Sign in to follow this  
Anton.B

Zlob has got me

Recommended Posts

Give it a bit longer if you would please, and if it doesn't complete after 45 min or so, exit out and back to normal mode. Then post a new dss log and see if there is a report.txt in the C:\SDFix folder (post it too if there is).

 

Boy this had me sweating..but here tis

 

SDFix: Version 1.114

 

Run by Dad on Mon 19/11/2007 at 03:01 PM

 

Microsoft Windows XP [Version 5.1.2600]

 

Running From: C:\SDFix\SDFix

 

Safe Mode:

Checking Services:

 

 

Restoring Windows Registry Values

Restoring Windows Default Hosts File

 

Rebooting...

 

 

Normal Mode:

Checking Files:

 

No Trojan Files Found

 

 

 

 

Deckard's System Scanner v20071014.68

Run by Dad on 2007-11-19 15:47:28

Computer is in Normal Mode.

--------------------------------------------------------------------------------

 

 

 

-- HijackThis (run as Dad.exe) -------------------------------------------------

 

Unable to find log (file not found); running clone.

-- HijackThis Clone ------------------------------------------------------------

 

 

Emulating logfile of Trend Micro HijackThis v2.0.2

Scan saved at 2007-11-19 15:47:38

Platform: Windows XP Service Pack 2 (5.01.2600)

MSIE: Internet Explorer (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\system32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

C:\WINDOWS\system32\CTSVCCDA.EXE

C:\WINDOWS\system32\drivers\KodakCCS.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\CS Fire Monitor\CSFireMon.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\ScsiAccess.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\WINDOWS\system32\UStorSrv.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\WINDOWS\system32\fxssvc.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Microsoft Hardware\Keyboard\type32.exe

C:\WINDOWS\system32\atwtusb.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposts08.exe

C:\Documents and Settings\Dad\Desktop\dss.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - (no file)

O2 - BHO: (no name) - {10C0C3B9-FC60-4902-92B3-49E09D7BAE89} - C:\WINDOWS\system32\mljgg.dll (file missing)

O2 - BHO: (no name) - {18CCB518-1374-4946-A4C2-21EFD6C471CE} - (no file)

O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll

O2 - BHO: {8086f986-44d7-bb1a-8ae4-189a0888f064} - {460f8880-a981-4ea8-a1bb-7d44689f6808} - C:\WINDOWS\system32\uimnlulf.dll (file missing)

O2 - BHO: Burn4Free Toolbar Helper - {60BF5EE3-0105-4858-AD98-17C19F86B042} - C:\Program Files\Burn4Free Toolbar\v3.3.0.0\Burn4Free_Toolbar.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {97CC1FB6-83A6-41DB-ACAE-4D687978EF63} - C:\WINDOWS\system32\pmkjh.dll

O2 - BHO: (no name) - {A57EE9D7-0534-496A-B2B0-E95866D0C1B0} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar2.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: (no name) - {BBB05D9E-0297-404D-A6BF-D8F2876B84A6} - C:\WINDOWS\system32\tuvwwxy.dll (file missing)

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: (no name) - {EF18E814-3E1B-452D-8EAE-208E53C009F5} - C:\WINDOWS\system32\vtstt.dll (file missing)

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [intelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"

O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKCU\..\Run: [HijackThis startup scan] C:\Documents and Settings\Dad\Desktop\HijackThis.exe /startupscan

O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')

O4 - Global Startup: BTTray.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

O4 - Global Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-au\msntabres.dll.mui/229?42def64ca47e412b8c501d922166e5af

O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-au\msntabres.dll.mui/230?42def64ca47e412b8c501d922166e5af

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)

O9 - Extra button: (no name) - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc3.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1125884139484

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll

O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll

O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL

O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL

O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00A6484.dat

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSVCCDA.EXE

O23 - Service: CS Fire Monitor - Crofts Software - C:\Program Files\CS Fire Monitor\CSFireMonService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\ramaint.exe

O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe

 

 

--

End of file - 11602 bytes

 

-- Files created between 2007-10-19 and 2007-11-19 -----------------------------

 

2007-11-19 14:58:15 0 d-------- C:\WINDOWS\ERUNT

2007-11-19 13:14:19 12784 --ahs---- C:\WINDOWS\system32\hjkmp.ini2

2007-11-19 11:51:14 320608 --a------ C:\WINDOWS\system32\pmkjh.dll

2007-11-19 11:39:20 0 d-------- C:\VundoFix Backups

2007-11-19 06:25:18 10816 -----n--- C:\WINDOWS\system32\__c00A6484.dat

2007-11-18 04:24:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft

2007-11-13 16:03:09 4882432 --a------ C:\Documents and Settings\Anton\ntuser.dat

2007-11-13 16:00:35 147456 --a------ C:\WINDOWS\system32\vbzip10.dll <Not Verified; Info-ZIP; Info-ZIP's WiZ>

2007-11-05 15:35:30 0 d-------- C:\WINDOWS\pss

2007-11-01 17:45:28 0 d-------- C:\Program Files\Guitar Pro 5

2007-10-30 12:22:51 0 d-------- C:\Racing

2007-10-23 12:35:40 0 d-------- C:\Program Files\iPod

2007-10-23 12:35:09 0 d-------- C:\Program Files\iTunes

2007-10-22 19:54:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe

2007-10-19 23:05:01 0 d-------- C:\the hedgehog

 

 

-- Find3M Report ---------------------------------------------------------------

 

2007-11-18 04:26:14 0 d-------- C:\Program Files\Lavasoft

2007-11-18 04:26:12 0 d-------- C:\Documents and Settings\Dad\Application Data\Lavasoft

2007-11-18 04:22:45 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard

2007-11-17 17:36:23 0 d-------- C:\Program Files\Java

2007-11-14 23:30:21 0 d-------- C:\Program Files\Common Files

2007-11-08 09:50:59 0 d-------- C:\Documents and Settings\Dad\Application Data\U3

2007-11-07 14:35:58 0 d-------- C:\Program Files\CS Fire Monitor

2007-11-05 15:22:52 0 d-------- C:\Program Files\GSM

2007-11-02 20:44:26 0 d--h----- C:\Program Files\InstallShield Installation Information

2007-10-22 19:54:28 0 d-------- C:\Program Files\Common Files\Adobe

2007-10-18 00:42:08 10752 --a------ C:\WINDOWS\system32\WhoisCL.exe <Not Verified; NirSoft; WhoisCL>

2007-10-17 13:12:37 0 d-------- C:\Program Files\Free Metronome

2007-10-17 12:48:58 0 d-------- C:\Program Files\FretPro

2007-10-17 09:42:08 0 d-------- C:\Program Files\LogMeIn

2007-10-15 22:37:18 0 d-------- C:\Program Files\Lame

2007-10-14 19:57:40 0 d-------- C:\Program Files\Audacity

2007-10-09 21:53:27 0 d-------- C:\Program Files\Apple Software Update

2007-10-08 20:47:34 0 d-------- C:\Program Files\Burn4Free

2007-09-28 19:33:00 0 d-------- C:\Program Files\WinAce

2007-09-27 12:01:18 0 d-------- C:\Program Files\Microsoft Silverlight

2007-09-24 22:46:36 0 d-------- C:\Program Files\GameSpy Arcade

2007-09-24 22:43:50 0 d-------- C:\Program Files\Microsoft Games

2007-09-19 14:58:04 0 d-------- C:\Program Files\Scales Dictionary System

2007-09-19 14:57:35 286720 -----n--- C:\WINDOWS\Setup1.exe <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Windows>

2007-09-19 14:57:29 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>

2007-09-19 12:23:45 0 d-------- C:\Program Files\GiveMeTac 1.1

2007-09-14 15:30:55 229727 --a------ C:\WINDOWS\Burn4Free_Toolbar_Uninstaller_6984.exe <Not Verified; Burn4Free; Burn4Free CD and DVD>

2007-09-08 22:29:51 7188 --a------ C:\WINDOWS\mozver.dat

 

 

-- Registry Dump ---------------------------------------------------------------

 

*Note* empty entries & legit default entries are not shown

 

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0D39A900-0F3A-4C29-A254-3E65244FDC34}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{10C0C3B9-FC60-4902-92B3-49E09D7BAE89}]

C:\WINDOWS\system32\mljgg.dll

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18CCB518-1374-4946-A4C2-21EFD6C471CE}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{460f8880-a981-4ea8-a1bb-7d44689f6808}]

C:\WINDOWS\system32\uimnlulf.dll

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{97CC1FB6-83A6-41DB-ACAE-4D687978EF63}]

19/11/2007 11:51 AM 320608 --a------ C:\WINDOWS\system32\pmkjh.dll

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A57EE9D7-0534-496A-B2B0-E95866D0C1B0}]

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BBB05D9E-0297-404D-A6BF-D8F2876B84A6}]

C:\WINDOWS\system32\tuvwwxy.dll

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EF18E814-3E1B-452D-8EAE-208E53C009F5}]

C:\WINDOWS\system32\vtstt.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IntelliType"="C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" [22/03/2002 03:41 PM]

"atwtusb"="atwtusb.exe" [23/04/2002 05:20 PM C:\WINDOWS\system32\atwtusb.exe]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [06/09/2007 09:06 PM]

"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [06/08/2007 12:08 PM]

"nwiz"="nwiz.exe" [25/08/2004 08:14 PM C:\WINDOWS\system32\nwiz.exe]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [25/08/2004 08:14 PM]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [25/08/2004 08:14 PM]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25/09/2007 01:11 AM]

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HijackThis startup scan"="C:\Documents and Settings\Dad\Desktop\HijackThis.exe" [16/02/2005 11:06 AM]

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]

"RunNarrator"=Narrator.exe

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

 

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\

BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [20/11/2003 2:11:56 PM]

hp psc 2000 Series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [9/04/2003 6:41:38 PM]

hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [9/04/2003 7:11:12 PM]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [13/03/2006 02:11 PM 233472]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]

LMIinit.dll 02/10/2007 05:51 PM 75064 C:\WINDOWS\system32\LMIinit.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"appinit_dlls"=C:\WINDOWS\system32\__c00A6484.dat

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

"Authentication Packages"= msv1_0 C:\WINDOWS\system32\pmkjh.dll

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

@="Service"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]

backup=C:\WINDOWS\pss\Acrobat Assistant.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]

backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Remote Controller.lnk]

backup=C:\WINDOWS\pss\Remote Controller.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Desktop Search.lnk]

backup=C:\WINDOWS\pss\Windows Desktop Search.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Agent]

"C:\Program Files\CyberLink\PowerVCRII\Agent.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]

AGRSMMSG.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

"C:\Program Files\iTunes\iTunesHelper.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]

C:\WINDOWS\system32\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Omnipage]

C:\Program Files\ScanSoft\OmniPageSE\opware32.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]

C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

"C:\Program Files\QuickTime\QTTask.exe" -atboottime

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Remote_Agent]

"C:\Program Files\CyberLink\PowerVCRII\RemoteAgent.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]

SOUNDMAN.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFaxAppPortStarter]

wfxsnt40.exe

 

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{52d0c36c-3e4a-11dc-b9ad-0020ed6c9f88}]

AutoRun\command- G:\LaunchU3.exe -a

 

 

 

 

-- End of Deckard's System Scanner: finished at 2007-11-19 15:48:53 ------------

Share this post


Link to post
Share on other sites

Please download the Killbox by Option^Explicit.

  • Double-click the KillBox icon on your desktop to open it
  • Select the box Replace on Reboot
  • Select the box Use Dummy
  • Copy the bolded filepath below and paste it into the 'Full path of File to Delete' window.
     
    C:\WINDOWS\system32\hjkmp.ini2
     
     
  • Click the red circle with a white X [Delete File] button.
  • Click Yes at the Delete on Reboot prompt. Click No at the Pending Operations prompt.
  • Select the box Use Dummy again
  • Copy the bolded filepath below and paste it into the 'Full path of File to Delete' window.
     
    C:\WINDOWS\system32\pmkjh.dll
     
     
  • Click the red circle with a white X [Delete File] button.
  • Click Yes at the Delete on Reboot prompt. Click No at the Pending Operations prompt.
  • Select the box Use Dummy again
  • Copy the bolded filepath below and paste it into the 'Full path of File to Delete' window.
     
    C:\WINDOWS\system32\__c00A6484.dat
     
     
  • Click the red circle with a white X [Delete File] button.
  • Click Yes at the Delete on Reboot prompt. Click No at the Pending Operations prompt.
  • Exit the Killbox

Scan again with HijackThis and place a check next to the following entries, close all other windows then click Fix Checked.

 

O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - (no file)

O2 - BHO: (no name) - {10C0C3B9-FC60-4902-92B3-49E09D7BAE89} - C:\WINDOWS\system32\mljgg.dll (file missing)

O2 - BHO: (no name) - {18CCB518-1374-4946-A4C2-21EFD6C471CE} - (no file)

O2 - BHO: {8086f986-44d7-bb1a-8ae4-189a0888f064} - {460f8880-a981-4ea8-a1bb-7d44689f6808} - C:\WINDOWS\system32\uimnlulf.dll (file missing)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {97CC1FB6-83A6-41DB-ACAE-4D687978EF63} - C:\WINDOWS\system32\pmkjh.dll

O2 - BHO: (no name) - {A57EE9D7-0534-496A-B2B0-E95866D0C1B0} - (no file)

O2 - BHO: (no name) - {BBB05D9E-0297-404D-A6BF-D8F2876B84A6} - C:\WINDOWS\system32\tuvwwxy.dll (file missing)

O2 - BHO: (no name) - {EF18E814-3E1B-452D-8EAE-208E53C009F5} - C:\WINDOWS\system32\vtstt.dll (file missing)

O4 - HKCU\..\Run: [HijackThis startup scan] C:\Documents and Settings\Dad\Desktop\HijackThis.exe /startupscan

 

 

Close HijackThis and restart your computer. Create and post a fresh HijackThis log.

Share this post


Link to post
Share on other sites
Please download the Killbox by Option^Explicit.
  • Double-click the KillBox icon on your desktop to open it
  • Select the box Replace on Reboot
  • Select the box Use Dummy
  • Copy the bolded filepath below and paste it into the 'Full path of File to Delete' window.
     
    C:\WINDOWS\system32\hjkmp.ini2
  • Click the red circle with a white X [Delete File] button.
  • Click Yes at the Delete on Reboot prompt. Click No at the Pending Operations prompt.
  • Select the box Use Dummy again
  • Copy the bolded filepath below and paste it into the 'Full path of File to Delete' window.
     
    C:\WINDOWS\system32\pmkjh.dll
  • Click the red circle with a white X [Delete File] button.
  • Click Yes at the Delete on Reboot prompt. Click No at the Pending Operations prompt.
  • Select the box Use Dummy again
  • Copy the bolded filepath below and paste it into the 'Full path of File to Delete' window.
     
    C:\WINDOWS\system32\__c00A6484.dat
  • Click the red circle with a white X [Delete File] button.
  • Click Yes at the Delete on Reboot prompt. Click No at the Pending Operations prompt.
  • Exit the Killbox

Scan again with HijackThis and place a check next to the following entries, close all other windows then click Fix Checked.

 

O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - (no file)

O2 - BHO: (no name) - {10C0C3B9-FC60-4902-92B3-49E09D7BAE89} - C:\WINDOWS\system32\mljgg.dll (file missing)

O2 - BHO: (no name) - {18CCB518-1374-4946-A4C2-21EFD6C471CE} - (no file)

O2 - BHO: {8086f986-44d7-bb1a-8ae4-189a0888f064} - {460f8880-a981-4ea8-a1bb-7d44689f6808} - C:\WINDOWS\system32\uimnlulf.dll (file missing)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: (no name) - {97CC1FB6-83A6-41DB-ACAE-4D687978EF63} - C:\WINDOWS\system32\pmkjh.dll

O2 - BHO: (no name) - {A57EE9D7-0534-496A-B2B0-E95866D0C1B0} - (no file)

O2 - BHO: (no name) - {BBB05D9E-0297-404D-A6BF-D8F2876B84A6} - C:\WINDOWS\system32\tuvwwxy.dll (file missing)

O2 - BHO: (no name) - {EF18E814-3E1B-452D-8EAE-208E53C009F5} - C:\WINDOWS\system32\vtstt.dll (file missing)

O4 - HKCU\..\Run: [HijackThis startup scan] C:\Documents and Settings\Dad\Desktop\HijackThis.exe /startupscan

Close HijackThis and restart your computer. Create and post a fresh HijackThis log.

Logfile of HijackThis v1.99.1

Scan saved at 5:25:25 PM, on 19/11/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Microsoft Hardware\Keyboard\type32.exe

C:\WINDOWS\system32\atwtusb.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\WINDOWS\system32\CTSvcCDA.EXE

C:\WINDOWS\system32\drivers\KodakCCS.exe

C:\Program Files\CS Fire Monitor\CSFireMon.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\ScsiAccess.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\WINDOWS\system32\UStorSrv.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\WINDOWS\system32\fxssvc.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\Dad\Desktop\Dad.exe

 

Sorry about the delay...

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll

O2 - BHO: Burn4Free Toolbar Helper - {60BF5EE3-0105-4858-AD98-17C19F86B042} - C:\Program Files\Burn4Free Toolbar\v3.3.0.0\Burn4Free_Toolbar.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {794AC956-1DE3-4459-AF33-7F09726BF9F7} - C:\WINDOWS\system32\pmkjh.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [intelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

O4 - Global Startup: hpoddt01.exe.lnk = ?

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-au\msntabres.dll.mui/229?42def64ca47e412b8c501d922166e5af

O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-au\msntabres.dll.mui/230?42def64ca47e412b8c501d922166e5af

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: START_PAGE_URL=http://www.bigpond.com/

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1125884139484

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00A6484.dat

O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE

O23 - Service: CS Fire Monitor - Unknown owner - C:\Program Files\CS Fire Monitor\CSFireMonService.exe" -service (file missing)

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe

Share this post


Link to post
Share on other sites

Scan again with HijackThis and fix the following.

 

O2 - BHO: (no name) - {794AC956-1DE3-4459-AF33-7F09726BF9F7} - C:\WINDOWS\system32\pmkjh.dll

O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00A6484.dat

 

Restart the computer, then run dss again and post the main.txt log

Share this post


Link to post
Share on other sites
Scan again with HijackThis and fix the following.

 

O2 - BHO: (no name) - {794AC956-1DE3-4459-AF33-7F09726BF9F7} - C:\WINDOWS\system32\pmkjh.dll

O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00A6484.dat

 

Restart the computer, then run dss again and post the main.txt log

 

As requested....

 

Deckard's System Scanner v20071014.68

Run by Dad on 2007-11-19 17:48:31

Computer is in Normal Mode.

--------------------------------------------------------------------------------

 

 

 

-- HijackThis (run as Dad.exe) -------------------------------------------------

 

Unable to find log (file not found); running clone.

-- HijackThis Clone ------------------------------------------------------------

 

 

Emulating logfile of Trend Micro HijackThis v2.0.2

Scan saved at 2007-11-19 17:48:45

Platform: Windows XP Service Pack 2 (5.01.2600)

MSIE: Internet Explorer (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\system32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

C:\WINDOWS\system32\CTSVCCDA.EXE

C:\WINDOWS\system32\drivers\KodakCCS.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\CS Fire Monitor\CSFireMon.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\ScsiAccess.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\WINDOWS\system32\UStorSrv.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\system32\fxssvc.exe

C:\Program Files\Microsoft Hardware\Keyboard\type32.exe

C:\WINDOWS\system32\atwtusb.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposts08.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Dad\Desktop\dss.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://home.microsoft.com/access/autosearch.asp?p=%s

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll

O2 - BHO: Burn4Free Toolbar Helper - {60BF5EE3-0105-4858-AD98-17C19F86B042} - C:\Program Files\Burn4Free Toolbar\v3.3.0.0\Burn4Free_Toolbar.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar2.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: (no name) - {EDABCE70-0995-4F2E-929D-4769B0ADA488} - C:\WINDOWS\system32\pmkjh.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM\..\Run: [intelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"

O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')

O4 - Global Startup: BTTray.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

O4 - Global Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-au\msntabres.dll.mui/229?42def64ca47e412b8c501d922166e5af

O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-au\msntabres.dll.mui/230?42def64ca47e412b8c501d922166e5af

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)

O9 - Extra button: (no name) - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc3.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1125884139484

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll

O18 - Protocol: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll

O18 - Protocol: mso-offdap - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL

O18 - Protocol: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL

O18 - Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00A6484.dat

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSVCCDA.EXE

O23 - Service: CS Fire Monitor - Crofts Software - C:\Program Files\CS Fire Monitor\CSFireMonService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\ramaint.exe

O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe

 

 

--

End of file - 10750 bytes

 

-- Files created between 2007-10-19 and 2007-11-19 -----------------------------

 

2007-11-19 16:43:11 0 d-------- C:\!KillBox

2007-11-19 14:58:15 0 d-------- C:\WINDOWS\ERUNT

2007-11-19 13:14:19 19566 --ahs---- C:\WINDOWS\system32\hjkmp.ini2

2007-11-19 11:51:14 320608 -----n--- C:\WINDOWS\system32\pmkjh.dll

2007-11-19 11:39:20 0 d-------- C:\VundoFix Backups

2007-11-19 06:25:18 10816 -----n--- C:\WINDOWS\system32\__c00A6484.dat

2007-11-18 04:24:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft

2007-11-13 16:03:09 4882432 --a------ C:\Documents and Settings\Anton\ntuser.dat

2007-11-13 16:00:35 147456 --a------ C:\WINDOWS\system32\vbzip10.dll <Not Verified; Info-ZIP; Info-ZIP's WiZ>

2007-11-05 15:35:30 0 d-------- C:\WINDOWS\pss

2007-11-01 17:45:28 0 d-------- C:\Program Files\Guitar Pro 5

2007-10-30 12:22:51 0 d-------- C:\Racing

2007-10-23 12:35:40 0 d-------- C:\Program Files\iPod

2007-10-23 12:35:09 0 d-------- C:\Program Files\iTunes

2007-10-22 19:54:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe

2007-10-19 23:05:01 0 d-------- C:\the hedgehog

 

 

-- Find3M Report ---------------------------------------------------------------

 

2007-11-18 04:26:14 0 d-------- C:\Program Files\Lavasoft

2007-11-18 04:26:12 0 d-------- C:\Documents and Settings\Dad\Application Data\Lavasoft

2007-11-18 04:22:45 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard

2007-11-17 17:36:23 0 d-------- C:\Program Files\Java

2007-11-14 23:30:21 0 d-------- C:\Program Files\Common Files

2007-11-08 09:50:59 0 d-------- C:\Documents and Settings\Dad\Application Data\U3

2007-11-07 14:35:58 0 d-------- C:\Program Files\CS Fire Monitor

2007-11-05 15:22:52 0 d-------- C:\Program Files\GSM

2007-11-02 20:44:26 0 d--h----- C:\Program Files\InstallShield Installation Information

2007-10-22 19:54:28 0 d-------- C:\Program Files\Common Files\Adobe

2007-10-18 00:42:08 10752 --a------ C:\WINDOWS\system32\WhoisCL.exe <Not Verified; NirSoft; WhoisCL>

2007-10-17 13:12:37 0 d-------- C:\Program Files\Free Metronome

2007-10-17 12:48:58 0 d-------- C:\Program Files\FretPro

2007-10-17 09:42:08 0 d-------- C:\Program Files\LogMeIn

2007-10-15 22:37:18 0 d-------- C:\Program Files\Lame

2007-10-14 19:57:40 0 d-------- C:\Program Files\Audacity

2007-10-09 21:53:27 0 d-------- C:\Program Files\Apple Software Update

2007-10-08 20:47:34 0 d-------- C:\Program Files\Burn4Free

2007-09-28 19:33:00 0 d-------- C:\Program Files\WinAce

2007-09-27 12:01:18 0 d-------- C:\Program Files\Microsoft Silverlight

2007-09-24 22:46:36 0 d-------- C:\Program Files\GameSpy Arcade

2007-09-24 22:43:50 0 d-------- C:\Program Files\Microsoft Games

2007-09-19 14:58:04 0 d-------- C:\Program Files\Scales Dictionary System

2007-09-19 14:57:35 286720 -----n--- C:\WINDOWS\Setup1.exe <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Windows>

2007-09-19 14:57:29 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>

2007-09-19 12:23:45 0 d-------- C:\Program Files\GiveMeTac 1.1

2007-09-14 15:30:55 229727 --a------ C:\WINDOWS\Burn4Free_Toolbar_Uninstaller_6984.exe <Not Verified; Burn4Free; Burn4Free CD and DVD>

2007-09-08 22:29:51 7188 --a------ C:\WINDOWS\mozver.dat

 

 

-- Registry Dump ---------------------------------------------------------------

 

*Note* empty entries & legit default entries are not shown

 

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EDABCE70-0995-4F2E-929D-4769B0ADA488}]

19/11/2007 11:51 AM 320608 --------- C:\WINDOWS\system32\pmkjh.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IntelliType"="C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" [22/03/2002 03:41 PM]

"atwtusb"="atwtusb.exe" [23/04/2002 05:20 PM C:\WINDOWS\system32\atwtusb.exe]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [06/09/2007 09:06 PM]

"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [06/08/2007 12:08 PM]

"nwiz"="nwiz.exe" [25/08/2004 08:14 PM C:\WINDOWS\system32\nwiz.exe]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [25/08/2004 08:14 PM]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [25/08/2004 08:14 PM]

"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25/09/2007 01:11 AM]

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]

"RunNarrator"=Narrator.exe

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

 

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\

BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [20/11/2003 2:11:56 PM]

hp psc 2000 Series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [9/04/2003 6:41:38 PM]

hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [9/04/2003 7:11:12 PM]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [13/03/2006 02:11 PM 233472]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]

LMIinit.dll 02/10/2007 05:51 PM 75064 C:\WINDOWS\system32\LMIinit.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"appinit_dlls"=C:\WINDOWS\system32\__c00A6484.dat

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

"Authentication Packages"= msv1_0 C:\WINDOWS\system32\pmkjh.dll

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

@="Service"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]

backup=C:\WINDOWS\pss\Acrobat Assistant.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]

backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Remote Controller.lnk]

backup=C:\WINDOWS\pss\Remote Controller.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Desktop Search.lnk]

backup=C:\WINDOWS\pss\Windows Desktop Search.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Agent]

"C:\Program Files\CyberLink\PowerVCRII\Agent.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]

AGRSMMSG.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

"C:\Program Files\iTunes\iTunesHelper.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]

C:\WINDOWS\system32\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Omnipage]

C:\Program Files\ScanSoft\OmniPageSE\opware32.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]

C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

"C:\Program Files\QuickTime\QTTask.exe" -atboottime

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Remote_Agent]

"C:\Program Files\CyberLink\PowerVCRII\RemoteAgent.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]

SOUNDMAN.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFaxAppPortStarter]

wfxsnt40.exe

 

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{52d0c36c-3e4a-11dc-b9ad-0020ed6c9f88}]

AutoRun\command- G:\LaunchU3.exe -a

 

 

 

 

-- End of Deckard's System Scanner: finished at 2007-11-19 17:49:55 ------------

Share this post


Link to post
Share on other sites

I'm gonna have to sleep Anton. Way past my bedtime and I need a clear head for what I propose next. I'll be back tomorrow evening. Try to keep that PC offline as much as you can.

Share this post


Link to post
Share on other sites
I'm gonna have to sleep Anton. Way past my bedtime and I need a clear head for what I propose next. I'll be back tomorrow evening. Try to keep that PC offline as much as you can.

 

you definitly deserve your rest...god bless...

Share this post


Link to post
Share on other sites

;)-->

QUOTE(Anton.B @ Nov 19 2007, 06:16 PM) 61262[/snapback]
you definitly deserve your rest...god bless...

 

Latest DSS log:

Deckard's System Scanner v20071014.68

Run by Dad on 2007-11-20 11:18:09

Computer is in Normal Mode.

--------------------------------------------------------------------------------

 

 

 

-- HijackThis (run as Dad.exe) -------------------------------------------------

 

Logfile of HijackThis v1.99.1

Scan saved at 11:18:24 AM, on 20/11/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

C:\Program Files\Comodo\Firewall\cmdagent.exe

C:\WINDOWS\system32\CTSvcCDA.EXE

C:\WINDOWS\Explorer.EXE

C:\Program Files\Microsoft Hardware\Keyboard\type32.exe

C:\WINDOWS\system32\chipiswo.exe

C:\WINDOWS\system32\atwtusb.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Program Files\Comodo\Firewall\CPF.exe

C:\WINDOWS\system32\drivers\KodakCCS.exe

C:\Program Files\CS Fire Monitor\CSFireMon.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\ScsiAccess.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\WINDOWS\system32\UStorSrv.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\WINDOWS\system32\fxssvc.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\Documents and Settings\Dad\Desktop\dss.exe

C:\DOCUME~1\Dad\Desktop\Dad.exe

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {0E38E3AF-883C-446E-B0D2-1145E319FE89} - C:\WINDOWS\system32\pmkjh.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\tayyujhz.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\tayyujhz.dll

O4 - HKLM\..\Run: [intelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

O4 - Global Startup: hpoddt01.exe.lnk = ?

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: START_PAGE_URL=http://www.bigpond.com/

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1125884139484

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - AppInit_DLLs: C:\WINDOWS\system32\__c002F2B8.dat

O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll

O20 - Winlogon Notify: tayyujhz - C:\WINDOWS\SYSTEM32\tayyujhz.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE

O23 - Service: CS Fire Monitor - Unknown owner - C:\Program Files\CS Fire Monitor\CSFireMonService.exe" -service (file missing)

O23 - Service: DomainService - - C:\WINDOWS\system32\chipiswo.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe

 

 

-- Files created between 2007-10-20 and 2007-11-20 -----------------------------

 

2007-11-20 10:21:19 0 d-------- C:\WINDOWS\SxsCaPendDel

2007-11-20 09:37:03 71232 --a------ C:\WINDOWS\system32\chipiswo.exe <Not Verified; ; DDC>

2007-11-20 09:36:55 10816 --a------ C:\WINDOWS\system32\__c002F2B8.dat

2007-11-20 09:36:54 10816 --a------ C:\WINDOWS\system32\jrhdmima.dll

2007-11-20 09:34:17 145984 --a------ C:\WINDOWS\system32\tayyujhz.dll

2007-11-20 09:33:48 145984 --a------ C:\WINDOWS\system32\yfeqgtie.dll

2007-11-20 09:31:51 10816 --a------ C:\WINDOWS\system32\tmdhrbhf.dll

2007-11-19 21:38:38 0 d-------- C:\Documents and Settings\Dad\Application Data\Comodo

2007-11-19 21:38:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Comodo

2007-11-19 21:34:15 0 d-------- C:\Program Files\Comodo

2007-11-19 16:43:11 0 d-------- C:\!KillBox

2007-11-19 14:58:15 0 d-------- C:\WINDOWS\ERUNT

2007-11-19 13:14:19 143777 --ahs---- C:\WINDOWS\system32\hjkmp.ini2

2007-11-19 11:51:14 320608 -----n--- C:\WINDOWS\system32\pmkjh.dll

2007-11-19 11:39:20 0 d-------- C:\VundoFix Backups

2007-11-19 06:25:18 10816 -----n--- C:\WINDOWS\system32\__c00A6484.dat

2007-11-18 04:24:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft

2007-11-13 16:03:09 4882432 --a------ C:\Documents and Settings\Anton\ntuser.dat

2007-11-13 16:00:35 147456 --a------ C:\WINDOWS\system32\vbzip10.dll <Not Verified; Info-ZIP; Info-ZIP's WiZ>

2007-11-05 15:35:30 0 d-------- C:\WINDOWS\pss

2007-11-01 17:45:28 0 d-------- C:\Program Files\Guitar Pro 5

2007-10-30 12:22:51 0 d-------- C:\Racing

2007-10-23 12:35:40 0 d-------- C:\Program Files\iPod

2007-10-23 12:35:09 0 d-------- C:\Program Files\iTunes

2007-10-22 19:54:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe

 

 

-- Find3M Report ---------------------------------------------------------------

 

2007-11-20 11:06:18 0 d-------- C:\Program Files\Windows Live Toolbar

2007-11-20 10:40:18 0 d-------- C:\Program Files\Activision

2007-11-20 10:39:00 0 d-------- C:\Program Files\Windows Desktop Search

2007-11-20 10:32:59 0 d-------- C:\Documents and Settings\Dad\Application Data\Macromedia

2007-11-20 10:26:26 0 d-------- C:\Program Files\Free Window Registry Repair

2007-11-20 10:25:50 0 d-------- C:\Program Files\Google

2007-11-20 10:23:44 0 d-------- C:\Program Files\Microsoft Games

2007-11-20 10:19:05 0 d--h----- C:\Program Files\InstallShield Installation Information

2007-11-20 10:10:36 0 d-------- C:\Program Files\Common Files

2007-11-20 10:01:27 0 d-------- C:\Program Files\AimGames

2007-11-18 04:26:14 0 d-------- C:\Program Files\Lavasoft

2007-11-18 04:26:12 0 d-------- C:\Documents and Settings\Dad\Application Data\Lavasoft

2007-11-18 04:22:45 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard

2007-11-17 17:36:23 0 d-------- C:\Program Files\Java

2007-11-08 09:50:59 0 d-------- C:\Documents and Settings\Dad\Application Data\U3

2007-11-07 14:35:58 0 d-------- C:\Program Files\CS Fire Monitor

2007-11-05 15:22:52 0 d-------- C:\Program Files\GSM

2007-10-22 19:54:28 0 d-------- C:\Program Files\Common Files\Adobe

2007-10-18 00:42:08 10752 --a------ C:\WINDOWS\system32\WhoisCL.exe <Not Verified; NirSoft; WhoisCL>

2007-10-17 12:48:58 0 d-------- C:\Program Files\FretPro

2007-10-17 09:42:08 0 d-------- C:\Program Files\LogMeIn

2007-10-15 22:37:18 0 d-------- C:\Program Files\Lame

2007-10-14 19:57:40 0 d-------- C:\Program Files\Audacity

2007-10-09 21:53:27 0 d-------- C:\Program Files\Apple Software Update

2007-09-28 19:33:00 0 d-------- C:\Program Files\WinAce

2007-09-24 22:46:36 0 d-------- C:\Program Files\GameSpy Arcade

2007-09-19 14:57:35 286720 -----n--- C:\WINDOWS\Setup1.exe <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Windows>

2007-09-19 14:57:29 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>

2007-09-08 22:29:51 7188 --a------ C:\WINDOWS\mozver.dat

 

 

-- Registry Dump ---------------------------------------------------------------

 

*Note* empty entries & legit default entries are not shown

 

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0E38E3AF-883C-446E-B0D2-1145E319FE89}]

19/11/2007 11:51 AM 320608 --------- C:\WINDOWS\system32\pmkjh.dll

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]

20/11/2007 09:34 AM 145984 --a------ C:\WINDOWS\system32\tayyujhz.dll

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{11A69AE4-FBED-4832-A2BF-45AF82825583}"= C:\WINDOWS\system32\tayyujhz.dll [20/11/2007 09:34 AM 145984]

 

[-HKEY_CLASSES_ROOT\CLSID\{11A69AE4-FBED-4832-A2BF-45AF82825583}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IntelliType"="C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" [22/03/2002 03:41 PM]

"atwtusb"="atwtusb.exe" [23/04/2002 05:20 PM C:\WINDOWS\system32\atwtusb.exe]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [06/09/2007 09:06 PM]

"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [06/08/2007 12:08 PM]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [25/08/2004 08:14 PM]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [25/08/2004 08:14 PM]

"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [19/11/2007 09:34 PM]

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]

"RunNarrator"=Narrator.exe

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

 

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\

BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [20/11/2003 2:11:56 PM]

hp psc 2000 Series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [9/04/2003 6:41:38 PM]

hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [9/04/2003 7:11:12 PM]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]

LMIinit.dll 02/10/2007 05:51 PM 75064 C:\WINDOWS\system32\LMIinit.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tayyujhz]

tayyujhz.dll 20/11/2007 09:34 AM 145984 C:\WINDOWS\system32\tayyujhz.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"appinit_dlls"=C:\WINDOWS\system32\__c002F2B8.dat

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

"Authentication Packages"= msv1_0 C:\WINDOWS\system32\pmkjh.dll

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

@="Service"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]

backup=C:\WINDOWS\pss\Acrobat Assistant.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]

backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Remote Controller.lnk]

backup=C:\WINDOWS\pss\Remote Controller.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Desktop Search.lnk]

backup=C:\WINDOWS\pss\Windows Desktop Search.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Agent]

"C:\Program Files\CyberLink\PowerVCRII\Agent.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]

AGRSMMSG.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

"C:\Program Files\iTunes\iTunesHelper.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]

C:\WINDOWS\system32\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

nwiz.exe /install

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Omnipage]

C:\Program Files\ScanSoft\OmniPageSE\opware32.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]

C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

"C:\Program Files\QuickTime\QTTask.exe" -atboottime

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Remote_Agent]

"C:\Program Files\CyberLink\PowerVCRII\RemoteAgent.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]

SOUNDMAN.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFaxAppPortStarter]

wfxsnt40.exe

 

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{52d0c36c-3e4a-11dc-b9ad-0020ed6c9f88}]

AutoRun\command- G:\LaunchU3.exe -a

 

 

 

 

-- End of Deckard's System Scanner: finished at 2007-11-20 11:19:54 ------------

Share this post


Link to post
Share on other sites

Hmmm ........ looks like maybe the Killbox>Use dummy method may have worked, but we got a new dat file now. Let's see what happens here. First, delete the VundoFix.exe you currently have and download a fresh copy from here. Delete the C:\VundoFix.txt file.

 

Now, highlight and copy the contents of the code box below and paste it into a blank notepad, then save it to your desktop as;

 

Filename: vundofix.vft

Save As Type: All Files (*.*)

 

C:\WINDOWS\system32\__c002F2B8.dat
C:\WINDOWS\system32\jrhdmima.dll
C:\WINDOWS\system32\tayyujhz.dll
C:\WINDOWS\system32\yfeqgtie.dll
C:\WINDOWS\system32\tmdhrbhf.dll
C:\WINDOWS\system32\hjkmp.ini2
C:\WINDOWS\system32\pmkjh.dll
C:\WINDOWS\system32\__c00A6484.dat

  • Close all other windows and programs.
  • Double-click VundoFix.exe to run it.
  • Drag vundofix.vft onto the listbox (white box) of VundoFix.
  • Click the "Remove Vundo" button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
  • Please post the contents of C:\vundofix.txt and a new dss log.

Note: It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button" when VundoFix appears upon rebooting

 

 

Do you have an XP cd? Not a recovery cd, but an operating system disc. If not, do you have a blank cd and a cd burner? Know how to burn an iso image to cd and make it bootable?

Share this post


Link to post
Share on other sites
Hmmm ........ looks like maybe the Killbox>Use dummy method may have worked, but we got a new dat file now. Let's see what happens here. First, delete the VundoFix.exe you currently have and download a fresh copy from here. Delete the C:\VundoFix.txt file.

 

Now, highlight and copy the contents of the code box below and paste it into a blank notepad, then save it to your desktop as;

 

Filename: vundofix.vft

Save As Type: All Files (*.*)

 

C:\WINDOWS\system32\__c002F2B8.dat
C:\WINDOWS\system32\jrhdmima.dll
C:\WINDOWS\system32\tayyujhz.dll
C:\WINDOWS\system32\yfeqgtie.dll
C:\WINDOWS\system32\tmdhrbhf.dll
C:\WINDOWS\system32\hjkmp.ini2
C:\WINDOWS\system32\pmkjh.dll
C:\WINDOWS\system32\__c00A6484.dat

  • Close all other windows and programs.
  • Double-click VundoFix.exe to run it.
  • Drag vundofix.vft onto the listbox (white box) of VundoFix.
  • Click the "Remove Vundo" button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will reboot your computer, click OK.
  • Please post the contents of C:\vundofix.txt and a new dss log.

Note: It is possible that VundoFix encountered a file it could not remove. In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the Scan for Vundo button" when VundoFix appears upon rebooting

Do you have an XP cd? Not a recovery cd, but an operating system disc. If not, do you have a blank cd and a cd burner? Know how to burn an iso image to cd and make it bootable?

 

G'day Noahdfear, have burner & disc at the ready if you can instruct me I shall do.

 

Deckard's System Scanner v20071014.68

Run by Dad on 2007-11-20 15:13:11

Computer is in Normal Mode.

--------------------------------------------------------------------------------

 

 

 

-- HijackThis (run as Dad.exe) -------------------------------------------------

 

Logfile of HijackThis v1.99.1

Scan saved at 3:13:25 PM, on 20/11/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

C:\Program Files\Comodo\Firewall\cmdagent.exe

C:\WINDOWS\system32\CTSvcCDA.EXE

C:\WINDOWS\system32\chipiswo.exe

C:\Program Files\CS Fire Monitor\CSFireMon.exe

C:\WINDOWS\system32\drivers\KodakCCS.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\ScsiAccess.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\setup\avast.setup

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\WINDOWS\system32\UStorSrv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\MsPMSPSv.exe

C:\WINDOWS\system32\fxssvc.exe

C:\Program Files\Microsoft Hardware\Keyboard\type32.exe

C:\WINDOWS\system32\atwtusb.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Program Files\Comodo\Firewall\CPF.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe

C:\Documents and Settings\Dad\Desktop\dss.exe

C:\DOCUME~1\Dad\Desktop\Dad.exe

C:\WINDOWS\system32\NOTEPAD.EXE

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {9E801EF7-ED23-497F-A5AB-F51E56F82C2C} - C:\WINDOWS\system32\pmkjh.dll

O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\tayyujhz.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\tayyujhz.dll

O4 - HKLM\..\Run: [intelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

O4 - Global Startup: hpoddt01.exe.lnk = ?

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: START_PAGE_URL=http://www.bigpond.com/

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1125884139484

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - AppInit_DLLs: C:\WINDOWS\system32\__c002F2B8.dat

O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll

O20 - Winlogon Notify: tayyujhz - C:\WINDOWS\SYSTEM32\tayyujhz.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE

O23 - Service: CS Fire Monitor - Unknown owner - C:\Program Files\CS Fire Monitor\CSFireMonService.exe" -service (file missing)

O23 - Service: DomainService - - C:\WINDOWS\system32\chipiswo.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe

 

 

-- Files created between 2007-10-20 and 2007-11-20 -----------------------------

 

2007-11-20 10:21:19 0 d-------- C:\WINDOWS\SxsCaPendDel

2007-11-20 09:37:03 71232 --a------ C:\WINDOWS\system32\chipiswo.exe <Not Verified; ; DDC>

2007-11-20 09:36:55 10816 --a------ C:\WINDOWS\system32\__c002F2B8.dat

2007-11-20 09:36:54 10816 --a------ C:\WINDOWS\system32\jrhdmima.dll

2007-11-20 09:34:17 145984 --a------ C:\WINDOWS\system32\tayyujhz.dll

2007-11-20 09:33:48 145984 --a------ C:\WINDOWS\system32\yfeqgtie.dll

2007-11-20 09:31:51 10816 --a------ C:\WINDOWS\system32\tmdhrbhf.dll

2007-11-19 21:38:38 0 d-------- C:\Documents and Settings\Dad\Application Data\Comodo

2007-11-19 21:38:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Comodo

2007-11-19 21:34:15 0 d-------- C:\Program Files\Comodo

2007-11-19 16:43:11 0 d-------- C:\!KillBox

2007-11-19 14:58:15 0 d-------- C:\WINDOWS\ERUNT

2007-11-19 13:14:19 145357 --ahs---- C:\WINDOWS\system32\hjkmp.ini2

2007-11-19 11:51:14 320608 -----n--- C:\WINDOWS\system32\pmkjh.dll

2007-11-19 11:39:20 0 d-------- C:\VundoFix Backups

2007-11-19 06:25:18 10816 -----n--- C:\WINDOWS\system32\__c00A6484.dat

2007-11-18 04:24:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft

2007-11-13 16:03:09 4882432 --a------ C:\Documents and Settings\Anton\ntuser.dat

2007-11-13 16:00:35 147456 --a------ C:\WINDOWS\system32\vbzip10.dll <Not Verified; Info-ZIP; Info-ZIP's WiZ>

2007-11-05 15:35:30 0 d-------- C:\WINDOWS\pss

2007-11-01 17:45:28 0 d-------- C:\Program Files\Guitar Pro 5

2007-10-30 12:22:51 0 d-------- C:\Racing

2007-10-23 12:35:40 0 d-------- C:\Program Files\iPod

2007-10-23 12:35:09 0 d-------- C:\Program Files\iTunes

2007-10-22 19:54:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe

 

 

-- Find3M Report ---------------------------------------------------------------

 

2007-11-20 11:06:18 0 d-------- C:\Program Files\Windows Live Toolbar

2007-11-20 10:40:18 0 d-------- C:\Program Files\Activision

2007-11-20 10:39:00 0 d-------- C:\Program Files\Windows Desktop Search

2007-11-20 10:32:59 0 d-------- C:\Documents and Settings\Dad\Application Data\Macromedia

2007-11-20 10:26:26 0 d-------- C:\Program Files\Free Window Registry Repair

2007-11-20 10:25:50 0 d-------- C:\Program Files\Google

2007-11-20 10:23:44 0 d-------- C:\Program Files\Microsoft Games

2007-11-20 10:19:05 0 d--h----- C:\Program Files\InstallShield Installation Information

2007-11-20 10:10:36 0 d-------- C:\Program Files\Common Files

2007-11-20 10:01:27 0 d-------- C:\Program Files\AimGames

2007-11-18 04:26:14 0 d-------- C:\Program Files\Lavasoft

2007-11-18 04:26:12 0 d-------- C:\Documents and Settings\Dad\Application Data\Lavasoft

2007-11-18 04:22:45 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard

2007-11-17 17:36:23 0 d-------- C:\Program Files\Java

2007-11-08 09:50:59 0 d-------- C:\Documents and Settings\Dad\Application Data\U3

2007-11-07 14:35:58 0 d-------- C:\Program Files\CS Fire Monitor

2007-11-05 15:22:52 0 d-------- C:\Program Files\GSM

2007-10-22 19:54:28 0 d-------- C:\Program Files\Common Files\Adobe

2007-10-18 00:42:08 10752 --a------ C:\WINDOWS\system32\WhoisCL.exe <Not Verified; NirSoft; WhoisCL>

2007-10-17 12:48:58 0 d-------- C:\Program Files\FretPro

2007-10-17 09:42:08 0 d-------- C:\Program Files\LogMeIn

2007-10-15 22:37:18 0 d-------- C:\Program Files\Lame

2007-10-14 19:57:40 0 d-------- C:\Program Files\Audacity

2007-10-09 21:53:27 0 d-------- C:\Program Files\Apple Software Update

2007-09-28 19:33:00 0 d-------- C:\Program Files\WinAce

2007-09-24 22:46:36 0 d-------- C:\Program Files\GameSpy Arcade

2007-09-19 14:57:35 286720 -----n--- C:\WINDOWS\Setup1.exe <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Windows>

2007-09-19 14:57:29 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>

2007-09-08 22:29:51 7188 --a------ C:\WINDOWS\mozver.dat

 

 

-- Registry Dump ---------------------------------------------------------------

 

*Note* empty entries & legit default entries are not shown

 

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9E801EF7-ED23-497F-A5AB-F51E56F82C2C}]

19/11/2007 11:51 AM 320608 --------- C:\WINDOWS\system32\pmkjh.dll

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]

20/11/2007 09:34 AM 145984 --a------ C:\WINDOWS\system32\tayyujhz.dll

 

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]

"{11A69AE4-FBED-4832-A2BF-45AF82825583}"= C:\WINDOWS\system32\tayyujhz.dll [20/11/2007 09:34 AM 145984]

 

[-HKEY_CLASSES_ROOT\CLSID\{11A69AE4-FBED-4832-A2BF-45AF82825583}]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IntelliType"="C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" [22/03/2002 03:41 PM]

"atwtusb"="atwtusb.exe" [23/04/2002 05:20 PM C:\WINDOWS\system32\atwtusb.exe]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [06/09/2007 09:06 PM]

"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [06/08/2007 12:08 PM]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [25/08/2004 08:14 PM]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [25/08/2004 08:14 PM]

"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [19/11/2007 09:34 PM]

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]

"RunNarrator"=Narrator.exe

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

 

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\

BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [20/11/2003 2:11:56 PM]

hp psc 2000 Series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [9/04/2003 6:41:38 PM]

hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [9/04/2003 7:11:12 PM]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]

LMIinit.dll 02/10/2007 05:51 PM 75064 C:\WINDOWS\system32\LMIinit.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tayyujhz]

tayyujhz.dll 20/11/2007 09:34 AM 145984 C:\WINDOWS\system32\tayyujhz.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"appinit_dlls"=C:\WINDOWS\system32\__c002F2B8.dat

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

"Authentication Packages"= msv1_0 C:\WINDOWS\system32\pmkjh.dll

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

@="Service"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]

backup=C:\WINDOWS\pss\Acrobat Assistant.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]

backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Remote Controller.lnk]

backup=C:\WINDOWS\pss\Remote Controller.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Desktop Search.lnk]

backup=C:\WINDOWS\pss\Windows Desktop Search.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Agent]

"C:\Program Files\CyberLink\PowerVCRII\Agent.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]

AGRSMMSG.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

"C:\Program Files\iTunes\iTunesHelper.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]

C:\WINDOWS\system32\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

nwiz.exe /install

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Omnipage]

C:\Program Files\ScanSoft\OmniPageSE\opware32.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]

C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

"C:\Program Files\QuickTime\QTTask.exe" -atboottime

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Remote_Agent]

"C:\Program Files\CyberLink\PowerVCRII\RemoteAgent.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]

SOUNDMAN.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFaxAppPortStarter]

wfxsnt40.exe

 

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{52d0c36c-3e4a-11dc-b9ad-0020ed6c9f88}]

AutoRun\command- G:\LaunchU3.exe -a

 

 

 

 

-- End of Deckard's System Scanner: finished at 2007-11-20 15:14:29 ------------

Share this post


Link to post
Share on other sites
Howdy! ;)

Post the C:\Vundofix log please.

 

I'll incorrectly gace the vundo file a txt extension....re doing the exercise!!!!

Share this post


Link to post
Share on other sites
If you haven't run it yet, add this file to the list.

 

C:\WINDOWS\system32\chipiswo.exe

 

Latest logs:

 

Beginning removal...

 

Attempting to delete C:\Documents and Settings\Dad\Desktop\VundoFix.txt

C:\Documents and Settings\Dad\Desktop\VundoFix.txt Has been deleted!

 

Performing Repairs to the registry.

Done!

 

Beginning removal...

 

Attempting to delete C:\WINDOWS\system32\__c002F2B8.dat

C:\WINDOWS\system32\__c002F2B8.dat Could not be deleted.

 

Attempting to delete C:\WINDOWS\system32\__c00A6484.dat

C:\WINDOWS\system32\__c00A6484.dat Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\hjkmp.ini2

C:\WINDOWS\system32\hjkmp.ini2 Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\jrhdmima.dll

C:\WINDOWS\system32\jrhdmima.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\pmkjh.dll

C:\WINDOWS\system32\pmkjh.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\tayyujhz.dll

C:\WINDOWS\system32\tayyujhz.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\tmdhrbhf.dll

C:\WINDOWS\system32\tmdhrbhf.dll Has been deleted!

 

Attempting to delete C:\WINDOWS\system32\yfeqgtie.dll

C:\WINDOWS\system32\yfeqgtie.dll Has been deleted!

 

Performing Repairs to the registry.

Done!

 

Beginning removal...

 

Attempting to delete C:\WINDOWS\system32\__c002F2B8.dat

C:\WINDOWS\system32\__c002F2B8.dat Could not be deleted.

 

Attempting to delete C:\WINDOWS\system32\chipiswo.exe

C:\WINDOWS\system32\chipiswo.exe Could not be deleted.

 

Performing Repairs to the registry.

Done!

 

Beginning removal...

 

Deckard's System Scanner v20071014.68

Run by Dad on 2007-11-20 16:01:36

Computer is in Normal Mode.

--------------------------------------------------------------------------------

 

 

 

-- HijackThis (run as Dad.exe) -------------------------------------------------

 

Logfile of HijackThis v1.99.1

Scan saved at 4:01:55 PM, on 20/11/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

C:\Program Files\Comodo\Firewall\cmdagent.exe

C:\WINDOWS\system32\CTSvcCDA.EXE

C:\WINDOWS\system32\chipiswo.exe

C:\Program Files\CS Fire Monitor\CSFireMon.exe

C:\WINDOWS\system32\drivers\KodakCCS.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\ScsiAccess.EXE

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\WINDOWS\system32\UStorSrv.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\WINDOWS\system32\fxssvc.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Alwil Software\Avast4\setup\avast.setup

C:\Program Files\Microsoft Hardware\Keyboard\type32.exe

C:\WINDOWS\system32\atwtusb.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Program Files\Comodo\Firewall\CPF.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe

C:\Documents and Settings\Dad\Desktop\dss.exe

C:\DOCUME~1\Dad\Desktop\Dad.exe

C:\WINDOWS\system32\NOTEPAD.EXE

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {9E801EF7-ED23-497F-A5AB-F51E56F82C2C} - C:\WINDOWS\system32\pmkjh.dll (file missing)

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)

O4 - HKLM\..\Run: [intelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

O4 - Global Startup: hpoddt01.exe.lnk = ?

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: START_PAGE_URL=http://www.bigpond.com/

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1125884139484

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - AppInit_DLLs: C:\WINDOWS\system32\__c002F2B8.dat

O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE

O23 - Service: CS Fire Monitor - Unknown owner - C:\Program Files\CS Fire Monitor\CSFireMonService.exe" -service (file missing)

O23 - Service: DomainService - - C:\WINDOWS\system32\chipiswo.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe

 

 

-- Files created between 2007-10-20 and 2007-11-20 -----------------------------

 

2007-11-20 10:21:19 0 d-------- C:\WINDOWS\SxsCaPendDel

2007-11-20 09:37:03 71232 -----n--- C:\WINDOWS\system32\chipiswo.exe <Not Verified; ; DDC>

2007-11-20 09:36:55 10816 -----n--- C:\WINDOWS\system32\__c002F2B8.dat

2007-11-19 21:38:38 0 d-------- C:\Documents and Settings\Dad\Application Data\Comodo

2007-11-19 21:38:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Comodo

2007-11-19 21:34:15 0 d-------- C:\Program Files\Comodo

2007-11-19 16:43:11 0 d-------- C:\!KillBox

2007-11-19 14:58:15 0 d-------- C:\WINDOWS\ERUNT

2007-11-19 11:39:20 0 d-------- C:\VundoFix Backups

2007-11-18 04:24:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft

2007-11-13 16:03:09 4882432 --a------ C:\Documents and Settings\Anton\ntuser.dat

2007-11-13 16:00:35 147456 --a------ C:\WINDOWS\system32\vbzip10.dll <Not Verified; Info-ZIP; Info-ZIP's WiZ>

2007-11-05 15:35:30 0 d-------- C:\WINDOWS\pss

2007-11-01 17:45:28 0 d-------- C:\Program Files\Guitar Pro 5

2007-10-30 12:22:51 0 d-------- C:\Racing

2007-10-23 12:35:40 0 d-------- C:\Program Files\iPod

2007-10-23 12:35:09 0 d-------- C:\Program Files\iTunes

2007-10-22 19:54:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe

 

 

-- Find3M Report ---------------------------------------------------------------

 

2007-11-20 11:06:18 0 d-------- C:\Program Files\Windows Live Toolbar

2007-11-20 10:40:18 0 d-------- C:\Program Files\Activision

2007-11-20 10:39:00 0 d-------- C:\Program Files\Windows Desktop Search

2007-11-20 10:32:59 0 d-------- C:\Documents and Settings\Dad\Application Data\Macromedia

2007-11-20 10:26:26 0 d-------- C:\Program Files\Free Window Registry Repair

2007-11-20 10:25:50 0 d-------- C:\Program Files\Google

2007-11-20 10:23:44 0 d-------- C:\Program Files\Microsoft Games

2007-11-20 10:19:05 0 d--h----- C:\Program Files\InstallShield Installation Information

2007-11-20 10:10:36 0 d-------- C:\Program Files\Common Files

2007-11-20 10:01:27 0 d-------- C:\Program Files\AimGames

2007-11-18 04:26:14 0 d-------- C:\Program Files\Lavasoft

2007-11-18 04:26:12 0 d-------- C:\Documents and Settings\Dad\Application Data\Lavasoft

2007-11-18 04:22:45 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard

2007-11-17 17:36:23 0 d-------- C:\Program Files\Java

2007-11-08 09:50:59 0 d-------- C:\Documents and Settings\Dad\Application Data\U3

2007-11-07 14:35:58 0 d-------- C:\Program Files\CS Fire Monitor

2007-11-05 15:22:52 0 d-------- C:\Program Files\GSM

2007-10-22 19:54:28 0 d-------- C:\Program Files\Common Files\Adobe

2007-10-18 00:42:08 10752 --a------ C:\WINDOWS\system32\WhoisCL.exe <Not Verified; NirSoft; WhoisCL>

2007-10-17 12:48:58 0 d-------- C:\Program Files\FretPro

2007-10-17 09:42:08 0 d-------- C:\Program Files\LogMeIn

2007-10-15 22:37:18 0 d-------- C:\Program Files\Lame

2007-10-14 19:57:40 0 d-------- C:\Program Files\Audacity

2007-10-09 21:53:27 0 d-------- C:\Program Files\Apple Software Update

2007-09-28 19:33:00 0 d-------- C:\Program Files\WinAce

2007-09-24 22:46:36 0 d-------- C:\Program Files\GameSpy Arcade

2007-09-19 14:57:35 286720 -----n--- C:\WINDOWS\Setup1.exe <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Windows>

2007-09-19 14:57:29 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>

2007-09-08 22:29:51 7188 --a------ C:\WINDOWS\mozver.dat

 

 

-- Registry Dump ---------------------------------------------------------------

 

*Note* empty entries & legit default entries are not shown

 

 

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9E801EF7-ED23-497F-A5AB-F51E56F82C2C}]

C:\WINDOWS\system32\pmkjh.dll

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IntelliType"="C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" [22/03/2002 03:41 PM]

"atwtusb"="atwtusb.exe" [23/04/2002 05:20 PM C:\WINDOWS\system32\atwtusb.exe]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [06/09/2007 09:06 PM]

"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [06/08/2007 12:08 PM]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [25/08/2004 08:14 PM]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [25/08/2004 08:14 PM]

"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [19/11/2007 09:34 PM]

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]

"RunNarrator"=Narrator.exe

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

 

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\

BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [20/11/2003 2:11:56 PM]

hp psc 2000 Series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [9/04/2003 6:41:38 PM]

hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [9/04/2003 7:11:12 PM]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]

LMIinit.dll 02/10/2007 05:51 PM 75064 C:\WINDOWS\system32\LMIinit.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]

"appinit_dlls"=C:\WINDOWS\system32\__c002F2B8.dat

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

"Authentication Packages"= msv1_0 C:\WINDOWS\system32\pmkjh.dll

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

@="Service"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]

backup=C:\WINDOWS\pss\Acrobat Assistant.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]

backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Remote Controller.lnk]

backup=C:\WINDOWS\pss\Remote Controller.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Desktop Search.lnk]

backup=C:\WINDOWS\pss\Windows Desktop Search.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Agent]

"C:\Program Files\CyberLink\PowerVCRII\Agent.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]

AGRSMMSG.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

"C:\Program Files\iTunes\iTunesHelper.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]

C:\WINDOWS\system32\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

nwiz.exe /install

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Omnipage]

C:\Program Files\ScanSoft\OmniPageSE\opware32.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]

C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

"C:\Program Files\QuickTime\QTTask.exe" -atboottime

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Remote_Agent]

"C:\Program Files\CyberLink\PowerVCRII\RemoteAgent.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]

SOUNDMAN.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFaxAppPortStarter]

wfxsnt40.exe

 

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{52d0c36c-3e4a-11dc-b9ad-0020ed6c9f88}]

AutoRun\command- G:\LaunchU3.exe -a

 

 

 

 

-- End of Deckard's System Scanner: finished at 2007-11-20 16:02:21 ------------

Share this post


Link to post
Share on other sites

Click Start>Run and paste the following command then hit enter.

 

sc stop DomainService

 

then do this one.

 

sc delete DomainService

 

Add the following two files to Killbox using the same method as before; Delete on Reboot and Use Dummy, Yes to the Delete on Reboot prompt, No to the Pending Operations prompt, add next file.

 

C:\WINDOWS\system32\chipiswo.exe

 

C:\WINDOWS\system32\__c002F2B8.dat

 

 

Reboot

 

Scan again with HijackThis and fix the following entries.

 

O2 - BHO: (no name) - {9E801EF7-ED23-497F-A5AB-F51E56F82C2C} - C:\WINDOWS\system32\pmkjh.dll (file missing)

O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)

O20 - AppInit_DLLs: C:\WINDOWS\system32\__c002F2B8.dat

 

 

See if you can manually delete the following files.

 

C:\WINDOWS\system32\chipiswo.exe

C:\WINDOWS\system32\__c002F2B8.dat

 

 

Create a new dss log and post it here.

Share this post


Link to post
Share on other sites
Click Start>Run and paste the following command then hit enter.

 

sc stop DomainService

 

then do this one.

 

sc delete DomainService

 

Add the following two files to Killbox using the same method as before; Delete on Reboot and Use Dummy, Yes to the Delete on Reboot prompt, No to the Pending Operations prompt, add next file.

 

C:\WINDOWS\system32\chipiswo.exe

 

C:\WINDOWS\system32\__c002F2B8.dat

Reboot

 

Scan again with HijackThis and fix the following entries.

 

O2 - BHO: (no name) - {9E801EF7-ED23-497F-A5AB-F51E56F82C2C} - C:\WINDOWS\system32\pmkjh.dll (file missing)

O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)

O20 - AppInit_DLLs: C:\WINDOWS\system32\__c002F2B8.dat

See if you can manually delete the following files.

 

C:\WINDOWS\system32\chipiswo.exe

C:\WINDOWS\system32\__c002F2B8.dat

Create a new dss log and post it here.

 

Could not find C:windows\system32\chipiswo.exe and __c002F2B8.dat was in the killbox dir..have renamed with.bad ext.

 

Deckard's System Scanner v20071014.68

Run by Dad on 2007-11-20 16:38:51

Computer is in Normal Mode.

--------------------------------------------------------------------------------

 

 

 

-- HijackThis (run as Dad.exe) -------------------------------------------------

 

Logfile of HijackThis v1.99.1

Scan saved at 4:38:55 PM, on 20/11/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

C:\Program Files\Comodo\Firewall\cmdagent.exe

C:\WINDOWS\system32\CTSvcCDA.EXE

C:\WINDOWS\system32\drivers\KodakCCS.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\CS Fire Monitor\CSFireMon.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\ScsiAccess.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\WINDOWS\system32\UStorSrv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\MsPMSPSv.exe

C:\WINDOWS\system32\fxssvc.exe

C:\Program Files\Microsoft Hardware\Keyboard\type32.exe

C:\WINDOWS\system32\atwtusb.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Comodo\Firewall\CPF.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe

C:\Documents and Settings\Dad\Desktop\dss.exe

C:\DOCUME~1\Dad\Desktop\Dad.exe

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O4 - HKLM\..\Run: [intelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

O4 - Global Startup: hpoddt01.exe.lnk = ?

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: START_PAGE_URL=http://www.bigpond.com/

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1125884139484

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE

O23 - Service: CS Fire Monitor - Unknown owner - C:\Program Files\CS Fire Monitor\CSFireMonService.exe" -service (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe

 

 

-- Files created between 2007-10-20 and 2007-11-20 -----------------------------

 

2007-11-20 10:21:19 0 d-------- C:\WINDOWS\SxsCaPendDel

2007-11-19 21:38:38 0 d-------- C:\Documents and Settings\Dad\Application Data\Comodo

2007-11-19 21:38:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Comodo

2007-11-19 21:34:15 0 d-------- C:\Program Files\Comodo

2007-11-19 16:43:11 0 d-------- C:\!KillBox

2007-11-19 14:58:15 0 d-------- C:\WINDOWS\ERUNT

2007-11-19 11:39:20 0 d-------- C:\VundoFix Backups

2007-11-18 04:24:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft

2007-11-13 16:03:09 4882432 --a------ C:\Documents and Settings\Anton\ntuser.dat

2007-11-13 16:00:35 147456 --a------ C:\WINDOWS\system32\vbzip10.dll <Not Verified; Info-ZIP; Info-ZIP's WiZ>

2007-11-05 15:35:30 0 d-------- C:\WINDOWS\pss

2007-11-01 17:45:28 0 d-------- C:\Program Files\Guitar Pro 5

2007-10-30 12:22:51 0 d-------- C:\Racing

2007-10-23 12:35:40 0 d-------- C:\Program Files\iPod

2007-10-23 12:35:09 0 d-------- C:\Program Files\iTunes

2007-10-22 19:54:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe

 

 

-- Find3M Report ---------------------------------------------------------------

 

2007-11-20 11:06:18 0 d-------- C:\Program Files\Windows Live Toolbar

2007-11-20 10:40:18 0 d-------- C:\Program Files\Activision

2007-11-20 10:39:00 0 d-------- C:\Program Files\Windows Desktop Search

2007-11-20 10:32:59 0 d-------- C:\Documents and Settings\Dad\Application Data\Macromedia

2007-11-20 10:26:26 0 d-------- C:\Program Files\Free Window Registry Repair

2007-11-20 10:25:50 0 d-------- C:\Program Files\Google

2007-11-20 10:23:44 0 d-------- C:\Program Files\Microsoft Games

2007-11-20 10:19:05 0 d--h----- C:\Program Files\InstallShield Installation Information

2007-11-20 10:10:36 0 d-------- C:\Program Files\Common Files

2007-11-20 10:01:27 0 d-------- C:\Program Files\AimGames

2007-11-18 04:26:14 0 d-------- C:\Program Files\Lavasoft

2007-11-18 04:26:12 0 d-------- C:\Documents and Settings\Dad\Application Data\Lavasoft

2007-11-18 04:22:45 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard

2007-11-17 17:36:23 0 d-------- C:\Program Files\Java

2007-11-08 09:50:59 0 d-------- C:\Documents and Settings\Dad\Application Data\U3

2007-11-07 14:35:58 0 d-------- C:\Program Files\CS Fire Monitor

2007-11-05 15:22:52 0 d-------- C:\Program Files\GSM

2007-10-22 19:54:28 0 d-------- C:\Program Files\Common Files\Adobe

2007-10-18 00:42:08 10752 --a------ C:\WINDOWS\system32\WhoisCL.exe <Not Verified; NirSoft; WhoisCL>

2007-10-17 12:48:58 0 d-------- C:\Program Files\FretPro

2007-10-17 09:42:08 0 d-------- C:\Program Files\LogMeIn

2007-10-15 22:37:18 0 d-------- C:\Program Files\Lame

2007-10-14 19:57:40 0 d-------- C:\Program Files\Audacity

2007-10-09 21:53:27 0 d-------- C:\Program Files\Apple Software Update

2007-09-28 19:33:00 0 d-------- C:\Program Files\WinAce

2007-09-24 22:46:36 0 d-------- C:\Program Files\GameSpy Arcade

2007-09-19 14:57:35 286720 -----n--- C:\WINDOWS\Setup1.exe <Not Verified; Microsoft Corporation; Microsoft Visual Basic for Windows>

2007-09-19 14:57:29 73216 --a------ C:\WINDOWS\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>

2007-09-08 22:29:51 7188 --a------ C:\WINDOWS\mozver.dat

 

 

-- Registry Dump ---------------------------------------------------------------

 

*Note* empty entries & legit default entries are not shown

 

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IntelliType"="C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" [22/03/2002 03:41 PM]

"atwtusb"="atwtusb.exe" [23/04/2002 05:20 PM C:\WINDOWS\system32\atwtusb.exe]

"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [06/09/2007 09:06 PM]

"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [06/08/2007 12:08 PM]

"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [25/08/2004 08:14 PM]

"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [25/08/2004 08:14 PM]

"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [19/11/2007 09:34 PM]

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]

"RunNarrator"=Narrator.exe

 

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]

"PcSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

 

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\

BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [20/11/2003 2:11:56 PM]

hp psc 2000 Series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [9/04/2003 6:41:38 PM]

hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [9/04/2003 7:11:12 PM]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]

LMIinit.dll 02/10/2007 05:51 PM 75064 C:\WINDOWS\system32\LMIinit.dll

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

"Authentication Packages"= msv1_0 C:\WINDOWS\system32\pmkjh.dll

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

@="Service"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]

backup=C:\WINDOWS\pss\Acrobat Assistant.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Kodak EasyShare software.lnk]

backup=C:\WINDOWS\pss\Kodak EasyShare software.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Remote Controller.lnk]

backup=C:\WINDOWS\pss\Remote Controller.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Windows Desktop Search.lnk]

backup=C:\WINDOWS\pss\Windows Desktop Search.lnkCommon Startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Agent]

"C:\Program Files\CyberLink\PowerVCRII\Agent.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]

AGRSMMSG.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

"C:\Program Files\iTunes\iTunesHelper.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]

C:\WINDOWS\system32\NeroCheck.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

nwiz.exe /install

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Omnipage]

C:\Program Files\ScanSoft\OmniPageSE\opware32.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]

C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

"C:\Program Files\QuickTime\QTTask.exe" -atboottime

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

"C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Remote_Agent]

"C:\Program Files\CyberLink\PowerVCRII\RemoteAgent.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]

SOUNDMAN.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

"C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFaxAppPortStarter]

wfxsnt40.exe

 

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{52d0c36c-3e4a-11dc-b9ad-0020ed6c9f88}]

AutoRun\command- G:\LaunchU3.exe -a

 

 

 

 

-- End of Deckard's System Scanner: finished at 2007-11-20 16:39:16 ------------

Share this post


Link to post
Share on other sites

WooHooo! We finally killed that nasty dude!! ;)

 

Highlight and copy the contents of the code box below to a blank notepad. Save it to the desktop as;

 

Filename: fix.reg

Save as type: All Files (*.*)

 

REGEDIT4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Authentication Packages"=hex(7):6d,73,76,31,5f,30,00,00

 

Double click fix.reg and allow it to merge with the registry.

 

Download ATF Cleaner by Atribune and save it to your Desktop.

  • Double click ATF-Cleaner.exe to run the program.
  • Check the boxes to the left of:
     
    • Windows Temp
    • Current User Temp
    • All Users Temp
    • Temporary Internet Files
    • Prefetch
    • Java Cache
    • Recycle bin

     

    [*]The rest are optional - if you want it to remove everything check "Select All".

    [*]Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK.

Reboot

 

 

Please go HERE to run Panda's ActiveScan

  • Once you are on the Panda site click the Scan your PC now button
  • A new window will open...click the Check Now button
  • Enter your Country
  • Enter your State/Province
  • Enter your e-mail address and click send
  • Select either Home User or Company
  • Select the appropriate Yes or No to receiving marketing information
  • Click the Free Online Scan button
  • If it wants to install an ActiveX component allow it
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • When download is complete, click on My Computer to start the scan
  • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.

Post the contents of the ActiveScan report along with a fresh HijackThis log.

 

 

I'll check on ya tomorrow.

Share this post


Link to post
Share on other sites
WooHooo! We finally killed that nasty dude!! ;)

 

Highlight and copy the contents of the code box below to a blank notepad. Save it to the desktop as;

 

Filename: fix.reg

Save as type: All Files (*.*)

 

REGEDIT4

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Authentication Packages"=hex(7):6d,73,76,31,5f,30,00,00

 

Double click fix.reg and allow it to merge with the registry.

 

Download ATF Cleaner by Atribune and save it to your Desktop.

  • Double click ATF-Cleaner.exe to run the program.
  • Check the boxes to the left of:
     
    • Windows Temp
    • Current User Temp
    • All Users Temp
    • Temporary Internet Files
    • Prefetch
    • Java Cache
    • Recycle bin

     

    [*]The rest are optional - if you want it to remove everything check "Select All".

    [*]Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK.

Reboot

Please go HERE to run Panda's ActiveScan

  • Once you are on the Panda site click the Scan your PC now button
  • A new window will open...click the Check Now button
  • Enter your Country
  • Enter your State/Province
  • Enter your e-mail address and click send
  • Select either Home User or Company
  • Select the appropriate Yes or No to receiving marketing information
  • Click the Free Online Scan button
  • If it wants to install an ActiveX component allow it
  • It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
  • When download is complete, click on My Computer to start the scan
  • When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location.

Post the contents of the ActiveScan report along with a fresh HijackThis log.

I'll check on ya tomorrow.

 

What a job..well done...I'll sent the report & log asap.... thanks is only a word..but what else can I say..Cheers, Anton

Share this post


Link to post
Share on other sites

;)--><div class='quotetop'>QUOTE(Anton.B @ Nov 20 2007, 05:27 PM) 61423[/snapback]</div><div class='quotemain'><!--quotec-->What a job..well done...I'll sent the report & log asap.... thanks is only a word..but what else can I say..Cheers, Anton

 

Hi Dave...I've uploaded the Activescan file(4MB+) ....cant believe the crap it found!!!

 

Logfile of HijackThis v1.99.1

Scan saved at 8:18:21 PM, on 20/11/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

C:\Program Files\Comodo\Firewall\cmdagent.exe

C:\WINDOWS\system32\CTSvcCDA.EXE

C:\WINDOWS\system32\drivers\KodakCCS.exe

C:\Program Files\CS Fire Monitor\CSFireMon.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\ScsiAccess.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\WINDOWS\system32\UStorSrv.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\WINDOWS\system32\fxssvc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Microsoft Hardware\Keyboard\type32.exe

C:\WINDOWS\system32\atwtusb.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Program Files\Comodo\Firewall\CPF.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe

C:\Documents and Settings\Dad\Desktop\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O4 - HKLM\..\Run: [intelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

O4 - Global Startup: hpoddt01.exe.lnk = ?

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Panda ActiveScan - {653D93AF-C741-4e5e-8C1B-59BA43F93E16} - http://www.pandasoftware.com/activescan (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: START_PAGE_URL=http://www.bigpond.com/

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1125884139484

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE

O23 - Service: CS Fire Monitor - Unknown owner - C:\Program Files\CS Fire Monitor\CSFireMonService.exe" -service (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe

Activescan.txt

Edited by LS CalamityJane
snipped log to reduce file size (original text file was 4.44 mb ! )

Share this post


Link to post
Share on other sites

B)-->

QUOTE(Anton.B @ Nov 20 2007, 08:52 PM) 61443[/snapback]
B)--><div class='quotetop'>QUOTE(Anton.B @ Nov 20 2007, 05:27 PM) 61423[/snapback]</div><div class='quotemain'><!--quotec-->What a job..well done...I'll sent the report & log asap.... thanks is only a word..but what else can I say..Cheers, Anton

 

Hi Dave...I've uploaded the Activescan file(4MB+) ....cant believe the crap it found!!!

 

Logfile of HijackThis v1.99.1

Scan saved at 8:18:21 PM, on 20/11/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

C:\Program Files\Comodo\Firewall\cmdagent.exe

C:\WINDOWS\system32\CTSvcCDA.EXE

C:\WINDOWS\system32\drivers\KodakCCS.exe

C:\Program Files\CS Fire Monitor\CSFireMon.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\ScsiAccess.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\WINDOWS\system32\UStorSrv.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\WINDOWS\system32\fxssvc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Microsoft Hardware\Keyboard\type32.exe

C:\WINDOWS\system32\atwtusb.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Program Files\Comodo\Firewall\CPF.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe

C:\Documents and Settings\Dad\Desktop\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O4 - HKLM\..\Run: [intelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

O4 - Global Startup: hpoddt01.exe.lnk = ?

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Panda ActiveScan - {653D93AF-C741-4e5e-8C1B-59BA43F93E16} - http://www.pandasoftware.com/activescan (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: START_PAGE_URL=http://www.bigpond.com/

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1125884139484

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE

O23 - Service: CS Fire Monitor - Unknown owner - C:\Program Files\CS Fire Monitor\CSFireMonService.exe" -service (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe

 

 

I did an adaware scan also...found more!

 

Ad-Aware 2007 Build

Log File Created on: 2007-11-20 21:16:07

Using Definitions File: C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware 2007\core.aawdef

Computer name: DESKTOP

Name of user performing scan: SYSTEM

 

System information

===========================

Number of processors: 1

Processor type: AMD Athlon XP 2400+

Memory Available: 57%

Total Physical Memory: 1073201152 Bytes

Available Physical Memory: 601206784 Bytes

Total Page File Size: 3069140992 Bytes

Available On Page File: 2699558912 Bytes

Total Virtual Memory: 2147352576 Bytes

Available Virtual Memory: 1998200832 Bytes

OS: Microsoft Windows XP Service Pack 2 (Build 2600)

 

Ad-Aware 2007 Settings

===========================

Skipping files larger than 1048576 kB

Ignoring infections with lower TAI than: 3

 

 

Extended Ad-Aware 2007 Settings

===========================

Unloading known modules during scan

Ignoring spanned files when scanning cab archives

Scanning registry for all users

Using permanent archive caching

Reanalyzing results after scanning before displaying results

Trying to unload modules prior to removal

Let Windows remove files currently in use at next reboot

Removing quarantined objects after restore

Logging Ad-Aware events

Blocking Pop-Ups aggressively

Deactivating Ad-Watch during scans

Writeprotecting system files after repairs

Including Ad-aware command line parameters in log file

Include info about ignored objects in log file

Including basic settings in log file

Including advanced settings in log file

Including user and computer name in log file

Include reference summary in log file

Creating log file for removal operations

Including module info in log file

Include Alternate Data Stream details in log file

Create and save WebUpdate log file

 

Databaseinfo

===========================

Version number: 34

Build Number: 0

Build Date and Time: 2007/11/19 19:22:58

 

Scan Statistics

===========================

Method: Smart

Scan tracking cookies.............................: On

Scan ADS filestreams..............................: Off

 

Item Scanned: 203738

Infections Detected: 11

Infections Ignored: 0

 

Scan detailed statistics

===========================

Type Critical Total

Process Scan....: 0 0

Registry Scan...: 3 3

Registry PE Scan: 0 0

Hosts File Scan.: 0 0

File Scan.......: 1 1

Folder Scan.....: 0 0

LSP Scan........: 0 0

ADS Scan........: 0 0

Cookie Scan.....: 4 4

File Hash Scan..: 0 0

 

Infections Found

===========================

Family Id: 1040 Name: Win32.Trojandownloader.Zlob Category: Malware TAI:10

Item Id: 300036956 Value: Root: HKU Path: S-1-5-21-1085031214-688789844-725345543-1003\software\microsoft\windows\currentversion\ext\stats\{11a69ae4-fbed-4832-a2bf-45af82825583}

Item Id: 300036957 Value: Root: HKU Path: S-1-5-21-1085031214-688789844-725345543-1003\software\microsoft\windows\currentversion\ext\stats\{a95b2816-1d7e-4561-a202-68c0de02353a}

Item Id: 300036962 Value: Root: HKU Path: S-1-5-21-1085031214-688789844-725345543-1003\software\microsoft\internet explorer\toolbar\webbrowser Value: {11a69ae4-fbed-4832-a2bf-45af82825583}

Item Id: 700006689 Value: File: c:\System Volume Information\tracking.log

Family Id: 725 Name: Tracking Cookie Category: DataMiner TAI:3

Item Id: 600000212 Value: Browser: Internet Explorer Cookie: C:\Documents and Settings\Dad\Cookies\index.dat pandasoftware.112.2o7.net s_vi /

Item Id: 600000212 Value: Browser: Firefox Cookie: C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles/tsypwc53.default\cookies.txt pandasoftware.112.2o7.net s_vi /

Item Id: 600000212 Value: Browser: Firefox Cookie: C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles/tsypwc53.default\cookies.txt 2o7.net s_vi_atamox7Ecaihem /

Item Id: 600000179 Value: Browser: Firefox Cookie: C:\Documents and Settings\Dad\Application Data\Mozilla\Firefox\Profiles/tsypwc53.default\cookies.txt atdmt.com AA002 /

Family Id: 9999 Name: MRU Object Category: MRU Object TAI:0

Item Id: 1 Value: MRU Path: C:\Documents and Settings\Dad\Recent Count: 49

Item Id: 2 Value: MRU Registry Key: S-1-5-21-1085031214-688789844-725345543-1003\Software\Microsoft\Search Assistant\ACMru\5603 Count: 2

Item Id: 3 Value: MRU Registry Key: S-1-5-21-1085031214-688789844-725345543-1003\Software\Microsoft\Internet Explorer\TypedURLs Count: 1

 

Items Ignored During Scan

===========================

 

 

Listing of running processes

===========================

C:\WINDOWS\SYSTEM32\SMSS.EXE

c:\windows\system32\smss.exe

 

c:\windows\system32\ntdll.dll

 

C:\WINDOWS\SYSTEM32\CSRSS.EXE

c:\windows\system32\csrss.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\csrsrv.dll

 

c:\windows\system32\basesrv.dll

 

c:\windows\system32\winsrv.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\sxs.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

C:\WINDOWS\SYSTEM32\WINLOGON.EXE

c:\windows\system32\winlogon.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\authz.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\nddeapi.dll

 

c:\windows\system32\profmap.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\psapi.dll

 

c:\windows\system32\regapi.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\msgina.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\odbc32.dll

 

c:\windows\system32\comdlg32.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\odbcint.dll

 

c:\windows\system32\shsvcs.dll

 

c:\windows\system32\sfc.dll

 

c:\windows\system32\sfc_os.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\apphelp.dll

 

c:\windows\system32\winscard.dll

 

c:\windows\system32\wtsapi32.dll

 

c:\windows\system32\sxs.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\system32\cscdll.dll

 

c:\windows\system32\rsaenh.dll

 

c:\windows\system32\lmiinit.dll

 

c:\windows\system32\wlnotify.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\system32\mpr.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\msv1_0.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\cscui.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\wdmaud.drv

 

c:\windows\system32\msacm32.drv

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\midimap.dll

 

c:\windows\system32\ntmarta.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\clbcatq.dll

 

C:\WINDOWS\SYSTEM32\SERVICES.EXE

c:\windows\system32\services.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\scesrv.dll

 

c:\windows\system32\authz.dll

 

c:\windows\system32\umpnpmgr.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\ncobjapi.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acadproc.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\apphelp.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\eventlog.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\psapi.dll

 

c:\windows\system32\wtsapi32.dll

 

C:\WINDOWS\SYSTEM32\LSASS.EXE

c:\windows\system32\lsass.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\lsasrv.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\samsrv.dll

 

c:\windows\system32\cryptdll.dll

 

c:\windows\system32\dnsapi.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\mpr.dll

 

c:\windows\system32\ntdsapi.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acgenral.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\msprivs.dll

 

c:\windows\system32\kerberos.dll

 

c:\windows\system32\msv1_0.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\netlogon.dll

 

c:\windows\system32\w32time.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\schannel.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\wdigest.dll

 

c:\windows\system32\rsaenh.dll

 

c:\windows\system32\scecli.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\ipsecsvc.dll

 

c:\windows\system32\authz.dll

 

c:\windows\system32\oakley.dll

 

c:\windows\system32\winipsec.dll

 

c:\windows\system32\pstorsvc.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

c:\windows\system32\psbase.dll

 

c:\windows\system32\dssenh.dll

 

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

c:\windows\system32\svchost.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acgenral.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\ntmarta.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\rpcss.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\wtsapi32.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\msv1_0.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\apphelp.dll

 

c:\windows\system32\msi.dll

 

c:\windows\system32\termsrv.dll

 

c:\windows\system32\icaapi.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\authz.dll

 

c:\windows\system32\mstlsapi.dll

 

c:\windows\system32\activeds.dll

 

c:\windows\system32\adsldpc.dll

 

c:\windows\system32\atl.dll

 

c:\windows\system32\regapi.dll

 

c:\windows\system32\rsaenh.dll

 

c:\windows\system32\svchost.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acgenral.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\rpcss.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\rsaenh.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

c:\windows\system32\dnsapi.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\winrnr.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\rasadhlp.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\msi.dll

 

c:\windows\system32\svchost.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acgenral.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\ntmarta.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\shsvcs.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\dhcpcsvc.dll

 

c:\windows\system32\dnsapi.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\rsaenh.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

c:\windows\system32\wzcsvc.dll

 

c:\windows\system32\rtutils.dll

 

c:\windows\system32\wmi.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\wtsapi32.dll

 

c:\windows\system32\esent.dll

 

c:\windows\system32\atl.dll

 

c:\windows\system32\rastls.dll

 

c:\windows\system32\cryptui.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\wininet.dll

 

c:\windows\system32\mprapi.dll

 

c:\windows\system32\activeds.dll

 

c:\windows\system32\adsldpc.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\rasapi32.dll

 

c:\windows\system32\rasman.dll

 

c:\windows\system32\tapi32.dll

 

c:\windows\system32\schannel.dll

 

c:\windows\system32\winscard.dll

 

c:\windows\system32\raschap.dll

 

c:\windows\system32\msv1_0.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\schedsvc.dll

 

c:\windows\system32\ntdsapi.dll

 

c:\windows\system32\msidle.dll

 

c:\windows\system32\audiosrv.dll

 

c:\windows\system32\wkssvc.dll

 

c:\windows\system32\qmgr.dll

 

c:\windows\system32\mpr.dll

 

c:\windows\system32\shfolder.dll

 

c:\windows\system32\winhttp.dll

 

c:\windows\system32\cryptsvc.dll

 

c:\windows\system32\certcli.dll

 

c:\windows\system32\dmserver.dll

 

c:\windows\system32\hidserv.dll

 

c:\windows\system32\hid.dll

 

c:\windows\pchealth\helpctr\binaries\pchsvc.dll

 

c:\windows\system32\es.dll

 

c:\windows\system32\ersvc.dll

 

c:\windows\system32\srvsvc.dll

 

c:\windows\system32\netman.dll

 

c:\windows\system32\netshell.dll

 

c:\windows\system32\credui.dll

 

c:\windows\system32\wzcsapi.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\system32\seclogon.dll

 

c:\windows\system32\sens.dll

 

c:\windows\system32\srsvc.dll

 

c:\windows\system32\powrprof.dll

 

c:\windows\system32\tapisrv.dll

 

c:\windows\system32\psapi.dll

 

c:\windows\system32\trkwks.dll

 

c:\windows\system32\sxs.dll

 

c:\windows\system32\upnp.dll

 

c:\windows\system32\ssdpapi.dll

 

c:\windows\system32\wuauserv.dll

 

c:\windows\system32\wbem\wmisvc.dll

 

c:\windows\system32\vssapi.dll

 

c:\windows\system32\wuaueng.dll

 

c:\windows\system32\advpack.dll

 

c:\windows\system32\cabinet.dll

 

c:\windows\system32\mspatcha.dll

 

c:\windows\system32\sfc.dll

 

c:\windows\system32\sfc_os.dll

 

c:\windows\system32\w32time.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\ipnathlp.dll

 

c:\windows\system32\authz.dll

 

c:\windows\system32\wscsvc.dll

 

c:\windows\system32\msi.dll

 

c:\windows\system32\wbem\wbemcomn.dll

 

c:\windows\system32\wbem\wbemcore.dll

 

c:\windows\system32\wbem\esscli.dll

 

c:\windows\system32\wbem\fastprox.dll

 

c:\windows\system32\wbem\wbemsvc.dll

 

c:\windows\system32\comsvcs.dll

 

c:\windows\system32\mtxclu.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\colbact.dll

 

c:\windows\system32\clusapi.dll

 

c:\windows\system32\resutils.dll

 

c:\windows\system32\wbem\wmiutils.dll

 

c:\windows\system32\wbem\repdrvfs.dll

 

c:\windows\system32\wbem\wmiprvsd.dll

 

c:\windows\system32\ncobjapi.dll

 

c:\windows\system32\wbem\wbemess.dll

 

c:\windows\system32\netcfgx.dll

 

c:\windows\system32\wbem\ncprov.dll

 

c:\windows\system32\browser.dll

 

c:\windows\system32\unimdm.tsp

 

c:\windows\system32\uniplat.dll

 

c:\windows\system32\unimdmat.dll

 

c:\windows\system32\modemui.dll

 

c:\windows\system32\kmddsp.tsp

 

c:\windows\system32\ndptsp.tsp

 

c:\windows\system32\ipconf.tsp

 

c:\windows\system32\h323.tsp

 

c:\windows\system32\hidphone.tsp

 

c:\windows\system32\rasmans.dll

 

c:\windows\system32\winipsec.dll

 

c:\windows\system32\apphelp.dll

 

c:\windows\system32\rasadhlp.dll

 

c:\windows\system32\rastapi.dll

 

c:\windows\system32\rasppp.dll

 

c:\windows\system32\ntlsapi.dll

 

c:\windows\system32\kerberos.dll

 

c:\windows\system32\cryptdll.dll

 

c:\windows\system32\rasdlg.dll

 

c:\windows\system32\wbem\wbemcons.dll

 

c:\windows\system32\svchost.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acgenral.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\dnsrslvr.dll

 

c:\windows\system32\dnsapi.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

c:\windows\system32\svchost.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acgenral.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\ntmarta.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\lmhsvc.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\webclnt.dll

 

c:\windows\system32\wininet.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\urlmon.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\regsvc.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\dnsapi.dll

 

c:\windows\system32\rasadhlp.dll

 

c:\windows\system32\ssdpsrv.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\wshtcpip.dll

 

C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE

c:\program files\lavasoft\ad-aware 2007\aawservice.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\program files\lavasoft\ad-aware 2007\ceapi.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\program files\lavasoft\ad-aware 2007\pkarchive84cb.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\psapi.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\wininet.dll

 

c:\windows\system32\oleaut32.dll

 

c:\program files\lavasoft\ad-aware 2007\update.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\rsaenh.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\dnsapi.dll

 

c:\windows\system32\winrnr.dll

 

c:\windows\system32\rasadhlp.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE

c:\program files\alwil software\avast4\aswupdsv.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\program files\alwil software\avast4\aswcmns.dll

 

c:\program files\alwil software\avast4\aswcmnos.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\msvcp71.dll

 

c:\windows\system32\msvcr71.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\ws2help.dll

 

c:\program files\alwil software\avast4\aswcmnb.dll

 

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE

c:\program files\alwil software\avast4\ashserv.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\advapi32.dll

 

c:\program files\alwil software\avast4\aswaux.dll

 

c:\windows\system32\msvcp71.dll

 

c:\windows\system32\msvcr71.dll

 

c:\program files\alwil software\avast4\aswcmnb.dll

 

c:\program files\alwil software\avast4\aswcmnos.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\ws2help.dll

 

c:\program files\alwil software\avast4\aswengin.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\ole32.dll

 

c:\program files\alwil software\avast4\aswscan.dll

 

c:\program files\alwil software\avast4\aswcmns.dll

 

c:\windows\system32\oleaut32.dll

 

c:\program files\alwil software\avast4\ashbase.dll

 

c:\windows\system32\version.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\program files\alwil software\avast4\ashtask.dll

 

c:\program files\alwil software\avast4\aswinteg.dll

 

c:\program files\alwil software\avast4\aswidle.dll

 

c:\program files\alwil software\avast4\aavm4h.dll

 

c:\windows\system32\dbghelp.dll

 

c:\program files\alwil software\avast4\english\base.dll

 

c:\program files\alwil software\avast4\unacev2.dll

 

c:\windows\system32\wtsapi32.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\netapi32.dll

 

c:\program files\alwil software\avast4\ahresmai.dll

 

c:\program files\alwil software\avast4\ahresmes.dll

 

c:\program files\alwil software\avast4\ahresns.dll

 

c:\program files\alwil software\avast4\ahresout.dll

 

c:\program files\alwil software\avast4\ahresp2p.dll

 

c:\program files\alwil software\avast4\ahresstd.dll

 

c:\program files\alwil software\avast4\ahresws.dll

 

c:\program files\alwil software\avast4\ashssqlt.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\perfos.dll

 

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE

c:\windows\system32\spoolsv.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acgenral.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\spoolss.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\dnsapi.dll

 

c:\windows\system32\rasadhlp.dll

 

c:\windows\system32\localspl.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\sfc_os.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\cnbjmon.dll

 

c:\windows\system32\bthcrp.dll

 

c:\windows\system32\widcommsdk.dll

 

c:\windows\system32\wbtapi.dll

 

c:\windows\system32\cfgmgr32.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\msi.dll

 

c:\windows\system32\mfc42.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\hpzlnt07.dll

 

c:\windows\system32\lmiport.dll

 

c:\windows\system32\lprmon.dll

 

c:\windows\system32\lprhelp.dll

 

c:\windows\system32\mdimon.dll

 

c:\windows\system32\fxsmon.dll

 

c:\windows\system32\fxsevent.dll

 

c:\windows\system32\pdfports.dll

 

c:\program files\adobe\acrobat 5.0\distillr\adistres.dll

 

c:\windows\system32\pjlmon.dll

 

c:\windows\system32\tcpmon.dll

 

c:\windows\system32\usbmon.dll

 

c:\windows\system32\spool\prtprocs\w32x86\lmiproc.dll

 

c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\winrnr.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\win32spl.dll

 

c:\windows\system32\netrap.dll

 

c:\windows\system32\ntdsapi.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\inetpp.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\spool\drivers\w32x86\3\hpzntp07.dll

 

c:\windows\system32\spool\drivers\w32x86\3\hpz2ku07.dll

 

C:\WINDOWS\EXPLORER.EXE

c:\windows\explorer.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\browseui.dll

 

c:\windows\system32\shdocvw.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\cryptui.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\wininet.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acgenral.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\system32\apphelp.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\cscui.dll

 

c:\windows\system32\cscdll.dll

 

c:\windows\system32\themeui.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\msimg32.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\actxprxy.dll

 

c:\windows\system32\urlmon.dll

 

c:\windows\system32\linkinfo.dll

 

c:\windows\system32\ntshrui.dll

 

c:\windows\system32\atl.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\webcheck.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\stobject.dll

 

c:\windows\system32\batmeter.dll

 

c:\windows\system32\powrprof.dll

 

c:\windows\system32\wtsapi32.dll

 

c:\windows\system32\wpdshserviceobj.dll

 

c:\windows\system32\winhttp.dll

 

c:\windows\system32\wdmaud.drv

 

c:\windows\system32\msacm32.drv

 

c:\windows\system32\midimap.dll

 

c:\windows\system32\netshell.dll

 

c:\windows\system32\rtutils.dll

 

c:\windows\system32\credui.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\btncopy.dll

 

c:\windows\system32\mydocs.dll

 

c:\windows\system32\portabledevicetypes.dll

 

c:\windows\system32\portabledeviceapi.dll

 

c:\windows\system32\msi.dll

 

c:\windows\system32\rsaenh.dll

 

c:\windows\system32\mpr.dll

 

c:\windows\system32\drprov.dll

 

c:\windows\system32\ntlanman.dll

 

c:\windows\system32\netui0.dll

 

c:\windows\system32\netui1.dll

 

c:\windows\system32\netrap.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\davclnt.dll

 

c:\windows\system32\lmirfsclientnp.dll

 

c:\windows\system32\fxsst.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\system32\fxsapi.dll

 

c:\program files\winace\arcext.dll

 

c:\program files\winace\acev2.dll

 

c:\pensoft\emenu.dll

 

c:\program files\alwil software\avast4\ashshell.dll

 

c:\windows\system32\browselc.dll

 

c:\program files\common files\adobe\acrobat\activex\pdfshell.dll

 

c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll

 

c:\windows\system32\duser.dll

 

C:\PROGRAM FILES\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE

c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\imagehlp.dll

 

C:\PROGRAM FILES\WIDCOMM\BLUETOOTH SOFTWARE\BIN\BTWDINS.EXE

c:\program files\widcomm\bluetooth software\bin\btwdins.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\rsaenh.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

C:\PROGRAM FILES\COMMON FILES\INTERVIDEO\DEVICESERVICE\DEVSVC.EXE

c:\program files\common files\intervideo\deviceservice\devsvc.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\atl80.dll

 

c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll

 

c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\devenum.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\msdmo.dll

 

c:\windows\system32\qdvd.dll

 

c:\windows\system32\ksproxy.ax

 

c:\windows\system32\ksuser.dll

 

c:\windows\system32\vidcap.ax

 

c:\windows\system32\atl.dll

 

c:\windows\system32\quartz.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\kswdmcap.ax

 

c:\windows\system32\mfc42.dll

 

c:\windows\system32\wdmaud.drv

 

c:\windows\system32\msacm32.drv

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\midimap.dll

 

c:\windows\system32\qcap.dll

 

c:\windows\system32\msvfw32.dll

 

C:\PROGRAM FILES\MICROSOFT HARDWARE\KEYBOARD\TYPE32.EXE

c:\program files\microsoft hardware\keyboard\type32.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\wininet.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\program files\microsoft hardware\keyboard\itres.dll

 

c:\program files\microsoft hardware\keyboard\type32.dll

 

c:\program files\microsoft hardware\keyboard\mshcmd.dll

 

c:\windows\system32\shfolder.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\program files\microsoft hardware\keyboard\ithook.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\imagehlp.dll

 

C:\WINDOWS\SYSTEM32\ATWTUSB.EXE

c:\windows\system32\atwtusb.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\hid.dll

 

c:\windows\system32\version.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\imagehlp.dll

 

C:\PROGRAM FILES\COMODO\FIREWALL\CMDAGENT.EXE

c:\program files\comodo\firewall\cmdagent.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\psapi.dll

 

c:\windows\system32\version.dll

 

c:\program files\comodo\firewall\dbghelp.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\comdlg32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\oleacc.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\rsaenh.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\wbem\wbemprox.dll

 

c:\windows\system32\wbem\wbemcomn.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\wbem\wbemsvc.dll

 

c:\windows\system32\wbem\fastprox.dll

 

c:\windows\system32\ntdsapi.dll

 

c:\windows\system32\dnsapi.dll

 

c:\windows\system32\wldap32.dll

 

C:\PROGRA~1\ALWILS~1\AVAST4\ASHDISP.EXE

c:\progra~1\alwils~1\avast4\ashdisp.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\advapi32.dll

 

c:\progra~1\alwils~1\avast4\aswcmnos.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\msvcp71.dll

 

c:\windows\system32\msvcr71.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\ws2help.dll

 

c:\progra~1\alwils~1\avast4\ashbase.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\progra~1\alwils~1\avast4\aswcmnb.dll

 

c:\progra~1\alwils~1\avast4\aswcmns.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\progra~1\alwils~1\avast4\ashtask.dll

 

c:\progra~1\alwils~1\avast4\aswaux.dll

 

c:\windows\system32\shell32.dll

 

c:\progra~1\alwils~1\avast4\aavm4h.dll

 

c:\windows\system32\dbghelp.dll

 

c:\program files\alwil software\avast4\english\base.dll

 

c:\program files\alwil software\avast4\english\lang.dll

 

c:\windows\system32\mfc71.dll

 

c:\progra~1\alwils~1\avast4\aavmrpch.dll

 

c:\program files\alwil software\avast4\ahruimai.dll

 

c:\progra~1\alwils~1\avast4\ashuint.dll

 

c:\progra~1\alwils~1\avast4\xt1922.dll

 

c:\program files\alwil software\avast4\ahruimes.dll

 

c:\program files\alwil software\avast4\ahruins.dll

 

c:\program files\alwil software\avast4\ahruiout.dll

 

c:\windows\system32\mapi32.dll

 

c:\program files\alwil software\avast4\ahruip2p.dll

 

c:\program files\alwil software\avast4\ahruistd.dll

 

c:\program files\alwil software\avast4\ahruiws.dll

 

c:\windows\system32\secur32.dll

 

C:\PROGRAM FILES\LOGMEIN\X86\LOGMEINSYSTRAY.EXE

c:\program files\logmein\x86\logmeinsystray.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\program files\logmein\x86\logmeinsystray.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\program files\logmein\x86\rntfywnd.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\shfolder.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\riched32.dll

 

c:\windows\system32\riched20.dll

 

C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE

c:\windows\system32\ctsvccda.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

C:\WINDOWS\SYSTEM32\DRIVERS\KODAKCCS.EXE

c:\windows\system32\drivers\kodakccs.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

C:\PROGRAM FILES\CS FIRE MONITOR\CSFIREMON.EXE

c:\program files\cs fire monitor\csfiremon.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\msvbvm60.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\sxs.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\ccrpprg6.ocx

 

c:\windows\system32\msi.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\mscomctl.ocx

 

c:\windows\system32\comdlg32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\cs_toolbar_v2.ocx

 

c:\windows\system32\olepro32.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\asycfilt.dll

 

c:\windows\system32\msinet.ocx

 

c:\windows\system32\wininet.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\comdlg32.ocx

 

c:\windows\system32\mscomct2.ocx

 

c:\program files\common files\microsoft shared\dao\dao360.dll

 

c:\windows\system32\msjet40.dll

 

c:\windows\system32\mswstr10.dll

 

c:\windows\system32\expsrv.dll

 

c:\windows\system32\msjtes40.dll

 

c:\windows\system32\vbajet32.dll

 

c:\windows\system32\firemonwriteevent.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\urlmon.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\mprapi.dll

 

c:\windows\system32\activeds.dll

 

c:\windows\system32\adsldpc.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\atl.dll

 

c:\windows\system32\rtutils.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\wbem\wbemcomn.dll

 

c:\windows\system32\wbem\wbemsvc.dll

 

c:\windows\system32\wbem\fastprox.dll

 

c:\windows\system32\ntdsapi.dll

 

c:\windows\system32\dnsapi.dll

 

c:\windows\system32\psapi.dll

 

C:\PROGRAM FILES\COMMON FILES\LIGHTSCRIBE\LSSRVC.EXE

c:\program files\common files\lightscribe\lssrvc.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\program files\common files\lightscribe\lssproxy.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\psapi.dll

 

c:\windows\system32\shell32.dll

 

c:\program files\common files\lightscribe\lslog.dll

 

c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll

 

c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE

c:\program files\common files\microsoft shared\vs7debug\mdm.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\version.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\psapi.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

C:\WINDOWS\SYSTEM32\NVSVC32.EXE

c:\windows\system32\nvsvc32.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\powrprof.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\wtsapi32.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\apphelp.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\msv1_0.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\iphlpapi.dll

 

C:\WINDOWS\SYSTEM32\SCSIACCESS.EXE

c:\windows\system32\scsiaccess.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

c:\windows\system32\svchost.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acgenral.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\wiaservc.dll

 

c:\windows\system32\cfgmgr32.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\mscms.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\wiavusd.dll

 

c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll

 

c:\windows\system32\shfolder.dll

 

c:\windows\system32\actxprxy.dll

 

c:\windows\system32\msi.dll

 

c:\program files\hewlett-packard\digital imaging\{7c8bb31c-e09e-4c7d-bbf1-45e33b467fe1}\drivers\scanner\hpotscl.dll

 

c:\windows\system32\hpgwiamd.dll

 

C:\PROGRAM FILES\COMMON FILES\ULEAD SYSTEMS\DVD\ULCDRSVR.EXE

c:\program files\common files\ulead systems\dvd\ulcdrsvr.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

C:\WINDOWS\SYSTEM32\USTORSRV.EXE

c:\windows\system32\ustorsrv.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\opdsl.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\mfc42.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

C:\WINDOWS\SYSTEM32\MSPMSPSV.EXE

c:\windows\system32\mspmspsv.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\ntmarta.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\samlib.dll

 

C:\WINDOWS\SYSTEM32\FXSSVC.EXE

c:\windows\system32\fxssvc.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\tapi32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\rtutils.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\system32\version.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\credui.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\fxsevent.dll

 

c:\windows\system32\fxstiff.dll

 

c:\windows\system32\fxsapi.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\ntmarta.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\fxst30.dll

 

c:\windows\system32\fxsroute.dll

 

c:\windows\system32\mpr.dll

 

c:\windows\system32\secur32.dll

 

C:\PROGRAM FILES\COMODO\FIREWALL\CPF.EXE

c:\program files\comodo\firewall\cpf.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\program files\comodo\firewall\dbghelp.dll

 

c:\windows\system32\comdlg32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\system32\oledlg.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\wtsapi32.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\ntmarta.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\riched20.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\rsaenh.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\asycfilt.dll

 

C:\PROGRAM FILES\WIDCOMM\BLUETOOTH SOFTWARE\BTTRAY.EXE

c:\program files\widcomm\bluetooth software\bttray.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\cfgmgr32.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\wbtapi.dll

 

c:\windows\system32\msi.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\mfc42.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\rasapi32.dll

 

c:\windows\system32\rasman.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\tapi32.dll

 

c:\windows\system32\rtutils.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\btosif.dll

 

c:\program files\widcomm\bluetooth software\btballoon.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\comdlg32.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\system32\btrez.dll

 

c:\windows\system32\csh.dll

 

C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOBNZ08.EXE

c:\program files\hewlett-packard\digital imaging\bin\hpobnz08.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\cfgmgr32.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\msi.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpqcxm08.dll

 

c:\windows\system32\shlwapi.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpodvb08.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpocxi08.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpqcob08.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hposcn08.dll

 

c:\windows\system32\sti.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hposcn08.rsc

 

c:\program files\hewlett-packard\digital imaging\bin\hpodio08.dll

 

c:\windows\system32\wtsapi32.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\sxs.dll

 

c:\windows\system32\hpzidr12.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\system32\hpzipr12.dll

 

C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOTDD01.EXE

c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpodvd08.dll

 

c:\windows\system32\cfgmgr32.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\msi.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpqcxm08.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\winspool.drv

 

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE

c:\program files\alwil software\avast4\ashmaisv.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\program files\alwil software\avast4\ashbase.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msvcp71.dll

 

c:\windows\system32\msvcr71.dll

 

c:\program files\alwil software\avast4\aswcmnos.dll

 

c:\program files\alwil software\avast4\aswcmnb.dll

 

c:\program files\alwil software\avast4\aswcmns.dll

 

c:\windows\system32\comctl32.dll

 

c:\program files\alwil software\avast4\aavm4h.dll

 

c:\program files\alwil software\avast4\ashtask.dll

 

c:\program files\alwil software\avast4\aswaux.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\program files\alwil software\avast4\ahresmai.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\dbghelp.dll

 

c:\program files\alwil software\avast4\english\base.dll

 

c:\program files\alwil software\avast4\aswengin.dll

 

c:\program files\alwil software\avast4\aswscan.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\dnsapi.dll

 

c:\windows\system32\winrnr.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\rasadhlp.dll

 

c:\program files\alwil software\avast4\ashuint.dll

 

c:\program files\alwil software\avast4\xt1922.dll

 

c:\windows\system32\mfc71.dll

 

c:\windows\system32\riched20.dll

 

c:\program files\alwil software\avast4\english\lang.dll

 

c:\program files\alwil software\avast4\english\langmai.dll

 

c:\windows\system32\psapi.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE

c:\program files\alwil software\avast4\ashwebsv.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\program files\alwil software\avast4\ashbase.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msvcp71.dll

 

c:\windows\system32\msvcr71.dll

 

c:\program files\alwil software\avast4\aswcmnos.dll

 

c:\program files\alwil software\avast4\aswcmnb.dll

 

c:\program files\alwil software\avast4\aswcmns.dll

 

c:\windows\system32\comctl32.dll

 

c:\program files\alwil software\avast4\aavm4h.dll

 

c:\program files\alwil software\avast4\ashtask.dll

 

c:\program files\alwil software\avast4\aswaux.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\dbghelp.dll

 

c:\program files\alwil software\avast4\english\base.dll

 

c:\windows\system32\psapi.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

c:\windows\system32\security.dll

 

c:\windows\system32\secur32.dll

 

c:\program files\alwil software\avast4\ashwsftr.dll

 

c:\program files\alwil software\avast4\aswscan.dll

 

c:\windows\system32\oleacc.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\winspool.drv

 

c:\progra~1\alwils~1\avast4\ahresws.dll

 

c:\program files\alwil software\avast4\aswengin.dll

 

C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOEVM08.EXE

c:\program files\hewlett-packard\digital imaging\bin\hpoevm08.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\msi.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpqcxm08.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\sxs.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpocxi08.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpqcob08.dll

 

c:\windows\system32\apphelp.dll

 

C:\WINDOWS\SYSTEM32\ALG.EXE

c:\windows\system32\alg.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\atl.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acgenral.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOSTS08.EXE

c:\program files\hewlett-packard\digital imaging\bin\hposts08.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpqtap08.dll

 

c:\windows\system32\mfc42.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hposts08.rsc

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\msi.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpqcxm08.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpocxi08.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpqcob08.dll

 

c:\windows\system32\wtsapi32.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\netapi32.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpodio08.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\sxs.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\hpzidr12.dll

 

c:\windows\system32\hpzipr12.dll

 

C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AD-AWARE2007.EXE

c:\program files\lavasoft\ad-aware 2007\ad-aware2007.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\comdlg32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\inetmib1.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\snmpapi.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\mprapi.dll

 

c:\windows\system32\activeds.dll

 

c:\windows\system32\adsldpc.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\atl.dll

 

c:\windows\system32\rtutils.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\mpr.dll

 

c:\windows\system32\imm32.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\system32\oleacc.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\apphelp.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\cscui.dll

 

c:\windows\system32\cscdll.dll

 

c:\windows\system32\olepro32.dll

 

c:\windows\system32\secur32.dll

 

C:\WINDOWS\SYSTEM32\HPZIPM12.EXE

c:\windows\system32\hpzipm12.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\ntmarta.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\hpzidr12.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\winspool.drv

 

End of Scan Section

===========================

 

Share this post


Link to post
Share on other sites

I deleted & rebooted then ran a full scan..all clear!

 

Ad-Aware 2007 Build

Log File Created on: 2007-11-20 22:26:35

Using Definitions File: C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware 2007\core.aawdef

Computer name: DESKTOP

Name of user performing scan: SYSTEM

 

System information

===========================

Number of processors: 1

Processor type: AMD Athlon XP 2400+

Memory Available: 53%

Total Physical Memory: 1073201152 Bytes

Available Physical Memory: 566685696 Bytes

Total Page File Size: 3069140992 Bytes

Available On Page File: 2679181312 Bytes

Total Virtual Memory: 2147352576 Bytes

Available Virtual Memory: 1993752576 Bytes

OS: Microsoft Windows XP Service Pack 2 (Build 2600)

 

Ad-Aware 2007 Settings

===========================

Skipping files larger than 1048576 kB

Ignoring infections with lower TAI than: 3

 

 

Extended Ad-Aware 2007 Settings

===========================

Unloading known modules during scan

Ignoring spanned files when scanning cab archives

Scanning registry for all users

Using permanent archive caching

Reanalyzing results after scanning before displaying results

Trying to unload modules prior to removal

Let Windows remove files currently in use at next reboot

Removing quarantined objects after restore

Logging Ad-Aware events

Blocking Pop-Ups aggressively

Deactivating Ad-Watch during scans

Writeprotecting system files after repairs

Including Ad-aware command line parameters in log file

Include info about ignored objects in log file

Including basic settings in log file

Including advanced settings in log file

Including user and computer name in log file

Include reference summary in log file

Creating log file for removal operations

Including module info in log file

Include Alternate Data Stream details in log file

Create and save WebUpdate log file

 

Databaseinfo

===========================

Version number: 34

Build Number: 0

Build Date and Time: 2007/11/19 19:22:58

 

Scan Statistics

===========================

Method: Full

Scan tracking cookies.............................: On

Scan ADS filestreams..............................: Off

 

Item Scanned: 280109

Infections Detected: 0

Infections Ignored: 0

 

Scan detailed statistics

===========================

Type Critical Total

Process Scan....: 0 0

Registry Scan...: 0 0

Registry PE Scan: 0 0

Hosts File Scan.: 0 0

File Scan.......: 0 0

Folder Scan.....: 0 0

LSP Scan........: 0 0

ADS Scan........: 0 0

Cookie Scan.....: 0 0

File Hash Scan..: 0 0

 

Infections Found

===========================

 

Items Ignored During Scan

===========================

 

 

Listing of running processes

===========================

C:\WINDOWS\SYSTEM32\SMSS.EXE

c:\windows\system32\smss.exe

 

c:\windows\system32\ntdll.dll

 

C:\WINDOWS\SYSTEM32\CSRSS.EXE

c:\windows\system32\csrss.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\csrsrv.dll

 

c:\windows\system32\basesrv.dll

 

c:\windows\system32\winsrv.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\sxs.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

C:\WINDOWS\SYSTEM32\WINLOGON.EXE

c:\windows\system32\winlogon.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\authz.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\nddeapi.dll

 

c:\windows\system32\profmap.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\psapi.dll

 

c:\windows\system32\regapi.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\msgina.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\odbc32.dll

 

c:\windows\system32\comdlg32.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\odbcint.dll

 

c:\windows\system32\shsvcs.dll

 

c:\windows\system32\sfc.dll

 

c:\windows\system32\sfc_os.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\apphelp.dll

 

c:\windows\system32\winscard.dll

 

c:\windows\system32\wtsapi32.dll

 

c:\windows\system32\sxs.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\system32\cscdll.dll

 

c:\windows\system32\lmiinit.dll

 

c:\windows\system32\rsaenh.dll

 

c:\windows\system32\wlnotify.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\system32\mpr.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\msv1_0.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\cscui.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\wdmaud.drv

 

c:\windows\system32\comres.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\ntmarta.dll

 

c:\windows\system32\msacm32.drv

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\midimap.dll

 

C:\WINDOWS\SYSTEM32\SERVICES.EXE

c:\windows\system32\services.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\scesrv.dll

 

c:\windows\system32\authz.dll

 

c:\windows\system32\umpnpmgr.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\ncobjapi.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acadproc.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\apphelp.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\eventlog.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\psapi.dll

 

c:\windows\system32\wtsapi32.dll

 

C:\WINDOWS\SYSTEM32\LSASS.EXE

c:\windows\system32\lsass.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\lsasrv.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\samsrv.dll

 

c:\windows\system32\cryptdll.dll

 

c:\windows\system32\dnsapi.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\mpr.dll

 

c:\windows\system32\ntdsapi.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acgenral.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\msprivs.dll

 

c:\windows\system32\kerberos.dll

 

c:\windows\system32\msv1_0.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\netlogon.dll

 

c:\windows\system32\w32time.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\schannel.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\wdigest.dll

 

c:\windows\system32\rsaenh.dll

 

c:\windows\system32\scecli.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\ipsecsvc.dll

 

c:\windows\system32\authz.dll

 

c:\windows\system32\oakley.dll

 

c:\windows\system32\winipsec.dll

 

c:\windows\system32\pstorsvc.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

c:\windows\system32\psbase.dll

 

c:\windows\system32\dssenh.dll

 

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

c:\windows\system32\svchost.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acgenral.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\ntmarta.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\rpcss.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\apphelp.dll

 

c:\windows\system32\termsrv.dll

 

c:\windows\system32\icaapi.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\authz.dll

 

c:\windows\system32\mstlsapi.dll

 

c:\windows\system32\activeds.dll

 

c:\windows\system32\adsldpc.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\atl.dll

 

c:\windows\system32\regapi.dll

 

c:\windows\system32\rsaenh.dll

 

c:\windows\system32\wtsapi32.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\msv1_0.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\msi.dll

 

c:\windows\system32\svchost.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acgenral.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\rpcss.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\rsaenh.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

c:\windows\system32\dnsapi.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\winrnr.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\rasadhlp.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\msi.dll

 

c:\windows\system32\svchost.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acgenral.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\ntmarta.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\shsvcs.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\dhcpcsvc.dll

 

c:\windows\system32\dnsapi.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\rsaenh.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

c:\windows\system32\wzcsvc.dll

 

c:\windows\system32\rtutils.dll

 

c:\windows\system32\wmi.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\wtsapi32.dll

 

c:\windows\system32\esent.dll

 

c:\windows\system32\atl.dll

 

c:\windows\system32\rastls.dll

 

c:\windows\system32\cryptui.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\wininet.dll

 

c:\windows\system32\mprapi.dll

 

c:\windows\system32\activeds.dll

 

c:\windows\system32\adsldpc.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\rasapi32.dll

 

c:\windows\system32\rasman.dll

 

c:\windows\system32\tapi32.dll

 

c:\windows\system32\schannel.dll

 

c:\windows\system32\winscard.dll

 

c:\windows\system32\raschap.dll

 

c:\windows\system32\msv1_0.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\schedsvc.dll

 

c:\windows\system32\ntdsapi.dll

 

c:\windows\system32\msidle.dll

 

c:\windows\system32\audiosrv.dll

 

c:\windows\system32\wkssvc.dll

 

c:\windows\system32\qmgr.dll

 

c:\windows\system32\mpr.dll

 

c:\windows\system32\shfolder.dll

 

c:\windows\system32\winhttp.dll

 

c:\windows\system32\cryptsvc.dll

 

c:\windows\system32\certcli.dll

 

c:\windows\system32\dmserver.dll

 

c:\windows\system32\ersvc.dll

 

c:\windows\system32\hidserv.dll

 

c:\windows\system32\hid.dll

 

c:\windows\pchealth\helpctr\binaries\pchsvc.dll

 

c:\windows\system32\es.dll

 

c:\windows\system32\srvsvc.dll

 

c:\windows\system32\netman.dll

 

c:\windows\system32\netshell.dll

 

c:\windows\system32\credui.dll

 

c:\windows\system32\wzcsapi.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\system32\seclogon.dll

 

c:\windows\system32\sens.dll

 

c:\windows\system32\srsvc.dll

 

c:\windows\system32\powrprof.dll

 

c:\windows\system32\tapisrv.dll

 

c:\windows\system32\psapi.dll

 

c:\windows\system32\trkwks.dll

 

c:\windows\system32\w32time.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\wbem\wmisvc.dll

 

c:\windows\system32\vssapi.dll

 

c:\windows\system32\wscsvc.dll

 

c:\windows\system32\msi.dll

 

c:\windows\system32\wuauserv.dll

 

c:\windows\system32\wuaueng.dll

 

c:\windows\system32\advpack.dll

 

c:\windows\system32\cabinet.dll

 

c:\windows\system32\mspatcha.dll

 

c:\windows\system32\sfc.dll

 

c:\windows\system32\sfc_os.dll

 

c:\windows\system32\wbem\wbemcomn.dll

 

c:\windows\system32\wbem\wbemcore.dll

 

c:\windows\system32\wbem\esscli.dll

 

c:\windows\system32\wbem\fastprox.dll

 

c:\windows\system32\wbem\wbemsvc.dll

 

c:\windows\system32\wbem\wmiutils.dll

 

c:\windows\system32\wbem\repdrvfs.dll

 

c:\windows\system32\browser.dll

 

c:\windows\system32\sxs.dll

 

c:\windows\system32\wbem\wmiprvsd.dll

 

c:\windows\system32\ncobjapi.dll

 

c:\windows\system32\comsvcs.dll

 

c:\windows\system32\mtxclu.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\colbact.dll

 

c:\windows\system32\clusapi.dll

 

c:\windows\system32\resutils.dll

 

c:\windows\system32\ipnathlp.dll

 

c:\windows\system32\authz.dll

 

c:\windows\system32\wbem\wbemess.dll

 

c:\windows\system32\wbem\ncprov.dll

 

c:\windows\system32\unimdm.tsp

 

c:\windows\system32\uniplat.dll

 

c:\windows\system32\unimdmat.dll

 

c:\windows\system32\modemui.dll

 

c:\windows\system32\kmddsp.tsp

 

c:\windows\system32\ndptsp.tsp

 

c:\windows\system32\ipconf.tsp

 

c:\windows\system32\h323.tsp

 

c:\windows\system32\hidphone.tsp

 

c:\windows\system32\rasadhlp.dll

 

c:\windows\system32\netrap.dll

 

c:\windows\system32\apphelp.dll

 

c:\windows\system32\wbem\wbemcons.dll

 

c:\windows\system32\upnp.dll

 

c:\windows\system32\ssdpapi.dll

 

c:\windows\system32\netcfgx.dll

 

c:\windows\system32\rasmans.dll

 

c:\windows\system32\winipsec.dll

 

c:\windows\system32\rastapi.dll

 

c:\windows\system32\rasppp.dll

 

c:\windows\system32\ntlsapi.dll

 

c:\windows\system32\kerberos.dll

 

c:\windows\system32\cryptdll.dll

 

c:\windows\system32\rasdlg.dll

 

c:\windows\system32\svchost.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acgenral.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\dnsrslvr.dll

 

c:\windows\system32\dnsapi.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

c:\windows\system32\svchost.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acgenral.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\ntmarta.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\lmhsvc.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\webclnt.dll

 

c:\windows\system32\wininet.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\urlmon.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\regsvc.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\dnsapi.dll

 

c:\windows\system32\rasadhlp.dll

 

c:\windows\system32\ssdpsrv.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\wshtcpip.dll

 

C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AAWSERVICE.EXE

c:\program files\lavasoft\ad-aware 2007\aawservice.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\program files\lavasoft\ad-aware 2007\ceapi.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\program files\lavasoft\ad-aware 2007\pkarchive84cb.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\psapi.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\wininet.dll

 

c:\windows\system32\oleaut32.dll

 

c:\program files\lavasoft\ad-aware 2007\update.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\rsaenh.dll

 

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE

c:\program files\alwil software\avast4\aswupdsv.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\program files\alwil software\avast4\aswcmns.dll

 

c:\program files\alwil software\avast4\aswcmnos.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\msvcp71.dll

 

c:\windows\system32\msvcr71.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\ws2help.dll

 

c:\program files\alwil software\avast4\aswcmnb.dll

 

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE

c:\program files\alwil software\avast4\ashserv.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\advapi32.dll

 

c:\program files\alwil software\avast4\aswaux.dll

 

c:\windows\system32\msvcp71.dll

 

c:\windows\system32\msvcr71.dll

 

c:\program files\alwil software\avast4\aswcmnb.dll

 

c:\program files\alwil software\avast4\aswcmnos.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\ws2help.dll

 

c:\program files\alwil software\avast4\aswengin.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\ole32.dll

 

c:\program files\alwil software\avast4\aswscan.dll

 

c:\program files\alwil software\avast4\aswcmns.dll

 

c:\windows\system32\oleaut32.dll

 

c:\program files\alwil software\avast4\ashbase.dll

 

c:\windows\system32\version.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\program files\alwil software\avast4\ashtask.dll

 

c:\program files\alwil software\avast4\aswinteg.dll

 

c:\program files\alwil software\avast4\aswidle.dll

 

c:\program files\alwil software\avast4\aavm4h.dll

 

c:\windows\system32\dbghelp.dll

 

c:\program files\alwil software\avast4\english\base.dll

 

c:\program files\alwil software\avast4\unacev2.dll

 

c:\windows\system32\wtsapi32.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\netapi32.dll

 

c:\program files\alwil software\avast4\ahresmai.dll

 

c:\program files\alwil software\avast4\ahresmes.dll

 

c:\program files\alwil software\avast4\ahresns.dll

 

c:\program files\alwil software\avast4\ahresout.dll

 

c:\program files\alwil software\avast4\ahresp2p.dll

 

c:\program files\alwil software\avast4\ahresstd.dll

 

c:\program files\alwil software\avast4\ahresws.dll

 

c:\program files\alwil software\avast4\ashssqlt.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\perfos.dll

 

C:\WINDOWS\SYSTEM32\SPOOLSV.EXE

c:\windows\system32\spoolsv.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acgenral.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\spoolss.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\dnsapi.dll

 

c:\windows\system32\rasadhlp.dll

 

c:\windows\system32\localspl.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\sfc_os.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\cnbjmon.dll

 

c:\windows\system32\bthcrp.dll

 

c:\windows\system32\widcommsdk.dll

 

c:\windows\system32\wbtapi.dll

 

c:\windows\system32\cfgmgr32.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\msi.dll

 

c:\windows\system32\mfc42.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\hpzlnt07.dll

 

c:\windows\system32\lmiport.dll

 

c:\windows\system32\lprmon.dll

 

c:\windows\system32\lprhelp.dll

 

c:\windows\system32\mdimon.dll

 

c:\windows\system32\fxsmon.dll

 

c:\windows\system32\fxsevent.dll

 

c:\windows\system32\pdfports.dll

 

c:\program files\adobe\acrobat 5.0\distillr\adistres.dll

 

c:\windows\system32\pjlmon.dll

 

c:\windows\system32\tcpmon.dll

 

c:\windows\system32\usbmon.dll

 

c:\windows\system32\spool\prtprocs\w32x86\lmiproc.dll

 

c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\winrnr.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\win32spl.dll

 

c:\windows\system32\netrap.dll

 

c:\windows\system32\ntdsapi.dll

 

c:\windows\system32\inetpp.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\xpsp2res.dll

 

C:\PROGRAM FILES\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE

c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\imagehlp.dll

 

C:\PROGRAM FILES\WIDCOMM\BLUETOOTH SOFTWARE\BIN\BTWDINS.EXE

c:\program files\widcomm\bluetooth software\bin\btwdins.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\rsaenh.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

C:\PROGRAM FILES\COMMON FILES\INTERVIDEO\DEVICESERVICE\DEVSVC.EXE

c:\program files\common files\intervideo\deviceservice\devsvc.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\atl80.dll

 

c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll

 

c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\devenum.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\msdmo.dll

 

c:\windows\system32\ksproxy.ax

 

c:\windows\system32\ksuser.dll

 

c:\windows\system32\vidcap.ax

 

c:\windows\system32\atl.dll

 

c:\windows\system32\kswdmcap.ax

 

c:\windows\system32\mfc42.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\wdmaud.drv

 

c:\windows\system32\msacm32.drv

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\midimap.dll

 

c:\windows\system32\qdvd.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\quartz.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\qcap.dll

 

c:\windows\system32\msvfw32.dll

 

C:\PROGRAM FILES\COMODO\FIREWALL\CMDAGENT.EXE

c:\program files\comodo\firewall\cmdagent.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\psapi.dll

 

c:\windows\system32\version.dll

 

c:\program files\comodo\firewall\dbghelp.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\comdlg32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\oleacc.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\rsaenh.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\wbem\wbemprox.dll

 

c:\windows\system32\wbem\wbemcomn.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\wbem\wbemsvc.dll

 

c:\windows\system32\wbem\fastprox.dll

 

c:\windows\system32\ntdsapi.dll

 

c:\windows\system32\dnsapi.dll

 

c:\windows\system32\wldap32.dll

 

C:\WINDOWS\SYSTEM32\CTSVCCDA.EXE

c:\windows\system32\ctsvccda.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

C:\WINDOWS\SYSTEM32\DRIVERS\KODAKCCS.EXE

c:\windows\system32\drivers\kodakccs.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

C:\PROGRAM FILES\CS FIRE MONITOR\CSFIREMON.EXE

c:\program files\cs fire monitor\csfiremon.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\msvbvm60.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\sxs.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\ccrpprg6.ocx

 

c:\windows\system32\msi.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\mscomctl.ocx

 

c:\windows\system32\comdlg32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\cs_toolbar_v2.ocx

 

c:\windows\system32\olepro32.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\asycfilt.dll

 

c:\windows\system32\msinet.ocx

 

c:\windows\system32\wininet.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\comdlg32.ocx

 

c:\windows\system32\mscomct2.ocx

 

c:\program files\common files\microsoft shared\dao\dao360.dll

 

c:\windows\system32\msjet40.dll

 

c:\windows\system32\mswstr10.dll

 

c:\windows\system32\expsrv.dll

 

c:\windows\system32\msjtes40.dll

 

c:\windows\system32\vbajet32.dll

 

c:\windows\system32\firemonwriteevent.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\urlmon.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\mprapi.dll

 

c:\windows\system32\activeds.dll

 

c:\windows\system32\adsldpc.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\atl.dll

 

c:\windows\system32\rtutils.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\wbem\wbemprox.dll

 

c:\windows\system32\wbem\wbemcomn.dll

 

c:\windows\system32\wbem\wmiutils.dll

 

c:\windows\system32\wbem\wbemsvc.dll

 

c:\windows\system32\wbem\fastprox.dll

 

c:\windows\system32\ntdsapi.dll

 

c:\windows\system32\dnsapi.dll

 

c:\windows\system32\psapi.dll

 

C:\PROGRAM FILES\COMMON FILES\LIGHTSCRIBE\LSSRVC.EXE

c:\program files\common files\lightscribe\lssrvc.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\program files\common files\lightscribe\lssproxy.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\psapi.dll

 

c:\windows\system32\shell32.dll

 

c:\program files\common files\lightscribe\lslog.dll

 

c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll

 

c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE

c:\program files\common files\microsoft shared\vs7debug\mdm.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\version.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\psapi.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

C:\WINDOWS\SYSTEM32\NVSVC32.EXE

c:\windows\system32\nvsvc32.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\powrprof.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\wtsapi32.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\msv1_0.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\apphelp.dll

 

C:\WINDOWS\SYSTEM32\SCSIACCESS.EXE

c:\windows\system32\scsiaccess.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

C:\WINDOWS\SYSTEM32\SVCHOST.EXE

c:\windows\system32\svchost.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acgenral.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\wiaservc.dll

 

c:\windows\system32\cfgmgr32.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\mscms.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\wiavusd.dll

 

c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll

 

c:\windows\system32\shfolder.dll

 

c:\windows\system32\actxprxy.dll

 

C:\PROGRAM FILES\COMMON FILES\ULEAD SYSTEMS\DVD\ULCDRSVR.EXE

c:\program files\common files\ulead systems\dvd\ulcdrsvr.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

C:\WINDOWS\SYSTEM32\USTORSRV.EXE

c:\windows\system32\ustorsrv.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\opdsl.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\mfc42.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

C:\WINDOWS\SYSTEM32\MSPMSPSV.EXE

c:\windows\system32\mspmspsv.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\ntmarta.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\samlib.dll

 

C:\WINDOWS\SYSTEM32\FXSSVC.EXE

c:\windows\system32\fxssvc.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\tapi32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\rtutils.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\system32\version.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\credui.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\fxsevent.dll

 

c:\windows\system32\fxstiff.dll

 

c:\windows\system32\fxsapi.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\ntmarta.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\fxst30.dll

 

c:\windows\system32\fxsroute.dll

 

c:\windows\system32\mpr.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\secur32.dll

 

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE

c:\program files\alwil software\avast4\ashmaisv.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\program files\alwil software\avast4\ashbase.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msvcp71.dll

 

c:\windows\system32\msvcr71.dll

 

c:\program files\alwil software\avast4\aswcmnos.dll

 

c:\program files\alwil software\avast4\aswcmnb.dll

 

c:\program files\alwil software\avast4\aswcmns.dll

 

c:\windows\system32\comctl32.dll

 

c:\program files\alwil software\avast4\aavm4h.dll

 

c:\program files\alwil software\avast4\ashtask.dll

 

c:\program files\alwil software\avast4\aswaux.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\program files\alwil software\avast4\ahresmai.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\dbghelp.dll

 

c:\program files\alwil software\avast4\english\base.dll

 

c:\program files\alwil software\avast4\aswengin.dll

 

c:\program files\alwil software\avast4\aswscan.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\dnsapi.dll

 

c:\windows\system32\winrnr.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\rasadhlp.dll

 

c:\program files\alwil software\avast4\ashuint.dll

 

c:\program files\alwil software\avast4\xt1922.dll

 

c:\windows\system32\mfc71.dll

 

c:\windows\system32\riched20.dll

 

c:\program files\alwil software\avast4\english\lang.dll

 

c:\program files\alwil software\avast4\english\langmai.dll

 

c:\windows\system32\psapi.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE

c:\program files\alwil software\avast4\ashwebsv.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\program files\alwil software\avast4\ashbase.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msvcp71.dll

 

c:\windows\system32\msvcr71.dll

 

c:\program files\alwil software\avast4\aswcmnos.dll

 

c:\program files\alwil software\avast4\aswcmnb.dll

 

c:\program files\alwil software\avast4\aswcmns.dll

 

c:\windows\system32\comctl32.dll

 

c:\program files\alwil software\avast4\aavm4h.dll

 

c:\program files\alwil software\avast4\ashtask.dll

 

c:\program files\alwil software\avast4\aswaux.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\dbghelp.dll

 

c:\program files\alwil software\avast4\english\base.dll

 

c:\windows\system32\psapi.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

c:\windows\system32\security.dll

 

c:\windows\system32\secur32.dll

 

c:\program files\alwil software\avast4\ashwsftr.dll

 

c:\program files\alwil software\avast4\aswscan.dll

 

c:\windows\system32\oleacc.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\winspool.drv

 

c:\progra~1\alwils~1\avast4\ahresws.dll

 

c:\program files\alwil software\avast4\aswengin.dll

 

C:\WINDOWS\SYSTEM32\ALG.EXE

c:\windows\system32\alg.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\atl.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acgenral.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

C:\WINDOWS\EXPLORER.EXE

c:\windows\explorer.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\browseui.dll

 

c:\windows\system32\shdocvw.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\cryptui.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\wininet.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\shimeng.dll

 

c:\windows\apppatch\acgenral.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\msacm32.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\system32\apphelp.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\cscui.dll

 

c:\windows\system32\cscdll.dll

 

c:\windows\system32\themeui.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\msimg32.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\actxprxy.dll

 

c:\windows\system32\urlmon.dll

 

c:\windows\system32\ntshrui.dll

 

c:\windows\system32\atl.dll

 

c:\windows\system32\linkinfo.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\webcheck.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\stobject.dll

 

c:\windows\system32\batmeter.dll

 

c:\windows\system32\powrprof.dll

 

c:\windows\system32\wtsapi32.dll

 

c:\windows\system32\wpdshserviceobj.dll

 

c:\windows\system32\winhttp.dll

 

c:\windows\system32\rsaenh.dll

 

c:\windows\system32\btncopy.dll

 

c:\windows\system32\wdmaud.drv

 

c:\windows\system32\mydocs.dll

 

c:\windows\system32\msacm32.drv

 

c:\windows\system32\midimap.dll

 

c:\windows\system32\netshell.dll

 

c:\windows\system32\rtutils.dll

 

c:\windows\system32\credui.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\portabledevicetypes.dll

 

c:\windows\system32\portabledeviceapi.dll

 

c:\windows\system32\msi.dll

 

c:\windows\system32\fxsst.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\system32\fxsapi.dll

 

c:\windows\system32\mpr.dll

 

c:\windows\system32\drprov.dll

 

c:\windows\system32\ntlanman.dll

 

c:\windows\system32\netui0.dll

 

c:\windows\system32\netui1.dll

 

c:\windows\system32\netrap.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\davclnt.dll

 

c:\windows\system32\lmirfsclientnp.dll

 

C:\PROGRAM FILES\MICROSOFT HARDWARE\KEYBOARD\TYPE32.EXE

c:\program files\microsoft hardware\keyboard\type32.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\wininet.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\program files\microsoft hardware\keyboard\itres.dll

 

c:\program files\microsoft hardware\keyboard\type32.dll

 

c:\program files\microsoft hardware\keyboard\mshcmd.dll

 

c:\windows\system32\shfolder.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\program files\microsoft hardware\keyboard\ithook.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\imagehlp.dll

 

C:\WINDOWS\SYSTEM32\ATWTUSB.EXE

c:\windows\system32\atwtusb.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\hid.dll

 

c:\windows\system32\version.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\imagehlp.dll

 

C:\PROGRA~1\ALWILS~1\AVAST4\ASHDISP.EXE

c:\progra~1\alwils~1\avast4\ashdisp.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\advapi32.dll

 

c:\progra~1\alwils~1\avast4\aswcmnos.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\msvcp71.dll

 

c:\windows\system32\msvcr71.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\ws2help.dll

 

c:\progra~1\alwils~1\avast4\ashbase.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\progra~1\alwils~1\avast4\aswcmnb.dll

 

c:\progra~1\alwils~1\avast4\aswcmns.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\progra~1\alwils~1\avast4\ashtask.dll

 

c:\progra~1\alwils~1\avast4\aswaux.dll

 

c:\windows\system32\shell32.dll

 

c:\progra~1\alwils~1\avast4\aavm4h.dll

 

c:\windows\system32\dbghelp.dll

 

c:\program files\alwil software\avast4\english\base.dll

 

c:\program files\alwil software\avast4\english\lang.dll

 

c:\windows\system32\mfc71.dll

 

c:\progra~1\alwils~1\avast4\aavmrpch.dll

 

c:\program files\alwil software\avast4\ahruimai.dll

 

c:\progra~1\alwils~1\avast4\ashuint.dll

 

c:\progra~1\alwils~1\avast4\xt1922.dll

 

c:\program files\alwil software\avast4\ahruimes.dll

 

c:\program files\alwil software\avast4\ahruins.dll

 

c:\program files\alwil software\avast4\ahruiout.dll

 

c:\windows\system32\mapi32.dll

 

c:\program files\alwil software\avast4\ahruip2p.dll

 

c:\program files\alwil software\avast4\ahruistd.dll

 

c:\program files\alwil software\avast4\ahruiws.dll

 

c:\windows\system32\secur32.dll

 

C:\PROGRAM FILES\LOGMEIN\X86\LOGMEINSYSTRAY.EXE

c:\program files\logmein\x86\logmeinsystray.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\program files\logmein\x86\logmeinsystray.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\program files\logmein\x86\rntfywnd.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\shfolder.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\mswsock.dll

 

c:\windows\system32\hnetcfg.dll

 

c:\windows\system32\wshtcpip.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\riched32.dll

 

c:\windows\system32\riched20.dll

 

C:\PROGRAM FILES\COMODO\FIREWALL\CPF.EXE

c:\program files\comodo\firewall\cpf.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\program files\comodo\firewall\dbghelp.dll

 

c:\windows\system32\comdlg32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\system32\oledlg.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\wtsapi32.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\ntmarta.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\riched20.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\rsaenh.dll

 

c:\windows\system32\userenv.dll

 

c:\windows\system32\secur32.dll

 

c:\windows\system32\asycfilt.dll

 

C:\PROGRAM FILES\WIDCOMM\BLUETOOTH SOFTWARE\BTTRAY.EXE

c:\program files\widcomm\bluetooth software\bttray.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\cfgmgr32.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\wbtapi.dll

 

c:\windows\system32\msi.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\mfc42.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\rasapi32.dll

 

c:\windows\system32\rasman.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\tapi32.dll

 

c:\windows\system32\rtutils.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\btosif.dll

 

c:\program files\widcomm\bluetooth software\btballoon.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\comdlg32.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\system32\btrez.dll

 

c:\windows\system32\csh.dll

 

C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOBNZ08.EXE

c:\program files\hewlett-packard\digital imaging\bin\hpobnz08.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\cfgmgr32.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\msi.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpqcxm08.dll

 

c:\windows\system32\shlwapi.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpodvb08.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpocxi08.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpqcob08.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hposcn08.dll

 

c:\windows\system32\sti.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hposcn08.rsc

 

c:\program files\hewlett-packard\digital imaging\bin\hpodio08.dll

 

c:\windows\system32\wtsapi32.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\hpzidr12.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\sxs.dll

 

c:\windows\system32\hpzipr12.dll

 

C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOTDD01.EXE

c:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpodvd08.dll

 

c:\windows\system32\cfgmgr32.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\msi.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpqcxm08.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\winspool.drv

 

C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOEVM08.EXE

c:\program files\hewlett-packard\digital imaging\bin\hpoevm08.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\msi.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpqcxm08.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\sxs.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpocxi08.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpqcob08.dll

 

C:\PROGRAM FILES\LAVASOFT\AD-AWARE 2007\AD-AWARE2007.EXE

c:\program files\lavasoft\ad-aware 2007\ad-aware2007.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\comctl32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\comdlg32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\inetmib1.dll

 

c:\windows\system32\iphlpapi.dll

 

c:\windows\system32\snmpapi.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\mprapi.dll

 

c:\windows\system32\activeds.dll

 

c:\windows\system32\adsldpc.dll

 

c:\windows\system32\netapi32.dll

 

c:\windows\system32\wldap32.dll

 

c:\windows\system32\atl.dll

 

c:\windows\system32\rtutils.dll

 

c:\windows\system32\samlib.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\mpr.dll

 

c:\windows\system32\imm32.dll

 

c:\windows\system32\winmm.dll

 

c:\windows\system32\serwvdrv.dll

 

c:\windows\system32\umdmxfrm.dll

 

c:\windows\system32\oleacc.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\uxtheme.dll

 

c:\windows\system32\apphelp.dll

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\cscui.dll

 

c:\windows\system32\cscdll.dll

 

c:\windows\system32\olepro32.dll

 

c:\windows\system32\secur32.dll

 

C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOSTS08.EXE

c:\program files\hewlett-packard\digital imaging\bin\hposts08.exe

 

c:\windows\system32\ntdll.dll

 

c:\windows\system32\kernel32.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpqtap08.dll

 

c:\windows\system32\mfc42.dll

 

c:\windows\system32\msvcrt.dll

 

c:\windows\system32\gdi32.dll

 

c:\windows\system32\user32.dll

 

c:\windows\system32\advapi32.dll

 

c:\windows\system32\rpcrt4.dll

 

c:\windows\system32\shell32.dll

 

c:\windows\system32\shlwapi.dll

 

c:\windows\system32\ole32.dll

 

c:\windows\system32\oleaut32.dll

 

c:\windows\system32\msvcp60.dll

 

c:\windows\system32\winspool.drv

 

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

 

c:\windows\system32\comctl32.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hposts08.rsc

 

c:\windows\system32\clbcatq.dll

 

c:\windows\system32\comres.dll

 

c:\windows\system32\version.dll

 

c:\windows\system32\msi.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpqcxm08.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpocxi08.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpqcob08.dll

 

c:\windows\system32\wtsapi32.dll

 

c:\windows\system32\winsta.dll

 

c:\windows\system32\netapi32.dll

 

c:\program files\hewlett-packard\digital imaging\bin\hpodio08.dll

 

c:\windows\system32\wsock32.dll

 

c:\windows\system32\ws2_32.dll

 

c:\windows\system32\ws2help.dll

 

c:\windows\system32\xpsp2res.dll

 

c:\windows\system32\sxs.dll

 

c:\windows\system32\hpzipr12.dll

 

c:\windows\system32\setupapi.dll

 

c:\windows\system32\wintrust.dll

 

c:\windows\system32\crypt32.dll

 

c:\windows\system32\msasn1.dll

 

c:\windows\system32\imagehlp.dll

 

c:\windows\system32\hpzidr12.dll

 

End of Scan Section

===========================

Edited by noahdfear
removed previous post quote

Share this post


Link to post
Share on other sites

Open Killbox.exe and click File>Delete all dummy files then exit.

 

Delete the following files and folders.

 

dss.exe

fix.reg

Killbox.exe

OTMoveIt.exe

SDFix.exe

VundoFix.exe

C:\!Killbox

C:\Deckard

C:\_OTMoveIt

C:\SDFix

C:\VundoFix Backups

C:\WINDOWS\Fonts\'

C:\WINDOWS\Fonts\a.zip

C:\WINDOWS\Fonts\Setup.exe

  • Double click ATF-Cleaner.exe to run the program.
  • Check the boxes to the left of:
     
    • Windows Temp
    • Current User Temp
    • All Users Temp
    • Temporary Internet Files
    • Prefetch
    • Java Cache
    • Recycle bin

     

    [*]The rest are optional - if you want it to remove everything check "Select All".

    [*]Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK. Now clean up the Mozilla profile as well.

Reboot

 

Recommend you now do one more scan to be sure we haven't missed anything. Please do an online scan with Kaspersky WebScanner

 

Click on Kaspersky Online Scanner

 

You will be promted to install an ActiveX component from Kaspersky, Click Yes.

  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT

  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:

      Extended (if available otherwise Standard)

    • Scan Options:

      Scan Archives
      Scan Mail Bases

    [*]Click OK

    [*]Now under select a target to scan:

      Select My Computer

    [*]This will program will start and scan your system.

    [*]The scan will take a while so be patient and let it run.

    [*]Once the scan is complete it will display if your system has been infected.

    • Now click on the Save as Text button:

    [*]Save the file to your desktop.

Post the Kaspersky log and one more fresh HijackThis log.

Share this post


Link to post
Share on other sites
Open Killbox.exe and click File>Delete all dummy files then exit.

 

Delete the following files and folders.

 

dss.exe

fix.reg

Killbox.exe

OTMoveIt.exe

SDFix.exe

VundoFix.exe

C:\!Killbox

C:\Deckard

C:\_OTMoveIt

C:\SDFix

C:\VundoFix Backups

C:\WINDOWS\Fonts\'

C:\WINDOWS\Fonts\a.zip

C:\WINDOWS\Fonts\Setup.exe

  • Double click ATF-Cleaner.exe to run the program.
  • Check the boxes to the left of:
     
    • Windows Temp
    • Current User Temp
    • All Users Temp
    • Temporary Internet Files
    • Prefetch
    • Java Cache
    • Recycle bin

     

    [*]The rest are optional - if you want it to remove everything check "Select All".

    [*]Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK. Now clean up the Mozilla profile as well.

Reboot

 

Recommend you now do one more scan to be sure we haven't missed anything. Please do an online scan with Kaspersky WebScanner

 

Click on Kaspersky Online Scanner

 

You will be promted to install an ActiveX component from Kaspersky, Click Yes.

  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT

  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:

    • Extended (if available otherwise Standard)

    • Scan Options:

    • Scan Archives
      Scan Mail Bases

    [*]Click OK

    [*]Now under select a target to scan:

    • Select My Computer

    [*]This will program will start and scan your system.

    [*]The scan will take a while so be patient and let it run.

    [*]Once the scan is complete it will display if your system has been infected.

    • Now click on the Save as Text button:

    [*]Save the file to your desktop.

Post the Kaspersky log and one more fresh HijackThis log.

 

 

HI Dave...logs as requested...theKapersky log I'll attach due to size..Cheers

 

Logfile of HijackThis v1.99.1

Scan saved at 10:47:10 PM, on 21/11/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

C:\Program Files\Comodo\Firewall\cmdagent.exe

C:\WINDOWS\system32\CTSvcCDA.EXE

C:\WINDOWS\system32\drivers\KodakCCS.exe

C:\Program Files\CS Fire Monitor\CSFireMon.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\ScsiAccess.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\WINDOWS\system32\UStorSrv.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\WINDOWS\system32\fxssvc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Microsoft Hardware\Keyboard\type32.exe

C:\WINDOWS\system32\atwtusb.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Program Files\Comodo\Firewall\CPF.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Documents and Settings\Dad.DESKTOP\Desktop\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigpond.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bigpond.com/

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O4 - HKLM\..\Run: [intelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

O4 - Global Startup: hpoddt01.exe.lnk = ?

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Panda ActiveScan - {653D93AF-C741-4e5e-8C1B-59BA43F93E16} - http://www.pandasoftware.com/activescan (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: START_PAGE_URL=http://www.bigpond.com/

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1125884139484

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE

O23 - Service: CS Fire Monitor - Unknown owner - C:\Program Files\CS Fire Monitor\CSFireMonService.exe" -service (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe

Share this post


Link to post
Share on other sites

QUOTE(Anton.B @ Nov 21 2007, 10:49 PM) 61593[/snapback]
HI Dave...logs as requested...theKapersky log I'll attach due to size..Cheers

 

Logfile of HijackThis v1.99.1

Scan saved at 10:47:10 PM, on 21/11/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

C:\Program Files\Comodo\Firewall\cmdagent.exe

C:\WINDOWS\system32\CTSvcCDA.EXE

C:\WINDOWS\system32\drivers\KodakCCS.exe

C:\Program Files\CS Fire Monitor\CSFireMon.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\ScsiAccess.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\WINDOWS\system32\UStorSrv.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\WINDOWS\system32\fxssvc.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Microsoft Hardware\Keyboard\type32.exe

C:\WINDOWS\system32\atwtusb.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Program Files\Comodo\Firewall\CPF.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Documents and Settings\Dad.DESKTOP\Desktop\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigpond.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bigpond.com/

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O4 - HKLM\..\Run: [intelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

O4 - Global Startup: hpoddt01.exe.lnk = ?

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Panda ActiveScan - {653D93AF-C741-4e5e-8C1B-59BA43F93E16} - http://www.pandasoftware.com/activescan (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O14 - IERESET.INF: START_PAGE_URL=http://www.bigpond.com/

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1125884139484

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab

O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - https://secure.logmein.com/activex/ractrl.cab?lmi=100

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE

O23 - Service: CS Fire Monitor - Unknown owner - C:\Program Files\CS Fire Monitor\CSFireMonService.exe" -service (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE

O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

O23 - Service: UStorage Server Service - OTi - C:\WINDOWS\system32\UStorSrv.exe

 

-------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER REPORT

Wednesday, November 21, 2007 10:44:10 PM

Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)

Kaspersky Online Scanner version: 5.0.98.0

Kaspersky Anti-Virus database last update: 21/11/2007

Kaspersky Anti-Virus database records: 462659

-------------------------------------------------------------------------------

 

Scan Settings:

Scan using the following antivirus database: extended

Scan Archives: true

Scan Mail Bases: true

 

Scan Target - My Computer:

A:\

C:\

D:\

E:\

 

Scan Statistics:

Total number of scanned objects: 105724

Number of viruses found: 10

Number of infected objects: 35

Number of suspicious objects: 0

Duration of the scan process: 01:52:40

 

Infected Object Name / Virus Name / Last Action

C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\InboxLOG.txt Object is locked skipped

C:\Documents and Settings\All Users\Application Data\Microsoft\Windows NT\MSFax\ActivityLog\OutboxLOG.txt Object is locked skipped

C:\Documents and Settings\Anton\AdobeWeb.log Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Adobe\Acrobat\8.0\AdobeCMapFnt08.lst Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Adobe\Acrobat\8.0\AdobeSysFnt08.lst Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Adobe\Acrobat\8.0\JavaScripts\glob.js Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Adobe\Acrobat\8.0\JavaScripts\glob.settings.js Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Adobe\Acrobat\8.0\TMDocs.sav Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Adobe\Acrobat\8.0\TMGrpPrm.sav Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Adobe\Acrobat\8.0\UserCache.bin Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Adobe\Acrobat\Distiller 5\Cache\PSHFList1 Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Adobe\Acrobat\Distiller 5\Cache\PSHFList2 Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Adobe\Acrobat\Distiller 5\messages.log Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Adobe\Acrobat\Preferences\WebCaptr.prefs Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Adobe\Acrobat\WHAPI\CreatePDFWinColor.ico Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Adobe\Acrobat\WHAPI\CreatePDFWinGray.ico Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Adobe\Acrobat\WHAPI\PaperCaptureWinColor.ico Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Adobe\Acrobat\WHAPI\PaperCaptureWinGray.ico Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Adobe\Acrobat\WHAPI\WHAppList.xml Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Apple Computer\iTunes\CD Info.cidb Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Apple Computer\iTunes\iTunesPrefs.xml Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Apple Computer\Preferences\com.apple.syncserver.plist Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Apple Computer\Preferences\OUTLOOK.EXE.plist Object is locked skipped

C:\Documents and Settings\Anton\Application Data\Apple Computer\QuickTime\QTPlayerSession.xml Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\background.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\background.pngv Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\bang.log Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\boards\7119b1bcaab6cbe317fbeb95d5c2f202 Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\code\bang-config.jar Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\code\bang-config.jarv Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\code\bang-pcode.jar Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\code\bang-pcode.jarv Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\code\commons-beanutils.jar Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\code\commons-beanutils.jarv Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\code\commons-digester.jar Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\code\commons-digester.jarv Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\code\commons-logging.jar Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\code\commons-logging.jarv Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\code\config.jar Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\code\config.jarv Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\code\getdown-pro-new.jar Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\code\getdown-pro-new.jarv Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\code\lwjgl.jar Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\code\lwjgl.jarv Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\code\lwjgl_util.jar Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\code\lwjgl_util.jarv Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\digest.txt Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\getdown-pro.jar Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\getdown.txt Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\installer.txt Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\native\jinput-dxplugin.dll Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\native\jinput-dxplugin.dllv Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\native\lwjgl.dll Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\native\lwjgl.dllv Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\native\OpenAL32.dll Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\native\OpenAL32.dllv Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\progress.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\progress.pngv Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\proxy.txt Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyebrows\arched.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyebrows\concerned.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyebrows\curious.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyebrows\evil.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyebrows\high.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyebrows\inquisitive.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyebrows\knit.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyebrows\normal.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyebrows\sad.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyebrows\sharp.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyebrows\small.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyebrows\smirk.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyebrows\surprised.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyebrows\thick.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyebrows\trouble.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyes\big.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyes\closed.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyes\cool.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyes\cute.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyes\determined.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyes\glass.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyes\intent.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyes\lashy.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyes\left.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyes\scar.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyes\sharp.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyes\shifty.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyes\sly.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\eyes\squinty.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\hair\back_curly.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\hair\back_fancy.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\hair\bob.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\hair\braids.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\hair\fairy.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\hair\mohawk.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\hair\ponytail.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\hair\ponytail_reverse.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\hair\shroom.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\hair\spikey.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\hair\straight.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\hair\wavy.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\hair\wings.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\head\cheeks.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\head\chin.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\head\chubby.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\head\granny.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\head\heart.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\head\normal.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\head\obese.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\head\pointy.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\head\rascal.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\head\round.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\head\sharp.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\head\slant.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\mouth\angry.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\mouth\chew.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\mouth\chuckling.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\mouth\content.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\mouth\frown.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\mouth\grin.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\mouth\jolie.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\mouth\lips.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\mouth\puzzled.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\mouth\sad.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\mouth\serious.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\mouth\sly.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\mouth\smirk.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\mouth\smug.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\mouth\stern.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\mouth\straw.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\mouth\surly.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\mouth\tiny.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\nose\button.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\nose\corner.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\nose\curve.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\nose\flat.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\nose\hook.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\nose\latina.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\nose\line.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\nose\nub.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\nose\picasso.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\nose\pointy.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\nose\round.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\nose\sharp.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\nose\wide.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\female\nose\wrinkled.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\beard\braid.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\beard\chops.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\beard\colonel.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\beard\fro.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\beard\goatee.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\beard\grant.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\beard\grizzly.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\beard\muttonchops.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\beard\sideburns.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\beard\spikey.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\beard\stubble.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyebrows\angry.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyebrows\angular.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyebrows\bushy.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyebrows\concerned.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyebrows\content.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyebrows\cool.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyebrows\evil.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyebrows\jaunty.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyebrows\kindly.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyebrows\rock.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyebrows\surprised.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyebrows\thick.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyes\closed.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyes\far.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyes\patch.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyes\plain.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyes\rugged.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyes\scar.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyes\shifty.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyes\sly.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyes\squinty.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyes\stare.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyes\weary.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\eyes\wide.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\hair\bald.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\hair\balding.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\hair\braids.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\hair\disheveled.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\hair\dredds_long.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\hair\dredds_short.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\hair\fro.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\hair\long_straight.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\hair\mohawk.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\hair\parted.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\hair\slickedback.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\hair\spikeback.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\hair\spikeup.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\hair\spikey.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\hair\sweptback.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\hair\wirey_medium.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\hair\wirey_short.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\head\angular.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\head\chin.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\head\cleft.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\head\fat.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\head\hoss.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\head\jutting.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\head\long.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\head\moon.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\head\normal.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\head\pointy.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\head\small.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\head\square.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mouth\angry.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mouth\annoyed.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mouth\chew.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mouth\frown.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mouth\grit.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mouth\happy.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mouth\sad.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mouth\shy.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mouth\smile.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mouth\smirk.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mouth\stern.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mouth\worried.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mustache\chop.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mustache\curly.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mustache\droopy.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mustache\gringo.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mustache\handlebar.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mustache\latin.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mustache\magnum.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mustache\messy.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mustache\neat.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mustache\u.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mustache\villain.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\mustache\wyatt.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\nose\beak.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\nose\boxer.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\nose\button.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\nose\creased.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\nose\dwarf.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\nose\flat.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\nose\hook.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\nose\long.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\nose\pointy.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\nose\pug.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\nose\rail.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\aspects\male\nose\wide.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\bullzeye\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\bullzeye\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\checker\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\checker\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\clockwork\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\clockwork\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\design\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\design\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\fountain\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\fountain\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\oval\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\oval\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\plain\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\plain\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\radiate\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\radiate\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\rattlers\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\rattlers\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\sunrise\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\sunrise\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\swirls\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\swirls\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\swirls2\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\swirls2\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\swirls3\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\swirls3\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\top\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\top\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\tris\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\background\tris\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\barbed_wire\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\barbed_wire\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\barbed_wire\static_crop.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\barbed_wire\static_crop.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\classic\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\classic\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\classic\static_crop.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\classic\static_crop.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\cornered\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\cornered\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\cornered\static_crop.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\cornered\static_crop.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\four_corners\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\four_corners\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\four_corners\static_crop.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\four_corners\static_crop.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\four_corners_studs\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\four_corners_studs\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\four_corners_studs\static_crop.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\four_corners_studs\static_crop.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\frill_rect\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\frill_rect\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\frill_rect\static_crop.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\frill_rect\static_crop.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\gilded\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\gilded\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\gilded\static_crop.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\gilded\static_crop.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\mech_chain\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\mech_chain\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\mech_chain\static_crop.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\mech_chain\static_crop.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\rattler\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\rattler\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\rattler\static_crop.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\rattler\static_crop.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\rope_oval\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\rope_oval\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\rope_oval\static_crop.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\rope_oval\static_crop.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\rope_shape\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\rope_shape\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\rope_shape\static_crop.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\rope_shape\static_crop.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\round_10_studs\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\round_10_studs\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\round_10_studs\static_crop.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\round_10_studs\static_crop.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\round_2_gears\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\round_2_gears\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\round_2_gears\static_crop.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\round_2_gears\static_crop.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\round_2_studs\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\round_2_studs\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\round_2_studs\static_crop.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\round_2_studs\static_crop.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\scrolls\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\scrolls\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\scrolls\static_crop.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\border\scrolls\static_crop.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\axe_left\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\axe_left\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\axe_left_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\axe_left_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\axe_right\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\axe_right\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\axe_right_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\axe_right_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\banner\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\banner\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bear\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bear\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bear_claw_left\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bear_claw_left\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bear_claw_left_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bear_claw_left_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bear_claw_right\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bear_claw_right\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bear_claw_right_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bear_claw_right_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bear_left_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bear_left_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bear_right_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bear_right_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\boot\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\boot\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\buffalo_left\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\buffalo_left\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\buffalo_right\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\buffalo_right\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bullet\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bullet\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bull_head\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bull_head\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bull_head_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bull_head_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bull_skull\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bull_skull\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bull_skull_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\bull_skull_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\chamber\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\chamber\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\cloud\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\cloud\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\counter\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\counter\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\dear_left\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\dear_left\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\dear_left_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\dear_left_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\dear_right\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\dear_right\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\dear_right_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\dear_right_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\eagle_swoop\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\eagle_swoop\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\feather_left\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\feather_left\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\feather_left_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\feather_left_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\feather_right\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\feather_right\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\feather_right_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\feather_right_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\feather_up_left\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\feather_up_left\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\feather_up_left_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\feather_up_left_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\feather_up_right\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\feather_up_right\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\feather_up_right_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\feather_up_right_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\flower_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\flower_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\flower_tiny\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\flower_tiny\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\gear_fat\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\gear_fat\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\gear_fat_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\gear_fat_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\gear_tiny\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\gear_tiny\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\gun_crossed_02_left\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\gun_crossed_02_left\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\gun_crossed_02_right\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\gun_crossed_02_right\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\gun_crossed_left\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\gun_crossed_left\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\gun_crossed_right\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\gun_crossed_right\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\gun_left\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\gun_left\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\gun_right\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\gun_right\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\hat_left\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\hat_left\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\hat_right\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\hat_right\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\headdress_left\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\headdress_left\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\headdress_left_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\headdress_left_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\headdress_right\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\headdress_right\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\headdress_right_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\headdress_right_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\hole_bullet\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\hole_bullet\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\hole_key\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\hole_key\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\hole_key_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\hole_key_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horseshoe\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horseshoe\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horseshoe_left_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horseshoe_left_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horseshoe_pair\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horseshoe_pair\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horseshoe_right_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horseshoe_right_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horseshoe_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horseshoe_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horse_rearing_left\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horse_rearing_left\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horse_rearing_left_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horse_rearing_left_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horse_rearing_right\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horse_rearing_right\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horse_rearing_right_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horse_rearing_right_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horse_run_left\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horse_run_left\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horse_run_left_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horse_run_left_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horse_run_right\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horse_run_right\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horse_run_right_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\horse_run_right_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\iron_plate\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\iron_plate\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\lasso\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\lasso\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\rabbit\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\rabbit\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\rose_left\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\rose_left\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\rose_right\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\rose_right\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\rose_tilt_left\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\rose_tilt_left\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\rose_tilt_right\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\rose_tilt_right\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\scorpy_left\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\scorpy_left\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\scorpy_right\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\scorpy_right\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\scorpy_small_a\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\scorpy_small_a\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\scorpy_small_b\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\scorpy_small_b\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\scorpy_small_left_a\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\scorpy_small_left_a\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\scorpy_small_left_b\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\scorpy_small_left_b\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\scorpy_small_right_a\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\scorpy_small_right_a\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\scorpy_small_right_b\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\scorpy_small_right_b\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\screw_double\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\screw_double\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\screw_single\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\screw_single\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\screw_single_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\screw_single_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\snake\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\snake\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\star_nubs\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\star_nubs\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\star_nubs_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\star_nubs_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\star_nubs_tiny\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\star_nubs_tiny\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\star_small\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\star_small\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\star_tiny\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\star_tiny\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_club\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_club\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_club_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_club_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_club_tiny\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_club_tiny\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_diamond\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_diamond\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_diamond_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_diamond_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_diamond_tiny\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_diamond_tiny\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_heart\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_heart\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_heart_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_heart_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_heart_tiny\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_heart_tiny\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_spade\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_spade\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_spade_sm\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_spade_sm\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_spade_tiny\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\suit_spade_tiny\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\thunderbird_front\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\thunderbird_front\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\thunderbird_head_left\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\thunderbird_head_left\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\thunderbird_head_right\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\thunderbird_head_right\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\totem_eagle\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\totem_eagle\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\totem_orca\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\totem_orca\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\trickster_mask\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\trickster_mask\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\warrior_shield\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\warrior_shield\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\washer\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\washer\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\watch\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\watch\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\wrench_crossed_02_left\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\wrench_crossed_02_left\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\wrench_crossed_02_right\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\wrench_crossed_02_right\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\wrench_crossed_left\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\wrench_crossed_left\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\wrench_crossed_right\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\wrench_crossed_right\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\wrench_left\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\wrench_left\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\wrench_right\static.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\buckle\icon\wrench_right\static.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components\components.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components.jar Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components.jarv Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\buckle\components.stamp Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\components.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\bodice\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\bodice\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\boots\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\boots\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\duster\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\duster\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\duster_smoking\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\duster_smoking\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\frontier_dress\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\frontier_dress\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\frontier_dress_holding\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\frontier_dress_holding\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\gunslinger\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\gunslinger\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\kneel\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\kneel\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\madam_cash\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\madam_cash\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\madam_hips\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\madam_hips\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\peasant_dress\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\peasant_dress\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\poncho\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\poncho\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\poncho_closed\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\poncho_closed\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\striped_vest\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_back\striped_vest\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\arms_down_bodice\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\arms_down_bodice\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\book_frontier_dress\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\book_frontier_dress\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\cash_madam\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\cash_madam\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\fan_bodice\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\fan_bodice\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\flirt_peasant_dress\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\flirt_peasant_dress\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\panning_kneel\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\panning_kneel\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\peaked_boots\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\peaked_boots\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\pistol_boots\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\pistol_boots\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\pistol_peasant_dress\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\pistol_peasant_dress\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\rifle_kneel\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\rifle_kneel\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\smoking_duster\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\smoking_duster\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\tin_can_clementine\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\clothing_front\tin_can_clementine\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\arched\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\arched\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\arched\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\arched\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\concerned\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\concerned\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\concerned\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\concerned\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\curious\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\curious\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\curious\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\curious\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\evil\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\evil\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\evil\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\evil\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\high\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\high\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\high\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\high\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\inquisitive\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\inquisitive\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\inquisitive\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\inquisitive\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\knit\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\knit\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\knit\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\knit\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\normal\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\normal\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\normal\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\normal\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\sad\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\sad\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\sad\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\sad\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\sharp\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\sharp\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\sharp\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\sharp\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\small\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\small\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\small\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\small\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\smirk\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\smirk\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\smirk\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\smirk\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\surprised\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\surprised\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\surprised\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\surprised\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\thick\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\thick\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\thick\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\thick\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\trouble\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\trouble\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\trouble\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyebrows\trouble\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\big\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\big\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\big\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\big\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\closed\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\closed\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\closed\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\closed\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\cool\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\cool\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\cool\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\cool\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\cute\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\cute\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\cute\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\cute\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\determined\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\determined\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\determined\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\determined\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\glass\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\glass\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\glass\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\glass\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\intent\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\intent\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\intent\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\intent\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\lashy\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\lashy\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\left\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\left\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\left\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\left\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\right\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\right\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\right\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\right\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\scar\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\scar\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\scar\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\scar\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\sharp\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\sharp\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\sharp\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\sharp\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\shifty\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\shifty\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\shifty\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\shifty\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\sly\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\sly\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\sly\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\sly\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\squinty\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\squinty\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\squinty\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\eyes\squinty\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\familiar\armadillo\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\familiar\armadillo\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\familiar\buzzard\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\familiar\buzzard\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\familiar\mini_blimp\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\familiar\mini_blimp\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\familiar\raccoon\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\familiar\raccoon\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\glasses\clown_nose\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\glasses\clown_nose\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\glasses\mask\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\glasses\mask\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\glasses\round\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\glasses\round\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\glasses\steamgoggles\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\glasses\steamgoggles\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\glasses\von_helmet_goggles\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\glasses\von_helmet_goggles\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_back\back_curly\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_back\back_curly\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_back\back_fancy\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_back\back_fancy\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_back\fairy\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_back\fairy\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_back\ponytail\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_back\ponytail\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_back\ponytail_reverse\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_back\ponytail_reverse\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_back\shroom\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_back\shroom\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_back\wavy\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_back\wavy\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_back\wings\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_back\wings\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\back_curly\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\back_curly\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\back_fancy\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\back_fancy\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\bob\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\bob\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\braids\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\braids\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\fairy\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\fairy\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\mohawk\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\mohawk\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\ponytail\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\ponytail\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\ponytail_reverse\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\ponytail_reverse\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\shroom\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\shroom\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\spikey\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\spikey\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\straight\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\straight\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\wavy\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\wavy\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\wings\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_front\wings\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_middle\bob\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_middle\bob\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_middle\braids\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_middle\braids\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_middle\straight\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_middle\straight\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_middle\wings\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hair_middle\wings\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hat\bonnet\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hat\bonnet\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hat\bonnet\default_crop.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hat\bonnet\default_crop.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hat\bonnet\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hat\bonnet\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hat\bowler\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hat\bowler\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hat\bowler\default_crop.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hat\bowler\default_crop.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hat\bowler\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hat\bowler\default_shadow.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hat\longbrim\default.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hat\longbrim\default.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hat\longbrim\default_crop.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hat\longbrim\default_crop.png Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hat\longbrim\default_shadow.dat Object is locked skipped

C:\Documents and Settings\Anton\Application Data\bang\rsrc\avatars\frontier_town\female\components\female\hat\longbrim\default_shadow.png Object is locked skipped

C:\Documents and Settings\A

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this