|
Search Tech-Forums - link takes you to our Forum's search page. Note: The following is only a text archive! To view the actual forum discussion, please visit our website at http://www.tech-forums.net Pages:1 another hijackthis logfile(Click here to view the original thread with full colors/images)Posted by: khog11 can somebody help me please?! this is my hijackthis logfile Logfile of HijackThis v1.99.1 Scan saved at 10:08:55 PM, on 3/11/05 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\SYSTEM\EUSEXE.EXE C:\WINDOWS\SYSTEM\INETSRV\INETINFO.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINJECT.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE C:\WINDOWS\SYSTEM\MSDTCW.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM\RPCSS.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\SYSTEM\IGFXTRAY.EXE C:\WINDOWS\SYSTEM\HKCMD.EXE C:\WINDOWS\SYSTEM\SBMX.EXE C:\WINDOWS\SYSTEM\STIMON.EXE C:\WINDOWS\ESSSPK.EXE C:\WINDOWS\LOADQM.EXE C:\WINDOWS\SYSTEM\PWSTRAY.EXE C:\WINDOWS\SYSTEM\QTTASK.EXE C:\WINDOWS\SYSTEM\LVCOMSX.EXE C:\PROGRAM FILES\LOGITECH\VIDEO\LOGITRAY.EXE C:\PROGRAM FILES\WINAMP\WINAMPA.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\NAVAPW32.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\POPROXY.EXE C:\WINDOWS\RUNDLL32.EXE C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOTDD01.EXE C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOMAU08.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\PROGRAM FILES\WINDOWS MEDIA COMPONENTS\ENCODER\WMENCAGT.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\SYSDOC32.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\Program Files\Norton SystemWorks\Norton CleanSweep\Monwow.exe C:\PROGRAM FILES\YAHOO!\MESSENGER\YMSGR_TRAY.EXE C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOEVM08.EXE C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOSTS08.EXE C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOFXM08.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\MY DOCUMENTS\KHRISSIE\GOWNS\HIJACKTHIS.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\se.dll/sp.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\se.dll/sp.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1;<local>;localhost O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\REAL\TOOLBAR\REALBAR.DLL O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\REAL\TOOLBAR\REALBAR.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\SYSTEM\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\SYSTEM\hkcmd.exe O4 - HKLM\..\Run: [SBMX] C:\WINDOWS\SYSTEM\sbmx.exe O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [RegShave] C:\Progra~1\REGSHAVE\REGSHAVE.EXE /autorun O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [PWSTray] PwsTray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\SYSTEM\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE O4 - HKLM\..\Run: [NAV DefAlert] C:\PROGRA~1\NORTON~1\NORTON~2\DEFALERT.EXE O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NORTON~2\NAVAPW32.EXE /LOADQUIET O4 - HKLM\..\Run: [Norton eMail Protect] C:\Program Files\Norton SystemWorks\Norton AntiVirus\POPROXY.EXE O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [ICH Synth] eusexe.exe O4 - HKLM\..\RunServices: [MSDTC] msdtcw -start O4 - HKLM\..\RunServices: [inetinfo.exe] C:\WINDOWS\SYSTEM\inetsrv\inetinfo.exe -e w3svc O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE O4 - HKLM\..\RunServices: [CSINJECT.EXE] C:\Program Files\Norton SystemWorks\Norton CleanSweep\CSINJECT.EXE O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks" O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [ZVolume] C:\Program Files\ZVolume Pro\ZVolume.exe O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - Startup: hp instant support.lnk = C:\Program Files\Hewlett-Packard\hpis\bin\matcli.exe O4 - Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe O4 - Startup: hp officejet 4100 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpomau08.exe O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Startup: Encoder Agent.lnk = C:\Program Files\Windows Media Components\Encoder\WMENCAGT.EXE O4 - Startup: Norton System Doctor.lnk = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsm32.exe O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O16 - DPF: Yahoo! Chess - [url]http://download.games.yahoo.com/games/clients/y/ct2_x.cab[/url] O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - [url]http://www2.incredimail.com/contents/setup/downloader/imloader.cab[/url] O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - [url]http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll[/url] O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - [url]http://a1540.g.akamai.net/7/1540/52/20031216/qtinstall.info.apple.com/mickey/us/win/QuickTimeInstaller.exe[/url] O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - [url]http://www.cult3d.com/download/cult.cab[/url] O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - [url]http://66.48.68.135/save/makeover.cab[/url] O16 - DPF: Yahoo! Poker - [url]http://download.games.yahoo.com/games/clients/y/pt3_x.cab[/url] O16 - DPF: Yahoo! Backgammon - [url]http://download.games.yahoo.com/games/clients/y/at0_x.cab[/url] O16 - DPF: Tornado 21 - [url]http://download.games.yahoo.com/games/clients/y/t21t0_x.cab[/url] O16 - DPF: Yahoo! Spades - [url]http://download.games.yahoo.com/games/clients/y/st2_x.cab[/url] O16 - DPF: Yahoo! Pinochle - [url]http://download.games.yahoo.com/games/clients/y/ut2_x.cab[/url] O16 - DPF: Yahoo! MahJong - [url]http://download.games.yahoo.com/games/clients/y/ot0_x.cab[/url] O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - [url]http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab[/url] O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - [url]http://chat.yahoo.com/cab/yvwrctl.cab[/url] O16 - DPF: Yahoo! Pool 2 - [url]http://download.games.yahoo.com/games/clients/y/pote_x.cab[/url] O16 - DPF: {2B36F775-8CF5-4489-B454-2D1B80984CF2} (FXPluginCtl Object) - [url]http://www.powerflasher.de/plugin/powerres.cab[/url] O16 - DPF: Yahoo! MahJong Solitaire - [url]http://download.games.yahoo.com/games/clients/y/mjst4_x.cab[/url] O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - [url]http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab[/url] O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - [url]http://www.pandasoftware.com/activescan/as5/asinst.cab[/url] Posted by: MicroBell [color=blue][b]Before attacking an adware/spyware problem with hijackthis make sure you have already run[color=red] ad-aware SE[/color] with [color=red]VX2[/color] add-on cleaner, [color=red]Spybot Search & Destroy[/color] (with updated database) and [color=red]CWShredder[/color] as these programs will clean a lot of the crap out first. All links to programs are in my signature. Ok..on to the log…..[/color][/b] Download and install [b]CleanUp[/b] [url]http://cleanup.stevengould.org/[/url] Download [url=http://www.bleepingcomputer.com/files/windows/Winsock2Fix.zip][b]Winsock2Fix[/b][/url] and unzip it. Then double-click on it to run it. Open My Computer>>View>>FolderOptions>>View Tab>>Advance Advanced settings box, under the "Hidden files" folder, select Show all files>>Apply>>OK Reboot into Safe Mode (hit F8 key until menu shows up). Make sure to close any open browsers. Open add/remove programs and remove [b]New.Net[/b] or [b]NewDotNet[/b]. Check and fix the following in HijackThis if they still exist (make sure you do not miss an entry) [b]R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about :blank R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\se.dll/sp.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about :blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\se.dll/sp.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about :blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about :blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about :blank R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = 127.0.0.1;<local>;localhost O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - [url]http://www.cult3d.com/download/cult.cab[/url] O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - [url]http://66.48.68.135/save/makeover.cab[/url][/b] C:\Program Files\[b]NewDotNet[/b] <--delete that folder. Now run the cleanup utility and reboot/logoff when prompted. Once your back at normal mode....proceed to the next step.. Download: [URL=http://www.niksoft.at/php/dl.php?f=startdreck.zip ][b]StartDreck[/b][/URL] Unzip to its own folder and start the program: Press 'Config' Press 'Mark All' UN-Check the 'NT-Services & NT-Kernel...' boxes only: Press 'Ok' Press 'Save' and select the location to save the log file (default is the same folder as the application) Post the log in this thread along with a new hijackthis log. We need to locate the hidden file...that will regenerate the [b]se.dll[/b] infection unless it's removed. Posted by: khog11 StartDreck (build 2.1.7 public stable) - 2005-03-13 @ 13:00:32 (GMT -08:00) Platform: Windows 98 SE (Win 4.10.2222 A) Internet Explorer: 6.0.2800.1106 Logged in as at CRIS »Registry »Run Keys »Current User »Run *LDM=\Program\BackWeb-8876480.exe *WEBCAMRT.EXE= *Yahoo! Pager=C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet *ZVolume=C:\Program Files\ZVolume Pro\ZVolume.exe »RunOnce »Default User »Run *LDM=\Program\BackWeb-8876480.exe *WEBCAMRT.EXE= *Yahoo! Pager=C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet *ZVolume=C:\Program Files\ZVolume Pro\ZVolume.exe »RunOnce »Local Machine »Run *ScanRegistry=C:\WINDOWS\scanregw.exe /autorun *TaskMonitor=C:\WINDOWS\taskmon.exe *SystemTray=SysTray.Exe *LoadPowerProfile=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme *IgfxTray=C:\WINDOWS\SYSTEM\igfxtray.exe *HotKeysCmds=C:\WINDOWS\SYSTEM\hkcmd.exe *SBMX=C:\WINDOWS\SYSTEM\sbmx.exe *DXM6Patch_981116=C:\WINDOWS\p_981116.exe /Q:A *StillImageMonitor=C:\WINDOWS\SYSTEM\STIMON.EXE *EssSpkPhone=essspk.exe *LoadQM=loadqm.exe *RegShave=C:\Progra~1\REGSHAVE\REGSHAVE.EXE /autorun *LogitechGalleryRepair=C:\Program Files\Logitech\Video\ISStart.exe *LogitechImageStudioTray=C:\Program Files\Logitech\Video\LogiTray.exe *PWSTray=PwsTray.exe *QuickTime Task="C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime *LVCOMSX=C:\WINDOWS\SYSTEM\LVCOMSX.EXE *LogitechVideoRepair=C:\Program Files\Logitech\Video\ISStart.exe *LogitechVideoTray=C:\Program Files\Logitech\Video\LogiTray.exe *WinampAgent=C:\Program Files\Winamp\winampa.exe *NPROTECT=C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE *NAV DefAlert=C:\PROGRA~1\NORTON~1\NORTON~2\DEFALERT.EXE *Norton Auto-Protect=C:\PROGRA~1\NORTON~1\NORTON~2\NAVAPW32.EXE /LOADQUIET *Norton eMail Protect=C:\Program Files\Norton SystemWorks\Norton AntiVirus\POPROXY.EXE *TkBellExe="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot +OptionalComponents +IMAIL *Installed=1 +MAPI *NoChange=1 *Installed=1 +MAPI *NoChange=1 *Installed=1 »RunOnce »RunServices *LoadPowerProfile=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme *SchedulingAgent=mstask.exe *ICH Synth=eusexe.exe *MSDTC=msdtcw -start *inetinfo.exe=C:\WINDOWS\SYSTEM\inetsrv\inetinfo.exe -e w3svc *NPROTECT=C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE *CSINJECT.EXE=C:\Program Files\Norton SystemWorks\Norton CleanSweep\CSINJECT.EXE *SymTray - Norton SystemWorks=C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks" »RunServicesOnce **zr=rundll32 C:\WINDOWS\FVI.CPE,DllGetClassObject »RunOnceEx »RunServicesOnceEx »File Associations (CR) +.bat *batfile="%1" %* +.com *comfile="%1" %* +.disabled *SpybotSD.DisabledFile="C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\blindman.exe" "%1" +.exe *exefile="%1" %* +.hta *htafile=C:\WINDOWS\SYSTEM\MSHTA.EXE "%1" %* +.htm *htmlfile="C:\PROGRA~1\INTERN~1\iexplore.exe" -nohome +.html *htmlfile="C:\PROGRA~1\INTERN~1\iexplore.exe" -nohome +.js *JSFile=C:\WINDOWS\WScript.exe "%1" %* +.jse *JSEFile=C:\WINDOWS\WScript.exe "%1" %* +.pif *piffile="%1" %* +.reg *regfile=regedit.exe "%1" +.scr *scrfile="%1" /S +.txt *txtfile=C:\WINDOWS\NOTEPAD.EXE %1 +.vbs *VBSFile=C:\WINDOWS\WScript.exe "%1" %* +.vbe *VBEFile=C:\WINDOWS\WScript.exe "%1" %* +.wsh *WSHFile=C:\WINDOWS\WScript.exe "%1" %* +.wsf *WSFFile=C:\WINDOWS\WScript.exe "%1" %* +.lnk `lnkfile= [key or value does not exist] »Active Setup (LM) +Windows Setup - Applets/AppletsPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection AppletsPerUser 64 C:\WINDOWS\INF\applets.inf +Windows Setup - Fonts/FontsPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection FontsPerUser 64 C:\WINDOWS\INF\fonts.inf +Internet Connection Wizard/{5A8D6EE0-3E18-11D0-821E-444553540000} *StubPath=rundll32.exe advpack.dll,LaunchINFSectionEx C:\WINDOWS\INF\icw.inf,PerUserStub,,36 +PerUser_ICW_Inis *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_ICW_Inis 0 C:\WINDOWS\INF\icw97.inf +Internet Explorer 6 and Internet Tools/{89820200-ECBD-11cf-8B85-00AA005B4383} *StubPath=rundll32.exe advpack.dll,UserInstStubWrapper {89820200-ECBD-11cf-8B85-00AA005B4383} +Windows Desktop Update/{89820200-ECBD-11cf-8B85-00AA005B4395} *StubPath=rundll32.exe advpack.dll,LaunchINFSectionEx C:\WINDOWS\SYSTEM\ie4uinit.inf,Shell.UserStub,,36 +MSN-Migration/>PerUser_MSN_Clean *StubPath=C:\WINDOWS\msnmgsr1.exe +Power Policy Settings/{CA0A4247-44BE-11d1-A005-00805F8ABE06} *StubPath=RunDLL setupx.dll,InstallHinfSection PowerCfg.user 0 powercfg.inf +Windows Setup - System Information/PerUser_Msinfo *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Msinfo 64 C:\WINDOWS\INF\msinfo.inf +Windows Setup - System Information/PerUser_Msinfo2 *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Msinfo2 64 C:\WINDOWS\INF\msinfo.inf +Windows Setup - Multimedia/MotownMmsysPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection MotownMmsysPerUser 64 C:\WINDOWS\INF\motown.inf +Windows Setup - Multimedia/MotownAvivideoPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection MotownAvivideoPerUser 64 C:\WINDOWS\INF\motown.inf +Windows Setup - Multimedia/MotownMPlayPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection MotownMPlayPerUser 64 C:\WINDOWS\INF\mplay98.inf +Windows Setup - Messaging/PerUser_Base *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Base 64 C:\WINDOWS\INF\msmail.inf +Windows Setup - Shell/ShellPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection ShellPerUser 64 C:\WINDOWS\INF\shell.inf +Windows Setup - Color Schemes/Shell2PerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection Shell2PerUser 64 C:\WINDOWS\INF\shell2.inf +Windows Setup - Start Menu/PerUser_winbase_Links *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_winbase_Links 64 C:\WINDOWS\INF\subase.inf +Windows Setup - Start Menu/PerUser_winapps_Links *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_winapps_Links 64 C:\WINDOWS\INF\subase.inf +Windows Setup - Links Bar/PerUser_LinkBar_URLs *StubPath=C:\WINDOWS\COMMAND\sulfnbk.exe /L +Windows Setup - Telephony Support/TapiPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection TapiPerUser 64 C:\WINDOWS\INF\tapi.inf +Web Folders/{73fa19d0-2d75-11d2-995d-00c04f98bbc9} *StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\webfdr16.inf,PerUserStub.Install,1 +Windows Setup - More Applets/PerUserOldLinks *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUserOldLinks 64 C:\WINDOWS\INF\appletpp.inf +Windows Setup - Sound Schemes/MmoptRegisterPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection MmoptRegisterPerUser 64 C:\WINDOWS\INF\mmopt.inf +Windows Setup - Online Services/OlsPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection OlsPerUser 64 C:\WINDOWS\INF\ols.inf +Windows Setup - The Microsoft Network/OlsMsnPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection OlsMsnPerUser 64 C:\WINDOWS\INF\ols.inf +Windows Setup - Paint/PerUser_Paint_Inis *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Paint_Inis 64 C:\WINDOWS\INF\applets.inf +Windows Setup - Calculator/PerUser_Calc_Inis *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Calc_Inis 64 C:\WINDOWS\INF\applets.inf +Windows Setup - FAT32 Converter/PerUser_CVT_Inis *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_CVT_Inis 64 C:\WINDOWS\INF\applets1.inf +Windows Setup - Multimedia/MotownRecPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection MotownRecPerUser 64 C:\WINDOWS\INF\motown.inf +Windows Setup - Volume Control/PerUser_Vol *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Vol 64 C:\WINDOWS\INF\motown.inf +Windows Setup - Wordpad/PerUser_MSWordPad_Inis *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_MSWordPad_Inis 64 C:\WINDOWS\INF\wordpad.inf +Windows Setup - Dial-Up Networking/PerUser_RNA_Inis *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_RNA_Inis 64 C:\WINDOWS\INF\rna.inf +Windows Setup - Phone Dialer/PerUser_Dialer_Inis *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Dialer_Inis 64 C:\WINDOWS\INF\appletpp.inf +Windows Setup - CD Player/PerUser_CDPlayer_Inis *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_CDPlayer_Inis 64 C:\WINDOWS\INF\mmopt.inf +NetMeeting 3.0/{44BBA842-CC51-11CF-AAFA-00AA00B6015C} *StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.W95 +Microsoft Outlook Express 6/{44BBA840-CC51-11CF-AAFA-00AA00B6015C} *StubPath=rundll32.exe advpack.dll,UserInstStubWrapper {44BBA840-CC51-11CF-AAFA-00AA00B6015C} +Address Book 6/{7790769C-0471-11d2-AF11-00C04FA35D02} *StubPath=rundll32.exe advpack.dll,UserInstStubWrapper {7790769C-0471-11d2-AF11-00C04FA35D02} +Windows Setup - America Online/OlsAolPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection OlsAolPerUser 64 C:\WINDOWS\INF\ols.inf +Windows Setup - AT&T WorldNet Service/OlsAttPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection OlsAttPerUser 64 C:\WINDOWS\INF\ols.inf +Windows Setup - CompuServe/OlsCompuservePerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection OlsCompuservePerUser 64 C:\WINDOWS\INF\ols.inf +Windows Setup - Prodigy Internet/OlsProdigyPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection OlsProdigyPerUser 64 C:\WINDOWS\INF\ols.inf +Microsoft Windows Media Player/{6BF52A52-394A-11d3-B153-00C04F79FAA6} *StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub +>{B365CC97-3089-4CC0-8B3E-487DAB755232}C98132 *StubPath=RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP +Windows Setup - Direct Cable Connection/PerUser_DCC_Inis *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_DCC_Inis 64 C:\WINDOWS\INF\rna.inf +Windows Setup - HyperTerminal/PerUser_Onlinelnks_Inis *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Onlinelnks_Inis 64 C:\WINDOWS\INF\appletpp.inf +CRLUpdate/{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11} *StubPath=C:\WINDOWS\SYSTEM\updcrl.exe -e -u C:\WINDOWS\SYSTEM\verisignpub1.crl +Microsoft Web Publishing Wizard 1.6/{44BBA851-CC51-11CF-AAFA-00AA00B6015C} *StubPath=rundll32.exeadvpack.dll +Browser Customizations/>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS *StubPath=RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP +>{22d6f312-b0f6-11d0-94ab-0080c74c7e95} *StubPath=C:\WINDOWS\inf\unregmp2.exe /ShowWMP »Browser Helper Objects (LM) *REALBAR.REALBAR/{4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} `InprocServer32=C:\PROGRA~1\COMMON~1\REAL\TOOLBAR\ REALBAR.DLL *{53707962-6F74-2D53-2644-206D7942484F} `InprocServer32=C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL »Internet Explorer »Current User *Default_Search_URL=http://www.google.com/search?q=%s *Local Page=c:\windows\system\blank.htm *Start Page=about:blank *CustomizeSearch=http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchcust.htm +SearchUrl *Provider=yaho *=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch »Default User *Default_Search_URL=http://www.google.com/search?q=%s *Local Page=c:\windows\system\blank.htm *Start Page=about:blank *CustomizeSearch=http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchcust.htm +SearchUrl *Provider=yaho *=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch »Local Machine *Default_Page_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome *Default_Search_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch *Local Page=c:\windows\system\blank.htm *Start Page=about:blank *CustomizeSearch=http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchcust.htm *SearchAssistant=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm +SearchUrl »ShellServiceObjectDelayLoad (LM) *WebCheck={E6FB5E20-DE35-11CF-9C87-00AA005127ED} `InprocServer32=%SystemRoot%\System32\webcheck.dll »Special NT Values »Current User *Load= *Run= *Programs= *SHELL= »Default User *Load= *Run= *Programs= *SHELL= »Local Machine *AppInit_DLLs=APITRAP.DLL *SHELL= *Userinit= »Files »Autostart Folders »Current User *C:\WINDOWS\Start Menu\Programs\StartUp\Microsoft Office.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\hpoddt01.exe.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\hp instant support.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\Exif Launcher.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\hp officejet 4100 series.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\Logitech Desktop Messenger.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\Encoder Agent.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\Norton System Doctor.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\CleanSweep Smart Sweep-Internet Sweep.lnk »Default User *C:\WINDOWS\Start Menu\Programs\StartUp\Microsoft Office.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\hpoddt01.exe.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\hp instant support.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\Exif Launcher.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\hp officejet 4100 series.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\Logitech Desktop Messenger.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\Encoder Agent.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\Norton System Doctor.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\CleanSweep Smart Sweep-Internet Sweep.lnk »Local Machine »INI-Files »WIN.INI\[windows] *LOAD= *RUN= »SYSTEM.INI\[boot] *SHELL=Explorer.exe »Text Files *C:\msdos.sys `[Paths] `WinDir=C:\WINDOWS `WinBootDir=C:\WINDOWS `HostWinBootDrv=C `[Options] `BootMulti=1 `BootGUI=1 `DoubleBuffer=1 `AutoScan=1 `WinVer=4.10.2222 `; `;The following lines are required for compatibility with other programs. `;Do not remove them (MSDOS.SYS needs to be >1024 bytes). `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxa `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxb `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxc `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxd `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxe `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxf `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxg `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxh `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxi `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxj `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxk `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxl `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxm `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxn `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxo `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxp `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxq `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxr `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxs `Network=0 *C:\config.sys *C:\autoexec.bat `PATH C:\PROGRA~1\WIN98RK `PATH=%PATH%;"C:\Program Files\Mts" *C:\WINDOWS\wininit.bak `[Rename] `C:\PROGRA~1\WINDOW~1\WMPLAYER.EXE=C:\PROGRA~1\WINDOW~1\SETB5.TMP `C:\WINDOWS\SYSTEM\WMPLOC.DLL=C:\WINDOWS\SYSTEM\SETB4.TMP `C:\WINDOWS\SYSTEM\WMPCORE.DLL=C:\WINDOWS\SYSTEM\SETB3.TMP `C:\WINDOWS\SYSTEM\WMPCD.DLL=C:\WINDOWS\SYSTEM\SETB2.TMP `C:\WINDOWS\SYSTEM\WMP.OCX=C:\WINDOWS\SYSTEM\SETB1.TMP `C:\WINDOWS\SYSTEM\WMPUI.DLL=C:\WINDOWS\SYSTEM\SETB0.TMP `NUL=C:\WINDOWS\SYSTEM\WMPCD.DLL `NUL=C:\WINDOWS\SYSTEM\WMP.OCX `NUL=C:\WINDOWS\SYSTEM\WMPUI.DLL `NUL=C:\WINDOWS\SYSTEM\WMPCORE.DLL *C:\WINDOWS\hosts `127.0.0.1 localhost `127.0.0.1 pop3.norton.antivirus # Added by Norton AntiVirus for e-Mail scanning `127.0.0.1 pop3.spa.norton.antivirus # Added by Norton AntiVirus for e-Mail scanning »Program Files *C:\io.sys *C:\WINDOWS\win.com *C:\WINDOWS\explorer.exe »%PATH% Companion Files +C:\COMMAND.COM *C:\WINDOWS\COMMAND.COM +C:\o.bat *C:\WINDOWS\o.bat +C:\WINDOWS\SYSTEM\HH.EXE *C:\WINDOWS\hh.exe +C:\WINDOWS\iextract.exe *C:\WINDOWS\COMMAND\IEXTRACT.EXE +C:\WINDOWS\extract.exe *C:\WINDOWS\COMMAND\EXTRACT.EXE »System/Drivers »Running Processes +FF0F32EB=C:\WINDOWS\SYSTEM\KERNEL32.DLL *C:\WINDOWS\SYSTEM\I81X329X.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL +FFFFE833=C:\WINDOWS\SYSTEM\MSGSRV32.EXE *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFFF6C3=C:\WINDOWS\SYSTEM\MPREXE.EXE *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\MSNP32.DLL *C:\WINDOWS\SYSTEM\MSNET32.DLL *C:\WINDOWS\SYSTEM\RNANP.DLL *C:\WINDOWS\SYSTEM\MPRSERV.DLL *C:\WINDOWS\SYSTEM\MSPWL32.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFF8FB3=C:\WINDOWS\SYSTEM\mmtask.tsk *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFE6E6B=C:\WINDOWS\SYSTEM\MSTASK.EXE *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\MSIDLE.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFE7CD7=C:\WINDOWS\SYSTEM\EUSEXE.EXE *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\EUSLIB.DLL *C:\WINDOWS\SYSTEM\DSOUND.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\WINMM.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFECF77=C:\WINDOWS\SYSTEM\INETSRV\INETINFO.EXE *C:\WINDOWS\SYSTEM\INETSRV\PWSDATA.DLL *C:\WINDOWS\SYSTEM\INETSRV\ISCOMLOG.DLL *C:\WINDOWS\SYSTEM\MSAFD.DLL *C:\WINDOWS\SYSTEM\WSOCK32.DLL *C:\WINDOWS\SYSTEM\MSWSOCK.DLL *C:\WINDOWS\SYSTEM\INETSRV\LONSIW95.DLL *C:\WINDOWS\SYSTEM\INETSRV\W3SVC.DLL *C:\WINDOWS\SYSTEM\INETSRV\INFOCOMM.DLL *C:\WINDOWS\SYSTEM\INETSRV\IISFECNV.DLL *C:\WINDOWS\SYSTEM\INETSRV\ISATQ.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\WS2_32.DLL *C:\WINDOWS\SYSTEM\WININET.DLL *C:\WINDOWS\SYSTEM\CRYPT32.DLL *C:\WINDOWS\SYSTEM\MSOSS.DLL *C:\WINDOWS\SYSTEM\WS2HELP.DLL *C:\WINDOWS\SYSTEM\INETSRV\WAMREG.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\MFC42.DLL *C:\WINDOWS\SYSTEM\INETSRV\SVCEXT.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\INETSRV\METADATA.DLL *C:\WINDOWS\SYSTEM\NETAPI32.DLL *C:\WINDOWS\SYSTEM\NETBIOS.DLL *C:\WINDOWS\SYSTEM\INETSRV\IISADMIN.DLL *C:\WINDOWS\SYSTEM\INETSRV\COADMIN.DLL *C:\WINDOWS\SYSTEM\ADMWPROX.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFEDC87=C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\TKKE32L.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\S32KRNLL.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFEA2A3=C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINJECT.EXE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFDCCCF=C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRHK.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFDE687=C:\WINDOWS\SYSTEM\DDHELP.EXE *C:\WINDOWS\SYSTEM\I81XDD.DLL *C:\WINDOWS\SYSTEM\DDRAW.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\DSOUND.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\WINMM.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFDF3BB=C:\WINDOWS\RUNDLL32.EXE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFC75EF=C:\WINDOWS\SYSTEM\MSDTCW.EXE *C:\WINDOWS\SYSTEM\RPCLTCCM.DLL *C:\WINDOWS\SYSTEM\RSVPSP.DLL *C:\WINDOWS\SYSTEM\RAPILIB.DLL *C:\WINDOWS\SYSTEM\MSWSOSP.DLL *C:\WINDOWS\SYSTEM\RASAPI32.DLL *C:\WINDOWS\SYSTEM\SECUR32.DLL *C:\WINDOWS\SYSTEM\MSVCRT20.DLL *C:\WINDOWS\SYSTEM\SVRAPI.DLL *C:\WINDOWS\SYSTEM\MSNET32.DLL *C:\WINDOWS\SYSTEM\MSPWL32.DLL *C:\WINDOWS\SYSTEM\TAPI32.DLL *C:\WINDOWS\SYSTEM\NETAPI32.DLL *C:\WINDOWS\SYSTEM\NETBIOS.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\SHFOLDER.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\RNR20.DLL *C:\WINDOWS\SYSTEM\MSAFD.DLL *C:\WINDOWS\SYSTEM\RPCLTSCM.DLL *C:\WINDOWS\SYSTEM\WSOCK32.DLL *C:\WINDOWS\SYSTEM\MSWSOCK.DLL *C:\WINDOWS\SYSTEM\WS2_32.DLL *C:\WINDOWS\SYSTEM\WININET.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\CRYPT32.DLL *C:\WINDOWS\SYSTEM\MSOSS.DLL *C:\WINDOWS\SYSTEM\WS2HELP.DLL *C:\WINDOWS\SYSTEM\ENUDTC.DLL *C:\WINDOWS\SYSTEM\MTXOCI.DLL *C:\WINDOWS\SYSTEM\MTXDM.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\MSDTC.DLL *C:\WINDOWS\SYSTEM\MSDTCTM.DLL *C:\WINDOWS\SYSTEM\LOGMGR.DLL *C:\WINDOWS\SYSTEM\DTCUIS.DLL *C:\WINDOWS\SYSTEM\DTCXATM.DLL *C:\WINDOWS\SYSTEM\DTCCM.DLL *C:\WINDOWS\SYSTEM\XOLEHLP.DLL *C:\WINDOWS\SYSTEM\ADME.DLL *C:\WINDOWS\SYSTEM\DTCUTIL.DLL *C:\WINDOWS\SYSTEM\MTXCLU.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\DTCTRACE.DLL *C:\WINDOWS\SYSTEM\MSVCIRT.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFB2447=C:\WINDOWS\SYSTEM\RPCSS.EXE *C:\WINDOWS\SYSTEM\RASAPI32.DLL *C:\WINDOWS\SYSTEM\SVRAPI.DLL *C:\WINDOWS\SYSTEM\MSNET32.DLL *C:\WINDOWS\SYSTEM\MSPWL32.DLL *C:\WINDOWS\SYSTEM\TAPI32.DLL *C:\WINDOWS\SYSTEM\NETAPI32.DLL *C:\WINDOWS\SYSTEM\NETBIOS.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\SHFOLDER.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\RNR20.DLL *C:\WINDOWS\SYSTEM\MSAFD.DLL *C:\WINDOWS\SYSTEM\RPCLTSCM.DLL *C:\WINDOWS\SYSTEM\WSOCK32.DLL *C:\WINDOWS\SYSTEM\MSWSOCK.DLL *C:\WINDOWS\SYSTEM\WS2_32.DLL *C:\WINDOWS\SYSTEM\WININET.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\CRYPT32.DLL *C:\WINDOWS\SYSTEM\MSOSS.DLL *C:\WINDOWS\SYSTEM\WS2HELP.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\DIGEST.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\MSNSSPC.DLL *C:\WINDOWS\SYSTEM\MSAPSSPC.DLL *C:\WINDOWS\SYSTEM\MSVCRT40.DLL *C:\WINDOWS\SYSTEM\MSVCIRT.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\SECUR32.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\MSVCRT20.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFB9C83=C:\WINDOWS\EXPLORER.EXE *C:\PROGRAM FILES\WINZIP\WZSHLSTB.DLL *C:\WINDOWS\SYSTEM\WEBVW.DLL *C:\WINDOWS\SYSTEM\PLUGIN.OCX *C:\WINDOWS\SYSTEM\ACTXPRXY.DLL *C:\WINDOWS\SYSTEM\MSHTMLED.DLL *C:\WINDOWS\SYSTEM\DDRAWEX.DLL *C:\WINDOWS\SYSTEM\DDRAW.DLL *C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH.OCX *C:\WINDOWS\SYSTEM\WINMM.DLL *C:\WINDOWS\SYSTEM\VBSCRIPT.DLL *C:\WINDOWS\SYSTEM\IMGUTIL.DLL *C:\WINDOWS\SYSTEM\IEPEERS.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\JSCRIPT.DLL *C:\WINDOWS\SYSTEM\RNR20.DLL *C:\WINDOWS\SYSTEM\RASAPI32.DLL *C:\WINDOWS\SYSTEM\SECUR32.DLL *C:\WINDOWS\SYSTEM\MSVCRT20.DLL *C:\WINDOWS\SYSTEM\SVRAPI.DLL *C:\WINDOWS\SYSTEM\MSNET32.DLL *C:\WINDOWS\SYSTEM\MSPWL32.DLL *C:\WINDOWS\SYSTEM\TAPI32.DLL *C:\WINDOWS\SYSTEM\NETAPI32.DLL *C:\WINDOWS\SYSTEM\NETBIOS.DLL *C:\WINDOWS\SYSTEM\MSAFD.DLL *C:\WINDOWS\SYSTEM\MSLS31.DLL *C:\WINDOWS\SYSTEM\MLANG.DLL *C:\WINDOWS\SYSTEM\SHDOCLC.DLL *C:\WINDOWS\SYSTEM\MSHTML.DLL *C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\SDHELPER.DLL *C:\PROGRAM FILES\COMMON FILES\REAL\TOOLBAR\REALBAR.DLL *C:\WINDOWS\SYSTEM\OLEPRO32.DLL *C:\WINDOWS\SYSTEM\WSOCK32.DLL *C:\WINDOWS\SYSTEM\MSWSOCK.DLL *C:\WINDOWS\SYSTEM\WS2_32.DLL *C:\WINDOWS\SYSTEM\WS2HELP.DLL *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\IMM32.DLL *C:\WINDOWS\SYSTEM\BROWSELC.DLL *C:\WINDOWS\SYSTEM\URLMON.DLL *C:\WINDOWS\SYSTEM\SHFOLDER.DLL *C:\WINDOWS\SYSTEM\WININET.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\CRYPT32.DLL *C:\WINDOWS\SYSTEM\MSOSS.DLL *C:\WINDOWS\SYSTEM\LINKINFO.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\CFGMGR32.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\MSI.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\MYDOCS.DLL *C:\WINDOWS\SYSTEM\SHD401LC.DLL *C:\WINDOWS\SYSTEM\BROWSEUI.DLL *C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRHK.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\APITRAP.DLL *C:\WINDOWS\SYSTEM\SHDOC401.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\SHDOCVW.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFA3753=C:\WINDOWS\TASKMON.EXE *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFA3633=C:\WINDOWS\SYSTEM\SYSTRAY.EXE *C:\WINDOWS\SYSTEM\USBUI.DLL *C:\WINDOWS\SYSTEM\WMI.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\BATMETER.DLL *C:\WINDOWS\SYSTEM\POWRPROF.DLL *C:\WINDOWS\SYSTEM\SETUPAPI.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\CFGMGR32.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\LZ32.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\WINMM.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFAE0FF=C:\WINDOWS\SYSTEM\IGFXTRAY.EXE *C:\WINDOWS\SYSTEM\IGFXRES.DLL *C:\WINDOWS\SYSTEM\IGFXSRVC.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\IGFXDEV.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\HCCUTILS.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFA99E3=C:\WINDOWS\SYSTEM\HKCMD.EXE *C:\WINDOWS\SYSTEM\IGFXRES.DLL *C:\WINDOWS\SYSTEM\IGFXHK.DLL *C:\WINDOWS\SYSTEM\IGFXSRVC.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\IGFXDEV.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\HCCUTILS.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF97E47=C:\WINDOWS\SYSTEM\SBMX.EXE *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF96C3F=C:\WINDOWS\SYSTEM\STIMON.EXE *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\WINMM.DLL *C:\WINDOWS\SYSTEM\STI.DLL *C:\WINDOWS\SYSTEM\SETUPAPI.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\CFGMGR32.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\LZ32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF94EBF=C:\WINDOWS\ESSSPK.EXE *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\WINMM.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFAE5FF=C:\WINDOWS\LOADQM.EXE *C:\WINDOWS\SYSTEM\IPHLPAPI.DLL *C:\WINDOWS\SYSTEM\MSAFD.DLL *C:\WINDOWS\SYSTEM\IPCFGDLL.DLL *C:\WINDOWS\SYSTEM\DHCPCSVC.DLL *C:\WINDOWS\SYSTEM\ICMP.DLL *C:\WINDOWS\SYSTEM\RASAPI32.DLL *C:\WINDOWS\SYSTEM\WSOCK32.DLL *C:\WINDOWS\SYSTEM\MSWSOCK.DLL *C:\WINDOWS\SYSTEM\SECUR32.DLL *C:\WINDOWS\SYSTEM\MSVCRT20.DLL *C:\WINDOWS\SYSTEM\SVRAPI.DLL *C:\WINDOWS\SYSTEM\MSNET32.DLL *C:\WINDOWS\SYSTEM\MSPWL32.DLL *C:\WINDOWS\SYSTEM\TAPI32.DLL *C:\WINDOWS\SYSTEM\NETAPI32.DLL *C:\WINDOWS\SYSTEM\NETBIOS.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\SHFOLDER.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\WS2_32.DLL *C:\WINDOWS\SYSTEM\WS2HELP.DLL *C:\WINDOWS\SYSTEM\PROGDL.DLL *C:\WINDOWS\SYSTEM\WININET.DLL *C:\WINDOWS\SYSTEM\CRYPT32.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\MSOSS.DLL *C:\WINDOWS\SYSTEM\QMGR.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFA5FC7=C:\PROGRAM FILES\LOGITECH\VIDEO\LOGITRAY.EXE *C:\PROGRAM FILES\LOGITECH\VIDEO\FXSVRPS.DLL *C:\WINDOWS\SYSTEM\LVCOMCX.DLL *C:\WINDOWS\SYSTEM\LVMAENUM.DLL *C:\WINDOWS\SYSTEM\SETUPAPI.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\LZ32.DLL *C:\WINDOWS\SYSTEM\CFGMGR32.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LFPCX12N.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LFBMP12N.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LFTIF12N.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LFCMP12N.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LFFAX12N.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LTEFX12N.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LTIMG12N.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LTDIS12N.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LLOGTRAY.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LTFIL12N.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LTKRN12N.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\QCUI2.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LQCUI2.DLL *C:\WINDOWS\SYSTEM\MSVCP71.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\MFC71.DLL *C:\WINDOWS\SYSTEM\MFC71ENU.DLL *C:\WINDOWS\SYSTEM\MSVCR71.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LTWVC12N.DLL *C:\WINDOWS\SYSTEM\MSIMG32.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\AVIFIL32.DLL *C:\WINDOWS\SYSTEM\MSACM32.DLL *C:\WINDOWS\SYSTEM\MSVFW32.DLL *C:\WINDOWS\SYSTEM\WOW32.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\DCIMAN32.DLL *C:\WINDOWS\SYSTEM\WINMM.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\CRTDLL.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF99C8B=C:\WINDOWS\SYSTEM\PWSTRAY.EXE *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\ADMWPROX.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF949BF=C:\WINDOWS\SYSTEM\QTTASK.EXE *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMESTREAMINGEXT RAS.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMESTREAMINGAUT HORING.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMESTREAMING.QTX *C:\WINDOWS\SYSTEM\WSOCK32.DLL *C:\WINDOWS\SYSTEM\MSWSOCK.DLL *C:\WINDOWS\SYSTEM\WS2_32.DLL *C:\WINDOWS\SYSTEM\WS2HELP.DLL *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMEMUSIC.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMEMPEG4AUTHORI NG.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMEMPEG4.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMEMPEG.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMEINTERNETEXTR AS.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMEIMAGE.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMEESSENTIALS.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMEEFFECTS.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMECAPTURE.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMEAUTHORING.QTX *C:\WINDOWS\SYSTEM\DDRAW.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\WININET.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\CRYPT32.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\MSOSS.DLL *C:\WINDOWS\SYSTEM\QUICKTIME.QTS *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\WINMM.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFA5C9B=C:\WINDOWS\SYSTEM\LVCOMSX.EXE *C:\WINDOWS\SYSTEM\LVCOMCX.DLL *C:\WINDOWS\SYSTEM\LVMAENUM.DLL *C:\WINDOWS\SYSTEM\MSVCP71.DLL *C:\WINDOWS\SYSTEM\MSVCR71.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\SETUPAPI.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\LZ32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\CFGMGR32.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\WINMM.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF92E67=C:\PROGRAM FILES\WINAMP\WINAMPA.EXE *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF87A1B=C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\NAVAPW32.EXE *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\N32USERL.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\APWCMD.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\APWUTIL.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF83E23=C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\POPROXY.EXE *C:\WINDOWS\SYSTEM\MSAFD.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\EMAILCFG.DLL *C:\WINDOWS\SYSTEM\NETAPI32.DLL *C:\WINDOWS\SYSTEM\NETBIOS.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\WSOCK32.DLL *C:\WINDOWS\SYSTEM\MSWSOCK.DLL *C:\WINDOWS\SYSTEM\WS2_32.DLL *C:\WINDOWS\SYSTEM\WININET.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\CRYPT32.DLL *C:\WINDOWS\SYSTEM\MSOSS.DLL *C:\WINDOWS\SYSTEM\WS2HELP.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\EMAILRES.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\LITESCAN.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2RTF.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2UUE.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2GZIP.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\SYMGZIP.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2TAR.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2TNEF.DLL *C:\WINDOWS\SYSTEM\MFC42.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\NAVLWAPI.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2SS.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2CAB.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2AMG.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\SYMAMG32.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2ZIP.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2MIME.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2LZ.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2LHA.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\SYMLHA.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2ID.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2ARJ.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2.DLL *C:\WINDOWS\SYSTEM\MSVCP60.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\N32EXCLU.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\N32XUTIL.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\N32PDLL.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\S32ALOGO.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\V32SCAN.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\N32CALL.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\N32INOC.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\S32NAVO.DLL *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF8DA33=C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF6062F=C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOTDD01.EXE *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQCXM08.DLL *C:\WINDOWS\SYSTEM\MSVCP60.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPODVD08.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\SETUPAPI.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\LZ32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\CFGMGR32.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF57FDF=C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF50F2F=C:\WINDOWS\SYSTEM\WMIEXE.EXE *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\WMICORE.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF5D97B=C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOMAU08.EXE *C:\WINDOWS\SYSTEM\HPZIPR12.DLL *C:\WINDOWS\SYSTEM\HPZIDR12.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPODIO08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOSCN08.RSC *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOSCN08.DLL *C:\WINDOWS\SYSTEM\STI.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQCOB08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOCXI08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPODVB08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQCXM08.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\MSVCP60.DLL *C:\WINDOWS\SYSTEM\SETUPAPI.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\LZ32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\CFGMGR32.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\WSOCK32.DLL *C:\WINDOWS\SYSTEM\MSWSOCK.DLL *C:\WINDOWS\SYSTEM\WS2_32.DLL *C:\WINDOWS\SYSTEM\WININET.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\CRYPT32.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\MSOSS.DLL *C:\WINDOWS\SYSTEM\WS2HELP.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF587EB=C:\PROGRAM FILES\WINDOWS MEDIA COMPONENTS\ENCODER\WMENCAGT.EXE *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF41C8B=C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE *C:\WINDOWS\SYSTEM\RICHED32.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\MSVCIRT.DLL *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\APITRAP.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\DDAO35.DLL *C:\WINDOWS\SYSTEM\MFC42.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF688CF=C:\WINDOWS\SYSTEM\SPOOL32.EXE *C:\WINDOWS\SYSTEM\MSPP32.DLL *C:\WINDOWS\SYSTEM\MSNET32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\HPZS9X07.DLL *C:\WINDOWS\SYSTEM\USBMON.DLL *C:\WINDOWS\SYSTEM\MSVCRT40.DLL *C:\WINDOWS\SYSTEM\MSVCIRT.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\SPOOLSS.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF6F2C7=C:\Program Files\Norton SystemWorks\Norton CleanSweep\Monwow.exe *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\APITRAP.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF3F1E3=C:\PROGRAM FILES\YAHOO!\MESSENGER\YMSGR_TRAY.EXE *C:\PROGRAM FILES\YAHOO!\MESSENGER\RES_MSGR.DLL *C:\WINDOWS\SYSTEM\MSXML3.DLL *C:\WINDOWS\SYSTEM\MSIMG32.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\PROGRAM FILES\YAHOO!\SHARED\YBSKIN2.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\FVI.CPE *C:\PROGRAM FILES\YAHOO!\MESSENGER\MSVCP71.DLL *C:\PROGRAM FILES\YAHOO!\MESSENGER\MSVCR71.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF56B9F=C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOEVM08.EXE *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQIPS08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQCOB08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOCXI08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQCXM08.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\MSVCP60.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF21DC3=C:\PROGRAM FILES\LOGITECH\VIDEO\FXSVR2.EXE *C:\PROGRAM FILES\LOGITECH\VIDEO\FXSVRPS.DLL *C:\WINDOWS\SYSTEM\LVCOMCX.DLL *C:\WINDOWS\SYSTEM\LVMAENUM.DLL *C:\WINDOWS\SYSTEM\SETUPAPI.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\LZ32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\CFGMGR32.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\TWAIN_32\LOGIVID\HVIDSP2.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\MSVCP71.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\MFC71.DLL *C:\WINDOWS\SYSTEM\MFC71ENU.DLL *C:\WINDOWS\SYSTEM\MSVCR71.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF3384F=C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOSTS08.EXE *C:\WINDOWS\SYSTEM\HPZIDR12.DLL *C:\WINDOWS\SYSTEM\SETUPAPI.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\CFGMGR32.DLL *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\LZ32.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\HPZIPR12.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPODIO08.DLL *C:\WINDOWS\SYSTEM\WSOCK32.DLL *C:\WINDOWS\SYSTEM\MSWSOCK.DLL *C:\WINDOWS\SYSTEM\WS2_32.DLL *C:\WINDOWS\SYSTEM\WININET.DLL *C:\WINDOWS\SYSTEM\CRYPT32.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\MSOSS.DLL *C:\WINDOWS\SYSTEM\WS2HELP.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQCOB08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOCXI08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQCXM08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOSTS08.RSC *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQTAP08.DLL *C:\WINDOWS\SYSTEM\MSVCP60.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MFC42.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF23107=C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOFXM08.EXE *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQIPS08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQCOB08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOCXI08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQCXM08.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOFXM08.RSC *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\MSVCP60.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF6CC87=C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\SHDOCVW.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF1CDF7=C:\WINDOWS\SYSTEM\PSTORES.EXE *C:\WINDOWS\SYSTEM\PSBASE.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\PSTORERC.DLL *C:\WINDOWS\SYSTEM\SOFTPUB.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\WINTRUST.DLL *C:\WINDOWS\SYSTEM\CRYPT32.DLL *C:\WINDOWS\SYSTEM\MSOSS.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\IMAGEHLP.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF1260F=C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\SHDOCVW.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF29F43=C:\MY DOCUMENTS\KHRISSIE\STARTDRECK\STARTDRECK.EXE *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\FVI.CPE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\MY DOCUMENTS\KHRISSIE\STARTDRECK\VB4DE32.DLL *C:\MY DOCUMENTS\KHRISSIE\STARTDRECK\VB40032.DLL *C:\WINDOWS\SYSTEM\OLEPRO32.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\MSVCRT20.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL »VMM32Files (LM) *vdd.vxd= *vflatd.vxd= *vshare.vxd= *vwin32.vxd= *vfbackup.vxd= *vcomm.vxd= *combuff.vxd= *vcd.vxd= *vpd.vxd= *spooler.vxd= *udf.vxd= *vfat.vxd= *vcache.vxd= *vcond.vxd= *vcdfsd.vxd= *int13.vxd= *vxdldr.vxd= *vdef.vxd= *dynapage.vxd= *configmg.vxd= *ntkern.vxd= *ebios.vxd= *vmd.vxd= *dosnet.vxd= *vpicd.vxd= *vtd.vxd= *reboot.vxd= *vdmad.vxd= *vsd.vxd= *v86mmgr.vxd= *pageswap.vxd= *dosmgr.vxd= *vmpoll.vxd= *shell.vxd= *parity.vxd= *biosxlat.vxd= *vmcpd.vxd= *vtdapi.vxd= *perf.vxd= *vkd.vxd= *vmouse.vxd= *mtrr.vxd= *enable.vxd= »%System%\VMM32 *C:\WINDOWS\SYSTEM\VMM32\IFSMGR.VXD *C:\WINDOWS\SYSTEM\VMM32\IOS.VXD *C:\WINDOWS\SYSTEM\VMM32\QEMMFIX.VXD »%System%\IOSUBSYS *C:\WINDOWS\SYSTEM\IoSubSys\BIGMEM.DRV *C:\WINDOWS\SYSTEM\IoSubSys\ESDI_506.PDR *C:\WINDOWS\SYSTEM\IoSubSys\HSFLOP.PDR *C:\WINDOWS\SYSTEM\IoSubSys\RMM.PDR *C:\WINDOWS\SYSTEM\IoSubSys\SCSIPORT.PDR *C:\WINDOWS\SYSTEM\IoSubSys\APIX.VXD *C:\WINDOWS\SYSTEM\IoSubSys\ATAPCHNG.VXD *C:\WINDOWS\SYSTEM\IoSubSys\CDFS.VXD *C:\WINDOWS\SYSTEM\IoSubSys\CDTSD.VXD *C:\WINDOWS\SYSTEM\IoSubSys\CDVSD.VXD *C:\WINDOWS\SYSTEM\IoSubSys\DISKTSD.VXD *C:\WINDOWS\SYSTEM\IoSubSys\DISKVSD.VXD *C:\WINDOWS\SYSTEM\IoSubSys\NECATAPI.VXD *C:\WINDOWS\SYSTEM\IoSubSys\SCSI1HLP.VXD *C:\WINDOWS\SYSTEM\IoSubSys\TORISAN3.VXD *C:\WINDOWS\SYSTEM\IoSubSys\VOLTRACK.VXD *C:\WINDOWS\SYSTEM\IoSubSys\Cdr4vsd.vxd *C:\WINDOWS\SYSTEM\IoSubSys\Cdralvsd.vxd *C:\WINDOWS\SYSTEM\IoSubSys\acbhlpr.vxd *C:\WINDOWS\SYSTEM\IoSubSys\iomega.vxd *C:\WINDOWS\SYSTEM\IoSubSys\pxhelper.vxd *C:\WINDOWS\SYSTEM\IoSubSys\HPZBRX12.PDR *C:\WINDOWS\SYSTEM\IoSubSys\AUDIOFS.VXD *C:\WINDOWS\SYSTEM\IoSubSys\Umas04cb.vxd »Application specific »MS Office 97/8.0 STARTUP-PATH »Current User »Default User »Local Machine »ICQ NetDetect »Current User »Default User Logfile of HijackThis v1.99.1 Scan saved at 1:01:41 PM, on 3/13/05 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\SYSTEM\EUSEXE.EXE C:\WINDOWS\SYSTEM\INETSRV\INETINFO.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINJECT.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\WINDOWS\SYSTEM\MSDTCW.EXE C:\WINDOWS\SYSTEM\RPCSS.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\SYSTEM\IGFXTRAY.EXE C:\WINDOWS\SYSTEM\HKCMD.EXE C:\WINDOWS\SYSTEM\SBMX.EXE C:\WINDOWS\SYSTEM\STIMON.EXE C:\WINDOWS\ESSSPK.EXE C:\WINDOWS\LOADQM.EXE C:\PROGRAM FILES\LOGITECH\VIDEO\LOGITRAY.EXE C:\WINDOWS\SYSTEM\PWSTRAY.EXE C:\WINDOWS\SYSTEM\QTTASK.EXE C:\WINDOWS\SYSTEM\LVCOMSX.EXE C:\PROGRAM FILES\WINAMP\WINAMPA.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\NAVAPW32.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\POPROXY.EXE C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOTDD01.EXE C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOMAU08.EXE C:\PROGRAM FILES\WINDOWS MEDIA COMPONENTS\ENCODER\WMENCAGT.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\Program Files\Norton SystemWorks\Norton CleanSweep\Monwow.exe C:\PROGRAM FILES\YAHOO!\MESSENGER\YMSGR_TRAY.EXE C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOEVM08.EXE C:\PROGRAM FILES\LOGITECH\VIDEO\FXSVR2.EXE C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOSTS08.EXE C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOFXM08.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\WINDOWS\SYSTEM\PSTORES.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\MY DOCUMENTS\KHRISSIE\STARTDRECK\STARTDRECK.EXE C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\REAL\TOOLBAR\REALBAR.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\REAL\TOOLBAR\REALBAR.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\SYSTEM\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\SYSTEM\hkcmd.exe O4 - HKLM\..\Run: [SBMX] C:\WINDOWS\SYSTEM\sbmx.exe O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [RegShave] C:\Progra~1\REGSHAVE\REGSHAVE.EXE /autorun O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [PWSTray] PwsTray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\SYSTEM\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE O4 - HKLM\..\Run: [NAV DefAlert] C:\PROGRA~1\NORTON~1\NORTON~2\DEFALERT.EXE O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NORTON~2\NAVAPW32.EXE /LOADQUIET O4 - HKLM\..\Run: [Norton eMail Protect] C:\Program Files\Norton SystemWorks\Norton AntiVirus\POPROXY.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [ICH Synth] eusexe.exe O4 - HKLM\..\RunServices: [MSDTC] msdtcw -start O4 - HKLM\..\RunServices: [inetinfo.exe] C:\WINDOWS\SYSTEM\inetsrv\inetinfo.exe -e w3svc O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE O4 - HKLM\..\RunServices: [CSINJECT.EXE] C:\Program Files\Norton SystemWorks\Norton CleanSweep\CSINJECT.EXE O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks" O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [ZVolume] C:\Program Files\ZVolume Pro\ZVolume.exe O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - Startup: hp instant support.lnk = C:\Program Files\Hewlett-Packard\hpis\bin\matcli.exe O4 - Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe O4 - Startup: hp officejet 4100 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpomau08.exe O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Startup: Encoder Agent.lnk = C:\Program Files\Windows Media Components\Encoder\WMENCAGT.EXE O4 - Startup: Norton System Doctor.lnk = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsm32.exe O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL O16 - DPF: Yahoo! Chess - [url]http://download.games.yahoo.com/games/clients/y/ct2_x.cab[/url] O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - [url]http://www2.incredimail.com/contents/setup/downloader/imloader.cab[/url] O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - [url]http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll[/url] O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - [url]http://a1540.g.akamai.net/7/1540/52/20031216/qtinstall.info.apple.com/mickey/us/win/QuickTimeInstaller.exe[/url] O16 - DPF: Yahoo! Poker - [url]http://download.games.yahoo.com/games/clients/y/pt3_x.cab[/url] O16 - DPF: Yahoo! Backgammon - [url]http://download.games.yahoo.com/games/clients/y/at0_x.cab[/url] O16 - DPF: Tornado 21 - [url]http://download.games.yahoo.com/games/clients/y/t21t0_x.cab[/url] O16 - DPF: Yahoo! Spades - [url]http://download.games.yahoo.com/games/clients/y/st2_x.cab[/url] O16 - DPF: Yahoo! Pinochle - [url]http://download.games.yahoo.com/games/clients/y/ut2_x.cab[/url] O16 - DPF: Yahoo! MahJong - [url]http://download.games.yahoo.com/games/clients/y/ot0_x.cab[/url] O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - [url]http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab[/url] O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - [url]http://chat.yahoo.com/cab/yvwrctl.cab[/url] O16 - DPF: Yahoo! Pool 2 - [url]http://download.games.yahoo.com/games/clients/y/pote_x.cab[/url] O16 - DPF: {2B36F775-8CF5-4489-B454-2D1B80984CF2} (FXPluginCtl Object) - [url]http://www.powerflasher.de/plugin/powerres.cab[/url] O16 - DPF: Yahoo! MahJong Solitaire - [url]http://download.games.yahoo.com/games/clients/y/mjst4_x.cab[/url] O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - [url]http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab[/url] O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - [url]http://www.pandasoftware.com/activescan/as5/asinst.cab[/url] Posted by: MicroBell Ok..now things get a bit more complicated.. Now download the Win98Fix from [url]http://www.greyknight17.com/spy/Win98Fix.zip[/url] and extract the files to a folder called C:\[b]Win98fix[/b] which you should create. Now open the Win98fix folder you created and double click on the [b]RunFix.reg[/b] file. If it prompts you to merge the information say YES. REBOOT THE PC Now navigate back to C:\Windows and delete that “spawner” file [b]FVI.CPE[/b] **Notes** If you have problems deleting the file it’s best done in DOS mode. (NOT in a DOS Window) Windows 98………Click start…shutdown…..reboot to DOS Windows ME… You will need to make a bootdisk. Go to Add/Remove programs and click on the third tab, "Make a Recovery disc" (something like that). Make a disc and then re-boot with the disc in the A: Drive. At this point, it should come up with the A:\ prompt which you can then turn to C:\ by typing C: and press enter. DOS Deletion commands.. Once there at C:\ type this [b]cd windows[/b] then enter. Your command prompt should look like this now.. [b]C:\Windows[/b] Now type the following [b]del FVI.CPE[/b] then enter If you get an error..try typing this [b]attrib -s -h -r FVI.CPE[/b] *With spaces between the letters* Hit enter Then type[b] del FVI.CPE[/b] again and enter REMOVING that file in the posted fix is [b][color=red][size=3]CRITICAL!![/b][/color][/size] Failure to do this will result in the infection re-spawning in a few reboots or in a day or so. Your after this line in the startdreck log... »RunServicesOnce [color=red]**zr=rundll32 C:\WINDOWS\FVI.CPE,DllGetClassObject[/color] Once that line no longer shows up...it's gone. If it shows in your next log..repeat the removal steps. Make sure you also run the cleanup utility to clean all the TEMP folders. If they have more then one user…do it for each just to be sure. Run AdawareSE, Spybot, and CWShredder is also a must! Posted by: khog11 my computer seems to be working fine now but i just want to make sure.. here's my startdreck and hijackthis thanks for the help, i really appreciated it StartDreck (build 2.1.7 public stable) - 2005-03-13 @ 20:23:31 (GMT -08:00) Platform: Windows 98 SE (Win 4.10.2222 A) Internet Explorer: 6.0.2800.1106 Logged in as at CRIS »Registry »Run Keys »Current User »Run *LDM=\Program\BackWeb-8876480.exe *WEBCAMRT.EXE= *Yahoo! Pager=C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet *ZVolume=C:\Program Files\ZVolume Pro\ZVolume.exe »RunOnce »Default User »Run *LDM=\Program\BackWeb-8876480.exe *WEBCAMRT.EXE= *Yahoo! Pager=C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet *ZVolume=C:\Program Files\ZVolume Pro\ZVolume.exe »RunOnce »Local Machine »Run *ScanRegistry=C:\WINDOWS\scanregw.exe /autorun *TaskMonitor=C:\WINDOWS\taskmon.exe *SystemTray=SysTray.Exe *LoadPowerProfile=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme *IgfxTray=C:\WINDOWS\SYSTEM\igfxtray.exe *HotKeysCmds=C:\WINDOWS\SYSTEM\hkcmd.exe *SBMX=C:\WINDOWS\SYSTEM\sbmx.exe *DXM6Patch_981116=C:\WINDOWS\p_981116.exe /Q:A *StillImageMonitor=C:\WINDOWS\SYSTEM\STIMON.EXE *EssSpkPhone=essspk.exe *LoadQM=loadqm.exe *RegShave=C:\Progra~1\REGSHAVE\REGSHAVE.EXE /autorun *LogitechGalleryRepair=C:\Program Files\Logitech\Video\ISStart.exe *LogitechImageStudioTray=C:\Program Files\Logitech\Video\LogiTray.exe *PWSTray=PwsTray.exe *QuickTime Task="C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime *LVCOMSX=C:\WINDOWS\SYSTEM\LVCOMSX.EXE *LogitechVideoRepair=C:\Program Files\Logitech\Video\ISStart.exe *LogitechVideoTray=C:\Program Files\Logitech\Video\LogiTray.exe *WinampAgent=C:\Program Files\Winamp\winampa.exe *NPROTECT=C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE *NAV DefAlert=C:\PROGRA~1\NORTON~1\NORTON~2\DEFALERT.EXE *Norton Auto-Protect=C:\PROGRA~1\NORTON~1\NORTON~2\NAVAPW32.EXE /LOADQUIET *Norton eMail Protect=C:\Program Files\Norton SystemWorks\Norton AntiVirus\POPROXY.EXE *TkBellExe="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot +OptionalComponents +IMAIL *Installed=1 +MAPI *NoChange=1 *Installed=1 +MAPI *NoChange=1 *Installed=1 »RunOnce »RunServices *LoadPowerProfile=Rundll32.exe powrprof.dll,LoadCurrentPwrScheme *SchedulingAgent=mstask.exe *ICH Synth=eusexe.exe *MSDTC=msdtcw -start *inetinfo.exe=C:\WINDOWS\SYSTEM\inetsrv\inetinfo.exe -e w3svc *NPROTECT=C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE *CSINJECT.EXE=C:\Program Files\Norton SystemWorks\Norton CleanSweep\CSINJECT.EXE *SymTray - Norton SystemWorks=C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks" »RunServicesOnce »RunOnceEx »RunServicesOnceEx »File Associations (CR) +.bat *batfile="%1" %* +.com *comfile="%1" %* +.disabled *SpybotSD.DisabledFile="C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\blindman.exe" "%1" +.exe *exefile="%1" %* +.hta *htafile=C:\WINDOWS\SYSTEM\MSHTA.EXE "%1" %* +.htm *htmlfile="C:\PROGRA~1\INTERN~1\iexplore.exe" -nohome +.html *htmlfile="C:\PROGRA~1\INTERN~1\iexplore.exe" -nohome +.js *JSFile=C:\WINDOWS\WScript.exe "%1" %* +.jse *JSEFile=C:\WINDOWS\WScript.exe "%1" %* +.pif *piffile="%1" %* +.reg *regfile=regedit.exe "%1" +.scr *scrfile="%1" /S +.txt *txtfile=C:\WINDOWS\NOTEPAD.EXE %1 +.vbs *VBSFile=C:\WINDOWS\WScript.exe "%1" %* +.vbe *VBEFile=C:\WINDOWS\WScript.exe "%1" %* +.wsh *WSHFile=C:\WINDOWS\WScript.exe "%1" %* +.wsf *WSFFile=C:\WINDOWS\WScript.exe "%1" %* +.lnk `lnkfile= [key or value does not exist] »Active Setup (LM) +Windows Setup - Applets/AppletsPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection AppletsPerUser 64 C:\WINDOWS\INF\applets.inf +Windows Setup - Fonts/FontsPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection FontsPerUser 64 C:\WINDOWS\INF\fonts.inf +Internet Connection Wizard/{5A8D6EE0-3E18-11D0-821E-444553540000} *StubPath=rundll32.exe advpack.dll,LaunchINFSectionEx C:\WINDOWS\INF\icw.inf,PerUserStub,,36 +PerUser_ICW_Inis *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_ICW_Inis 0 C:\WINDOWS\INF\icw97.inf +Internet Explorer 6 and Internet Tools/{89820200-ECBD-11cf-8B85-00AA005B4383} *StubPath=rundll32.exe advpack.dll,UserInstStubWrapper {89820200-ECBD-11cf-8B85-00AA005B4383} +Windows Desktop Update/{89820200-ECBD-11cf-8B85-00AA005B4395} *StubPath=rundll32.exe advpack.dll,LaunchINFSectionEx C:\WINDOWS\SYSTEM\ie4uinit.inf,Shell.UserStub,,36 +MSN-Migration/>PerUser_MSN_Clean *StubPath=C:\WINDOWS\msnmgsr1.exe +Power Policy Settings/{CA0A4247-44BE-11d1-A005-00805F8ABE06} *StubPath=RunDLL setupx.dll,InstallHinfSection PowerCfg.user 0 powercfg.inf +Windows Setup - System Information/PerUser_Msinfo *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Msinfo 64 C:\WINDOWS\INF\msinfo.inf +Windows Setup - System Information/PerUser_Msinfo2 *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Msinfo2 64 C:\WINDOWS\INF\msinfo.inf +Windows Setup - Multimedia/MotownMmsysPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection MotownMmsysPerUser 64 C:\WINDOWS\INF\motown.inf +Windows Setup - Multimedia/MotownAvivideoPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection MotownAvivideoPerUser 64 C:\WINDOWS\INF\motown.inf +Windows Setup - Multimedia/MotownMPlayPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection MotownMPlayPerUser 64 C:\WINDOWS\INF\mplay98.inf +Windows Setup - Messaging/PerUser_Base *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Base 64 C:\WINDOWS\INF\msmail.inf +Windows Setup - Shell/ShellPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection ShellPerUser 64 C:\WINDOWS\INF\shell.inf +Windows Setup - Color Schemes/Shell2PerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection Shell2PerUser 64 C:\WINDOWS\INF\shell2.inf +Windows Setup - Start Menu/PerUser_winbase_Links *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_winbase_Links 64 C:\WINDOWS\INF\subase.inf +Windows Setup - Start Menu/PerUser_winapps_Links *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_winapps_Links 64 C:\WINDOWS\INF\subase.inf +Windows Setup - Links Bar/PerUser_LinkBar_URLs *StubPath=C:\WINDOWS\COMMAND\sulfnbk.exe /L +Windows Setup - Telephony Support/TapiPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection TapiPerUser 64 C:\WINDOWS\INF\tapi.inf +Web Folders/{73fa19d0-2d75-11d2-995d-00c04f98bbc9} *StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\webfdr16.inf,PerUserStub.Install,1 +Windows Setup - More Applets/PerUserOldLinks *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUserOldLinks 64 C:\WINDOWS\INF\appletpp.inf +Windows Setup - Sound Schemes/MmoptRegisterPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection MmoptRegisterPerUser 64 C:\WINDOWS\INF\mmopt.inf +Windows Setup - Online Services/OlsPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection OlsPerUser 64 C:\WINDOWS\INF\ols.inf +Windows Setup - The Microsoft Network/OlsMsnPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection OlsMsnPerUser 64 C:\WINDOWS\INF\ols.inf +Windows Setup - Paint/PerUser_Paint_Inis *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Paint_Inis 64 C:\WINDOWS\INF\applets.inf +Windows Setup - Calculator/PerUser_Calc_Inis *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Calc_Inis 64 C:\WINDOWS\INF\applets.inf +Windows Setup - FAT32 Converter/PerUser_CVT_Inis *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_CVT_Inis 64 C:\WINDOWS\INF\applets1.inf +Windows Setup - Multimedia/MotownRecPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection MotownRecPerUser 64 C:\WINDOWS\INF\motown.inf +Windows Setup - Volume Control/PerUser_Vol *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Vol 64 C:\WINDOWS\INF\motown.inf +Windows Setup - Wordpad/PerUser_MSWordPad_Inis *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_MSWordPad_Inis 64 C:\WINDOWS\INF\wordpad.inf +Windows Setup - Dial-Up Networking/PerUser_RNA_Inis *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_RNA_Inis 64 C:\WINDOWS\INF\rna.inf +Windows Setup - Phone Dialer/PerUser_Dialer_Inis *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Dialer_Inis 64 C:\WINDOWS\INF\appletpp.inf +Windows Setup - CD Player/PerUser_CDPlayer_Inis *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_CDPlayer_Inis 64 C:\WINDOWS\INF\mmopt.inf +NetMeeting 3.0/{44BBA842-CC51-11CF-AAFA-00AA00B6015C} *StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.W95 +Microsoft Outlook Express 6/{44BBA840-CC51-11CF-AAFA-00AA00B6015C} *StubPath=rundll32.exe advpack.dll,UserInstStubWrapper {44BBA840-CC51-11CF-AAFA-00AA00B6015C} +Address Book 6/{7790769C-0471-11d2-AF11-00C04FA35D02} *StubPath=rundll32.exe advpack.dll,UserInstStubWrapper {7790769C-0471-11d2-AF11-00C04FA35D02} +Windows Setup - America Online/OlsAolPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection OlsAolPerUser 64 C:\WINDOWS\INF\ols.inf +Windows Setup - AT&T WorldNet Service/OlsAttPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection OlsAttPerUser 64 C:\WINDOWS\INF\ols.inf +Windows Setup - CompuServe/OlsCompuservePerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection OlsCompuservePerUser 64 C:\WINDOWS\INF\ols.inf +Windows Setup - Prodigy Internet/OlsProdigyPerUser *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection OlsProdigyPerUser 64 C:\WINDOWS\INF\ols.inf +Microsoft Windows Media Player/{6BF52A52-394A-11d3-B153-00C04F79FAA6} *StubPath=rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub +>{B365CC97-3089-4CC0-8B3E-487DAB755232}C98132 *StubPath=RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP +Windows Setup - Direct Cable Connection/PerUser_DCC_Inis *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_DCC_Inis 64 C:\WINDOWS\INF\rna.inf +Windows Setup - HyperTerminal/PerUser_Onlinelnks_Inis *StubPath=rundll.exe C:\WINDOWS\SYSTEM\setupx.dll,InstallHinfSection PerUser_Onlinelnks_Inis 64 C:\WINDOWS\INF\appletpp.inf +CRLUpdate/{9EF0045A-CDD9-438e-95E6-02B9AFEC8E11} *StubPath=C:\WINDOWS\SYSTEM\updcrl.exe -e -u C:\WINDOWS\SYSTEM\verisignpub1.crl +Microsoft Web Publishing Wizard 1.6/{44BBA851-CC51-11CF-AAFA-00AA00B6015C} *StubPath=rundll32.exeadvpack.dll +Browser Customizations/>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS *StubPath=RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP +>{22d6f312-b0f6-11d0-94ab-0080c74c7e95} *StubPath=C:\WINDOWS\inf\unregmp2.exe /ShowWMP »Browser Helper Objects (LM) *REALBAR.REALBAR/{4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} `InprocServer32=C:\PROGRA~1\COMMON~1\REAL\TOOLBAR\ REALBAR.DLL *{53707962-6F74-2D53-2644-206D7942484F} `InprocServer32=C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL »Internet Explorer »Current User *Default_Search_URL=http://www.google.com/search?q=%s *Local Page=c:\windows\system\blank.htm *Search Bar=res://C:\WINDOWS\TEMP\se.dll/sp.html *Search Page=about:blank *Start Page=http://www.mytelus.com/ *CustomizeSearch=http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchcust.htm *SearchAssistant=about:blank +SearchUrl *Provider=yaho *=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch »Default User *Default_Search_URL=http://www.google.com/search?q=%s *Local Page=c:\windows\system\blank.htm *Search Bar=res://C:\WINDOWS\TEMP\se.dll/sp.html *Search Page=about:blank *Start Page=http://www.mytelus.com/ *CustomizeSearch=http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchcust.htm *SearchAssistant=about:blank +SearchUrl *Provider=yaho *=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch »Local Machine *Default_Page_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome *Default_Search_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch *Local Page=c:\windows\system\blank.htm *Search Bar=res://C:\WINDOWS\TEMP\se.dll/sp.html *Search Page=about:blank *Start Page=about:blank *CustomizeSearch=http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchcust.htm *SearchAssistant=about:blank +SearchUrl »ShellServiceObjectDelayLoad (LM) *WebCheck={E6FB5E20-DE35-11CF-9C87-00AA005127ED} `InprocServer32=%SystemRoot%\System32\webcheck.dll »Special NT Values »Current User *Load= *Run= *Programs= *SHELL= »Default User *Load= *Run= *Programs= *SHELL= »Local Machine *AppInit_DLLs=APITRAP.DLL *SHELL= *Userinit= »Files »Autostart Folders »Current User *C:\WINDOWS\Start Menu\Programs\StartUp\Microsoft Office.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\hpoddt01.exe.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\hp instant support.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\Exif Launcher.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\hp officejet 4100 series.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\Logitech Desktop Messenger.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\Encoder Agent.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\Norton System Doctor.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\CleanSweep Smart Sweep-Internet Sweep.lnk »Default User *C:\WINDOWS\Start Menu\Programs\StartUp\Microsoft Office.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\hpoddt01.exe.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\hp instant support.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\Exif Launcher.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\hp officejet 4100 series.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\Logitech Desktop Messenger.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\Encoder Agent.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\Norton System Doctor.lnk *C:\WINDOWS\Start Menu\Programs\StartUp\CleanSweep Smart Sweep-Internet Sweep.lnk »Local Machine »INI-Files »WIN.INI\[windows] *LOAD= *RUN= »SYSTEM.INI\[boot] *SHELL=Explorer.exe »Text Files *C:\msdos.sys `[Paths] `WinDir=C:\WINDOWS `WinBootDir=C:\WINDOWS `HostWinBootDrv=C `[Options] `BootMulti=1 `BootGUI=1 `DoubleBuffer=1 `AutoScan=1 `WinVer=4.10.2222 `; `;The following lines are required for compatibility with other programs. `;Do not remove them (MSDOS.SYS needs to be >1024 bytes). `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxa `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxb `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxc `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxd `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxe `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxf `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxg `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxh `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxi `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxj `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxk `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxl `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxm `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxn `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxo `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxp `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxq `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxr `;xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxs `Network=0 *C:\config.sys *C:\autoexec.bat `PATH C:\PROGRA~1\WIN98RK `PATH=%PATH%;"C:\Program Files\Mts" *C:\WINDOWS\wininit.bak `[Rename] `C:\PROGRA~1\WINDOW~1\WMPLAYER.EXE=C:\PROGRA~1\WINDOW~1\SETB5.TMP `C:\WINDOWS\SYSTEM\WMPLOC.DLL=C:\WINDOWS\SYSTEM\SETB4.TMP `C:\WINDOWS\SYSTEM\WMPCORE.DLL=C:\WINDOWS\SYSTEM\SETB3.TMP `C:\WINDOWS\SYSTEM\WMPCD.DLL=C:\WINDOWS\SYSTEM\SETB2.TMP `C:\WINDOWS\SYSTEM\WMP.OCX=C:\WINDOWS\SYSTEM\SETB1.TMP `C:\WINDOWS\SYSTEM\WMPUI.DLL=C:\WINDOWS\SYSTEM\SETB0.TMP `NUL=C:\WINDOWS\SYSTEM\WMPCD.DLL `NUL=C:\WINDOWS\SYSTEM\WMP.OCX `NUL=C:\WINDOWS\SYSTEM\WMPUI.DLL `NUL=C:\WINDOWS\SYSTEM\WMPCORE.DLL *C:\WINDOWS\hosts `127.0.0.1 localhost `127.0.0.1 pop3.norton.antivirus # Added by Norton AntiVirus for e-Mail scanning `127.0.0.1 pop3.spa.norton.antivirus # Added by Norton AntiVirus for e-Mail scanning »Program Files *C:\io.sys *C:\WINDOWS\win.com *C:\WINDOWS\explorer.exe »%PATH% Companion Files +C:\COMMAND.COM *C:\WINDOWS\COMMAND.COM +C:\o.bat *C:\WINDOWS\o.bat +C:\WINDOWS\SYSTEM\HH.EXE *C:\WINDOWS\hh.exe +C:\WINDOWS\iextract.exe *C:\WINDOWS\COMMAND\IEXTRACT.EXE +C:\WINDOWS\extract.exe *C:\WINDOWS\COMMAND\EXTRACT.EXE »System/Drivers »Running Processes +FF0F4F0B=C:\WINDOWS\SYSTEM\KERNEL32.DLL *C:\WINDOWS\SYSTEM\I81X329X.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL +FFFF95D3=C:\WINDOWS\SYSTEM\MSGSRV32.EXE *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFF8B23=C:\WINDOWS\SYSTEM\MPREXE.EXE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\MSNP32.DLL *C:\WINDOWS\SYSTEM\MSNET32.DLL *C:\WINDOWS\SYSTEM\RNANP.DLL *C:\WINDOWS\SYSTEM\MPRSERV.DLL *C:\WINDOWS\SYSTEM\MSPWL32.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFFF253=C:\WINDOWS\SYSTEM\mmtask.tsk *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFE1527=C:\WINDOWS\SYSTEM\MSTASK.EXE *C:\WINDOWS\SYSTEM\MSIDLE.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFE0E47=C:\WINDOWS\SYSTEM\EUSEXE.EXE *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\EUSLIB.DLL *C:\WINDOWS\SYSTEM\DSOUND.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\WINMM.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFEBA5B=C:\WINDOWS\SYSTEM\INETSRV\INETINFO.EXE *C:\WINDOWS\SYSTEM\INETSRV\PWSDATA.DLL *C:\WINDOWS\SYSTEM\INETSRV\ISCOMLOG.DLL *C:\WINDOWS\SYSTEM\MSAFD.DLL *C:\WINDOWS\SYSTEM\WSOCK32.DLL *C:\WINDOWS\SYSTEM\MSWSOCK.DLL *C:\WINDOWS\SYSTEM\INETSRV\LONSIW95.DLL *C:\WINDOWS\SYSTEM\INETSRV\W3SVC.DLL *C:\WINDOWS\SYSTEM\INETSRV\INFOCOMM.DLL *C:\WINDOWS\SYSTEM\INETSRV\IISFECNV.DLL *C:\WINDOWS\SYSTEM\INETSRV\ISATQ.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\WS2_32.DLL *C:\WINDOWS\SYSTEM\WININET.DLL *C:\WINDOWS\SYSTEM\CRYPT32.DLL *C:\WINDOWS\SYSTEM\MSOSS.DLL *C:\WINDOWS\SYSTEM\WS2HELP.DLL *C:\WINDOWS\SYSTEM\INETSRV\WAMREG.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\MFC42.DLL *C:\WINDOWS\SYSTEM\INETSRV\SVCEXT.DLL *C:\WINDOWS\SYSTEM\INETSRV\METADATA.DLL *C:\WINDOWS\SYSTEM\NETAPI32.DLL *C:\WINDOWS\SYSTEM\NETBIOS.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\INETSRV\IISADMIN.DLL *C:\WINDOWS\SYSTEM\INETSRV\COADMIN.DLL *C:\WINDOWS\SYSTEM\ADMWPROX.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFEAE7F=C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\TKKE32L.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\S32KRNLL.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFE97B3=C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINJECT.EXE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFE8583=C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRHK.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFEC5B7=C:\WINDOWS\SYSTEM\DDHELP.EXE *C:\WINDOWS\SYSTEM\I81XDD.DLL *C:\WINDOWS\SYSTEM\DDRAW.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\DSOUND.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\WINMM.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFC1BAF=C:\WINDOWS\SYSTEM\MSDTCW.EXE *C:\WINDOWS\SYSTEM\RPCLTCCM.DLL *C:\WINDOWS\SYSTEM\RSVPSP.DLL *C:\WINDOWS\SYSTEM\RAPILIB.DLL *C:\WINDOWS\SYSTEM\MSWSOSP.DLL *C:\WINDOWS\SYSTEM\RASAPI32.DLL *C:\WINDOWS\SYSTEM\SECUR32.DLL *C:\WINDOWS\SYSTEM\MSVCRT20.DLL *C:\WINDOWS\SYSTEM\SVRAPI.DLL *C:\WINDOWS\SYSTEM\MSNET32.DLL *C:\WINDOWS\SYSTEM\MSPWL32.DLL *C:\WINDOWS\SYSTEM\TAPI32.DLL *C:\WINDOWS\SYSTEM\NETAPI32.DLL *C:\WINDOWS\SYSTEM\NETBIOS.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\SHFOLDER.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\RNR20.DLL *C:\WINDOWS\SYSTEM\MSAFD.DLL *C:\WINDOWS\SYSTEM\RPCLTSCM.DLL *C:\WINDOWS\SYSTEM\WSOCK32.DLL *C:\WINDOWS\SYSTEM\MSWSOCK.DLL *C:\WINDOWS\SYSTEM\WS2_32.DLL *C:\WINDOWS\SYSTEM\WININET.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\CRYPT32.DLL *C:\WINDOWS\SYSTEM\MSOSS.DLL *C:\WINDOWS\SYSTEM\WS2HELP.DLL *C:\WINDOWS\SYSTEM\ENUDTC.DLL *C:\WINDOWS\SYSTEM\MTXOCI.DLL *C:\WINDOWS\SYSTEM\MTXDM.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\MSDTC.DLL *C:\WINDOWS\SYSTEM\MSDTCTM.DLL *C:\WINDOWS\SYSTEM\LOGMGR.DLL *C:\WINDOWS\SYSTEM\DTCUIS.DLL *C:\WINDOWS\SYSTEM\DTCXATM.DLL *C:\WINDOWS\SYSTEM\DTCCM.DLL *C:\WINDOWS\SYSTEM\XOLEHLP.DLL *C:\WINDOWS\SYSTEM\ADME.DLL *C:\WINDOWS\SYSTEM\DTCUTIL.DLL *C:\WINDOWS\SYSTEM\MTXCLU.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\DTCTRACE.DLL *C:\WINDOWS\SYSTEM\MSVCIRT.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFDEDE3=C:\WINDOWS\SYSTEM\RPCSS.EXE *C:\WINDOWS\SYSTEM\RASAPI32.DLL *C:\WINDOWS\SYSTEM\SVRAPI.DLL *C:\WINDOWS\SYSTEM\MSNET32.DLL *C:\WINDOWS\SYSTEM\MSPWL32.DLL *C:\WINDOWS\SYSTEM\TAPI32.DLL *C:\WINDOWS\SYSTEM\NETAPI32.DLL *C:\WINDOWS\SYSTEM\NETBIOS.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\SHFOLDER.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\RNR20.DLL *C:\WINDOWS\SYSTEM\MSAFD.DLL *C:\WINDOWS\SYSTEM\RPCLTSCM.DLL *C:\WINDOWS\SYSTEM\WSOCK32.DLL *C:\WINDOWS\SYSTEM\MSWSOCK.DLL *C:\WINDOWS\SYSTEM\WS2_32.DLL *C:\WINDOWS\SYSTEM\WININET.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\CRYPT32.DLL *C:\WINDOWS\SYSTEM\MSOSS.DLL *C:\WINDOWS\SYSTEM\WS2HELP.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\DIGEST.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\MSNSSPC.DLL *C:\WINDOWS\SYSTEM\MSAPSSPC.DLL *C:\WINDOWS\SYSTEM\MSVCRT40.DLL *C:\WINDOWS\SYSTEM\MSVCIRT.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\SECUR32.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\MSVCRT20.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFB81C3=C:\WINDOWS\EXPLORER.EXE *C:\WINDOWS\SYSTEM\WEBVW.DLL *C:\WINDOWS\SYSTEM\MSHTMLED.DLL *C:\WINDOWS\SYSTEM\DDRAWEX.DLL *C:\WINDOWS\SYSTEM\DDRAW.DLL *C:\WINDOWS\SYSTEM\MACROMED\FLASH\FLASH.OCX *C:\WINDOWS\SYSTEM\WINMM.DLL *C:\WINDOWS\SYSTEM\VBSCRIPT.DLL *C:\WINDOWS\SYSTEM\IMGUTIL.DLL *C:\WINDOWS\SYSTEM\IEPEERS.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\MSLS31.DLL *C:\WINDOWS\SYSTEM\JSCRIPT.DLL *C:\WINDOWS\SYSTEM\MSHTML.DLL *C:\WINDOWS\SYSTEM\RNR20.DLL *C:\WINDOWS\SYSTEM\RASAPI32.DLL *C:\WINDOWS\SYSTEM\SECUR32.DLL *C:\WINDOWS\SYSTEM\MSVCRT20.DLL *C:\WINDOWS\SYSTEM\SVRAPI.DLL *C:\WINDOWS\SYSTEM\MSNET32.DLL *C:\WINDOWS\SYSTEM\MSPWL32.DLL *C:\WINDOWS\SYSTEM\TAPI32.DLL *C:\WINDOWS\SYSTEM\NETAPI32.DLL *C:\WINDOWS\SYSTEM\NETBIOS.DLL *C:\WINDOWS\SYSTEM\MSAFD.DLL *C:\WINDOWS\SYSTEM\MLANG.DLL *C:\WINDOWS\SYSTEM\SHDOCLC.DLL *C:\PROGRAM FILES\SPYBOT - SEARCH & DESTROY\SDHELPER.DLL *C:\PROGRAM FILES\COMMON FILES\REAL\TOOLBAR\REALBAR.DLL *C:\WINDOWS\SYSTEM\OLEPRO32.DLL *C:\WINDOWS\SYSTEM\WSOCK32.DLL *C:\WINDOWS\SYSTEM\MSWSOCK.DLL *C:\WINDOWS\SYSTEM\WS2_32.DLL *C:\WINDOWS\SYSTEM\WS2HELP.DLL *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\IMM32.DLL *C:\WINDOWS\SYSTEM\BROWSELC.DLL *C:\PROGRAM FILES\WINZIP\WZSHLSTB.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\WFSHELEX.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\NAVSHELL.DLL *C:\WINDOWS\SYSTEM\URLMON.DLL *C:\WINDOWS\SYSTEM\SHFOLDER.DLL *C:\WINDOWS\SYSTEM\WININET.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\CRYPT32.DLL *C:\WINDOWS\SYSTEM\MSOSS.DLL *C:\WINDOWS\SYSTEM\CFGMGR32.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\LINKINFO.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\MSI.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\MYDOCS.DLL *C:\WINDOWS\SYSTEM\SHD401LC.DLL *C:\WINDOWS\SYSTEM\BROWSEUI.DLL *C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRHK.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\APITRAP.DLL *C:\WINDOWS\SYSTEM\SHDOC401.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\SHDOCVW.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFA0AAF=C:\WINDOWS\TASKMON.EXE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFA7C77=C:\WINDOWS\SYSTEM\SYSTRAY.EXE *C:\WINDOWS\SYSTEM\USBUI.DLL *C:\WINDOWS\SYSTEM\WMI.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\BATMETER.DLL *C:\WINDOWS\SYSTEM\POWRPROF.DLL *C:\WINDOWS\SYSTEM\SETUPAPI.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\CFGMGR32.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\LZ32.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\WINMM.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFAB27B=C:\WINDOWS\SYSTEM\IGFXTRAY.EXE *C:\WINDOWS\SYSTEM\IGFXRES.DLL *C:\WINDOWS\SYSTEM\IGFXSRVC.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\IGFXDEV.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\HCCUTILS.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFAA87B=C:\WINDOWS\SYSTEM\HKCMD.EXE *C:\WINDOWS\SYSTEM\IGFXRES.DLL *C:\WINDOWS\SYSTEM\IGFXHK.DLL *C:\WINDOWS\SYSTEM\IGFXSRVC.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\IGFXDEV.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\HCCUTILS.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFA884B=C:\WINDOWS\SYSTEM\SBMX.EXE *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFACF3B=C:\WINDOWS\SYSTEM\STIMON.EXE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\WINMM.DLL *C:\WINDOWS\SYSTEM\STI.DLL *C:\WINDOWS\SYSTEM\SETUPAPI.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\CFGMGR32.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\LZ32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFAFA03=C:\WINDOWS\ESSSPK.EXE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\WINMM.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF97EA7=C:\WINDOWS\LOADQM.EXE *C:\WINDOWS\SYSTEM\IPHLPAPI.DLL *C:\WINDOWS\SYSTEM\MSAFD.DLL *C:\WINDOWS\SYSTEM\IPCFGDLL.DLL *C:\WINDOWS\SYSTEM\DHCPCSVC.DLL *C:\WINDOWS\SYSTEM\ICMP.DLL *C:\WINDOWS\SYSTEM\RASAPI32.DLL *C:\WINDOWS\SYSTEM\WSOCK32.DLL *C:\WINDOWS\SYSTEM\MSWSOCK.DLL *C:\WINDOWS\SYSTEM\SECUR32.DLL *C:\WINDOWS\SYSTEM\MSVCRT20.DLL *C:\WINDOWS\SYSTEM\SVRAPI.DLL *C:\WINDOWS\SYSTEM\MSNET32.DLL *C:\WINDOWS\SYSTEM\MSPWL32.DLL *C:\WINDOWS\SYSTEM\TAPI32.DLL *C:\WINDOWS\SYSTEM\NETAPI32.DLL *C:\WINDOWS\SYSTEM\NETBIOS.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\SHFOLDER.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\WS2_32.DLL *C:\WINDOWS\SYSTEM\WS2HELP.DLL *C:\WINDOWS\SYSTEM\PROGDL.DLL *C:\WINDOWS\SYSTEM\WININET.DLL *C:\WINDOWS\SYSTEM\CRYPT32.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\MSOSS.DLL *C:\WINDOWS\SYSTEM\QMGR.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF9BF5F=C:\PROGRAM FILES\LOGITECH\VIDEO\LOGITRAY.EXE *C:\PROGRAM FILES\LOGITECH\VIDEO\FXSVRPS.DLL *C:\WINDOWS\SYSTEM\LVCOMCX.DLL *C:\WINDOWS\SYSTEM\LVMAENUM.DLL *C:\WINDOWS\SYSTEM\SETUPAPI.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\LZ32.DLL *C:\WINDOWS\SYSTEM\CFGMGR32.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LFPCX12N.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LFBMP12N.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LFTIF12N.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LFCMP12N.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LFFAX12N.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LTEFX12N.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LTIMG12N.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LTDIS12N.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LLOGTRAY.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LTFIL12N.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LTKRN12N.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\QCUI2.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LQCUI2.DLL *C:\WINDOWS\SYSTEM\MSVCP71.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\MFC71.DLL *C:\WINDOWS\SYSTEM\MFC71ENU.DLL *C:\WINDOWS\SYSTEM\MSVCR71.DLL *C:\PROGRAM FILES\LOGITECH\VIDEO\LTWVC12N.DLL *C:\WINDOWS\SYSTEM\MSIMG32.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\AVIFIL32.DLL *C:\WINDOWS\SYSTEM\MSACM32.DLL *C:\WINDOWS\SYSTEM\MSVFW32.DLL *C:\WINDOWS\SYSTEM\WOW32.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\DCIMAN32.DLL *C:\WINDOWS\SYSTEM\WINMM.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\CRTDLL.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFB5273=C:\WINDOWS\SYSTEM\PWSTRAY.EXE *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\ADMWPROX.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF957A7=C:\WINDOWS\SYSTEM\QTTASK.EXE *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMESTREAMINGEXT RAS.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMESTREAMINGAUT HORING.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMESTREAMING.QTX *C:\WINDOWS\SYSTEM\WSOCK32.DLL *C:\WINDOWS\SYSTEM\MSWSOCK.DLL *C:\WINDOWS\SYSTEM\WS2_32.DLL *C:\WINDOWS\SYSTEM\WS2HELP.DLL *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMEMUSIC.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMEMPEG4AUTHORI NG.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMEMPEG4.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMEMPEG.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMEINTERNETEXTR AS.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMEIMAGE.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMEESSENTIALS.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMEEFFECTS.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMECAPTURE.QTX *C:\WINDOWS\SYSTEM\QUICKTIME\QUICKTIMEAUTHORING.QTX *C:\WINDOWS\SYSTEM\DDRAW.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\WININET.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\CRYPT32.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\MSOSS.DLL *C:\WINDOWS\SYSTEM\QUICKTIME.QTS *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\WINMM.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFFA3F5B=C:\WINDOWS\SYSTEM\LVCOMSX.EXE *C:\WINDOWS\SYSTEM\LVCOMCX.DLL *C:\WINDOWS\SYSTEM\LVMAENUM.DLL *C:\WINDOWS\SYSTEM\MSVCP71.DLL *C:\WINDOWS\SYSTEM\MSVCR71.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\SETUPAPI.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\LZ32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\CFGMGR32.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\WINMM.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF9CFAB=C:\PROGRAM FILES\WINAMP\WINAMPA.EXE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF9C51F=C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\NAVAPW32.EXE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\N32USERL.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\APWCMD.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\APWUTIL.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF85693=C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\POPROXY.EXE *C:\WINDOWS\SYSTEM\MSAFD.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\EMAILCFG.DLL *C:\WINDOWS\SYSTEM\NETAPI32.DLL *C:\WINDOWS\SYSTEM\NETBIOS.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\WSOCK32.DLL *C:\WINDOWS\SYSTEM\MSWSOCK.DLL *C:\WINDOWS\SYSTEM\WS2_32.DLL *C:\WINDOWS\SYSTEM\WININET.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\CRYPT32.DLL *C:\WINDOWS\SYSTEM\MSOSS.DLL *C:\WINDOWS\SYSTEM\WS2HELP.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\EMAILRES.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\LITESCAN.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2RTF.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2UUE.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2GZIP.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\SYMGZIP.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2TAR.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2TNEF.DLL *C:\WINDOWS\SYSTEM\MFC42.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\NAVLWAPI.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2SS.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2CAB.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2AMG.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\SYMAMG32.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2ZIP.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2MIME.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2LZ.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2LHA.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\SYMLHA.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2ID.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2ARJ.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\DEC2.DLL *C:\WINDOWS\SYSTEM\MSVCP60.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\N32EXCLU.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\N32XUTIL.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\N32PDLL.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\S32ALOGO.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\V32SCAN.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\N32CALL.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\N32INOC.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\S32NAVO.DLL *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF763B3=C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF9EE1F=C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOTDD01.EXE *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQCXM08.DLL *C:\WINDOWS\SYSTEM\MSVCP60.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPODVD08.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\SETUPAPI.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\LZ32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\CFGMGR32.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF6260B=C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF66D8B=C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOMAU08.EXE *C:\WINDOWS\SYSTEM\HPZIPR12.DLL *C:\WINDOWS\SYSTEM\HPZIDR12.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPODIO08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOSCN08.RSC *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOSCN08.DLL *C:\WINDOWS\SYSTEM\STI.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQCOB08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOCXI08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPODVB08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQCXM08.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\MSVCP60.DLL *C:\WINDOWS\SYSTEM\SETUPAPI.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\LZ32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\CFGMGR32.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\WSOCK32.DLL *C:\WINDOWS\SYSTEM\MSWSOCK.DLL *C:\WINDOWS\SYSTEM\WS2_32.DLL *C:\WINDOWS\SYSTEM\WININET.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\CRYPT32.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\MSOSS.DLL *C:\WINDOWS\SYSTEM\WS2HELP.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF6BD3B=C:\WINDOWS\SYSTEM\WMIEXE.EXE *C:\WINDOWS\SYSTEM\WMICORE.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF50F8B=C:\PROGRAM FILES\WINDOWS MEDIA COMPONENTS\ENCODER\WMENCAGT.EXE *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF52BCF=C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\SYSDOC32.EXE *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\TKKE32L.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\SENSOR32.DLL *C:\WINDOWS\SYSTEM\S32EVNT1.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\S32FATL.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\S32UTILL.DLL *C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\S32KRNLL.DLL *C:\WINDOWS\SYSTEM\MFC42.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\S32STAT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF5663B=C:\WINDOWS\SYSTEM\SPOOL32.EXE *C:\WINDOWS\SYSTEM\MSPP32.DLL *C:\WINDOWS\SYSTEM\MSNET32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\HPZS9X07.DLL *C:\WINDOWS\SYSTEM\USBMON.DLL *C:\WINDOWS\SYSTEM\MSVCRT40.DLL *C:\WINDOWS\SYSTEM\MSVCIRT.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\SPOOLSS.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF5FA67=C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE *C:\WINDOWS\SYSTEM\RICHED32.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\MSVCIRT.DLL *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\APITRAP.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\DDAO35.DLL *C:\WINDOWS\SYSTEM\MFC42.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF6BBC7=C:\PROGRAM FILES\YAHOO!\MESSENGER\YMSGR_TRAY.EXE *C:\PROGRAM FILES\YAHOO!\MESSENGER\RES_MSGR.DLL *C:\WINDOWS\SYSTEM\MSXML3.DLL *C:\WINDOWS\SYSTEM\MSIMG32.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\PROGRAM FILES\YAHOO!\SHARED\YBSKIN2.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\PROGRAM FILES\YAHOO!\MESSENGER\MSVCP71.DLL *C:\PROGRAM FILES\YAHOO!\MESSENGER\MSVCR71.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF4B32F=C:\Program Files\Norton SystemWorks\Norton CleanSweep\Monwow.exe *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\APITRAP.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF4093F=C:\PROGRAM FILES\LOGITECH\VIDEO\FXSVR2.EXE *C:\PROGRAM FILES\LOGITECH\VIDEO\FXSVRPS.DLL *C:\WINDOWS\SYSTEM\LVCOMCX.DLL *C:\WINDOWS\SYSTEM\LVMAENUM.DLL *C:\WINDOWS\SYSTEM\SETUPAPI.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\LZ32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\CFGMGR32.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\TWAIN_32\LOGIVID\HVIDSP2.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\MSVCP71.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\MFC71.DLL *C:\WINDOWS\SYSTEM\MFC71ENU.DLL *C:\WINDOWS\SYSTEM\MSVCR71.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF368C3=C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOEVM08.EXE *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQIPS08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQCOB08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOCXI08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQCXM08.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\MSVCP60.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF746F3=C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOSTS08.EXE *C:\WINDOWS\SYSTEM\HPZIDR12.DLL *C:\WINDOWS\SYSTEM\SETUPAPI.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\CFGMGR32.DLL *C:\WINDOWS\SYSTEM\COMDLG32.DLL *C:\WINDOWS\SYSTEM\LZ32.DLL *C:\WINDOWS\SYSTEM\NTDLL.DLL *C:\WINDOWS\SYSTEM\HPZIPR12.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPODIO08.DLL *C:\WINDOWS\SYSTEM\WSOCK32.DLL *C:\WINDOWS\SYSTEM\MSWSOCK.DLL *C:\WINDOWS\SYSTEM\WS2_32.DLL *C:\WINDOWS\SYSTEM\WININET.DLL *C:\WINDOWS\SYSTEM\CRYPT32.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\MSOSS.DLL *C:\WINDOWS\SYSTEM\WS2HELP.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQCOB08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOCXI08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQCXM08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOSTS08.RSC *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\WINSPOOL.DRV *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQTAP08.DLL *C:\WINDOWS\SYSTEM\MSVCP60.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\SHELL32.DLL *C:\WINDOWS\SYSTEM\COMCTL32.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\MFC42.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF207CF=C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOFXM08.EXE *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQIPS08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQCOB08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOCXI08.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPQCXM08.DLL *C:\WINDOWS\SYSTEM\SHLWAPI.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOFXM08.RSC *C:\WINDOWS\SYSTEM\MSVCP60.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF17F2F=C:\WINDOWS\SYSTEM\PSTORES.EXE *C:\WINDOWS\SYSTEM\PSBASE.DLL *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\PSTORERC.DLL *C:\WINDOWS\SYSTEM\SOFTPUB.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\WINTRUST.DLL *C:\WINDOWS\SYSTEM\CRYPT32.DLL *C:\WINDOWS\SYSTEM\MSOSS.DLL *C:\WINDOWS\SYSTEM\MSVCRT.DLL *C:\WINDOWS\SYSTEM\IMAGEHLP.DLL *C:\WINDOWS\SYSTEM\MPR.DLL *C:\WINDOWS\SYSTEM\RPCRT4.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL +FFF1309B=C:\MY DOCUMENTS\KHRISSIE\STARTDRECK\STARTDRECK.EXE *C:\WINDOWS\SYSTEM\VERSION.DLL *C:\WINDOWS\SYSTEM\QDCSPI.DLL *C:\MY DOCUMENTS\KHRISSIE\STARTDRECK\VB4DE32.DLL *C:\MY DOCUMENTS\KHRISSIE\STARTDRECK\VB40032.DLL *C:\WINDOWS\SYSTEM\OLEPRO32.DLL *C:\WINDOWS\SYSTEM\OLEAUT32.DLL *C:\WINDOWS\SYSTEM\OLE32.DLL *C:\WINDOWS\SYSTEM\MSVCRT20.DLL *C:\WINDOWS\SYSTEM\USER32.DLL *C:\WINDOWS\SYSTEM\GDI32.DLL *C:\WINDOWS\SYSTEM\ADVAPI32.DLL *C:\WINDOWS\SYSTEM\KERNEL32.DLL »VMM32Files (LM) *vdd.vxd= *vflatd.vxd= *vshare.vxd= *vwin32.vxd= *vfbackup.vxd= *vcomm.vxd= *combuff.vxd= *vcd.vxd= *vpd.vxd= *spooler.vxd= *udf.vxd= *vfat.vxd= *vcache.vxd= *vcond.vxd= *vcdfsd.vxd= *int13.vxd= *vxdldr.vxd= *vdef.vxd= *dynapage.vxd= *configmg.vxd= *ntkern.vxd= *ebios.vxd= *vmd.vxd= *dosnet.vxd= *vpicd.vxd= *vtd.vxd= *reboot.vxd= *vdmad.vxd= *vsd.vxd= *v86mmgr.vxd= *pageswap.vxd= *dosmgr.vxd= *vmpoll.vxd= *shell.vxd= *parity.vxd= *biosxlat.vxd= *vmcpd.vxd= *vtdapi.vxd= *perf.vxd= *vkd.vxd= *vmouse.vxd= *mtrr.vxd= *enable.vxd= »%System%\VMM32 *C:\WINDOWS\SYSTEM\VMM32\IFSMGR.VXD *C:\WINDOWS\SYSTEM\VMM32\IOS.VXD *C:\WINDOWS\SYSTEM\VMM32\QEMMFIX.VXD »%System%\IOSUBSYS *C:\WINDOWS\SYSTEM\IoSubSys\BIGMEM.DRV *C:\WINDOWS\SYSTEM\IoSubSys\ESDI_506.PDR *C:\WINDOWS\SYSTEM\IoSubSys\HSFLOP.PDR *C:\WINDOWS\SYSTEM\IoSubSys\RMM.PDR *C:\WINDOWS\SYSTEM\IoSubSys\SCSIPORT.PDR *C:\WINDOWS\SYSTEM\IoSubSys\APIX.VXD *C:\WINDOWS\SYSTEM\IoSubSys\ATAPCHNG.VXD *C:\WINDOWS\SYSTEM\IoSubSys\CDFS.VXD *C:\WINDOWS\SYSTEM\IoSubSys\CDTSD.VXD *C:\WINDOWS\SYSTEM\IoSubSys\CDVSD.VXD *C:\WINDOWS\SYSTEM\IoSubSys\DISKTSD.VXD *C:\WINDOWS\SYSTEM\IoSubSys\DISKVSD.VXD *C:\WINDOWS\SYSTEM\IoSubSys\NECATAPI.VXD *C:\WINDOWS\SYSTEM\IoSubSys\SCSI1HLP.VXD *C:\WINDOWS\SYSTEM\IoSubSys\TORISAN3.VXD *C:\WINDOWS\SYSTEM\IoSubSys\VOLTRACK.VXD *C:\WINDOWS\SYSTEM\IoSubSys\Cdr4vsd.vxd *C:\WINDOWS\SYSTEM\IoSubSys\Cdralvsd.vxd *C:\WINDOWS\SYSTEM\IoSubSys\acbhlpr.vxd *C:\WINDOWS\SYSTEM\IoSubSys\iomega.vxd *C:\WINDOWS\SYSTEM\IoSubSys\pxhelper.vxd *C:\WINDOWS\SYSTEM\IoSubSys\HPZBRX12.PDR *C:\WINDOWS\SYSTEM\IoSubSys\AUDIOFS.VXD *C:\WINDOWS\SYSTEM\IoSubSys\Umas04cb.vxd »Application specific »MS Office 97/8.0 STARTUP-PATH »Current User »Default User »Local Machine »ICQ NetDetect »Current User »Default User Logfile of HijackThis v1.99.1 Scan saved at 8:22:09 PM, on 3/13/05 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\SYSTEM\EUSEXE.EXE C:\WINDOWS\SYSTEM\INETSRV\INETINFO.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINJECT.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\WINDOWS\SYSTEM\MSDTCW.EXE C:\WINDOWS\SYSTEM\RPCSS.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\SYSTEM\IGFXTRAY.EXE C:\WINDOWS\SYSTEM\HKCMD.EXE C:\WINDOWS\SYSTEM\SBMX.EXE C:\WINDOWS\SYSTEM\STIMON.EXE C:\WINDOWS\ESSSPK.EXE C:\WINDOWS\LOADQM.EXE C:\PROGRAM FILES\LOGITECH\VIDEO\LOGITRAY.EXE C:\WINDOWS\SYSTEM\PWSTRAY.EXE C:\WINDOWS\SYSTEM\QTTASK.EXE C:\WINDOWS\SYSTEM\LVCOMSX.EXE C:\PROGRAM FILES\WINAMP\WINAMPA.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\NAVAPW32.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\POPROXY.EXE C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOTDD01.EXE C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOMAU08.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\PROGRAM FILES\WINDOWS MEDIA COMPONENTS\ENCODER\WMENCAGT.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\SYSDOC32.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE C:\PROGRAM FILES\YAHOO!\MESSENGER\YMSGR_TRAY.EXE C:\Program Files\Norton SystemWorks\Norton CleanSweep\Monwow.exe C:\PROGRAM FILES\LOGITECH\VIDEO\FXSVR2.EXE C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOEVM08.EXE C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOSTS08.EXE C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOFXM08.EXE C:\WINDOWS\SYSTEM\PSTORES.EXE C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\se.dll/sp.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.mytelus.com/[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\se.dll/sp.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\REAL\TOOLBAR\REALBAR.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\REAL\TOOLBAR\REALBAR.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\SYSTEM\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\SYSTEM\hkcmd.exe O4 - HKLM\..\Run: [SBMX] C:\WINDOWS\SYSTEM\sbmx.exe O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [RegShave] C:\Progra~1\REGSHAVE\REGSHAVE.EXE /autorun O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [PWSTray] PwsTray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\SYSTEM\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE O4 - HKLM\..\Run: [NAV DefAlert] C:\PROGRA~1\NORTON~1\NORTON~2\DEFALERT.EXE O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NORTON~2\NAVAPW32.EXE /LOADQUIET O4 - HKLM\..\Run: [Norton eMail Protect] C:\Program Files\Norton SystemWorks\Norton AntiVirus\POPROXY.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [ICH Synth] eusexe.exe O4 - HKLM\..\RunServices: [MSDTC] msdtcw -start O4 - HKLM\..\RunServices: [inetinfo.exe] C:\WINDOWS\SYSTEM\inetsrv\inetinfo.exe -e w3svc O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE O4 - HKLM\..\RunServices: [CSINJECT.EXE] C:\Program Files\Norton SystemWorks\Norton CleanSweep\CSINJECT.EXE O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks" O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [ZVolume] C:\Program Files\ZVolume Pro\ZVolume.exe O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - Startup: hp instant support.lnk = C:\Program Files\Hewlett-Packard\hpis\bin\matcli.exe O4 - Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe O4 - Startup: hp officejet 4100 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpomau08.exe O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Startup: Encoder Agent.lnk = C:\Program Files\Windows Media Components\Encoder\WMENCAGT.EXE O4 - Startup: Norton System Doctor.lnk = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsm32.exe O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL O16 - DPF: Yahoo! Chess - [url]http://download.games.yahoo.com/games/clients/y/ct2_x.cab[/url] O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - [url]http://www2.incredimail.com/contents/setup/downloader/imloader.cab[/url] O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - [url]http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll[/url] O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - [url]http://a1540.g.akamai.net/7/1540/52/20031216/qtinstall.info.apple.com/mickey/us/win/QuickTimeInstaller.exe[/url] O16 - DPF: Yahoo! Poker - [url]http://download.games.yahoo.com/games/clients/y/pt3_x.cab[/url] O16 - DPF: Yahoo! Backgammon - [url]http://download.games.yahoo.com/games/clients/y/at0_x.cab[/url] O16 - DPF: Tornado 21 - [url]http://download.games.yahoo.com/games/clients/y/t21t0_x.cab[/url] O16 - DPF: Yahoo! Spades - [url]http://download.games.yahoo.com/games/clients/y/st2_x.cab[/url] O16 - DPF: Yahoo! Pinochle - [url]http://download.games.yahoo.com/games/clients/y/ut2_x.cab[/url] O16 - DPF: Yahoo! MahJong - [url]http://download.games.yahoo.com/games/clients/y/ot0_x.cab[/url] O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - [url]http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab[/url] O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - [url]http://chat.yahoo.com/cab/yvwrctl.cab[/url] O16 - DPF: Yahoo! Pool 2 - [url]http://download.games.yahoo.com/games/clients/y/pote_x.cab[/url] O16 - DPF: {2B36F775-8CF5-4489-B454-2D1B80984CF2} (FXPluginCtl Object) - [url]http://www.powerflasher.de/plugin/powerres.cab[/url] O16 - DPF: Yahoo! MahJong Solitaire - [url]http://download.games.yahoo.com/games/clients/y/mjst4_x.cab[/url] O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - [url]http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab[/url] O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - [url]http://www.pandasoftware.com/activescan/as5/asinst.cab[/url] Posted by: MicroBell Not done yet.... Now run hijackthis and fix the following entrys... [b]R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\se.dll/sp.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about :blank R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [url]http://www.mytelus.com/[/url] R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\se.dll/sp.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about :blank R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about :blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about :blank[/b] Run the cleanup utility and reboot when prompted. Double check and make sure this file as been deleted...C:\WINDOWS\TEMP\[b]se.dll[/b] Posted by: khog11 se.dll does not exist in my comp anymore!!! yey!! anyways this is my hijacthis logfile.. are there any more mistakes? Logfile of HijackThis v1.99.1 Scan saved at 6:02:44 PM, on 3/14/05 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\SYSTEM\EUSEXE.EXE C:\WINDOWS\SYSTEM\INETSRV\INETINFO.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINJECT.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\WINDOWS\SYSTEM\MSDTCW.EXE C:\WINDOWS\SYSTEM\RPCSS.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\SYSTEM\IGFXTRAY.EXE C:\WINDOWS\SYSTEM\HKCMD.EXE C:\WINDOWS\SYSTEM\SBMX.EXE C:\WINDOWS\SYSTEM\STIMON.EXE C:\WINDOWS\ESSSPK.EXE C:\WINDOWS\LOADQM.EXE C:\WINDOWS\SYSTEM\PWSTRAY.EXE C:\WINDOWS\SYSTEM\QTTASK.EXE C:\WINDOWS\SYSTEM\LVCOMSX.EXE C:\PROGRAM FILES\LOGITECH\VIDEO\LOGITRAY.EXE C:\PROGRAM FILES\WINAMP\WINAMPA.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\NAVAPW32.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON ANTIVIRUS\POPROXY.EXE C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE C:\PROGRAM FILES\LIME_SHOP\LIMESHOP0.EXE C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOTDD01.EXE C:\PROGRAM FILES\FINEPIXVIEWER\QUICKDCF.EXE C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOMAU08.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\PROGRAM FILES\WINDOWS MEDIA COMPONENTS\ENCODER\WMENCAGT.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\Program Files\Norton SystemWorks\Norton CleanSweep\Monwow.exe C:\PROGRAM FILES\LOGITECH\VIDEO\FXSVR2.EXE C:\PROGRAM FILES\YAHOO!\MESSENGER\YMSGR_TRAY.EXE C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOEVM08.EXE C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOSTS08.EXE C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOFXM08.EXE C:\PROGRAM FILES\LIME_SHOP\LIMESHOP1.EXE C:\PROGRAM FILES\JAVA\J2RE1.4.2_04\BIN\JAVAW.EXE C:\PROGRAM FILES\WINAMP\WINAMP.EXE C:\WINDOWS\SYSTEM\PSTORES.EXE C:\WINDOWS\DESKTOP\HIJACKTHIS.EXE O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\REAL\TOOLBAR\REALBAR.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\REAL\TOOLBAR\REALBAR.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\SYSTEM\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\SYSTEM\hkcmd.exe O4 - HKLM\..\Run: [SBMX] C:\WINDOWS\SYSTEM\sbmx.exe O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe O4 - HKLM\..\Run: [LoadQM] loadqm.exe O4 - HKLM\..\Run: [RegShave] C:\Progra~1\REGSHAVE\REGSHAVE.EXE /autorun O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [PWSTray] PwsTray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\SYSTEM\LVCOMSX.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE O4 - HKLM\..\Run: [NAV DefAlert] C:\PROGRA~1\NORTON~1\NORTON~2\DEFALERT.EXE O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NORTON~2\NAVAPW32.EXE /LOADQUIET O4 - HKLM\..\Run: [Norton eMail Protect] C:\Program Files\Norton SystemWorks\Norton AntiVirus\POPROXY.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Limeshop0] "C:\PROGRAM FILES\LIME_SHOP\Limeshop0.exe" O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [ICH Synth] eusexe.exe O4 - HKLM\..\RunServices: [MSDTC] msdtcw -start O4 - HKLM\..\RunServices: [inetinfo.exe] C:\WINDOWS\SYSTEM\inetsrv\inetinfo.exe -e w3svc O4 - HKLM\..\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE O4 - HKLM\..\RunServices: [CSINJECT.EXE] C:\Program Files\Norton SystemWorks\Norton CleanSweep\CSINJECT.EXE O4 - HKLM\..\RunServices: [SymTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe "Norton SystemWorks" O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [ZVolume] C:\Program Files\ZVolume Pro\ZVolume.exe O4 - HKCU\..\Run: [ares] "C:\PROGRAM FILES\ARES LITE EDITION\ARES.EXE" -h O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Startup: hpoddt01.exe.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - Startup: hp instant support.lnk = C:\Program Files\Hewlett-Packard\hpis\bin\matcli.exe O4 - Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe O4 - Startup: hp officejet 4100 series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpomau08.exe O4 - Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Startup: Encoder Agent.lnk = C:\Program Files\Windows Media Components\Encoder\WMENCAGT.EXE O4 - Startup: Norton System Doctor.lnk = C:\Program Files\Norton SystemWorks\Norton Utilities\SYSDOC32.EXE O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsm32.exe O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm O8 - Extra context menu item: LimeShop Preferences - file://C:\PROGRAM FILES\LIME_SHOP\Sy700\Tp700\scri700a.htm O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL O16 - DPF: Yahoo! Chess - [url]http://download.games.yahoo.com/games/clients/y/ct2_x.cab[/url] O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - [url]http://www2.incredimail.com/contents/setup/downloader/imloader.cab[/url] O16 - DPF: {A17E30C4-A9BA-11D4-8673-60DB54C10000} (YahooYMailTo Class) - [url]http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yse/ymmapi_416.dll[/url] O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - [url]http://a1540.g.akamai.net/7/1540/52/20031216/qtinstall.info.apple.com/mickey/us/win/QuickTimeInstaller.exe[/url] O16 - DPF: Yahoo! Poker - [url]http://download.games.yahoo.com/games/clients/y/pt3_x.cab[/url] O16 - DPF: Yahoo! Backgammon - [url]http://download.games.yahoo.com/games/clients/y/at0_x.cab[/url] O16 - DPF: Tornado 21 - [url]http://download.games.yahoo.com/games/clients/y/t21t0_x.cab[/url] O16 - DPF: Yahoo! Spades - [url]http://download.games.yahoo.com/games/clients/y/st2_x.cab[/url] O16 - DPF: Yahoo! Pinochle - [url]http://download.games.yahoo.com/games/clients/y/ut2_x.cab[/url] O16 - DPF: Yahoo! MahJong - [url]http://download.games.yahoo.com/games/clients/y/ot0_x.cab[/url] O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} (YAddBook Class) - [url]http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab[/url] O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - [url]http://chat.yahoo.com/cab/yvwrctl.cab[/url] O16 - DPF: Yahoo! Pool 2 - [url]http://download.games.yahoo.com/games/clients/y/pote_x.cab[/url] O16 - DPF: {2B36F775-8CF5-4489-B454-2D1B80984CF2} (FXPluginCtl Object) - [url]http://www.powerflasher.de/plugin/powerres.cab[/url] O16 - DPF: Yahoo! MahJong Solitaire - [url]http://download.games.yahoo.com/games/clients/y/mjst4_x.cab[/url] O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - [url]http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab[/url] O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - [url]http://www.pandasoftware.com/activescan/as5/asinst.cab[/url] Posted by: MicroBell Nope...your clean. Please read through the spyware prevention section on how to protect yourself from spyware/adware [b][URL=http://www.greyknight17.com/spyware.htm]Here[/URL][/b] and use the recommend programs and methods to protect yourself! Posted by: southernlady Closed. Liz vBulletin Copyright ©2000 - 2003, Jelsoft Enterprises Limited. PPC Management vB Easy Archive Final - Created by Xenon |