Jump to content


Photo

Cdn False Positives


  • Please log in to reply
27 replies to this topic

#1 redwolfe_98

redwolfe_98

    Advanced Member

  • Members
  • PipPipPip
  • 47 posts

Posted 23 July 2007 - 09:38 PM

hello.. after today's updates (7/23/07), ad-aware is flagging two alleged "CDN" items on my computer, both of which are regkeys..

one of the items is an activex-killbit.. the other one is for "adshield's" "context menu items"..

here are the two items, from ad-aware's scan log:

HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\activex compatibility\{9a578c98-3c2f-4630-890b-fc04196ef420}

HKEY_CURRENT_USER\software\microsoft\internet explorer\menuext
----------------------------------------------------------------------------------------

here is what the "menuext" regkey looks like:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Maintain Block List...]
@="C:\\PROGRA~1\\AllStar\\AdShield\\maintain.htm"
"Flags"=dword:00000000
"Contexts"=dword:000000ff

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to &Block List...]
@="C:\\PROGRA~1\\AllStar\\AdShield\\suppress.htm"
"Flags"=dword:00000000
"Contexts"=dword:000000ff

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to &Exclude List...]
@="C:\\PROGRA~1\\AllStar\\AdShield\\restrict.htm"
"Flags"=dword:00000000
"Contexts"=dword:000000ff

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\AdShield Option &Settings...]
@="C:\\PROGRA~1\\AllStar\\AdShield\\settings.htm"
"Flags"=dword:00000000
"Contexts"=dword:000000ff

#2 LS Pekka

LS Pekka

    Advanced Member

  • Members
  • PipPipPip
  • 452 posts

Posted 23 July 2007 - 10:48 PM

Hi redwolfe_98!


Thank's for posting!


Could you please post the complete logfile from the Ad-Aware scan and info about which OS you are using.


Regards,


Pekka


Lavasoft Research

#3 redwolfe_98

redwolfe_98

    Advanced Member

  • Members
  • PipPipPip
  • 47 posts

Posted 24 July 2007 - 01:07 AM

i am running win xpsp2 with IE 6..

here is a log file that i tried to generate from running a scan with ad-aware.. note that 6 of the "ignored" items are "real" cookies, in "C:\Documents and Settings\user-xyz\Cookies", which ad-aware only recently started flagging.. the other ignored item is from my having my "homepage" locked, in IE:


Ad-Aware SE Build 1.06r1
Logfile Created on:Monday, July 23, 2007 8:09:18 PM
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R182 23.07.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adware.CDN(TAC index:8):2 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R182 23.07.2007
Internal build : 223
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 1366063 Bytes
Total size : 4614595 Bytes
Signature data size : 4572009 Bytes
Reference data size : 42074 Bytes
Signatures total : 117029
CSI Fingerprints total : 8686
CSI data size : 550522 Bytes
Target categories : 15
Target families : 1158


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium IV
Memory available:52 %
Total physical memory:523264 kb
Available physical memory:270336 kb
Total page file size:1279640 kb
Available on page file:1028764 kb
Total virtual memory:2097024 kb
Available virtual memory:2030348 kb
OS:Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Search for low-risk threats
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Show detail tooltips in results lists


7-23-2007 8:09:18 PM - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 464
ThreadCreationTime : 7-23-2007 8:12:56 PM
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 520
ThreadCreationTime : 7-23-2007 8:12:57 PM
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 548
ThreadCreationTime : 7-23-2007 8:13:01 PM
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 592
ThreadCreationTime : 7-23-2007 8:13:01 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Services and Controller app
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 604
ThreadCreationTime : 7-23-2007 8:13:01 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 756
ThreadCreationTime : 7-23-2007 8:13:02 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 836
ThreadCreationTime : 7-23-2007 8:13:02 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 904
ThreadCreationTime : 7-23-2007 8:13:02 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 948
ThreadCreationTime : 7-23-2007 8:13:03 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [avguard.exe]
FilePath : C:\Program Files\AntiVir PersonalEdition Premium\
ProcessID : 1048
ThreadCreationTime : 7-23-2007 8:13:03 PM
BasePriority : Normal
FileVersion : 7.00.00.52
ProductVersion : 7.00.00.00
ProductName : AntiVir Workstation
CompanyName : Avira GmbH
FileDescription : Antivirus On-Access Service
InternalName : AVGuard
LegalCopyright : Copyright © 2007 Avira GmbH. All rights reserved.
LegalTrademarks : AntiVir® is a registered trademark of Avira GmbH, Germany.
OriginalFilename : avguard.exe

#:11 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1392
ThreadCreationTime : 7-23-2007 8:13:10 PM
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Explorer
InternalName : explorer
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : EXPLORER.EXE

#:12 [bocore.exe]
FilePath : C:\Program Files\Comodo\CBOClean\
ProcessID : 1596
ThreadCreationTime : 7-23-2007 8:13:21 PM
BasePriority : Normal
FileVersion : 4.24.001
ProductVersion : 4.24
ProductName : COMODO BOClean - Anti-Malware
CompanyName : COMODO
FileDescription : COMODO BOClean - Anti-Malware
InternalName : BOCore
LegalCopyright : Copyright © 2007 COMODO ®. All rights reserved
OriginalFilename : BOCore.exe

#:13 [persfw.exe]
FilePath : C:\Program Files\Kerio\Personal Firewall\
ProcessID : 1636
ThreadCreationTime : 7-23-2007 8:13:22 PM
BasePriority : Normal
FileVersion : 2, 1, 5, 0
ProductVersion : 2, 1, 5, 0
ProductName : Kerio Personal Firewall
CompanyName : Kerio Technologies
FileDescription : Kerio Personal Firewall Engine
InternalName : PERSFW
LegalCopyright : Copyright © 2002
OriginalFilename : PERSFW.exe

#:14 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1696
ThreadCreationTime : 7-23-2007 8:13:24 PM
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:15 [uphclean.exe]
FilePath : C:\Program Files\UPHClean\
ProcessID : 1724
ThreadCreationTime : 7-23-2007 8:13:25 PM
BasePriority : Normal
FileVersion : 1.6.30.0
ProductVersion : 1.6.30.0
ProductName : User Profile Hive Cleanup Service
CompanyName : Microsoft Corporation
FileDescription : User Profile Hive Cleanup Service
InternalName : uphclean.exe
LegalCopyright : Copyright © Microsoft Corp. 2003 - 2005
OriginalFilename : uphclean.exe

#:16 [avgnt.exe]
FilePath : C:\Program Files\AntiVir PersonalEdition Premium\
ProcessID : 1736
ThreadCreationTime : 7-23-2007 8:13:25 PM
BasePriority : Normal
FileVersion : 7.00.04.05
ProductVersion : 7.00.04.05
ProductName : AntiVir Workstation
CompanyName : Avira GmbH
FileDescription : Antivirus System Tray Tool
LegalCopyright : Copyright © 2007 Avira GmbH. All rights reserved.
LegalTrademarks : AntiVir® is a registered trademark of Avira GmbH, Germany.
OriginalFilename : avgnt.exe

#:17 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 308
ThreadCreationTime : 7-23-2007 8:13:47 PM
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:18 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 956
ThreadCreationTime : 7-24-2007 12:08:21 AM
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Adware.CDN Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\activex compatibility\{9a578c98-3c2f-4630-890b-fc04196ef420}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 1


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 6
Objects found so far: 1



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 1


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
14974 entries scanned.
New critical objects:0
Objects found so far: 1




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Adware.CDN Object Recognized!
Type : Regkey
Data :
TAC Rating : 8
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\menuext

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 2

8:13:37 PM Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:04:18.890
Objects scanned:154663
Objects identified:9
Objects ignored:7
New critical objects:0

----------------------------------------------------------------------------------

here is a link to a thread where some others are also seeing ad-aware's flagging some "CDN" items on their computers:

http://www.dslreport...-AdAware-update

here is a link to another thread where someone is seeing this same thing, with ad-aware's flagging some items as "CDN":

http://www.lavasofts...showtopic=11198

Edited by redwolfe_98, 24 July 2007 - 03:09 AM.


#4 jerome1951

jerome1951

    Member

  • Members
  • PipPip
  • 10 posts

Posted 24 July 2007 - 06:07 AM

Hello, I have the same thing: I am in Windows XP SP2 using IE7

Ad-Aware SE Build 1.06r1
Fichier journal créé le :lundi 23 juillet 2007 16:16:22
Created with Ad-Aware SE Personal, free for private use.
Utilisation du fichier de définitions :SE1R182 23.07.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Références détectées lors de l’analyse :
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adware.CDN(Index TAC :8):3 Nombre total de références
MRU List(Index TAC :0):9 Nombre total de références
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Définir : Rechercher les entrées à risque négligeable
Définir : Search for low-risk threats
Définir : Mode sécurisé (tjrs demander confirm.)
Définir : Analyser les processus actifs
Définir : Scan registry
Définir : Analyser en profondeur le registre
Définir : Analyser mes favoris IE pour rech. URL interdites
Définir : Analyser dans les archives
Définir : Analyser mon fichier Hosts

Extended Ad-Aware SE Settings
===========================
Définir : Décharger les modules et les processus reconnus pendant l’analyse
Définir : ######. reg. pr tous utili. et non pr utili. actuel uniqmnt
Définir : Toujours essayer de décharger les modules avant la suppression
Définir : Lors de la suppression, décharger l’Explorateur et IE si nécessaire
Définir : Perm. Win. supp. fich. en cours au proch. démar.
Définir : Supprimer les objets en quarantaine après la restauration
Définir : Inclure les paramètres de base d'Ad-Aware dans le fichier journal
Définir : Inclure les paramètres de base d'Ad-Aware dans le fichier journal
Définir : Inclure un récapitulatif des références dans le fichier journal
Définir : Inclure les détails des données ADS dans le fichier journal
Définir : Émettre un son à la fin de l’analyse en cas de détection d'objets critiques


23-07-2007 16:16:22 - L’analyse a démarré. (Analyse complète du système)

Affichage des processus en cours d'exécution
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]

#:2 [csrss.exe]

#:3 [winlogon.exe]

#:4 [services.exe]

#:5 [lsass.exe]

#:6 [svchost.exe]

#:7 [svchost.exe]

#:8 [svchost.exe]

#:9 [svchost.exe]

#:10 [svchost.exe]

#:11 [spoolsv.exe]

#:12 [explorer.exe]

#:13 [pcmservice.exe]

#:14 [lvcomsx.exe]

#:15 [dvdlauncher.exe]

#:16 [tfswctrl.exe]

#:17 [dlbtbmgr.exe]

#:18 [mskagent.exe]

#:19 [sdtrayapp.exe]

#:20 [ctfmon.exe]

#:21 [dlbtbmon.exe]

#:22 [skype.exe]

#:23 [wcescomm.exe]

#:24 [rapimgr.exe]

#:25 [hwapi.exe]

#:26 [mcmscsvc.exe]

#:27 [mcnasvc.exe]

#:28 [mcods.exe]

#:29 [mcpromgr.exe]

#:30 [mcproxy.exe]

#:31 [redirsvc.exe]

#:32 [mcshield.exe]

#:33 [mcsysmon.exe]

#:34 [mpfsrv.exe]

#:35 [msksrver.exe]

#:36 [nvsvc32.exe]

#:37 [svcntaux.exe]

#:38 [swdsvc.exe]

#:39 [svchost.exe]

#:40 [fxssvc.exe]

#:41 [skypepm.exe]

#:42 [mcagent.exe]

#:43 [alg.exe]

#:44 [emproxy.exe]

#:45 [dlbtcoms.exe]

#:46 [ad-aware.exe]

Résultat de l’analyse de la mémoire :
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Nouv. obj. critiques : 0
Objets détectés jusqu'à présent : 9


Analyse du registre démarrée
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Adware.CDN Objet reconnu !
Type : Regkey
Données :
Rootkey : HKEY_LOCAL_MACHINE
Objet : software\microsoft\internet explorer\activex compatibility\{9a578c98-3c2f-4630-890b-fc04196ef420}

Adware.CDN Objet reconnu !
Type : RegValue
Données :
Rootkey : HKEY_LOCAL_MACHINE
Objet : software\microsoft\internet explorer\activex compatibility\{9a578c98-3c2f-4630-890b-fc04196ef420}
Valeur : Pst

Résultat de l’analyse du registre :
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Nouv. obj. critiques : 2
Objets détectés jusqu'à présent : 11


Analyse approfondie du registre démarrée
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Résultat de l’analyse approfondie du registre :
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Nouv. obj. critiques : 0
Objets détectés jusqu'à présent : 11


Analyse des cookies de suivi lancée
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Résultat de l’analyse des cookies de suivi :
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Nouv. obj. critiques : 0
Objets détectés jusqu'à présent : 11



Analyse et examen approfondis des fichiers (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Résultat de l’analyse du disque pour C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Nouv. obj. critiques : 0
Objets détectés jusqu'à présent : 11


Analyse du fichier Hosts…...
Emplacement du fichier Hosts :"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Résultat d’analyse du fichier Hosts :
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entrées analysées.
Nouv. obj. critiques :0
Objets détectés jusqu'à présent : 11




Analyses conditionnelles en cours...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Adware.CDN Objet reconnu !
Type : Regkey
Données :
Rootkey : HKEY_CURRENT_USER
Objet : software\microsoft\internet explorer\menuext

Résultat d’analyse conditionnelle :
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Nouv. obj. critiques : 1
Objets détectés jusqu'à présent : 12

16:30:12 Analyse terminée

Récap. de cette ######.
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Durée tot. analyse :00:13:50.15
Objets analysés :166734
Objets identifiés :3
Objets ignorés :0
Nouv. obj. critiques :3

False Positive?
None another software: my Mc Afee, Spybot, A2 free, Spyware Doctor, Panda on line, AVG Anti Spyware find nothing.
my post on another topic (Lavasoft Ad-Aware Se ):
http://www.lavasofts...st=0#entry49704
Regards, Jérôme

Edited by jerome1951, 24 July 2007 - 06:55 AM.


#5 LS Pekka

LS Pekka

    Advanced Member

  • Members
  • PipPipPip
  • 452 posts

Posted 24 July 2007 - 09:05 AM

Hi redwolfe_98!

Thank you for bringing this to our attention!


This issue will be resolved as of the next definition file release.


Regards,



Lavasoft Research

#6 l36suds

l36suds

    Member

  • Members
  • PipPip
  • 24 posts

Posted 26 July 2007 - 05:05 PM



#7 l36suds

l36suds

    Member

  • Members
  • PipPip
  • 24 posts

Posted 26 July 2007 - 05:46 PM

Weird .. when I check for updates . says 'you have latest updates' . OK .. then a box pops up saying 'there are updates . do you want them? .. ' .. "OK" .. it says downloading .. got them ..
ran scan and STILL showing ADWARE:CDN?

Detailed Statistics
Type Critical Total
Process Scan 0 0
Registry Scan 2 2
Registry PE Scan 0 0
Hosts Scan 0 0
File Scan 0 0
Folder Scan 0 0
LSP Scan 0 0
ADS Scan 0 0
Cookie Scan 0 0
File Hash Scan 0 0
[to top]
Infections Found
Family Id Name Category TAI
67 Adware.CDN Malware 8
[300028695] Root: HKLM Path: software\microsoft\internet explorer\activex compatibility\{9a578c98-3c2f-4630-890b-fc04196ef420}
[300028678] Root: HKU Path: S-1-5-21-1085031214-1563985344-839522115-1004\software\microsoft\internet explorer\menuext

9999 MRU Object MRU Object 0
[1] MRU Path: C:\Documents and Settings\Suds\Recent Count: 6


Quarantined Objects
Family Id Name Category TAI

Removed Objects
Family Id Name Category TAI
[to top]
Listing of Running Processes
C:\WINDOWS\SYSTEM32\SMSS.EXE
c:\windows\system32\smss.exe
c:\windows\system32\ntdll.dll
C:\WINDOWS\SYSTEM32\CSRSS.EXE
c:\windows\system32\csrss.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\csrsrv.dll
c:\windows\system32\basesrv.dll
c:\windows\system32\winsrv.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\sxs.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\version.dll
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
c:\windows\system32\winlogon.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\authz.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\nddeapi.dll
c:\windows\system32\profmap.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\psapi.dll
c:\windows\system32\regapi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\version.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msgina.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\odbc32.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\odbcint.dll
c:\windows\system32\shsvcs.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\ole32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\winscard.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\sxs.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\winmm.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\program files\superantispyware\saswinlo.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\wgalogon.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\wrlogonntf.dll
c:\windows\system32\mpr.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\msacm32.drv
c:\windows\system32\msacm32.dll
c:\windows\system32\midimap.dll
c:\program files\spyware doctor\klg.dat
C:\WINDOWS\SYSTEM32\SERVICES.EXE
c:\windows\system32\services.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\scesrv.dll
c:\windows\system32\authz.dll
c:\windows\system32\umpnpmgr.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\ncobjapi.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\eventlog.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
c:\program files\spyware doctor\klg.dat
C:\WINDOWS\SYSTEM32\LSASS.EXE
c:\windows\system32\lsass.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\lsasrv.dll
c:\windows\system32\mpr.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\samsrv.dll
c:\windows\system32\cryptdll.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\msprivs.dll
c:\windows\system32\kerberos.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\netlogon.dll
c:\windows\system32\w32time.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\schannel.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\wdigest.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\scecli.dll
c:\windows\system32\ipsecsvc.dll
c:\windows\system32\authz.dll
c:\windows\system32\oakley.dll
c:\windows\system32\winipsec.dll
c:\windows\system32\pstorsvc.dll
c:\windows\system32\psbase.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\dssenh.dll
c:\program files\spyware doctor\klg.dat
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\rpcss.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\termsrv.dll
c:\windows\system32\icaapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\authz.dll
c:\windows\system32\mstlsapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\atl.dll
c:\windows\system32\regapi.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\rpcss.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\program files\spyware doctor\klg.dat
C:\PROGRAM FILES\WINDOWS DEFENDER\MSMPENG.EXE
c:\program files\windows defender\msmpeng.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
c:\windows\system32\msvcrt.dll
c:\program files\windows defender\mpsvc.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\version.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\program files\windows defender\mpclient.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\secur32.dll
c:\windows\system32\netapi32.dll
c:\documents and settings\all users\application data\microsoft\windows defender\definition updates\{cc584867-6fad-4098-b604-12a06e6e05d2}\mpengine.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\psapi.dll
c:\windows\system32\iphlpapi.dll
c:\program files\windows defender\mprtplug.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\program files\spyware doctor\klg.dat
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\shsvcs.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\wzcsvc.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\wmi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\esent.dll
c:\windows\system32\atl.dll
c:\windows\system32\rastls.dll
c:\windows\system32\cryptui.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\schannel.dll
c:\windows\system32\winscard.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\raschap.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\schedsvc.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\msidle.dll
c:\windows\system32\audiosrv.dll
c:\windows\system32\wkssvc.dll
c:\windows\system32\ersvc.dll
c:\windows\system32\es.dll
c:\windows\pchealth\helpctr\binaries\pchsvc.dll
c:\windows\system32\srvsvc.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\netman.dll
c:\windows\system32\netshell.dll
c:\windows\system32\credui.dll
c:\windows\system32\wzcsapi.dll
c:\windows\system32\seclogon.dll
c:\windows\system32\sens.dll
c:\windows\system32\srsvc.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\tapisrv.dll
c:\windows\system32\psapi.dll
c:\windows\system32\trkwks.dll
c:\windows\system32\w32time.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wbem\wmisvc.dll
c:\windows\system32\vssapi.dll
c:\windows\system32\wscsvc.dll
c:\windows\system32\msi.dll
c:\windows\system32\wuauserv.dll
c:\windows\system32\wuaueng.dll
c:\windows\system32\winspool.drv
c:\windows\system32\winhttp.dll
c:\windows\system32\cabinet.dll
c:\windows\system32\mspatcha.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\browser.dll
c:\windows\system32\wbem\wbemcore.dll
c:\windows\system32\wbem\esscli.dll
c:\windows\system32\wbem\wbemcomn.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\wmiutils.dll
c:\windows\system32\sxs.dll
c:\windows\system32\wbem\repdrvfs.dll
c:\windows\system32\comsvcs.dll
c:\windows\system32\colbact.dll
c:\windows\system32\mtxclu.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\clusapi.dll
c:\windows\system32\resutils.dll
c:\windows\system32\wbem\wmiprvsd.dll
c:\windows\system32\ncobjapi.dll
c:\windows\system32\ipnathlp.dll
c:\windows\system32\authz.dll
c:\windows\system32\wbem\wbemess.dll
c:\windows\system32\wbem\ncprov.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\rasadhlp.dll
c:\windows\system32\rasmans.dll
c:\windows\system32\winipsec.dll
c:\windows\system32\netcfgx.dll
c:\windows\system32\rastapi.dll
c:\windows\system32\unimdm.tsp
c:\windows\system32\uniplat.dll
c:\windows\system32\unimdmat.dll
c:\windows\system32\modemui.dll
c:\windows\system32\kmddsp.tsp
c:\windows\system32\ndptsp.tsp
c:\windows\system32\ipconf.tsp
c:\windows\system32\h323.tsp
c:\windows\system32\hidphone.tsp
c:\windows\system32\hid.dll
c:\windows\system32\rasppp.dll
c:\windows\system32\ntlsapi.dll
c:\windows\system32\kerberos.dll
c:\windows\system32\cryptdll.dll
c:\windows\system32\upnp.dll
c:\windows\system32\ssdpapi.dll
c:\windows\system32\rasdlg.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\advpack.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\dssenh.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\dnsrslvr.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\iphlpapi.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\lmhsvc.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\webclnt.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\alrsvc.dll
c:\windows\system32\netapi32.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\ssdpsrv.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
C:\WINDOWS\EXPLORER.EXE
c:\windows\explorer.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\browseui.dll
c:\windows\system32\shdocvw.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\cryptui.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\version.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\apphelp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\themeui.dll
c:\windows\system32\secur32.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\xpsp2res.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\actxprxy.dll
c:\windows\system32\samlib.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\atl.dll
c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\msi.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\psapi.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\mlang.dll
c:\windows\system32\rsaenh.dll
c:\progra~1\window~4\mpshhook.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
c:\windows\system32\netshell.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\credui.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\sxs.dll
c:\windows\system32\winsta.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\stobject.dll
c:\windows\system32\batmeter.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\wtsapi32.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
c:\windows\system32\browselc.dll
c:\windows\system32\msctf.dll
c:\windows\system32\mpr.dll
c:\windows\system32\drprov.dll
c:\windows\system32\ntlanman.dll
c:\windows\system32\netui0.dll
c:\windows\system32\netui1.dll
c:\windows\system32\netrap.dll
c:\windows\system32\davclnt.dll
c:\windows\system32\duser.dll
c:\windows\system32\fxsst.dll
c:\windows\system32\winspool.drv
c:\windows\system32\fxsapi.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\mscms.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\zipfldr.dll
c:\program files\ipswitch\ws_ftp professional\wsftpsi.dll
c:\program files\ipswitch\ws_ftp professional\wsftpext.dll
c:\program files\ipswitch\ws_ftp professional\libeay32.dll
c:\windows\system32\wsock32.dll
c:\program files\ipswitch\ws_ftp professional\msvcr71.dll
c:\program files\ipswitch\ws_ftp professional\ssleay32.dll
c:\program files\ipswitch\ws_ftp professional\sslsvc.dll
c:\program files\ipswitch\ws_ftp professional\wsftplib.dll
c:\program files\ipswitch\ws_ftp professional\wsfirscr.dll
c:\program files\ipswitch\ws_ftp professional\wshosts.dll
c:\program files\ipswitch\ws_ftp professional\ipspgp.dll
c:\program files\ipswitch\ws_ftp professional\msvcp71.dll
c:\program files\ipswitch\ws_ftp professional\res0409.dll
c:\windows\system32\mfc71.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\mydocs.dll
c:\program files\nikon\nkview\mlcamview.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\rasdlg.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\msv1_0.dll
c:\program files\spywareguard\spywareguard.dll
c:\windows\system32\msvbvm60.dll
c:\program files\superantispyware\sasseh.dll
c:\windows\system32\shimgvw.dll
c:\program files\common files\adobe\shell\psicon.dll
c:\windows\system32\shdoclc.dll
c:\progra~1\webroot\spyswe~1\ssctxmnu.dll
c:\program files\a-squared free\a2freecontmenu.dll
c:\program files\superantispyware\sasctxmn.dll
c:\program files\grisoft\avg7\avgse.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\msacm32.drv
c:\windows\system32\midimap.dll
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
c:\windows\system32\spoolsv.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\spoolss.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\localspl.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\winspool.drv
c:\windows\system32\netapi32.dll
c:\windows\system32\cnbjmon.dll
c:\windows\system32\fxsmon.dll
c:\windows\system32\fxsevent.dll
c:\windows\system32\pjlmon.dll
c:\windows\system32\tcpmon.dll
c:\windows\system32\usbmon.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\win32spl.dll
c:\windows\system32\netrap.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\inetpp.dll
c:\program files\spyware doctor\klg.dat
C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE
c:\program files\lavasoft\ad-aware 2007\aawservice.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\program files\lavasoft\ad-aware 2007\ceapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\program files\lavasoft\ad-aware 2007\pkarchive84cb.dll
c:\windows\system32\shell32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\psapi.dll
c:\windows\system32\version.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\program files\lavasoft\ad-aware 2007\update.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\rsaenh.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\oleaut32.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
C:\PROGRA~1\GRISOFT\AVG7\AVGAMSVR.EXE
c:\progra~1\grisoft\avg7\avgamsvr.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\version.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\progra~1\grisoft\avg7\avgklib.dll
c:\windows\system32\shfolder.dll
c:\windows\system32\msvcp71.dll
c:\windows\system32\msvcr71.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\imm32.dll
c:\progra~1\grisoft\avg7\avglog.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\program files\grisoft\avg7\avgcfg.dll
c:\windows\system32\shell32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbem\wbemcomn.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\secur32.dll
c:\program files\grisoft\avg7\avglng.dll
c:\program files\grisoft\avg7\avgamint.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\program files\grisoft\avg7\avgamsps.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\apphelp.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\wldap32.dll
C:\PROGRA~1\GRISOFT\AVG7\AVGUPSVC.EXE
c:\progra~1\grisoft\avg7\avgupsvc.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\version.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\msvcr71.dll
c:\windows\system32\imm32.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\secur32.dll
c:\program files\spyware doctor\klg.dat
c:\program files\grisoft\avg7\avgupd.dll
c:\windows\system32\shell32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\program files\grisoft\avg7\avgcfg.dll
c:\program files\grisoft\avg7\avgklib.dll
c:\windows\system32\shfolder.dll
c:\windows\system32\msvcp71.dll
c:\progra~1\grisoft\avg7\avglog.dll
c:\program files\grisoft\avg7\avgupsvc.dll
c:\program files\grisoft\avg7\avgamsps.dll
C:\PROGRA~1\GRISOFT\AVG7\AVGEMC.EXE
c:\progra~1\grisoft\avg7\avgemc.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\version.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\progra~1\grisoft\avg7\libsasl.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\msvcr71.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\msvcp71.dll
c:\windows\system32\shfolder.dll
c:\windows\system32\shell32.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\progra~1\grisoft\avg7\avglog.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\program files\grisoft\avg7\avgcfg.dll
c:\program files\grisoft\avg7\avgklib.dll
c:\program files\grisoft\avg7\avglng.dll
c:\program files\grisoft\avg7\avgscan.dll
c:\program files\grisoft\avg7\avgunarc.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\winmm.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\system32\schannel.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\secur32.dll
c:\windows\system32\userenv.dll
c:\progra~1\grisoft\avg7\saslcrammd5.dll
c:\progra~1\grisoft\avg7\sasldigestmd5.dll
c:\progra~1\grisoft\avg7\sasllogin.dll
c:\progra~1\grisoft\avg7\saslplain.dll
c:\program files\grisoft\avg7\avgmail.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\psapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\program files\spyware doctor\klg.dat
c:\progra~1\grisoft\avg7\avgemcps.dll
C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE
c:\windows\system32\ctsvccda.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
C:\WINDOWS\SYSTEM32\NVSVC32.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\imm32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\ole32.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\oleaut32.dll
C:\PROGRAM FILES\SPYWARE DOCTOR\SVCNTAUX.EXE
c:\program files\spyware doctor\svcntaux.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\program files\spyware doctor\sysaccess.dll
c:\program files\spyware doctor\rtl100.bpl
c:\windows\system32\mpr.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\msvcp60.dll
c:\program files\spyware doctor\ikdll.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\inetmib1.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\snmpapi.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\atl.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\samlib.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\ntmarta.dll
c:\program files\spyware doctor\klg.dat
C:\PROGRAM FILES\SPYWARE DOCTOR\SWDSVC.EXE
c:\program files\spyware doctor\swdsvc.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\version.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\comdlg32.dll
c:\program files\spyware doctor\commom.dll
c:\program files\spyware doctor\rtl100.bpl
c:\windows\system32\mpr.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\msvcp60.dll
c:\program files\spyware doctor\sysaccess.dll
c:\program files\spyware doctor\ikdll.dll
c:\program files\spyware doctor\vcl100.bpl
c:\windows\system32\msimg32.dll
c:\windows\system32\winspool.drv
c:\windows\system32\oledlg.dll
c:\program files\spyware doctor\commlib.dll
c:\program files\spyware doctor\commhlpr.dll
c:\program files\spyware doctor\reghelper.dll
c:\program files\spyware doctor\inethlpr.dll
c:\program files\spyware doctor\filehlpr.dll
c:\program files\spyware doctor\sdcore.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\inetmib1.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\snmpapi.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\atl.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\samlib.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\secur32.dll
c:\windows\system32\msv1_0.dll
c:\program files\spyware doctor\filestorage.sdp
c:\program files\spyware doctor\settings.sdp
c:\program files\spyware doctor\idblib.sdp
c:\program files\spyware doctor\sdinfo.sdp
c:\windows\system32\wship6.dll
c:\program files\spyware doctor\sdextra.sdp
c:\program files\spyware doctor\pctwsc.dll
c:\program files\spyware doctor\immunizer.sdp
c:\program files\spyware doctor\localizer.sdp
c:\program files\spyware doctor\nfyman.sdp
c:\program files\spyware doctor\quarantine.sdp
c:\program files\spyware doctor\bh.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\program files\spyware doctor\rebootmanager.sdp
c:\program files\spyware doctor\scaneng.sdp
c:\program files\spyware doctor\stasks.sdp
c:\program files\spyware doctor\systemmonitor.sdp
c:\windows\system32\psapi.dll
c:\program files\spyware doctor\whitelist.sdp
c:\program files\spyware doctor\plugins\browsers.sdp
c:\program files\spyware doctor\plugins\cookie.sdp
c:\program files\spyware doctor\plugins\grfiles.sdp
c:\program files\spyware doctor\plugins\grregistry.sdp
c:\program files\spyware doctor\pctoolscomponents.bpl
c:\windows\system32\olepro32.dll
c:\program files\spyware doctor\sh.dll
c:\program files\spyware doctor\plugins\klguard.sdp
c:\program files\spyware doctor\plugins\network.sdp
c:\program files\spyware doctor\plugins\process.sdp
c:\program files\spyware doctor\plugins\scriptengine.sdp
c:\program files\spyware doctor\plugins\sdnet.sdp
c:\program files\spyware doctor\plugins\startup.sdp
c:\windows\system32\ntmarta.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbem\wbemcomn.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\system32\userenv.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\mstask.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\apphelp.dll
c:\progra~1\window~4\mpshhook.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
c:\windows\system32\sxs.dll
c:\windows\system32\urlmon.dll
C:\WINDOWS\SYSTEM32\SNMP.EXE
c:\windows\system32\snmp.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\snmpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\lmmib2.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\winspool.drv
c:\windows\system32\inetmib1.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\atl.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\samlib.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\hostmib.dll
c:\windows\system32\snmpmib.dll
c:\windows\system32\evntagnt.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\igmpagnt.dll
c:\windows\system32\mcastmib.dll
c:\windows\system32\perfos.dll
c:\windows\system32\rtipxmib.dll
c:\program files\spyware doctor\klg.dat
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\wiaservc.dll
c:\windows\system32\cfgmgr32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\mscms.dll
c:\windows\system32\winspool.drv
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\cnqu85.dll
c:\windows\system32\cnql1210.dll
c:\windows\system32\actxprxy.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\sti.dll
C:\WINDOWS\SYSTEM32\WDFMGR.EXE
c:\windows\system32\wdfmgr.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
C:\PROGRAM FILES\UPHCLEAN\UPHCLEAN.EXE
c:\program files\uphclean\uphclean.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\version.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\oleaut32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\imm32.dll
C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SPYSWEEPER.EXE
c:\program files\webroot\spy sweeper\spysweeper.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\version.dll
c:\windows\system32\mpr.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\shell32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\winmm.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\program files\webroot\spy sweeper\pcre.dll
c:\windows\system32\psapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\vdmdbg.dll
c:\windows\system32\sxs.dll
c:\windows\system32\olepro32.dll
c:\program files\webroot\spy sweeper\ztvcabinet.dll
c:\program files\webroot\spy sweeper\ztvunrar3.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\msi.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbem\wbemcomn.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\userenv.dll
c:\program files\webroot\spy sweeper\mailshld.dll
c:\windows\system32\drprov.dll
c:\windows\system32\ntlanman.dll
c:\windows\system32\netui0.dll
c:\windows\system32\netui1.dll
c:\windows\system32\netrap.dll
c:\windows\system32\samlib.dll
c:\windows\system32\davclnt.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\wintrust.dll
C:\WINDOWS\SYSTEM32\MSPMSPSV.EXE
c:\windows\system32\mspmspsv.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\imm32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\samlib.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\oleaut32.dll
C:\WINDOWS\SYSTEM32\ALG.EXE
c:\windows\system32\alg.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\atl.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
C:\WINDOWS\BCMSMMSG.EXE
c:\windows\bcmsmmsg.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\winmm.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\msctf.dll
C:\PROGRAM FILES\SPYWARE DOCTOR\SDTRAYAPP.EXE
c:\program files\spyware doctor\sdtrayapp.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\program files\spyware doctor\rtl100.bpl
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\version.dll
c:\windows\system32\mpr.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\program files\spyware doctor\vcl100.bpl
c:\windows\system32\msimg32.dll
c:\windows\system32\winspool.drv
c:\windows\system32\oledlg.dll
c:\program files\spyware doctor\commom.dll
c:\program files\spyware doctor\sysaccess.dll
c:\program files\spyware doctor\ikdll.dll
c:\program files\spyware doctor\commlib.dll
c:\program files\spyware doctor\pctoolscomponents.bpl
c:\windows\system32\olepro32.dll
c:\program files\spyware doctor\cdialogs.dll
c:\program files\spyware doctor\pwindow.dll
c:\windows\system32\winmm.dll
c:\windows\system32\imm32.dll
c:\windows\system32\inetmib1.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\snmpapi.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\atl.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\samlib.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\ntmarta.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\secur32.dll
C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SPYSWEEPERUI.EXE
c:\program files\webroot\spy sweeper\spysweeperui.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\version.dll
c:\windows\system32\mpr.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\shell32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\imm32.dll
c:\windows\system32\winspool.drv
c:\windows\system32\winmm.dll
c:\program files\webroot\spy sweeper\wrid.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\msctfime.ime
c:\windows\system32\psapi.dll
c:\windows\system32\msctf.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\hhctrl.ocx
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\olepro32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\cscui.dll
c:\windows\system32\cscdll.dll
c:\program files\webroot\spy sweeper\language.dll
c:\windows\system32\sxs.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\msi.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\wbem\wbemcomn.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\sensapi.dll
c:\windows\system32\mstask.dll
c:\windows\system32\userenv.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\msxml4.dll
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\TEATIMER.EXE
c:\program files\spybot - search & destroy\teatimer.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\version.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\shell32.dll
c:\windows\system32\imm32.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\msctfime.ime
c:\windows\system32\hhctrl.ocx
c:\windows\system32\setupapi.dll
c:\windows\system32\msctf.dll
c:\windows\system32\userenv.dll
c:\windows\system32\psapi.dll
c:\program files\spybot - search & destroy\advcheck.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\progra~1\window~4\mpshhook.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
c:\windows\system32\rsaenh.dll
c:\program files\spywareguard\spywareguard.dll
c:\windows\system32\msvbvm60.dll
c:\windows\system32\sxs.dll
c:\program files\superantispyware\sasseh.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
C:\WINDOWS\SYSTEM32\CTFMON.EXE
c:\windows\system32\ctfmon.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msutb.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\msctfime.ime
C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AD-WATCH2007.EXE
c:\program files\lavasoft\ad-aware 2007\ad-watch2007.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\inetmib1.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\snmpapi.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\atl.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\samlib.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\version.dll
c:\windows\system32\winmm.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\uxtheme.dll
c:\windows\system32\olepro32.dll
c:\program files\lavasoft\ad-aware 2007\awprocesswatch.dll
c:\program files\lavasoft\ad-aware 2007\awcorecomm.dll
c:\program files\lavasoft\ad-aware 2007\ceapi.dll
c:\program files\lavasoft\ad-aware 2007\pkarchive84cb.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\rsaenh.dll
c:\program files\lavasoft\ad-aware 2007\cookieblocker.dll
c:\program files\lavasoft\ad-aware 2007\awregwatchdll.dll
c:\program files\lavasoft\ad-aware 2007\awccommunicatordll.dll
C:\PROGRAM FILES\SPYWAREGUARD\SGMAIN.EXE
c:\program files\spywareguard\sgmain.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvbvm60.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\msctf.dll
c:\windows\system32\sxs.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\version.dll
c:\windows\system32\msi.dll
c:\windows\system32\mscomctl.ocx
c:\windows\system32\comdlg32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\shell32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\asycfilt.dll
c:\windows\system32\richtx32.ocx
c:\windows\system32\oledlg.dll
c:\windows\system32\riched32.dll
c:\windows\system32\riched20.dll
c:\windows\system32\scrrun.dll
c:\windows\system32\mfc42.dll
C:\PROGRAM FILES\SPYWAREGUARD\SGBHP.EXE
c:\program files\spywareguard\sgbhp.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvbvm60.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\imm32.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\msctf.dll
c:\windows\system32\sxs.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\secur32.dll
C:\PROGRAM FILES\GRISOFT\AVG7\AVGCC.EXE
c:\program files\grisoft\avg7\avgcc.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\program files\grisoft\avg7\avgtmgr.dll
c:\program files\grisoft\avg7\avgctrl.dll
c:\windows\system32\mfc71.dll
c:\windows\system32\msvcr71.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvfw32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\msvcp71.dll
c:\windows\system32\version.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\shfolder.dll
c:\program files\grisoft\avg7\avgabout.dll
c:\program files\grisoft\avg7\avgtest.dll
c:\program files\grisoft\avg7\avgtres.dll
c:\program files\grisoft\avg7\avgset.dll
c:\windows\system32\imm32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\program files\grisoft\avg7\avglog.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\msctf.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\program files\grisoft\avg7\avgcfg.dll
c:\program files\grisoft\avg7\avgklib.dll
c:\program files\grisoft\avg7\avglng.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\msctfime.ime
c:\program files\grisoft\avg7\avgf.dll
c:\program files\grisoft\avg7\avgres.dll
c:\program files\grisoft\avg7\avgcckrn.dll
c:\program files\grisoft\avg7\avgvault.dll
c:\program files\grisoft\avg7\avgrep.dll
c:\program files\grisoft\avg7\avgunarc.dll
c:\progra~1\grisoft\avg7\avgemsui.dll
c:\windows\system32\psapi.dll
c:\progra~1\grisoft\avg7\avgemcps.dll
c:\program files\grisoft\avg7\avgamsps.dll
C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE
c:\program files\mozilla firefox\firefox.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\program files\mozilla firefox\js3250.dll
c:\program files\mozilla firefox\nspr4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\winmm.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\program files\mozilla firefox\xpcom_core.dll
c:\program files\mozilla firefox\plc4.dll
c:\program files\mozilla firefox\plds4.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\version.dll
c:\program files\mozilla firefox\smime3.dll
c:\program files\mozilla firefox\nss3.dll
c:\program files\mozilla firefox\softokn3.dll
c:\program files\mozilla firefox\ssl3.dll
c:\program files\mozilla firefox\xpcom_compat.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\winspool.drv
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\setupapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\program files\mozilla firefox\components\jar50.dll
c:\program files\mozilla firefox\components\jsd3250.dll
c:\program files\mozilla firefox\components\myspell.dll
c:\program files\mozilla firefox\components\spellchk.dll
c:\program files\mozilla firefox\components\xpinstal.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\iphlpapi.dll
c:\program files\mozilla firefox\extensions\talkback@mozilla.org\components\brandres.dll
c:\program files\mozilla firefox\extensions\talkback@mozilla.org\components\fullsoft.dll
c:\program files\mozilla firefox\extensions\talkback@mozilla.org\components\qfaservices.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\msimtf.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\uxtheme.dll
c:\program files\mozilla firefox\freebl3.dll
c:\program files\mozilla firefox\nssckbi.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\userenv.dll
c:\windows\system32\secur32.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\msacm32.drv
c:\windows\system32\msacm32.dll
c:\windows\system32\midimap.dll
c:\program files\mozilla firefox\plugins\npswf32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\mlang.dll
c:\windows\system32\schannel.dll
C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\SPYBOTSD.EXE
c:\program files\spybot - search & destroy\spybotsd.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\mpr.dll
c:\windows\system32\version.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\winspool.drv
c:\windows\system32\shell32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\olepro32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\userenv.dll
c:\program files\spybot - search & destroy\tools.dll
c:\windows\system32\msimg32.dll
c:\windows\system32\srclient.dll
c:\windows\system32\wbem\framedyn.dll
c:\windows\system32\secur32.dll
c:\program files\spybot - search & destroy\aports.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\mapi32.dll
c:\windows\system32\hhctrl.ocx
c:\windows\system32\psapi.dll
c:\windows\system32\riched32.dll
c:\windows\system32\riched20.dll
c:\windows\system32\mscms.dll
c:\windows\system32\icm32.dll
c:\program files\spybot - search & destroy\plugins\tcpipaddress.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\browseui.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\rasadhlp.dll
c:\program files\spybot - search & destroy\zipdll.dll
c:\program files\spybot - search & destroy\unzdll.dll
c:\program files\spybot - search & destroy\advcheck.dll
c:\windows\system32\linkinfo.dll
c:\windows\system32\ntshrui.dll
c:\windows\system32\atl.dll
C:\PROGRAM FILES\WEBROOT\SPY SWEEPER\SSU.EXE
c:\program files\webroot\spy sweeper\ssu.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\dbghelp.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\version.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\psapi.dll
c:\windows\system32\imm32.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\oleaut32.dll
c:\windows\system32\ole32.dll
C:\PROGRAM FILES\WINDOWS DEFENDER\MSASCUI.EXE
c:\program files\windows defender\msascui.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
c:\windows\system32\msvcrt.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\program files\windows defender\mpclient.dll
c:\windows\system32\userenv.dll
c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\msvcp60.dll
c:\program files\windows defender\msmpres.dll
c:\program files\windows defender\mprtmon.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\version.dll
c:\windows\system32\imm32.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\msctf.dll
c:\windows\system32\msftedit.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\uxtheme.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\secur32.dll
C:\WINDOWS\SYSTEM32\NOTEPAD.EXE
c:\windows\system32\notepad.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\winspool.drv
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\LSUPDATEMANAGER.EXE
c:\program files\lavasoft\ad-aware 2007\lsupdatemanager.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\inetmib1.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\snmpapi.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\atl.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\samlib.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\version.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\winmm.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\olepro32.dll
c:\windows\system32\uxtheme.dll
c:\program files\lavasoft\ad-aware 2007\upmanager.dll
c:\program files\lavasoft\ad-aware 2007\update.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\apphelp.dll
C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
c:\program files\superantispyware\superantispyware.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\version.dll
c:\windows\system32\imagehlp.dll
c:\program files\superantispyware\deupx.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\msctf.dll
c:\windows\system32\hhctrl.ocx
c:\windows\system32\setupapi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\psapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\mshtml.dll
c:\windows\system32\msls31.dll
c:\windows\system32\mlang.dll
c:\windows\system32\msimtf.dll
c:\windows\system32\netapi32.dll
c:\progra~1\window~4\mpshhook.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
c:\windows\system32\rsaenh.dll
c:\program files\spywareguard\spywareguard.dll
c:\windows\system32\msvbvm60.dll
c:\windows\system32\sxs.dll
c:\program files\superantispyware\sasseh.dll
C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AD-AWARE2007.EXE
c:\program files\lavasoft\ad-aware 2007\ad-aware2007.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\inetmib1.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\snmpapi.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\atl.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\samlib.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\version.dll
c:\windows\system32\mpr.dll
c:\windows\system32\winmm.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\uxtheme.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\userenv.dll
c:\windows\system32\olepro32.dll
c:\windows\system32\secur32.dll
c:\progra~1\window~4\mpshhook.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
c:\windows\system32\rsaenh.dll
c:\program files\spywareguard\spywareguard.dll
c:\windows\system32\msvbvm60.dll
c:\windows\system32\sxs.dll
c:\program files\superantispyware\sasseh.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\iertutil.dll
C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\LSUPDATEMANAGER.EXE
c:\program files\lavasoft\ad-aware 2007\lsupdatemanager.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\program files\spyware doctor\klg.dat
c:\windows\system32\oleaut32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ole32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\shell32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\inetmib1.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\snmpapi.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\atl.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\samlib.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\version.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\winmm.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\system32\msctf.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\olepro32.dll
c:\windows\system32\uxtheme.dll
c:\program files\lavasoft\ad-aware 2007\upmanager.dll
c:\program files\lavasoft\ad-aware 2007\update.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
http://mylifetimesin...s.blogspot.com/

#8 LS Pekka

LS Pekka

    Advanced Member

  • Members
  • PipPipPip
  • 452 posts

Posted 26 July 2007 - 07:08 PM

Hi l36suds!


Thanks for posting!


This issue will be resolved as of the next definition file release.
Until then, to avoid having Ad-Aware detecting it again, you could put it on ignore.


Regards,


Pekka


Lavasoft Research

#9 l36suds

l36suds

    Member

  • Members
  • PipPip
  • 24 posts

Posted 26 July 2007 - 07:15 PM

Hi l36suds!
Thanks for posting!
This issue will be resolved as of the next definition file release.
Until then, to avoid having Ad-Aware detecting it again, you could put it on ignore.
Regards,
Pekka
Lavasoft Research



Hi Pekka:)

Thank you . but why is it IN the registry???? .. Is it something that needs to be there? .. I KNOW that Nothing else finds it .. but .. I worry easily:) ..

Other amazing thing (I think) is that Lavasoft cannot find me in their data base and this keeps happening CONSTANTLY ;) ..

Thank you again,


Nancy
http://mylifetimesin...s.blogspot.com/

#10 LS Pekka

LS Pekka

    Advanced Member

  • Members
  • PipPipPip
  • 452 posts

Posted 26 July 2007 - 08:42 PM

Hi again l36suds!


The item "HKEY_CURRENT_USER\software\microsoft\internet explorer\menuext" shows up in detection due to a condition triggered by the detection of an ActiveX kill bit, "HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\activex compatibility\{9a578c98-3c2f-4630-890b-fc04196ef420}".
This Class identifier (CLSID) is flagged as an Adware.CDN Object by Ad-Aware. Some other anti-spyware applications may in their "immunization"
efforts add ActiveX kill bits to the registry to prevent malware from running. You may find more info about ActiveX kill bits here, (http://support.microsoft.com/kb/240797).

The fact that Ad-Aware is detecting the mentioned items in combination this way is, as posted before, an issue that will be corrected as of the next definition file release. Until then, to avoid having Ad-Aware detecting it again, you could put it on ignore.

Regarding your other issue about Lavasoft not finding you in their data base. These kind of issues should be posted at the forum for General Support Issues at (http://www.lavasofts...hp?showforum=61).



Regards,


Pekka


Lavasoft Research

#11 l36suds

l36suds

    Member

  • Members
  • PipPip
  • 24 posts

Posted 26 July 2007 - 10:32 PM

Hi again l36suds!
The item "HKEY_CURRENT_USER\software\microsoft\internet explorer\menuext" shows up in detection due to a condition triggered by the detection of an ActiveX kill bit, "HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\activex compatibility\{9a578c98-3c2f-4630-890b-fc04196ef420}".
This Class identifier (CLSID) is flagged as an Adware.CDN Object by Ad-Aware. Some other anti-spyware applications may in their "immunization"
efforts add ActiveX kill bits to the registry to prevent malware from running. You may find more info about ActiveX kill bits here, (http://support.microsoft.com/kb/240797).

The fact that Ad-Aware is detecting the mentioned items in combination this way is, as posted before, an issue that will be corrected as of the next definition file release. Until then, to avoid having Ad-Aware detecting it again, you could put it on ignore.

Regarding your other issue about Lavasoft not finding you in their data base. These kind of issues should be posted at the forum for General Support Issues at (http://www.lavasofts...hp?showforum=61).
Regards,
Pekka
Lavasoft Research


Hi, Again, Pekka ..

THANK you sooo very much . I do appreciate your help so very much! ..

Actually, I preferred the way the OLDER version of Ad-Aware SE worked .. OR is it that I am an OLD(er) person and 'an old dog cannot or does not learn new trix:) ..

Take good care,



Nancy E. Barr
http://mylifetimesin...s.blogspot.com/

#12 mutte318

mutte318

    Newbie

  • Members
  • Pip
  • 6 posts

Posted 27 July 2007 - 09:38 AM

Hi redwolfe_98!

Thank you for bringing this to our attention!
This issue will be resolved as of the next definition file release.
Regards,
Lavasoft Research


WHEN is the next definition release? :)

Attached Files


Edited by mutte318, 27 July 2007 - 09:39 AM.




MUTTE318

#13 LS Pekka

LS Pekka

    Advanced Member

  • Members
  • PipPipPip
  • 452 posts

Posted 27 July 2007 - 10:57 AM

Early next week.

Regards,

Pekka


Lavasoft Research

#14 l36suds

l36suds

    Member

  • Members
  • PipPip
  • 24 posts

Posted 27 July 2007 - 03:28 PM

Well, seems LAVASOFT lost many from the data base and I am one of them . they have told me to DOWNLOAD again:( and reinstalll with new (again) serial number .. cannot get the other unloaded . have to go into (to try) safe mode .. this is really getting, IMHO, ridiculous . looks to me as if 'the bigger, better, new, PAID for version' was NOT ready for prime time:(


L36Suds
http://mylifetimesin...s.blogspot.com/

#15 mutte318

mutte318

    Newbie

  • Members
  • Pip
  • 6 posts

Posted 27 July 2007 - 07:45 PM

Early next week.

Regards,

Pekka
Lavasoft Research


Thanks Pekka quick answer :)

PS : by the way how do I remove the stuff at the bottom here ; font etc ?

Edited by mutte318, 27 July 2007 - 07:50 PM.




MUTTE318

#16 spike-nz

spike-nz

    Advanced Member

  • Volunteer Security Advisor
  • PipPipPip
  • 3092 posts

Posted 28 July 2007 - 04:25 AM

Hi mutte318,

Go to your Control Panel and edit your signature - it should look like this:

*font="Century Gothic"* *size="2"* *color="#0000FF"* MUTTE318 */color* */size* */font* */quote*

NB: Replace each * with either [ or with ] - each section should looklike this [------- etc---"Century Gothic"] with no gaps between each section.

That way, only "MUTTE318" will appear

Regards,

Spike

#17 mutte318

mutte318

    Newbie

  • Members
  • Pip
  • 6 posts

Posted 28 July 2007 - 11:50 AM

Hi mutte318,

Go to your Control Panel and edit your signature - it should look like this:

*font="Century Gothic"* *size="2"* *color="#0000FF"* MUTTE318 */color* */size* */font* */quote*

NB: Replace each * with either [ or with ] - each section should looklike this [------- etc---"Century Gothic"] with no gaps between each section.

That way, only "MUTTE318" will appear

Regards,

Spike


Hey it works ;-)

Thanks Spike-nz I tried doing something ; test it here with this post :(

Attached Files


Edited by mutte318, 28 July 2007 - 11:51 AM.




MUTTE318

#18 jerome1951

jerome1951

    Member

  • Members
  • PipPip
  • 10 posts

Posted 30 July 2007 - 11:10 AM

Hello, about Adware.CDN new update today: SE1R183 and the problem of this detection remains. I expected that it will be fix according to upper posts of LS Pekka. Here is the report:

Ad-Aware SE Build 1.06r1
Fichier journal créé le :lundi 30 juillet 2007 12:33:38
Created with Ad-Aware SE Personal, free for private use.
Utilisation du fichier de définitions :SE1R183 30.07.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Références détectées lors de l’analyse :
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adware.CDN(Index TAC :8):3 Nombre total de références
MRU List(Index TAC :0):12 Nombre total de références
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Chargement du fichier de définitions :
Reference Number : SE1R183 30.07.2007
Internal build : 224
File location : C:\Program Files\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 1378337 Bytes
Total size : 4661489 Bytes
Signature data size : 4618846 Bytes
Reference data size : 42131 Bytes
Signatures total : 118118
CSI Fingerprints total : 8794
CSI data size : 559090 Bytes
Target categories : 15
Target families : 1161


Memory + processor status:
==========================
Number of processors : 2
Processor architecture : Intel Pentium IV
Memory available:42 %
Total physical memory:1047532 kb
Available physical memory:430292 kb
Total page file size:1733064 kb
Available on page file:997320 kb
Total virtual memory:2097024 kb
Available virtual memory:2012924 kb
OS:Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)

Ad-Aware SE Settings
===========================
Définir : Rechercher les entrées à risque négligeable
Définir : Search for low-risk threats
Définir : Mode sécurisé (tjrs demander confirm.)
Définir : Analyser les processus actifs
Définir : Scan registry
Définir : Analyser en profondeur le registre
Définir : Analyser mes favoris IE pour rech. URL interdites
Définir : Analyser dans les archives
Définir : Analyser mon fichier Hosts

Extended Ad-Aware SE Settings
===========================
Définir : Décharger les modules et les processus reconnus pendant l’analyse
Définir : ######. reg. pr tous utili. et non pr utili. actuel uniqmnt
Définir : Toujours essayer de décharger les modules avant la suppression
Définir : Lors de la suppression, décharger l’Explorateur et IE si nécessaire
Définir : Perm. Win. supp. fich. en cours au proch. démar.
Définir : Supprimer les objets en quarantaine après la restauration
Définir : Inclure les paramètres de base d'Ad-Aware dans le fichier journal
Définir : Inclure les paramètres de base d'Ad-Aware dans le fichier journal
Définir : Inclure un récapitulatif des références dans le fichier journal
Définir : Inclure les détails des données ADS dans le fichier journal
Définir : Émettre un son à la fin de l’analyse en cas de détection d'objets critiques


30-07-2007 12:33:38 - L’analyse a démarré. (Analyse complète du système)

MRU List Objet reconnu !
Emplacement : : C:\Documents and Settings\lichnerowicz\recent
Description : list of recently opened documents


MRU List Objet reconnu !
Emplacement : : S-1-5-21-2319258260-4029292289-3711633791-1006\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Objet reconnu !
Emplacement : : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d


MRU List Objet reconnu !
Emplacement : : S-1-5-21-2319258260-4029292289-3711633791-1006\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Objet reconnu !
Emplacement : : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X


MRU List Objet reconnu !
Emplacement : : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw


MRU List Objet reconnu !
Emplacement : : S-1-5-21-2319258260-4029292289-3711633791-1006\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer


MRU List Objet reconnu !
Emplacement : : S-1-5-21-2319258260-4029292289-3711633791-1006\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant


MRU List Objet reconnu !
Emplacement : : S-1-5-21-2319258260-4029292289-3711633791-1006\software\microsoft\windows\currentversion\applets\regedit
Description : last key accessed using the microsoft registry editor


MRU List Objet reconnu !
Emplacement : : S-1-5-21-2319258260-4029292289-3711633791-1006\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened


MRU List Objet reconnu !
Emplacement : : S-1-5-21-2319258260-4029292289-3711633791-1006\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension


MRU List Objet reconnu !
Emplacement : : S-1-5-21-2319258260-4029292289-3711633791-1006\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened


Affichage des processus en cours d'exécution
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 644
ThreadCreationTime : 30-07-2007 08:04:57
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 692
ThreadCreationTime : 30-07-2007 08:05:01
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 716
ThreadCreationTime : 30-07-2007 08:05:01
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 760
ThreadCreationTime : 30-07-2007 08:05:01
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Applications Services et Contrôleur
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 772
ThreadCreationTime : 30-07-2007 08:05:01
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 956
ThreadCreationTime : 30-07-2007 08:05:02
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1000
ThreadCreationTime : 30-07-2007 08:05:02
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1120
ThreadCreationTime : 30-07-2007 08:05:02
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1244
ThreadCreationTime : 30-07-2007 08:05:02
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1276
ThreadCreationTime : 30-07-2007 08:05:03
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1460
ThreadCreationTime : 30-07-2007 08:05:03
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1716
ThreadCreationTime : 30-07-2007 08:05:04
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorateur Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : EXPLORER.EXE

#:13 [pcmservice.exe]
FilePath : C:\Program Files\Dell\Media Experience\
ProcessID : 1820
ThreadCreationTime : 30-07-2007 08:05:06
BasePriority : Normal
FileVersion : 1.0.1611
ProductVersion : 1.0.1611
ProductName : PCM2Launcher Application
CompanyName : CyberLink Corp.
FileDescription : PowerCinema Resident Program for Dell
InternalName : PowerCinema Resident Program for Dell
LegalCopyright : Copyright c 2003 CyberLink Corp.
OriginalFilename : PCM2Launcher.EXE

#:14 [lvcomsx.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1836
ThreadCreationTime : 30-07-2007 08:05:06
BasePriority : Normal
FileVersion : 8.3.0.1096
ProductVersion : 8.3.0.1096
ProductName : Logitech QuickCam
CompanyName : Logitech Inc.
FileDescription : LVCom Server
InternalName : LVComS.exe
LegalCopyright : © 1996-2004 Logitech. All rights reserved.
OriginalFilename : LVComS.exe

#:15 [dvdlauncher.exe]
FilePath : C:\Program Files\CyberLink\PowerDVD\
ProcessID : 1844
ThreadCreationTime : 30-07-2007 08:05:06
BasePriority : Normal
FileVersion : 3.00.0000
ProductVersion : 3.00.0000
ProductName : Cyberlink PowerCinema 3.0
CompanyName : CyberLink Corp.
FileDescription : CyberLink PowerCinema Resident Program
InternalName : CyberLink PowerCinema Resident Program
LegalCopyright : Copyright © 2003 CyberLink Corp.
OriginalFilename : DVDLauncher.EXE

#:16 [tfswctrl.exe]
FilePath : C:\WINDOWS\system32\dla\
ProcessID : 1852
ThreadCreationTime : 30-07-2007 08:05:06
BasePriority : Normal
FileVersion : 1.04.08a
CompanyName : Sonic Solutions
FileDescription : Drive Letter Access Component
LegalCopyright : Copyright © 2004 Sonic Solutions

#:17 [dlbtbmgr.exe]
FilePath : C:\Program Files\Dell Photo AIO Printer 922\
ProcessID : 1860
ThreadCreationTime : 30-07-2007 08:05:06
BasePriority : Normal
FileVersion : 1.0.5.0
ProductVersion : 1.0.5.0
ProductName : Button Manager Executable
FileDescription : Dell Dell 922 Button Manager
InternalName : dlbtbmgr.exe
OriginalFilename : dlbtbmgr.exe

#:18 [mskagent.exe]
FilePath : C:\Program Files\McAfee\MSK\
ProcessID : 1876
ThreadCreationTime : 30-07-2007 08:05:06
BasePriority : Normal
FileVersion : 8.2.125.0
ProductVersion : 8.2
ProductName : McAfee SpamKiller
CompanyName : McAfee Inc.
FileDescription : McAfee SpamKiller MskAgent Application
InternalName : MskAgent
LegalCopyright : Copyright © 2006, McAfee Inc.
OriginalFilename : MskAgent.exe

#:19 [sdtrayapp.exe]
FilePath : C:\Program Files\Spyware Doctor\
ProcessID : 1896
ThreadCreationTime : 30-07-2007 08:05:06
BasePriority : Normal
FileVersion : 5.0.1.42
ProductVersion : 5.0
CompanyName : PC Tools
FileDescription : Spyware Doctor Tray
LegalCopyright : Copyright © 2007 PC Tools. All rights reserved.

#:20 [dlbtbmon.exe]
FilePath : C:\Program Files\Dell Photo AIO Printer 922\
ProcessID : 1916
ThreadCreationTime : 30-07-2007 08:05:06
BasePriority : Normal
FileVersion : 1.0.5.0
ProductVersion : 1.0.5.0
ProductName : Button Monitor Executable
FileDescription : Dell Dell 922 Button Monitor
InternalName : dlbtbmon.exe
OriginalFilename : dlbtbmon.exe

#:21 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1936
ThreadCreationTime : 30-07-2007 08:05:06
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:22 [skype.exe]
FilePath : C:\Program Files\Skype\Phone\
ProcessID : 1964
ThreadCreationTime : 30-07-2007 08:05:07
BasePriority : Normal
FileVersion : 3.2.0.175
ProductVersion : 3.2
ProductName : Skype
CompanyName : Skype Technologies S.A.
FileDescription : Skype. Take a deep breath
InternalName : Skype.exe
LegalCopyright : © Skype Technologies S.A.
OriginalFilename : Skype.exe

#:23 [wcescomm.exe]
FilePath : C:\Program Files\Microsoft ActiveSync\
ProcessID : 1996
ThreadCreationTime : 30-07-2007 08:05:07
BasePriority : Normal
FileVersion : 4.2.4875.0
ProductVersion : 4.2.4875
ProductName : Microsoft ActiveSync
CompanyName : Microsoft Corporation
FileDescription : ActiveSync Connection Manager
InternalName : wcescomm
LegalCopyright : Copyright © 1995-2006 Microsoft Corp. Tous droits réservés.
LegalTrademarks : Microsoft® et Windows® sont des marques déposées de Microsoft Corporation.
OriginalFilename : WCESCOMM.EXE

#:24 [rapimgr.exe]
FilePath : C:\PROGRA~1\MICROS~4\
ProcessID : 2044
ThreadCreationTime : 30-07-2007 08:05:07
BasePriority : Normal
FileVersion : 4.2.4875.0
ProductVersion : 4.2.4875
ProductName : Microsoft ActiveSync
CompanyName : Microsoft Corporation
FileDescription : ActiveSync RAPI Manager
InternalName : rapimgr
LegalCopyright : Copyright © 1995-2006 Microsoft Corp. Tous droits réservés.
LegalTrademarks : Microsoft® et Windows® sont des marques déposées de Microsoft Corporation.
OriginalFilename : rapimgr.exe

#:25 [hwapi.exe]
FilePath : C:\Program Files\Fichiers communs\McAfee\HackerWatch\
ProcessID : 1684
ThreadCreationTime : 30-07-2007 08:05:10
BasePriority : Normal
FileVersion : 8.3.105.0
ProductVersion : 8.3.105.0
ProductName : McAfee HackerWatch Service
CompanyName : McAfee, Inc.
FileDescription : McAfee HackerWatch Service
LegalCopyright : © McAfee, Inc. All rights reserved.
OriginalFilename : HWAPI.exe

#:26 [mcmscsvc.exe]
FilePath : C:\PROGRA~1\McAfee\MSC\
ProcessID : 576
ThreadCreationTime : 30-07-2007 08:05:13
BasePriority : Normal
FileVersion : 7,2,142,0
ProductVersion : 7,2,0,0
ProductName : McAfee SecurityCenter
CompanyName : McAfee, Inc.
FileDescription : MISP User Manager
InternalName : McMSCSvc
LegalCopyright : Copyright © 2006 McAfee, Inc.
OriginalFilename : McMSCSvc.exe

#:27 [mcnasvc.exe]
FilePath : c:\program files\fichiers communs\mcafee\mna\
ProcessID : 400
ThreadCreationTime : 30-07-2007 08:05:13
BasePriority : Normal
FileVersion : 1,2,106,0
ProductVersion : 1,2,0,0
ProductName : McAfee Integrated Security Platform
CompanyName : McAfee, Inc.
FileDescription : McAfee Network Agent
InternalName : McNASvc
LegalCopyright : Copyright © 2006 McAfee, Inc.
OriginalFilename : McNASvc.exe

#:28 [mcods.exe]
FilePath : C:\PROGRA~1\McAfee\VIRUSS~1\
ProcessID : 676
ThreadCreationTime : 30-07-2007 08:05:13
BasePriority : Normal
FileVersion : 11,2,121,0
ProductVersion : 11,2,0,0
ProductName : McAfee VirusScan
CompanyName : McAfee, Inc.
FileDescription : McAfee VirusScan - On Demand Scan
InternalName : mcods.exe
LegalCopyright : Copyright © 2006 McAfee, Inc.
OriginalFilename : mcods.exe

#:29 [mcpromgr.exe]
FilePath : C:\PROGRA~1\McAfee\MSC\
ProcessID : 776
ThreadCreationTime : 30-07-2007 08:05:14
BasePriority : Normal
FileVersion : 7,2,142,0
ProductVersion : 7,2,0,0
ProductName : McAfee SecurityCenter
CompanyName : McAfee, Inc.
FileDescription : McAfee Integrated Security Platform
InternalName : McProMgr
LegalCopyright : Copyright © 2006 McAfee, Inc.
OriginalFilename : McProMgr.exe

#:30 [mcproxy.exe]
FilePath : c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\
ProcessID : 1108
ThreadCreationTime : 30-07-2007 08:05:14
BasePriority : Normal
FileVersion : 1,2,138,0
ProductVersion : 1,2,0,0
ProductName : McAfee Proxy
CompanyName : McAfee, Inc.
FileDescription : McAfee Proxy Service Module
InternalName : McProxy
LegalCopyright : Copyright © 2006 McAfee, Inc.
OriginalFilename : McProxy.exe
Comments : McAfee Proxy Service

#:31 [redirsvc.exe]
FilePath : c:\PROGRA~1\FICHIE~1\mcafee\redirsvc\
ProcessID : 1184
ThreadCreationTime : 30-07-2007 08:05:14
BasePriority : Normal
FileVersion : 1,3,109,0
ProductVersion : 1,3,0,0
ProductName : McAfee Redirector
CompanyName : McAfee, Inc.
FileDescription : McAfee Redirector Service Module
InternalName : McRedirector
LegalCopyright : Copyright © 2006 McAfee, Inc.
OriginalFilename : RedirSvc.exe
Comments : McAfee Redirector Service

#:32 [mcshield.exe]
FilePath : C:\PROGRA~1\McAfee\VIRUSS~1\
ProcessID : 1232
ThreadCreationTime : 30-07-2007 08:05:14
BasePriority : High


#:33 [mcsysmon.exe]
FilePath : C:\PROGRA~1\McAfee\VIRUSS~1\
ProcessID : 1728
ThreadCreationTime : 30-07-2007 08:05:15
BasePriority : Normal
FileVersion : 11,2,131,0
ProductVersion : 11,2,0,0
ProductName : McAfee VirusScan API
CompanyName : McAfee, Inc.
FileDescription : McAfee SystemGuards Service
InternalName : sysmon
LegalCopyright : Copyright © 2006 McAfee, Inc.
OriginalFilename : sysmon.exe

#:34 [mpfsrv.exe]
FilePath : C:\Program Files\McAfee\MPF\
ProcessID : 1648
ThreadCreationTime : 30-07-2007 08:05:16
BasePriority : Normal
FileVersion : 8.2.118.0
ProductVersion : 8.2.118.0
ProductName : McAfee Personal Firewall
CompanyName : McAfee, Inc.
FileDescription : McAfee Personal Firewall Service
InternalName : MPFService
LegalCopyright : Copyright © 2005 McAfee, Inc. All Rights Reserved.
OriginalFilename : MpfService.exe
Comments : McAfee Personal Firewall Service

#:35 [msksrver.exe]
FilePath : C:\Program Files\McAfee\MSK\
ProcessID : 1956
ThreadCreationTime : 30-07-2007 08:05:16
BasePriority : Normal
FileVersion : 8.2.125.0
ProductVersion : 8.2
ProductName : McAfee SpamKiller
CompanyName : McAfee Inc.
FileDescription : McAfee SpamKiller MskServer
InternalName : MskServe
LegalCopyright : Copyright © 2006, McAfee Inc.
OriginalFilename : MskServe.exe

#:36 [nvsvc32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2124
ThreadCreationTime : 30-07-2007 08:05:16
BasePriority : Normal
FileVersion : 6.14.10.4502
ProductVersion : 6.14.10.4502
ProductName : NVIDIA Driver Helper Service, Version 45.02
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 45.02
InternalName : NVSVC
LegalCopyright : © NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:37 [svcntaux.exe]
FilePath : C:\Program Files\Spyware Doctor\
ProcessID : 2148
ThreadCreationTime : 30-07-2007 08:05:16
BasePriority : Normal
FileVersion : 5.0.1.23
ProductVersion : 5.0
CompanyName : PC Tools
LegalCopyright : Copyright © 2006-2007 PC Tools. All rights reserved.

#:38 [swdsvc.exe]
FilePath : C:\Program Files\Spyware Doctor\
ProcessID : 2320
ThreadCreationTime : 30-07-2007 08:05:17
BasePriority : Normal
FileVersion : 5.0.1.64
ProductVersion : 5.0
CompanyName : PC Tools
FileDescription : Spyware Doctor Service
LegalCopyright : Copyright © 2007 PC Tools. All rights reserved.

#:39 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2568
ThreadCreationTime : 30-07-2007 08:05:18
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:40 [fxssvc.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2708
ThreadCreationTime : 30-07-2007 08:05:19
BasePriority : Normal
FileVersion : 5.2.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.2.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Service de télécopie
InternalName : FXSSVC.EXE
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : FXSSVC.EXE

#:41 [mcagent.exe]
FilePath : c:\PROGRA~1\mcafee.com\agent\
ProcessID : 3640
ThreadCreationTime : 30-07-2007 08:05:24
BasePriority : Normal
FileVersion : 7,2,142,0
ProductVersion : 7,2,0,0
ProductName : McAfee SecurityCenter
CompanyName : McAfee, Inc.
FileDescription : McAfee Integrated Security Platform
InternalName : McAgent
LegalCopyright : Copyright © 2006 McAfee, Inc.
OriginalFilename : McAgent.exe

#:42 [skypepm.exe]
FilePath : C:\Program Files\Skype\Plugin Manager\
ProcessID : 3868
ThreadCreationTime : 30-07-2007 08:05:28
BasePriority : Normal
FileVersion : 1.2.0.261
ProductVersion : 1.0.0.0
CompanyName : Skype Technologies
FileDescription : Skype Extras Manager
LegalCopyright : Skype Limited

#:43 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2416
ThreadCreationTime : 30-07-2007 08:06:07
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:44 [emproxy.exe]
FilePath : C:\PROGRA~1\FICHIE~1\McAfee\EmProxy\
ProcessID : 3612
ThreadCreationTime : 30-07-2007 08:06:20
BasePriority : Normal
FileVersion : 11,2,206,0
ProductVersion : 11,2,0,0
ProductName : McAfee Email Proxy
CompanyName : McAfee, Inc.
FileDescription : McAfee Email Proxy
InternalName : EmProxy
LegalCopyright : Copyright © 2006 McAfee, Inc.
OriginalFilename : EmProxy.exe

#:45 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 2784
ThreadCreationTime : 30-07-2007 10:33:22
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Résultat de l’analyse de la mémoire :
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Nouv. obj. critiques : 0
Objets détectés jusqu'à présent : 12


Analyse du registre démarrée
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Adware.CDN Objet reconnu !
Type : Regkey
Données :
Notation TAC : 8
Catégorie : Malware
Commentaire :
Rootkey : HKEY_LOCAL_MACHINE
Objet : software\microsoft\internet explorer\activex compatibility\{9a578c98-3c2f-4630-890b-fc04196ef420}

Adware.CDN Objet reconnu !
Type : RegValue
Données :
Notation TAC : 8
Catégorie : Malware
Commentaire :
Rootkey : HKEY_LOCAL_MACHINE
Objet : software\microsoft\internet explorer\activex compatibility\{9a578c98-3c2f-4630-890b-fc04196ef420}
Valeur : Pst

Résultat de l’analyse du registre :
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Nouv. obj. critiques : 2
Objets détectés jusqu'à présent : 14


Analyse approfondie du registre démarrée
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Résultat de l’analyse approfondie du registre :
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Nouv. obj. critiques : 0
Objets détectés jusqu'à présent : 14


Analyse des cookies de suivi lancée
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Résultat de l’analyse des cookies de suivi :
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Nouv. obj. critiques : 0
Objets détectés jusqu'à présent : 14



Analyse et examen approfondis des fichiers (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Résultat de l’analyse du disque pour C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Nouv. obj. critiques : 0
Objets détectés jusqu'à présent : 14


Analyse du fichier Hosts…...
Emplacement du fichier Hosts :"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Résultat d’analyse du fichier Hosts :
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entrées analysées.
Nouv. obj. critiques :0
Objets détectés jusqu'à présent : 14




Analyses conditionnelles en cours...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Adware.CDN Objet reconnu !
Type : Regkey
Données :
Notation TAC : 8
Catégorie : Malware
Commentaire :
Rootkey : HKEY_CURRENT_USER
Objet : software\microsoft\internet explorer\menuext

Résultat d’analyse conditionnelle :
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Nouv. obj. critiques : 1
Objets détectés jusqu'à présent : 15

12:47:05 Analyse terminée

Récap. de cette ######.
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Durée tot. analyse :00:13:27.344
Objets analysés :168032
Objets identifiés :3
Objets ignorés :0
Nouv. obj. critiques :3

What must I do? I precise that ALL other scans are clean!
Regards, Jérôme from Paris...

Edited by jerome1951, 30 July 2007 - 11:14 AM.


#19 LS Andy

LS Andy

    Lavasoft Staff/Forum Overlord

  • Root Admin
  • 1535 posts

Posted 30 July 2007 - 12:21 PM

Hi jerome1951,

The issue has been fixed as of now. Thanks for bringing this to our attention!

Regards,

Andy
Lavasoft Research.
unsolicited@tenalia.com

#20 jerome1951

jerome1951

    Member

  • Members
  • PipPip
  • 10 posts

Posted 30 July 2007 - 12:53 PM

Hello Andy and thank you for your quick answer.
But what must I think?
An error in your program to fix it?
Do you confirm IT IS A FALSE POSITIVE?
Must I wait the next update?
I precise I am in Windows XP Home SP2
And all works very well on my computer. (sorry for my bad english: I am french)
I did not put this detection in quarantine: I have just closed the program!
The only important information I would like to be confirmed is:"IT IS A FP"
And fix it when you can!
Thank you and regards for your work!
Jérôme.

Edited by jerome1951, 30 July 2007 - 12:55 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users