Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 


Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads
Reload this Page Computer Running Slow
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read


Resolved HJT Threads Resolved spyware and popup issues.

 
 
LinkBack Thread Tools
Old 06-29-2005, 06:56 AM   #1 (permalink)
Professor/Moderator, TSF Design School
 
Grove's Avatar
 
Join Date: Jun 2005
Location: Australia
Posts: 2,383
OS: Windows Vista SP2 32bit


Computer Running Slow
When I run my computer at startup it takes a while for the icons to load up. This also happens when i quit my game (Unreal Tournament) and I have to wait like 3 minutes for the icons to load up. I have run and configured all the following programs to run for FULL scans. I have also done the hidden files stuff. I ran these programs in safe mode: Ad-Aware, XoftSpy, AVG Free and Registry Mechanic. Ad aware found 6 files and they were quarantined and Xoftspy found 4 and they were quaritined. After that i rebooted my computer but it seems to have no effect. I did a HJT log so you guys might be able to help me
Here is my HJT Log:

Logfile of HijackThis v1.99.1
Scan saved at 10:50:55 PM, on 6/29/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Server\Apache2\bin\Apache.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Server\Apache2\bin\Apache.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Server\Apache2\bin\ApacheMonitor.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Monitor Apache Servers.lnk = C:\Server\Apache2\bin\ApacheMonitor.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apache2 - Unknown owner - C:\Server\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: MySQL - Unknown owner - C:\Server\MySQL\bin\mysqld-nt".exe

Thanks in Advance
Grove is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here

Old 06-29-2005, 01:25 PM   #2 (permalink)
Manager Emeritus - Security Center, Expert Analyst, Moderator - Security Team; Rangemaster, TSF Academy & Supporter
 
MicroBell's Avatar
 
Join Date: Sep 2004
Location: Carmichaels, PA-USA
Posts: 6,963
OS: Windows 7


Send a message via ICQ to MicroBell Send a message via MSN to MicroBell
Your logs are clean. I don't think your issue is spyware related but lets look deeper. Please install the lastest service packs and security updates as both XP and IE6 are outdated!

Download: StartDreck

Unzip to its own folder and start the program:
Press 'Config'
Press 'Mark All'

UN-Check the 'NT-Services & NT-Kernel...' boxes only:
Press 'Ok'

Press 'Save' and select the location to save the log file (default is the same folder as the application)

Post the log in this thread..
__________________
We Are The BORG Spyware KILLER and Adware Destroyer!





Spyware/Adware Removal Tools
Hijackthis
Ad-aware SE
Spybot Search&Destroy
SpywareBlaster
CWShredder
MicroBell is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-29-2005, 05:36 PM   #3 (permalink)
Professor/Moderator, TSF Design School
 
Grove's Avatar
 
Join Date: Jun 2005
Location: Australia
Posts: 2,383
OS: Windows Vista SP2 32bit


Ie 6
I don't run IE 6. My default browser now is Mozilla Firefox. I have dial up, so getting the SP2 will takes too long.
__________________
==========================================

Get Help:
TSF Security Forum | HijackThis | MB's 5 Step Process
Get Clean:
AdAware SE | Spybot S&D | CWShredder | Ewido | CleanUp!
Get Protected:
SpywareBlaster | SpywareGuard | Windows Updates | IE-SpyAd


If TSF has helped you, please consider making a donation to help keep the board running.
Grove is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-29-2005, 05:42 PM   #4 (permalink)
Professor/Moderator, TSF Design School
 
Grove's Avatar
 
Join Date: Jun 2005
Location: Australia
Posts: 2,383
OS: Windows Vista SP2 32bit


Updates
As for the updates, I can't reach the windows update site. I always get some error. I tried using IE and i still get an error. The error is basically saying could not download latest windows update.
Although here is the Log:

StartDreck (build 2.1.7 public stable) - 2005-06-30 @ 09:38:44 (GMT +10:00)
Platform: Windows XP (Win NT 5.1.2600 )
Internet Explorer: 6.0.2600.0000
Logged in as Tom Santro at TOM

»Registry
»Run Keys
»Current User
»Run
»RunOnce
»Default User
»Run
*AVG7_Run=C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE
»RunOnce
»Local Machine
»Run
*AVG7_CC=C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
*AVG7_EMC=C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
+OptionalComponents
+MSFS
*Installed=1
+MAPI
*Installed=1
*NoChange=1
+MAPI
*Installed=1
*NoChange=1
»RunOnce
»RunServices
»RunServicesOnce
»RunOnceEx
»RunServicesOnceEx
»File Associations (CR)
+.bat
*batfile="%1" %*
+.com
*comfile="%1" %*
+.exe
*exefile="%1" %*
+.hta
*htafile=C:\WINDOWS\System32\mshta.exe "%1" %*
+.htm
*FirefoxHTML=C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1"
+.html
*FirefoxHTML=C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -url "%1"
+.js
*JSFile="C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1"
+.jse
*JSEFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.pif
*piffile="%1" %*
+.reg
*regfile=regedit.exe "%1"
+.scr
*scrfile="%1" /S
+.txt
*txtfile=%SystemRoot%\system32\NOTEPAD.EXE %1
+.vbs
*VBSFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.vbe
*VBEFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.wsh
*WSHFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.wsf
*WSFFile=%SystemRoot%\System32\WScript.exe "%1" %*
+.lnk
`lnkfile= [key or value does not exist]
»Active Setup (LM)
+Browser Customizations/>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
*StubPath=RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
+Themes Setup/{2C7339CF-2B09-4501-B3F3-F3508C9228ED}
*StubPath=%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
+Microsoft Outlook Express 6/{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
*StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
+NetMeeting 3.01/{44BBA842-CC51-11CF-AAFA-00AA00B6015B}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
+Windows Messenger 4.0/{5945c046-1e7d-11d1-bc44-00c04fd912be}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.Install.PerUser
+Microsoft Windows Media Player/{6BF52A52-394A-11d3-B153-00C04F79FAA6}
*StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub
+Address Book 6/{7790769C-0471-11d2-AF11-00C04FA35D02}
*StubPath="%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
+Windows Desktop Update/{89820200-ECBD-11cf-8B85-00AA005B4340}
*StubPath=regsvr32.exe /s /n /i:U shell32.dll
+Internet Explorer 6/{89820200-ECBD-11cf-8B85-00AA005B4383}
*StubPath=%SystemRoot%\system32\ie4uinit.exe
+Internet Explorer Access/{ACC563BC-4266-43f0-B6ED-9D38C4202C7E}
*StubPath=rundll32 iesetup.dll,IEAccessUserInst
»Browser Helper Objects (LM)
»Internet Explorer
»Current User
*Search Page=http://www.google.com.au/
*Start Page=http://www.google.com.au/
+SearchUrl
*provider=
»Default User
»Local Machine
*Default_Page_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
*Default_Search_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
*Search Page=http://www.google.com.au/
*Start Page=http://www.google.com.au/
*CustomizeSearch=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
*SearchAssistant=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
»ShellServiceObjectDelayLoad (LM)
*PostBootReminder={7849596a-48ea-486e-8937-a2a3009f31a9}
`InprocServer32=%SystemRoot%\system32\SHELL32.dll
*CDBurn={fbeb8a05-beee-4442-804e-409d6c4515e9}
`InprocServer32=%SystemRoot%\system32\SHELL32.dll
*WebCheck={E6FB5E20-DE35-11CF-9C87-00AA005127ED}
`InprocServer32=%SystemRoot%\System32\webcheck.dll
*SysTray={35CEC8A3-2BE6-11D2-8773-92E220524153}
`InprocServer32=C:\WINDOWS\System32\stobject.dll
»Special NT Values
»Current User
*Load=
*Run=
*Programs=com exe bat pif cmd
*SHELL=
»Default User
*Load=
*Run=
*Programs=com exe bat pif cmd
*SHELL=
»Local Machine
*AppInit_DLLs=
*SHELL=Explorer.exe
*Userinit=C:\WINDOWS\SYSTEM32\Userinit.exe,
»Files
»Autostart Folders
»Current User
*C:\Documents and Settings\Tom Santro\Start Menu\Programs\Startup\desktop.ini
»Default User
*C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini
»Local Machine
*C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
*C:\Documents and Settings\All Users\Start Menu\Programs\Startup\desktop.ini
*C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk
*C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Monitor Apache Servers.lnk
»INI-Files
»WIN.INI\[windows]
*LOAD=
*RUN=
»SYSTEM.INI\[boot]
*SHELL=Explorer.exe
»Text Files
*C:\boot.ini
`[boot loader]
`timeout=30
`default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
`[operating systems]
`multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect
*C:\msdos.sys
*C:\config.sys
*C:\WINDOWS\System32\config.nt
`dos=high, umb
`device=%SystemRoot%\system32\himem.sys
`files=40
*C:\WINDOWS\System32\drivers\etc\hosts
`127.0.0.1 localhost
»Program Files
*C:\ntldr
*C:\ntdetect.com
*C:\io.sys
*C:\WINDOWS\System32\win.com
*C:\WINDOWS\explorer.exe
»%PATH% Companion Files
+C:\WINDOWS\System32\TASKMGR.COM
*C:\WINDOWS\System32\taskmgr.exe
+C:\WINDOWS\System32\notepad.exe
*C:\WINDOWS\NOTEPAD.EXE
+C:\WINDOWS\System32\taskman.exe
*C:\WINDOWS\TASKMAN.EXE
+C:\WINDOWS\System32\winhlp32.exe
*C:\WINDOWS\winhlp32.exe
+C:\WINDOWS\REGEDIT.COM
*C:\WINDOWS\regedit.exe
»System/Drivers
»Running Processes
+0=<idle>
+4=<system>
+388=\SystemRoot\System32\smss.exe
*C:\WINDOWS\System32\ntdll.dll
+444=\??\C:\WINDOWS\system32\csrss.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\CSRSRV.dll
*C:\WINDOWS\system32\basesrv.dll
*C:\WINDOWS\system32\winsrv.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\KERNEL32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\System32\sxs.dll
+476=\??\C:\WINDOWS\system32\winlogon.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\AUTHZ.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\NDdeApi.dll
*C:\WINDOWS\system32\PROFMAP.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\PSAPI.DLL
*C:\WINDOWS\system32\REGAPI.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\sfc_os.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\MSGINA.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\system32\ODBC32.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\odbcint.dll
*C:\WINDOWS\system32\SHSVCS.dll
*C:\WINDOWS\system32\sfc.dll
*C:\WINDOWS\system32\WINSCARD.DLL
*C:\WINDOWS\system32\WTSAPI32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\cscdll.dll
*C:\WINDOWS\system32\WlNotify.dll
*C:\WINDOWS\system32\WINSPOOL.DRV
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\System32\rsaenh.dll
*C:\WINDOWS\system32\msv1_0.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\cscui.dll
*C:\WINDOWS\system32\NTMARTA.DLL
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\wdmaud.drv
*C:\WINDOWS\system32\msacm32.drv
*C:\WINDOWS\system32\MSACM32.dll
*C:\WINDOWS\system32\midimap.dll
*C:\WINDOWS\system32\sxs.dll
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
+520=C:\WINDOWS\system32\services.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\SCESRV.dll
*C:\WINDOWS\system32\AUTHZ.dll
*C:\WINDOWS\system32\umpnpmgr.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\NCObjAPI.DLL
*C:\WINDOWS\system32\secur32.dll
*C:\WINDOWS\system32\eventlog.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\PSAPI.DLL
*C:\WINDOWS\system32\wtsapi32.dll
*C:\WINDOWS\system32\netapi32.dll
*C:\WINDOWS\system32\Apphelp.dll
+532=C:\WINDOWS\system32\lsass.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\LSASRV.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\SAMSRV.dll
*C:\WINDOWS\system32\cryptdll.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\system32\NTDSAPI.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\msprivs.dll
*C:\WINDOWS\system32\kerberos.dll
*C:\WINDOWS\system32\msv1_0.dll
*C:\WINDOWS\system32\netlogon.dll
*C:\WINDOWS\system32\w32time.dll
*C:\WINDOWS\system32\MSVCP60.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\netman.dll
*C:\WINDOWS\system32\MPRAPI.dll
*C:\WINDOWS\system32\ACTIVEDS.dll
*C:\WINDOWS\system32\adsldpc.dll
*C:\WINDOWS\system32\ATL.DLL
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\RASAPI32.dll
*C:\WINDOWS\system32\rasman.dll
*C:\WINDOWS\system32\TAPI32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\WZCSvc.DLL
*C:\WINDOWS\system32\WMI.dll
*C:\WINDOWS\system32\DHCPCSVC.DLL
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\WTSAPI32.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\schannel.dll
*C:\WINDOWS\system32\wdigest.dll
*C:\WINDOWS\System32\rsaenh.dll
*C:\WINDOWS\system32\scecli.dll
*C:\WINDOWS\system32\ipsecsvc.dll
*C:\WINDOWS\system32\oakley.DLL
*C:\WINDOWS\system32\WINIPSEC.DLL
*C:\WINDOWS\system32\pstorsvc.dll
*C:\WINDOWS\system32\psbase.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\System32\dssenh.dll
+692=C:\WINDOWS\system32\svchost.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*c:\windows\system32\rpcss.dll
*C:\WINDOWS\system32\msvcrt.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*c:\windows\system32\Secur32.dll
*C:\WINDOWS\system32\userenv.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\netman.dll
*C:\WINDOWS\system32\MPRAPI.dll
*C:\WINDOWS\system32\ACTIVEDS.dll
*C:\WINDOWS\system32\adsldpc.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\ATL.DLL
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\RASAPI32.dll
*C:\WINDOWS\system32\rasman.dll
*C:\WINDOWS\system32\TAPI32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\WZCSvc.DLL
*C:\WINDOWS\system32\WMI.dll
*C:\WINDOWS\system32\DHCPCSVC.DLL
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\WTSAPI32.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\rasadhlp.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\Apphelp.dll
+736=C:\WINDOWS\System32\svchost.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*c:\windows\system32\shsvcs.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\shell32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\System32\WINSTA.dll
*c:\windows\system32\dhcpcsvc.dll
*c:\windows\system32\DNSAPI.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*c:\windows\system32\iphlpapi.dll
*c:\windows\system32\netman.dll
*c:\windows\system32\MPRAPI.dll
*c:\windows\system32\ACTIVEDS.dll
*c:\windows\system32\adsldpc.dll
*c:\windows\system32\NETAPI32.dll
*C:\WINDOWS\system32\WLDAP32.dll
*c:\windows\system32\ATL.DLL
*C:\WINDOWS\system32\OLEAUT32.dll
*c:\windows\system32\rtutils.dll
*c:\windows\system32\SAMLIB.dll
*c:\windows\system32\SETUPAPI.dll
*c:\windows\system32\RASAPI32.dll
*c:\windows\system32\rasman.dll
*c:\windows\system32\TAPI32.dll
*c:\windows\system32\WINMM.dll
*c:\windows\system32\Secur32.dll
*c:\windows\system32\WZCSvc.DLL
*c:\windows\system32\WMI.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*c:\windows\system32\WTSAPI32.dll
*C:\WINDOWS\System32\UxTheme.dll
*C:\WINDOWS\System32\rsaenh.dll
*C:\WINDOWS\System32\rastls.dll
*C:\WINDOWS\System32\SCHANNEL.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\System32\WinSCard.dll
*C:\WINDOWS\System32\raschap.dll
*C:\WINDOWS\system32\msv1_0.dll
*C:\WINDOWS\System32\NTMARTA.DLL
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*C:\WINDOWS\system32\VERSION.dll
*c:\windows\system32\schedsvc.dll
*c:\windows\system32\NTDSAPI.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\System32\mswsock.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\System32\MSIDLE.DLL
*c:\windows\system32\audiosrv.dll
*c:\windows\system32\wkssvc.dll
*c:\windows\system32\cryptsvc.dll
*c:\windows\system32\WINTRUST.dll
*c:\windows\system32\certcli.dll
*c:\windows\system32\CRYPTUI.dll
*C:\WINDOWS\system32\WININET.dll
*c:\windows\system32\ESENT.dll
*c:\windows\system32\msgsvc.dll
*c:\windows\system32\srvsvc.dll
*c:\windows\pchealth\helpctr\binaries\pchsvc.dll
*c:\windows\system32\es.dll
*c:\windows\system32\ersvc.dll
*c:\windows\system32\dmserver.dll
*c:\windows\system32\seclogon.dll
*c:\windows\system32\srsvc.dll
*c:\windows\system32\tapisrv.dll
*c:\windows\system32\PSAPI.DLL
*c:\windows\system32\trkwks.dll
*C:\WINDOWS\System32\upnp.dll
*C:\WINDOWS\System32\SSDPAPI.dll
*c:\windows\system32\w32time.dll
*c:\windows\system32\MSVCP60.dll
*c:\windows\system32\wbem\wmisvc.dll
*c:\windows\system32\wbem\wbemcomn.dll
*C:\WINDOWS\system32\VSSAPI.DLL
*c:\windows\system32\wuauserv.dll
*c:\windows\system32\browser.dll
*c:\windows\system32\rasmans.dll
*c:\windows\system32\Sens.dll
*c:\windows\system32\WINIPSEC.DLL
*c:\windows\system32\netcfgx.dll
*c:\windows\system32\CLUSAPI.dll
*C:\WINDOWS\System32\rastapi.dll
*C:\WINDOWS\system32\NETSHELL.dll
*C:\WINDOWS\system32\credui.dll
*C:\WINDOWS\System32\SXS.DLL
*C:\WINDOWS\System32\unimdm.tsp
*C:\WINDOWS\System32\uniplat.dll
*C:\WINDOWS\system32\comsvcs.dll
*C:\WINDOWS\system32\MTXCLU.DLL
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\colbact.DLL
*C:\WINDOWS\System32\RESUTILS.DLL
*C:\WINDOWS\System32\mtxoci.dll
*C:\WINDOWS\System32\unimdmat.dll
*C:\WINDOWS\System32\modemui.dll
*C:\WINDOWS\System32\kmddsp.tsp
*C:\WINDOWS\System32\ndptsp.tsp
*C:\WINDOWS\System32\ipconf.tsp
*C:\WINDOWS\System32\h323.tsp
*C:\WINDOWS\System32\hidphone.tsp
*C:\WINDOWS\System32\HID.DLL
*C:\WINDOWS\System32\rasppp.dll
*C:\WINDOWS\System32\ntlsapi.dll
*c:\windows\system32\ipnathlp.dll
*c:\windows\system32\HNetCfg.dll
*C:\WINDOWS\System32\rasadhlp.dll
*C:\WINDOWS\System32\Wbem\wbemcore.dll
*C:\WINDOWS\System32\Wbem\esscli.dll
*C:\WINDOWS\System32\Wbem\FastProx.dll
*C:\WINDOWS\System32\wbem\wmiutils.dll
*C:\WINDOWS\System32\wbem\repdrvfs.dll
*C:\WINDOWS\System32\wbem\wmiprvsd.dll
*C:\WINDOWS\system32\NCObjAPI.DLL
*C:\WINDOWS\System32\wbem\wbemess.dll
*C:\WINDOWS\System32\RASDLG.dll
*c:\windows\system32\termsrv.dll
*c:\windows\system32\ICAAPI.dll
*c:\windows\system32\AUTHZ.dll
*c:\windows\system32\mstlsapi.dll
*C:\WINDOWS\System32\REGAPI.dll
*c:\windows\system32\rasauto.dll
*C:\WINDOWS\System32\icmp.dll
*C:\WINDOWS\System32\wbem\ncprov.dll
*C:\WINDOWS\system32\Apphelp.dll
*c:\windows\system32\ntmssvc.dll
*c:\windows\system32\NTMSDBA.dll
*C:\WINDOWS\system32\urlmon.dll
*C:\WINDOWS\System32\winrnr.dll
+848=C:\WINDOWS\System32\svchost.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*c:\windows\system32\dnsrslvr.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*c:\windows\system32\DNSAPI.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*c:\windows\system32\iphlpapi.dll
*c:\windows\system32\netman.dll
*c:\windows\system32\MPRAPI.dll
*c:\windows\system32\ACTIVEDS.dll
*c:\windows\system32\adsldpc.dll
*c:\windows\system32\NETAPI32.dll
*C:\WINDOWS\system32\WLDAP32.dll
*c:\windows\system32\ATL.DLL
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*c:\windows\system32\rtutils.dll
*c:\windows\system32\SAMLIB.dll
*c:\windows\system32\SETUPAPI.dll
*c:\windows\system32\RASAPI32.dll
*c:\windows\system32\rasman.dll
*c:\windows\system32\TAPI32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*c:\windows\system32\WINMM.dll
*C:\WINDOWS\system32\SHELL32.dll
*c:\windows\system32\Secur32.dll
*c:\windows\system32\WZCSvc.DLL
*c:\windows\system32\WMI.dll
*c:\windows\system32\DHCPCSVC.DLL
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*c:\windows\system32\WTSAPI32.dll
*c:\windows\system32\WINSTA.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\wshtcpip.dll
+860=C:\WINDOWS\System32\svchost.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*c:\windows\system32\lmhsvc.dll
*C:\WINDOWS\system32\msvcrt.dll
*c:\windows\system32\iphlpapi.dll
*c:\windows\system32\netman.dll
*c:\windows\system32\MPRAPI.dll
*c:\windows\system32\ACTIVEDS.dll
*c:\windows\system32\adsldpc.dll
*c:\windows\system32\NETAPI32.dll
*C:\WINDOWS\system32\WLDAP32.dll
*c:\windows\system32\ATL.DLL
*C:\WINDOWS\system32\OLEAUT32.dll
*c:\windows\system32\rtutils.dll
*c:\windows\system32\SAMLIB.dll
*c:\windows\system32\SETUPAPI.dll
*c:\windows\system32\RASAPI32.dll
*c:\windows\system32\rasman.dll
*c:\windows\system32\WS2_32.dll
*c:\windows\system32\WS2HELP.dll
*c:\windows\system32\TAPI32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*c:\windows\system32\WINMM.dll
*C:\WINDOWS\system32\SHELL32.dll
*c:\windows\system32\Secur32.dll
*c:\windows\system32\WZCSvc.DLL
*c:\windows\system32\WMI.dll
*c:\windows\system32\DHCPCSVC.DLL
*c:\windows\system32\DNSAPI.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*c:\windows\system32\WTSAPI32.dll
*c:\windows\system32\WINSTA.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*c:\windows\system32\webclnt.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\System32\wsock32.dll
*c:\windows\system32\regsvc.dll
*c:\windows\system32\ssdpsrv.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\system32\uxtheme.dll
+1052=C:\WINDOWS\Explorer.EXE
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\BROWSEUI.dll
*C:\WINDOWS\System32\SHDOCVW.dll
*C:\WINDOWS\System32\UxTheme.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\appHelp.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\System32\cscui.dll
*C:\WINDOWS\System32\CSCDLL.dll
*C:\WINDOWS\System32\themeui.dll
*C:\WINDOWS\System32\Secur32.dll
*C:\WINDOWS\System32\MSIMG32.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\System32\netapi32.dll
*C:\WINDOWS\System32\ntshrui.dll
*C:\WINDOWS\System32\ATL.DLL
*C:\WINDOWS\System32\SETUPAPI.dll
*C:\WINDOWS\System32\msi.dll
*C:\WINDOWS\System32\LINKINFO.dll
*C:\WINDOWS\system32\NETSHELL.dll
*C:\WINDOWS\system32\credui.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\netman.dll
*C:\WINDOWS\system32\MPRAPI.dll
*C:\WINDOWS\system32\ACTIVEDS.dll
*C:\WINDOWS\system32\adsldpc.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\RASAPI32.dll
*C:\WINDOWS\system32\rasman.dll
*C:\WINDOWS\system32\TAPI32.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\WZCSvc.DLL
*C:\WINDOWS\system32\WMI.dll
*C:\WINDOWS\system32\DHCPCSVC.DLL
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\WTSAPI32.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\System32\webcheck.dll
*C:\WINDOWS\System32\stobject.dll
*C:\WINDOWS\System32\BatMeter.dll
*C:\WINDOWS\System32\POWRPROF.dll
*C:\WINDOWS\System32\printui.dll
*C:\WINDOWS\System32\WINSPOOL.DRV
*C:\WINDOWS\System32\CFGMGR32.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\System32\RASDLG.dll
*C:\WINDOWS\System32\rsaenh.dll
*C:\WINDOWS\System32\drprov.dll
*C:\WINDOWS\System32\ntlanman.dll
*C:\WINDOWS\System32\NETUI0.dll
*C:\WINDOWS\System32\NETUI1.dll
*C:\WINDOWS\System32\NETRAP.dll
*C:\WINDOWS\System32\davclnt.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\System32\shdoclc.dll
*C:\WINDOWS\System32\SXS.DLL
*C:\Program Files\WinRAR\rarext.dll
*C:\Program Files\Grisoft\AVG Free\avgse.dll
*C:\WINDOWS\System32\MSVCP71.dll
*C:\WINDOWS\System32\MSVCR71.dll
*C:\WINDOWS\System32\NTMARTA.DLL
*C:\WINDOWS\System32\browselc.dll
*C:\WINDOWS\system32\urlmon.dll
*C:\WINDOWS\System32\DUSER.dll
*C:\WINDOWS\System32\wdmaud.drv
*C:\WINDOWS\System32\msacm32.drv
*C:\WINDOWS\System32\MSACM32.dll
*C:\WINDOWS\System32\midimap.dll
*C:\WINDOWS\System32\WMDMLOG.dll
*C:\WINDOWS\System32\WMDMPS.dll
*C:\WINDOWS\System32\mydocs.dll
+1080=C:\WINDOWS\system32\spoolsv.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\SPOOLSS.DLL
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\DNSAPI.dll
*C:\WINDOWS\system32\iphlpapi.dll
*C:\WINDOWS\system32\netman.dll
*C:\WINDOWS\system32\MPRAPI.dll
*C:\WINDOWS\system32\ACTIVEDS.dll
*C:\WINDOWS\system32\adsldpc.dll
*C:\WINDOWS\system32\NETAPI32.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\system32\ATL.DLL
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\rtutils.dll
*C:\WINDOWS\system32\SAMLIB.dll
*C:\WINDOWS\system32\SETUPAPI.dll
*C:\WINDOWS\system32\RASAPI32.dll
*C:\WINDOWS\system32\rasman.dll
*C:\WINDOWS\system32\TAPI32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\WINMM.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\WINDOWS\system32\WZCSvc.DLL
*C:\WINDOWS\system32\WMI.dll
*C:\WINDOWS\system32\DHCPCSVC.DLL
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\WTSAPI32.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\rasadhlp.dll
*C:\WINDOWS\system32\localspl.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\sfc_os.dll
*C:\WINDOWS\system32\WINTRUST.dll
*C:\WINDOWS\system32\IMAGEHLP.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\WINDOWS\system32\winspool.drv
*C:\WINDOWS\system32\cnbjmon.dll
*C:\WINDOWS\system32\pjlmon.dll
*C:\WINDOWS\system32\tcpmon.dll
*C:\WINDOWS\system32\usbmon.dll
*C:\WINDOWS\System32\mswsock.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\win32spl.dll
*C:\WINDOWS\system32\NETRAP.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\inetpp.dll
*C:\WINDOWS\system32\icmp.dll
+1216=C:\WINDOWS\System32\alg.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\System32\ATL.DLL
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\WSOCK32.dll
*C:\WINDOWS\System32\WS2_32.dll
*C:\WINDOWS\System32\WS2HELP.dll
*C:\WINDOWS\System32\MSWSOCK.DLL
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\System32\hnetcfg.dll
*C:\WINDOWS\System32\RASAPI32.dll
*C:\WINDOWS\System32\rasman.dll
*C:\WINDOWS\System32\NETAPI32.dll
*C:\WINDOWS\System32\TAPI32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\System32\rtutils.dll
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\System32\netshell.dll
*C:\WINDOWS\System32\credui.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\System32\iphlpapi.dll
*C:\WINDOWS\System32\netman.dll
*C:\WINDOWS\System32\MPRAPI.dll
*C:\WINDOWS\System32\ACTIVEDS.dll
*C:\WINDOWS\System32\adsldpc.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\System32\SAMLIB.dll
*C:\WINDOWS\System32\SETUPAPI.dll
*C:\WINDOWS\System32\Secur32.dll
*C:\WINDOWS\System32\WZCSvc.DLL
*C:\WINDOWS\System32\WMI.dll
*C:\WINDOWS\System32\DHCPCSVC.DLL
*C:\WINDOWS\System32\DNSAPI.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\System32\WTSAPI32.dll
*C:\WINDOWS\System32\WINSTA.dll
*C:\WINDOWS\system32\WININET.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\System32\wshtcpip.dll
+1236=C:\Server\Apache2\bin\Apache.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\Server\Apache2\bin\libapr.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\MSWSOCK.dll
*C:\Server\Apache2\bin\libaprutil.dll
*C:\Server\Apache2\bin\libapriconv.dll
*C:\Server\Apache2\bin\libhttpd.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\shell32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\Server\Apache2\modules\mod_access.so
*C:\Server\Apache2\modules\mod_actions.so
*C:\Server\Apache2\modules\mod_alias.so
*C:\Server\Apache2\modules\mod_asis.so
*C:\Server\Apache2\modules\mod_auth.so
*C:\Server\Apache2\modules\mod_autoindex.so
*C:\Server\Apache2\modules\mod_cgi.so
*C:\Server\Apache2\modules\mod_dir.so
*C:\Server\Apache2\modules\mod_env.so
*C:\Server\Apache2\modules\mod_imap.so
*C:\Server\Apache2\modules\mod_include.so
*C:\Server\Apache2\modules\mod_isapi.so
*C:\Server\Apache2\modules\mod_log_config.so
*C:\Server\Apache2\modules\mod_mime.so
*C:\Server\Apache2\modules\mod_negotiation.so
*C:\Server\Apache2\modules\mod_setenvif.so
*C:\Server\Apache2\modules\mod_userdir.so
+1300=C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSVCRT.DLL
*C:\WINDOWS\system32\MSVCP71.dll
*C:\WINDOWS\system32\MSVCR71.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\avglog.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\Program Files\Grisoft\AVG Free\avgcfg.dll
*C:\Program Files\Grisoft\AVG Free\avgklib.dll
*C:\WINDOWS\system32\SHFOLDER.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\Apphelp.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\Program Files\Grisoft\AVG Free\avglng.dll
*C:\Program Files\Grisoft\AVG Free\avgamint.dll
*C:\WINDOWS\system32\WSOCK32.dll
*C:\WINDOWS\system32\WS2_32.dll
*C:\WINDOWS\system32\WS2HELP.dll
*C:\WINDOWS\system32\netapi32.dll
*C:\WINDOWS\system32\Wtsapi32.dll
*C:\WINDOWS\system32\WINSTA.dll
*C:\Program Files\Grisoft\AVG Free\avgamsps.dll
+1308=C:\Server\Apache2\bin\Apache.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\Server\Apache2\bin\libapr.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\System32\WS2_32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\System32\WS2HELP.dll
*C:\WINDOWS\System32\MSWSOCK.dll
*C:\Server\Apache2\bin\libaprutil.dll
*C:\Server\Apache2\bin\libapriconv.dll
*C:\Server\Apache2\bin\libhttpd.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\shell32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\Server\Apache2\modules\mod_access.so
*C:\Server\Apache2\modules\mod_actions.so
*C:\Server\Apache2\modules\mod_alias.so
*C:\Server\Apache2\modules\mod_asis.so
*C:\Server\Apache2\modules\mod_auth.so
*C:\Server\Apache2\modules\mod_autoindex.so
*C:\Server\Apache2\modules\mod_cgi.so
*C:\Server\Apache2\modules\mod_dir.so
*C:\Server\Apache2\modules\mod_env.so
*C:\Server\Apache2\modules\mod_imap.so
*C:\Server\Apache2\modules\mod_include.so
*C:\Server\Apache2\modules\mod_isapi.so
*C:\Server\Apache2\modules\mod_log_config.so
*C:\Server\Apache2\modules\mod_mime.so
*C:\Server\Apache2\modules\mod_negotiation.so
*C:\Server\Apache2\modules\mod_setenvif.so
*C:\Server\Apache2\modules\mod_userdir.so
+1328=C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\AvgAbout.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\AvgCtrl.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\MFC71.DLL
*C:\WINDOWS\System32\MSVCR71.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\System32\MSVFW32.dll
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\System32\MSVCP71.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\MPR.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\AvgTest.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\AvgTMgr.dll
*C:\WINDOWS\System32\SHFOLDER.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\AvgTRes.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\AvgSet.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\avglog.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\SETUPAPI.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*C:\Program Files\Grisoft\AVG Free\avgcfg.dll
*C:\Program Files\Grisoft\AVG Free\avgklib.dll
*C:\Program Files\Grisoft\AVG Free\avglng.dll
*C:\Program Files\Grisoft\AVG Free\avgf.dll
*C:\Program Files\Grisoft\AVG Free\AVGRES.DLL
*C:\Program Files\Grisoft\AVG Free\avgcckrn.dll
*C:\Program Files\Grisoft\AVG Free\avgvault.dll
*C:\Program Files\Grisoft\AVG Free\avgscan.dll
*C:\Program Files\Grisoft\AVG Free\avgunarc.dll
*C:\Program Files\Grisoft\AVG Free\avgrep.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\avgemsui.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\avgemcps.dll
+1352=C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSVCRT.DLL
*C:\PROGRA~1\Grisoft\AVGFRE~1\libsasl.dll
*C:\WINDOWS\System32\WSOCK32.dll
*C:\WINDOWS\System32\WS2_32.dll
*C:\WINDOWS\System32\WS2HELP.dll
*C:\WINDOWS\System32\MSVCR71.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\System32\MSVCP71.dll
*C:\WINDOWS\System32\SHFOLDER.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*C:\Program Files\Grisoft\AVG Free\avgcfg.dll
*C:\Program Files\Grisoft\AVG Free\avgklib.dll
*C:\Program Files\Grisoft\AVG Free\avglng.dll
*C:\Program Files\Grisoft\AVG Free\avgscan.dll
*C:\Program Files\Grisoft\AVG Free\avgunarc.dll
*C:\WINDOWS\system32\MPR.dll
*C:\WINDOWS\System32\RASAPI32.DLL
*C:\WINDOWS\System32\rasman.dll
*C:\WINDOWS\System32\NETAPI32.dll
*C:\WINDOWS\System32\TAPI32.dll
*C:\WINDOWS\System32\rtutils.dll
*C:\WINDOWS\System32\WINMM.dll
*C:\WINDOWS\System32\SCHANNEL.DLL
*C:\WINDOWS\System32\Secur32.dll
*C:\WINDOWS\system32\MSASN1.dll
*C:\WINDOWS\system32\CRYPT32.dll
*C:\WINDOWS\system32\USERENV.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\saslcrammd5.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\sasldigestmd5.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\sasllogin.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\saslplain.dll
*C:\Program Files\Grisoft\AVG Free\avgmail.dll
*C:\WINDOWS\System32\SensAPI.DLL
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\PROGRA~1\Grisoft\AVGFRE~1\avgemcps.dll
+1396=C:\Server\Apache2\bin\ApacheMonitor.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\COMCTL32.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\uxtheme.dll
+1416=C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSVCRT.DLL
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\system32\CLBCATQ.DLL
*C:\WINDOWS\system32\COMRes.dll
*C:\WINDOWS\system32\Secur32.dll
*C:\Program Files\Grisoft\AVG Free\avgupd.dll
*C:\Program Files\Grisoft\AVG Free\avgupsvc.dll
*C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
*C:\WINDOWS\system32\comctl32.dll
*C:\Program Files\Grisoft\AVG Free\avgamsps.dll
+2160=C:\WINDOWS\System32\wdfmgr.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\System32\SETUPAPI.dll
*C:\WINDOWS\System32\Secur32.dll
+2524=C:\Program Files\Mozilla Firefox\firefox.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\Program Files\Mozilla Firefox\js3250.dll
*C:\Program Files\Mozilla Firefox\nspr4.dll
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\System32\WSOCK32.dll
*C:\WINDOWS\System32\WS2_32.dll
*C:\WINDOWS\system32\msvcrt.dll
*C:\WINDOWS\System32\WS2HELP.dll
*C:\Program Files\Mozilla Firefox\xpcom.dll
*C:\Program Files\Mozilla Firefox\plc4.dll
*C:\Program Files\Mozilla Firefox\plds4.dll
*C:\WINDOWS\system32\SHELL32.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\system32\SHLWAPI.dll
*C:\WINDOWS\system32\ole32.dll
*C:\Program Files\Mozilla Firefox\smime3.dll
*C:\Program Files\Mozilla Firefox\nss3.dll
*C:\Program Files\Mozilla Firefox\softokn3.dll
*C:\Program Files\Mozilla Firefox\ssl3.dll
*C:\Program Files\Mozilla Firefox\xpcom_compat.dll
*C:\WINDOWS\system32\comdlg32.dll
*C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\COMCTL32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\WINDOWS\System32\WINSPOOL.DRV
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\SETUPAPI.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*C:\WINDOWS\system32\mswsock.dll
*C:\WINDOWS\System32\wshtcpip.dll
*C:\WINDOWS\System32\msimtf.dll
*C:\WINDOWS\System32\MSCTF.dll
*C:\Program Files\Mozilla Firefox\plugins\npnul32.dll
*C:\Program Files\Mozilla Firefox\components\jar50.dll
*C:\WINDOWS\System32\msimg32.dll
*C:\WINDOWS\System32\DNSAPI.dll
*C:\WINDOWS\System32\winrnr.dll
*C:\WINDOWS\system32\WLDAP32.dll
*C:\WINDOWS\System32\rasadhlp.dll
*C:\Program Files\Mozilla Firefox\nssckbi.dll
+1028=C:\Documents and Settings\Tom Santro\Desktop\StartDreck\StartDreck.exe
*C:\WINDOWS\System32\ntdll.dll
*C:\WINDOWS\system32\kernel32.dll
*C:\Documents and Settings\Tom Santro\Desktop\StartDreck\VB40032.DLL
*C:\WINDOWS\system32\ADVAPI32.dll
*C:\WINDOWS\system32\RPCRT4.dll
*C:\WINDOWS\system32\GDI32.dll
*C:\WINDOWS\system32\USER32.dll
*C:\WINDOWS\System32\MSVCRT20.dll
*C:\WINDOWS\system32\ole32.dll
*C:\WINDOWS\system32\OLEAUT32.dll
*C:\WINDOWS\system32\MSVCRT.DLL
*C:\WINDOWS\System32\OLEPRO32.DLL
*C:\Documents and Settings\Tom Santro\Desktop\StartDreck\VB4DE32.DLL
*C:\WINDOWS\system32\uxtheme.dll
*C:\WINDOWS\System32\CLBCATQ.DLL
*C:\WINDOWS\System32\COMRes.dll
*C:\WINDOWS\system32\VERSION.dll
*C:\Documents and Settings\Tom Santro\Desktop\StartDreck\PSAPI.DLL
»NT Services
*Adobe LM Service Adobe LM Service - on demand
`binary: "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
*Alerter Alerter - on demand
`binary: C:\WINDOWS\System32\svchost.exe -k LocalService
*Application Layer Gateway Service ALG running on demand
`binary: C:\WINDOWS\System32\alg.exe
*Apache2 Apache2 running auto
`binary: "C:\Server\Apache2\bin\Apache.exe" -k runservice
*Application Management AppMgmt - on demand
`binary: C:\WINDOWS\system32\svchost.exe -k netsvcs
*Windows Audio AudioSrv running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*AVG7 Alert Manager Server Avg7Alrt running auto
`binary: C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
*AVG7 Update Service Avg7UpdSvc running auto
`binary: C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
*Background Intelligent Transfer Service BITS - on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Computer Browser Browser running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Indexing Service cisvc - on demand
`binary: C:\WINDOWS\System32\cisvc.exe
*ClipBook ClipSrv - on demand
`binary: C:\WINDOWS\system32\clipsrv.exe
*COM+ System Application COMSysApp - on demand
`binary: C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
*Cryptographic Services CryptSvc running auto
`binary: C:\WINDOWS\system32\svchost.exe -k netsvcs
*DHCP Client Dhcp running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Logical Disk Manager Administrative Service dmadmin - on demand
`binary: C:\WINDOWS\System32\dmadmin.exe /com
*Logical Disk Manager dmserver running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*DNS Client Dnscache running auto
`binary: C:\WINDOWS\System32\svchost.exe -k NetworkService
*Error Reporting Service ERSvc running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Event Log Eventlog running auto
`binary: C:\WINDOWS\system32\services.exe
*COM+ Event System EventSystem running on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Fast User Switching Compatibility FastUserSwitchingCom running on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Help and Support helpsvc running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Human Interface Device Access HidServ - disabled
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Hardware Clock Driver hwclock - disabled
`binary: C:\WINDOWS\System32\hwclock.exe
*IMAPI CD-Burning COM Service ImapiService - on demand
`binary: C:\WINDOWS\System32\imapi.exe
*Server lanmanserver running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Workstation lanmanworkstation running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*TCP/IP NetBIOS Helper LmHosts running auto
`binary: C:\WINDOWS\System32\svchost.exe -k LocalService
*Macromedia Licensing Service Macromedia Licensing - on demand
`binary: "C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"
*Messenger Messenger running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*NetMeeting Remote Desktop Sharing mnmsrvc - on demand
`binary: C:\WINDOWS\System32\mnmsrvc.exe
*Distributed Transaction Coordinator MSDTC - on demand
`binary: C:\WINDOWS\System32\msdtc.exe
*Windows Installer MSIServer - on demand
`binary: C:\WINDOWS\System32\msiexec.exe /V
*MySQL MySQL - auto
`binary: "C:\Server\MySQL\bin\mysqld-nt" --defaults-file="C:\Server\MySQL\my.ini" MySQL
*Network DDE NetDDE - on demand
`binary: C:\WINDOWS\system32\netdde.exe
*Network DDE DSDM NetDDEdsdm - on demand
`binary: C:\WINDOWS\system32\netdde.exe
*Net Logon Netlogon - on demand
`binary: C:\WINDOWS\System32\lsass.exe
*Network Connections Netman running on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Network Location Awareness (NLA) Nla running on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*NT LM Security Support Provider NtLmSsp - on demand
`binary: C:\WINDOWS\System32\lsass.exe
*Removable Storage NtmsSvc - on demand
`binary: C:\WINDOWS\system32\svchost.exe -k netsvcs
*Plug and Play PlugPlay running auto
`binary: C:\WINDOWS\system32\services.exe
*IPSEC Services PolicyAgent running auto
`binary: C:\WINDOWS\System32\lsass.exe
*Protected Storage ProtectedStorage running auto
`binary: C:\WINDOWS\system32\lsass.exe
*Remote Access Auto Connection Manager RasAuto running on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Remote Access Connection Manager RasMan running on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Remote Desktop Help Session Manager RDSessMgr - on demand
`binary: C:\WINDOWS\system32\sessmgr.exe
*Routing and Remote Access RemoteAccess - disabled
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Remote Registry RemoteRegistry running auto
`binary: C:\WINDOWS\system32\svchost.exe -k LocalService
*Remote Procedure Call (RPC) Locator RpcLocator - on demand
`binary: C:\WINDOWS\System32\locator.exe
*Remote Procedure Call (RPC) RpcSs running auto
`binary: C:\WINDOWS\system32\svchost -k rpcss
*QoS RSVP RSVP - on demand
`binary: C:\WINDOWS\System32\rsvp.exe
*Security Accounts Manager SamSs running auto
`binary: C:\WINDOWS\system32\lsass.exe
*Smart Card Helper SCardDrv - on demand
`binary: C:\WINDOWS\System32\SCardSvr.exe
*Smart Card SCardSvr - on demand
`binary: C:\WINDOWS\System32\SCardSvr.exe
*Task Scheduler Schedule running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Secondary Logon seclogon running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*System Event Notification SENS running auto
`binary: C:\WINDOWS\system32\svchost.exe -k netsvcs
*Internet Connection Firewall (ICF) / Internet C SharedAccess running auto
`onnection Sharing (ICS)
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Shell Hardware Detection ShellHWDetection running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Print Spooler Spooler running auto
`binary: C:\WINDOWS\system32\spoolsv.exe
*System Restore Service srservice running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*SSDP Discovery Service SSDPSRV running on demand
`binary: C:\WINDOWS\System32\svchost.exe -k LocalService
*Windows Image Acquisition (WIA) stisvc - on demand
`binary: C:\WINDOWS\System32\svchost.exe -k imgsvc
*MS Software Shadow Copy Provider SwPrv - on demand
`binary: C:\WINDOWS\System32\dllhost.exe /Processid:{7838F584-A384-4B13-B289-4BEEFA828629}
*Performance Logs and Alerts SysmonLog - on demand
`binary: C:\WINDOWS\system32\smlogsvc.exe
*Telephony TapiSrv running on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Terminal Services TermService running on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Themes Themes running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Telnet TlntSvr - on demand
`binary: C:\WINDOWS\System32\tlntsvr.exe
*Distributed Link Tracking Client TrkWks running auto
`binary: C:\WINDOWS\system32\svchost.exe -k netsvcs
*Windows User Mode Driver Framework UMWdf running auto
`binary: C:\WINDOWS\System32\wdfmgr.exe
*Upload Manager uploadmgr running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Universal Plug and Play Device Host upnphost - on demand
`binary: C:\WINDOWS\System32\svchost.exe -k LocalService
*Uninterruptible Power Supply UPS - on demand
`binary: C:\WINDOWS\System32\ups.exe
*Volume Shadow Copy VSS - on demand
`binary: C:\WINDOWS\System32\vssvc.exe
*Windows Time W32Time running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*WebClient WebClient running auto
`binary: C:\WINDOWS\System32\svchost.exe -k LocalService
*Windows Management Instrumentation winmgmt running auto
`binary: C:\WINDOWS\system32\svchost.exe -k netsvcs
*Portable Media Serial Number Service WmdmPmSN - on demand
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*Windows Management Instrumentation Driver Exten Wmi - on demand
`sions
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
*WMI Performance Adapter WmiApSrv - on demand
`binary: C:\WINDOWS\System32\wbem\wmiapsrv.exe
*Automatic Updates wuauserv - auto
`binary: C:\WINDOWS\system32\svchost.exe -k netsvcs
*Wireless Zero Configuration WZCSVC running auto
`binary: C:\WINDOWS\System32\svchost.exe -k netsvcs
»VMM32Files (LM)
»%System%\VMM32
»%System%\IOSUBSYS
»Application specific
»MS Office 97/8.0 STARTUP-PATH
»Current User
»Default User
»Local Machine
»ICQ NetDetect
»Current User
»Default User
__________________
==========================================

Get Help:
TSF Security Forum | HijackThis | MB's 5 Step Process
Get Clean:
AdAware SE | Spybot S&D | CWShredder | Ewido | CleanUp!
Get Protected:
SpywareBlaster | SpywareGuard | Windows Updates | IE-SpyAd


If TSF has helped you, please consider making a donation to help keep the board running.
Grove is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-30-2005, 12:34 AM   #5 (permalink)
Manager Emeritus - Security Center, Expert Analyst, Moderator - Security Team; Rangemaster, TSF Academy & Supporter
 
MicroBell's Avatar
 
Join Date: Sep 2004
Location: Carmichaels, PA-USA
Posts: 6,963
OS: Windows 7


Send a message via ICQ to MicroBell Send a message via MSN to MicroBell
This log is also clean. I do not think your issue is spyware related. Lets try one last tool though.

Download, install, and update Ewido Security Suite
  • Install ewido security suite
  • Launch ewido, there should be a big E icon on your desktop, double-click it.
  • The program will prompt you to update click the OK button
  • The program will now go to the main screen
You will need to update ewido to the latest definition files.
  • On the left hand side of the main screen click update
  • Click on Start
The update will start and a progress bar will show the updates being installed.
After the updates are installed, exit Ewido

Reboot into Safe Mode. You can do this by restarting your computer and continually tapping the F8 key until a menu appears. Use your up arrow key to highlight Safe Mode, then hit enter.
[*]Run Ewido.[*]Click on scanner[*]Make sure the following boxes are checked before scanning:
  • Binder
  • Crypter
  • Archives
[*]Click on Start Scan[*]Let the program scan the machine[/list]While the scan is in progress you will be prompted to clean the first infected file it finds. Choose "clean", then put a check next to "Perform action on all infections" in the left corner of the box so you don't have to sit and watch Ewido the whole time. Click OK.

Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report
  • Save the report to your desktop
  • Exit Ewido
Reboot into normal mode.

Post the log from the Ewido scan.
__________________
We Are The BORG Spyware KILLER and Adware Destroyer!





Spyware/Adware Removal Tools
Hijackthis
Ad-aware SE
Spybot Search&Destroy
SpywareBlaster
CWShredder
MicroBell is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-30-2005, 03:08 AM   #6 (permalink)
Professor/Moderator, TSF Design School
 
Grove's Avatar
 
Join Date: Jun 2005
Location: Australia
Posts: 2,383
OS: Windows Vista SP2 32bit


Ewido
Ok Followed all instructions, here is the log:

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 6:57:37 PM, 6/30/2005
+ Report-Checksum: 7330D257

+ Date of database: 6/30/2005
+ Version of scan engine: v3.0

+ Duration: 32 min
+ Scanned Files: 49760
+ Speed: 25.33 Files/Second
+ Infected files: 28
+ Removed files: 28
+ Files put in quarantine: 28
+ Files that could not be opened: 0
+ Files that could not be cleaned: 0

+ Binder: Yes
+ Crypter: Yes
+ Archives: Yes

+ Scanned items:
C:\

+ Scan result:
C:\Documents and Settings\Tom Santro\Cookies\tom santro@atdmt[2].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Tom Santro\Cookies\tom santro@cgi-bin[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Tom Santro\Cookies\tom santro@fastclick[1].txt -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\Documents and Settings\Tom Santro\My Documents\Applications\Nero 6 Ultra Edition\Crack\Keygen.exe -> TrojanDropper.Delf.gi -> Cleaned with backup
C:\RECYCLER\NPROTECT\00000631.TXT -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\RECYCLER\NPROTECT\00000632.TXT -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001060.TXT -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001061.TXT -> Spyware.Tracking-Cookie -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001767.dll -> Spyware.BargainBuddy.n -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001768.exe -> Spyware.BargainBuddy -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001769.exe -> Spyware.BargainBuddy.n -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001770.exe -> Spyware.BargainBuddy.n -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001772.exe -> Spyware.BargainBuddy -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001773.dll -> Spyware.BargainBuddy.n -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001774.exe -> Spyware.Bargainbuddy -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001775.exe -> Spyware.BargainBuddy -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001776.exe -> Spyware.BargainBuddy -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001804.srg -> Spyware.BargainBuddy.q -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001805.exe -> Spyware.BargainBuddy.q -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001806.exe -> Spyware.BargainBuddy.q -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001807.vxd -> Spyware.BargainBuddy -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001808.exe -> Spyware.BargainBuddy -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001809.exe -> Spyware.BargainBuddy -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001810.exe -> Spyware.Bargainbuddy -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001811.exe -> Spyware.BargainBuddy.n -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001812.exe -> Spyware.BargainBuddy.n -> Cleaned with backup
C:\RECYCLER\NPROTECT\00001813.exe -> Spyware.BargainBuddy -> Cleaned with backup
C:\WINDOWS\Downloaded Program Files\clientax.dll -> Spyware.180Solutions -> Cleaned with backup


::Report End

Computer seemed a little faster, although some icons take a while to load. The icons that are taking time to load are AVG Free and Reg Mechanic. Also the startup progs take a while. Any ideas?
__________________
==========================================

Get Help:
TSF Security Forum | HijackThis | MB's 5 Step Process
Get Clean:
AdAware SE | Spybot S&D | CWShredder | Ewido | CleanUp!
Get Protected:
SpywareBlaster | SpywareGuard | Windows Updates | IE-SpyAd


If TSF has helped you, please consider making a donation to help keep the board running.
Grove is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-30-2005, 05:42 PM   #7 (permalink)
Manager Emeritus - Security Center, Expert Analyst, Moderator - Security Team; Rangemaster, TSF Academy & Supporter
 
MicroBell's Avatar
 
Join Date: Sep 2004
Location: Carmichaels, PA-USA
Posts: 6,963
OS: Windows 7


Send a message via ICQ to MicroBell Send a message via MSN to MicroBell
This log is also fairly clean. Please empty Nortons recycle bin. Delete the following files...

C:\Documents and Settings\Tom Santro\My Documents\Applications\Nero 6 Ultra Edition\Crack\Keygen.exe

C:\WINDOWS\Downloaded Program Files\clientax.dll

As for slowness...as I said...I don't think it's spyware related. Maybe ask your question in the XP Forum. Couple of tips though...

Defrag the hard drive
Run a Cleaner for your temp folders
Remove any unused programs.
Run the Disk CLeanup utility...choose advanced and remove some of your old restore points.
Run a registry cleaner

Here's a utility we use to clean the TEMP folders..and the directions for use..

Download and install CleanUp! but do not run it yet.
*NOTE* Cleanup deletes EVERYTHING out of temp/temporary folders and does not make backups.

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows:
*Click "Options..."
*Move the arrow down to "Custom CleanUp!"
*Put a check next to the following:
  • Empty Recycle Bins
  • Delete Cookies
  • Delete Prefetch files
    [X]Scan local drives for temporary files (Please uncheck this option)
  • Cleanup! All Users
Click OK
Press the CleanUp! button to start the program. Reboot/logoff when prompted.
__________________
We Are The BORG Spyware KILLER and Adware Destroyer!





Spyware/Adware Removal Tools
Hijackthis
Ad-aware SE
Spybot Search&Destroy
SpywareBlaster
CWShredder
MicroBell is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-30-2005, 09:42 PM   #8 (permalink)
Professor/Moderator, TSF Design School
 
Grove's Avatar
 
Join Date: Jun 2005
Location: Australia
Posts: 2,383
OS: Windows Vista SP2 32bit


Recylce Bin
Do You want me to delete the whole NPROTECT folder?
__________________
==========================================

Get Help:
TSF Security Forum | HijackThis | MB's 5 Step Process
Get Clean:
AdAware SE | Spybot S&D | CWShredder | Ewido | CleanUp!
Get Protected:
SpywareBlaster | SpywareGuard | Windows Updates | IE-SpyAd


If TSF has helped you, please consider making a donation to help keep the board running.
Grove is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 06-30-2005, 09:44 PM   #9 (permalink)
Professor/Moderator, TSF Design School
 
Grove's Avatar
 
Join Date: Jun 2005
Location: Australia
Posts: 2,383
OS: Windows Vista SP2 32bit


Missing Files
The files Keygen.exe and clientax.dll aren't there anymore. I checked if they were hidden and nope.. not there... wierd..
__________________
==========================================

Get Help:
TSF Security Forum | HijackThis | MB's 5 Step Process
Get Clean:
AdAware SE | Spybot S&D | CWShredder | Ewido | CleanUp!
Get Protected:
SpywareBlaster | SpywareGuard | Windows Updates | IE-SpyAd


If TSF has helped you, please consider making a donation to help keep the board running.
Grove is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 07-01-2005, 03:19 AM   #10 (permalink)
Manager Emeritus - Security Center, Expert Analyst, Moderator - Security Team; Rangemaster, TSF Academy & Supporter
 
MicroBell's Avatar
 
Join Date: Sep 2004
Location: Carmichaels, PA-USA
Posts: 6,963
OS: Windows 7


Send a message via ICQ to MicroBell Send a message via MSN to MicroBell
Quote:
Originally Posted by Grove4Life
Do You want me to delete the whole NPROTECT folder?
NO..just the files in it. I think you empty it in Norton..just like you would using the regular recycle bin. Open it..then select "Empty Recycle Bin"
__________________
We Are The BORG Spyware KILLER and Adware Destroyer!





Spyware/Adware Removal Tools
Hijackthis
Ad-aware SE
Spybot Search&Destroy
SpywareBlaster
CWShredder
MicroBell is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 07-01-2005, 07:06 AM   #11 (permalink)
Professor/Moderator, TSF Design School
 
Grove's Avatar
 
Join Date: Jun 2005
Location: Australia
Posts: 2,383
OS: Windows Vista SP2 32bit


Norton
I dont use norton anymore. I changed to AVG 3 months ago. Do i just delete them manually?
__________________
==========================================

Get Help:
TSF Security Forum | HijackThis | MB's 5 Step Process
Get Clean:
AdAware SE | Spybot S&D | CWShredder | Ewido | CleanUp!
Get Protected:
SpywareBlaster | SpywareGuard | Windows Updates | IE-SpyAd


If TSF has helped you, please consider making a donation to help keep the board running.
Grove is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 07-02-2005, 01:19 AM   #12 (permalink)
Manager Emeritus - Security Center, Expert Analyst, Moderator - Security Team; Rangemaster, TSF Academy & Supporter
 
MicroBell's Avatar
 
Join Date: Sep 2004
Location: Carmichaels, PA-USA
Posts: 6,963
OS: Windows 7


Send a message via ICQ to MicroBell Send a message via MSN to MicroBell
Quote:
Originally Posted by Grove4Life
I dont use norton anymore. I changed to AVG 3 months ago. Do i just delete them manually?
Sure. Double check and make sure anything that says Norton has been removed from the add/remove programs tab. Then just delete the whole NPROTECT folder.
__________________
We Are The BORG Spyware KILLER and Adware Destroyer!





Spyware/Adware Removal Tools
Hijackthis
Ad-aware SE
Spybot Search&Destroy
SpywareBlaster
CWShredder
MicroBell is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 07-02-2005, 09:24 AM   #13 (permalink)
Professor/Moderator, TSF Design School
 
Grove's Avatar
 
Join Date: Jun 2005
Location: Australia
Posts: 2,383
OS: Windows Vista SP2 32bit


Thanks
Thank You For All Help, Mircobell
__________________
==========================================

Get Help:
TSF Security Forum | HijackThis | MB's 5 Step Process
Get Clean:
AdAware SE | Spybot S&D | CWShredder | Ewido | CleanUp!
Get Protected:
SpywareBlaster | SpywareGuard | Windows Updates | IE-SpyAd


If TSF has helped you, please consider making a donation to help keep the board running.
Grove is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
Old 07-03-2005, 12:12 AM   #14 (permalink)
Manager Emeritus - Security Center, Expert Analyst, Moderator - Security Team; Rangemaster, TSF Academy & Supporter
 
MicroBell's Avatar
 
Join Date: Sep 2004
Location: Carmichaels, PA-USA
Posts: 6,963
OS: Windows 7


Send a message via ICQ to MicroBell Send a message via MSN to MicroBell
U bet Grove. Moving this to resolved..
__________________
We Are The BORG Spyware KILLER and Adware Destroyer!





Spyware/Adware Removal Tools
Hijackthis
Ad-aware SE
Spybot Search&Destroy
SpywareBlaster
CWShredder
MicroBell is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Reddit!
 

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 06:31 AM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2009, Tech Support Forum
Home Tips Plus | Outdoor Basecamp | Automotive Support Forum

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85