Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 


Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads
Reload this Page Need help on possible mal-ware and clean up
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read


Resolved HJT Threads Resolved spyware and popup issues.

 
Page 1 of 2 1 2
 
LinkBack Thread Tools
Old 06-26-2009, 06:48 PM   #1 (permalink)
Registered User
 
Join Date: Jun 2009
Posts: 29
OS: xp


Need help on possible mal-ware and clean up
Hey guys, first off i'd like to say what a great job you guys are doing here.

It all started like this:
Today I was surfing the web early in the morning, I receive this freeonline scanner popup, I have mywot and it said it was red but it didn't block it so i exited it. when i clicked the X it gave me a pop up saying are you sure you want to stop the scan? ( something like that) and I clicked the X button again, It still began to go so i knew this was bad. I proceeded to closing firefox which worked, but then it asked me again so out of hesitation I completely turned off the power from my computer. Now im nervous that I have some kind of mal-ware and if I don't i've been wondering why my computer has been so slow x-x.

Anyways i proceeded to follow the instructions with GMER but it stops at a certain point and just ultimately shuts down.
when I open it up again it says something about system32 process cannot be scanned because it was being used. That scared me a bit so I cannot in clude the GMER log in here. currently im trying again but I have my DDS and my attach if that helps.

DDS LOG:

DDS (Ver_09-06-26.01) - NTFSx86
Run by HP_Administrator at 13:39:03.65 on 26/06/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1982.1025 [GMT -6:00]

AV: AVG 7.5.524 *On-access scanning enabled* (Outdated) {41564737-3200-1071-989B-0000E87B4FB1}
AV: avast! antivirus 4.8.1335 [VPS 090626-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Prevx 2.0 *On-access scanning disabled* (Updated) {557C3342-BC52-4508-AC25-4441BDF5C04C}
AV: Norton 360 *On-access scanning disabled* (Outdated) {A5F1BC7C-EA33-4247-961C-0217208396C4}
FW: Norton 360 *enabled* {371C0A40-5A0C-4AD2-A6E5-69C02037FBF3}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ARPWRMSG.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\TELUSE~1\SMARTB~1\MotiveSB.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
C:\Program Files\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Prevx2\PXAgent.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Documents and Settings\HP_Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=64&bd=PAVILION&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=64&bd=PAVILION&pf=desktop
uSearch Bar = hxxp://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchURL,(Default) = hxxp://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
uURLSearchHooks: H - No File
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: {1e8a6170-7264-4d0f-beae-d42a53123c75} - c:\program files\common files\symantec shared\coshared\browser\1.7\NppBho.dll
BHO: : {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: URLDetector Class: {55ea1964-f5e4-4d6a-b9b2-125b37655fcb} - c:\documents and settings\all users\application data\prevx\pxbho.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: hpWebHelper Class: {aaae832a-5fff-4661-9c8f-369692d1dcb9} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.15642\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Show Norton Toolbar: {90222687-f593-4738-b738-fbee9c7b26df} - c:\program files\common files\symantec shared\coshared\browser\1.7\UIBHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [<NO NAME>]
uRun: [WhatPulse] c:\program files\whatpulse\WhatPulse.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [Steam] "c:\program files\steam\Steam.exe" -silent
uRun: [Google Update] "c:\documents and settings\hp_administrator\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [AlwaysReady Power Message APP] ARPWRMSG.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [<NO NAME>]
mRun: [PCDrProfiler]
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [NeroCheck] c:\windows\system32\NeroCheck.exe
mRun: [Motive SmartBridge] c:\progra~1\teluse~1\smartb~1\MotiveSB.exe
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
dRun: [msnmsgr] "c:\program files\msn messenger\msnmsgr.exe" /background
dRun: [AVG7_Run] c:\progra~1\grisoft\avg7\avgw.exe /RUNONCE
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\alienw~1.lnk - c:\program files\alienguise\alienwaredock\ObjectDock.exe
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\my_aut~1.lnk - c:\program files\warkeys\autowarkey\autohotkey\AutoHotkey.exe
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\warkey~1.lnk - c:\program files\warkeys\autowarkey\autohotkey\AutoHotkey.exe
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\xfire.lnk - c:\program files\xfire\Xfire.exe
uPolicies-system: NoAdminPage = 1
IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: ShaPlus Google Translator - c:\program files\shaplus google translator\GoogleTranslator.dll/ie.htm
IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\yahoo!\Common/ycsms.htm
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\hp_administrator\start menu\programs\imvu\Run IMVU.lnk
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Notify: WB - c:\program files\alienguise\fastload.dll
AppInit_DLLs: wbsys.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\hp_adm~1\applic~1\mozilla\firefox\profiles\m47pkzqh.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\m47pkzqh.default\extensions\solidstateion@solidstatenetworks.com\plugins\npssn.dll
FF - plugin: c:\documents and settings\hp_administrator\local settings\application data\google\update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npgcplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npijjiCHPlugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npijjiFFPlugin1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npracplug.dll
FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll
FF - plugin: c:\program files\veoh networks\veoh\plugins\noreg\NPVeohVersion.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-5-8 114768]
R1 Avg7Core;AVG7 Kernel;c:\windows\system32\drivers\avg7core.sys [2007-8-31 821856]
R1 Avg7RsW;AVG7 Wrap Driver;c:\windows\system32\drivers\avg7rsw.sys [2007-8-31 4224]
R1 Avg7RsXP;AVG7 Resident Driver XP;c:\windows\system32\drivers\avg7rsxp.sys [2007-8-31 27776]
R1 AvgClean;AVG7 Clean Driver;c:\windows\system32\drivers\avgclean.sys [2007-8-31 10760]
R1 PREVXTdi;PREVX TDI filter;c:\windows\system32\drivers\pxtdi.sys [2007-9-1 28040]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-5-8 20560]
R2 AvgTdi;AVG Network Redirector;c:\windows\system32\drivers\avgtdi.sys [2007-8-31 4960]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2008-9-2 99376]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2009-4-8 38496]
S3 CXFALCON;Conexant Falcon II NTSC Video Capture;c:\windows\system32\drivers\cxfalcon.sys [2006-11-16 82048]
S3 geebers12;geebers12;\??\c:\documents and settings\hp_administrator\desktop\buffy engine 2.1\nvid888.sys --> c:\documents and settings\hp_administrator\desktop\buffy engine 2.1\nvid888.sys [?]
S3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20081218.007\NAVENG.SYS [2008-12-18 89104]
S3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20081218.007\NAVEX15.SYS [2008-12-18 876112]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064]
S3 PREVXEmulator;PREVX Emulator driver;c:\windows\system32\drivers\PxEmu.sys [2007-9-1 107784]
S3 XDva037;XDva037;\??\c:\windows\system32\xdva037.sys --> c:\windows\system32\XDva037.sys [?]
S3 XDva143;XDva143;\??\c:\windows\system32\xdva143.sys --> c:\windows\system32\XDva143.sys [?]
S3 XDva190;XDva190;\??\c:\windows\system32\xdva190.sys --> c:\windows\system32\XDva190.sys [?]
S3 XDva225;XDva225;\??\c:\windows\system32\xdva225.sys --> c:\windows\system32\XDva225.sys [?]

=============== Created Last 30 ================

2009-06-26 13:24 118,784 a------- c:\windows\system32\MSSTDFMT.DLL
2009-06-26 13:24 <DIR> --d----- c:\program files\SpywareBlaster
2009-06-26 13:11 410,984 a------- c:\windows\system32\deploytk.dll
2009-06-19 19:41 <DIR> --d----- c:\program files\Warkeys
2009-06-19 19:30 <DIR> --d----- c:\windows\ShellNew
2009-06-19 19:30 <DIR> --d----- c:\program files\AutoHotkey
2009-06-11 16:29 41,808 a------- c:\windows\system32\xfcodec.dll
2009-06-02 17:24 <DIR> --d----- c:\program files\common files\DivX Shared
2009-06-02 17:22 <DIR> --d----- c:\program files\Regensoft
2009-06-02 17:22 <DIR> --d----- c:\program files\AviSynth 2.5
2009-06-02 17:22 <DIR> --d----- c:\program files\Red Kawa
2009-05-31 19:48 <DIR> --d----- c:\windows\system32\NtmsData

==================== Find3M ====================

2009-05-29 14:23 78,054 a------- c:\windows\War3Unin.dat
2009-05-07 09:44 344,064 a------- c:\windows\system32\localspl.dll
2009-05-07 09:44 344,064 a------- c:\windows\system32\dllcache\localspl.dll
2009-04-28 22:56 827,392 a------- c:\windows\system32\wininet.dll
2009-04-28 22:56 827,392 a------- c:\windows\system32\dllcache\wininet.dll
2009-04-28 22:56 233,472 a------- c:\windows\system32\dllcache\webcheck.dll
2009-04-28 22:56 1,159,680 a------- c:\windows\system32\dllcache\urlmon.dll
2009-04-28 22:56 671,232 a------- c:\windows\system32\dllcache\mstime.dll
2009-04-28 22:56 105,984 a------- c:\windows\system32\dllcache\url.dll
2009-04-28 22:56 102,912 a------- c:\windows\system32\dllcache\occache.dll
2009-04-28 22:56 44,544 a------- c:\windows\system32\dllcache\pngfilt.dll
2009-04-28 22:56 3,596,288 a------- c:\windows\system32\dllcache\mshtml.dll
2009-04-28 22:56 477,696 a------- c:\windows\system32\dllcache\mshtmled.dll
2009-04-28 22:56 193,024 a------- c:\windows\system32\dllcache\msrating.dll
2009-04-28 03:05 70,656 a------- c:\windows\system32\dllcache\ie4uinit.exe
2009-04-28 03:05 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2009-04-24 23:27 636,088 a------- c:\windows\system32\dllcache\iexplore.exe
2009-04-24 23:26 161,792 a------- c:\windows\system32\dllcache\ieakui.dll
2009-04-17 03:58 1,846,656 a------- c:\windows\system32\win32k.sys
2009-04-17 03:58 1,846,656 a------- c:\windows\system32\dllcache\win32k.sys
2009-04-15 14:25 129,784 -------- c:\windows\system32\pxafs.dll
2009-04-15 14:25 120,056 -------- c:\windows\system32\pxcpyi64.exe
2009-04-15 14:25 118,520 -------- c:\windows\system32\pxinsi64.exe
2009-04-15 14:24 90,112 a------- c:\windows\system32\dpl100.dll
2009-04-15 14:24 823,296 a------- c:\windows\system32\divx_xx0c.dll
2009-04-15 14:24 823,296 a------- c:\windows\system32\divx_xx07.dll
2009-04-15 14:24 815,104 a------- c:\windows\system32\divx_xx0a.dll
2009-04-15 14:24 802,816 a------- c:\windows\system32\divx_xx11.dll
2009-04-15 14:24 684,032 a------- c:\windows\system32\DivX.dll
2009-04-15 09:26 583,168 a------- c:\windows\system32\rpcrt4.dll
2009-04-15 09:26 583,168 a------- c:\windows\system32\dllcache\rpcrt4.dll
2009-03-29 16:38 3,021 a------- c:\windows\system32\wbers.dat
2008-09-19 22:39 0 a------- c:\documents and settings\hp_administrator\jagex_runescape_preferences.dat
2008-05-11 11:45 182 a------- c:\docume~1\hp_adm~1\applic~1\wklnhst.dat
2008-01-16 22:02 774,144 a------- c:\program files\RngInterstitial.dll
2007-05-19 17:44 393 a------- c:\program files\Shortcut to Program Files.lnk
1999-07-06 18:00 6 ---shr-- c:\windows\@@desktop.dat

============= FINISH: 13:41:23.09 ===============
Attached Files
File Type: zip Attach.zip (5.2 KB, 1 views)
Last edited by Justin1002; 06-26-2009 at 06:52 PM.
Justin1002 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here

Old 06-26-2009, 10:06 PM   #2 (permalink)
Registered User
 
Join Date: Jun 2009
Posts: 29
OS: xp


Re: Need help on possible mal-ware and clean up
Here's my GMER. after 2 restarts I finally got it to work X_X
Sorry for double post please help!

GMER 1.0.15.14972 - http://www.gmer.net
Rootkit scan 2009-06-26 21:55:03
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.15 ----

SSDT 8A599230 ZwAlertResumeThread
SSDT 8A26C090 ZwAlertThread
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwAllocateUserPhysicalPages [0xBA690847]
SSDT 8A414780 ZwAllocateVirtualMemory
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xB5C546B8]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwCompactKeys [0xBA690865]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwCompressKey [0xBA69086F]
SSDT 8A5793C0 ZwConnectPort
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwCreateDirectoryObject [0xBA690879]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwCreateEvent [0xBA690883]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwCreateEventPair [0xBA69088D]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwCreateFile [0xBA690897]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwCreateIoCompletion [0xBA6908A1]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwCreateJobObject [0xBA6908AB]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xB5C54574]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwCreateMailslotFile [0xBA6908BF]
SSDT 8A1F9868 ZwCreateMutant
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwCreateNamedPipeFile [0xBA6908D3]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwCreatePort [0xBA6908DD]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwCreateProcess [0xBA6908E7]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwCreateProcessEx [0xBA6908F1]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwCreateSection [0xBA6908FB]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwCreateSemaphore [0xBA690905]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwCreateSymbolicLinkObject [0xBA69090F]
SSDT 8A37DB00 ZwCreateThread
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwCreateTimer [0xBA690923]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwCreateToken [0xBA69092D]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwDeleteFile [0xBA690937]
SSDT \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS (Symantec Event Library/Symantec Corporation) ZwDeleteKey [0xB620F130]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xB5C54A52]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwDeviceIoControlFile [0xBA690955]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xB5C5414C]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwEnumerateKey [0xBA690969]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwEnumerateValueKey [0xBA690973]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwFreeUserPhysicalPages [0xBA69097D]
SSDT 8A3D86F0 ZwFreeVirtualMemory
SSDT 8A24D090 ZwImpersonateAnonymousToken
SSDT 8A249090 ZwImpersonateThread
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwLoadDriver [0xBA6909A5]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwLoadKey [0xBA6909AF]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwLoadKey2 [0xBA6909B9]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwLockRegistryKey [0xBA6909C3]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwLockVirtualMemory [0xBA6909CD]
SSDT 8A37EA40 ZwMapViewOfSection
SSDT 8A256090 ZwOpenEvent
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwOpenFile [0xBA6909E1]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xB5C5464E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xB5C5408C]
SSDT 8A25E090 ZwOpenProcessToken
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwOpenSection [0xBA690A09]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xB5C540F0]
SSDT 8A2B6780 ZwOpenThreadToken
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwProtectVirtualMemory [0xBA690A27]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwQueryInformationProcess [0xBA690A31]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwQueryInformationThread [0xBA690A3B]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwQueryKey [0xBA690A45]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwQueryMultipleValueKey [0xBA690A4F]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwQueryOpenSubKeys [0xBA690A59]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xB5C5476E]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwQueueApcThread [0xBA690A6D]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwReadFile [0xBA690A77]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwReadVirtualMemory [0xBA690A81]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwRenameKey [0xBA690A8B]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwReplaceKey [0xBA690A95]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xB5C5472E]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwResumeProcess [0xBA690AA9]
SSDT 8A359108 ZwResumeThread
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwSaveKey [0xBA690ABD]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwSaveKeyEx [0xBA690AC7]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwSaveMergedKeys [0xBA690AD1]
SSDT 8A270090 ZwSetContextThread
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwSetInformationKey [0xBA690AE5]
SSDT 8A3C7738 ZwSetInformationProcess
SSDT 8A1FE738 ZwSetInformationThread
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwSetSystemInformation [0xBA690B03]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xB5C548AE]
SSDT 8A1F0BE8 ZwSuspendProcess
SSDT 8A269090 ZwSuspendThread
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwSystemDebugControl [0xBA690B2B]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwTerminateJobObject [0xBA690B35]
SSDT 8A292090 ZwTerminateProcess
SSDT 8A262090 ZwTerminateThread
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwUnloadDriver [0xBA690B53]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwUnloadKey [0xBA690B5D]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwUnloadKeyEx [0xBA690B67]
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwUnlockVirtualMemory [0xBA690B71]
SSDT 8A283090 ZwUnmapViewOfSection
SSDT pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/) ZwWriteFile [0xBA690B85]
SSDT 8A3D87C0 ZwWriteVirtualMemory

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \FileSystem\Ntfs \Ntfs pxfsf.sys (PREVX Security Agent for Windows/Prevx Limited, http://www.prevx1.com/)
AttachedDevice \FileSystem\Ntfs \Ntfs avg7rsw.sys (AVG Resident Shield Unload Helper/GRISOFT, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Ip SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Ip pxtdi.sys (PREVX Security Agent for Windows. TDI module/Prevx Limited, http://www.prevx1.com/)
AttachedDevice \Driver\Tcpip \Device\Ip avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Tcp pxtdi.sys (PREVX Security Agent for Windows. TDI module/Prevx Limited, http://www.prevx1.com/)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \Driver\Tcpip \Device\Udp pxtdi.sys (PREVX Security Agent for Windows. TDI module/Prevx Limited, http://www.prevx1.com/)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp pxtdi.sys (PREVX Security Agent for Windows. TDI module/Prevx Limited, http://www.prevx1.com/)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdi.sys (AVG Network connection watcher/GRISOFT, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp SYMTDI.SYS (Network Dispatch Driver/Symantec Corporation)
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \FileSystem\Fastfat \Fat avg7rsw.sys (AVG Resident Shield Unload Helper/GRISOFT, s.r.o.)

---- Files - GMER 1.0.15 ----

File C:\Program Files\BannedStory\img\Character\Face\00021105\angry.0.face.png 271 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\bewildered.0.face.png 184 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\blink.0.face.png 245 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\blink.1.face.png 195 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\blink.2.face.png 231 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\cheers.0.face.png 218 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\chu.0.face.png 205 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\cry.0.face.png 232 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\data.xml 4964 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\default.face.png 245 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\glitter.0.face.png 461 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\glitter.1.face.png 441 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\hit.0.face.png 256 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\oops.0.face.png 165 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\pain.0.face.png 231 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\smile.0.face.png 226 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\stunned.0.face.png 192 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\troubled.0.face.png 202 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\vomit.0.face.png 336 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\vomit.1.face.png 327 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021105\wink.0.face.png 253 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\angry.0.face.png 271 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\bewildered.0.face.png 184 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\blink.0.face.png 283 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\blink.1.face.png 200 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\blink.2.face.png 247 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\cheers.0.face.png 218 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\chu.0.face.png 205 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\cry.0.face.png 231 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\data.xml 4961 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\default.face.png 283 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\glitter.0.face.png 450 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\glitter.1.face.png 468 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\hit.0.face.png 279 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\oops.0.face.png 165 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\pain.0.face.png 231 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\smile.0.face.png 234 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\stunned.0.face.png 192 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\troubled.0.face.png 202 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\vomit.0.face.png 345 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\vomit.1.face.png 335 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021106\wink.0.face.png 280 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\angry.0.face.png 255 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\bewildered.0.face.png 140 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\blink.0.face.png 246 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\blink.1.face.png 163 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\blink.2.face.png 227 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\cheers.0.face.png 212 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\chu.0.face.png 173 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\cry.0.face.png 167 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\data.xml 4963 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\default.face.png 246 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\glitter.0.face.png 466 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\glitter.1.face.png 446 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\hit.0.face.png 257 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\oops.0.face.png 122 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\pain.0.face.png 199 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\smile.0.face.png 196 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\stunned.0.face.png 139 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\troubled.0.face.png 161 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\vomit.0.face.png 315 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\vomit.1.face.png 324 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021110\wink.0.face.png 218 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\angry.0.face.png 255 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\bewildered.0.face.png 140 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\blink.0.face.png 299 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\blink.1.face.png 141 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\blink.2.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\cheers.0.face.png 207 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\chu.0.face.png 170 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\cry.0.face.png 167 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\data.xml 4963 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\default.face.png 299 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\glitter.0.face.png 459 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\glitter.1.face.png 439 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\hit.0.face.png 313 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\oops.0.face.png 122 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\pain.0.face.png 199 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\smile.0.face.png 191 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\stunned.0.face.png 134 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\troubled.0.face.png 154 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\vomit.0.face.png 310 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\vomit.1.face.png 320 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021111\wink.0.face.png 250 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\angry.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\bewildered.0.face.png 141 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\blink.0.face.png 259 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\blink.1.face.png 132 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\blink.2.face.png 194 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\cheers.0.face.png 216 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\chu.0.face.png 170 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\cry.0.face.png 146 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\data.xml 4960 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\default.face.png 259 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\glitter.0.face.png 459 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\glitter.1.face.png 437 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\hit.0.face.png 277 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\oops.0.face.png 129 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\pain.0.face.png 199 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\smile.0.face.png 193 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\stunned.0.face.png 138 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\troubled.0.face.png 160 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\vomit.0.face.png 313 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\vomit.1.face.png 323 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021112\wink.0.face.png 239 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\angry.0.face.png 275 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\bewildered.0.face.png 166 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\blink.0.face.png 340 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\blink.1.face.png 231 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\blink.2.face.png 332 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\cheers.0.face.png 238 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\chu.0.face.png 230 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\cry.0.face.png 252 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\data.xml 4961 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\default.face.png 340 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\glitter.0.face.png 487 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\glitter.1.face.png 467 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\hit.0.face.png 346 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\oops.0.face.png 184 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\pain.0.face.png 236 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\smile.0.face.png 266 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\stunned.0.face.png 165 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\troubled.0.face.png 214 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\vomit.0.face.png 350 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\vomit.1.face.png 345 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021113\wink.0.face.png 322 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\angry.0.face.png 263 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\bewildered.0.face.png 139 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\blink.0.face.png 243 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\blink.1.face.png 121 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\blink.2.face.png 186 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\cheers.0.face.png 225 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\chu.0.face.png 169 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\cry.0.face.png 146 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\data.xml 4964 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\default.face.png 243 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\glitter.0.face.png 464 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\glitter.1.face.png 446 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\hit.0.face.png 243 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\oops.0.face.png 118 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\pain.0.face.png 199 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\smile.0.face.png 192 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\stunned.0.face.png 138 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\troubled.0.face.png 159 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\vomit.0.face.png 314 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\vomit.1.face.png 314 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021114\wink.0.face.png 237 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\angry.0.face.png 267 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\bewildered.0.face.png 143 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\blink.0.face.png 217 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\blink.1.face.png 154 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\blink.2.face.png 202 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\cheers.0.face.png 218 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\chu.0.face.png 204 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\cry.0.face.png 221 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\data.xml 4964 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\default.face.png 217 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\glitter.0.face.png 457 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\glitter.1.face.png 445 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\hit.0.face.png 251 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\oops.0.face.png 142 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\pain.0.face.png 219 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\smile.0.face.png 240 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\stunned.0.face.png 133 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\troubled.0.face.png 169 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\vomit.0.face.png 320 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\vomit.1.face.png 310 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021118\wink.0.face.png 223 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\angry.0.face.png 294 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\bewildered.0.face.png 203 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\blink.0.face.png 348 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\blink.1.face.png 250 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\blink.2.face.png 320 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\cheers.0.face.png 269 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\chu.0.face.png 261 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\cry.0.face.png 268 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\data.xml 4969 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\default.face.png 348 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\glitter.0.face.png 511 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\glitter.1.face.png 493 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\hit.0.face.png 368 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\oops.0.face.png 199 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\pain.0.face.png 271 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\smile.0.face.png 295 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\stunned.0.face.png 201 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\troubled.0.face.png 246 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\vomit.0.face.png 379 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\vomit.1.face.png 374 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021119\wink.0.face.png 336 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\angry.0.face.png 258 bytes
Justin1002 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-26-2009, 10:07 PM   #3 (permalink)
Registered User
 
Join Date: Jun 2009
Posts: 29
OS: xp


Re: Need help on possible mal-ware and clean up
File C:\Program Files\BannedStory\img\Character\Face\00021200\bewildered.0.face.png 141 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\blink.0.face.png 280 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\blink.1.face.png 156 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\blink.2.face.png 230 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\cheers.0.face.png 202 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\chu.0.face.png 169 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\cry.0.face.png 146 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\data.xml 4963 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\default.face.png 280 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\glitter.0.face.png 459 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\glitter.1.face.png 447 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\hit.0.face.png 246 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\oops.0.face.png 112 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\pain.0.face.png 231 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\smile.0.face.png 193 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\stunned.0.face.png 138 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\troubled.0.face.png 160 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\vomit.0.face.png 323 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\vomit.1.face.png 313 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021200\wink.0.face.png 260 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\angry.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\bewildered.0.face.png 135 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\blink.0.face.png 226 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\blink.1.face.png 123 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\blink.2.face.png 198 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\cheers.0.face.png 202 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\chu.0.face.png 168 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\cry.0.face.png 149 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\data.xml 4959 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\default.face.png 226 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\glitter.0.face.png 458 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\glitter.1.face.png 446 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\hit.0.face.png 201 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\oops.0.face.png 112 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\pain.0.face.png 231 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\smile.0.face.png 182 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\stunned.0.face.png 131 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\troubled.0.face.png 151 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\vomit.0.face.png 313 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\vomit.1.face.png 301 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021201\wink.0.face.png 224 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\angry.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\bewildered.0.face.png 137 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\blink.0.face.png 220 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\blink.1.face.png 155 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\blink.2.face.png 212 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\cheers.0.face.png 202 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\chu.0.face.png 168 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\cry.0.face.png 150 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\data.xml 4962 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\default.face.png 220 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\glitter.0.face.png 465 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\glitter.1.face.png 452 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\hit.0.face.png 201 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\oops.0.face.png 125 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\pain.0.face.png 231 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\smile.0.face.png 190 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\stunned.0.face.png 133 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\troubled.0.face.png 157 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\vomit.0.face.png 319 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\vomit.1.face.png 308 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021202\wink.0.face.png 207 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\angry.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\bewildered.0.face.png 137 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\blink.0.face.png 199 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\blink.1.face.png 124 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\blink.2.face.png 167 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\cheers.0.face.png 202 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\chu.0.face.png 168 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\cry.0.face.png 150 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\data.xml 4962 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\default.face.png 199 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\glitter.0.face.png 457 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\glitter.1.face.png 446 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\hit.0.face.png 171 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\oops.0.face.png 112 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\pain.0.face.png 231 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\smile.0.face.png 197 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\stunned.0.face.png 137 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\troubled.0.face.png 160 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\vomit.0.face.png 323 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\vomit.1.face.png 313 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021204\wink.0.face.png 202 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\angry.0.face.png 271 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\bewildered.0.face.png 184 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\blink.0.face.png 243 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\blink.1.face.png 195 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\blink.2.face.png 232 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\cheers.0.face.png 218 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\chu.0.face.png 205 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\cry.0.face.png 232 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\data.xml 4964 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\default.face.png 243 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\glitter.0.face.png 463 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\glitter.1.face.png 449 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\hit.0.face.png 255 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\oops.0.face.png 165 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\pain.0.face.png 231 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\smile.0.face.png 226 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\stunned.0.face.png 192 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\troubled.0.face.png 202 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\vomit.0.face.png 336 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\vomit.1.face.png 327 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021205\wink.0.face.png 252 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\angry.0.face.png 271 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\bewildered.0.face.png 184 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\blink.0.face.png 288 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\blink.1.face.png 200 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\blink.2.face.png 248 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\cheers.0.face.png 218 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\chu.0.face.png 205 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\cry.0.face.png 231 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\data.xml 4961 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\default.face.png 288 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\glitter.0.face.png 469 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\glitter.1.face.png 456 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\hit.0.face.png 280 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\oops.0.face.png 165 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\pain.0.face.png 231 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\smile.0.face.png 234 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\stunned.0.face.png 192 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\troubled.0.face.png 202 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\vomit.0.face.png 345 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\vomit.1.face.png 335 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021206\wink.0.face.png 277 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\angry.0.face.png 270 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\bewildered.0.face.png 208 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\blink.0.face.png 335 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\blink.1.face.png 269 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\blink.2.face.png 303 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\cheers.0.face.png 218 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\chu.0.face.png 274 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\cry.0.face.png 243 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\data.xml 4961 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\default.face.png 335 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\glitter.0.face.png 495 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\glitter.1.face.png 481 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\hit.0.face.png 282 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\oops.0.face.png 222 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\pain.0.face.png 232 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\smile.0.face.png 300 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\stunned.0.face.png 247 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\troubled.0.face.png 255 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\vomit.0.face.png 384 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\vomit.1.face.png 380 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021207\wink.0.face.png 317 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\angry.0.face.png 261 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\bewildered.0.face.png 133 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\blink.0.face.png 227 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\blink.1.face.png 108 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\blink.2.face.png 169 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\cheers.0.face.png 205 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\chu.0.face.png 168 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\cry.0.face.png 151 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\data.xml 4965 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\default.face.png 227 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\glitter.0.face.png 461 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\glitter.1.face.png 448 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\hit.0.face.png 235 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\oops.0.face.png 120 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\pain.0.face.png 198 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\smile.0.face.png 190 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\stunned.0.face.png 134 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\troubled.0.face.png 154 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\vomit.0.face.png 317 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\vomit.1.face.png 309 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021208\wink.0.face.png 209 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\angry.0.face.png 294 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\bewildered.0.face.png 203 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\blink.0.face.png 349 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\blink.1.face.png 250 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\blink.2.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\cheers.0.face.png 269 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\chu.0.face.png 261 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\cry.0.face.png 268 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\data.xml 4969 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\default.face.png 349 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\glitter.0.face.png 508 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\glitter.1.face.png 499 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\hit.0.face.png 369 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\oops.0.face.png 199 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\pain.0.face.png 271 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\smile.0.face.png 295 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\stunned.0.face.png 201 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\troubled.0.face.png 246 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\vomit.0.face.png 379 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\vomit.1.face.png 374 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021219\wink.0.face.png 338 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\angry.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\bewildered.0.face.png 141 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\blink.0.face.png 286 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\blink.1.face.png 156 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\blink.2.face.png 236 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\cheers.0.face.png 202 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\chu.0.face.png 169 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\cry.0.face.png 146 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\data.xml 4963 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\default.face.png 286 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\glitter.0.face.png 460 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\glitter.1.face.png 438 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\hit.0.face.png 253 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\oops.0.face.png 112 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\pain.0.face.png 231 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\smile.0.face.png 193 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\stunned.0.face.png 138 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\troubled.0.face.png 160 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\vomit.0.face.png 323 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\vomit.1.face.png 313 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021300\wink.0.face.png 264 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\angry.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\bewildered.0.face.png 135 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\blink.0.face.png 230 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\blink.1.face.png 123 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\blink.2.face.png 200 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\cheers.0.face.png 202 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\chu.0.face.png 168 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\cry.0.face.png 149 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\data.xml 4959 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\default.face.png 230 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\glitter.0.face.png 457 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\glitter.1.face.png 436 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\hit.0.face.png 202 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\oops.0.face.png 112 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\pain.0.face.png 231 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\smile.0.face.png 182 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\stunned.0.face.png 131 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\troubled.0.face.png 151 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\vomit.0.face.png 313 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\vomit.1.face.png 301 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021301\wink.0.face.png 225 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\angry.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\bewildered.0.face.png 137 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\blink.0.face.png 224 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\blink.1.face.png 155 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\blink.2.face.png 215 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\cheers.0.face.png 202 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\chu.0.face.png 168 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\cry.0.face.png 150 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\data.xml 4962 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\default.face.png 224 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\glitter.0.face.png 464 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\glitter.1.face.png 444 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\hit.0.face.png 205 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\oops.0.face.png 125 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\pain.0.face.png 231 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\smile.0.face.png 190 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\stunned.0.face.png 133 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\troubled.0.face.png 157 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\vomit.0.face.png 319 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\vomit.1.face.png 308 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021302\wink.0.face.png 214 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\angry.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\bewildered.0.face.png 137 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\blink.0.face.png 233 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\blink.1.face.png 136 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\blink.2.face.png 207 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\cheers.0.face.png 202 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\chu.0.face.png 168 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\cry.0.face.png 150 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\data.xml 4958 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\default.face.png 233 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\glitter.0.face.png 467 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\glitter.1.face.png 444 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\hit.0.face.png 214 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\oops.0.face.png 112 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\pain.0.face.png 231 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\smile.0.face.png 197 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303
\stunned.0.face.png 137 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\troubled.0.face.png 160 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\vomit.0.face.png 323 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\vomit.1.face.png 312 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021303\wink.0.face.png 234 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\angry.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\bewildered.0.face.png 137 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\blink.0.face.png 197 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\blink.1.face.png 124 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\blink.2.face.png 167 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\cheers.0.face.png 202 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\chu.0.face.png 168 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\cry.0.face.png 150 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\data.xml 4962 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\default.face.png 197 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\glitter.0.face.png 458 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\glitter.1.face.png 438 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\hit.0.face.png 171 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\hot.0.face.png 610 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\hot.1.face.png 710 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\hum.0.face.png 258 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\hum.1.face.png 265 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\love.0.face.png 321 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\love.1.face.png 316 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\oops.0.face.png 112 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\pain.0.face.png 231 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\shine.0.face.png 176 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\smile.0.face.png 197 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\stunned.0.face.png 137 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\troubled.0.face.png 160 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\vomit.0.face.png 323 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\vomit.1.face.png 313 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021304\wink.0.face.png 202 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021305\angry.0.face.png 271 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021305\bewildered.0.face.png 184 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021305\blaze.0.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021305\blaze.1.face.png 395 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021305\blink.0.face.png 246 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021305\blink.1.face.png 195 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021305\blink.2.face.png 230 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021305\bowing.0.face.png 402 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021305\bowing.1.face.png 408 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021305\cheers.0.face.png 218 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021305\chu.0.face.png 205 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021305\cry.0.face.png 232 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021305\dam.0.face.png 333 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021305\data.xml 4964 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021305\default.face.png 246 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021305\despair.0.face.png 394 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021305\despair.1.face.png 405 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021305\glitter.0.face.png 0 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021305\glitter.1.face.png 0 bytes
File C:\Program Files\BannedStory\img\Character\Face\00021305\hit.0.face.png 0 bytes

---- EOF - GMER 1.0.15 ----

Sorry, it didn't fit.

I don't even use this stuff anymore why isn't it deleted D:

EDIT:
My computer is getting slower every time I restart :(!

EDIT EDIT:

I have noticed my passwords and usernames aren't remembered anymore D:
Last edited by Justin1002; 06-26-2009 at 10:26 PM.
Justin1002 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-29-2009, 12:13 PM   #4 (permalink)
Moderator, Analyst, Security Team
 
TheBruce1's Avatar
 
Join Date: Oct 2006
Location: Důn Čideann,Scotland.
Posts: 5,093
OS: XP


Re: Need help on possible mal-ware and clean up
Hello and welcome to TSF

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification, then click Subscribe.

========

Please follow all instructions and in which order they come, if you have any questions, please ask before proceeding. Its important that you follow this through until i give you the all clear.

Please DO NOT Attach logs to your posts unless you are advised to do so.

========


Quote:
AV: AVG 7.5.524 *On-access scanning enabled* (Outdated) {41564737-3200-1071-989B-0000E87B4FB1}
AV: avast! antivirus 4.8.1335 [VPS 090626-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Prevx 2.0 *On-access scanning disabled* (Updated) {557C3342-BC52-4508-AC25-4441BDF5C04C}
AV: Norton 360 *
Not good, having four antivirus programs on the same machine, i am somewhat surprised that this machine has not crashed yet.

Please remove AVG, Avast and Prevx, keep Norton 360 as it offers not only an antivirus protection, but also firewall protection.

Run DDS again and post the logs from the scan in your reply.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.
__________________
Member of ASAP since 2007
Member of UNITE since 2008

**Notice to BT customers**
BT to dump Phorm, see Here for more information. No DPI

If we have helped you in anyway, please consider Donating
TheBruce1 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-29-2009, 10:43 PM   #5 (permalink)
Registered User
 
Join Date: Jun 2009
Posts: 29
OS: xp


Re: Need help on possible mal-ware and clean up
Can I keep avast?

I don't really use the other 3.

Should I also remove the files in quarantine? will that release the viruses out again?

Prevx won't uninstall, what should I do! It says one or more of its processes are running and then it says fatal error.

I know the process is PXagent.exe But when I try to end it it tells me access denied.

Im beginning to think this was a bad software ~_~.

But you should know i deleted AVG.
Last edited by Justin1002; 06-29-2009 at 10:58 PM.
Justin1002 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-30-2009, 08:42 AM   #6 (permalink)
Moderator, Analyst, Security Team
 
TheBruce1's Avatar
 
Join Date: Oct 2006
Location: Důn Čideann,Scotland.
Posts: 5,093
OS: XP


Re: Need help on possible mal-ware and clean up
Hello again

Quote:
Can I keep avast?
Yes. Keep Avast and uninstall the antivirus portion of Norton 360. Leave yourself with one antivirus and one forewall programme.

Quote:
I don't really use the other 3.
One is enough, more does not offer greater protection.


Quote:
Should I also remove the files in quarantine? will that release the viruses out again?
Yes remove the quarantined folder, the virus stored inside the folder will also be removed.

Quote:
Prevx won't uninstall, what should I do! It says one or more of its processes are running and then it says fatal error.
See if the helps.
http://info.prevx.com/faqp2.asp#8

Quote:
Im beginning to think this was a bad software ~_~.
Nothing wrong with Prevx, having four antivirus programs installed on the same machine will cause problems.
__________________
Member of ASAP since 2007
Member of UNITE since 2008

**Notice to BT customers**
BT to dump Phorm, see Here for more information. No DPI

If we have helped you in anyway, please consider Donating
TheBruce1 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-30-2009, 11:52 AM   #7 (permalink)
Registered User
 
Join Date: Jun 2009
Posts: 29
OS: xp


Re: Need help on possible mal-ware and clean up
Here's my log:

I kept Norton 360 for the firewall but I disabled the on access scanner.

DDS (Ver_09-06-26.01) - NTFSx86
Run by HP_Administrator at 11:45:27.04 on 30/06/2009
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1982.1242 [GMT -6:00]

AV: avast! antivirus 4.8.1335 [VPS 090630-0] *On-access scanning enabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: Norton 360 *On-access scanning disabled* (Outdated) {A5F1BC7C-EA33-4247-961C-0217208396C4}
FW: Norton 360 *enabled* {371C0A40-5A0C-4AD2-A6E5-69C02037FBF3}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\PROGRA~1\TELUSE~1\SMARTB~1\MotiveSB.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\AlienGUIse\AlienwareDock\ObjectDock.exe
C:\Program Files\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\windows\system\hpsysdrv.exe
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE
C:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe
C:\Documents and Settings\HP_Administrator\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_CA&c=64&bd=PAVILION&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=64&bd=PAVILION&pf=desktop
uSearch Bar = hxxp://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchURL,(Default) = hxxp://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
uURLSearchHooks: H - No File
uWindows: run="c:\windows\system32\winupdate.exe"
BHO: Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: {1e8a6170-7264-4d0f-beae-d42a53123c75} - c:\program files\common files\symantec shared\coshared\browser\1.7\NppBho.dll
BHO: : {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: URLDetector Class: {55ea1964-f5e4-4d6a-b9b2-125b37655fcb} - c:\documents and settings\all users\application data\prevx\pxbho.dll
BHO: Yahoo! IE Services Button: {5bab4b5b-68bc-4b02-94d6-2fc0de4a7897} - c:\program files\yahoo!\common\yiesrvc.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: hpWebHelper Class: {aaae832a-5fff-4661-9c8f-369692d1dcb9} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\plugin\WebHelper.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.15642\swg.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Show Norton Toolbar: {90222687-f593-4738-b738-fbee9c7b26df} - c:\program files\common files\symantec shared\coshared\browser\1.7\UIBHO.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [<NO NAME>]
uRun: [WhatPulse] c:\program files\whatpulse\WhatPulse.exe
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [Google Update] "c:\documents and settings\hp_administrator\local settings\application data\google\update\GoogleUpdate.exe" /c
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [AlwaysReady Power Message APP] ARPWRMSG.EXE
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
mRun: [<NO NAME>]
mRun: [PCDrProfiler]
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [NeroCheck] c:\windows\system32\NeroCheck.exe
mRun: [Motive SmartBridge] c:\progra~1\teluse~1\smartb~1\MotiveSB.exe
mRun: [Symantec PIF AlertEng] "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\pifsvc.exe" /a /m "c:\program files\common files\symantec shared\pif\{b8e1dd85-8582-4c61-b58f-2f227fca9a08}\AlertEng.dll"
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
dRun: [msnmsgr] "c:\program files\msn messenger\msnmsgr.exe" /background
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\alienw~1.lnk - c:\program files\alienguise\alienwaredock\ObjectDock.exe
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\my_aut~1.lnk - c:\program files\warkeys\autowarkey\autohotkey\AutoHotkey.exe
StartupFolder: c:\docume~1\hp_adm~1\startm~1\programs\startup\warkey~1.lnk - c:\program files\warkeys\autowarkey\autohotkey\AutoHotkey.exe
uPolicies-system: NoAdminPage = 1
IE: &Yahoo! Search - file:///c:\program files\yahoo!\Common/ycsrch.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: ShaPlus Google Translator - c:\program files\shaplus google translator\GoogleTranslator.dll/ie.htm
IE: Yahoo! &Dictionary - file:///c:\program files\yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\yahoo!\Common/ycsms.htm
IE: {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - c:\program files\aim\aim.exe
IE: {d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\hp_administrator\start menu\programs\imvu\Run IMVU.lnk
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - c:\program files\yahoo!\common\yiesrvc.dll
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Notify: WB - c:\program files\alienguise\fastload.dll
AppInit_DLLs: wbsys.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\hp_adm~1\applic~1\mozilla\firefox\profiles\m47pkzqh.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - plugin: c:\documents and settings\all users\application data\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\documents and settings\hp_administrator\application data\mozilla\firefox\profiles\m47pkzqh.default\extensions\solidstateion@solidstatenetworks.com\plugins\npssn.dll
FF - plugin: c:\documents and settings\hp_administrator\local settings\application data\google\update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll
FF - plugin: c:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npgcplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npijjiCHPlugin.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npijjiFFPlugin1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npracplug.dll
FF - plugin: c:\program files\real\realarcade\plugins\mozilla\npracplug.dll
FF - plugin: c:\program files\veoh networks\veoh\plugins\noreg\NPVeohVersion.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-5-8 114768]
R2 aawservice;Ad-Aware 2007 Service;c:\program files\lavasoft\ad-aware 2007\aawservice.exe [2007-8-27 566616]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-5-8 20560]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast4\ashServ.exe [2008-3-27 138680]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2007-7-17 108904]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSvcHst.exe [2007-7-17 108904]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-5 99328]
R2 SeaPort;SeaPort;c:\program files\microsoft\search enhancement pack\seaport\SeaPort.exe [2009-5-19 240512]
R3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast4\ashMaiSv.exe [2008-3-27 254040]
R3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast4\ashWebSv.exe [2008-3-27 352920]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2008-9-2 99376]
S3 CXFALCON;Conexant Falcon II NTSC Video Capture;c:\windows\system32\drivers\cxfalcon.sys [2006-11-16 82048]
S3 geebers12;geebers12;\??\c:\documents and settings\hp_administrator\desktop\buffy engine 2.1\nvid888.sys --> c:\documents and settings\hp_administrator\desktop\buffy engine 2.1\nvid888.sys [?]
S3 NAVENG;NAVENG;c:\progra~1\common~1\symant~1\virusd~1\20081218.007\NAVENG.SYS [2008-12-18 89104]
S3 NAVEX15;NAVEX15;c:\progra~1\common~1\symant~1\virusd~1\20081218.007\NAVEX15.SYS [2008-12-18 876112]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2007-12-23 1251720]
S3 XDva037;XDva037;\??\c:\windows\system32\xdva037.sys --> c:\windows\system32\XDva037.sys [?]
S3 XDva143;XDva143;\??\c:\windows\system32\xdva143.sys --> c:\windows\system32\XDva143.sys [?]
S3 XDva190;XDva190;\??\c:\windows\system32\xdva190.sys --> c:\windows\system32\XDva190.sys [?]
S3 XDva225;XDva225;\??\c:\windows\system32\xdva225.sys --> c:\windows\system32\XDva225.sys [?]

=============== Created Last 30 ================

2009-06-28 21:42 9,600 a------- c:\windows\system32\drivers\hidusb.sys
2009-06-28 21:42 9,600 a------- c:\windows\system32\dllcache\hidusb.sys
2009-06-28 11:32 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SecTaskMan
2009-06-28 11:32 <DIR> --d----- c:\program files\Security Task Manager
2009-06-27 09:13 25,992 a------- c:\windows\system32\pgdfgsvc.exe
2009-06-26 13:24 118,784 a------- c:\windows\system32\MSSTDFMT.DLL
2009-06-26 13:24 <DIR> --d----- c:\program files\SpywareBlaster
2009-06-26 13:11 410,984 a------- c:\windows\system32\deploytk.dll
2009-06-19 19:41 <DIR> --d----- c:\program files\Warkeys
2009-06-19 19:30 <DIR> --d----- c:\windows\ShellNew
2009-06-19 19:30 <DIR> --d----- c:\program files\AutoHotkey
2009-06-11 16:29 41,808 a------- c:\windows\system32\xfcodec.dll
2009-06-02 17:24 <DIR> --d----- c:\program files\common files\DivX Shared
2009-06-02 17:22 <DIR> --d----- c:\program files\Regensoft
2009-06-02 17:22 <DIR> --d----- c:\program files\AviSynth 2.5
2009-06-02 17:22 <DIR> --d----- c:\program files\Red Kawa
2009-05-31 19:48 <DIR> --d----- c:\windows\system32\NtmsData

==================== Find3M ====================

2009-05-29 14:23 78,054 a------- c:\windows\War3Unin.dat
2009-05-07 09:44 344,064 a------- c:\windows\system32\localspl.dll
2009-05-07 09:44 344,064 a------- c:\windows\system32\dllcache\localspl.dll
2009-04-28 22:56 827,392 a------- c:\windows\system32\wininet.dll
2009-04-28 22:56 827,392 a------- c:\windows\system32\dllcache\wininet.dll
2009-04-28 22:56 233,472 a------- c:\windows\system32\dllcache\webcheck.dll
2009-04-28 22:56 1,159,680 a------- c:\windows\system32\dllcache\urlmon.dll
2009-04-28 22:56 671,232 a------- c:\windows\system32\dllcache\mstime.dll
2009-04-28 22:56 105,984 a------- c:\windows\system32\dllcache\url.dll
2009-04-28 22:56 102,912 a------- c:\windows\system32\dllcache\occache.dll
2009-04-28 22:56 44,544 a------- c:\windows\system32\dllcache\pngfilt.dll
2009-04-28 22:56 3,596,288 a------- c:\windows\system32\dllcache\mshtml.dll
2009-04-28 22:56 477,696 a------- c:\windows\system32\dllcache\mshtmled.dll
2009-04-28 22:56 193,024 a------- c:\windows\system32\dllcache\msrating.dll
2009-04-28 03:05 70,656 a------- c:\windows\system32\dllcache\ie4uinit.exe
2009-04-28 03:05 13,824 -------- c:\windows\system32\dllcache\ieudinit.exe
2009-04-24 23:27 636,088 a------- c:\windows\system32\dllcache\iexplore.exe
2009-04-24 23:26 161,792 a------- c:\windows\system32\dllcache\ieakui.dll
2009-04-17 03:58 1,846,656 a------- c:\windows\system32\win32k.sys
2009-04-17 03:58 1,846,656 a------- c:\windows\system32\dllcache\win32k.sys
2009-04-15 14:25 129,784 -------- c:\windows\system32\pxafs.dll
2009-04-15 14:25 120,056 -------- c:\windows\system32\pxcpyi64.exe
2009-04-15 14:25 118,520 -------- c:\windows\system32\pxinsi64.exe
2009-04-15 14:24 90,112 a------- c:\windows\system32\dpl100.dll
2009-04-15 14:24 823,296 a------- c:\windows\system32\divx_xx0c.dll
2009-04-15 14:24 823,296 a------- c:\windows\system32\divx_xx07.dll
2009-04-15 14:24 815,104 a------- c:\windows\system32\divx_xx0a.dll
2009-04-15 14:24 802,816 a------- c:\windows\system32\divx_xx11.dll
2009-04-15 14:24 684,032 a------- c:\windows\system32\DivX.dll
2009-04-15 09:26 583,168 a------- c:\windows\system32\rpcrt4.dll
2009-04-15 09:26 583,168 a------- c:\windows\system32\dllcache\rpcrt4.dll
2008-09-19 22:39 0 a------- c:\documents and settings\hp_administrator\jagex_runescape_preferences.dat
2008-05-11 11:45 182 a------- c:\docume~1\hp_adm~1\applic~1\wklnhst.dat
2008-01-16 22:02 774,144 a------- c:\program files\RngInterstitial.dll
2007-05-19 17:44 393 a------- c:\program files\Shortcut to Program Files.lnk
1999-07-06 18:00 6 ---shr-- c:\windows\@@desktop.dat

============= FINISH: 11:47:10.62 ===============
Attached Files
File Type: zip Attach.zip (6.1 KB, 1 views)
Justin1002 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-30-2009, 12:51 PM   #8 (permalink)
Moderator, Analyst, Security Team
 
TheBruce1's Avatar
 
Join Date: Oct 2006
Location: Důn Čideann,Scotland.
Posts: 5,093
OS: XP


Re: Need help on possible mal-ware and clean up
Please download and run the Norton Removal Tool, this will remove Norton 360 from your computer.

Once done, enable the windows firewall by doing the following:

1. Click Start, click Run, type Firewall.cpl, and then click OK.
2. On the General tab, click On (recommended).
3. Click OK.

We will install a two-way firewall later.

=======

Download ComboFix from one of these locations:

Link 1
Link 2
Link 3

* IMPORTANT !!! Place combofix.exe on your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix.

Double click on combofix.exe & follow the prompts.

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed.

Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.





The Windows recovery console will allow you to boot up into a special recovery mode that allows us to help you in the case that your computer has a problem after an attempted removal of malware.

With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal.

Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement.

ComboFix will now automatically install the Microsoft Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Microsoft Windows Recovery Console option when you start your computer unless requested to by a helper.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see a message that says:

The Recovery Console was successfully installed.



Click on Yes, to continue scanning for malware.

Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.

When finished, it shall produce a log for you. Post that log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
__________________
Member of ASAP since 2007
Member of UNITE since 2008

**Notice to BT customers**
BT to dump Phorm, see Here for more information. No DPI

If we have helped you in anyway, please consider Donating
TheBruce1 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-30-2009, 02:27 PM   #9 (permalink)
Registered User
 
Join Date: Jun 2009
Posts: 29
OS: xp


Re: Need help on possible mal-ware and clean up
Aah please help im on my other computer right now, I turned off my avast onaccess protection but whilst combofix was running it detected a virus in the system memory!

I chose to ignore it because it was the reccomended action but then my combo fix is stalling now D: what should I do!

EDIT: nevermind combo fix finished but what should I do about the avast thing!
Last edited by Justin1002; 06-30-2009 at 02:29 PM.
Justin1002 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-30-2009, 02:34 PM   #10 (permalink)
Registered User
 
Join Date: Jun 2009
Posts: 29
OS: xp


Re: Need help on possible mal-ware and clean up
Here is my log:

ComboFix 09-06-29.07 - HP_Administrator 30/06/2009 14:13.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1982.1451 [GMT -6:00]
Running from: c:\documents and settings\HP_Administrator\Desktop\ComboFix.exe
AV: avast! antivirus 4.8.1335 [VPS 090630-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\kb913800.exe
c:\windows\system32\CBC01B0909.ocx
c:\windows\system32\CID
c:\windows\system32\dumphive.exe
c:\windows\system32\SrchSTS.exe
c:\windows\system32\SvcNm
c:\windows\system32\tmp.reg
c:\windows\system32\url1
c:\windows\system32\url2
c:\windows\system32\url3
D:\Autorun.inf
D:\Desktop.ini

.
((((((((((((((((((((((((( Files Created from 2009-05-28 to 2009-06-30 )))))))))))))))))))))))))))))))
.

2009-06-29 03:42 . 2001-08-17 20:02 9600 ----a-w- c:\windows\system32\drivers\hidusb.sys
2009-06-29 03:42 . 2001-08-17 20:02 9600 ----a-w- c:\windows\system32\dllcache\hidusb.sys
2009-06-28 17:32 . 2009-06-28 17:32 627 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_0DA6C5A23B7F1A041B04320B581B8BEC.dll
2009-06-27 15:53 . 2009-06-27 15:53 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\DivX
2009-06-27 15:13 . 2009-06-27 15:13 25992 ----a-w- c:\windows\system32\pgdfgsvc.exe
2009-06-27 04:33 . 2008-04-20 21:50 33088 ----a-w- c:\documents and settings\HP_Administrator\Application Data\Macromedia\Flash Player\http://www.macromedia.com\bin\airapp...pinstaller.exe
2009-06-26 19:24 . 2005-08-26 01:18 118784 ----a-w- c:\windows\system32\MSSTDFMT.DLL
2009-06-26 19:24 . 2009-06-27 17:51 -------- d-----w- c:\program files\SpywareBlaster
2009-06-26 19:11 . 2009-06-26 19:10 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-06-26 19:08 . 2009-06-26 19:08 152576 ----a-w- c:\documents and settings\HP_Administrator\Application Data\Sun\Java\jre1.6.0_13\lzma.dll
2009-06-20 01:41 . 2009-06-25 15:38 -------- d-----w- c:\program files\Warkeys
2009-06-20 01:30 . 2009-06-20 01:30 -------- d-----w- c:\windows\ShellNew
2009-06-20 01:30 . 2009-06-20 01:30 -------- d-----w- c:\program files\AutoHotkey
2009-06-11 22:29 . 2009-06-11 22:29 41808 ----a-w- c:\windows\system32\xfcodec.dll
2009-06-03 22:12 . 2009-06-03 22:12 -------- d-----w- c:\documents and settings\LocalService\Application Data\DivX
2009-06-02 23:24 . 2009-06-02 23:28 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-06-02 23:22 . 2009-06-02 23:22 -------- d-----w- c:\program files\Regensoft
2009-06-02 23:22 . 2009-06-02 23:22 -------- d-----w- c:\program files\AviSynth 2.5
2009-06-02 23:22 . 2009-06-02 23:22 -------- d-----w- c:\program files\Red Kawa
2009-06-01 01:48 . 2009-06-01 02:28 -------- d-----w- c:\windows\system32\NtmsData

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-30 20:06 . 2006-11-16 20:44 -------- d-----w- c:\program files\Common Files\Symantec Shared
2009-06-30 20:03 . 2006-11-16 20:44 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec
2009-06-30 19:43 . 2007-11-12 23:42 -------- d-----w- c:\program files\Warcraft III
2009-06-30 04:50 . 2007-09-01 02:35 -------- d-----w- c:\documents and settings\All Users\Application Data\avg7
2009-06-30 04:49 . 2007-09-01 02:36 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\AVG7
2009-06-30 04:47 . 2008-07-09 05:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater
2009-06-28 17:32 . 2009-06-28 17:32 184 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_116B3484BCF88244C832130D5AAE1E46.dll
2009-06-28 17:32 . 2009-06-28 17:32 152 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_0E23E40C6140D434FA9B96967D309AFE.dll
2009-06-28 17:32 . 2009-06-28 17:32 108 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_0B79C053C7D38EE4AB9A00CB3B5D2472.dll
2009-06-28 17:32 . 2009-06-28 17:32 41 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_096825A1D2A65CB41B34C8A48E1DD969.dll
2009-06-28 17:32 . 2009-06-28 17:32 823 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_01E4D47B330100000000000000000010.dll
2009-06-28 17:32 . 2009-06-28 17:32 68 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_0677512BC3AAE2E4FB6E2DB05C42599D.dll
2009-06-28 17:32 . 2009-06-28 17:32 57 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_0690FB333ABD78146BCC9C96CFAFD252.dll
2009-06-28 17:32 . 2009-06-28 17:32 191 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_07ED75EFED5946B4296648AD180135BD.dll
2009-06-28 17:32 . 2009-06-28 17:32 10 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_038648152B7E812498867BF7F04F578B.dll
2009-06-28 17:32 . 2009-06-28 17:32 58 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_0132103250E35A64889A6CBCACCBCA97.dll
2009-06-28 17:32 . 2009-06-28 17:32 833 ----a-w- c:\documents and settings\All Users\Application Data\SecTaskMan\icn_000021599B0090400000000000F01FEC.dll
2009-06-28 17:32 . 2009-06-28 17:32 -------- d-----w- c:\program files\Security Task Manager
2009-06-27 17:51 . 2007-06-07 01:04 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-06-27 15:07 . 2008-03-09 19:58 -------- d-----w- c:\program files\CCleaner
2009-06-27 14:52 . 2009-03-13 23:19 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\Xfire
2009-06-27 14:51 . 2009-04-30 23:04 -------- d-----w- c:\program files\Steam
2009-06-27 04:41 . 2008-03-28 03:58 -------- d-----w- c:\program files\FrostWire
2009-06-26 19:09 . 2006-11-16 19:53 -------- d-----w- c:\program files\Java
2009-06-25 15:37 . 2009-03-13 23:19 -------- d-----w- c:\program files\Xfire
2009-06-03 06:03 . 2007-04-09 20:50 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\uTorrent
2009-06-02 23:29 . 2006-11-16 20:28 -------- d-----w- c:\program files\DivX
2009-06-01 04:24 . 2007-11-10 15:50 -------- d-----w- c:\program files\Windows Live
2009-05-29 20:23 . 2008-06-27 23:56 78054 ----a-w- c:\windows\War3Unin.dat
2009-05-21 00:22 . 2009-05-21 00:22 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\RapidCRC
2009-05-21 00:16 . 2009-05-21 00:16 -------- d-----w- c:\program files\RapidCRC
2009-05-17 17:39 . 2007-08-12 22:30 -------- d-----w- c:\program files\StepMania
2009-05-07 15:44 . 2004-08-09 21:00 344064 ----a-w- c:\windows\system32\localspl.dll
2009-05-07 01:13 . 2009-05-07 00:06 -------- d-----w- c:\program files\Antares Audio Technologies
2009-05-07 01:02 . 2009-01-08 14:42 -------- d-----w- c:\program files\Perfect World Entertainment
2009-05-07 01:01 . 2009-05-05 22:41 -------- d-----w- c:\program files\City of Heroes
2009-05-07 00:59 . 2006-11-16 20:24 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-07 00:52 . 2008-07-11 19:28 -------- d-----w- c:\program files\MindArk
2009-05-07 00:40 . 2008-02-18 21:57 -------- d-----w- c:\program files\OGPlanet
2009-05-07 00:39 . 2009-01-18 16:09 -------- d-----w- c:\program files\Sword Of The New World
2009-05-07 00:13 . 2009-05-07 00:13 -------- d-----w- c:\documents and settings\HP_Administrator\Application Data\PACE Anti-Piracy
2009-05-07 00:13 . 2009-05-07 00:13 -------- d-----w- c:\documents and settings\All Users\Application Data\PACE Anti-Piracy
2009-05-07 00:13 . 2009-05-07 00:13 -------- d-----w- c:\program files\Common Files\PACE Anti-Piracy
2009-05-05 21:53 . 2009-05-05 21:53 -------- d-----w- c:\program files\IAHGames
2009-04-29 04:56 . 2004-08-09 21:00 827392 ----a-w- c:\windows\system32\wininet.dll
2009-04-29 04:55 . 2004-08-09 21:00 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-04-17 09:58 . 2004-08-09 21:00 1846656 ----a-w- c:\windows\system32\win32k.sys
2009-04-15 20:25 . 2007-04-09 22:30 129784 ------w- c:\windows\system32\pxafs.dll
2009-04-15 20:25 . 2006-11-16 20:22 120056 ------w- c:\windows\system32\pxcpyi64.exe
2009-04-15 20:25 . 2006-11-16 20:22 118520 ------w- c:\windows\system32\pxinsi64.exe
2009-04-15 20:24 . 2009-04-15 20:24 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-04-15 20:24 . 2009-04-15 20:24 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-04-15 20:24 . 2009-04-15 20:24 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-04-15 20:24 . 2009-04-15 20:24 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-04-15 20:24 . 2009-04-15 20:24 684032 ----a-w- c:\windows\system32\DivX.dll
2009-04-15 15:26 . 2004-08-09 21:00 583168 ----a-w- c:\windows\system32\rpcrt4.dll
2009-04-11 22:37 . 2009-04-11 22:37 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
2009-04-08 04:42 . 2006-11-16 20:22 63432 ----a-w- c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-06 21:32 . 2009-04-08 22:11 38496 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 21:32 . 2009-04-08 22:11 15504 ----a-w- c:\windows\system32\drivers\mbam.sys
2008-01-17 04:02 . 2008-01-17 04:02 774144 ----a-w- c:\program files\RngInterstitial.dll
2007-05-19 23:44 . 2007-05-19 23:44 393 ----a-w- c:\program files\Shortcut to Program Files.lnk
2009-04-15 20:24 . 2009-04-15 20:24 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll
2009-04-15 20:24 . 2009-04-15 20:24 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll
2009-01-29 00:49 . 2009-01-29 00:49 62976 ----a-w- c:\program files\mozilla firefox\plugins\uc_sfighters_launching.dll
1999-07-07 00:00 . 1999-07-07 00:00 6 --sh--r- c:\windows\@@desktop.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-07 3885408]
"WhatPulse"="c:\program files\WhatPulse\WhatPulse.exe" [2006-08-21 665600]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-07 68856]
"Google Update"="c:\documents and settings\HP_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-05-05 133104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-12-05 8523776]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 249856]
"NeroCheck"="c:\windows\system32\NeroCheck.exe" [2003-07-13 155648]
"Motive SmartBridge"="c:\progra~1\TELUSE~1\SMARTB~1\MotiveSB.exe" [2007-07-26 393216]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-06-26 148888]
"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-12-05 81920]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"ftutil2"="ftutil2.dll" - c:\windows\system32\ftutil2.dll [2004-06-07 106496]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2006-06-13 16239616]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" - c:\windows\arpwrmsg.exe [2005-08-03 77312]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-12-05 1626112]

c:\documents and settings\HP_Administrator\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Alienware Dock.lnk - c:\program files\AlienGUIse\AlienwareDock\ObjectDock.exe [2007-1-7 2074360]
My_AutoWarkey_Script.lnk - c:\program files\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe [2009-5-3 244736]
Warkeys Update.lnk - c:\program files\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe [2009-5-3 244736]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-21 06:34 24576 ----a-w- c:\program files\AlienGUIse\fastload.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0lsdelete\0pgdfgsvc C 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^TELUS eCare.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\TELUS eCare.lnk
backup=c:\windows\pss\TELUS eCare.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates From HP.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Updates From HP.lnk
backup=c:\windows\pss\Updates From HP.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^HP_Administrator^Start Menu^Programs^Startup^Xfire.lnk]
path=c:\documents and settings\HP_Administrator\Start Menu\Programs\Startup\Xfire.lnk
backup=c:\windows\pss\Xfire.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\Program Files\\Xfire\\Xfire.exe"=
"c:\\Program Files\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"56368:TCP"= 56368:TCP:Pando Media Booster
"56368:UDP"= 56368:UDP:Pando Media Booster
"13960:TCP"= 13960:TCP:*:Disabled:SolidNetworkManager
"13960:UDP"= 13960:UDP:*:Disabled:SolidNetworkManager
"25095:TCP"= 25095:TCP:*:Disabled:SolidNetworkManager
"25095:UDP"= 25095:UDP:*:Disabled:SolidNetworkManager
"18329:TCP"= 18329:TCP:*:Disabled:SolidNetworkManager
"18329:UDP"= 18329:UDP:*:Disabled:SolidNetworkManager

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [08/05/2008 3:47 PM 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [08/05/2008 3:47 PM 20560]
S3 CXFALCON;Conexant Falcon II NTSC Video Capture;c:\windows\system32\drivers\cxfalcon.sys [16/11/2006 2:09 PM 82048]
S3 geebers12;geebers12;\??\c:\documents and settings\HP_Administrator\Desktop\Buffy Engine 2.1\nvid888.sys --> c:\documents and settings\HP_Administrator\Desktop\Buffy Engine 2.1\nvid888.sys [?]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [06/11/2007 2:22 PM 34064]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 XDva037;XDva037;\??\c:\windows\system32\XDva037.sys --> c:\windows\system32\XDva037.sys [?]
S3 XDva143;XDva143;\??\c:\windows\system32\XDva143.sys --> c:\windows\system32\XDva143.sys [?]
S3 XDva190;XDva190;\??\c:\windows\system32\XDva190.sys --> c:\windows\system32\XDva190.sys [?]
S3 XDva225;XDva225;\??\c:\windows\system32\XDva225.sys --> c:\windows\system32\XDva225.sys [?]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2984D6EC-EC7E-807D-0201-030706020303}]
c:\windows\shelldrv.exe
.
Contents of the 'Scheduled Tasks' folder

2009-06-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34]

2009-06-30 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-02-03 02:50]

2009-06-29 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1102481662-1838141973-3530339067-1007.job
- c:\documents and settings\HP_Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-05-05 22:34]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-PCDrProfiler - (no file)
HKU-Default-Run-msnmsgr - c:\program files\MSN Messenger\msnmsgr.exe


.
------- Supplementary Scan -------
.
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=64&bd=PAVILION&pf=desktop
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = 127.0.0.1;*.local
uSearchURL,(Default) = hxxp://g.msn.ca/0SEENCA/SAOS01?FORM=TOOLBR
IE: &Yahoo! Search - file:///c:\program files\Yahoo!\Common/ycsrch.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: ShaPlus Google Translator - c:\program files\ShaPlus Google Translator\GoogleTranslator.dll/ie.htm
IE: Yahoo! &Dictionary - file:///c:\program files\Yahoo!\Common/ycdict.htm
IE: Yahoo! &Maps - file:///c:\program files\Yahoo!\Common/ycmap.htm
IE: Yahoo! &SMS - file:///c:\program files\Yahoo!\Common/ycsms.htm
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\HP_Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk
DPF: Microsoft XML Parser for Java - file:///C:/WINDOWS/Java/classes/xmldso.cab
FF - ProfilePath - c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\m47pkzqh.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - prefs.js: browser.search.selectedEngine - Live Search
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=IEFM1&q=
FF - plugin: c:\documents and settings\All Users\Application Data\NexonUS\NGM\npNxGameUS.dll
FF - plugin: c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\m47pkzqh.default\extensions\SolidStateION@solidstatenetworks.com\plugins\npssn.dll
FF - plugin: c:\documents and settings\HP_Administrator\Local Settings\Application Data\Google\Update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\progra~1\Yahoo!\Common\npyaxmpb.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npgcplug.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiCHPlugin.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npijjiFFPlugin1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npracplug.dll
FF - plugin: c:\program files\Real\RealArcade\Plugins\Mozilla\npracplug.dll
FF - plugin: c:\program files\Veoh Networks\Veoh\Plugins\noreg\NPVeohVersion.dll
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-30 14:26
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-1102481662-1838141973-3530339067-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
@SACL=
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(848)
c:\program files\AlienGUIse\fastload.dll
.
Completion time: 2009-06-30 14:28
ComboFix-quarantined-files.txt 2009-06-30 20:28

Pre-Run: 140,471,246,848 bytes free
Post-Run: 140,842,741,760 bytes free

269 --- E O F --- 2009-06-28 17:59
Justin1002 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-30-2009, 04:39 PM   #11 (permalink)
Moderator, Analyst, Security Team
 
TheBruce1's Avatar
 
Join Date: Oct 2006
Location: Důn Čideann,Scotland.
Posts: 5,093
OS: XP


Re: Need help on possible mal-ware and clean up
Hello again

Please follow all instructions and in which order they come, if you have any questions, please ask before proceeding. Its important that you follow this through until i give you the all clear.

========

Click > Start > Control Panel > Add or Remove Programs and uninstall the following programs:

Ad-Aware 2007<---Out of date. The current version is called Ad-Aware Free - Anniversary Edition
Spybot - Search & Destroy 1.4<---Out of Date. Current version is 1.5

==========

Open notepad and copy/paste the text in the quotebox below into it:

Code:
Folder::
c:\program files\Common Files\Symantec Shared
c:\documents and settings\All Users\Application Data\Symantec
c:\documents and settings\All Users\Application Data\avg7
c:\documents and settings\HP_Administrator\Application Data\AVG7
c:\program files\FrostWire

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
[-HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
[-HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{2984D6EC-EC7E-807D-0201-030706020303}]

RegLock::
[HKEY_USERS\S-1-5-21-1102481662-1838141973-3530339067-1007\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
Save this as CFscript







Refering to the picture above, drag CFscript into ComboFix.exe

Follow the prompts, and post the resulting log, C:\ComboFix.txt

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.


Warning:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

========

JAVA OUTDATED


Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.
  • Download the latest version of Java Runtime Environment (JRE) 6 and save it to your desktop.
  • Scroll down to where it says "Java Runtime Environment (JRE) 6 Update 14. The Java SE Runtime Environment (JRE) allows end-users to run Java applications."
  • Click the "Download" button to the right.
  • Select the Windows platform from the dropdown menu.
  • Read the License Agreement and then check the box that says: "Accept License Agreement". Click on Continue.The page will refresh.
  • Click on the link to download Windows Offline Installation and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u14-windows-i586-p.exe to install the newest version.
  • After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)
    • On the General tab, under Temporary Internet Files, click the Settings button.
    • Next, click on the Delete Files button
    • There are two options in the window to clear the cache - Leave BOTH Checked
      • Applications and Applets
        Trace and Log Files
    • Click OK on Delete Temporary Files Window
      Note: This deletes ALL the Downloaded Applications and Applets from the CACHE.
    • Click OK to leave the Temporary Files Window
    • Click OK to leave the Java Control Panel.

=======

Download ATF-Cleaner by Atribune to your desktop.

Double-click ATF Cleaner.exe to open it

Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.

If you have Firefox installed:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

If you have Opera installed:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Click Exit on the Main menu to close the program.

==========

Establish an internet connection & perform an online scan with Internet Explorer at Kaspersky Online Scanner

Click Accept, when prompted to download and install the program files and database of malware definitions.
  • Click Run at the Security prompt.
  • The program will then begin downloading and installing and will also update the database.
  • Please be patient as this can take several minutes.
  • Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
  • Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
  • Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
  • Click View scan report at the bottom.
  • Click the Save Report As... button.
  • Click the Save as Text button to save the file to your desktop so that you may post it in your next reply.
**Note**

This animation will guide you through the process:




To optimize scanning time and produce a more sensible report for review:
  • Close any open programs.
  • Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.
Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.

=========
Logs Required
C:\Combofix.txt
Kaspersky Scan Report

An update on how your system is running.
__________________
Member of ASAP since 2007
Member of UNITE since 2008

**Notice to BT customers**
BT to dump Phorm, see Here for more information. No DPI

If we have helped you in anyway, please consider Donating
TheBruce1 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-30-2009, 06:18 PM   #12 (permalink)
Registered User
 
Join Date: Jun 2009
Posts: 29
OS: xp


Re: Need help on possible mal-ware and clean up
Can you please send me a direct link for the JRE 6 download?

It just shows me a page.

I appreciate it, thanks!
Justin1002 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 07-01-2009, 03:29 AM   #13 (permalink)
Moderator, Analyst, Security Team
 
TheBruce1's Avatar
 
Join Date: Oct 2006
Location: Důn Čideann,Scotland.
Posts: 5,093
OS: XP


Re: Need help on possible mal-ware and clean up
Scroll down the page and you will come to Java SE Downloads, you are looking for JRE 6 Update 14 which is the fifth one down.
__________________
Member of ASAP since 2007
Member of UNITE since 2008

**Notice to BT customers**
BT to dump Phorm, see Here for more information. No DPI

If we have helped you in anyway, please consider Donating
TheBruce1 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 07-01-2009, 09:29 AM   #14 (permalink)
Registered User
 
Join Date: Jun 2009
Posts: 29
OS: xp


Re: Need help on possible mal-ware and clean up
I've tried using the offline installer but when I try to install it it goes up to 5% and just reconnects. It keeps doing this until maximum retries exceeded.
Justin1002 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 07-01-2009, 09:41 AM   #15 (permalink)
Moderator, Analyst, Security Team
 
TheBruce1's Avatar
 
Join Date: Oct 2006
Location: Důn Čideann,Scotland.
Posts: 5,093
OS: XP


Re: Need help on possible mal-ware and clean up
Try using a different browser.
__________________
Member of ASAP since 2007
Member of UNITE since 2008

**Notice to BT customers**
BT to dump Phorm, see Here for more information. No DPI

If we have helped you in anyway, please consider Donating
TheBruce1 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 07-01-2009, 09:51 AM   #16 (permalink)
Registered User
 
Join Date: Jun 2009
Posts: 29
OS: xp


Re: Need help on possible mal-ware and clean up
It is still going up to 5% and restarting even after using google chrome.
Justin1002 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 07-01-2009, 10:03 AM   #17 (permalink)
Moderator, Analyst, Security Team
 
TheBruce1's Avatar
 
Join Date: Oct 2006
Location: Důn Čideann,Scotland.
Posts: 5,093
OS: XP


Re: Need help on possible mal-ware and clean up
Reboot and try again, if no luck, continue with the rest of the instructions.
__________________
Member of ASAP since 2007
Member of UNITE since 2008

**Notice to BT customers**
BT to dump Phorm, see Here for more information. No DPI

If we have helped you in anyway, please consider Donating
TheBruce1 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 07-01-2009, 10:16 AM   #18 (permalink)
Registered User
 
Join Date: Jun 2009
Posts: 29
OS: xp


Re: Need help on possible mal-ware and clean up
Am I suppose to uninstall the old vers first before I run the program?
Justin1002 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 07-01-2009, 10:33 AM   #19 (permalink)
Moderator, Analyst, Security Team
 
TheBruce1's Avatar
 
Join Date: Oct 2006
Location: Důn Čideann,Scotland.
Posts: 5,093
OS: XP


Re: Need help on possible mal-ware and clean up
Uninstall which version?
__________________
Member of ASAP since 2007
Member of UNITE since 2008

**Notice to BT customers**
BT to dump Phorm, see Here for more information. No DPI

If we have helped you in anyway, please consider Donating
TheBruce1 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 07-01-2009, 10:34 AM   #20 (permalink)
Registered User
 
Join Date: Jun 2009
Posts: 29
OS: xp


Re: Need help on possible mal-ware and clean up
Uninstall my old java before installing my other one?

Or is that unrelated to it since its a download?
Justin1002 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
 
Page 1 of 2 1 2

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 08:40 PM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2009, Tech Support Forum
Home Tips Plus | Outdoor Basecamp | Automotive Support Forum

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85