winibluesoft

I have been infected with the above, I have read some of the other members problems with this virus and mine are similar but with some differences.
When trying to open links I frequently get the message "this link appears to be broken" the pop up then suggests searching Malwarebytes.org for MBAM program
set up but everything I click on tells me that the link is broken.
I have updated Java and Adobe but when I try to find the windows updates I get the error 404.
Here is my hijackthis.log
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Kontiki\KHost.exe
C:\Users\Art\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\System32\setup2.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\WTablet\Pen_TabletUser.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Art\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Art\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Art\Documents\Downloads\hijackgpthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://uk.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.aldi.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1008.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: ALOT Toolbar - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - C:\Program Files\alot\bin\alot.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1008.0\msneshellx.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Art\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [setup2.exe] C:\Windows\system32\setup2.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\Windows\System32\WTablet\TabUserW.exe
O8 - Extra context menu item: eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/VistaMSNPUplden-gb.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AA3CE809-57F2-4E64-A7F0-F1B691B3445F}: NameServer = 85.255.112.184,85.255.112.75
O17 - HKLM\System\CS1\Services\Tcpip\..\{1BBEC215-ED26-4575-B61A-6B63322CFEB6}: NameServer = 212.139.132.27 212.139.132.26
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.184,85.255.112.75
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SpeedTouch 330 Manager (st330service) - THOMSON Telecom Belgium - C:\Program Files/Thomson/ST330/service/st330service.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 9916 bytes

Hello.

• Click Start >> Control Panel.
  
• Under the Programs click Uninstall a Program
  
• Highlight ALOT Toolbar
  
• Click on the Uninstall/Change button at the top.
  

Next,

• Open HijackThis
  
• Choose "Do a system scan only"
  
• Check the boxes in front of these lines:
  
  
  O4 - HKCU\..\Run: [setup2.exe] C:\Windows\system32\setup2.exe
  O17 - HKLM\System\CCS\Services\Tcpip\..\{AA3CE809-57F2-4E64-A7F0-F1B691B3445F}: NameServer = 85.255.112.184,85.255.112.75
  O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.184,85.255.112.75
  
  
  
• Press "Fix Checked"
  
• Close Hijack This.
  

Next,

• Download combofix from here
  Link 1
  Link 2
  

1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to Combo-Fix as follows:





3. It is important you rename Combofix during the download, but not after.
4. Please do not rename Combofix to other names, but only to the one indicated.
5. Close any open browsers.
6. We need to disable your local AV (Anti-virus) before running Combofix.

• See HERE for how to disable your AV. (Symantec)
  
• Double click on ComboFix.exe.
  
• Follow the prompts. NOTE:
  
• Allow combofix to run
  
• Post C:\combofix.txt back here.
  
  Note:
  Do not mouseclick combofix's window whilst it's running. That may cause it to stall.
  

Thank you very much, although I am not much more than a novice your
instructions were easy to follow and I now seem to be virus free.
A donation will be on its way soon.
Combofix.txt file below

Once again many thanks

ComboFix 09-06-05.09 - Art 06/06/2009 20:28.1 - NTFSx86
Microsoft Windows Vista Home Premium 6.0.6000.0.1252.44.1033.18.2046.1099 [GMT 1:00]
Running from: c:\users\Art\Desktop\Combo-Fix.exe
AV: Norton Internet Security Online *On-access scanning disabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security Online *disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}
SP: Norton Internet Security Online *disabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A}
SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
c:\windows\10079t5ojzcf.exe
c:\windows\10097s5z36a.exe
c:\windows\10341nz5-a-virusb29.exe
c:\windows\10579trojz5.bin
c:\windows\10837s95628z.exe
c:\windows\1085sz9fe.bin
c:\windows\10a0bz5kdoo92926.bin
c:\windows\10deba5zdo9r403.ocx
c:\windows\11447n5t-a-v9zus529.cpl
c:\windows\1186spa9sz5415.dll
c:\windows\11dbsp9ware19z5.ocx
c:\windows\1219downloadez795.cpl
c:\windows\13194t5zj40b.bin
c:\windows\13703n9t-a-virus5dz.dll
c:\windows\139z95acktool293.bin
c:\windows\13c9thi5z2790.bin
c:\windows\14234s5am9ot333z.dll
c:\windows\14498spy59z.exe
c:\windows\1493znot-a-5irus506.exe
c:\windows\15089spy6z1.ocx
c:\windows\1510zs9y55b.ocx
c:\windows\1517zha5ktool89.cpl
c:\windows\1525ztroj5985.bin
c:\windows\15296haczto9l55a.cpl
c:\windows\1534zhacktoo91be.bin
c:\windows\1556worm496z.ocx
c:\windows\1556zworm24f9.bin
c:\windows\1559t5izf1347.dll
c:\windows\15869tzoj667.cpl
c:\windows\15942wor97fz.cpl
c:\windows\1594spzware925.bin
c:\windows\15954virus5z.dll
c:\windows\159cbzckdoor1670.dll
c:\windows\15z42n9t-a-viru585.ocx
c:\windows\16465not-a-zir9544f.cpl
c:\windows\1689threa5829z.ocx
c:\windows\16a9thizf2175.ocx
c:\windows\16cfvir195z5.dll
c:\windows\17282zpambot96d5.exe
c:\windows\175699pambot5z8.bin
c:\windows\17669not-a-v5rus3b9z.bin
c:\windows\17z10hackt9ol65.bin
c:\windows\18439nzt-59virus6af.cpl
c:\windows\18995virzs5b0.exe
c:\windows\189dt5z9f3146.cpl
c:\windows\18z62ha9k5ool57.cpl
c:\windows\19165wozm55c.cpl
c:\windows\19575vzrus311.cpl
c:\windows\19772z9amb5t5ed.bin
c:\windows\197z9v5rus91b.dll
c:\windows\19816notz5-viru96da.exe
c:\windows\1987ha5zto9l279.exe
c:\windows\19944not-a-v5zus47e.ocx
c:\windows\199969ot-a-ziru51cd.dll
c:\windows\19z55s9y72.exe
c:\windows\1b6zthre9522788.dll
c:\windows\1c16vzr1795.ocx
c:\windows\1c65s5yware99z.exe
c:\windows\1c98szywa951150.ocx
c:\windows\1d095teal9z.ocx
c:\windows\1z379hacktool2a5.dll
c:\windows\1z54vi5696.dll
c:\windows\1z571tr5j59.exe
c:\windows\2011zworm9d55.bin
c:\windows\201z9not-a-v9r5s4c0.cpl
c:\windows\20355spz94e.exe
c:\windows\2044downz59der808.bin
c:\windows\20592hac9tool4z8.bin
c:\windows\20657notz9-vi5us3aa.exe
c:\windows\20790notza-virus55e.exe
c:\windows\20919z9rus4c35.dll
c:\windows\20945t9oz5ef.bin
c:\windows\20z95sp9af.bin
c:\windows\2103zhac95ool585.exe
c:\windows\21157tzoj2959.cpl
c:\windows\21573spamb9t7e7z.cpl
c:\windows\21715n5t-a-9izus4fb.bin
c:\windows\21982zpa5bot4b4.exe
c:\windows\2215zir7029.bin
c:\windows\22805vzr9s5dd.dll
c:\windows\22894zorm4b95.cpl
c:\windows\229addware1z395.dll
c:\windows\23109not-a5virus1fz9.bin
c:\windows\235ethizf7899.ocx
c:\windows\24951not-a-vi5uz92d.bin
c:\windows\25013hack5zol9c.ocx
c:\windows\25130spz5e9.ocx
c:\windows\25249vir9z16f.dll
c:\windows\252z1troj5b9.dll
c:\windows\253439rzj55e.dll
c:\windows\2568wz9m69d.cpl
c:\windows\2571ba9kdo5r2379z.exe
c:\windows\25847no5-a-vzr9s1e1.ocx
c:\windows\264569pycbz.ocx
c:\windows\26562haz5tool539.bin
c:\windows\26759p5az.exe
c:\windows\26777noz-a-viru95ef.ocx
c:\windows\26z095py115.ocx
c:\windows\2738559t-a-virusz66.exe
c:\windows\2811zo5-9-virus474.dll
c:\windows\28280hzc9t5ol287.exe
c:\windows\28495not-a-viru549z.bin
c:\windows\28583hackzo5l7b19.dll
c:\windows\28679n9t5a-vzrus8b.cpl
c:\windows\28761zi5us499.dll
c:\windows\28823hazk5oo9758.bin
c:\windows\2893thrza512559.ocx
c:\windows\29134not-a-viz9s64b5.exe
c:\windows\2916thzeat20559.exe
c:\windows\29208s5amboz241.ocx
c:\windows\29253ziru955a.ocx
c:\windows\29679s5ambotz34.cpl
c:\windows\297549pazbotb2.exe
c:\windows\29959v5rzs5a5.dll
c:\windows\2a1dspy5arz9559.bin
c:\windows\2ca0th5eat2z0959.ocx
c:\windows\2da9spy9zre2825.cpl
c:\windows\2f0szywa9e5865.cpl
c:\windows\2f39vzr1547.ocx
c:\windows\2z27t9ie52606.cpl
c:\windows\2z710not-a-9i5us411.exe
c:\windows\2zf0addw5r9952.dll
c:\windows\3003zhackt95l663.ocx
c:\windows\3017viruz559.cpl
c:\windows\30629virzs4965.dll
c:\windows\31071no5-a-virusz29.exe
c:\windows\3156t9oz3cb.ocx
c:\windows\32004w9zme5.bin
c:\windows\32055sp5mbzt19e.exe
c:\windows\32516viru5e9z.exe

c:\windows\325av9r1869z.exe
c:\windows\32z94s9y557.ocx
c:\windows\3383st9alz425.ocx
c:\windows\33zfs5eal1976.ocx
c:\windows\3422v5zus4b69.bin
c:\windows\3458tr5jza9.cpl
c:\windows\3509h9c5tool5a4z.exe
c:\windows\35114n9t-azvirus2a9.ocx
c:\windows\35645not-a-viruz929.cpl
c:\windows\3575addwa5e970z.cpl
c:\windows\359cspaz9e3096.cpl
c:\windows\386hazkt9ol5bb.cpl
c:\windows\39eb9tz5l1924.cpl
c:\windows\3e0z5te9l2469.exe
c:\windows\3f52addwaze1959.bin
c:\windows\3f67ad9warz1925.dll
c:\windows\3z32s5yware13149.exe
c:\windows\402s9e5l2086z.dll
c:\windows\4045ztea9683.exe
c:\windows\40dfst5z91385.ocx
c:\windows\4102downl5a9erz890.bin
c:\windows\4195sp94z4.bin
c:\windows\42baviz52679.exe
c:\windows\4349ad5w9re14z1.dll
c:\windows\4401n95-a-viruz353.ocx
c:\windows\451zwo9m51.dll
c:\windows\456ezpyware659.bin
c:\windows\4649stea573z.ocx
c:\windows\4660thi9fz554.dll
c:\windows\46959pyc1z.cpl
c:\windows\472795y15z.bin
c:\windows\4779adzware5135.bin
c:\windows\47z59ddw5re540.ocx
c:\windows\4854szars93538.exe
c:\windows\4859spam9ot1fz.ocx
c:\windows\49ddowzloade52492.exe
c:\windows\4c0cspz5are29249.bin
c:\windows\4d45adzware1918.bin
c:\windows\4d6zvir5996.exe
c:\windows\4d959iz95.bin
c:\windows\4da8az5ware194.cpl
c:\windows\4df9addw5re15z6.ocx
c:\windows\4dzdb9c5door2190.ocx
c:\windows\4f71ba9zd5or2175.dll
c:\windows\4z979hr5at5841.dll
c:\windows\507fthie92z05.exe
c:\windows\5089hac9tooz526.ocx
c:\windows\50z5vir6479.ocx
c:\windows\51745spy95ez.exe
c:\windows\52095viruszaf.exe
c:\windows\529thief2z67.ocx
c:\windows\531cvzr15849.dll
c:\windows\5397vir5191z.cpl
c:\windows\539zspy2a2.exe
c:\windows\545hackt9zl458.cpl
c:\windows\5499spz228.bin
c:\windows\54eth9ef16z4.cpl
c:\windows\550f9ac5dooz739.bin
c:\windows\553dspywzre299.exe
c:\windows\553fzi9961.dll
c:\windows\55739py6az.dll
c:\windows\55885t9zl2587.cpl
c:\windows\5596addwar9157z.cpl
c:\windows\55azv59394.bin
c:\windows\55spyw9rz1695.cpl
c:\windows\5621th9zat5892.exe
c:\windows\56690trzja2.bin
c:\windows\566zspars9182.bin
c:\windows\5694wo5mz83.bin
c:\windows\5756zorm2f95.cpl
c:\windows\57925trzj5e2.cpl
c:\windows\57z37vi9usf8.dll
c:\windows\585zba5kdoor28169.dll
c:\windows\58b4zh9e51512.ocx
c:\windows\5939ot-a-viruszad.exe
c:\windows\595zthief1828.cpl
c:\windows\597aspa59e18z7.dll
c:\windows\59e8t5ief24z4.exe
c:\windows\5az9s5eal8599.cpl
c:\windows\5b2aaddzare904.cpl
c:\windows\5b70dow9l5azer1777.cpl
c:\windows\5c59azdware2914.exe
c:\windows\5cefspywaze35759.exe
c:\windows\5d7dthze91055.dll
c:\windows\5e0ezparse1519.bin
c:\windows\5f29threatz958.bin
c:\windows\5fz5ba9kdoor1543.cpl
c:\windows\5z25worm19e.bin
c:\windows\5z59vir889.bin
c:\windows\5zf6threat313895.cpl
c:\windows\6108n9t-a-viru5z95.cpl
c:\windows\6259spa5se104z.bin
c:\windows\6312thiefz597.ocx
c:\windows\6439not-z-v9r5s4b3.cpl
c:\windows\64e3steal9550z.exe
c:\windows\659cback9oor6z0.cpl
c:\windows\65b4threat49z95.ocx
c:\windows\66faddw59e1z15.cpl
c:\windows\66z5spar9e6315.ocx
c:\windows\6725wz5m9fb.dll
c:\windows\677fs5ars9943z.dll
c:\windows\689sparz532229.dll
c:\windows\68d7spy5arez980.dll
c:\windows\6935ir254z.ocx
c:\windows\694b9ownzoa5er3012.cpl
c:\windows\6973virus57z9.cpl
c:\windows\6999vzr155.cpl
c:\windows\6b7fth5ezt15349.ocx
c:\windows\6c7th95at3z830.bin
c:\windows\6ce5a9dwarz454.bin
c:\windows\6e59addwarz1856.exe
c:\windows\6e88backdooz5966.bin
c:\windows\6eb895dwarz2646.dll
c:\windows\6f79stea5249z.ocx
c:\windows\6f9zparse25065.bin
c:\windows\6z39bac5doo91457.dll
c:\windows\6z769ir2257.exe
c:\windows\71zbba9kdoor30235.dll
c:\windows\725d9zyware1655.exe
c:\windows\7295spz288.ocx
c:\windows\7452tz95f2898.cpl
c:\windows\74f59zr2537.bin
c:\windows\74z89ddw5re2036.cpl
c:\windows\7510spars9728z.cpl
c:\windows\7595downlza5er1369.dll
c:\windows\7595zteal2739.ocx
c:\windows\75c3thiez90.cpl
c:\windows\75e59parse2z7.dll
c:\windows\75f4threatz5995.ocx
c:\windows\75z9vir343.dll
c:\windows\7667t95jz6e.bin
c:\windows\769sparse24z85.cpl
c:\windows\76zspywa5e914.exe
c:\windows\78zeth9ef2652.bin
c:\windows\7987zhief29985.dll
c:\windows\7b4f9hr5at1695z.ocx
c:\windows\7b59thief5z8.ocx
c:\windows\7b99bac5dooz1831.ocx
c:\windows\7bbzv591528.cpl
c:\windows\7f37spars910z5.dll
c:\windows\7fd3a95ware894z.ocx
c:\windows\7ff9zir8575.bin
c:\windows\7z215p9mbot251.dll
c:\windows\8234hackt9z588.ocx
c:\windows\8447trojz569.bin
c:\windows\90ebdownlzader5619.cpl
c:\windows\9218ha5ztool7ad.ocx
c:\windows\924fzo5nloader3042.cpl
c:\windows\931t5i9f1z26.dll
c:\windows\9335zhacktool632.cpl
c:\windows\9382spamzot5e9.dll
c:\windows\9396th5ef2593z.cpl
c:\windows\94c8spyzare5880.exe
c:\windows\94z295py4f4.cpl
c:\windows\95z0sp5564.dll
c:\windows\9601hacktzol925.dll
c:\windows\96751tzoj5e8.ocx
c:\windows\97159spamb5tzb5.dll
c:\windows\9773v5rzs6d8.cpl
c:\windows\985bbackdoo51066z.bin
c:\windows\9955zspy4d5.exe
c:\windows\99z51not-a-vi5us536.ocx
c:\windows\9c3fst5al1z14.bin
c:\windows\9cacsz5ware798.dll
c:\windows\9d72s5ywarez616.dll
c:\windows\9fasparze13355.ocx
c:\windows\9z85s9y5fd.exe
c:\windows\9z880vi5us417.cpl
c:\windows\9z95troj928.cpl
c:\windows\a8zspywar5890.bin
c:\windows\azfs9arse2569.ocx
c:\windows\b4bdownloz9er2535.bin
c:\windows\b58b9czdoor12885.exe
c:\windows\c5vi92z35.ocx
c:\windows\c98dow9lozder5828.exe
c:\windows\cc2spaz9e8615.ocx
c:\windows\d26zown5oader27599.ocx
c:\windows\d52backdoor1198z.exe
c:\windows\e8zspywar51964.ocx
c:\windows\ebastzal9159.ocx
c:\windows\f07thi5fz952.bin
c:\windows\system32\10320z5rm961.bin
c:\windows\system32\109539zoj578.dll
c:\windows\system32\10z79vi5u91a6.exe
c:\windows\system32\11145s9y5d2z.dll
c:\windows\system32\11187spa5b9z7f.exe
c:\windows\system32\11520hacktoolz99.bin
c:\windows\system32\116dsp5rse6z99.ocx
c:\windows\system32\11936zpy6ed5.ocx
c:\windows\system32\12063h5c9zool14b.exe
c:\windows\system32\122589roj268z.bin
c:\windows\system32\12605t9oj2cz.ocx
c:\windows\system32\12771hac5tzol539.cpl
c:\windows\system32\12z54vir956e9.ocx
c:\windows\system32\1319sza9s52102.ocx
c:\windows\system32\137435zambot2659.ocx
c:\windows\system32\1428z5py5f89.bin
c:\windows\system32\14372spa9z5t575.dll
c:\windows\system32\14379ot-a5vizus236.ocx
c:\windows\system32\145z65roj5c39.dll
c:\windows\system32\15369virus3z6.bin
c:\windows\system32\15429roj1z9.bin
c:\windows\system32\15460vizu528f9.ocx
c:\windows\system32\154b5hz9at23279.cpl
c:\windows\system32\15541tr9j19z.ocx
c:\windows\system32\15591zacktool9c5.exe
c:\windows\system32\1571hzckt95l190.exe
c:\windows\system32\15918spy5z8.bin
c:\windows\system32\15972spamb9t5bz.cpl
c:\windows\system32\1621zspy559.dll
c:\windows\system32\16501spambot1z9.ocx
c:\windows\system32\165vz515959.dll
c:\windows\system32\16728not-a-vz9us6ac5.ocx
c:\windows\system32\16788sz959a.cpl
c:\windows\system32\16a5baczdo95936.exe
c:\windows\system32\17231tro95afz.bin
c:\windows\system32\175h9ckzool59f.dll
c:\windows\system32\185edownloadez26339.ocx
c:\windows\system32\185vi92z49.bin
c:\windows\system32\18965wormz55.ocx
c:\windows\system32\1905spywzr92981.ocx
c:\windows\system32\190z1hac5tool2f9.dll
c:\windows\system32\19315s5yzed.dll
c:\windows\system32\1939095rmz8.ocx
c:\windows\system32\195z2worm189.bin
c:\windows\system32\1969ha5kto9lz0.exe
c:\windows\system32\197fs5y9are1z82.dll
c:\windows\system32\1c1edow5lza9er1291.exe
c:\windows\system32\1c9cbac5dozr2754.dll
c:\windows\system32\1db5sparsz3049.dll
c:\windows\system32\1e5zthr9at3060.cpl
c:\windows\system32\1z765ir9272.cpl
c:\windows\system32\1z979spy554.bin
c:\windows\system32\1z99p5799.dll
c:\windows\system32\201ddow9zoader2355.cpl
c:\windows\system32\205169irzs25b.ocx
c:\windows\system32\20539not-z-vir9s62e.dll
c:\windows\system32\20710h5cktoo96zc.dll
c:\windows\system32\2157z9r5j5e.bin
c:\windows\system32\21697vi5uszf2.bin
c:\windows\system32\21829troz659.dll
c:\windows\system32\218z6not-a-9i5us5bd.cpl
c:\windows\system32\22325spambz5459.bin
c:\windows\system32\2257szea92556.bin
c:\windows\system32\2274zsp5mbot6279.cpl
c:\windows\system32\22966not-z-v5rus375.dll
c:\windows\system32\22d6bac9d5orz815.bin
c:\windows\system32\22z73sp5mb9t68e.cpl
c:\windows\system32\24599ackdoo5897z.dll
c:\windows\system32\24911spy5z6.exe
c:\windows\system32\2505zvirusa95.dll
c:\windows\system32\25101not-a-5z9us799.ocx
c:\windows\system32\2514095zus5c5.cpl
c:\windows\system32\25588not9z-virus9b.dll
c:\windows\system32\259025zy29c9.exe
c:\windows\system32\259139acktoolz05.dll
c:\windows\system32\25993za5ktoo9347.exe
c:\windows\system32\25995zorm4e79.exe
c:\windows\system32\25aadoz9loader480.ocx
c:\windows\system32\25bbaddwzre2590.ocx
c:\windows\system32\25e6zir11179.ocx
c:\windows\system32\25p9mbzt296.exe
c:\windows\system32\25zcthreat25890.ocx
c:\windows\system32\26045wo9m2az.cpl
c:\windows\system32\261zsparse5239.exe
c:\windows\system32\26522troz396.exe
c:\windows\system32\26555zie92474.exe
c:\windows\system32\2686zviru96d5.cpl
c:\windows\system32\26z539irus4a5.exe
c:\windows\system32\2710ha9zto5l624.exe
c:\windows\system32\271zsteal6985.bin
c:\windows\system32\27384s9y5cz.ocx
c:\windows\system32\27519sp5mbot37dz.cpl
c:\windows\system32\279z4tr5j6f49.cpl
c:\windows\system32\27z79spambot755.exe
c:\windows\system32\281025orz569.cpl
c:\windows\system32\28355spazb9t335.exe
c:\windows\system32\28355worz9a.dll
c:\windows\system32\2835zw59m5f.ocx
c:\windows\system32\28523z9rusc8.dll
c:\windows\system32\28745spy499z.exe
c:\windows\system32\28fcbacz5oo91251.dll
c:\windows\system32\293z9hac5tool2a4.cpl
c:\windows\system32\29540s9ambot1z6.bin
c:\windows\system32\295fzpy5are1588.exe
c:\windows\system32\295sparsz2795.bin
c:\windows\system32\297bszyware9450.ocx
c:\windows\system32\29985spy1b1z.dll
c:\windows\system32\29zsparse1758.bin
c:\windows\system32\2b495teaz898.exe
c:\windows\system32\2bz9backdoor1905.cpl
c:\windows\system32\2c79add5aze1054.bin
c:\windows\system32\2e1bth5eat10z549.cpl
c:\windows\system32\2e9dvzr1095.cpl
c:\windows\system32\2f22thz9at6955.dll
c:\windows\system32\2f83z95rse1158.bin
c:\windows\system32\2z090worm50.dll
c:\windows\system32\2z122tr955c.dll
c:\windows\system32\2z929vi5us739.exe
c:\windows\system32\2z999virus526.cpl
c:\windows\system32\2ze75ackdoor984.exe
c:\windows\system32\3009downloader2z55.exe
c:\windows\system32\30939o5m55dz.exe
c:\windows\system32\3134zt95j3e1.exe
c:\windows\system32\31752spy594z.bin
c:\windows\system32\3185ir307z9.bin
c:\windows\system32\31896w5zm282.dll
c:\windows\system32\31dbzir9858.cpl
c:\windows\system32\32219sp592z.cpl
c:\windows\system32\32559ot5a-viruz690.cpl
c:\windows\system32\325z4spa9bot489.exe
c:\windows\system32\328threa94z245.ocx
c:\windows\system32\329zw5rm9f0.exe
c:\windows\system32\32z19ha9ktool25b.ocx
c:\windows\system32\3405w9rmz58.exe
c:\windows\system32\3542spywaze9586.exe
c:\windows\system32\35945worz1ca9.exe
c:\windows\system32\3596spywaz9513.bin
c:\windows\system32\35baczdoor9915.dll
c:\windows\system32\36615acktool9zd.ocx
c:\windows\system32\369zvir9s235.exe
c:\windows\system32\36a5zack5oor9383.exe
c:\windows\system32\37dz5r1911.cpl
c:\windows\system32\38f795rz263.bin
c:\windows\system32\3904stzal995.cpl
c:\windows\system32\3912baczdo5r496.ocx
c:\windows\system32\3925h5cktool5z09.exe
c:\windows\system32\39816hacktzol55c.exe
c:\windows\system32\399as5arse81z.dll
c:\windows\system32\399fzte591480.exe
c:\windows\system32\39f8thze52952.exe
c:\windows\system32\3c7esparsez9665.ocx
c:\windows\system32\3da5th9ezt31146.bin
c:\windows\system32\3e3zthr5at30990.cpl
c:\windows\system32\3ef49hief5z29.cpl
c:\windows\system32\3z293wor5934.ocx
c:\windows\system32\4295sza5se2579.ocx
c:\windows\system32\4307downlo9de516z3.exe
c:\windows\system32\448d5tzal9432.ocx
c:\windows\system32\45069orm6z8.bin
c:\windows\system32\4509s9arse1z6.cpl
c:\windows\system32\4552add5a9ez639.exe
c:\windows\system32\4594t5r9az10320.exe
c:\windows\system32\45b7vi9z558.exe
c:\windows\system32\45f9tzief359.exe
c:\windows\system32\45z6tr9j6bf.ocx
c:\windows\system32\4628sp5z9.ocx
c:\windows\system32\46bcvz59232.cpl
c:\windows\system32\4739v59us2cz.exe
c:\windows\system32\48709a5ktool796z.bin
c:\windows\system32\4880v5rz799.exe
c:\windows\system32\4899thief1z45.ocx
c:\windows\system32\48e5zownloader31779.exe
c:\windows\system32\4905tz5ef2832.dll
c:\windows\system32\49d5thi9z2672.bin
c:\windows\system32\49ezsparse5612.ocx
c:\windows\system32\49f9downloadzr27035.bin
c:\windows\system32\49z1not-a-vir9s4935.bin
c:\windows\system32\4a53spzw9re2220.bin
c:\windows\system32\4dedt9iez1582.exe
c:\windows\system32\4f05szywar9814.bin
c:\windows\system32\4z359p5773.bin
c:\windows\system32\4z86hac5tool419.cpl

c:\windows\system32\50103s9yz32.exe
c:\windows\system32\508zno9-a-virus5e0.exe
c:\windows\system32\5090zddware1899.bin
c:\windows\system32\50absp95ze2222.exe
c:\windows\system32\5113ztroj90.exe
c:\windows\system32\5124spaz9e1344.bin
c:\windows\system32\51639zambot53a5.bin
c:\windows\system32\51709dd5arez1.dll
c:\windows\system32\5175zspam9ot309.cpl
c:\windows\system32\520hacktooz191.dll
c:\windows\system32\52283no9-a-vzrus65.ocx
c:\windows\system32\52595ackdzor3165.dll
c:\windows\system32\52dbt5zeat32497.cpl
c:\windows\system32\5336s9ambo51e6z.bin
c:\windows\system32\5341tro94z4.dll
c:\windows\system32\5376thiez9200.cpl
c:\windows\system32\53827zpambot19.ocx
c:\windows\system32\5385vir2z229.exe
c:\windows\system32\5419tzief2500.bin
c:\windows\system32\541ha9ktooz67.exe
c:\windows\system32\5499sp5wa9ez866.dll
c:\windows\system32\5502virz949.bin
c:\windows\system32\5537spywa5ez6369.ocx
c:\windows\system32\556zvi9142.cpl
c:\windows\system32\5593zvir9s238.cpl
c:\windows\system32\56137sz9656.dll
c:\windows\system32\5622viru9z9d.ocx
c:\windows\system32\56c59hi5f9z9.ocx
c:\windows\system32\56edbaczdoo5219.ocx
c:\windows\system32\5710not-a-vir5z199.exe
c:\windows\system32\57292vzrus493.cpl
c:\windows\system32\577athie93z85.exe
c:\windows\system32\5792thizf276.ocx
c:\windows\system32\58022sp9z9.dll
c:\windows\system32\58462zroj191.bin
c:\windows\system32\5912sp9385z.exe
c:\windows\system32\593thizf1060.bin
c:\windows\system32\59490worzdf.bin
c:\windows\system32\59e59wnzoader199.exe
c:\windows\system32\59e5sparse2533z.cpl
c:\windows\system32\59z5steal979.dll
c:\windows\system32\5b9bd5wnloader57z.bin
c:\windows\system32\5b9cthiefz313.ocx
c:\windows\system32\5c25zackdoor1397.ocx
c:\windows\system32\5cddowzloader1399.ocx
c:\windows\system32\5cz09ack5oor3167.ocx
c:\windows\system32\5d56t9zef2692.dll
c:\windows\system32\5db995ezl1724.dll
c:\windows\system32\5e5cspywa9ez228.cpl
c:\windows\system32\5f04downloazer9735.dll
c:\windows\system32\5f19th5zf29869.ocx
c:\windows\system32\5fd9zir32235.dll
c:\windows\system32\5fz9v5r1630.bin
c:\windows\system32\5z096spyc6.ocx
c:\windows\system32\5z5fbackdoor3974.exe
c:\windows\system32\5zd7sparse5907.bin
c:\windows\system32\6045tzre9t12256.ocx
c:\windows\system32\60b8vir2z915.cpl
c:\windows\system32\60z695ambot190.dll
c:\windows\system32\6109z9arse1524.ocx
c:\windows\system32\6193w59m552z.ocx
c:\windows\system32\62zsp59are964.cpl
c:\windows\system32\63095zr9s1e4.bin
c:\windows\system32\6453baczdoo91361.cpl
c:\windows\system32\64595ot-a-virzs95.exe
c:\windows\system32\6478d59nloazer1768.cpl
c:\windows\system32\652cs9zware16605.dll
c:\windows\system32\655dt9iez793.dll
c:\windows\system32\6591downl9aderz056.ocx
c:\windows\system32\65zev9r1415.dll
c:\windows\system32\6692thief956z.bin
c:\windows\system32\6698addw5r92z59.ocx
c:\windows\system32\66az59dware2298.cpl
c:\windows\system32\68195ddwa9e2z99.ocx
c:\windows\system32\68255az9tool7ea.ocx
c:\windows\system32\693thze53256.cpl
c:\windows\system32\6949viz5312.ocx
c:\windows\system32\6953a5dwarz881.bin
c:\windows\system32\697zhack9oo5567.bin
c:\windows\system32\699hzcktool2ae5.bin
c:\windows\system32\69ffzp5wa9e2268.dll
c:\windows\system32\69z0thie557.cpl
c:\windows\system32\6a2eaddz5re27649.bin
c:\windows\system32\6a89s5zrse664.cpl
c:\windows\system32\6af9szeal6435.cpl
c:\windows\system32\6bzfsp9war5481.ocx
c:\windows\system32\6czpar5e965.bin
c:\windows\system32\6f52down9ozder11385.cpl
c:\windows\system32\6f56spyzare559.ocx
c:\windows\system32\6f5959wnlozder2479.bin
c:\windows\system32\6f59addware3z3.exe
c:\windows\system32\6z68ste9l2599.bin
c:\windows\system32\6z88thief1597.exe
c:\windows\system32\6zc1thr9a55064.bin
c:\windows\system32\70495ownloazer3125.dll
c:\windows\system32\7182no9-a-viruz56.exe
c:\windows\system32\7189troj5z.ocx
c:\windows\system32\719dsp5ware632z.cpl
c:\windows\system32\71cfthr5zt26955.exe
c:\windows\system32\72f5bzckdoor1690.bin
c:\windows\system32\742fdownloader5039z.exe
c:\windows\system32\7450spa9ze179.ocx
c:\windows\system32\7459addzare2559.exe
c:\windows\system32\749addzar5522.exe
c:\windows\system32\74z7s9ywar5603.exe
c:\windows\system32\74z9vir358.exe
c:\windows\system32\7519v5rz673.dll
c:\windows\system32\75299ddware24z9.ocx
c:\windows\system32\7563viz9543.dll
c:\windows\system32\7593baczdoor1967.cpl
c:\windows\system32\75a6steal2193z.bin
c:\windows\system32\75d8s5yware2z659.dll
c:\windows\system32\76559azkdoor3119.exe
c:\windows\system32\7662spamz9t35.dll
c:\windows\system32\7869backd9orz57.exe
c:\windows\system32\78bfs5ea91404z.bin
c:\windows\system32\7990t5reat9085z.dll
c:\windows\system32\7a4zthrea56509.exe
c:\windows\system32\7c30b5ckdo9r60z.dll
c:\windows\system32\7c38th5ez1559.ocx
c:\windows\system32\7c3ca5dwzre921.ocx
c:\windows\system32\7d7zaddw5re31919.cpl
c:\windows\system32\7f92szyw5re3025.dll
c:\windows\system32\7z4aspyware9955.ocx
c:\windows\system32\8099hi5f135z.exe
c:\windows\system32\819thief5z1.dll
c:\windows\system32\88a5hizf952.ocx
c:\windows\system32\9050stea5251z.ocx
c:\windows\system32\90605spambotz5d.exe
c:\windows\system32\91cez5ief2067.cpl
c:\windows\system32\9330t5ief1846z.dll
c:\windows\system32\9371zot-a-vir5s380.exe
c:\windows\system32\938705zoj5d6.ocx
c:\windows\system32\945th59f15z2.ocx
c:\windows\system32\95110w5zm550.ocx
c:\windows\system32\95594zpy50c.ocx
c:\windows\system32\9561z5rm691.cpl
c:\windows\system32\95d4vir3z75.cpl
c:\windows\system32\95virzs18d.dll
c:\windows\system32\95z55worm5d5.cpl
c:\windows\system32\972zspa5se253.dll
c:\windows\system32\975dsparse1279z.cpl
c:\windows\system32\977d5hreat30458z.cpl
c:\windows\system32\9805t9oj5bfz.ocx
c:\windows\system32\9845not-9zvirus455.exe
c:\windows\system32\985525py529z.dll
c:\windows\system32\9869s5yfz.dll
c:\windows\system32\9894za5kt9ol47.cpl
c:\windows\system32\9904backdozr24715.dll
c:\windows\system32\993tzreat256.bin
c:\windows\system32\9950sp5zbot518.ocx
c:\windows\system32\99c9bazkdo5r2961.exe
c:\windows\system32\9a25spars51z94.dll
c:\windows\system32\9aecspywarz2650.dll
c:\windows\system32\9baspzware1955.bin
c:\windows\system32\9c39parse560z.ocx
c:\windows\system32\9c7bszarse1585.cpl
c:\windows\system32\9cbzthief3155.ocx
c:\windows\system32\9dbdstealz945.dll
c:\windows\system32\9e66adzw5re89.ocx
c:\windows\system32\9efzspyware16005.exe
c:\windows\system32\9z35spar5e957.bin
c:\windows\system32\9z8155py1f8.cpl
c:\windows\system32\a9fzhre5910455.dll
c:\windows\system32\b895teal186z.dll
c:\windows\system32\c51bzckdo9r2589.dll
c:\windows\system32\c8a9dzare965.ocx
c:\windows\system32\fz5vi9867.bin
c:\windows\system32\gxvxccounter
c:\windows\system32\gxvxchxqjoyyrdsbrgxnnvudcqvwodmxcyyih.dll
c:\windows\system32\Plugins

c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\e=mc2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\einstein.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\flag.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\galaxy 2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\galaxy 3.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\galaxy 4.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\galaxy 5.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\galaxy 6.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\galaxy 7.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\galaxy 8.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\galaxy.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\manmoon 2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\manmoon 3.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\manmoon.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\rocket 2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\rocket.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\saturn.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\saturn2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\space shuttle.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\spiral.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\star.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\CelestialShapes\theatre.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Constellation\andromeda.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Constellation\aries.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Constellation\big_dipper.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Constellation\big_little_dipper.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Constellation\cancer.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Constellation\capicornus.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Constellation\cassipeia.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Constellation\draco.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Constellation\gemini.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Constellation\hercules.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Constellation\leo.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Constellation\libra.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Constellation\little_dipper.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Constellation\orion.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Constellation\pegasus.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Constellation\sagitarius.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Constellation\scorpio.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Constellation\taurus.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Constellation\virgo.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\PaperTextures\BackerBoard_t.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\PaperTextures\Canvas_Large_t.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\PaperTextures\Canvas_Medium_t.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\PaperTextures\Canvas_Small_t.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\PaperTextures\Cardboard_t.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\PaperTextures\CardboardHiRes_t.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\PaperTextures\Charcoal_Course_t.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\PaperTextures\Charcoal_Medium_t.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\PaperTextures\Charcoal_Small_t.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\PaperTextures\Charcoal_Uneven_t.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\PaperTextures\Cloth_linen_2_t.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\PaperTextures\Newsprint_t.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\PaperTextures\Organic_t.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\PaperTextures\Parchment_t.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\PaperTextures\SketchPaper_t.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\PaperTextures\Vellum_Course_t.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\PaperTextures\Vellum_t.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\PaperTextures\WaterColor_Fine_t.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\PaperTextures\WaterColor_Medium_t.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Altocumulus 1.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Altocumulus 1.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Altocumulus 2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Altocumulus 2.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Altocumulus 3.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Altocumulus 3.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Altocumulus 4.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Altocumulus 4.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Altocumulus 5.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Altocumulus 5.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\dark sunset 2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\dark sunset 2.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\dark sunset.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\dark sunset.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Evening Clouds.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Evening Clouds.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Forest Sky.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Forest Sky.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Moon Cloud.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Moon Cloud.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Moon Clouds.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Moon Clouds.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Red Clouds 2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Red Clouds 2.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Red Clouds.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Red Clouds.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Sunset.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Altocumulus\Sunset.pre

c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Celestial Shapes\E=mc2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Celestial Shapes\E=mc2.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Celestial Shapes\Einstein.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Celestial Shapes\Einstein.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Celestial Shapes\Flag.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Celestial Shapes\Flag.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Celestial Shapes\Man in the Moon Color.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Celestial Shapes\Man in the Moon Color.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Celestial Shapes\Man in the Moon.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Celestial Shapes\Man in the Moon.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Celestial Shapes\Saturn.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Celestial Shapes\Saturn.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Celestial Shapes\Space Shuttle.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Celestial Shapes\Space Shuttle.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Celestial Shapes\Star Shape 1.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Celestial Shapes\Star Shape 1.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Celestial Shapes\Star Shape 5.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Celestial Shapes\Star Shape 5.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Combination\Combination 1.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Combination\Combination 1.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Combination\Combination 2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Combination\Combination 2.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Combination\Combination 3.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Combination\Combination 3.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Combination\Combination 4.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Combination\Combination 4.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Combination\Combination 5.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Combination\Combination 5.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Combination\Combination 6.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Combination\Combination 6.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Combination\Combination 7.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Combination\Combination 7.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Combination\Combination 8.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Combination\Combination 8.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Combination\Day Moon Small.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Combination\Day Moon Small.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Combination\Day Moon.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Combination\Day Moon.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Constellation\Big & Little Dipper.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Constellation\Big & Little Dipper.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Constellation\Draco.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Constellation\Draco.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Constellation\Hercules Blue Stars.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Constellation\Hercules Blue Stars.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Constellation\Leo.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Constellation\Leo.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Constellation\Little Dipper.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Constellation\Little Dipper.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Constellation\Orion 2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Constellation\Orion 2.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Constellation\Orion.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Constellation\Orion.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Constellation\Scorpio.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Constellation\Scorpio.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\clouds blue.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\clouds blue.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\clouds green and gold.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\clouds green and gold.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\clouds white.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\clouds white.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\cumulus 2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\cumulus 2.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\cumulus 3.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\cumulus 3.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\cumulus.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\cumulus.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\dark sunset.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\dark sunset.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\dawn.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\dawn.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\day clouds white.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\day clouds white.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\day light blue.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\day light blue.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\day purple.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\day purple.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\evening cloud.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\evening cloud.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\fluffy clouds 2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\fluffy clouds 2.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\fluffy clouds 3.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\fluffy clouds 3.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\fluffy clouds.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\fluffy clouds.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\green and gold.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\green and gold.jpg.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\green and gold2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Cumulus\green and gold2.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Milkyway\Milkyway 1.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Milkyway\Milkyway 1.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\Day Moon 2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\Day Moon 2.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\Day Moon.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\Day Moon.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\Foggy Moon.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\Foggy Moon.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\Full Moon.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\Full Moon.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\Moon Clouds 1.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\Moon Clouds 1.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\Moon Clouds 2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\Moon Clouds 2.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\Moon Clouds 3.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\Moon Clouds 3.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\Moon Clouds 4.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\Moon Clouds 4.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\Moon Clouds.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\Moon Clouds.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\MoonPhase Clouds.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\MoonPhase Clouds.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\MoonPhase2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\MoonPhase2.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\MoonPhase9.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\MoonPhase9.pre

c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\Quarter Moon Phase 3.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonGlow\Quarter Moon Phase 3.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonRing\Foggy MoonRing.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonRing\Foggy MoonRing.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonRing\MoonRing Blue.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\MoonRing\MoonRing Blue.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Northern Lights\Aurora 2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Northern Lights\Aurora 2.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Northern Lights\Aurora 3.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Northern Lights\Aurora 3.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Northern Lights\Aurora.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Northern Lights\Aurora.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Northern Lights\Green Blue Purple.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Northern Lights\Green Blue Purple.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Northern Lights\Green Blue.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Northern Lights\Green Blue.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Northern Lights\Green Purple.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Northern Lights\Green Purple.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Northern Lights\Green Ribbon.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Northern Lights\Green Ribbon.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Northern Lights\Green Ribbon2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Northern Lights\Green Ribbon2.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Northern Lights\Ribbon_Red Orange.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Northern Lights\Ribbon_Red Orange.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Northern Lights\Soft Lights.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Northern Lights\Soft Lights.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Dreaming.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Dreaming.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Dreaming2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Dreaming2.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Dreaming3.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Dreaming3.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Dreaming4.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Dreaming4.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Cyan and Blue.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Cyan and Blue.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Cyan and Green.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Cyan and Green.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Dove Grey.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Dove Grey.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Dusty Rose.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Dusty Rose.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Dusty Rose_Softness Applied.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Dusty Rose_Softness Applied.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Green and Blue.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Green and Blue.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Grey_Softness Applied.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Grey_Softness Applied.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Hot Pink and Purple.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Hot Pink and Purple.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Lavender_Softness Applied.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Lavender_Softness Applied.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Light Blue.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Light Blue.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Light Blue_Softness Applied.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Light Blue_Softness Applied.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Lightly Lavendar.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Lightly Lavendar.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Lime Green and Green.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Lime Green and Green.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Pink and Red.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Pink and Red.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Powder Blue.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Powder Blue.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Powder Blue_Softness Applied.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Duotone\Powder Blue_Softness Applied.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Film - ISO 400(grain).jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Film - ISO 400(grain).pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Film - ISO 500(large_grain).jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Film - ISO 500(large_grain).pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Film - ISO 500_Warm(large_grain).jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Film - ISO 500_Warm(large_grain).pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Monotone\Blue.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Monotone\Blue.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Monotone\BlueGrey.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Monotone\Brown.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Monotone\Brown.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Monotone\Gold.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Monotone\Gold.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Monotone\Green.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Monotone\Green.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Monotone\GreyBlue.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Monotone\GreyBlue.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Monotone\GreyLIghtBlue.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Monotone\GreyLIghtBlue.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Monotone\Ivory.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Monotone\Ivory.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Monotone\Pink.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Monotone\Purple.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Monotone\Purple.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Monotone\Teal.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\Monotone\Teal.pre
c

c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\OldBlackWhite(grain).jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\OldBlackWhite(grain).pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\OldBlackWhite.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\OldBlackWhite.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\OldBlackWhite2(grain).jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\OldBlackWhite2(grain).pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\OldPhoto1(grain).jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\OldPhoto1(grain).pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\OldPhoto1.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\OldPhoto1.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\OldPhoto2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\OldPhoto2.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\OldPhoto3(grain).jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\OldPhoto3(grain).pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\OldPhoto4.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\PixelSampler\OldPhoto4.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Star Set 1.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Star Set 1.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Star Set 2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Star Set 2.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Star Set 3.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Star Set 3.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Star Set 4.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Star Set 4.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Star Set 5.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Star Set 5.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Star Set 6.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Star Set 6.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Star Set 7.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Star Set 7.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Starry Night Foggy Moon.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Starry Night Foggy Moon.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Starry Night Full Moon 2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Starry Night Full Moon 2.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Starry Night Full Moon.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Starry Night Full Moon.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Starry Night Quarter Moon 2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Starry Night Quarter Moon 2.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Starry Night Quarter Moonpre.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Starry Night Quarter Moonpre.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Wishing Star.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelCreation\Starry Night\Wishing Star.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelPack1\Extrude\extrude 1.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelPack1\Extrude\extrude 1.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelPack1\Extrude\extrude 10.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelPack1\Extrude\extrude 10.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelPack1\Extrude\extrude 2.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelPack1\Extrude\extrude 2.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelPack1\Extrude\extrude 3.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelPack1\Extrude\extrude 3.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelPack1\Extrude\extrude 4.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelPack1\Extrude\extrude 4.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelPack1\Extrude\extrude 5.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelPack1\Extrude\extrude 5.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelPack1\Extrude\extrude 6.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelPack1\Extrude\extrude 6.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelPack1\Extrude\extrude 7.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelPack1\Extrude\extrude 7.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelPack1\Extrude\extrude 8.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelPack1\Extrude\extrude 8.pre
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelPack1\Extrude\extrude 9.jpg
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\Presets\PixelPack1\Extrude\extrude 9.pre

c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\TPPreferences.xml
c:\windows\system32\Plugins\TwistingPixels\TwistingPixel\TwistingPixelResources.db
c:\windows\system32\Plugins\TwistingPixels\TwistingPixels.8bf
c:\windows\system32\Plugins\TwistingPixels\TwistingPixels.exe
c:\windows\system32\Plugins\TwistingPixels\TwistingPixels.url
c:\windows\system32\Plugins\TwistingPixels\unins000.dat
c:\windows\system32\Plugins\TwistingPixels\unins000.exe
c:\windows\system32\setup2.exe
c:\windows\system32\z108vir1659.dll
c:\windows\system32\z1693spy57.cpl
c:\windows\system32\z1a1spar9e2358.ocx
c:\windows\system32\z21cste591890.dll
c:\windows\system32\z2357not-9-virus62e5.bin
c:\windows\system32\z2757w9rm1ce.cpl
c:\windows\system32\z3611sp9mbot539.exe
c:\windows\system32\z45fspywar91122.cpl
c:\windows\system32\z51aspywar92901.cpl
c:\windows\system32\z539ste5l1056.ocx
c:\windows\system32\z555vir979.ocx
c:\windows\system32\z56495r677.dll
c:\windows\system32\z577th9eat4665.cpl
c:\windows\system32\z5802v9rus4f3.ocx
c:\windows\system32\z6503worm9ef.bin
c:\windows\system32\z6915not-a-virus10e.ocx
c:\windows\system32\z767s95al1970.bin
c:\windows\system32\z857virus965.bin
c:\windows\system32\z998vir475.cpl
c:\windows\system32\za59ownloader2719.ocx
c:\windows\system32\zf195ackdoor711.bin
c:\windows\system32\zfdedo9nloader255.dll
c:\windows\z076a95ware2601.dll
c:\windows\z079spy559.cpl
c:\windows\z11stea95287.cpl
c:\windows\z1465hack9ool6bc.ocx
c:\windows\z14baddwa5e1590.ocx
c:\windows\z1693viru957a.exe
c:\windows\z1985hreat24465.exe
c:\windows\z19spa5se794.ocx
c:\windows\z3ast9al225.bin
c:\windows\z427s59rse2935.dll
c:\windows\z46475py79b.ocx
c:\windows\z4976not-a-virus5c9.dll
c:\windows\z5176hacktoo96b4.bin
c:\windows\z5445parse935.exe
c:\windows\z6069virus9d5.bin
c:\windows\z62459ot-a-virus2395.cpl
c:\windows\z6f2b5ckdoor4089.ocx
c:\windows\z79025roj72f.bin
c:\windows\z89bthre5t16207.bin
c:\windows\z9314v5rus41.bin
c:\windows\zbedv9r11735.dll
c:\windows\zc93threat206335.cpl
c:\windows\ze9sparse15339.dll
c:\windows\zf14addw9re5959.cpl
c:\windows\zf3a5dwa9e954.ocx
c:\windows\zfe99ir5381.dll
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2009-05-06 to 2009-06-06 )))))))))))))))))))))))))))))))
.

2009-09-14 16:50 . 2009-09-14 16:50 16590 ----a-w- c:\windows\6w5rm9dez.exe
2009-06-06 19:04 . 2009-06-06 19:30 -------- d---a-w- \Qoobox
2009-06-06 19:04 . 2009-06-06 19:27 -------- d-----w- C:\32788R22FWJFW
2009-06-06 19:04 . 2009-06-06 19:27 -------- d-----w- \32788R22FWJFW
2009-06-06 17:37 . 2009-03-11 08:00 89104 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090606.003\naveng.sys
2009-06-06 17:37 . 2009-03-11 08:00 876144 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090606.003\navex15.sys
2009-06-06 17:37 . 2009-03-11 08:00 177520 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090606.003\naveng32.dll
2009-06-06 17:37 . 2009-03-11 08:00 1181040 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090606.003\navex32a.dll
2009-06-06 17:37 . 2009-03-11 08:00 371248 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090606.003\eeCtrl.sys
2009-06-06 17:37 . 2009-03-11 08:00 2414128 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090606.003\cceraser.dll
2009-06-06 17:37 . 2009-03-11 08:00 101936 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090606.003\ERASER.sys
2009-06-06 17:37 . 2009-02-17 09:07 259368 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090606.003\ecmsvr32.dll
2009-06-05 19:06 . 2009-03-11 08:00 1181040 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090605.003\navex32a.dll
2009-06-05 19:06 . 2009-03-11 08:00 89104 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090605.003\naveng.sys
2009-06-05 19:06 . 2009-03-11 08:00 876144 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090605.003\navex15.sys
2009-06-05 19:06 . 2009-03-11 08:00 371248 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090605.003\eeCtrl.sys
2009-06-05 19:06 . 2009-03-11 08:00 177520 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090605.003\naveng32.dll
2009-06-05 19:06 . 2009-03-11 08:00 101936 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090605.003\ERASER.sys
2009-06-05 19:06 . 2009-02-17 09:07 259368 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090605.003\ecmsvr32.dll
2009-06-05 19:06 . 2009-03-11 08:00 2414128 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090605.003\cceraser.dll
2009-05-31 19:00 . 2009-03-06 17:25 439672 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090528.001\scxpx86.dll
2009-05-31 19:00 . 2009-02-09 22:59 251768 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090528.001\symidsco.sys
2009-05-31 19:00 . 2009-02-09 22:59 173432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090528.001\SymIDSI.dll
2009-05-31 19:00 . 2009-02-09 22:59 272432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090528.001\IDSvix86.sys
2009-05-31 19:00 . 2009-02-09 22:59 685432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090528.001\idsxpx86.dll
2009-05-31 19:00 . 2009-02-09 22:59 370224 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090528.001\IDSvia64.sys
2009-05-31 19:00 . 2007-08-30 02:29 157120 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090528.001\ids9xx86.dll
2009-05-23 18:44 . 2009-05-23 18:44 -------- d-----w- c:\program files\Common Files\Adobe AIR
2009-05-23 18:07 . 2009-05-23 18:06 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-05-21 18:45 . 2009-02-09 22:59 251768 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090519.005\symidsco.sys
2009-05-21 18:45 . 2009-02-09 22:59 173432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090519.005\SymIDSI.dll
2009-05-21 18:45 . 2009-03-06 17:25 439672 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090519.005\scxpx86.dll
2009-05-21 18:45 . 2009-02-09 22:59 272432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090519.005\IDSvix86.sys
2009-05-21 18:45 . 2009-02-09 22:59 685432 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090519.005\idsxpx86.dll
2009-05-21 18:45 . 2009-02-09 22:59 370224 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090519.005\IDSvia64.sys
2009-05-21 18:45 . 2007-08-30 02:29 157120 ----a-w- c:\programdata\Symantec\Definitions\SymcData\ipsdefs\20090519.005\ids9xx86.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2071-07-09 14:40 . 2008-04-16 16:31 385072 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20080416.009\eeCtrl.sys
2071-07-09 14:40 . 2008-04-16 16:31 2561072 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20080416.009\cceraser.dll
2071-07-09 14:40 . 2008-04-16 16:31 109616 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20080416.009\ERASER.sys
2009-06-06 19:36 . 2009-01-06 16:17 -------- d-----w- c:\programdata\Kontiki
2009-06-06 16:00 . 2007-08-09 19:15 2459828224 --sha-w- \pagefile.sys
2009-05-23 18:44 . 2008-03-13 18:07 -------- d-----w- c:\program files\Common Files\Adobe
2009-05-23 18:35 . 2007-12-25 12:08 -------- d-----w- c:\program files\Serif
2009-05-23 18:29 . 2007-05-09 12:10 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-05-23 18:06 . 2007-09-25 19:11 -------- d-----w- c:\program files\Java
2009-05-20 20:27 . 2007-10-24 17:46 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-05-20 20:26 . 2007-06-22 11:28 -------- d-----w- c:\program files\Microsoft Works
2009-05-20 20:26 . 2007-06-22 11:27 -------- d-----w- c:\programdata\Microsoft Help
2009-05-20 20:26 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-05-06 08:50 . 2009-05-06 08:50 -------- d-----w- c:\users\Art\AppData\Roaming\WTablet
2009-04-27 09:57 . 2007-09-19 14:24 5084 ----a-w- c:\users\Art\AppData\Roaming\wklnhst.dat
2009-04-26 20:17 . 2009-04-26 20:16 -------- d-----w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-26 20:17 . 2009-04-26 20:16 -------- d-----w- c:\program files\iTunes
2009-04-26 20:17 . 2009-04-26 20:17 -------- d-----w- c:\program files\iPod
2009-04-26 20:17 . 2007-11-15 18:14 -------- d-----w- c:\program files\Common Files\Apple
2009-04-26 20:16 . 2007-11-15 18:10 -------- d-----w- c:\programdata\Apple Computer
2009-04-26 20:15 . 2009-04-26 20:15 -------- d-----w- c:\program files\Bonjour
2009-04-26 20:15 . 2009-04-26 20:15 -------- d-----w- c:\program files\QuickTime
2009-04-26 20:10 . 2009-04-26 20:10 75048 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
2009-04-23 14:04 . 2007-09-17 10:20 -------- d-----w- c:\programdata\Symantec
2009-04-20 10:39 . 2007-09-07 15:18 -------- d-----w- c:\programdata\X10 Settings
2009-04-14 19:19 . 2009-04-14 19:19 -------- d-----w- c:\program files\directx
2009-04-13 20:45 . 2007-08-09 19:35 173920 ----a-w- c:\users\Art\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-10 18:04 . 2007-10-11 16:22 -------- d-----w- c:\users\Art\AppData\Roaming\Image Zone Express
2009-04-10 17:57 . 2009-04-10 17:57 -------- d-----w- c:\programdata\HP Product Assistant
2009-03-22 16:32 . 2009-03-22 16:32 390664 ----a-w- c:\users\Art\AppData\Roaming\Real\Update\temp\~Upg0\RealPlayer11.exe
2009-03-22 16:32 . 2009-03-22 16:32 390664 ----a-w- c:\users\Art\AppData\Roaming\Real\RealPlayer\Update\RealPlayer11.exe
2009-03-19 15:32 . 2009-04-26 20:17 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-19 15:32 . 2009-03-19 15:32 23400 ----a-w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2009-03-11 08:00 . 2009-04-18 16:57 89104 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090418.004\naveng.sys
2009-03-11 08:00 . 2009-04-18 16:57 876144 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090418.004\navex15.sys
2009-03-11 08:00 . 2009-04-18 16:57 177520 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090418.004\naveng32.dll
2009-03-11 08:00 . 2009-04-18 16:57 1181040 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090418.004\navex32a.dll
2009-03-11 08:00 . 2009-04-18 16:57 371248 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090418.004\eeCtrl.sys
2009-03-11 08:00 . 2009-04-18 16:57 2414128 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090418.004\cceraser.dll
2009-03-11 08:00 . 2009-04-18 16:57 101936 ----a-w- c:\programdata\Symantec\Definitions\VirusDefs\20090418.004\ERASER.sys
2008-07-14 09:18 . 2008-07-14 09:19 774144 ----a-w- c:\program files\RngInterstitial.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-11 1232896]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2006-11-02 125440]
"Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" [2008-07-02 393216]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-12-23 143360]
"kdx"="c:\program files\Kontiki\KHost.exe" [2008-02-27 1032376]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-06 39408]
"Google Update"="c:\users\Art\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-04-22 133104]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-23 148888]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Kodak EasyShare software.lnk - c:\program files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2007-9-19 282624]
TabUserW.exe.lnk - c:\windows\System32\WTablet\TabUserW.exe [2008-3-22 114688]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=c:\windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{76AFE342-55DD-4565-8892-CB18E8DA3632}"= c:\program files\Home Cinema\PowerDVD\PowerDVD.EXE:CyberLink PowerDVD
"{5BB15064-42BA-42B2-AC2B-9528CB53BDC9}"= c:\program files\Home Cinema\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{9303CB5D-7120-417C-815C-7A8D9DDE418E}"= UDP:h:\sthiwv\stInstall.exe:SpeedTouch Home Install Wizard
"{15812515-1123-4BB9-9B6C-CD3352491D82}"= TCP:h:\sthiwv\stInstall.exe:SpeedTouch Home Install Wizard
"{1793C829-2CA1-41DD-95CD-04A384680C8D}"= UDP:c:\program files\Thomson\ST330\service\st330service.exe:ST330 service
"{6EE81BE5-63E0-46CE-8571-3C4F044D19F1}"= TCP:c:\program files\Thomson\ST330\service\st330service.exe:ST330 service
"{6014D3B1-E67B-4543-87EF-C8C328C59809}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{26DB68B8-876D-4F30-BCF7-FAC211B719EA}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{FE153495-A947-4492-8FA4-9D7979C93228}"= UDP:c:\program files\Kontiki\KService.exe:Delivery Manager Service
"{3EC1E52E-FF11-4931-99A7-B1ADDE278A78}"= TCP:c:\program files\Kontiki\KService.exe:Delivery Manager Service
"{877F68CB-87E4-4187-BDD0-7A11842B2E4C}"= UDP:c:\program files\Kontiki\KService.exe:Delivery Manager Service
"{63C108A7-643C-428C-8D27-1009E333CCD7}"= TCP:c:\program files\Kontiki\KService.exe:Delivery Manager Service
"{9D7FF745-AD99-4BB2-94A3-8260D23C6F18}"= UDP:c:\program files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2
"{63B16F3D-1FBF-44AF-B812-C9A2C90A76FD}"= TCP:c:\program files\EA GAMES\Battlefield 2\BF2.exe:Battlefield 2
"{B93C477A-58B5-4C7B-B027-7E1D808CDBF7}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{3FCF7949-D048-4C6A-839C-8BA9F8434CB9}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{14505218-B942-452F-A442-F37B33BD2913}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{355F0880-55AC-4102-ABAA-5097E13FDFDB}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 hotcore3;hotcore3;c:\windows\System32\drivers\hotcore3.sys [26/08/2008 12:56 38448]
R0 ViBus;ViBus;c:\windows\System32\drivers\ViBus.sys [22/06/2007 09:19 16896]
R0 ViPrt;VIA SATA IDE Device Driver;c:\windows\System32\drivers\ViPrt.sys [22/06/2007 09:19 52224]
R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\ipsdefs\20090528.001\IDSvix86.sys [31/05/2009 20:00 272432]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [31/10/2008 20:39 149352]
R2 TabletServicePen;TabletServicePen;c:\windows\System32\Pen_Tablet.exe [23/03/2008 20:12 1373480]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [11/03/2009 17:29 101936]
R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\System32\drivers\Ph3xIB32.sys [03/04/2007 10:43 1131136]
R3 SYMNDISV;SYMNDISV;c:\windows\System32\drivers\symndisv.sys [19/02/2009 12:31 41008]
R3 X10Hid;X10 Hid Device;c:\windows\System32\drivers\x10hid.sys [22/06/2007 10:37 13976]
S3 3xHybrid;Philips SAA713x PCI Card;c:\windows\System32\drivers\3xHybrid.sys [09/05/2007 12:02 1136600]
S3 COH_Mon;COH_Mon;c:\windows\System32\drivers\COH_Mon.sys [30/08/2007 03:31 23888]
S3 ST330;ST330;c:\windows\System32\drivers\st330.sys [16/09/2007 14:28 30464]
S3 STBUS;STBUS;c:\windows\System32\drivers\stbus.sys [16/09/2007 14:28 12672]
S3 stppp;Speedtouch PPP Adapter Adapter;c:\windows\System32\drivers\stppp.sys [16/09/2007 14:28 35328]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - COMHOST

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2009-06-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2136973437-3304041653-515064046-1000.job
- c:\users\Art\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-22 16:49]

2009-06-01 c:\windows\Tasks\Norton Internet Security Online - Run Full System Scan - Art.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe [2007-08-30 02:31]

2009-06-06 c:\windows\Tasks\User_Feed_Synchronization-{37C4EE4E-DDE5-49FE-9421-2DD8A3398222}.job
- c:\windows\system32\msfeedssync.exe [2009-03-20 11:31]
.
- - - - ORPHANS REMOVED - - - -

SafeBoot-procexp90.Sys


.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: eBay Search - c:\program files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-06 20:37
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\st330service]
"ImagePath"="C:\Program Files/Thomson/ST330/service/st330service.exe -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-06-06 20:39
ComboFix-quarantined-files.txt 2009-06-06 19:39

Pre-Run: 206,703,628,288 bytes free
Post-Run: 212,706,320,384 bytes free

1588 --- E O F --- 2009-04-16 12:42

Hello.

Now open a new notepad file.
Input this into the notepad file:

KILLALL::

File::
c:\windows\6w5rm9dez.exe

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=-
"InternetSettingsDisableNotify"=-
"AutoUpdateDisableNotify"=-

Save this as CFScript.txt, save it to your desktop also.
Then drag and drop CFScript.txt into combofix as seen below:


This will open combofix again, agree to it's terms and allow it to run.
It may want to reboot after it's done. (It will warn you if it wants to)
Post the resulting log back here.