dll

c:\windows\system32\iertutil.dll

c:\windows\system32\imm32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\ole32.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

c:\program files\microsoft hardware\mouse\ip4xbatt.dll

c:\windows\system32\msctf.dll

C:\WINDOWS\SYSTEM32\UMONIT.EXE

c:\windows\system32\umonit.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shell32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\version.dll

c:\windows\system32\mfc42.dll

c:\windows\system32\cfgmgr32.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\imm32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\ole32.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

c:\program files\microsoft hardware\mouse\msh_zwf.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msctf.dll

c:\windows\system32\ctagent.dll

c:\windows\system32\dsound.dll

c:\windows\system32\winmm.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\program files\microsoft hardware\mouse\point32.dll

C:\WINDOWS\SYSTEM32\LVCOMSX.EXE

c:\windows\system32\lvcomsx.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\version.dll

c:\windows\system32\cfgmgr32.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\imm32.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\lvmaenum.dll

c:\windows\system32\hid.dll

c:\windows\system32\msvcp71.dll

c:\windows\system32\msvcr71.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\msctf.dll

c:\program files\microsoft hardware\mouse\msh_zwf.dll

c:\windows\system32\lvcomcx.dll

C:\PROGRAM FILES\WINDOWS DEFENDER\MSASCUI.EXE

c:\program files\windows defender\msascui.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll

c:\windows\system32\msvcrt.dll

c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\program files\windows defender\mpclient.dll

c:\windows\system32\userenv.dll

c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\oleacc.dll

c:\windows\system32\msvcp60.dll

c:\program files\windows defender\msmpres.dll

c:\program files\windows defender\mprtmon.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\winhttp.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\iertutil.dll

c:\windows\system32\version.dll

c:\windows\system32\imm32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msftedit.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\rsaenh.dll

c:\windows\system32\secur32.dll

c:\windows\system32\msctf.dll

c:\program files\microsoft hardware\mouse\msh_zwf.dll

C:\PROGRAM FILES\TREND MICRO\ANTI-SPAM FOR OE\TMAS_OEMON.EXE

c:\program files\trend micro\anti-spam for oe\tmas_oemon.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\comdlg32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\shell32.dll

c:\windows\system32\winspool.drv

c:\windows\system32\imm32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\ole32.dll

c:\program files\trend micro\anti-spam for oe\tmas_oehook.dll

c:\windows\system32\msctf.dll

c:\program files\microsoft hardware\mouse\msh_zwf.dll

C:\WINDOWS\SYSTEM32\WDBTNMGR.EXE

c:\windows\system32\wdbtnmgr.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\comdlg32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\shell32.dll

c:\windows\system32\winspool.drv

c:\windows\system32\oledlg.dll

c:\windows\system32\ole32.dll

c:\windows\system32\olepro32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\cfgmgr32.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\hid.dll

c:\windows\system32\imm32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctfime.ime

c:\program files\microsoft hardware\mouse\point32.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

c:\program files\microsoft hardware\mouse\msh_zwf.dll

c:\windows\system32\msctf.dll

c:\windows\system32\ctagent.dll

c:\windows\system32\dsound.dll

c:\windows\system32\winmm.dll

c:\windows\system32\version.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

C:\WINDOWS\SYSTEM32\CTHELPER.EXE

c:\windows\system32\cthelper.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\dsound.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\version.dll

c:\windows\system32\mfc42.dll

c:\windows\system32\imm32.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\wintrust.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\wdmaud.drv

c:\windows\system32\msacm32.drv

c:\windows\system32\msacm32.dll

c:\windows\system32\midimap.dll

c:\windows\system32\ksuser.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\ctagent.dll

c:\windows\system32\ctspkhlp.dll

c:\windows\system32\msctf.dll

c:\windows\ctdcres.dll

c:\program files\microsoft hardware\mouse\point32.dll

c:\program files\microsoft hardware\mouse\msh_zwf.dll

C:\PROGRA~1\ALWILS~1\AVAST4\ASHDISP.EXE

c:\progra~1\alwils~1\avast4\ashdisp.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\advapi32.dll

c:\progra~1\alwils~1\avast4\aswcmnos.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\msvcp71.dll

c:\windows\system32\msvcr71.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\ws2help.dll

c:\progra~1\alwils~1\avast4\ashbase.dll

c:\windows\system32\version.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\progra~1\alwils~1\avast4\aswcmnb.dll

c:\progra~1\alwils~1\avast4\aswcmns.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\shlwapi.dll

c:\progra~1\alwils~1\avast4\ashtask.dll

c:\progra~1\alwils~1\avast4\aswaux.dll

c:\windows\system32\shell32.dll

c:\progra~1\alwils~1\avast4\aavm4h.dll

c:\windows\system32\imm32.dll

c:\windows\system32\dbghelp.dll

c:\program files\alwil software\avast4\english\base.dll

c:\program files\alwil software\avast4\english\lang.dll

c:\windows\system32\mfc71.dll

c:\windows\system32\mfc71enu.dll

c:\progra~1\alwils~1\avast4\aavmrpch.dll

c:\program files\alwil software\avast4\ahruimai.dll

c:\progra~1\alwils~1\avast4\ashuint.dll

c:\progra~1\alwils~1\avast4\xt1922.dll

c:\program files\alwil software\avast4\ahruimes.dll

c:\program files\alwil software\avast4\ahruins.dll

c:\program files\alwil software\avast4\ahruiout.dll

c:\windows\system32\mapi32.dll

c:\program files\alwil software\avast4\ahruip2p.dll

c:\program files\alwil software\avast4\ahruistd.dll

c:\program files\alwil software\avast4\ahruiws.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctfime.ime

c:\program files\microsoft hardware\mouse\msh_zwf.dll

c:\windows\system32\secur32.dll

c:\windows\system32\msctf.dll

C:\PROGRAM FILES\GOOGLE\GOOGLE DESKTOP SEARCH\GOOGLEDESKTOP.EXE

c:\program files\google\google desktop search\googledesktop.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\oleaut32.dll

c:\program files\google\google desktop search\googledesktopcommon.dll

c:\windows\system32\wininet.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\normaliz.dll

c:\windows\system32\iertutil.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\imm32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\query.dll

c:\windows\system32\shell32.dll

c:\windows\system32\userenv.dll

c:\windows\system32\psapi.dll

c:\windows\system32\uxtheme.dll

c:\program files\google\google desktop search\googledesktopresources_en.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\mswsock.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\wshtcpip.dll

c:\program files\google\google desktop search\googledesktopapi2.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\version.dll

c:\windows\system32\sxs.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\msctf.dll

c:\windows\system32\asycfilt.dll

c:\program files\microsoft hardware\mouse\msh_zwf.dll

c:\windows\system32\vbscript.dll

c:\program files\google\google desktop search\googledesktophyper.dll

c:\windows\system32\ctagent.dll

c:\windows\system32\dsound.dll

c:\windows\system32\winmm.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\program files\microsoft hardware\mouse\point32.dll

c:\windows\system32\msimg32.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\mprapi.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\atl.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\samlib.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\secur32.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\msv1_0.dll

c:\windows\system32\sensapi.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\schannel.dll

c:\windows\system32\rasadhlp.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\dssenh.dll

c:\program files\google\google desktop search\gzlib.dll

J:\MY MUSIC\ITUNESHELPER.EXE

j:\my music\ituneshelper.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\version.dll

c:\windows\system32\wininet.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\normaliz.dll

c:\windows\system32\iertutil.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\imm32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\secur32.dll

j:\my music\ituneshelper.resources\en.lproj\ituneshelperlocalized.dll

j:\my music\ituneshelper.resources\ituneshelper.dll

c:\windows\system32\msctfime.ime

c:\program files\quicktime\qtsystem\quicktime.qts

c:\windows\system32\winmm.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\comdlg32.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\shell32.dll

c:\windows\system32\msimg32.dll

c:\windows\system32\dsound.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\system32\ddraw.dll

c:\windows\system32\dciman32.dll

c:\windows\system32\msctf.dll

c:\program files\microsoft hardware\mouse\msh_zwf.dll

c:\program files\quicktime\qtsystem\corevideo.qtx

c:\program files\quicktime\qtsystem\quicktime3gpp.qtx

c:\program files\quicktime\qtsystem\quicktime3gppauthoring.qtx

c:\program files\quicktime\qtsystem\quicktimeaudiosupport.qtx

c:\program files\quicktime\qtsystem\quicktimeauthoring.qtx

c:\program files\quicktime\qtsystem\quicktimecapture.qtx

c:\windows\system32\wintrust.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\wdmaud.drv

c:\windows\system32\msacm32.drv

c:\windows\system32\msacm32.dll

c:\windows\system32\midimap.dll

c:\program files\quicktime\qtsystem\quicktimeeffects.qtx

c:\program files\quicktime\qtsystem\quicktimeessentials.qtx

c:\program files\quicktime\qtsystem\quicktimeh264.qtx

c:\program files\quicktime\qtsystem\quicktimeimage.qtx

c:\program files\quicktime\qtsystem\quicktimeinternetextras.qtx

c:\program files\quicktime\qtsystem\quicktimempeg.qtx

c:\program files\quicktime\qtsystem\quicktimempeg4.qtx

c:\program files\quicktime\qtsystem\quicktimempeg4authoring.qtx

c:\program files\quicktime\qtsystem\quicktimemusic.qtx

c:\program files\quicktime\qtsystem\quicktimeqd3d.qtx

c:\program files\quicktime\qtsystem\quicktimestreaming.qtx

c:\windows\system32\wsock32.dll

c:\program files\quicktime\qtsystem\quicktimestreamingauthoring.qtx

c:\program files\quicktime\qtsystem\quicktimestreamingextras.qtx

c:\program files\quicktime\qtsystem\quicktimevr.qtx

c:\program files\common files\apple\mobile device support\bin\itunesmobiledevice.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\sxs.dll

C:\PROGRAM FILES\SKYPE\PHONE\SKYPE.EXE

c:\program files\skype\phone\skype.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\ole32.dll

c:\windows\system32\version.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\imm32.dll

c:\windows\system32\shell32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\normaliz.dll

c:\windows\system32\iertutil.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\comdlg32.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\winmm.dll

c:\windows\system32\oleacc.dll

c:\windows\system32\msvcp60.dll

c:\windows\system32\shfolder.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctfime.ime

c:\program files\microsoft hardware\mouse\point32.dll

c:\windows\system32\msimg32.dll

c:\windows\system32\cryptui.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\msvfw32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\olepro32.dll

c:\windows\system32\msctf.dll

c:\program files\common files\system\wab32.dll

c:\windows\system32\msoert2.dll

c:\program files\common files\system\wab32res.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\system32\sxs.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\ctagent.dll

c:\windows\system32\dsound.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\wshtcpip.dll

c:\program files\microsoft hardware\mouse\msh_zwf.dll

c:\windows\system32\dxdiagn.dll

c:\windows\system32\wbem\wbemprox.dll

c:\windows\system32\wbem\wbemcomn.dll

c:\windows\system32\wbem\wbemsvc.dll

c:\windows\system32\wbem\fastprox.dll

c:\windows\system32\ntdsapi.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\secur32.dll

c:\windows\system32\devenum.dll

c:\windows\system32\msdmo.dll

c:\windows\system32\linkinfo.dll

c:\windows\system32\ntshrui.dll

c:\windows\system32\atl.dll

c:\windows\system32\userenv.dll

c:\windows\system32\wdmaud.drv

c:\windows\system32\msacm32.drv

c:\windows\system32\msacm32.dll

c:\windows\system32\midimap.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\msv1_0.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\sensapi.dll

c:\windows\system32\rasadhlp.dll

C:\PROGRAM FILES\COMMON FILES\AHEAD\LIB\NMBGMONITOR.EXE

c:\program files\common files\ahead\lib\nmbgmonitor.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\shlwapi.dll

c:\program files\common files\ahead\lib\msvcp71.dll

c:\program files\common files\ahead\lib\msvcr71.dll

c:\windows\system32\imm32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\version.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\msctf.dll

c:\program files\microsoft hardware\mouse\msh_zwf.dll

c:\program files\common files\ahead\lib\nmindexstoresvrps.dll

c:\program files\common files\ahead\lib\nmdataservices.dll

c:\windows\system32\wininet.dll

c:\windows\system32\normaliz.dll

c:\windows\system32\iertutil.dll

c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

C:\WINDOWS\SYSTEM32\CTFMON.EXE

c:\windows\system32\ctfmon.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\msctf.dll

c:\windows\system32\msutb.dll

c:\windows\system32\shimeng.dll

c:\windows\apppatch\acgenral.dll

c:\windows\system32\winmm.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\version.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\userenv.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\imm32.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\msctfime.ime

c:\program files\microsoft hardware\mouse\msh_zwf.dll

C:\PROGRAM FILES\MESSENGER\MSMSGS.EXE

c:\program files\messenger\msmsgs.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\comdlg32.dll

c:\windows\system32\shell32.dll

c:\windows\system32\version.dll

c:\windows\system32\winmm.dll

c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll

c:\windows\system32\msimg32.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\normaliz.dll

c:\windows\system32\iertutil.dll

c:\windows\system32\cryptdll.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\imm32.dll

c:\progra~1\google\google~2\goec62~1.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\progra~1\google\google~2\googledesktopresources_en.dll

c:\windows\system32\mswsock.dll

c:\program files\google\google desktop search\googledesktopapi2.dll

c:\program files\google\google desktop search\googledesktopcommon.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctf.dll

c:\windows\system32\xpob2res.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\sxs.dll

c:\windows\system32\es.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\$ntservicepackuninstall$\rtcimsp.dll

c:\windows\winsxs\x86_microsoft.windows.networking.rtcdll_6595b64144ccf1df_5.2.2.3_x-ww_d6bd8b95\rtcdll.dll

c:\windows\system32\atl.dll

c:\windows\system32\secur32.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\dnsapi.dll

c:\windows\winsxs\x86_microsoft.windows.networking.rtcres_6595b64144ccf1df_5.2.2.3_en_16a24bc0\rtcres.dll

c:\windows\system32\termmgr.dll

c:\windows\system32\quartz.dll

c:\windows\winsxs\x86_microsoft.windows.networking.dxmrtp_6595b64144ccf1df_5.2.2.3_x-ww_468466a7\dxmrtp.dll

c:\windows\system32\msvfw32.dll

c:\windows\system32\dsound.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\devenum.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\wdmaud.drv

c:\windows\system32\msacm32.drv

c:\windows\system32\msacm32.dll

c:\windows\system32\midimap.dll

c:\windows\system32\dpnhupnp.dll

c:\windows\system32\rsaenh.dll

c:\program files\microsoft hardware\mouse\msh_zwf.dll

c:\windows\system32\schannel.dll

c:\windows\system32\userenv.dll

c:\windows\system32\credui.dll

c:\program files\messenger\msgsc.dll

C:\PROGRAM FILES\GOOGLE\GOOGLE DESKTOP SEARCH\GOOGLEDESKTOP.EXE

c:\program files\google\google desktop search\googledesktop.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\ole32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\oleaut32.dll

c:\program files\google\google desktop search\googledesktopcommon.dll

c:\windows\system32\wininet.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\normaliz.dll

c:\windows\system32\iertutil.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\imm32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\query.dll

c:\windows\system32\shell32.dll

c:\windows\system32\userenv.dll

c:\windows\system32\psapi.dll

c:\program files\google\google desktop search\googledesktopresources_en.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctf.dll

c:\windows\system32\msctfime.ime

c:\program files\google\google desktop search\googledesktopoe.dll

c:\program files\google\google desktop search\googledesktopapi2.dll

c:\program files\microsoft hardware\mouse\msh_zwf.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\version.dll

c:\windows\system32\mlang.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\secur32.dll

c:\windows\system32\shmedia.dll

c:\windows\system32\msvfw32.dll

c:\windows\system32\winmm.dll

c:\windows\system32\avifil32.dll

c:\windows\system32\msacm32.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\system32\wmvcore.dll

c:\windows\system32\wmasf.dll

c:\windows\system32\drmv2clt.dll

c:\windows\system32\mfplat.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\ntmarta.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\samlib.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\zipfldr.dll

c:\windows\system32\shimgvw.dll

c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll

c:\program files\common files\ahead\lib\nerodigitalext.dll

c:\program files\common files\ahead\lib\mfc71.dll

c:\program files\common files\ahead\lib\msvcr71.dll

c:\program files\common files\ahead\lib\msvcp71.dll

c:\windows\system32\mfc71enu.dll

c:\program files\common files\adobe\acrobat\activex\pdfshell.dll

c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll

c:\windows\system32\mscms.dll

c:\windows\system32\winspool.drv

c:\program files\google\google desktop search\gzlib.dll

C:\PROGRAM FILES\WIDCOMM\BLUETOOTH SOFTWARE\BTTRAY.EXE

c:\program files\widcomm\bluetooth software\bttray.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\wbtapi.dll

c:\windows\system32\msi.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\mfc42.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\version.dll

c:\windows\system32\msvcp60.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\winmm.dll

c:\windows\system32\btosif.dll

c:\windows\system32\btwhidcs.dll

c:\windows\system32\cfgmgr32.dll

c:\windows\system32\comdlg32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\shell32.dll

c:\program files\widcomm\bluetooth software\btballoon.dll

c:\windows\system32\imm32.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\system32\btrez.dll

c:\windows\system32\csh.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctf.dll

c:\program files\widcomm\bluetooth software\btkeyind.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\hid.dll

c:\program files\microsoft hardware\mouse\msh_zwf.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE

c:\program files\common files\microsoft shared\works shared\wkcalrem.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\imm32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctf.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\ole32.dll

c:\program files\microsoft hardware\mouse\msh_zwf.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\version.dll

C:\WINDOWS\SYSTEM32\RAMASST.EXE

c:\windows\system32\ramasst.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\winspool.drv

c:\windows\system32\msvcrt.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\shell32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\imm32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctf.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\ole32.dll

c:\program files\microsoft hardware\mouse\msh_zwf.dll

C:\PROGRAM FILES\SONY\SONY PICTURE UTILITY\VOLUMEWATCHER\SPUVOLUMEWATCHER.EXE

c:\program files\sony\sony picture utility\volumewatcher\spuvolumewatcher.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\shell32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\ole32.dll

c:\program files\sony\sony picture utility\volumewatcher\msvcp71.dll

c:\program files\sony\sony picture utility\volumewatcher\msvcr71.dll

c:\windows\system32\oleaut32.dll

c:\program files\sony\sony picture utility\volumewatcher\mfc71u.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\imm32.dll

c:\windows\system32\mfc71enu.dll

c:\program files\sony\sony picture utility\volumewatcher\spuvolumewatcherloc.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctf.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\ctagent.dll

c:\windows\system32\dsound.dll

c:\windows\system32\winmm.dll

c:\windows\system32\version.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\program files\microsoft hardware\mouse\point32.dll

c:\program files\microsoft hardware\mouse\msh_zwf.dll

C:\PROGRAM FILES\IPOD\BIN\IPODSERVICE.EXE

c:\program files\ipod\bin\ipodservice.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\cfgmgr32.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\version.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\imm32.dll

c:\program files\ipod\bin\ipodservice.resources\en.lproj\ipodservicelocalized.dll

c:\program files\ipod\bin\ipodservice.resources\ipodservice.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\sxs.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\wtsapi32.dll

c:\windows\system32\winsta.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE

c:\program files\outlook express\msimn.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\imm32.dll

c:\program files\outlook express\msoe.dll

c:\windows\system32\atl.dll

c:\windows\system32\msoert2.dll

c:\windows\system32\ole32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\msoeacct.dll

c:\windows\system32\inetcomm.dll

c:\windows\system32\shell32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\acctres.dll

c:\windows\system32\inetres.dll

c:\program files\outlook express\msoeres.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctf.dll

c:\program files\trend micro\anti-spam for oe\tmas_oehook.dll

c:\windows\system32\shdocvw.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\cryptui.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\wininet.dll

c:\windows\system32\normaliz.dll

c:\windows\system32\iertutil.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\version.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\psapi.dll

c:\windows\system32\secur32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\pstorec.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\shdoclc.dll

c:\windows\system32\ctagent.dll

c:\windows\system32\dsound.dll

c:\windows\system32\winmm.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\program files\microsoft hardware\mouse\point32.dll

c:\windows\system32\mlang.dll

c:\program files\trend micro\anti-spam for oe\tmas_oea.dll

c:\windows\system32\comdlg32.dll

c:\windows\system32\winspool.drv

c:\program files\trend micro\anti-spam for oe\tmas_oeapi.dll

c:\program files\microsoft hardware\mouse\msh_zwf.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\userenv.dll

c:\windows\system32\msv1_0.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\sensapi.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\rasadhlp.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\msimtf.dll

c:\windows\system32\sxs.dll

c:\windows\system32\msi.dll

c:\windows\system32\oleacc.dll

c:\windows\system32\msvcp60.dll

c:\program files\widcomm\bluetooth software\btkeyind.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\browseui.dll

c:\windows\system32\msident.dll

c:\windows\system32\msidntld.dll

c:\program files\common files\system\directdb.dll

c:\program files\messenger\msgsc.dll

c:\windows\system32\mshtml.dll

c:\windows\system32\msls31.dll

C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

c:\program files\internet explorer\iexplore.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\user32.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\shell32.dll

c:\windows\system32\ole32.dll

c:\windows\system32\urlmon.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\iertutil.dll

c:\windows\system32\version.dll

c:\windows\system32\imm32.dll

c:\progra~1\google\google~2\goec62~1.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\comctl32.dll

c:\program files\google\google desktop search\googledesktopcommon.dll

c:\windows\system32\wininet.dll

c:\windows\system32\normaliz.dll

c:\program files\google\google desktop search\googledesktopie.dll

c:\progra~1\google\google~2\googledesktopresources_en.dll

c:\windows\system32\mswsock.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\psapi.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctf.dll

c:\windows\system32\xpsp2res.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\ieui.dll

c:\windows\system32\msimg32.dll

c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll

c:\windows\system32\xmllite.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\msimtf.dll

c:\windows\system32\secur32.dll

c:\windows\system32\cscui.dll

c:\windows\system32\cscdll.dll

c:\windows\system32\setupapi.dll

c:\program files\microsoft office\office10\msohev.dll

c:\windows\system32\ctagent.dll

c:\windows\system32\dsound.dll

c:\windows\system32\winmm.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\program files\microsoft hardware\mouse\point32.dll

c:\program files\internet explorer\ieproxy.dll

c:\program files\microsoft hardware\mouse\msh_zwf.dll

c:\windows\system32\sxs.dll

c:\program files\google\google desktop search\googledesktopapi2.dll

c:\windows\system32\mlang.dll

c:\program files\common files\adobe\acrobat\activex\acroiehelper.dll

c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll

c:\progra~1\spybot~1\sdhelper.dll

c:\windows\system32\olepro32.dll

c:\program files\google\googletoolbar3.dll

c:\windows\system32\crypt32.dll

c:\windows\system32\msasn1.dll

c:\windows\system32\imagehlp.dll

c:\windows\system32\msi.dll

c:\windows\system32\wintrust.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\hnetcfg.dll

c:\windows\system32\wshtcpip.dll

c:\windows\system32\rasapi32.dll

c:\windows\system32\rasman.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\tapi32.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\userenv.dll

c:\windows\system32\msv1_0.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\rsaenh.dll

c:\windows\system32\sensapi.dll

c:\windows\system32\rasadhlp.dll

c:\windows\system32\dnsapi.dll

c:\windows\system32\winrnr.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\actxprxy.dll

c:\windows\system32\mshtml.dll

c:\windows\system32\msls31.dll

c:\windows\system32\ieapfltr.dll

c:\windows\system32\ntmarta.dll

c:\windows\system32\samlib.dll

c:\windows\system32\jscript.dll

c:\windows\system32\winspool.drv

c:\windows\system32\imgutil.dll

c:\windows\system32\dxtrans.dll

c:\windows\system32\atl.dll

c:\windows\system32\ddrawex.dll

c:\windows\system32\ddraw.dll

c:\windows\system32\dciman32.dll

c:\windows\system32\dxtmsft.dll

c:\windows\system32\mshtmled.dll

c:\windows\system32\oleacc.dll

c:\windows\system32\msvcp60.dll

c:\windows\system32\msxml3.dll

c:\windows\system32\usp10.dll

c:\windows\system32\msfeeds.dll

c:\windows\system32\schannel.dll

c:\windows\system32\dssenh.dll

c:\program files\google\google desktop search\gzlib.dll

c:\program files\widcomm\bluetooth software\btkeyind.dll

c:\windows\system32\msdmo.dll

c:\windows\system32\wdmaud.drv

c:\windows\system32\msacm32.drv

c:\windows\system32\msacm32.dll

c:\windows\system32\midimap.dll

c:\windows\system32\ksuser.dll

c:\windows\system32\vbscript.dll

c:\windows\system32\macromed\flash\flash9b.ocx

c:\windows\system32\comdlg32.dll

c:\windows\system32\mscms.dll

c:\windows\system32\msrating.dll

c:\windows\system32\rmoc3260.dll

c:\windows\system32\pncrt.dll

c:\windows\system32\langwrbk.dll

c:\windows\system32\mpr.dll

c:\windows\system32\drprov.dll

c:\windows\system32\ntlanman.dll

c:\windows\system32\netui0.dll

c:\windows\system32\netui1.dll

c:\windows\system32\netrap.dll

c:\windows\system32\davclnt.dll

C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AD-AWARE2007.EXE

c:\program files\lavasoft\ad-aware 2007\ad-aware2007.exe

c:\windows\system32\ntdll.dll

c:\windows\system32\kernel32.dll

c:\windows\system32\user32.dll

c:\windows\system32\gdi32.dll

c:\windows\system32\imm32.dll

c:\windows\system32\advapi32.dll

c:\windows\system32\rpcrt4.dll

c:\windows\system32\comctl32.dll

c:\windows\system32\comdlg32.dll

c:\windows\system32\shlwapi.dll

c:\windows\system32\msvcrt.dll

c:\windows\system32\shell32.dll

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

c:\windows\system32\oleaut32.dll

c:\windows\system32\ole32.dll

c:\windows\system32\ws2_32.dll

c:\windows\system32\ws2help.dll

c:\windows\system32\inetmib1.dll

c:\windows\system32\iphlpapi.dll

c:\windows\system32\snmpapi.dll

c:\windows\system32\wsock32.dll

c:\windows\system32\mprapi.dll

c:\windows\system32\activeds.dll

c:\windows\system32\adsldpc.dll

c:\windows\system32\netapi32.dll

c:\windows\system32\wldap32.dll

c:\windows\system32\atl.dll

c:\windows\system32\rtutils.dll

c:\windows\system32\samlib.dll

c:\windows\system32\setupapi.dll

c:\windows\system32\version.dll

c:\windows\system32\mpr.dll

c:\windows\system32\winmm.dll

c:\windows\system32\serwvdrv.dll

c:\windows\system32\umdmxfrm.dll

c:\windows\system32\oleacc.dll

c:\windows\system32\msvcp60.dll

c:\windows\system32\uxtheme.dll

c:\windows\system32\msctf.dll

c:\windows\system32\msctfime.ime

c:\windows\system32\ctagent.dll

c:\windows\system32\dsound.dll

c:\program files\microsoft hardware\mouse\point32.dll

c:\windows\system32\apphelp.dll

c:\windows\system32\clbcatq.dll

c:\windows\system32\comres.dll

c:\windows\system32\olepro32.dll

c:\windows\system32\secur32.dll

c:\program files\microsoft hardware\mouse\msh_zwf.dll

[to top]

Share this post


Link to post
Share on other sites

All cookies ;)

 

Support will end for Ad-aware SE at the close of the year. Ad-aware 2007 is here to stay, until it's replaced with an upgraded version.

Share this post


Link to post
Share on other sites
Sign in to follow this