|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Virus/Trojan/Spyware Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help. |
 |
|
|
LinkBack | Thread Tools |
06-22-2009, 03:52 AM
|
#1 (permalink) |
|
Registered User
Join Date: Jun 2009
Posts: 7
OS: WinXP Pro
|
gxvxc virus update
Ok.. followed instructions in other thread.. logs that I have..
======================== Malwarebytes' Anti-Malware 1.38 Database version: 2297 Windows 5.1.2600 Service Pack 3 6/22/2009 4:55:16 AM mbam-log-2009-06-22 (04-55-07).txt Scan type: Full Scan (C:\|) Objects scanned: 196694 Time elapsed: 17 minute(s), 50 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 2 Registry Values Infected: 0 Registry Data Items Infected: 6 Folders Infected: 1 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\FullMovies (Trojan.DNSChanger) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\gxvxc (Rootkit.Agent) -> No action taken. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.100,85.255.112.197 -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.100,85.255.112.197 -> No action taken. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.100,85.255.112.197 -> No action taken. Folders Infected: C:\Program Files\FullMovies (Trojan.DNSChanger) -> No action taken. Files Infected: c:\WINDOWS\Prefetch\MICKEYMOUSE.EXE (Trojan.Agent) -> No action taken. c:\WINDOWS\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job (Trojan.FakeAlert) -> No action taken. ==================================== (this is generated when I run the MRT rooter - changed the name so it would start) Also the "mickeymouse" was a previous malware remover that was less than effective (because I am here now) and I changed the program name to this to make it run. Rooter.exe (v1.0.1) by Eric_71 ¨ Microsoft Windows XP Professional (5.1.2600) Service Pack 3 32_bits - x86 Family 6 Model 15 Stepping 6, GenuineIntel ¨ A:\ [Removable] C:\ [Fixed-NTFS] .. ( Total:139 Go - Free:68 Go ) D:\ [CD_Rom] ¨ Scan : 05:30.33 Path : C:\Documents and Settings\Administrator\Desktop\GQHooter.exe User : Administrator ( Administrator -> YES ) ¨ ----------------------\\ Processes ¨ Locked [System Process] (0) ______ System (4) ______ \SystemRoot\System32\smss.exe (596) ______ \??\C:\WINDOWS\system32\csrss.exe (644) ______ \??\C:\WINDOWS\system32\winlogon.exe (668) ______ C:\WINDOWS\system32\services.exe (712) ______ C:\WINDOWS\system32\lsass.exe (724) ______ C:\WINDOWS\system32\svchost.exe (888) ______ C:\WINDOWS\system32\svchost.exe (956) ______ C:\WINDOWS\System32\svchost.exe (1056) ______ C:\WINDOWS\system32\svchost.exe (1100) ______ C:\WINDOWS\system32\svchost.exe (1172) ______ C:\WINDOWS\system32\svchost.exe (1224) Locked vsmon.exe (1384) ______ C:\WINDOWS\Explorer.EXE (1680) Locked ScanningProcess.exe (1888) ______ C:\WINDOWS\system32\spoolsv.exe (1984) Locked ScanningProcess.exe (240) ______ C:\WINDOWS\system32\svchost.exe (584) ______ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (648) ______ C:\Program Files\Java\jre6\bin\jqs.exe (1036) ______ C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (1080) ______ C:\WINDOWS\system32\nvsvc32.exe (1136) ______ C:\Program Files\CyberLink\Shared Files\RichVideo.exe (1536) ______ C:\WINDOWS\system32\svchost.exe (1828) ______ C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (284) ______ C:\WINDOWS\System32\alg.exe (2152) ______ C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (2572) ______ C:\WINDOWS\system32\RUNDLL32.EXE (2592) ______ C:\Program Files\iTunes\iTunesHelper.exe (2668) ______ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (2676) ______ C:\WINDOWS\system32\CTHELPER.EXE (2720) ______ C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (2744) ______ C:\Program Files\Java\jre6\bin\jusched.exe (2760) ______ C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (2768) Locked zlclient.exe (2996) ______ C:\Documents and Settings\Administrator\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe (3060) ______ C:\WINDOWS\system32\ctfmon.exe (3084) ______ C:\Program Files\DNA\btdna.exe (3096) ______ C:\Program Files\SUPERAntiSpyware\d3eb6d13-3911-4dcb-949a-4e7dd292ffaf.exe (3132) ______ C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe (3308) ______ C:\Program Files\iPod\bin\iPodService.exe (3444) ______ C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe (3836) ______ C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (3880) ______ C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe (3932) ______ C:\Program Files\Internet Explorer\iexplore.exe (2692) ______ C:\Documents and Settings\Administrator\Desktop\GQHooter.exe (1208) ¨ ----------------------\\ Device\Harddisk0\ ¨ \Device\Harddisk0 [Sectors : 63 x 512 Bytes] ¨ \Device\Harddisk0\Partition1 --[ MBR ]-- (Start_Offset:32256 | Length:150029074944) ¨ ----------------------\\ Scheduled Tasks ¨ C:\WINDOWS\Tasks\desktop.ini C:\WINDOWS\Tasks\Google Software Updater.job C:\WINDOWS\Tasks\SA.DAT ¨ ----------------------\\ Registry ¨ ¨ ----------------------\\ Files & Folders ¨ ----------------------\\ Scan completed at 05:30.34 ¨ C:\Rooter$\Rooter_1.txt - (22/06/2009 | 05:30.34) ¨ C:\Rooter$\Rooter_2.txt - (22/06/2009 | 05:30.50) =============================== (Then) Malwarebytes' Anti-Malware 1.38 Database version: 2320 Windows 5.1.2600 Service Pack 3 6/22/2009 5:43:49 AM mbam-log-2009-06-22 (05-43-43).txt Scan type: Quick Scan Objects scanned: 88682 Time elapsed: 2 minute(s), 38 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) ============================= Then I run my Zone Alarm Security Suite and find this in Memory; Memory: was found in \\?\globalroot\systemroot\system32\gxvxcoibabdwypxtexrbtjfepqyyqphdwucbn.dll on 6/22/2009 5:46:18 (GADS! - can't a person get rid of this thing?) Malwarebytes does NOT see this, Then I re-ran Rooter and got these loggs.. ==================================== [PID 284] -------> C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\imagehlp.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\WINHTTP.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\uxtheme.dll C:\WINDOWS\system32\xpsp2res.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\SETUPAPI.dll C:\WINDOWS\system32\SXS.DLL [PID 584] -------> C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\ShimEng.dll C:\WINDOWS\AppPatch\AcGenral.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\WINMM.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\MSACM32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\UxTheme.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\NTMARTA.DLL C:\WINDOWS\system32\SAMLIB.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\system32\xpsp2res.dll c:\windows\system32\webclnt.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\system32\Normaliz.dll C:\WINDOWS\system32\iertutil.dll c:\windows\system32\WS2_32.dll c:\windows\system32\WS2HELP.dll [PID 596] -------> \SystemRoot\System32\smss.exe \SystemRoot\System32\smss.exe C:\WINDOWS\system32\ntdll.dll [PID 644] -------> \??\C:\WINDOWS\system32\csrss.exe \??\C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\CSRSRV.dll C:\WINDOWS\system32\basesrv.dll C:\WINDOWS\system32\winsrv.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\KERNEL32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\sxs.dll [PID 648] -------> C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\WSOCK32.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\system32\SETUPAPI.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\system32\hnetcfg.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\system32\WINTRUST.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\IMAGEHLP.dll [PID 668] -------> \??\C:\WINDOWS\system32\winlogon.exe \??\C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\AUTHZ.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\NDdeApi.dll C:\WINDOWS\system32\PROFMAP.dll C:\WINDOWS\system32\NETAPI32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\PSAPI.DLL C:\WINDOWS\system32\REGAPI.dll C:\WINDOWS\system32\SETUPAPI.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\WINSTA.dll C:\WINDOWS\system32\WINTRUST.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\system32\MSGINA.dll C:\WINDOWS\system32\COMCTL32.dll C:\WINDOWS\system32\ODBC32.dll C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\odbcint.dll C:\WINDOWS\system32\SHSVCS.dll C:\WINDOWS\system32\sfc.dll C:\WINDOWS\system32\sfc_os.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\Apphelp.dll C:\WINDOWS\system32\msctfime.ime C:\WINDOWS\system32\WINSCARD.DLL C:\WINDOWS\system32\WTSAPI32.dll C:\WINDOWS\system32\sxs.dll C:\WINDOWS\system32\uxtheme.dll C:\WINDOWS\system32\WINMM.dll C:\Program Files\SUPERAntiSpyware\SASWINLO.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\system32\Normaliz.dll C:\WINDOWS\system32\iertutil.dll C:\WINDOWS\system32\cscdll.dll C:\WINDOWS\System32\dimsntfy.dll C:\WINDOWS\system32\rsaenh.dll C:\WINDOWS\system32\WlNotify.dll C:\WINDOWS\system32\MPR.dll C:\WINDOWS\system32\WINSPOOL.DRV C:\WINDOWS\system32\SAMLIB.dll C:\WINDOWS\system32\cscui.dll C:\WINDOWS\system32\MPRAPI.dll C:\WINDOWS\system32\ACTIVEDS.dll C:\WINDOWS\system32\adsldpc.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\system32\ATL.DLL C:\WINDOWS\system32\rtutils.dll C:\WINDOWS\system32\xpsp2res.dll C:\WINDOWS\system32\NTMARTA.DLL C:\WINDOWS\system32\msv1_0.dll C:\WINDOWS\system32\iphlpapi.dll C:\WINDOWS\system32\wdmaud.drv C:\WINDOWS\system32\msacm32.drv C:\WINDOWS\system32\MSACM32.dll C:\WINDOWS\system32\midimap.dll C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\CLBCATQ.DLL [PID 712] -------> C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\NCObjAPI.DLL C:\WINDOWS\system32\MSVCP60.dll C:\WINDOWS\system32\SCESRV.dll C:\WINDOWS\system32\AUTHZ.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\umpnpmgr.dll C:\WINDOWS\system32\WINSTA.dll C:\WINDOWS\system32\NETAPI32.dll C:\WINDOWS\system32\ShimEng.dll C:\WINDOWS\AppPatch\AcAdProc.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\system32\Apphelp.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\eventlog.dll C:\WINDOWS\system32\PSAPI.DLL C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\system32\wtsapi32.dll [PID 724] -------> C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\LSASRV.dll C:\WINDOWS\system32\MPR.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\NETAPI32.dll C:\WINDOWS\system32\NTDSAPI.dll C:\WINDOWS\system32\DNSAPI.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\system32\SAMLIB.dll C:\WINDOWS\system32\SAMSRV.dll C:\WINDOWS\system32\cryptdll.dll C:\WINDOWS\system32\ShimEng.dll C:\WINDOWS\AppPatch\AcGenral.DLL C:\WINDOWS\system32\WINMM.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\MSACM32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\UxTheme.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\msprivs.dll C:\WINDOWS\system32\kerberos.dll C:\WINDOWS\system32\msv1_0.dll C:\WINDOWS\system32\iphlpapi.dll C:\WINDOWS\system32\netlogon.dll C:\WINDOWS\system32\w32time.dll C:\WINDOWS\system32\MSVCP60.dll C:\WINDOWS\system32\schannel.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\wdigest.dll C:\WINDOWS\system32\rsaenh.dll C:\WINDOWS\system32\setupapi.dll C:\WINDOWS\system32\scecli.dll C:\WINDOWS\system32\ipsecsvc.dll C:\WINDOWS\system32\AUTHZ.dll C:\WINDOWS\system32\oakley.DLL C:\WINDOWS\system32\WINIPSEC.DLL C:\WINDOWS\system32\pstorsvc.dll C:\WINDOWS\system32\psbase.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\system32\hnetcfg.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\system32\dssenh.dll [PID 888] -------> C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\ShimEng.dll C:\WINDOWS\AppPatch\AcGenral.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\WINMM.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\MSACM32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\UxTheme.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll \\?\globalroot\systemroot\system32\gxvxcoibabdwypxtexrbtjfepqyyqphdwucbn.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\system32\Normaliz.dll C:\WINDOWS\system32\iertutil.dll C:\WINDOWS\system32\NTMARTA.DLL C:\WINDOWS\system32\SAMLIB.dll C:\WINDOWS\system32\WLDAP32.dll c:\windows\system32\rpcss.dll c:\windows\system32\WS2_32.dll c:\windows\system32\WS2HELP.dll C:\WINDOWS\system32\xpsp2res.dll C:\WINDOWS\system32\RASAPI32.dll C:\WINDOWS\system32\rasman.dll C:\WINDOWS\system32\NETAPI32.dll C:\WINDOWS\system32\TAPI32.dll C:\WINDOWS\system32\rtutils.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll c:\windows\system32\termsrv.dll c:\windows\system32\ICAAPI.dll c:\windows\system32\SETUPAPI.dll C:\WINDOWS\system32\WINTRUST.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\IMAGEHLP.dll c:\windows\system32\AUTHZ.dll c:\windows\system32\mstlsapi.dll c:\windows\system32\ACTIVEDS.dll c:\windows\system32\adsldpc.dll c:\windows\system32\ATL.DLL C:\WINDOWS\system32\REGAPI.dll C:\WINDOWS\system32\rsaenh.dll C:\WINDOWS\system32\msv1_0.dll C:\WINDOWS\system32\iphlpapi.dll C:\WINDOWS\system32\sensapi.dll C:\WINDOWS\System32\mswsock.dll C:\WINDOWS\system32\rasadhlp.dll C:\WINDOWS\system32\urlmon.dll C:\WINDOWS\system32\hnetcfg.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\system32\Apphelp.dll [PID 956] -------> C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\ShimEng.dll C:\WINDOWS\AppPatch\AcGenral.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\WINMM.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\MSACM32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\UxTheme.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll c:\windows\system32\rpcss.dll c:\windows\system32\WS2_32.dll c:\windows\system32\WS2HELP.dll C:\WINDOWS\system32\xpsp2res.dll C:\WINDOWS\system32\rsaenh.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\system32\hnetcfg.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\system32\DNSAPI.dll C:\WINDOWS\system32\iphlpapi.dll C:\WINDOWS\System32\winrnr.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\system32\rasadhlp.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\msi.dll [PID 1036] -------> C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\Program Files\Java\jre6\bin\MSVCR71.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\system32\psapi.dll C:\WINDOWS\system32\pdh.dll C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\system32\COMCTL32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\ODBC32.dll C:\WINDOWS\system32\odbcbcp.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\odbcint.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\system32\hnetcfg.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\system32\perfos.dll C:\WINDOWS\system32\perfdisk.dll [PID 1056] -------> C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\System32\ShimEng.dll C:\WINDOWS\AppPatch\AcGenral.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\MSACM32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\UxTheme.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\System32\NTMARTA.DLL C:\WINDOWS\System32\SAMLIB.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\System32\xpsp2res.dll c:\windows\system32\shsvcs.dll C:\WINDOWS\System32\WINSTA.dll C:\WINDOWS\system32\NETAPI32.dll c:\windows\system32\dhcpcsvc.dll c:\windows\system32\DNSAPI.dll c:\windows\system32\WS2_32.dll c:\windows\system32\WS2HELP.dll c:\windows\system32\iphlpapi.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\System32\hnetcfg.dll C:\WINDOWS\System32\wshtcpip.dll c:\windows\system32\cryptsvc.dll c:\windows\system32\certcli.dll c:\windows\system32\ATL.DLL C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\CRYPTUI.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\system32\Normaliz.dll C:\WINDOWS\system32\iertutil.dll C:\WINDOWS\system32\WINTRUST.dll C:\WINDOWS\system32\IMAGEHLP.dll c:\windows\system32\ESENT.dll c:\windows\system32\wzcsvc.dll c:\windows\system32\rtutils.dll c:\windows\system32\WMI.dll c:\windows\system32\EapolQec.dll c:\windows\system32\QUtil.dll c:\windows\system32\MSVCP60.dll c:\windows\system32\dot3api.dll c:\windows\system32\WTSAPI32.dll C:\WINDOWS\System32\rsaenh.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\System32\rastls.dll C:\WINDOWS\System32\MPRAPI.dll C:\WINDOWS\System32\ACTIVEDS.dll C:\WINDOWS\System32\adsldpc.dll C:\WINDOWS\System32\SETUPAPI.dll C:\WINDOWS\System32\RASAPI32.dll C:\WINDOWS\System32\rasman.dll C:\WINDOWS\System32\TAPI32.dll C:\WINDOWS\System32\SCHANNEL.dll C:\WINDOWS\System32\WinSCard.dll C:\WINDOWS\System32\PSAPI.DLL C:\WINDOWS\System32\raschap.dll C:\WINDOWS\system32\msv1_0.dll c:\windows\system32\schedsvc.dll c:\windows\system32\NTDSAPI.dll C:\WINDOWS\System32\MSIDLE.DLL c:\windows\system32\audiosrv.dll c:\windows\system32\wkssvc.dll c:\windows\system32\dmserver.dll c:\windows\system32\ersvc.dll c:\windows\system32\es.dll c:\windows\pchealth\helpctr\binaries\pchsvc.dll c:\windows\system32\srvsvc.dll c:\windows\system32\netman.dll c:\windows\system32\netshell.dll c:\windows\system32\credui.dll c:\windows\system32\dot3dlg.dll c:\windows\system32\OneX.DLL c:\windows\system32\eappcfg.dll c:\windows\system32\eappprxy.dll c:\windows\system32\WZCSAPI.DLL c:\windows\system32\seclogon.dll c:\windows\system32\sens.dll c:\windows\system32\srsvc.dll c:\windows\system32\POWRPROF.dll C:\WINDOWS\System32\SXS.DLL c:\windows\system32\trkwks.dll c:\windows\system32\w32time.dll c:\windows\system32\wbem\wmisvc.dll C:\WINDOWS\system32\VSSAPI.DLL c:\windows\system32\wuauserv.dll C:\WINDOWS\system32\wuaueng.dll C:\WINDOWS\System32\WINSPOOL.DRV C:\WINDOWS\System32\WINHTTP.dll C:\WINDOWS\System32\Cabinet.dll C:\WINDOWS\System32\mspatcha.dll c:\windows\system32\browser.dll c:\windows\system32\ipnathlp.dll c:\windows\system32\AUTHZ.dll c:\windows\system32\wscsvc.dll c:\windows\system32\msi.dll C:\WINDOWS\system32\wbem\wbemcomn.dll C:\WINDOWS\System32\Wbem\wbemcore.dll C:\WINDOWS\System32\Wbem\esscli.dll C:\WINDOWS\System32\Wbem\FastProx.dll C:\WINDOWS\System32\sfc.dll C:\WINDOWS\System32\sfc_os.dll C:\WINDOWS\system32\wbem\wmiutils.dll C:\WINDOWS\system32\wbem\repdrvfs.dll C:\WINDOWS\system32\wbem\wmiprvsd.dll C:\WINDOWS\system32\NCObjAPI.DLL C:\WINDOWS\system32\comsvcs.dll C:\WINDOWS\system32\colbact.DLL C:\WINDOWS\system32\MTXCLU.DLL C:\WINDOWS\system32\WSOCK32.dll C:\WINDOWS\System32\CLUSAPI.DLL C:\WINDOWS\System32\RESUTILS.DLL C:\WINDOWS\system32\wbem\wbemess.dll C:\WINDOWS\system32\wbem\ncprov.dll c:\windows\system32\tapisrv.dll c:\windows\system32\rasmans.dll c:\windows\system32\WINIPSEC.DLL c:\windows\system32\netcfgx.dll C:\WINDOWS\System32\rastapi.dll C:\WINDOWS\System32\rasadhlp.dll C:\WINDOWS\System32\unimdm.tsp C:\WINDOWS\System32\uniplat.dll C:\WINDOWS\System32\kmddsp.tsp C:\WINDOWS\System32\ndptsp.tsp C:\WINDOWS\System32\ipconf.tsp C:\WINDOWS\System32\h323.tsp C:\WINDOWS\System32\hidphone.tsp C:\WINDOWS\System32\HID.DLL C:\WINDOWS\System32\rasppp.dll C:\WINDOWS\System32\ntlsapi.dll C:\WINDOWS\system32\kerberos.dll C:\WINDOWS\System32\cryptdll.dll C:\WINDOWS\System32\RASQEC.DLL C:\WINDOWS\system32\upnp.dll C:\WINDOWS\system32\SSDPAPI.dll C:\WINDOWS\System32\RASDLG.dll C:\WINDOWS\system32\Apphelp.dll C:\WINDOWS\system32\wbem\wbemcons.dll [PID 1080] -------> C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\psapi.dll C:\WINDOWS\system32\xpsp2res.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll [PID 1100] -------> C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\ShimEng.dll C:\WINDOWS\AppPatch\AcGenral.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\WINMM.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\MSACM32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\UxTheme.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll c:\windows\system32\wudfsvc.dll c:\windows\system32\SETUPAPI.dll c:\windows\system32\WUDFPlatform.dll C:\WINDOWS\system32\WINTRUST.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\IMAGEHLP.dll [PID 1136] -------> C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\POWRPROF.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\system32\wtsapi32.dll C:\WINDOWS\system32\WINSTA.dll C:\WINDOWS\system32\NETAPI32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\COMCTL32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\nvapi.dll C:\WINDOWS\system32\SETUPAPI.dll C:\WINDOWS\system32\uxtheme.dll C:\WINDOWS\system32\msctfime.ime C:\WINDOWS\system32\WINTRUST.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\system32\msv1_0.dll C:\WINDOWS\system32\iphlpapi.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\system32\Apphelp.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\NTMARTA.DLL C:\WINDOWS\system32\SAMLIB.dll C:\WINDOWS\system32\WLDAP32.dll [PID 1172] -------> C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\ShimEng.dll C:\WINDOWS\AppPatch\AcGenral.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\WINMM.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\MSACM32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\UxTheme.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll c:\windows\system32\dnsrslvr.dll c:\windows\system32\DNSAPI.dll c:\windows\system32\WS2_32.dll c:\windows\system32\WS2HELP.dll c:\windows\system32\iphlpapi.dll C:\WINDOWS\system32\rsaenh.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\system32\hnetcfg.dll C:\WINDOWS\System32\wshtcpip.dll [PID 1224] -------> C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\ShimEng.dll C:\WINDOWS\AppPatch\AcGenral.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\WINMM.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\MSACM32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\UxTheme.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\NTMARTA.DLL C:\WINDOWS\system32\SAMLIB.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\system32\xpsp2res.dll c:\windows\system32\lmhsvc.dll c:\windows\system32\iphlpapi.dll c:\windows\system32\WS2_32.dll c:\windows\system32\WS2HELP.dll c:\windows\system32\alrsvc.dll C:\WINDOWS\system32\NETAPI32.dll c:\windows\system32\regsvc.dll c:\windows\system32\ssdpsrv.dll C:\WINDOWS\system32\hnetcfg.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\System32\wshtcpip.dll c:\windows\system32\upnphost.dll c:\windows\system32\WINHTTP.dll c:\windows\system32\SSDPAPI.dll [PID 1536] -------> C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\MSVCRT.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\WINMM.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\uxtheme.dll C:\WINDOWS\system32\xpsp2res.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\VERSION.dll [PID 1680] -------> C:\WINDOWS\Explorer.EXE C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\BROWSEUI.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\SHDOCVW.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\CRYPTUI.dll C:\WINDOWS\system32\NETAPI32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\system32\Normaliz.dll C:\WINDOWS\system32\iertutil.dll C:\WINDOWS\system32\WINTRUST.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\UxTheme.dll C:\WINDOWS\system32\ShimEng.dll C:\WINDOWS\AppPatch\AcGenral.DLL C:\WINDOWS\system32\WINMM.dll C:\WINDOWS\system32\MSACM32.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\msctfime.ime C:\WINDOWS\system32\appHelp.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\System32\cscui.dll C:\WINDOWS\System32\CSCDLL.dll C:\WINDOWS\system32\themeui.dll C:\WINDOWS\system32\MSIMG32.dll C:\WINDOWS\system32\xpsp2res.dll C:\Program Files\Windows Media Player\wmpband.dll C:\WINDOWS\system32\MPR.dll C:\WINDOWS\system32\msutb.dll C:\WINDOWS\system32\MSCTF.dll C:\WINDOWS\system32\SAMLIB.dll C:\WINDOWS\system32\LINKINFO.dll C:\WINDOWS\system32\ntshrui.dll C:\WINDOWS\system32\ATL.DLL C:\WINDOWS\system32\ieframe.dll C:\WINDOWS\system32\PSAPI.DLL C:\WINDOWS\system32\urlmon.dll C:\WINDOWS\system32\SETUPAPI.dll C:\WINDOWS\system32\msi.dll C:\WINDOWS\system32\NETSHELL.dll C:\WINDOWS\system32\credui.dll C:\WINDOWS\system32\dot3api.dll C:\WINDOWS\system32\rtutils.dll C:\WINDOWS\system32\dot3dlg.dll C:\WINDOWS\system32\OneX.DLL C:\WINDOWS\system32\WTSAPI32.dll C:\WINDOWS\system32\WINSTA.dll C:\WINDOWS\system32\eappcfg.dll C:\WINDOWS\system32\MSVCP60.dll C:\WINDOWS\system32\eappprxy.dll C:\WINDOWS\system32\iphlpapi.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\system32\MLANG.dll C:\WINDOWS\system32\rsaenh.dll C:\WINDOWS\system32\webcheck.dll C:\WINDOWS\system32\stobject.dll C:\WINDOWS\system32\BatMeter.dll C:\WINDOWS\system32\POWRPROF.dll C:\WINDOWS\system32\WPDShServiceObj.dll C:\WINDOWS\system32\WINHTTP.dll C:\WINDOWS\system32\mydocs.dll C:\WINDOWS\system32\PortableDeviceTypes.dll C:\WINDOWS\system32\PortableDeviceApi.dll C:\WINDOWS\system32\wdmaud.drv C:\WINDOWS\system32\msacm32.drv C:\WINDOWS\system32\midimap.dll C:\WINDOWS\System32\drprov.dll C:\WINDOWS\System32\ntlanman.dll C:\WINDOWS\System32\NETUI0.dll C:\WINDOWS\System32\NETUI1.dll C:\WINDOWS\System32\NETRAP.dll C:\WINDOWS\System32\davclnt.dll C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mlfhook.dll C:\WINDOWS\system32\ctagent.dll C:\WINDOWS\system32\mslbui.dll C:\Program Files\SUPERAntiSpyware\SASSEH.DLL C:\WINDOWS\system32\SXS.DLL C:\WINDOWS\system32\browselc.dll C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll C:\WINDOWS\system32\MSGINA.dll C:\WINDOWS\system32\ODBC32.dll C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\system32\odbcint.dll C:\WINDOWS\system32\sti.dll C:\WINDOWS\system32\CFGMGR32.dll C:\WINDOWS\system32\shdoclc.dll C:\WINDOWS\system32\RASAPI32.dll C:\WINDOWS\system32\rasman.dll C:\WINDOWS\system32\TAPI32.dll C:\WINDOWS\system32\msv1_0.dll C:\WINDOWS\system32\sensapi.dll C:\WINDOWS\system32\jscript.dll C:\WINDOWS\System32\mswsock.dll C:\WINDOWS\system32\rasadhlp.dll C:\WINDOWS\system32\DNSAPI.dll C:\WINDOWS\System32\winrnr.dll C:\WINDOWS\system32\hnetcfg.dll C:\WINDOWS\System32\wshtcpip.dll c:\WINDOWS\system32\dfshim.dll c:\WINDOWS\system32\mscoree.dll c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Fusion.dll c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\culture.dll c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll C:\WINDOWS\system32\msadp32.acm [PID 1692] -------> C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\WINSPOOL.DRV C:\WINDOWS\system32\ShimEng.dll C:\WINDOWS\AppPatch\AcGenral.DLL C:\WINDOWS\system32\WINMM.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\MSACM32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\UxTheme.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mlfhook.dll C:\WINDOWS\system32\MSCTF.dll C:\WINDOWS\system32\msctfime.ime C:\WINDOWS\system32\ctagent.dll C:\WINDOWS\system32\mslbui.dll [PID 1828] -------> C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\ShimEng.dll C:\WINDOWS\AppPatch\AcGenral.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\WINMM.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\MSACM32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\UxTheme.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll c:\windows\system32\wiaservc.dll c:\windows\system32\CFGMGR32.dll c:\windows\system32\setupapi.DLL c:\windows\system32\mscms.dll c:\windows\system32\WINSPOOL.DRV c:\windows\system32\WINSTA.dll C:\WINDOWS\system32\NETAPI32.dll C:\WINDOWS\system32\xpsp2res.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\WINTRUST.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\system32\P0630Sti.dll C:\WINDOWS\system32\CtCamMgr.dll C:\WINDOWS\system32\P0630Hwx.dll C:\WINDOWS\system32\ksproxy.ax C:\WINDOWS\system32\ksuser.dll C:\WINDOWS\system32\actxprxy.dll C:\WINDOWS\system32\sti.dll [PID 1984] -------> C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\ShimEng.dll C:\WINDOWS\AppPatch\AcGenral.DLL C:\WINDOWS\system32\WINMM.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\MSACM32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\UxTheme.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\SPOOLSS.DLL C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\system32\DNSAPI.dll C:\WINDOWS\system32\rasadhlp.dll C:\WINDOWS\system32\localspl.dll C:\WINDOWS\system32\sfc_os.dll C:\WINDOWS\system32\WINTRUST.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\system32\winspool.drv C:\WINDOWS\system32\netapi32.dll C:\WINDOWS\system32\cnbjmon.dll C:\WINDOWS\system32\HpTcpMon.dll C:\WINDOWS\system32\hpzjrd01.dll C:\WINDOWS\system32\CLUSAPI.dll C:\WINDOWS\system32\HPTcpMUI.dll C:\WINDOWS\system32\hptcpmib.dll C:\WINDOWS\system32\mgmtapi.dll C:\WINDOWS\system32\snmpapi.dll C:\WINDOWS\system32\wsnmp32.dll C:\WINDOWS\system32\hpzll43a.dll C:\WINDOWS\system32\pjlmon.dll C:\WINDOWS\system32\tcpmon.dll C:\WINDOWS\system32\usbmon.dll C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp43a.dll C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll C:\WINDOWS\System32\mswsock.dll C:\WINDOWS\System32\winrnr.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\win32spl.dll C:\WINDOWS\system32\NETRAP.dll C:\WINDOWS\system32\NTDSAPI.dll C:\WINDOWS\system32\inetpp.dll C:\WINDOWS\system32\xpsp2res.dll [PID 2152] -------> C:\WINDOWS\System32\alg.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\System32\ATL.DLL C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\System32\WSOCK32.dll C:\WINDOWS\System32\WS2_32.dll C:\WINDOWS\System32\WS2HELP.dll C:\WINDOWS\System32\MSWSOCK.DLL C:\WINDOWS\System32\ShimEng.dll C:\WINDOWS\AppPatch\AcGenral.DLL C:\WINDOWS\System32\WINMM.dll C:\WINDOWS\System32\MSACM32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\System32\UxTheme.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\System32\LPK.DLL C:\WINDOWS\System32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\System32\CLBCATQ.DLL C:\WINDOWS\System32\COMRes.dll C:\WINDOWS\System32\xpsp2res.dll C:\WINDOWS\system32\hnetcfg.dll C:\WINDOWS\System32\wshtcpip.dll [PID 2380] -------> C:\Documents and Settings\Administrator\Desktop\GQHooter.exe C:\Documents and Settings\Administrator\Desktop\GQHooter.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.DLL C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\PSAPI.DLL C:\WINDOWS\system32\SHELL32.DLL C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\uxtheme.dll C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mlfhook.dll C:\WINDOWS\system32\MSCTF.dll C:\WINDOWS\system32\msctfime.ime C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\ctagent.dll C:\WINDOWS\system32\mslbui.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\netapi32.dll C:\WINDOWS\system32\SETUPAPI.dll C:\WINDOWS\system32\appHelp.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\VERSION.dll [PID 2572] -------> C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\uxtheme.dll C:\WINDOWS\system32\msctfime.ime C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\VERSION.dll C:\Program Files\CyberLink\PowerDVD\CLRCEngine3.dll C:\Program Files\CyberLink\PowerDVD\MSVCR71.dll C:\WINDOWS\system32\xpsp2res.dll C:\WINDOWS\system32\MSCTF.dll [PID 2592] -------> C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\system32\ShimEng.dll C:\WINDOWS\AppPatch\AcGenral.DLL C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\WINMM.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\MSACM32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\UxTheme.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\NvMcTray.dll C:\WINDOWS\system32\nvapi.dll C:\WINDOWS\system32\SETUPAPI.dll C:\WINDOWS\system32\msctfime.ime C:\WINDOWS\system32\MSCTF.dll [PID 2668] -------> C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\Normaliz.dll C:\WINDOWS\system32\iertutil.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\uxtheme.dll C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.DLL C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL C:\WINDOWS\system32\msctfime.ime C:\Program Files\QuickTime\QTSystem\QuickTime.qts C:\WINDOWS\system32\WINMM.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\system32\COMCTL32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll C:\WINDOWS\system32\DSOUND.dll C:\WINDOWS\system32\ddraw.dll C:\WINDOWS\system32\DCIMAN32.dll C:\WINDOWS\system32\MSCTF.dll C:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll C:\WINDOWS\system32\WSOCK32.dll C:\WINDOWS\system32\SETUPAPI.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\system32\hnetcfg.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\system32\Wtsapi32.dll C:\WINDOWS\system32\WINSTA.dll C:\WINDOWS\system32\NETAPI32.dll C:\WINDOWS\system32\WINTRUST.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\xpsp2res.dll C:\WINDOWS\system32\SXS.DLL [PID 2676] -------> C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\uxtheme.dll C:\WINDOWS\system32\msctfime.ime C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\MSCTF.dll [PID 2692] -------> C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\urlmon.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\iertutil.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll \\?\globalroot\systemroot\system32\gxvxcrwsfogfblkywnorirpambpffnnbereqo.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\system32\Normaliz.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\system32\IEFRAME.dll C:\WINDOWS\system32\PSAPI.DLL C:\WINDOWS\system32\UxTheme.dll C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mlfhook.dll C:\WINDOWS\system32\MSCTF.dll C:\WINDOWS\system32\xpsp2res.dll C:\WINDOWS\system32\msctfime.ime C:\WINDOWS\system32\IEUI.dll C:\WINDOWS\system32\MSIMG32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll C:\WINDOWS\system32\xmllite.dll C:\WINDOWS\system32\apphelp.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\msimtf.dll C:\WINDOWS\system32\mslbui.dll C:\WINDOWS\System32\cscui.dll C:\WINDOWS\System32\CSCDLL.dll C:\WINDOWS\system32\SETUPAPI.dll C:\Program Files\Microsoft Office\Office10\msohev.dll C:\WINDOWS\system32\ctagent.dll C:\WINDOWS\ime\sptip.dll C:\WINDOWS\system32\OLEACC.dll C:\WINDOWS\system32\MSVCP60.dll C:\WINDOWS\IME\SPGRMR.DLL C:\WINDOWS\system32\msi.dll C:\Program Files\Common Files\Microsoft Shared\Ink\SKCHUI.DLL C:\Program Files\Internet Explorer\ieproxy.dll C:\WINDOWS\system32\shdocvw.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\CRYPTUI.dll C:\WINDOWS\system32\NETAPI32.dll C:\WINDOWS\system32\WINTRUST.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\system32\SXS.DLL C:\WINDOWS\system32\MLANG.dll C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll C:\WINDOWS\system32\WSOCK32.dll C:\WINDOWS\system32\WINMM.dll C:\WINDOWS\system32\iphlpapi.dll C:\WINDOWS\system32\DNSAPI.dll C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll C:\WINDOWS\system32\dbghelp.dll C:\Program Files\Skype\Toolbars\Shared\SPhoneParser.dll C:\Program Files\Yahoo!\Common\yiesrvc.dll C:\WINDOWS\system32\rsaenh.dll C:\WINDOWS\system32\userenv.dll C:\WINDOWS\system32\cryptnet.dll C:\WINDOWS\system32\SensApi.dll C:\WINDOWS\system32\WINHTTP.dll C:\Program Files\Yahoo!\Common\YIeTagBm.dll C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_6BC68FE03E7B66EC.dll C:\WINDOWS\system32\RASAPI32.dll C:\WINDOWS\system32\rasman.dll C:\WINDOWS\system32\TAPI32.dll C:\WINDOWS\system32\rtutils.dll C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll C:\Program Files\Java\jre6\bin\jp2ssv.dll C:\Program Files\Java\jre6\bin\MSVCR71.dll C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll C:\WINDOWS\system32\hnetcfg.dll C:\WINDOWS\System32\wshtcpip.dll C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll C:\WINDOWS\system32\msv1_0.dll C:\WINDOWS\system32\rasadhlp.dll C:\WINDOWS\System32\winrnr.dll C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTBM.dll C:\WINDOWS\system32\NTMARTA.DLL C:\WINDOWS\system32\SAMLIB.dll C:\WINDOWS\system32\msxml6.dll C:\WINDOWS\system32\asycfilt.dll C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTNavAssist.dll C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\YTMsgr.dll C:\WINDOWS\system32\mshtml.dll C:\WINDOWS\system32\msls31.dll C:\WINDOWS\system32\ieapfltr.dll C:\WINDOWS\system32\actxprxy.dll C:\WINDOWS\system32\jscript.dll C:\WINDOWS\system32\schannel.dll C:\WINDOWS\system32\dssenh.dll C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx C:\WINDOWS\system32\COMDLG32.dll C:\WINDOWS\system32\mscms.dll C:\WINDOWS\system32\WINSPOOL.DRV C:\WINDOWS\system32\wdmaud.drv C:\WINDOWS\system32\msacm32.drv C:\WINDOWS\system32\MSACM32.dll C:\WINDOWS\system32\midimap.dll C:\WINDOWS\system32\iepeers.dll C:\WINDOWS\system32\mshtmled.dll C:\WINDOWS\system32\ImgUtil.dll C:\WINDOWS\system32\pngfilt.dll C:\WINDOWS\system32\Dxtrans.dll C:\WINDOWS\system32\ATL.DLL C:\WINDOWS\system32\ddrawex.dll C:\WINDOWS\system32\DDRAW.dll C:\WINDOWS\system32\DCIMAN32.dll C:\WINDOWS\system32\Dxtmsft.dll C:\WINDOWS\system32\msxml3.dll C:\WINDOWS\system32\vbscript.dll C:\WINDOWS\system32\MSRATING.dll [PID 2720] -------> C:\WINDOWS\system32\CTHELPER.EXE C:\WINDOWS\system32\CTHELPER.EXE C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\MFC42.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\SETUPAPI.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\system32\COMCTL32.DLL C:\WINDOWS\system32\uxtheme.dll C:\WINDOWS\system32\msctfime.ime C:\WINDOWS\system32\WINTRUST.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\SYSTEM32\CTDCIFCE.DLL C:\WINDOWS\SYSTEM32\WINMM.dll C:\WINDOWS\system32\ctagent.dll C:\WINDOWS\system32\ctspkhlp.dll C:\WINDOWS\system32\DSOUND.dll C:\WINDOWS\system32\wdmaud.drv C:\WINDOWS\system32\msacm32.drv C:\WINDOWS\system32\MSACM32.dll C:\WINDOWS\system32\midimap.dll C:\WINDOWS\system32\KsUser.dll C:\WINDOWS\SYSTEM32\CTDC0001.DLL C:\WINDOWS\SYSTEM32\ctosuser.dll C:\WINDOWS\SYSTEM32\CTDPROXY.DLL C:\WINDOWS\system32\NTMARTA.DLL C:\WINDOWS\system32\SAMLIB.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\CTDCRES.DLL C:\WINDOWS\SYSTEM32\PIAPROXY.DLL C:\WINDOWS\system32\ctpcmcia.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\MSCTF.dll C:\WINDOWS\system32\mslbui.dll [PID 2744] -------> C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdboot.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\PSAPI.DLL C:\WINDOWS\system32\imagehlp.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\MSVCP71.dll C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\MSVCR71.dll C:\WINDOWS\system32\COMCTL32.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\DSOUND.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\WINMM.dll C:\WINDOWS\system32\uxtheme.dll C:\WINDOWS\system32\msctfime.ime C:\WINDOWS\system32\sti.dll C:\WINDOWS\system32\CFGMGR32.dll C:\WINDOWS\system32\setupapi.DLL C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\xpsp2res.dll C:\WINDOWS\system32\ctagent.dll C:\WINDOWS\system32\WINTRUST.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\MSCTF.dll C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mlfhook.dll [PID 2760] -------> C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\Normaliz.dll C:\WINDOWS\system32\iertutil.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\uxtheme.dll [PID 2768] -------> C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\system32\uxtheme.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\msctfime.ime C:\WINDOWS\system32\ole32.dll C:\Program Files\Yahoo!\Search Protection\fdload.dll C:\WINDOWS\system32\imagehlp.dll C:\WINDOWS\system32\WINHTTP.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll C:\WINDOWS\system32\rsaenh.dll C:\WINDOWS\system32\SETUPAPI.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\VERSION.dll C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll C:\WINDOWS\system32\iphlpapi.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\WINTRUST.dll C:\WINDOWS\system32\xpsp2res.dll C:\WINDOWS\system32\MSCTF.dll [PID 3060] -------> C:\Documents and Settings\Administrator\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe C:\Documents and Settings\Administrator\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\uxtheme.dll C:\WINDOWS\system32\msctfime.ime C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\MSCTF.dll [PID 3084] -------> C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\MSCTF.dll C:\WINDOWS\system32\MSUTB.dll C:\WINDOWS\system32\ShimEng.dll C:\WINDOWS\AppPatch\AcGenral.DLL C:\WINDOWS\system32\WINMM.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\MSACM32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\UxTheme.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\msctfime.ime [PID 3096] -------> C:\Program Files\DNA\btdna.exe C:\Program Files\DNA\btdna.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\system32\shfolder.dll C:\WINDOWS\system32\uxtheme.dll C:\WINDOWS\system32\MSCTF.dll C:\WINDOWS\system32\msctfime.ime C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\oleaut32.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\hnetcfg.dll C:\WINDOWS\system32\mswsock.dll C:\WINDOWS\System32\wshtcpip.dll C:\WINDOWS\system32\Iphlpapi.dll C:\WINDOWS\system32\MPRAPI.dll C:\WINDOWS\system32\ACTIVEDS.dll C:\WINDOWS\system32\adsldpc.dll C:\WINDOWS\system32\NETAPI32.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\system32\ATL.DLL C:\WINDOWS\system32\rtutils.dll C:\WINDOWS\system32\SAMLIB.dll C:\WINDOWS\system32\SETUPAPI.dll C:\WINDOWS\system32\xpsp2res.dll C:\WINDOWS\System32\netshell.dll C:\WINDOWS\System32\credui.dll C:\WINDOWS\System32\dot3api.dll C:\WINDOWS\System32\dot3dlg.dll C:\WINDOWS\System32\OneX.DLL C:\WINDOWS\System32\WTSAPI32.dll C:\WINDOWS\System32\WINSTA.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\System32\eappcfg.dll C:\WINDOWS\System32\MSVCP60.dll C:\WINDOWS\System32\eappprxy.dll C:\WINDOWS\system32\ctagent.dll C:\WINDOWS\system32\DNSAPI.dll C:\WINDOWS\system32\rasadhlp.dll C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mlfhook.dll [PID 3132] -------> C:\Program Files\SUPERAntiSpyware\d3eb6d13-3911-4dcb-949a-4e7dd292ffaf.exe C:\Program Files\SUPERAntiSpyware\d3eb6d13-3911-4dcb-949a-4e7dd292ffaf.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\WINMM.dll C:\WINDOWS\system32\imagehlp.dll C:\WINDOWS\system32\VERSION.dll C:\Program Files\SUPERAntiSpyware\deupx.dll C:\WINDOWS\system32\iphlpapi.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\system32\Normaliz.dll C:\WINDOWS\system32\iertutil.dll C:\WINDOWS\system32\comdlg32.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\system32\uxtheme.dll C:\WINDOWS\system32\MSCTF.dll C:\WINDOWS\system32\hhctrl.ocx C:\WINDOWS\system32\SETUPAPI.dll C:\WINDOWS\system32\urlmon.dll C:\WINDOWS\system32\msctfime.ime C:\WINDOWS\system32\WINTRUST.DLL C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\PSAPI.DLL C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\ieframe.dll C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mlfhook.dll C:\WINDOWS\system32\appHelp.dll C:\WINDOWS\system32\mshtml.dll C:\WINDOWS\system32\msls31.dll C:\WINDOWS\system32\msimtf.dll C:\WINDOWS\system32\mslbui.dll C:\WINDOWS\system32\MLANG.dll C:\WINDOWS\system32\netapi32.dll C:\Program Files\SUPERAntiSpyware\SASSEH.DLL C:\WINDOWS\ime\sptip.dll C:\WINDOWS\system32\OLEACC.dll C:\WINDOWS\system32\MSVCP60.dll C:\WINDOWS\IME\SPGRMR.DLL C:\WINDOWS\system32\msi.dll C:\Program Files\Common Files\Microsoft Shared\Ink\SKCHUI.DLL [PID 3308] -------> C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\COMCTL32.dll C:\WINDOWS\system32\MSVCP60.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\system32\uxtheme.dll C:\WINDOWS\system32\MSCTF.dll C:\WINDOWS\system32\msctfime.ime C:\WINDOWS\system32\xpsp2res.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\msi.dll C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\SHFOLDER.dll C:\WINDOWS\system32\WTSAPI32.DLL C:\WINDOWS\system32\WINSTA.dll C:\WINDOWS\system32\NETAPI32.dll C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.rsc C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll C:\WINDOWS\system32\SXS.DLL C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll C:\WINDOWS\system32\WINSPOOL.DRV C:\WINDOWS\system32\SETUPAPI.dll C:\WINDOWS\system32\CFGMGR32.dll C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll C:\Program Files\HP\Digital Imaging\bin\hpodio08.dll C:\WINDOWS\system32\WSOCK32.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll C:\Program Files\HP\Digital Imaging\bin\hpqrif08.dll C:\Program Files\HP\Digital Imaging\bin\hpqmif08.dll C:\Program Files\HP\Digital Imaging\bin\hpodvd09.dll C:\Program Files\Hp\Digital Imaging\bin\hpoddcomm09.dll C:\WINDOWS\system32\WINTRUST.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\WINDOWS\system32\hpzipr12.dll C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mlfhook.dll C:\Program Files\HP\Digital Imaging\bin\hpqusg.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\system32\Normaliz.dll C:\WINDOWS\system32\iertutil.dll C:\WINDOWS\system32\ATL.DLL [PID 3444] -------> C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\CFGMGR32.dll C:\WINDOWS\system32\setupapi.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.DLL C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL C:\WINDOWS\system32\xpsp2res.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\SXS.DLL C:\WINDOWS\system32\uxtheme.dll C:\WINDOWS\system32\Wtsapi32.dll C:\WINDOWS\system32\WINSTA.dll C:\WINDOWS\system32\NETAPI32.dll C:\WINDOWS\system32\WINTRUST.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\IMAGEHLP.dll [PID 3836] -------> C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\WINDOWS\system32\COMCTL32.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\WS2_32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\crsrpt.dll C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\dbghelp.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\MSVCP90.dll C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.1_x-ww_6f74963e\MSVCR90.dll C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mtdsdk.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\system32\Normaliz.dll C:\WINDOWS\system32\iertutil.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\uxtheme.dll C:\WINDOWS\system32\MSCTF.dll C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\resources\mbzaenu.dll C:\WINDOWS\system32\msctfime.ime C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mlfhook.dll C:\WINDOWS\system32\RASAPI32.dll C:\WINDOWS\system32\rasman.dll C:\WINDOWS\system32\NETAPI32.dll C:\WINDOWS\system32\TAPI32.dll C:\WINDOWS\system32\rtutils.dll C:\WINDOWS\system32\WINMM.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\sensapi.dll C:\WINDOWS\system32\msv1_0.dll C:\WINDOWS\system32\iphlpapi.dll C:\WINDOWS\System32\mswsock.dll C:\WINDOWS\system32\rasadhlp.dll C:\WINDOWS\system32\DNSAPI.dll C:\WINDOWS\System32\winrnr.dll C:\WINDOWS\system32\WLDAP32.dll C:\WINDOWS\system32\urlmon.dll C:\WINDOWS\system32\hnetcfg.dll C:\WINDOWS\System32\wshtcpip.dll [PID 3880] -------> C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\Program Files\HP\Digital Imaging\bin\hpqmfc09.dll C:\WINDOWS\system32\MSVFW32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\WINMM.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\COMCTL32.dll C:\Program Files\HP\Digital Imaging\bin\hpqtap08.dll C:\WINDOWS\system32\MFC42.DLL C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\system32\MSVCP60.dll C:\WINDOWS\system32\IMM32.DLL C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll C:\WINDOWS\system32\uxtheme.dll C:\WINDOWS\system32\MSCTF.dll C:\WINDOWS\system32\CLBCATQ.DLL C:\WINDOWS\system32\COMRes.dll C:\WINDOWS\system32\VERSION.dll C:\WINDOWS\system32\msi.dll C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll C:\WINDOWS\system32\SHFOLDER.dll C:\WINDOWS\system32\msctfime.ime C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.rsc C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mlfhook.dll C:\WINDOWS\system32\ieframe.dll C:\WINDOWS\system32\PSAPI.DLL C:\WINDOWS\system32\iertutil.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\system32\Normaliz.dll C:\WINDOWS\system32\ws2_32.dll C:\WINDOWS\system32\WS2HELP.dll C:\WINDOWS\system32\apphelp.dll C:\WINDOWS\system32\SXS.DLL C:\WINDOWS\system32\urlmon.dll C:\WINDOWS\system32\SETUPAPI.dll C:\WINDOWS\system32\mshtml.dll C:\WINDOWS\system32\msls31.dll C:\WINDOWS\system32\ctagent.dll C:\WINDOWS\system32\msimtf.dll C:\WINDOWS\system32\mslbui.dll C:\WINDOWS\system32\USERENV.dll C:\WINDOWS\system32\MLANG.dll C:\Program Files\HP\Digital Imaging\bin\hpqsti08.dll C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll C:\Program Files\HP\Digital Imaging\bin\hpqstp08.dll C:\Program Files\HP\Digital Imaging\bin\hpodio08.dll C:\WINDOWS\system32\WINSPOOL.DRV C:\WINDOWS\system32\WSOCK32.dll C:\WINDOWS\system32\WTSAPI32.DLL C:\WINDOWS\system32\WINSTA.dll C:\WINDOWS\system32\NETAPI32.dll C:\Program Files\HP\Digital Imaging\bin\hpocxi08.dll C:\WINDOWS\system32\WINTRUST.dll C:\WINDOWS\system32\CRYPT32.dll C:\WINDOWS\system32\MSASN1.dll C:\WINDOWS\system32\IMAGEHLP.dll C:\Program Files\HP\Digital Imaging\bin\hpqsem08.rsc C:\WINDOWS\system32\hpzipr12.dll C:\WINDOWS\ime\sptip.dll C:\WINDOWS\system32\OLEACC.dll C:\WINDOWS\IME\SPGRMR.DLL C:\Program Files\Common Files\Microsoft Shared\Ink\SKCHUI.DLL [PID 3932] -------> C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\WINDOWS\system32\ntdll.dll C:\WINDOWS\system32\kernel32.dll C:\Program Files\Yahoo!\Messenger\yui.dll C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\COMCTL32.dll C:\WINDOWS\system32\msvcrt.dll C:\WINDOWS\system32\ADVAPI32.dll C:\WINDOWS\system32\RPCRT4.dll C:\WINDOWS\system32\Secur32.dll C:\WINDOWS\system32\GDI32.dll C:\WINDOWS\system32\USER32.dll C:\WINDOWS\system32\SHLWAPI.dll C:\WINDOWS\system32\MSIMG32.dll C:\WINDOWS\system32\RICHED20.dll C:\WINDOWS\system32\IMM32.dll C:\WINDOWS\system32\SHELL32.dll C:\WINDOWS\system32\ole32.dll C:\WINDOWS\system32\OLEAUT32.dll C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCP80.dll C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\MSVCR80.dll C:\WINDOWS\system32\WININET.dll C:\WINDOWS\system32\Normaliz.dll C:\WINDOWS\system32\iertutil.dll C:\WINDOWS\system32\LPK.DLL C:\WINDOWS\system32\USP10.dll C:\WINDOWS\system32\comctl32.dll C:\WINDOWS\system32\uxtheme.dll C:\Program Files\Yahoo!\Messenger\res_msgr.dll C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mlfhook.dll C:\WINDOWS\system32\MSCTF.dll C:\WINDOWS\system32\msctfime.ime ¨ C:\Rooter$\Rooter_4.txt - (22/06/2009 | 05:48.07) ================================== Locked [System Process] (0) ______ System (4) ______ \SystemRoot\System32\smss.exe (596) ______ \??\C:\WINDOWS\system32\csrss.exe (644) ______ \??\C:\WINDOWS\system32\winlogon.exe (668) ______ C:\WINDOWS\system32\services.exe (712) ______ C:\WINDOWS\system32\lsass.exe (724) ______ C:\WINDOWS\system32\svchost.exe (888) ______ C:\WINDOWS\system32\svchost.exe (956) ______ C:\WINDOWS\System32\svchost.exe (1056) ______ C:\WINDOWS\system32\svchost.exe (1100) ______ C:\WINDOWS\system32\svchost.exe (1172) ______ C:\WINDOWS\system32\svchost.exe (1224) Locked vsmon.exe (1384) ______ C:\WINDOWS\Explorer.EXE (1680) Locked ScanningProcess.exe (1888) ______ C:\WINDOWS\system32\spoolsv.exe (1984) Locked ScanningProcess.exe (240) ______ C:\WINDOWS\system32\svchost.exe (584) ______ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (648) ______ C:\Program Files\Java\jre6\bin\jqs.exe (1036) ______ C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (1080) ______ C:\WINDOWS\system32\nvsvc32.exe (1136) ______ C:\Program Files\CyberLink\Shared Files\RichVideo.exe (1536) ______ C:\WINDOWS\system32\svchost.exe (1828) ______ C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (284) ______ C:\WINDOWS\System32\alg.exe (2152) ______ C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (2572) ______ C:\WINDOWS\system32\RUNDLL32.EXE (2592) ______ C:\Program Files\iTunes\iTunesHelper.exe (2668) ______ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (2676) ______ C:\WINDOWS\system32\CTHELPER.EXE (2720) ______ C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (2744) ______ C:\Program Files\Java\jre6\bin\jusched.exe (2760) ______ C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (2768) Locked zlclient.exe (2996) ______ C:\Documents and Settings\Administrator\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe (3060) ______ C:\WINDOWS\system32\ctfmon.exe (3084) ______ C:\Program Files\DNA\btdna.exe (3096) ______ C:\Program Files\SUPERAntiSpyware\d3eb6d13-3911-4dcb-949a-4e7dd292ffaf.exe (3132) ______ C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe (3308) ______ C:\Program Files\iPod\bin\iPodService.exe (3444) ______ C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe (3836) ______ C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (3880) ______ C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe (3932) ______ C:\Program Files\Internet Explorer\iexplore.exe (2692) ______ C:\Documents and Settings\Administrator\Desktop\GQHooter.exe (2380) ______ C:\WINDOWS\system32\NOTEPAD.EXE (1692) ______ C:\WINDOWS\system32\NOTEPAD.EXE (3616) ====================================== C:\Rooter$\Rooter_5.txt - (22/06/2009 | 05:48.35) Locked [System Process] (0) ______ System (4) ______ \SystemRoot\System32\smss.exe (596) ______ \??\C:\WINDOWS\system32\csrss.exe (644) ______ \??\C:\WINDOWS\system32\winlogon.exe (668) ______ C:\WINDOWS\system32\services.exe (712) ______ C:\WINDOWS\system32\lsass.exe (724) ______ C:\WINDOWS\system32\svchost.exe (888) ______ C:\WINDOWS\system32\svchost.exe (956) ______ C:\WINDOWS\System32\svchost.exe (1056) ______ C:\WINDOWS\system32\svchost.exe (1100) ______ C:\WINDOWS\system32\svchost.exe (1172) ______ C:\WINDOWS\system32\svchost.exe (1224) Locked vsmon.exe (1384) ______ C:\WINDOWS\Explorer.EXE (1680) Locked ScanningProcess.exe (1888) ______ C:\WINDOWS\system32\spoolsv.exe (1984) Locked ScanningProcess.exe (240) ______ C:\WINDOWS\system32\svchost.exe (584) ______ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (648) ______ C:\Program Files\Java\jre6\bin\jqs.exe (1036) ______ C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (1080) ______ C:\WINDOWS\system32\nvsvc32.exe (1136) ______ C:\Program Files\CyberLink\Shared Files\RichVideo.exe (1536) ______ C:\WINDOWS\system32\svchost.exe (1828) ______ C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (284) ______ C:\WINDOWS\System32\alg.exe (2152) ______ C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (2572) ______ C:\WINDOWS\system32\RUNDLL32.EXE (2592) ______ C:\Program Files\iTunes\iTunesHelper.exe (2668) ______ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (2676) ______ C:\WINDOWS\system32\CTHELPER.EXE (2720) ______ C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (2744) ______ C:\Program Files\Java\jre6\bin\jusched.exe (2760) ______ C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (2768) Locked zlclient.exe (2996) ______ C:\Documents and Settings\Administrator\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe (3060) ______ C:\WINDOWS\system32\ctfmon.exe (3084) ______ C:\Program Files\DNA\btdna.exe (3096) ______ C:\Program Files\SUPERAntiSpyware\d3eb6d13-3911-4dcb-949a-4e7dd292ffaf.exe (3132) ______ C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe (3308) ______ C:\Program Files\iPod\bin\iPodService.exe (3444) ______ C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe (3836) ______ C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (3880) ______ C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe (3932) ______ C:\Program Files\Internet Explorer\iexplore.exe (2692) ______ C:\Documents and Settings\Administrator\Desktop\GQHooter.exe (2380) ______ C:\WINDOWS\system32\NOTEPAD.EXE (1692) ______ C:\WINDOWS\system32\NOTEPAD.EXE (3616) ¨ C:\Rooter$\Rooter_5.txt - (22/06/2009 | 05:48.35) ¨ Then I guess I ran the OTL program too soon.. These are all the loggs I can find.. I searched by date/time to find all the loggs "just made". I have WinXP Pro, I posted the latest info when I registered. I have all current updates for security as of a couple days ago. Let me know if you need anything but from what I can see.. this is gone.. BUT I have not as yet uninstalled the ERUNT, Malwarebytes and I still have the Rooter and TFC programs.. D |
|
     |
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
06-22-2009, 03:54 AM
|
#2 (permalink) |
|
Registered User
Join Date: Jun 2009
Posts: 7
OS: WinXP Pro
|
Re: gxvxc virus update
And 1 more Logg: (maklwarebytes/Rooter and such I ran while in safe mode w/ networking)
Locked [System Process] (0) ______ System (4) ______ \SystemRoot\System32\smss.exe (596) ______ \??\C:\WINDOWS\system32\csrss.exe (644) ______ \??\C:\WINDOWS\system32\winlogon.exe (668) ______ C:\WINDOWS\system32\services.exe (712) ______ C:\WINDOWS\system32\lsass.exe (724) ______ C:\WINDOWS\system32\svchost.exe (888) ______ C:\WINDOWS\system32\svchost.exe (956) ______ C:\WINDOWS\System32\svchost.exe (1056) ______ C:\WINDOWS\system32\svchost.exe (1100) ______ C:\WINDOWS\system32\svchost.exe (1172) ______ C:\WINDOWS\system32\svchost.exe (1224) Locked vsmon.exe (1384) ______ C:\WINDOWS\Explorer.EXE (1680) Locked ScanningProcess.exe (1888) ______ C:\WINDOWS\system32\spoolsv.exe (1984) Locked ScanningProcess.exe (240) ______ C:\WINDOWS\system32\svchost.exe (584) ______ C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (648) ______ C:\Program Files\Java\jre6\bin\jqs.exe (1036) ______ C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (1080) ______ C:\WINDOWS\system32\nvsvc32.exe (1136) ______ C:\Program Files\CyberLink\Shared Files\RichVideo.exe (1536) ______ C:\WINDOWS\system32\svchost.exe (1828) ______ C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (284) ______ C:\WINDOWS\System32\alg.exe (2152) ______ C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (2572) ______ C:\WINDOWS\system32\RUNDLL32.EXE (2592) ______ C:\Program Files\iTunes\iTunesHelper.exe (2668) ______ C:\Program Files\HP\HP Software Update\HPWuSchd2.exe (2676) ______ C:\WINDOWS\system32\CTHELPER.EXE (2720) ______ C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe (2744) ______ C:\Program Files\Java\jre6\bin\jusched.exe (2760) ______ C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe (2768) Locked zlclient.exe (2996) ______ C:\Documents and Settings\Administrator\Application Data\SanDisk\Sansa Updater\SansaDispatch.exe (3060) ______ C:\WINDOWS\system32\ctfmon.exe (3084) ______ C:\Program Files\DNA\btdna.exe (3096) ______ C:\Program Files\SUPERAntiSpyware\d3eb6d13-3911-4dcb-949a-4e7dd292ffaf.exe (3132) ______ C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe (3308) ______ C:\Program Files\iPod\bin\iPodService.exe (3444) ______ C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe (3836) ______ C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe (3880) ______ C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe (3932) ______ C:\Program Files\Internet Explorer\iexplore.exe (2692) ______ C:\Documents and Settings\Administrator\Desktop\GQHooter.exe (2380) ______ C:\WINDOWS\system32\NOTEPAD.EXE (1692) ______ C:\WINDOWS\system32\NOTEPAD.EXE (3616) C:\Rooter$\Rooter_6.txt - (22/06/2009 | 05:48.43) Last edited by deslocc; 06-22-2009 at 03:55 AM. Reason: adding info |
|
|
|
|
06-22-2009, 04:43 AM
|
#3 (permalink) | |
|
Moderator, Analyst, Security Team
Join Date: Oct 2006
Location: Důn Čideann,Scotland.
Posts: 5,093
OS: XP
|
Re: gxvxc virus update
Hello
As already stated in your other thread, please follow the information below. We want all our members to perform the steps outlined in the link I'll give you below, before posting for assistance. There's a sticky at the top of this forum, and a Quote:
--------------------------------------------------------------------------------------------- Please follow our pre-posting process outlined here: NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help After running through all the steps, you shall have a proper set of logs. Please post them in a new topic, as this one shall be closed. If you have trouble with one of the steps, simply move on to the next one, and make note of it in your reply. Please note that the Virus/Trojan/Spyware Help forum is extremely busy, and it may take a while to receive a reply. |
|
|
|
|
|
| Thread Tools | |
|
|
