Actulice is a new variant of( WINPUP) spyware,or by some virus companies a trojan.Here is how to manualy remove the pest.Winpup manual removal: #1-Turn off system restore. Right click on My Computer, select Properties, select the System Restore tab, and check Turn Off system restore. Empty your Temporary Internet Files by clicking Start, click Run then type %temp% and hit enter. Delete all the items in that folder. #2-go to start,then run,then type msconfig and then ok. Kill processes:search for these files. pup.exe, 20444887.exe, 23777407.exe, 24065798.exe, 25199526.exe, 27032107.exe, 4026430.exe, 61692446.exe, 64075869.exe, 6904238.exe, 73934572.exe, 75082033.exe, 77946108.exe, 8439272.exe, 92135256.exe, 96062868.exe, winpup.exe, msdmodw.exe, sratelcm.exe, stoesp.exe, 23058718.exe, cmpi.exe, stimem.exe, syscm.exe, trojan.win32.startpage.ae.exe, winpup32.exe #3-Delete registry values:click start,then run,then type in regedit,then ok.When in registry press (ctrl key)and (F) key at the same time,and then search for these keys if they exist and delete them. 'HKEY_LOCAL_MACHINE \ software \ microsoft \ windows \ currentversion \ explorer \ pup' 'HKEY_LOCAL_MACHINE \ software \ microsoft \ windows \ currentversion \ unasauthr' 'HKEY_LOCAL_MACHINE \ software \ microsoft \ windows \ currentversion \ undhcpv' 'HKEY_LOCAL_MACHINE \ software \ microsoft \ windows \ currentversion \ unsvidc32m' #4- Start Windows Explorer and delete: C:\WINDOWS\ACTULICE.exe C:\WINDOWS\System32\uadficna.exe %SystemDir%\pup.exe, if it exists. %WinDir%\pup.exe, if it exists. %WinDir%\telnat.exe, if it exists. Note: %WinDir%\telnet.exe is a legitimate file, do not delete it. C:\WINDOWS\twaintec.dll C:\PROGRAM Files\MOVEFI~1\Hope Test Online.exe C:\PROGRAM Files\SURFGP~1\List Iso.dll C:\WINDOWS\System32\DBCCP32O.exe Note: %WinDir% is a variable (?). By default, this is C:\Windows (Windows 95/98/Me/XP) or C:\WINNT (Windows NT/2000). Note: %SystemDir% is a variable (?). By default, this is C:\Windows\System (Windows 95/98/Me), C:\WINNT\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP). #5-Run HJT and delete these files if they exist: O1 - Hosts: 207.36.196.189 auto.search.msn.com O1 - Hosts: 207.36.196.189 search.netscape.com O1 - Hosts: 207.36.196.189 ieautosearch O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:\WINDOWS\twaintec.dll O3 - Toolbar: Deaf memo - {FF198BC5-6909-77C2-8E56-C3633E2ADE8C} - C:\PROGRA~1\SURFGP~1\List Iso.dll O4 - HKLM\..\Run: [BagsHelp] C:\PROGRA~1\MOVEFI~1\Hope Test Online.exe O4 - HKLM\..\Run: [uadficna] C:\WINDOWS\System32\uadficna.exe O4 - HKLM\..\Run: [DBCCP32O] C:\WINDOWS\System32\DBCCP32O.exe Reboot back in to safe mode, Run your AV Live Update, (restart into safe mode again if necessary after update) then run your AV scan, delete any files that come up as viruses. Reboot into regular mode, re-enable system restore. If you dont have hijack this you can click the link provided: HIJACKTHIS If women knew what we were thinking, they'd never stop slapping us.

I submitted the info about 4 weeks ago to lavasoft concerning actulice/winpup,and hopefully they come out with some defs to detect and remove this pest.In the mean time i have provided a manual removal of the pest.I will be sending the same info to spybot in the next few days,and hopefuly they to come out with defs to detect and remove actulice.I hope that my manual removal will help anyone that has been infected by the pest. Women are like parking spaces: All the good ones are taken and all that's left are the handicapped.

Why oh why cant I get rid of this SOB?? I tried EVERYTHING, I moved it, safe mode, renamed it, changed all the tools files and turned off restore. If it was suggested I did it... And the b---tard lives on! I have located and moved it to my desk top where I now call it bitchfile.dll And well I cant get it to NOT be read only, I cant get it in the trash in ANY mode, safe or normal. So if anyone could tell me how to get rid of it. Id love you forever!