Solved Having problem, but don't know what is...

[Konishi]

Probably it's a virus, when I open firefox my internet connection seems turn off and I can't open any new pages. (Posting using GC)

[HJT log removed by Broni]

 

[Broni]

Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:

• Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
• If you're stuck, or you're not sure about certain step, always ask before doing anything else.
• Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
• Never run more than one scan at a time.
• Keep updating me regarding your computer behavior, good, or bad.
• The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
• If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
• I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

 

[Konishi]

Nice this is still open. I had some irl problems and I can't came here to say this, sorry about that.
There's the logs:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.07.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Konishi :: KONISHI-PC [administrator]

07/08/2012 12:37:05
mbam-log-2012-08-07 (12-37-05).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 193475
Time elapsed: 2 minute(s), 41 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Recycle.Bin (Trojan.Spyeyes) -> Quarantined and deleted successfully.

Files Detected: 1
C:\Recycle.Bin\C39B1064484C84B (Trojan.Spyeyes) -> Quarantined and deleted successfully.

(end)

GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-08-07 12:59:45
Windows 6.1.7601 Service Pack 1
Running: y32o59b4.exe


---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xC3 0x0E 0x0B 0x11 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xFC 0x6A 0x76 0xB3 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x7B 0x02 0xF3 0xC7 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x21 0x96 0xC6 0x76 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xC3 0x0E 0x0B 0x11 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0xFC 0x6A 0x76 0xB3 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0xA0 0x02 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x7B 0x02 0xF3 0xC7 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x21 0x96 0xC6 0x76 ...

---- EOF - GMER 1.0.15 ----

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.4.1
Run by Konishi at 13:02:06 on 2012-08-07
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.55.1046.18.4095.2454 [GMT -3:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Proxy Labs\ProxyCap\pcapsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Proxy Labs\ProxyCap\pcapui.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\AhnLab\ASP\Components\ASPLnchr.exe
C:\Windows\system32\taskhost.exe
C:\Users\Konishi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Konishi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Konishi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Konishi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Konishi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Konishi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Konishi\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://df.nexon.com/
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Auxiliar de Conexão do Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Google Update] "C:\Users\Konishi\AppData\Local\Google\Update\GoogleUpdate.exe" /c
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
LSP: pcapwsp.dll
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{5F5BC493-072E-49C4-AC1F-266A9244ED4E} : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{8ED7000D-53F7-4487-8809-5B511BFF5EEC} : DhcpNameServer = 7.254.254.254
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: ecojink - C:\Windows\system32\config\systemprofile\AppData\Local\ecojink.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRunOnce-x64: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Konishi\AppData\Roaming\Mozilla\Firefox\Profiles\f8n672gz.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\conflict_475\npaosmgr.dll
FF - plugin: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\NeoplePlugin\npNeopleGameInstaller.dll
FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
FF - plugin: C:\Users\Konishi\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
.
============= SERVICES / DRIVERS ===============
.
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-8-7 44808]
R2 pcapsvc;ProxyCap Service;C:\Program Files\Proxy Labs\ProxyCap\pcapsvc.exe [2010-9-18 635904]
R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\system32\DRIVERS\tap0901t.sys --> C:\Windows\system32\DRIVERS\tap0901t.sys [?]
S2 biafagiz;i8042 Keyboard and PS/2 Mouse Port Helper;C:\Windows\System32\svchost.exe -k netsvcs [2009-7-13 20992]
S3 dfmirage;dfmirage;C:\Windows\system32\DRIVERS\dfmirage.sys --> C:\Windows\system32\DRIVERS\dfmirage.sys [?]
S3 Mkd2Bthf;Mkd2Bthf;C:\Windows\system32\drivers\Mkd2Bthf.sys --> C:\Windows\system32\drivers\Mkd2Bthf.sys [?]
S3 Mkd2Nadr;Mkd2Nadr;C:\Windows\system32\drivers\Mkd2Nadr.sys --> C:\Windows\system32\drivers\Mkd2Nadr.sys [?]
S3 Mkd3kfNt;Mkd3kfNt;C:\Windows\system32\drivers\Mkd3kfNt.sys --> C:\Windows\system32\drivers\Mkd3kfNt.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-11 113120]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2012-5-30 736104]
S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
S4 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-4-5 361984]
.
=============== Created Last 30 ================
.
2012-08-07 15:19:2324904----a-w-C:\Windows\System32\drivers\mbam.sys
2012-08-07 15:19:23--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-07 15:06:4154072----a-w-C:\Windows\System32\drivers\aswRdr2.sys
2012-08-07 15:06:34958400----a-w-C:\Windows\System32\drivers\aswSnx.sys
2012-08-07 15:06:3271064----a-w-C:\Windows\System32\drivers\aswMonFlt.sys
2012-08-07 15:06:1641224----a-w-C:\Windows\avastSS.scr
2012-08-07 10:28:57--------d-----w-C:\Users\Konishi\AppData\Local\{DDAB8DFE-D797-4143-9A7B-08A28850DD1A}
2012-08-07 10:28:46--------d-----w-C:\Users\Konishi\AppData\Local\{89D32F03-EC65-4C5D-9270-57A942200E5C}
2012-08-06 22:28:21--------d-----w-C:\Users\Konishi\AppData\Local\{C6FC6125-CC8B-41AF-9F21-77694EEF98C5}
2012-08-06 22:28:11--------d-----w-C:\Users\Konishi\AppData\Local\{50639813-FDCA-422E-9D4E-5B7F634BE863}
2012-08-06 21:04:48282696----a-w-C:\Windows\SysWow64\PnkBstrB.exe
2012-08-06 21:04:48282696----a-w-C:\Windows\SysWow64\PnkBstrB.ex0
2012-08-06 21:04:3976888----a-w-C:\Windows\SysWow64\PnkBstrA.exe
2012-08-06 10:27:45--------d-----w-C:\Users\Konishi\AppData\Local\{915CB4AC-772A-4631-A2D1-7A1F08216C81}
2012-08-06 10:27:35--------d-----w-C:\Users\Konishi\AppData\Local\{82974E9C-0B77-4C2C-BAB9-5C3C27554F08}
2012-08-05 16:13:32--------d-----w-C:\Users\Konishi\AppData\Local\{44027318-F02F-412D-8E5E-ABED25A7D9B0}
2012-08-05 16:13:21--------d-----w-C:\Users\Konishi\AppData\Local\{AB468F21-D63C-44DA-B751-FDF8EDB6089A}
2012-08-05 04:12:55--------d-----w-C:\Users\Konishi\AppData\Local\{9540F04C-6C4C-4550-8728-01947DE9C727}
2012-08-05 04:12:43--------d-----w-C:\Users\Konishi\AppData\Local\{4D686B43-D2BF-4BAF-86AC-06179265BFCC}
2012-08-04 10:23:12--------d-----w-C:\Users\Konishi\AppData\Local\{06744DB6-1E5A-4D96-94A7-67570B250146}
2012-08-04 10:23:02--------d-----w-C:\Users\Konishi\AppData\Local\{DFC53409-AD47-4C25-A671-864BE283B44C}
2012-08-03 22:22:49--------d-----w-C:\Users\Konishi\AppData\Local\{2A85ECEA-4C0D-4A38-AF62-50B43CDA9152}
2012-08-03 22:22:39--------d-----w-C:\Users\Konishi\AppData\Local\{FA31A21E-4E20-45B4-A87D-8C210D8F43DD}
2012-08-03 10:22:14--------d-----w-C:\Users\Konishi\AppData\Local\{A5593731-9E52-4C9E-B143-3C78476BA590}
2012-08-03 10:22:03--------d-----w-C:\Users\Konishi\AppData\Local\{0F6B97CA-D2D3-4067-B442-0190D3B88270}
2012-08-02 22:21:38--------d-----w-C:\Users\Konishi\AppData\Local\{8C2B1CDF-E525-4C73-A5D3-A2328956810A}
2012-08-02 22:21:28--------d-----w-C:\Users\Konishi\AppData\Local\{E6D838D5-0513-489C-BD1F-37194F329AA7}
2012-08-02 10:21:02--------d-----w-C:\Users\Konishi\AppData\Local\{9FADF3C2-B1CD-46D2-8F1D-67B17E37829C}
2012-08-02 10:20:51--------d-----w-C:\Users\Konishi\AppData\Local\{0BD4AC85-6482-44AF-8B39-EDE8B22A9332}
2012-08-02 03:53:49--------d-----w-C:\ProgramData\AVAST Software
2012-08-02 03:53:49--------d-----w-C:\Program Files\AVAST Software
2012-08-02 02:16:19--------d-----w-C:\Program Files (x86)\Trend Micro
2012-08-01 17:58:23--------d-----w-C:\Users\Konishi\AppData\Local\{037224F5-AC2B-40B6-A0DC-3F49CCB4F7B7}
2012-08-01 17:58:02--------d-----w-C:\Users\Konishi\AppData\Local\{54F08CFD-F453-45BA-9BC2-31A6D40D3656}
2012-08-01 05:57:37--------d-----w-C:\Users\Konishi\AppData\Local\{FF6C2500-6C2C-4E26-959D-A6D0BE146880}
2012-08-01 05:57:16--------d-----w-C:\Users\Konishi\AppData\Local\{F5706F72-3AFF-47E3-9C7B-ED3EC531B279}
2012-07-31 17:56:51--------d-----w-C:\Users\Konishi\AppData\Local\{79805088-1A99-467C-B769-EBF15CA5223A}
2012-07-31 17:56:29--------d-----w-C:\Users\Konishi\AppData\Local\{0D3E7946-8FAC-4F17-9A0E-799E4D542997}
2012-07-31 05:56:04--------d-----w-C:\Users\Konishi\AppData\Local\{065C4005-83B3-42D1-A9C0-0E0B60A2F0D1}
2012-07-31 05:55:42--------d-----w-C:\Users\Konishi\AppData\Local\{AF4A910A-072C-40C2-9FF9-B28CB9D44F4C}
2012-07-30 17:55:17--------d-----w-C:\Users\Konishi\AppData\Local\{E8EEEFB2-E0CA-4CC0-B37F-2A280281E788}
2012-07-30 17:55:04--------d-----w-C:\Users\Konishi\AppData\Local\{E1379EE4-BD46-4531-B54F-F24F73F960E2}
2012-07-30 03:29:51--------d-----w-C:\Users\Konishi\AppData\Local\{070F2390-5CAC-44E9-A7BC-E82F0330DFF3}
2012-07-30 03:29:30--------d-----w-C:\Users\Konishi\AppData\Local\{0A3AB5C8-3793-48DA-A13A-AB87B7082A4D}
2012-07-29 12:42:46--------d-----w-C:\Users\Konishi\AppData\Local\{27D8BA45-3A5E-4D00-95C1-8832680C62A8}
2012-07-29 12:42:25--------d-----w-C:\Users\Konishi\AppData\Local\{D3DFDF53-8335-4355-9532-8C6A3A755347}
2012-07-29 00:42:03--------d-----w-C:\Users\Konishi\AppData\Local\{483DD499-9867-41D4-A067-22220DE5C50B}
2012-07-29 00:41:51--------d-----w-C:\Users\Konishi\AppData\Local\{213E5C6E-6363-48A2-9C3C-DDFB20C377D0}
2012-07-28 04:04:25--------d-----w-C:\Users\Konishi\AppData\Local\{8F2511B1-C3D8-4436-8C69-9F85C65156EB}
2012-07-28 04:04:04--------d-----w-C:\Users\Konishi\AppData\Local\{0B0352C5-8C7E-4696-AC39-B0CFD1812A74}
2012-07-27 16:03:51--------d-----w-C:\Users\Konishi\AppData\Local\{6E04364B-E41D-4FAF-B4BF-42BC5F72B55C}
2012-07-27 16:03:40--------d-----w-C:\Users\Konishi\AppData\Local\{4B68C8FA-C3EF-4CF7-AA72-FBD4A65E3002}
2012-07-26 22:51:00--------d-----w-C:\Users\Konishi\AppData\Local\{7FD8FA30-62E2-40EB-9CE8-D400B8A554A9}
2012-07-26 22:50:39--------d-----w-C:\Users\Konishi\AppData\Local\{AA46BE7F-5E43-46B8-86F9-19F591BBE827}
2012-07-26 10:50:14--------d-----w-C:\Users\Konishi\AppData\Local\{902C9946-2144-492C-8BD8-395754D3FD0D}
2012-07-26 10:49:52--------d-----w-C:\Users\Konishi\AppData\Local\{E10489BC-24EA-4709-BDE0-462F887AD25A}
2012-07-25 22:49:40--------d-----w-C:\Users\Konishi\AppData\Local\{06CBF655-D695-4891-805D-AD44AD819D11}
2012-07-25 22:49:18--------d-----w-C:\Users\Konishi\AppData\Local\{61B1B9E2-2870-4E66-B9DF-1FA9FB0BF88E}
2012-07-25 10:48:53--------d-----w-C:\Users\Konishi\AppData\Local\{BE867590-7513-4177-B87B-A6D81ABE6CC2}
2012-07-25 10:48:42--------d-----w-C:\Users\Konishi\AppData\Local\{79598CC6-0529-4DCC-9F42-C73BD90FEF67}
2012-07-25 04:10:10--------d-----w-C:\ProgramData\paltiosoft
2012-07-25 00:43:33--------d-----w-C:\Users\Konishi\AppData\Roaming\Nitroplus
2012-07-24 21:38:14--------d-----w-C:\Users\Konishi\AppData\Local\{C8D2E07C-89E7-44F9-8FA5-C95629DDBA5A}
2012-07-24 21:37:40--------d-----w-C:\Users\Konishi\AppData\Local\{6F9D773F-27D5-4C0E-BEEF-2C6398A42FF2}
2012-07-24 09:37:14--------d-----w-C:\Users\Konishi\AppData\Local\{A696F734-A8F1-4408-97F0-D4CA8073D915}
2012-07-24 09:37:03--------d-----w-C:\Users\Konishi\AppData\Local\{7C3937D5-FD69-483A-B36C-D05B610893C8}
2012-07-24 04:20:01--------d-----w-C:\Users\Konishi\AppData\Local\{352208B4-E62C-40C2-92B8-EAFCF69BBE96}
2012-07-23 21:36:51--------d-----w-C:\Users\Konishi\AppData\Local\{9C370723-9165-4327-8C87-16EB7B1265A2}
2012-07-23 21:36:30--------d-----w-C:\Users\Konishi\AppData\Local\{2D95926B-86FD-4A54-AEE3-092029022B37}
2012-07-23 09:36:02--------d-----w-C:\Users\Konishi\AppData\Local\{6C467B33-93E6-4C88-8BF5-B43AC952B20E}
2012-07-23 09:35:25--------d-----w-C:\Users\Konishi\AppData\Local\{36AC4CE2-5620-46AB-ABF1-015111EA5889}
2012-07-23 05:55:04--------d-----w-C:\Users\Konishi\AppData\Local\Chromium
2012-07-23 02:22:00--------d-----w-C:\Program Files (x86)\Rockstar Games
2012-07-23 02:21:18--------d-----w-C:\ProgramData\Rockstar Games
2012-07-22 21:35:13--------d-----w-C:\Users\Konishi\AppData\Local\{091B0562-0505-4C23-ABDA-D89A286C870A}
2012-07-22 21:34:52--------d-----w-C:\Users\Konishi\AppData\Local\{6E347045-CDE7-4522-956C-25BFCFE4600B}
2012-07-22 09:34:15--------d-----w-C:\Users\Konishi\AppData\Local\{B075590A-6E23-48EE-AB4B-4AFA2D542651}
2012-07-22 09:34:04--------d-----w-C:\Users\Konishi\AppData\Local\{E749BC87-F691-4FFA-A749-0031D37C2742}
2012-07-21 21:33:38--------d-----w-C:\Users\Konishi\AppData\Local\{012A229B-0F37-4E7F-BF04-2DA563F1AF59}
2012-07-21 21:33:20--------d-----w-C:\Users\Konishi\AppData\Local\{9B9EFBA8-92F6-4A00-8319-5279A3E79462}
2012-07-21 03:46:28--------d-----w-C:\Users\Konishi\AppData\Local\{BACCCE7C-1683-40D9-8476-162297AA2826}
2012-07-21 03:46:17--------d-----w-C:\Users\Konishi\AppData\Local\{D6A2076A-A44B-4C09-8B90-7256E93E673F}
2012-07-20 15:45:52--------d-----w-C:\Users\Konishi\AppData\Local\{64A46553-CA78-4F9D-9FA7-D2B60BF87038}
2012-07-20 15:45:31--------d-----w-C:\Users\Konishi\AppData\Local\{5C9E36D5-E8EB-4F7B-805C-37E55BA17954}
2012-07-19 20:49:21--------d-----w-C:\Users\Konishi\AppData\Local\{01946584-8002-4F7F-BAD2-59E90D73CA5B}
2012-07-19 20:49:00--------d-----w-C:\Users\Konishi\AppData\Local\{81BEB27F-C258-4583-A9EE-80DA0C34CF86}
2012-07-19 10:20:11--------d-----w-C:\Program Files (x86)\DNF
2012-07-19 08:48:34--------d-----w-C:\Users\Konishi\AppData\Local\{0B3A594A-45B7-4B01-9687-D4D7C4011070}
2012-07-19 08:48:12--------d-----w-C:\Users\Konishi\AppData\Local\{F9546997-9B96-44CF-BC25-533445F1F5EC}
2012-07-19 08:10:31166792----a-w-C:\Windows\System32\drivers\klb64mkd.sys
2012-07-19 02:56:1233856---ha-w-C:\Windows\System32\hamachi.sys
2012-07-18 22:34:14--------d-----w-C:\Users\Konishi\AppData\Local\LogMeIn Hamachi
2012-07-18 20:47:45--------d-----w-C:\Users\Konishi\AppData\Local\{2407B77D-8097-4EB6-A7FE-277E75B9626B}
2012-07-18 20:47:30--------d-----w-C:\Users\Konishi\AppData\Local\{D21665B5-6C3F-4001-8793-E9572D84601F}
2012-07-18 07:40:15--------d-----w-C:\Users\Konishi\AppData\Local\{F00731E3-653A-481E-8999-A9548CD4AF0C}
2012-07-18 07:40:04--------d-----w-C:\Users\Konishi\AppData\Local\{DB0BBB04-41DC-42EB-84BC-0D57E08CF317}
2012-07-17 19:39:52--------d-----w-C:\Users\Konishi\AppData\Local\{91A3C3E6-E91A-46F2-AD99-672165698C09}
2012-07-17 19:39:41--------d-----w-C:\Users\Konishi\AppData\Local\{7ED39633-F0D3-4655-BB82-27D62A7ED1E4}
2012-07-16 19:09:02--------d-----w-C:\Users\Konishi\AppData\Local\{F8FD8ACA-5567-4155-8B14-9EA41FF8B548}
2012-07-16 19:08:51--------d-----w-C:\Users\Konishi\AppData\Local\{08C644F6-BC6A-4D58-91DD-A110A02370FD}
2012-07-16 07:08:26--------d-----w-C:\Users\Konishi\AppData\Local\{EA1C03A5-0F68-4802-A146-72E71123A825}
2012-07-16 07:08:14--------d-----w-C:\Users\Konishi\AppData\Local\{9F857AB5-A206-4B25-9468-4E16932FA8D7}
2012-07-15 19:07:49--------d-----w-C:\Users\Konishi\AppData\Local\{EE28E46D-78FC-487D-B3FD-57722BEF62B2}
2012-07-15 19:07:38--------d-----w-C:\Users\Konishi\AppData\Local\{C11998EC-E0DF-44C1-B15E-1BBC9E1C4A8A}
2012-07-15 06:02:03--------d-----w-C:\Users\Konishi\AppData\Local\{63786BE3-FFDA-45C3-819E-447E9749C9A0}
2012-07-15 06:01:50--------d-----w-C:\Users\Konishi\AppData\Local\{5D8FBEC3-5ACB-4BDB-8436-5A17651267EB}
2012-07-14 15:07:10--------d-----w-C:\Users\Konishi\AppData\Local\{57D91C13-3E1C-4B6B-B79C-DE0DC941ABD4}
2012-07-14 15:06:55--------d-----w-C:\Users\Konishi\AppData\Local\{56F37B71-0671-4F88-BB3A-1FF48D4C2835}
2012-07-14 00:41:00282696----a-w-C:\Windows\SysWow64\PnkBstrB.xtr
2012-07-14 00:12:38--------d-----w-C:\Users\Konishi\AppData\Local\Ubisoft Game Launcher
2012-07-13 22:50:29--------d-----w-C:\Users\Konishi\AppData\Roaming\Ubisoft
2012-07-13 20:12:34--------d-----w-C:\Users\Konishi\AppData\Local\{47907010-0885-4ECC-85F9-DF20AF9E7865}
2012-07-13 20:12:24--------d-----w-C:\Users\Konishi\AppData\Local\{E7634445-1DB6-42C8-96AC-821FE3B14732}
2012-07-13 08:11:59--------d-----w-C:\Users\Konishi\AppData\Local\{B467AD3C-BE9C-4417-A414-06558F976C7D}
2012-07-13 08:11:49--------d-----w-C:\Users\Konishi\AppData\Local\{39B6A384-1F0B-439B-98D1-71C1984DE318}
2012-07-12 20:11:24--------d-----w-C:\Users\Konishi\AppData\Local\{A1B12D24-510C-4251-BCB1-1E86D7AF6D2F}
2012-07-12 20:11:14--------d-----w-C:\Users\Konishi\AppData\Local\{15C386E8-C787-4DD8-8B3C-5690BADFB384}
2012-07-12 08:10:49--------d-----w-C:\Users\Konishi\AppData\Local\{3363AA38-E36E-49E9-8371-5948808BAE5F}
2012-07-12 08:10:38--------d-----w-C:\Users\Konishi\AppData\Local\{6146E002-2683-4548-A033-F072D6F30A1E}
2012-07-11 20:10:14--------d-----w-C:\Users\Konishi\AppData\Local\{FB947022-84E5-4322-B392-1EE32A26CAB7}
2012-07-11 20:10:04--------d-----w-C:\Users\Konishi\AppData\Local\{49106DC8-2CD6-49A7-9B76-E9A1ADF96B81}
2012-07-11 08:09:39--------d-----w-C:\Users\Konishi\AppData\Local\{FCC90C99-26FA-4047-A4DA-47AD7644726C}
2012-07-11 08:09:29--------d-----w-C:\Users\Konishi\AppData\Local\{9085ECEB-291F-4881-9A68-80A3DD0200C9}
2012-07-10 19:59:38--------d-----w-C:\Users\Konishi\AppData\Local\{A1554DC2-4EB3-4BA9-B203-8DE89C1819B6}
2012-07-10 19:59:23--------d-----w-C:\Users\Konishi\AppData\Local\{BA9772F2-EA94-44D2-AA18-0F331DF1FD50}
2012-07-10 07:33:48--------d-----w-C:\Users\Konishi\AppData\Local\{C8C92395-BA01-477F-8D16-4843485E8BCB}
2012-07-10 07:33:38--------d-----w-C:\Users\Konishi\AppData\Local\{0378E9A7-D70F-4D1B-87EA-697B22A79062}
2012-07-09 19:33:11--------d-----w-C:\Users\Konishi\AppData\Local\{0471EA36-EC0A-4B2C-8BC1-7287EDF6DAE2}
2012-07-09 19:33:01--------d-----w-C:\Users\Konishi\AppData\Local\{24E64E74-473F-4B8F-930D-4246856A0C75}
2012-07-09 05:54:00--------d-----w-C:\Users\Konishi\AppData\Local\{6872E242-D94F-43A6-B895-43ED5CAA0B3D}
2012-07-09 05:53:50--------d-----w-C:\Users\Konishi\AppData\Local\{6366BDBE-A77B-4750-A040-A6F2D60B450F}
2012-07-08 17:53:36--------d-----w-C:\Users\Konishi\AppData\Local\{346E7A91-6395-4470-BA02-1306071B87EE}
2012-07-08 17:53:25--------d-----w-C:\Users\Konishi\AppData\Local\{BE011508-3C10-48A0-8BDE-38220B51DAA0}
.
==================== Find3M ====================
.
2012-07-08 04:28:50560184----a-w-C:\Windows\System32\drivers\sptd.sys
2012-06-20 15:28:034145600----a-w-C:\Windows\SysWow64\GameMon.des
2012-05-18 03:03:04772552----a-w-C:\Windows\SysWow64\npDeployJava1.dll
2012-05-14 19:46:0111174400----a-w-C:\Windows\System32\drivers\atikmdag.sys
2012-05-14 19:44:59503808----a-w-C:\Windows\System32\atieclxx.exe
2012-05-14 19:44:5644544----a-w-C:\Windows\System32\atiu9p64.dll
2012-05-14 19:44:5521504----a-w-C:\Windows\System32\atimuixx.dll
2012-05-14 19:44:52159744----a-w-C:\Windows\System32\atiapfxx.exe
2012-05-14 19:44:5195760----a-w-C:\Windows\System32\drivers\AtihdW76.sys
2012-05-14 19:44:5144032----a-w-C:\Windows\SysWow64\aticalcl.dll
2012-05-14 19:44:5141984----a-w-C:\Windows\SysWow64\atiuxpag.dll
2012-05-14 19:44:4959392----a-w-C:\Windows\System32\atiedu64.dll
2012-05-14 19:44:49514560----a-w-C:\Windows\System32\atiadlxx.dll
2012-05-13 10:06:3670304----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-13 10:06:36419488----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
.
============= FINISH: 13:02:40,37 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 13/02/2012 20:10:21
System Uptime: 07/08/2012 12:15:30 (1 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | M4A785TD-V EVO
Processor: AMD Athlon(tm) II X4 620 Processor | AM3 | 2600/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 397 GiB total, 101,745 GiB free.
D: is FIXED (NTFS) - 37 GiB total, 25,314 GiB free.
E: is FIXED (NTFS) - 68 GiB total, 37,146 GiB free.
F: is CDROM ()
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e968-e325-11ce-bfc1-08002be10318}
Description: Mirage Driver
Device ID: ROOT\DISPLAY\0000
Manufacturer: DemoForge
Name: Mirage Driver
PNP Device ID: ROOT\DISPLAY\0000
Service: dfmirage
.
==== System Restore Points ===================
.
RP163: 02/08/2012 11:49:26 - ComboFix created restore point
RP164: 07/08/2012 12:05:46 - Configuração do(a) avast! Free Antivirus
.
==== Installed Programs ======================
.
??????
AhnLab Online Security
AMD VISION Engine Control Center
µTorrent
avast! Free Antivirus
Bandisoft MPEG-1 Decoder
Call of Duty(R) - World at War(TM) 1.2 Patch
Call of Duty(R) - World at War(TM) 1.4 Patch
Call of Duty(R) - World at War(TM) 1.5 Patch
Call of Duty(R) - World at War(TM) 1.6 Patch
Call of Duty(R) - World at War(TM) 1.7 Patch
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Portuguese
D3DX10
DAEMON Tools Lite
DFOLauncher
Diablo III
Directip Launcher 0.8.1
Foxit Reader 5.1
Fraps (remove only)
Google Chrome
HP Deskjet 1050 J410 series Ajuda
IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País
Java Auto Updater
Java(TM) 7 Update 4
JavaFX 2.1.0
K-Lite Codec Pack 8.7.0 (Standard)
Malwarebytes Anti-Malware version 1.62.0.1300
MapleStory
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 14.0.1 (x86 pt-BR)
Mozilla Maintenance Service
MSVCRT
MV RegClean 6.0
NeoplePlugin
Nexon Game Manager
NVIDIA PhysX
Payday The Heist (c) OVERKILL Software version 1
Pepakura Viewer 3
PHANTASY STAR ONLINE 2
Receitanet
Revo Uninstaller 1.94
Steam
Tibia
Tom Clancy's Ghost Recon Future Soldier
Tunngle beta
Ubisoft Game Launcher
Vindictus
Windows Live Communications Platform
Windows Live Essentials
Windows Live Galeria de Fotos
Windows Live Installer
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 4.10 (32-bit)
.
==== End Of File ===========================

 

[Broni]

Please download the below tool named Rkill (courtesy of BleepingComputer.com) to your desktop.

There are 2 different versions. If one of them won't run then download and try to run the other one.

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

http://download.bleepingcomputer.com/grinler/beta/rkill.exe
http://download.bleepingcomputer.com/grinler/beta/iExplore.exe

• Double-click on the Rkill desktop icon to run the tool.
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

====================================

Download aswMBR to your desktop.
Double click the aswMBR.exe to run it.
If you see this question: Would you like to download latest Avast! virus definitions?" say "Yes".
Click the "Scan" button to start scan.
On completion of the scan click "Save log", save it to your desktop and post in your next reply.

NOTE. aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.

 

[Konishi]

aswMBR is runing but it's freezing after do some scan.

Rkill 2.1.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 08/07/2012 09:06:18 PM in x64 mode.
Windows Version: Windows 7

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* No malware processes found to kill.

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Restarting Explorer.exe in order to apply changes.

Program finished at: 08/07/2012 09:06:32 PM
Execution time: 0 hours(s), 0 minute(s), and 13 seconds(s)

 

[Broni]

aswMBR is runing but it's freezing after do some scan.

Is it still running?

 

[Konishi]

Yes, I can open and start the scan but the program freeze before finish it.
I tried change the AV scan to c:\ and apparently it's working.

Edit: Ok, it's freezed again.

 

[Broni]

Download TDSSKiller and save it to your desktop.

• Extract (unzip) its contents to your desktop.
• Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
• If an infected file is detected, the default action will be Cure, click on Continue.
• If a suspicious file is detected, the default action will be Skip, click on Continue.
• It may ask you to reboot the computer to complete the process. Click on Reboot Now.
• If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
• If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

 

[Konishi]

08:57:15.0689 3944TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
08:57:16.0200 3944============================================================
08:57:16.0200 3944Current date / time: 2012/08/08 08:57:16.0200
08:57:16.0200 3944SystemInfo:
08:57:16.0200 3944
08:57:16.0200 3944OS Version: 6.1.7601 ServicePack: 1.0
08:57:16.0200 3944Product type: Workstation
08:57:16.0200 3944ComputerName: KONISHI-PC
08:57:16.0200 3944UserName: Konishi
08:57:16.0200 3944Windows directory: C:\Windows
08:57:16.0200 3944System windows directory: C:\Windows
08:57:16.0200 3944Running under WOW64
08:57:16.0201 3944Processor architecture: Intel x64
08:57:16.0201 3944Number of processors: 4
08:57:16.0201 3944Page size: 0x1000
08:57:16.0201 3944Boot type: Normal boot
08:57:16.0201 3944============================================================
08:57:17.0369 3944Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:57:17.0377 3944Drive \Device\Harddisk1\DR1 - Size: 0x953C94000 (37.31 Gb), SectorSize: 0x200, Cylinders: 0x1306, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:57:17.0385 3944============================================================
08:57:17.0385 3944\Device\Harddisk0\DR0:
08:57:17.0385 3944MBR partitions:
08:57:17.0385 3944\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x31ACFAE7
08:57:17.0385 3944\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x31AD0000, BlocksNum 0x887F030
08:57:17.0385 3944\Device\Harddisk1\DR1:
08:57:17.0385 3944MBR partitions:
08:57:17.0385 3944\Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A98C86
08:57:17.0385 3944============================================================
08:57:17.0401 3944C: <-> \Device\Harddisk0\DR0\Partition0
08:57:17.0422 3944D: <-> \Device\Harddisk1\DR1\Partition0
08:57:17.0453 3944E: <-> \Device\Harddisk0\DR0\Partition1
08:57:17.0453 3944============================================================
08:57:17.0453 3944Initialize success
08:57:17.0453 3944============================================================
08:57:18.0886 3532============================================================
08:57:18.0887 3532Scan started
08:57:18.0887 3532Mode: Manual;
08:57:18.0887 3532============================================================
08:57:19.0847 35321394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
08:57:19.0849 35321394ohci - ok
08:57:19.0891 3532ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
08:57:19.0893 3532ACPI - ok
08:57:19.0931 3532AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
08:57:19.0932 3532AcpiPmi - ok
08:57:19.0986 3532adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
08:57:19.0989 3532adp94xx - ok
08:57:20.0013 3532adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
08:57:20.0016 3532adpahci - ok
08:57:20.0041 3532adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
08:57:20.0043 3532adpu320 - ok
08:57:20.0079 3532AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
08:57:20.0080 3532AeLookupSvc - ok
08:57:20.0134 3532AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
08:57:20.0137 3532AFD - ok
08:57:20.0152 3532agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
08:57:20.0152 3532agp440 - ok
08:57:20.0173 3532ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
08:57:20.0174 3532ALG - ok
08:57:20.0194 3532aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
08:57:20.0194 3532aliide - ok
08:57:20.0236 3532AMD External Events Utility (20c8a3e435a47f0408a1ea674afa6194) C:\Windows\system32\atiesrxx.exe
08:57:20.0238 3532AMD External Events Utility - ok
08:57:20.0285 3532AMD FUEL Service - ok
08:57:20.0297 3532amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
08:57:20.0298 3532amdide - ok
08:57:20.0329 3532amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
08:57:20.0329 3532amdiox64 - ok
08:57:20.0357 3532AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
08:57:20.0358 3532AmdK8 - ok
08:57:20.0813 3532amdkmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys
08:57:20.0868 3532amdkmdag - ok
08:57:20.0982 3532amdkmdap (0e57258e5cc4cc7a9a9a877afdf0cec6) C:\Windows\system32\DRIVERS\atikmpag.sys
08:57:20.0985 3532amdkmdap - ok
08:57:21.0017 3532AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
08:57:21.0018 3532AmdPPM - ok
08:57:21.0061 3532amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
08:57:21.0062 3532amdsata - ok
08:57:21.0088 3532amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
08:57:21.0089 3532amdsbs - ok
08:57:21.0111 3532amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
08:57:21.0111 3532amdxata - ok
08:57:21.0159 3532AODDriver4.1 (5b25d1a753cc3a3edb909bb759ac1098) c:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
08:57:21.0160 3532AODDriver4.1 - ok
08:57:21.0197 3532AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
08:57:21.0198 3532AppID - ok
08:57:21.0220 3532AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
08:57:21.0221 3532AppIDSvc - ok
08:57:21.0258 3532Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
08:57:21.0259 3532Appinfo - ok
08:57:21.0298 3532AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
08:57:21.0300 3532AppMgmt - ok
08:57:21.0335 3532arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
08:57:21.0336 3532arc - ok
08:57:21.0358 3532arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
08:57:21.0359 3532arcsas - ok
08:57:21.0395 3532aswFsBlk (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys
08:57:21.0395 3532aswFsBlk - ok
08:57:21.0444 3532aswMonFlt (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys
08:57:21.0445 3532aswMonFlt - ok
08:57:21.0462 3532aswRdr (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys
08:57:21.0463 3532aswRdr - ok
08:57:21.0569 3532aswSnx (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys
08:57:21.0574 3532aswSnx - ok
08:57:21.0609 3532aswSP (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys
08:57:21.0612 3532aswSP - ok
08:57:21.0632 3532aswTdi (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys
08:57:21.0633 3532aswTdi - ok
08:57:21.0664 3532AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
08:57:21.0664 3532AsyncMac - ok
08:57:21.0688 3532atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
08:57:21.0689 3532atapi - ok
08:57:21.0822 3532AtiHDAudioService (24464b908e143d2561e9e452fee97309) C:\Windows\system32\drivers\AtihdW76.sys
08:57:21.0823 3532AtiHDAudioService - ok
08:57:22.0507 3532atikmdag (0b45c18b0f3ee996d25baa4e74884b83) C:\Windows\system32\DRIVERS\atikmdag.sys
08:57:22.0562 3532atikmdag - ok
08:57:22.0698 3532AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:57:22.0702 3532AudioEndpointBuilder - ok
08:57:22.0708 3532AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
08:57:22.0712 3532AudioSrv - ok
08:57:22.0825 3532avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
08:57:22.0826 3532avast! Antivirus - ok
08:57:22.0866 3532AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
08:57:22.0867 3532AxInstSV - ok
08:57:22.0931 3532b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
08:57:22.0934 3532b06bdrv - ok
08:57:22.0985 3532b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
08:57:22.0987 3532b57nd60a - ok
08:57:23.0017 3532BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
08:57:23.0018 3532BDESVC - ok
08:57:23.0028 3532Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
08:57:23.0029 3532Beep - ok
08:57:23.0084 3532BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
08:57:23.0088 3532BFE - ok
08:57:23.0091 3532biafagiz - ok
08:57:23.0137 3532BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
08:57:23.0144 3532BITS - ok
08:57:23.0160 3532blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
08:57:23.0161 3532blbdrive - ok
08:57:23.0197 3532bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
08:57:23.0198 3532bowser - ok
08:57:23.0216 3532BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:57:23.0217 3532BrFiltLo - ok
08:57:23.0231 3532BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:57:23.0232 3532BrFiltUp - ok
08:57:23.0274 3532BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
08:57:23.0275 3532BridgeMP - ok
08:57:23.0305 3532Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
08:57:23.0306 3532Browser - ok
08:57:23.0330 3532Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
08:57:23.0332 3532Brserid - ok
08:57:23.0347 3532BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
08:57:23.0348 3532BrSerWdm - ok
08:57:23.0363 3532BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
08:57:23.0363 3532BrUsbMdm - ok
08:57:23.0373 3532BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
08:57:23.0373 3532BrUsbSer - ok
08:57:23.0389 3532BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
08:57:23.0390 3532BTHMODEM - ok
08:57:23.0412 3532bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
08:57:23.0413 3532bthserv - ok
08:57:23.0424 3532catchme - ok
08:57:23.0439 3532cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
08:57:23.0440 3532cdfs - ok
08:57:23.0483 3532cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
08:57:23.0484 3532cdrom - ok
08:57:23.0534 3532CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:57:23.0535 3532CertPropSvc - ok
08:57:23.0555 3532circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
08:57:23.0556 3532circlass - ok
08:57:23.0583 3532CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
08:57:23.0586 3532CLFS - ok
08:57:23.0649 3532clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:57:23.0650 3532clr_optimization_v2.0.50727_32 - ok
08:57:23.0688 3532clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:57:23.0689 3532clr_optimization_v2.0.50727_64 - ok
08:57:23.0702 3532CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
08:57:23.0703 3532CmBatt - ok
08:57:23.0723 3532cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
08:57:23.0724 3532cmdide - ok
08:57:23.0764 3532CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
08:57:23.0766 3532CNG - ok
08:57:23.0779 3532Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
08:57:23.0779 3532Compbatt - ok
08:57:23.0801 3532CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
08:57:23.0802 3532CompositeBus - ok
08:57:23.0805 3532COMSysApp - ok
08:57:23.0816 3532crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
08:57:23.0817 3532crcdisk - ok
08:57:23.0841 3532CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
08:57:23.0843 3532CryptSvc - ok
08:57:23.0888 3532CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
08:57:23.0891 3532CSC - ok
08:57:23.0926 3532CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll
08:57:23.0931 3532CscService - ok
08:57:23.0981 3532DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:57:23.0986 3532DcomLaunch - ok
08:57:24.0020 3532defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
08:57:24.0023 3532defragsvc - ok
08:57:24.0080 3532dfmirage (178a6e9a0dce42959fc5ad129f60cba9) C:\Windows\system32\DRIVERS\dfmirage.sys
08:57:24.0081 3532dfmirage - ok
08:57:24.0106 3532DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
08:57:24.0107 3532DfsC - ok
08:57:24.0141 3532Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
08:57:24.0144 3532Dhcp - ok
08:57:24.0160 3532discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
08:57:24.0161 3532discache - ok
08:57:24.0195 3532Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
08:57:24.0196 3532Disk - ok
08:57:24.0235 3532Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
08:57:24.0238 3532Dnscache - ok
08:57:24.0274 3532dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
08:57:24.0277 3532dot3svc - ok
08:57:24.0306 3532DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
08:57:24.0308 3532DPS - ok
08:57:24.0344 3532drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
08:57:24.0345 3532drmkaud - ok
08:57:24.0378 3532dtsoftbus01 (46571ed73ae84469dca53081d33cf3c8) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
08:57:24.0380 3532dtsoftbus01 - ok
08:57:24.0425 3532DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
08:57:24.0430 3532DXGKrnl - ok
08:57:24.0449 3532EagleX64 - ok
08:57:24.0464 3532EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
08:57:24.0466 3532EapHost - ok
08:57:24.0618 3532ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
08:57:24.0635 3532ebdrv - ok
08:57:24.0769 3532EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
08:57:24.0772 3532EFS - ok
08:57:24.0834 3532ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
08:57:24.0838 3532ehRecvr - ok
08:57:24.0862 3532ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
08:57:24.0863 3532ehSched - ok
08:57:24.0902 3532elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
08:57:24.0905 3532elxstor - ok
08:57:24.0939 3532ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
08:57:24.0940 3532ErrDev - ok
08:57:24.0977 3532EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
08:57:24.0981 3532EventSystem - ok
08:57:24.0991 3532exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
08:57:24.0993 3532exfat - ok
08:57:25.0018 3532fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
08:57:25.0019 3532fastfat - ok
08:57:25.0072 3532Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
08:57:25.0077 3532Fax - ok
08:57:25.0081 3532fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
08:57:25.0081 3532fdc - ok
08:57:25.0114 3532fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
08:57:25.0116 3532fdPHost - ok
08:57:25.0129 3532FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
08:57:25.0131 3532FDResPub - ok
08:57:25.0139 3532FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
08:57:25.0140 3532FileInfo - ok
08:57:25.0153 3532Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
08:57:25.0154 3532Filetrace - ok
08:57:25.0158 3532flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
08:57:25.0159 3532flpydisk - ok
08:57:25.0187 3532FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
08:57:25.0188 3532FltMgr - ok
08:57:25.0257 3532FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
08:57:25.0264 3532FontCache - ok
08:57:25.0338 3532FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:57:25.0339 3532FontCache3.0.0.0 - ok
08:57:25.0364 3532FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
08:57:25.0365 3532FsDepends - ok
08:57:25.0382 3532Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
08:57:25.0382 3532Fs_Rec - ok
08:57:25.0413 3532fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
08:57:25.0414 3532fvevol - ok
08:57:25.0420 3532gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
08:57:25.0420 3532gagp30kx - ok
08:57:25.0474 3532gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
08:57:25.0479 3532gpsvc - ok
08:57:25.0509 3532hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
08:57:25.0510 3532hamachi - ok
08:57:25.0514 3532hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
08:57:25.0515 3532hcw85cir - ok
08:57:25.0571 3532HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
08:57:25.0573 3532HdAudAddService - ok
08:57:25.0600 3532HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
08:57:25.0601 3532HDAudBus - ok
08:57:25.0605 3532HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
08:57:25.0606 3532HidBatt - ok
08:57:25.0613 3532HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
08:57:25.0614 3532HidBth - ok
08:57:25.0628 3532HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
08:57:25.0629 3532HidIr - ok
08:57:25.0645 3532hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
08:57:25.0647 3532hidserv - ok
08:57:25.0682 3532HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
08:57:25.0683 3532HidUsb - ok
08:57:25.0714 3532hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
08:57:25.0716 3532hkmsvc - ok
08:57:25.0736 3532HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
08:57:25.0739 3532HomeGroupListener - ok
08:57:25.0761 3532HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
08:57:25.0764 3532HomeGroupProvider - ok
08:57:25.0784 3532HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
08:57:25.0785 3532HpSAMD - ok
08:57:25.0838 3532HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
08:57:25.0843 3532HTTP - ok
08:57:25.0858 3532hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
08:57:25.0859 3532hwpolicy - ok
08:57:25.0872 3532i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
08:57:25.0873 3532i8042prt - ok
08:57:25.0905 3532iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
08:57:25.0907 3532iaStorV - ok
08:57:26.0011 3532idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:57:26.0016 3532idsvc - ok
08:57:26.0041 3532iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
08:57:26.0042 3532iirsp - ok
08:57:26.0094 3532IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
08:57:26.0100 3532IKEEXT - ok
08:57:26.0110 3532intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
08:57:26.0111 3532intelide - ok
08:57:26.0145 3532intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
08:57:26.0146 3532intelppm - ok
08:57:26.0161 3532IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
08:57:26.0163 3532IPBusEnum - ok
08:57:26.0195 3532IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:57:26.0196 3532IpFilterDriver - ok
08:57:26.0264 3532iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
08:57:26.0269 3532iphlpsvc - ok
08:57:26.0286 3532IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
08:57:26.0287 3532IPMIDRV - ok
08:57:26.0294 3532IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
08:57:26.0295 3532IPNAT - ok
08:57:26.0324 3532IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
08:57:26.0324 3532IRENUM - ok
08:57:26.0333 3532isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
08:57:26.0333 3532isapnp - ok
08:57:26.0367 3532iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
08:57:26.0369 3532iScsiPrt - ok
08:57:26.0384 3532kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
08:57:26.0385 3532kbdclass - ok
08:57:26.0421 3532kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
08:57:26.0422 3532kbdhid - ok
08:57:26.0447 3532KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:57:26.0449 3532KeyIso - ok
08:57:26.0465 3532KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
08:57:26.0466 3532KSecDD - ok
08:57:26.0481 3532KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
08:57:26.0483 3532KSecPkg - ok
08:57:26.0490 3532ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
08:57:26.0491 3532ksthunk - ok
08:57:26.0552 3532KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
08:57:26.0555 3532KtmRm - ok
08:57:26.0580 3532LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
08:57:26.0585 3532LanmanServer - ok
08:57:26.0600 3532LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
08:57:26.0604 3532LanmanWorkstation - ok
08:57:26.0632 3532lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
08:57:26.0633 3532lltdio - ok
08:57:26.0661 3532lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
08:57:26.0665 3532lltdsvc - ok
08:57:26.0684 3532lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
08:57:26.0686 3532lmhosts - ok
08:57:26.0725 3532LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
08:57:26.0726 3532LSI_FC - ok

 

[Konishi]

08:57:26.0738 3532LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
08:57:26.0740 3532LSI_SAS - ok
08:57:26.0757 3532LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:57:26.0758 3532LSI_SAS2 - ok
08:57:26.0778 3532LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:57:26.0779 3532LSI_SCSI - ok
08:57:26.0802 3532luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
08:57:26.0803 3532luafv - ok
08:57:26.0848 3532MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
08:57:26.0848 3532MBAMProtector - ok
08:57:26.0946 3532MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
08:57:26.0949 3532MBAMService - ok
08:57:27.0015 3532Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
08:57:27.0017 3532Mcx2Svc - ok
08:57:27.0050 3532megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
08:57:27.0051 3532megasas - ok
08:57:27.0074 3532MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
08:57:27.0076 3532MegaSR - ok
08:57:27.0131 3532Mkd2Bthf (2674143660bace99bd8de96c171c8c30) C:\Windows\system32\drivers\Mkd2Bthf.sys
08:57:27.0132 3532Mkd2Bthf - ok
08:57:27.0177 3532Mkd2Nadr (d9263c3227963caf09f279d952218b1c) C:\Windows\system32\drivers\Mkd2Nadr.sys
08:57:27.0178 3532Mkd2Nadr - ok
08:57:27.0200 3532Mkd3kfNt (73fe0efe7fd7679c4bf2f7e4f999f55a) C:\Windows\system32\drivers\Mkd3kfNt.sys
08:57:27.0202 3532Mkd3kfNt - ok
08:57:27.0225 3532MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:57:27.0227 3532MMCSS - ok
08:57:27.0243 3532Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
08:57:27.0244 3532Modem - ok
08:57:27.0279 3532monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
08:57:27.0280 3532monitor - ok
08:57:27.0316 3532mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
08:57:27.0317 3532mouclass - ok
08:57:27.0329 3532mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
08:57:27.0330 3532mouhid - ok
08:57:27.0351 3532mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
08:57:27.0352 3532mountmgr - ok
08:57:27.0399 3532MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:57:27.0400 3532MozillaMaintenance - ok
08:57:27.0441 3532mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
08:57:27.0442 3532mpio - ok
08:57:27.0458 3532mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
08:57:27.0459 3532mpsdrv - ok
08:57:27.0533 3532MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
08:57:27.0539 3532MpsSvc - ok
08:57:27.0563 3532MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
08:57:27.0565 3532MRxDAV - ok
08:57:27.0600 3532mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
08:57:27.0602 3532mrxsmb - ok
08:57:27.0626 3532mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:57:27.0628 3532mrxsmb10 - ok
08:57:27.0681 3532mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:57:27.0682 3532mrxsmb20 - ok
08:57:27.0696 3532msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
08:57:27.0697 3532msahci - ok
08:57:27.0719 3532msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
08:57:27.0721 3532msdsm - ok
08:57:27.0750 3532MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
08:57:27.0753 3532MSDTC - ok
08:57:27.0770 3532Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
08:57:27.0771 3532Msfs - ok
08:57:27.0801 3532mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
08:57:27.0802 3532mshidkmdf - ok
08:57:27.0810 3532msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
08:57:27.0811 3532msisadrv - ok
08:57:27.0836 3532MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
08:57:27.0839 3532MSiSCSI - ok
08:57:27.0842 3532msiserver - ok
08:57:27.0865 3532MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
08:57:27.0866 3532MSKSSRV - ok
08:57:27.0889 3532MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
08:57:27.0890 3532MSPCLOCK - ok
08:57:27.0904 3532MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
08:57:27.0905 3532MSPQM - ok
08:57:27.0938 3532MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
08:57:27.0941 3532MsRPC - ok
08:57:27.0957 3532mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
08:57:27.0958 3532mssmbios - ok
08:57:27.0968 3532MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
08:57:27.0969 3532MSTEE - ok
08:57:27.0986 3532MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
08:57:27.0987 3532MTConfig - ok
08:57:28.0006 3532MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
08:57:28.0006 3532MTsensor - ok
08:57:28.0028 3532Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
08:57:28.0029 3532Mup - ok
08:57:28.0076 3532napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
08:57:28.0082 3532napagent - ok
08:57:28.0120 3532NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
08:57:28.0122 3532NativeWifiP - ok
08:57:28.0181 3532NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
08:57:28.0187 3532NDIS - ok
08:57:28.0222 3532NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
08:57:28.0223 3532NdisCap - ok
08:57:28.0249 3532NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
08:57:28.0250 3532NdisTapi - ok
08:57:28.0267 3532Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
08:57:28.0268 3532Ndisuio - ok
08:57:28.0290 3532NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
08:57:28.0292 3532NdisWan - ok
08:57:28.0321 3532NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
08:57:28.0322 3532NDProxy - ok
08:57:28.0334 3532NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
08:57:28.0335 3532NetBIOS - ok
08:57:28.0358 3532NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
08:57:28.0360 3532NetBT - ok
08:57:28.0392 3532Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:57:28.0395 3532Netlogon - ok
08:57:28.0454 3532Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
08:57:28.0458 3532Netman - ok
08:57:28.0486 3532netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
08:57:28.0491 3532netprofm - ok
08:57:28.0579 3532NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:57:28.0580 3532NetTcpPortSharing - ok
08:57:28.0592 3532nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
08:57:28.0593 3532nfrd960 - ok
08:57:28.0633 3532NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
08:57:28.0637 3532NlaSvc - ok
08:57:28.0651 3532Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
08:57:28.0651 3532Npfs - ok
08:57:28.0679 3532npggsvc - ok
08:57:28.0689 3532nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
08:57:28.0691 3532nsi - ok
08:57:28.0694 3532nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
08:57:28.0695 3532nsiproxy - ok
08:57:28.0778 3532Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
08:57:28.0787 3532Ntfs - ok
08:57:28.0852 3532Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
08:57:28.0852 3532Null - ok
08:57:28.0890 3532nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
08:57:28.0891 3532nvraid - ok
08:57:28.0919 3532nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
08:57:28.0921 3532nvstor - ok
08:57:28.0955 3532nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
08:57:28.0957 3532nv_agp - ok
08:57:28.0989 3532ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
08:57:28.0990 3532ohci1394 - ok
08:57:29.0022 3532p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:57:29.0026 3532p2pimsvc - ok
08:57:29.0062 3532p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
08:57:29.0067 3532p2psvc - ok
08:57:29.0096 3532Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
08:57:29.0097 3532Parport - ok
08:57:29.0117 3532partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
08:57:29.0118 3532partmgr - ok
08:57:29.0190 3532pcapsvc (85eac582e1479154a405a6c47f8ddfbd) C:\Program Files\Proxy Labs\ProxyCap\pcapsvc.exe
08:57:29.0194 3532pcapsvc - ok
08:57:29.0207 3532PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
08:57:29.0211 3532PcaSvc - ok
08:57:29.0245 3532pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
08:57:29.0247 3532pci - ok
08:57:29.0250 3532pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
08:57:29.0251 3532pciide - ok
08:57:29.0270 3532pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
08:57:29.0272 3532pcmcia - ok
08:57:29.0277 3532pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
08:57:29.0278 3532pcw - ok
08:57:29.0320 3532PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
08:57:29.0324 3532PEAUTH - ok
08:57:29.0398 3532PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
08:57:29.0407 3532PeerDistSvc - ok
08:57:29.0473 3532PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
08:57:29.0475 3532PerfHost - ok
08:57:29.0597 3532pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
08:57:29.0607 3532pla - ok
08:57:29.0658 3532PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
08:57:29.0663 3532PlugPlay - ok
08:57:29.0677 3532PnkBstrA - ok
08:57:29.0692 3532PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
08:57:29.0695 3532PNRPAutoReg - ok
08:57:29.0723 3532PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
08:57:29.0727 3532PNRPsvc - ok
08:57:29.0765 3532PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
08:57:29.0769 3532PolicyAgent - ok
08:57:29.0782 3532Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
08:57:29.0786 3532Power - ok
08:57:29.0841 3532PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
08:57:29.0842 3532PptpMiniport - ok
08:57:29.0865 3532Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
08:57:29.0866 3532Processor - ok
08:57:29.0884 3532ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
08:57:29.0887 3532ProfSvc - ok
08:57:29.0915 3532ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:57:29.0917 3532ProtectedStorage - ok
08:57:29.0948 3532Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
08:57:29.0949 3532Psched - ok
08:57:30.0018 3532ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
08:57:30.0026 3532ql2300 - ok
08:57:30.0110 3532ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
08:57:30.0112 3532ql40xx - ok
08:57:30.0139 3532QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
08:57:30.0142 3532QWAVE - ok
08:57:30.0157 3532QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
08:57:30.0158 3532QWAVEdrv - ok
08:57:30.0170 3532RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
08:57:30.0171 3532RasAcd - ok
08:57:30.0204 3532RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
08:57:30.0205 3532RasAgileVpn - ok
08:57:30.0226 3532RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
08:57:30.0229 3532RasAuto - ok
08:57:30.0242 3532Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
08:57:30.0243 3532Rasl2tp - ok
08:57:30.0269 3532RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
08:57:30.0273 3532RasMan - ok
08:57:30.0284 3532RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
08:57:30.0285 3532RasPppoe - ok
08:57:30.0298 3532RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
08:57:30.0299 3532RasSstp - ok
08:57:30.0330 3532rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
08:57:30.0332 3532rdbss - ok
08:57:30.0348 3532rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
08:57:30.0348 3532rdpbus - ok
08:57:30.0354 3532RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
08:57:30.0355 3532RDPCDD - ok
08:57:30.0391 3532RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
08:57:30.0392 3532RDPDR - ok
08:57:30.0418 3532RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
08:57:30.0419 3532RDPENCDD - ok
08:57:30.0430 3532RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
08:57:30.0430 3532RDPREFMP - ok
08:57:30.0486 3532RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys
08:57:30.0487 3532RdpVideoMiniport - ok
08:57:30.0512 3532RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
08:57:30.0513 3532RDPWD - ok
08:57:30.0541 3532rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
08:57:30.0543 3532rdyboost - ok
08:57:30.0596 3532RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
08:57:30.0599 3532RemoteAccess - ok
08:57:30.0618 3532RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
08:57:30.0622 3532RemoteRegistry - ok
08:57:30.0637 3532RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
08:57:30.0640 3532RpcEptMapper - ok
08:57:30.0660 3532RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
08:57:30.0662 3532RpcLocator - ok
08:57:30.0692 3532RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
08:57:30.0698 3532RpcSs - ok
08:57:30.0707 3532rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
08:57:30.0708 3532rspndr - ok
08:57:30.0789 3532RTL8167 (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
08:57:30.0792 3532RTL8167 - ok
08:57:30.0826 3532s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
08:57:30.0827 3532s3cap - ok
08:57:30.0924 3532SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:57:30.0927 3532SamSs - ok
08:57:30.0947 3532sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
08:57:30.0948 3532sbp2port - ok
08:57:30.0969 3532SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
08:57:30.0973 3532SCardSvr - ok
08:57:30.0991 3532scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
08:57:30.0992 3532scfilter - ok
08:57:31.0063 3532Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
08:57:31.0072 3532Schedule - ok
08:57:31.0101 3532SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
08:57:31.0103 3532SCPolicySvc - ok
08:57:31.0125 3532SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
08:57:31.0129 3532SDRSVC - ok
08:57:31.0168 3532secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
08:57:31.0169 3532secdrv - ok
08:57:31.0193 3532seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
08:57:31.0196 3532seclogon - ok
08:57:31.0207 3532SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
08:57:31.0210 3532SENS - ok
08:57:31.0223 3532SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
08:57:31.0226 3532SensrSvc - ok
08:57:31.0245 3532Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
08:57:31.0245 3532Serenum - ok
08:57:31.0255 3532Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
08:57:31.0256 3532Serial - ok
08:57:31.0274 3532sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
08:57:31.0275 3532sermouse - ok
08:57:31.0316 3532SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
08:57:31.0320 3532SessionEnv - ok
08:57:31.0338 3532sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
08:57:31.0339 3532sffdisk - ok
08:57:31.0342 3532sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
08:57:31.0343 3532sffp_mmc - ok
08:57:31.0347 3532sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
08:57:31.0348 3532sffp_sd - ok
08:57:31.0366 3532sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
08:57:31.0367 3532sfloppy - ok
08:57:31.0412 3532SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
08:57:31.0415 3532SharedAccess - ok
08:57:31.0458 3532ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
08:57:31.0463 3532ShellHWDetection - ok
08:57:31.0482 3532SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:57:31.0483 3532SiSRaid2 - ok
08:57:31.0503 3532SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
08:57:31.0504 3532SiSRaid4 - ok
08:57:31.0527 3532Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
08:57:31.0529 3532Smb - ok
08:57:31.0549 3532SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
08:57:31.0552 3532SNMPTRAP - ok
08:57:31.0566 3532spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
08:57:31.0567 3532spldr - ok
08:57:31.0600 3532Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
08:57:31.0605 3532Spooler - ok
08:57:31.0749 3532sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
08:57:31.0769 3532sppsvc - ok
08:57:31.0864 3532sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
08:57:31.0867 3532sppuinotify - ok
08:57:31.0942 3532sptd (a15860e920b02c9a7ce8f3a6c2ff1e3a) C:\Windows\System32\Drivers\sptd.sys
08:57:31.0945 3532sptd - ok
08:57:31.0980 3532srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
08:57:31.0983 3532srv - ok
08:57:32.0010 3532srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
08:57:32.0012 3532srv2 - ok
08:57:32.0176 3532srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
08:57:32.0178 3532srvnet - ok
08:57:32.0210 3532SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
08:57:32.0214 3532SSDPSRV - ok
08:57:32.0231 3532SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
08:57:32.0235 3532SstpSvc - ok
08:57:32.0275 3532Steam Client Service - ok
08:57:32.0303 3532stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
08:57:32.0304 3532stexstor - ok
08:57:32.0364 3532stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
08:57:32.0370 3532stisvc - ok
08:57:32.0402 3532storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
08:57:32.0403 3532storflt - ok
08:57:32.0423 3532storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
08:57:32.0424 3532storvsc - ok
08:57:32.0433 3532swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
08:57:32.0434 3532swenum - ok
08:57:32.0463 3532swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
08:57:32.0469 3532swprv - ok
08:57:32.0478 3532Synth3dVsc - ok
08:57:32.0565 3532SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
08:57:32.0576 3532SysMain - ok
08:57:32.0669 3532TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
08:57:32.0672 3532TabletInputService - ok
08:57:32.0698 3532tap0901 (a8d3f11bc8f37c3d7d026c3e1219b5ac) C:\Windows\system32\DRIVERS\tap0901.sys
08:57:32.0699 3532tap0901 - ok
08:57:32.0736 3532tap0901t (b08740047145b9bce15bf75ca0f9718a) C:\Windows\system32\DRIVERS\tap0901t.sys
08:57:32.0737 3532tap0901t - ok
08:57:32.0757 3532TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
08:57:32.0761 3532TapiSrv - ok
08:57:32.0772 3532TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
08:57:32.0776 3532TBS - ok
08:57:32.0864 3532Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
08:57:32.0875 3532Tcpip - ok
08:57:32.0992 3532TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
08:57:33.0002 3532TCPIP6 - ok
08:57:33.0049 3532tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
08:57:33.0049 3532tcpipreg - ok
08:57:33.0078 3532TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
08:57:33.0079 3532TDPIPE - ok
08:57:33.0102 3532TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
08:57:33.0103 3532TDTCP - ok
08:57:33.0121 3532tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
08:57:33.0123 3532tdx - ok
08:57:33.0143 3532TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
08:57:33.0144 3532TermDD - ok
08:57:33.0195 3532TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
08:57:33.0201 3532TermService - ok
08:57:33.0206 3532Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
08:57:33.0209 3532Themes - ok
08:57:33.0237 3532THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
08:57:33.0239 3532THREADORDER - ok
08:57:33.0247 3532TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
08:57:33.0250 3532TrkWks - ok
08:57:33.0272 3532TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
08:57:33.0273 3532TrustedInstaller - ok
08:57:33.0300 3532tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
08:57:33.0301 3532tssecsrv - ok
08:57:33.0330 3532TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
08:57:33.0331 3532TsUsbFlt - ok
08:57:33.0344 3532tsusbhub - ok
08:57:33.0384 3532tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
08:57:33.0386 3532tunnel - ok
08:57:33.0497 3532TunngleService (085819447cdda2bbe8804ea319e928e7) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
08:57:33.0501 3532TunngleService - ok
08:57:33.0511 3532uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
08:57:33.0512 3532uagp35 - ok
08:57:33.0557 3532udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
08:57:33.0560 3532udfs - ok
08:57:33.0581 3532UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
08:57:33.0585 3532UI0Detect - ok
08:57:33.0601 3532uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
08:57:33.0602 3532uliagpkx - ok
08:57:33.0636 3532umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
08:57:33.0637 3532umbus - ok
08:57:33.0654 3532UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
08:57:33.0655 3532UmPass - ok
08:57:33.0696 3532UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll
08:57:33.0700 3532UmRdpService - ok
08:57:33.0728 3532upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
08:57:33.0733 3532upnphost - ok
08:57:33.0755 3532usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
08:57:33.0756 3532usbccgp - ok
08:57:33.0795 3532usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
08:57:33.0797 3532usbcir - ok
08:57:33.0809 3532usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
08:57:33.0810 3532usbehci - ok
08:57:33.0830 3532usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
08:57:33.0833 3532usbhub - ok
08:57:33.0843 3532usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
08:57:33.0844 3532usbohci - ok
08:57:33.0877 3532usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
08:57:33.0878 3532usbprint - ok
08:57:33.0907 3532usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
08:57:33.0908 3532usbscan - ok
08:57:33.0920 3532USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:57:33.0921 3532USBSTOR - ok
08:57:33.0940 3532usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
08:57:33.0941 3532usbuhci - ok
08:57:33.0959 3532UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
08:57:33.0962 3532UxSms - ok
08:57:33.0977 3532VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
08:57:33.0979 3532VaultSvc - ok
08:57:33.0997 3532vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
08:57:33.0998 3532vdrvroot - ok
08:57:34.0049 3532vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
08:57:34.0054 3532vds - ok
08:57:34.0082 3532vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
08:57:34.0083 3532vga - ok
08:57:34.0098 3532VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
08:57:34.0099 3532VgaSave - ok
08:57:34.0114 3532VGPU - ok
08:57:34.0138 3532vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
08:57:34.0140 3532vhdmp - ok
08:57:34.0151 3532viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
08:57:34.0152 3532viaide - ok
08:57:34.0170 3532vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
08:57:34.0171 3532vmbus - ok
08:57:34.0182 3532VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
08:57:34.0183 3532VMBusHID - ok
08:57:34.0205 3532volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
08:57:34.0206 3532volmgr - ok
08:57:34.0243 3532volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
08:57:34.0245 3532volmgrx - ok
08:57:34.0271 3532volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
08:57:34.0273 3532volsnap - ok
08:57:34.0301 3532vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
08:57:34.0302 3532vsmraid - ok
08:57:34.0384 3532VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
08:57:34.0395 3532VSS - ok
08:57:34.0493 3532vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
08:57:34.0494 3532vwifibus - ok
08:57:34.0529 3532W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
08:57:34.0534 3532W32Time - ok
08:57:34.0551 3532WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
08:57:34.0552 3532WacomPen - ok
08:57:34.0575 3532WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:57:34.0576 3532WANARP - ok
08:57:34.0579 3532Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
08:57:34.0580 3532Wanarpv6 - ok
08:57:34.0658 3532WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
08:57:34.0665 3532WatAdminSvc - ok
08:57:34.0744 3532wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
08:57:34.0755 3532wbengine - ok
08:57:34.0811 3532WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
08:57:34.0815 3532WbioSrvc - ok
08:57:34.0849 3532wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
08:57:34.0854 3532wcncsvc - ok
08:57:34.0858 3532WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
08:57:34.0862 3532WcsPlugInService - ok
08:57:34.0882 3532Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
08:57:34.0883 3532Wd - ok
08:57:34.0927 3532Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
08:57:34.0931 3532Wdf01000 - ok
08:57:34.0941 3532WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:57:34.0945 3532WdiServiceHost - ok
08:57:34.0948 3532WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
08:57:34.0951 3532WdiSystemHost - ok
08:57:34.0989 3532WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
08:57:34.0994 3532WebClient - ok
08:57:35.0014 3532Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
08:57:35.0019 3532Wecsvc - ok
08:57:35.0025 3532wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
08:57:35.0029 3532wercplsupport - ok
08:57:35.0060 3532WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
08:57:35.0064 3532WerSvc - ok
08:57:35.0085 3532WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
08:57:35.0086 3532WfpLwf - ok
08:57:35.0095 3532WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
08:57:35.0096 3532WIMMount - ok
08:57:35.0149 3532WinDefend - ok
08:57:35.0155 3532WinHttpAutoProxySvc - ok
08:57:35.0253 3532Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
08:57:35.0255 3532Winmgmt - ok
08:57:35.0355 3532WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
08:57:35.0368 3532WinRM - ok
08:57:35.0490 3532Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
08:57:35.0498 3532Wlansvc - ok
08:57:35.0665 3532wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:57:35.0677 3532wlidsvc - ok
08:57:35.0738 3532WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
08:57:35.0739 3532WmiAcpi - ok
08:57:35.0775 3532wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
08:57:35.0777 3532wmiApSrv - ok
08:57:35.0797 3532WMPNetworkSvc - ok
08:57:35.0816 3532WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
08:57:35.0819 3532WPCSvc - ok
08:57:35.0855 3532WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
08:57:35.0858 3532WPDBusEnum - ok
08:57:35.0870 3532ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
08:57:35.0871 3532ws2ifsl - ok
08:57:35.0904 3532wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
08:57:35.0908 3532wscsvc - ok
08:57:35.0911 3532WSearch - ok
08:57:36.0037 3532wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
08:57:36.0052 3532wuauserv - ok
08:57:36.0106 3532WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
08:57:36.0107 3532WudfPf - ok
08:57:36.0139 3532WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
08:57:36.0141 3532WUDFRd - ok
08:57:36.0158 3532wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
08:57:36.0162 3532wudfsvc - ok
08:57:36.0202 3532WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
08:57:36.0207 3532WwanSvc - ok
08:57:36.0224 3532MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
08:57:36.0569 3532\Device\Harddisk0\DR0 - ok
08:57:36.0574 3532MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
08:57:36.0628 3532\Device\Harddisk1\DR1 - ok
08:57:36.0631 3532Boot (0x1200) (c897f3bfcb3abad47135dea6d8dae80f) \Device\Harddisk0\DR0\Partition0
08:57:36.0632 3532\Device\Harddisk0\DR0\Partition0 - ok
08:57:36.0650 3532Boot (0x1200) (85eb68b814503b9c7cf63d65991ee425) \Device\Harddisk0\DR0\Partition1
08:57:36.0651 3532\Device\Harddisk0\DR0\Partition1 - ok
08:57:36.0657 3532Boot (0x1200) (13574288616e2761da41e9614b558412) \Device\Harddisk1\DR1\Partition0
08:57:36.0658 3532\Device\Harddisk1\DR1\Partition0 - ok
08:57:36.0658 3532============================================================
08:57:36.0658 3532Scan finished
08:57:36.0658 3532============================================================
08:57:36.0669 3940Detected object count: 0
08:57:36.0669 3940Actual detected object count: 0

 

[Broni]

Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

• Never rename Combofix unless instructed.
• Close any open browsers.
• Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
• Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
• Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
• Close any open browsers.
• WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
• Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
• If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
• Double click on combofix.exe & follow the prompts.

• 
  NOTE1. If Combofix asks you to install Recovery Console, please allow it.
  NOTE 2. If Combofix asks you to update the program, always do so.

• When finished, it will produce a report for you.
• Please post the "C:\ComboFix.txt"

**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error "Illegal operation attempted on a registery key that has been marked for deletion", restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try one of the following:

1. Run Combofix from Safe Mode.

2. Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
There are 4 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7 users need to right click Rkill and choose Run as Administrator
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

* Rkill.com
* Rkill.scr
* Rkill.exe

• Double-click on the Rkill icon to run the tool.
• If using Vista or Windows 7 right-click on it and choose Run As Administrator.
• A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
• If not, delete the file, then download and use the one provided in Link 2.
• If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
• Do not reboot until instructed.
• If the tool does not run from any of the links provided, please let me know.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

If normal mode still doesn't work, run BOTH tools from safe mode.

In case #2, please post BOTH logs, rKill and Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!

 

[Konishi]

ComboFix 12-08-08.01 - Konishi 08/08/2012 16:03:07.5.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.949.82.1046.18.4095.2770 [GMT -3:00]
Running from: c:\users\Konishi\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\dnf
c:\program files (x86)\dnf\7z.exe
c:\program files (x86)\dnf\audio.xml
c:\program files (x86)\dnf\bdcap32.dll
c:\program files (x86)\dnf\bdvid32.dll
c:\program files (x86)\dnf\BugTrap.dll
c:\program files (x86)\dnf\ChannelScript.pvf
c:\program files (x86)\dnf\CrashDNF2.cra
c:\program files (x86)\dnf\D3DX9_43.dll
c:\program files (x86)\dnf\dbghelp.dll
c:\program files (x86)\dnf\DNF.exe
c:\program files (x86)\dnf\DNF.ico
c:\program files (x86)\dnf\DNF_Season2.ico
c:\program files (x86)\dnf\DumpReport.dll
c:\program files (x86)\dnf\fmodex.dll
c:\program files (x86)\dnf\Fonts\Gasinamu.ttf
c:\program files (x86)\dnf\HShield\3n.mhe
c:\program files (x86)\dnf\HShield\ahnrpt.exe
c:\program files (x86)\dnf\HShield\ahnrpt.ini
c:\program files (x86)\dnf\HShield\AhnUpCtl.dll
c:\program files (x86)\dnf\HShield\AhnUpGS.dll
c:\program files (x86)\dnf\HShield\asc\0asc.scd
c:\program files (x86)\dnf\HShield\asc\0sccure.scd
c:\program files (x86)\dnf\HShield\asc\0sgame.scd
c:\program files (x86)\dnf\HShield\asc\0spe3f.scd
c:\program files (x86)\dnf\HShield\asc\asc_com.dll
c:\program files (x86)\dnf\HShield\asc\asc_dh.dll
c:\program files (x86)\dnf\HShield\asc\asc_fse.dll
c:\program files (x86)\dnf\HShield\asc\asc_intg.dll
c:\program files (x86)\dnf\HShield\asc\asc_mmgr.dll
c:\program files (x86)\dnf\HShield\asc\asc_unp.dll
c:\program files (x86)\dnf\HShield\asc\fse_base.dll
c:\program files (x86)\dnf\HShield\asc\fse_fact.dll
c:\program files (x86)\dnf\HShield\asc\fse_pe.dll
c:\program files (x86)\dnf\HShield\asc\gfs_base.dll
c:\program files (x86)\dnf\HShield\asc\gfs_fact.dll
c:\program files (x86)\dnf\HShield\asc\gfs_file.dll
c:\program files (x86)\dnf\HShield\asc\gfs_mem.dll
c:\program files (x86)\dnf\HShield\asc\gfs_os.dll
c:\program files (x86)\dnf\HShield\asc\gfs_proc.dll
c:\program files (x86)\dnf\HShield\asc\gfs_util.dll
c:\program files (x86)\dnf\HShield\asc\moduler.scd
c:\program files (x86)\dnf\HShield\asc\option.scd
c:\program files (x86)\dnf\HShield\AspINet.dll
c:\program files (x86)\dnf\HShield\bldinfo.ini
c:\program files (x86)\dnf\HShield\Bz32Ex.dll
c:\program files (x86)\dnf\HShield\ehsvc.dll
c:\program files (x86)\dnf\HShield\hshield.dat
c:\program files (x86)\dnf\HShield\hshield.log
c:\program files (x86)\dnf\HShield\HSInst.dll
c:\program files (x86)\dnf\HShield\hslogmgr.exe
c:\program files (x86)\dnf\HShield\HSUpChk.log
c:\program files (x86)\dnf\HShield\HSUpdate.env
c:\program files (x86)\dnf\HShield\HSUpdate.exe
c:\program files (x86)\dnf\HShield\supdate.log
c:\program files (x86)\dnf\HShield\Update\ahn.ui
c:\program files (x86)\dnf\HShield\Update\ahni2.dll
c:\program files (x86)\dnf\HShield\Update\ahnupctl.dll
c:\program files (x86)\dnf\HShield\Update\autoup.exe
c:\program files (x86)\dnf\HShield\Update\patch\39\ahn.ui
c:\program files (x86)\dnf\HShield\Update\patch\39\ahnrpt.ex-
c:\program files (x86)\dnf\HShield\Update\patch\39\ahnrpt.in-
c:\program files (x86)\dnf\HShield\Update\patch\39\ahnupctl.dl-
c:\program files (x86)\dnf\HShield\Update\patch\39\ahnupgs.dl-
c:\program files (x86)\dnf\HShield\Update\patch\39\bldinfo.in-
c:\program files (x86)\dnf\HShield\Update\patch\39\ehsvc.dl-
c:\program files (x86)\dnf\HShield\Update\patch\39\hshield.da-
c:\program files (x86)\dnf\HShield\Update\patch\39\hsinst.dl-
c:\program files (x86)\dnf\HShield\Update\patch\39\hslogmgr.ex-
c:\program files (x86)\dnf\HShield\Update\patch\39\hsupdate.ex-
c:\program files (x86)\dnf\HShield\Update\patch\39\v3hunt.dl-
c:\program files (x86)\dnf\HShield\Update\patch\39\v3inetgs.dl-
c:\program files (x86)\dnf\HShield\Update\supdate.log
c:\program files (x86)\dnf\HShield\Update\user.dat
c:\program files (x86)\dnf\HShield\Update\v3bz32.dll
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_echo_sl\asc_com.dl-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_echo_sl\asc_dh.dl-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_echo_sl\asc_fse.dl-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_echo_sl\asc_intg.dl-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_echo_sl\asc_mmgr.dl-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_echo_sl\asc_unp.dl-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_echo_sl\fse_base.dl-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_echo_sl\fse_fact.dl-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_echo_sl\fse_pe.dl-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_echo_sl\gfs_base.dl-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_echo_sl\gfs_fact.dl-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_echo_sl\gfs_file.dl-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_echo_sl\gfs_mem.dl-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_echo_sl\gfs_os.dl-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_echo_sl\gfs_proc.dl-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_echo_sl\gfs_util.dl-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_sign_hs\0asc.sc-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_sign_hs\0sccure.sc-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_sign_hs\0sgame.sc-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_sign_hs\0spe3f.sc-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_sign_hs\moduler.sc-
c:\program files (x86)\dnf\HShield\Update\win\e\b\b_sign_hs\option.sc-
c:\program files (x86)\dnf\HShield\Update\win\e\b\v3_echo_hs\v3pro32s.dl-
c:\program files (x86)\dnf\HShield\Update\win\e\hs_heuristic\3n.mh-
c:\program files (x86)\dnf\HShield\V3Hunt.dll
c:\program files (x86)\dnf\HShield\V3InetGS.dll
c:\program files (x86)\dnf\HShield\v3pro32s.dll
c:\program files (x86)\dnf\ijl15.dll
c:\program files (x86)\dnf\ImagePacks2\sprite.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_common.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_common_aura.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_common_customui.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_common_fallingeffect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_common_footprint.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_common_personalcast.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_common_privatestore_donkey.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Character_Common_Teleport_after.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Character_Common_Teleport_before.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Character_Common_Teleport_wait.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_ashenfork.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_blastblood.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_bloodsword.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_bloodyrave.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_chargecrash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_combostep.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_dark_hadouken.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_flowmindone.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_flowmindpowerup.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_flowmindthree.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_flowmindtwo.NPK

 

[Konishi]

c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_ghostsidewind.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_ghoststepslash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_gorecross.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_grabblastblood.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_hopsmash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_illusionslash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_jumpattackmulti.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_kalla.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_momentaryslash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_moonslash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_outragebreak.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_rapidmoveslash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_reflectguard.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_shockwavearea.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_tripleslash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_triplestab.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_vaneslash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_demonicswordsman_effect_wavespinarea.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_atequipment_avatar_belt.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_atequipment_avatar_cap.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_atequipment_avatar_coat.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_atequipment_avatar_face.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_atequipment_avatar_hair.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_atequipment_avatar_neck.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_atequipment_avatar_pants.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_atequipment_avatar_shoes.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_atequipment_avatar_skin.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_atequipment_growtype.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_atequipment_weapon_arm.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_atequipment_weapon_boneclaw.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_atequipment_weapon_boxglove.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_atequipment_weapon_claw.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_atequipment_weapon_gauntlet.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_atequipment_weapon_glove.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_atequipment_weapon_knuckle.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_atequipment_weapon_tonfa.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_at108stairsex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atattack.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atblockbuster.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atchainkick.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atchargespear.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atclosepunch.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Character_Fighter_Effect_ATCrashLowKick.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atcrashrope.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atcrazymount.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atdashafterdash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atdashpunch.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atdefinitegrab.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atdestroyearthskydrop.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atearthbreak.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atenchantpoison.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atenergyball.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atenergyfield.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atfastdash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atflamelegs.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atglueyfruitthrow.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atglueyfruitthrow_appendage.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atglueyfruitthrow_explosionfruit.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atglueyfruitthrow_throwfruit.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atgrabexplosion.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atgroundkick.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_athiddensting.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atholdup.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_athurricanespear.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atillusion.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atjumpsuplex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atjunkspin.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atlegsuplex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atlightningdance.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atlightningdragon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atmount.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atneedleload.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atnenflower.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atnenmonster.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atnenspear.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atpunchafterreturn.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atrandomkick.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atrisingupper.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atroarstun.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atshouldercharge.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atsinglekick.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atspiralcolumnex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atspire.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atstomp.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atsuplex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atsuplexcyclone.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atthrowenemy.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atthrowweb.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_attyphoon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atvenommine.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atwhirlwindkick.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_atwildcannonspike.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_blockbusterex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_closepunch.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_crashlowkick.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_dashafterdash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_dashpunchex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_earthbreak.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_energyball.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_energyfield.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_grabexplosionex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_groundkick.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_jumpsuplex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_junkspin.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_junkspin_objects.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_legsuplexex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_lightningdance.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_lightningdragon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_muscleshift.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_nenflower.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_nenguardex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_nenmonster_whitetiger.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_nenshield.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_poisonmist.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_powerupondash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_punchafterreturn.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_randomkick.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_risingupper.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_risingupperex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_roarstunex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_shouldercharge.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_singlekick.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_stomp.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_strongestlowkick.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_suplexcyclone.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_suplexcycloneex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_suplexsubpowerup.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_throwenemy.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_typhoon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_venommine.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_effect_wildcannonspike.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_equipment_avatar_belt.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_equipment_avatar_cap.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_equipment_avatar_coat.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_equipment_avatar_face.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_equipment_avatar_hair.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_equipment_avatar_neck.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_equipment_avatar_pants.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_equipment_avatar_shoes.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_equipment_avatar_skin.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_equipment_growtype.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_equipment_weapon_arm.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_equipment_weapon_boneclaw.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_equipment_weapon_boxglove.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_equipment_weapon_claw.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_equipment_weapon_gauntlet.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_equipment_weapon_glove.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_equipment_weapon_knuckle.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_fighter_equipment_weapon_tonfa.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_atequipment_avatar_belt.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_atequipment_avatar_cap.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_atequipment_avatar_coat.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_atequipment_avatar_face.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_atequipment_avatar_hair.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_atequipment_avatar_neck.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_atequipment_avatar_pants.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_atequipment_avatar_shoes.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_atequipment_avatar_skin.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_atequipment_growtype.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_atequipment_weapon_auto.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_atequipment_weapon_bowgun.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_atequipment_weapon_hcan.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_atequipment_weapon_musket.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_atequipment_weapon_rev.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_airraidex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_airraidex_old.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_ancienttrigger.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_atnapalmbomb.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_atstinger.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_attwingunblade.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_blackrose.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_blizzardthrowerboost.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_blizzardthrowerboost_female.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_blizzardthrowerboost_male.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_bullet.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_bullet_exs.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_c4ex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_c4remote.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_cannonball.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_chargebuster.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_countershoot.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_desperado.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_doublegunhawk.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_dropbomblight.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_empstorm.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_extruder.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_fastshoot.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_flamethrower.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_flamethrowerboost.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_flashmine.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_flashmineex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_fm-31.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_g0.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_g1.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_g2.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_g3.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_gaebolgpunch.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_grenade.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_grenade_boom.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_grenade_reload.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_grenade_ui.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_hiteffect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_hiteffect_suddendeath.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_laserriflecharge.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_markofdeath.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_multiheadshot.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_multiheadshotex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_nielsniping.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_radarstuckdown.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_satelaser.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_shooteffect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_shooteffect_crossshot.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_shooteffect_exs.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_shooteffect_randomshoot.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_sparrowfactory.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_steyrheavyrifle.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_stinger.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_stingerex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_subweaponstuckdown.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_tread.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_uraniumbomb.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_veiledcut.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_effect_walkshoot.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_equipment_avatar_belt.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_equipment_avatar_cap.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_equipment_avatar_coat.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_equipment_avatar_face.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_equipment_avatar_hair.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_equipment_avatar_neck.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_equipment_avatar_pants.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_equipment_avatar_shoes.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_equipment_avatar_skin.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_equipment_growtype.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_equipment_weapon_auto.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_equipment_weapon_bowgun.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_equipment_weapon_hcan.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_equipment_weapon_musket.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_gunner_equipment_weapon_rev.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_atequipment_avatar_belt.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_atequipment_avatar_cap.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_atequipment_avatar_coat.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_atequipment_avatar_face.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_atequipment_avatar_hair.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_atequipment_avatar_neck.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_atequipment_avatar_pants.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_atequipment_avatar_shoes.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_atequipment_avatar_skin.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_atequipment_weapon_pole.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_atequipment_weapon_rod.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_atequipment_weapon_spear.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_atequipment_weapon_staff.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_acidcloud.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_antigravity.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atattack.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atbluedragonwill.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atbrokenarrow.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atchainlightning.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atconcentrate.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atdarknessmantle.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atdiehard.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atelementalbuster.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atelementalbuster_dark.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atelementalbuster_fire.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atelementalbuster_light.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atelementalbuster_water.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atelementalchange.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atelementalchange_dark.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atelementalchange_fire.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atelementalchange_light.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atelementalchange_water.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atelementalrain.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atelementalstrikeex_dark.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atelementalstrikeex_fire.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atelementalstrikeex_light.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atelementalstrikeex_nothing.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atelementalstrikeex_water.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atfallenblossoms.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atfirepillar.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atfireroad.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atflamecircle.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atfrozenland.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atholonglight.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_aticearea.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_aticechakram.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_aticechakram_last.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_aticecrash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_aticeelementalattack.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_aticefieldex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_aticeman.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_aticeorb.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_aticeroad.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atlightningwall.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atmanaburst.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atpieceofice.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atpush.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atresonance.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atteleport.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_attundrasoul.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atturnwindmill.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atwatercannon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_atwindstrike.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_aurashield.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_bellatrix.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_blackhole.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_blackmantle.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_broomspin.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_broomspinex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_chaser.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_chasersexplosion.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_crystalattack.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_darkchange.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_disenchant.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_doubleswing.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_dragonspear.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_elementalchain.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_elementalshower.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_enhancedmagicmissile.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_equipbroom.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_familiar_blackcat.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_familiar_common.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_familiar_fluorescent.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_familiar_jackfrost.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_familiar_jol.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_flamestrike.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_flamestrike_dust.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_flamevolcanovoid.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_fluorecollider.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_frostheadidolevent.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_fusionchaser.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_fusioncraft.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_heatingfurnace.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_icefield.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_icesword.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_lavapotion.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_magiccannon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_magicshield.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_megadrill.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_pinkrocketevent.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_pokethrow.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_powder.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_randompiercestrike.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_randompiercestrikeex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_sacrificespirit.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_shururu.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_strengthhandstrike.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_successpremonition.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_summonmonsteraura.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_summonmonsterreckless.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_sweetcandybar.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_swingex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_targetit.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_thunderstrike.NPK

 

[Konishi]

c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_timerbomb_dark.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_timerbomb_fire.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_timerbomb_light.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_timerbomb_none.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_timerbomb_water.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_transformflapper.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_transformflapperex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Character_Mage_Effect_UnSummonMonster.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_wallofice.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_effect_walloficeex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_equipment_avatar_belt.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_equipment_avatar_cap.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_equipment_avatar_coat.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_equipment_avatar_face.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_equipment_avatar_hair.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_equipment_avatar_neck.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_equipment_avatar_pants.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_equipment_avatar_shoes.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_equipment_avatar_skin.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_equipment_growtype.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_equipment_weapon_broom.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_equipment_weapon_pole.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_equipment_weapon_rod.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_equipment_weapon_spear.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_mage_equipment_weapon_staff.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_antiairupper.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_apocalypse.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_atomicsmash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_avengerawakening.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_avengerawakening_attack.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_avengerawakening_attack_attack1_2.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_avengerawakening_dash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_awakening.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_baekho.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_battleauramastery.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_battleaxemastery.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_bigbangpunch.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_bladeofpurewhite.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_bless.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_bluedragon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_chakraofcalmness.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_chakraofpassion.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_changehptomp.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_chargeweapon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_choppinghammer.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_corkscrewmastery.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_darkstrike.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_deflectwall.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_deflectwallex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_devilstrike.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_disaster_active.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_disaster_exp.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_disaster_fallingdown.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_disaster_ready.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_divinecrush.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_divinelight.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_earthquake.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_emblemofsafeguard.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_enteringnirvana.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_execution.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_exorcist.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_fallingsoul.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_fastmove.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_flashglobe.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_flashglobeex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_fountainoflife.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_galesmash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_giantswing.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_gloriousbless.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_gorgeouscombination.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_grasphandofanger.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_hammerofcontrition.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_healwind.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_heavenlycombination.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_heavenlycombinationex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_hedgehog.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_highspeedslash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_homerun.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_hotcross.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_hpmaxupparty.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_hpmaxuppersonal.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_hurricaneroll.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_hyunmoo.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_hyunmooex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_judgement.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_machinegunjab.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_machinegunjabex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_oppressiontalisman.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_oxcrash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_pandemonium.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_powerofdarkness.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_quakearea.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_repeatedsmash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_repeatedsmashex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_revengeoflight.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_ripper.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_risingarea.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_sacrificeofsoul.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_scythemastery.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_shadowboxer.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_shikigami.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_sidewind.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_slowheal.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_smasher.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_spearofvictory.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_spincutter.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_striking.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_throwweapon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_thunderbolttalisman.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_vermilionbirdtalisman.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_effect_willdriver.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_equipment_avatar_belt.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_equipment_avatar_cap.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_equipment_avatar_coat.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_equipment_avatar_face.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_equipment_avatar_hair.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_equipment_avatar_neck.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_equipment_avatar_pants.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_equipment_avatar_shoes.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_equipment_avatar_skin.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_equipment_growtype.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_equipment_weapon_axe.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_equipment_weapon_cross.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_equipment_weapon_rosary.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_equipment_weapon_scythe.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_priest_equipment_weapon_totem.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_blache.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_blastblood.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_blastbloodex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_bloodsword.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_bloodyrave.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_chagecrashex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_chargecrash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_darktoleranceup.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_dashattackmultihit.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_epidemicrasa.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_firewave.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_flowmindone.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_flowmindpowerup.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_flowmindthree.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_flowmindtwo.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_frenzy.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_ghostsidewind.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_ghoststep.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_giveblood.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_gorecross.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_grabblastblood.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_grabblastbloodex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_guard.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_hardattackcharge.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_hellbenter.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_hopsmash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_hundredsword.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_icewaveex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_illusionslash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_illusionslash_finish.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_jumpattackmulti.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_kalla.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_momentaryslash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_momentaryslashex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_outragebreak.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_rapidmoveslash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_reflectguard.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_sayaex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_shockwavearea.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_shortswordmastery.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_standalonewave.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_tombstoneex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_tripleslash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_triplestab.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_vaneslash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_waveeye.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_wavemark.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_wavespinarea.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_effect_weaponcombo.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_equipment_avatar_belt.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_equipment_avatar_cap.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_equipment_avatar_coat.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_equipment_avatar_face.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_equipment_avatar_hair.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_equipment_avatar_neck.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_equipment_avatar_pants.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_equipment_avatar_shoes.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_equipment_avatar_skin.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_equipment_growtype.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_equipment_weapon_beamswd.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_equipment_weapon_boneswd.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_equipment_weapon_club.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_equipment_weapon_gemswd.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_equipment_weapon_katana.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_equipment_weapon_lgswd.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_equipment_weapon_lkatana.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_equipment_weapon_lswd.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_equipment_weapon_mswd.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_swordman_equipment_weapon_sswd.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_ambitionofballacre.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_anklecut.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_ballacre.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_blackarea.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_blackareaex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_blackwave.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_blackwaveex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_blameofdead.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_blameofdeadex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_boneshield.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_chainsawex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_cursespear.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_darklure.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_darknail.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_darkritual.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_darksoul.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_doublepierce.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_excelstrikeadd.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_flyingsquirrel.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_guillotine.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_hurricane.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_nicolaszombie.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_phantomstrom.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_silverstream.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_skintakeoff.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_sonicassault.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_throwknife.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_verticalspiral.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_effect_verticalspiralex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_equipment_avatar_belt.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_equipment_avatar_cap.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_equipment_avatar_coat.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_equipment_avatar_face.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_equipment_avatar_hair.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_equipment_avatar_neck.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_equipment_avatar_pants.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_equipment_avatar_shoes.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_equipment_avatar_skin.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_equipment_weapon_dagger.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_equipment_weapon_twinswd.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_equipment_weapon_wand.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_character_thief_ui.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_common_activestatus.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_common_commoneffect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_common_commoneffect_avenger_aimpoint.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_common_commoneffect_cure.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_common_commoneffect_forcefield.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_common_commoneffect_new_superarmor.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_common_commoneffect_status_effect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_common_digit.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_common_digit_level02.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_common_digit_sp.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_common_digit_tp.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_common_etc.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_common_hiteffect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_common_hiteffect_age 12.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_common_hiteffect_elementalhiteffect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_common_hiteffect_optionaldamagerate.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_amy.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_aquajello.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_bakal.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_balam.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_belz.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_belzebe.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_belzebuite.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_berith.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_bobo.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_bonnybunny.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_botis.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_bronzepig.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_camelcricket.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_charp.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_chinadragon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_common.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_dragon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_earthgoblin.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_elbon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_faras.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_girlsday.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_glasya.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_goldpig.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_haagenti.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_halphas.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Creature_Hellhound.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_ignis.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_launchergirl.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_littletiger.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_marbas.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_nazarl.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_ox.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_panda.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_pentabas.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_petit_alex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Creature_Petit_Ashcore.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_petit_assaulter.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_petit_bebe.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Creature_Petit_Itrenog.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_petit_lotus.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_petit_marpissa.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Creature_Petit_Nagor.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Creature_Petit_Nemaug.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_petit_skeleton.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_petit_tiger.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_phoenix.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_pinocchia.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_pinocchio.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_princess_petit.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_psy.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_rat_female.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_rat_male.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_raum.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_reva_crusader.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_reva_necro.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_reva_nenma.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_reva_ranger.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_reva_soul.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_reva_witch.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_rudolph.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_silverpig.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_sledgerudolph.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_spiritgoblin.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_tcgfairy.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_unicorn.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_valefor.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_woodendoll.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_creature_zagan.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_assault.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_awakening.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_bandi.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_battledungeon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_bloodwar.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_cashshop.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_chaos.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_chatting.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Interface_common_digit.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_common_ridable.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_despair_title_img.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_digit.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_dot.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_dungeonexercise.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_dungeoninfo.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_emoticon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_emotionexpression.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_event.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_event_popup.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_expertjob.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_globalani.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_globalnavigation.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_goblinpad.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_ingametool_soundtool.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_inputroompassword.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_itemlock.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_mission.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_monstercard.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_mouseregister.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newresult.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Interface_newstyle_windows_CeraShop_cs_shop.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_channel_serverselect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Interface_newstyle_windows_Chatting.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_common_digit.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_community.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_customui.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Interface_newstyle_windows_CutScene.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_event.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_event_fighter.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_globalnavigation.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_guide.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_hud.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_inventory.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Interface_newstyle_windows_limitedcube.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Interface_newstyle_windows_Mail.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_monster_hp.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Interface_newstyle_windows_MonsterSkill.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_party.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_popup.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Interface_newstyle_windows_Profile.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_pvp.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_pvp_pvp_fair.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_result_ver2.0.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_reward_ver2.0.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Interface_newstyle_windows_Safe.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_safe_safe_title.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_selectcharacter_link_system.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_selectdungeon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newstyle_windows_trade.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Interface_newstyle_windows_Transport.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_newwindowui.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_option.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_powerwar.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_pvp.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_quest.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_securitycard.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_skillcutscene.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_towersstoryimage.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_tutorial02.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_tutorialtip.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_userinfomation.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface_villageattacked.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_auction.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_aura.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_battledungeon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_cartelcommand.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_ceraitem.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_channel_channelselect_channelbackground.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_channel_channelselect_channelbase.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_channel_channelselect_channelslot.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_channel_serverselect_base.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_channel_serverselect_server_bg.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_channel_serverselect_serverslot.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_charactercreate.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_classchange.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_classchange_classchange_bt.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_classchange_classchange_cha.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_classchange_classchange_txt.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_comiccut.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Interface2_Common_Digit.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_common_digit_pvp_room_number.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_countdown.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_cs_shop.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_cutscene_pvp_versus.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_deathtower.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_dungeonexercise.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_dungeonloading.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_etc.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Interface2_event_2011_Chuseok.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_banner.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_childrensday.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_christmas_santa.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_christmas_seriaroom_deco.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_christmas_tree_plaza.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_christmas_tree_seriaroom.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_common.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_event_map.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_event_map_countdown.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_event_map_digit.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_event_map_eventmap_countdown.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_event_map_eventmap_dice.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_event_map_eventmap_result.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_eventserver.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_givegrowcreature.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_growcapsule.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_growthitem.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_halloween.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_mileageshop.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_ontimeevent4rd.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_partyplay.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_planningatmage.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_rentalservice.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_event_returngiftinfo.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_global_navigation_community.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_global_navigation_contents.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_global_navigation_extrafeature.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_global_navigation_gameoption.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_global_navigation_myinfomenu.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_global_navigation_short_btn.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_hud.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_hud_aura_gauge.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_hud_creature_gauge.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_hud_creature_icon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_hud_information_button.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_hud_luck_gauge.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_hud_luck_icon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_hud_party_icon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_hud_party_info.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_itemdictionary.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_itemtoolwindow_windows4.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_keyoption.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_loading_dungeon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_mercenary.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_messenger.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_minimap_dungeon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_minimap_town.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_nowloading.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_nowloading_intro.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_nowloading_review grade.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_pk_intown.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_popup.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_powerwar_rvr_assault_character_cut.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_powerwar_rvr_assault_counter_effect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_powerwar_rvr_assault_lightning_effect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_powerwar_rvr_point.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_powerwar_rvr_powerwarloading.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_powerwar_rvr_powerwarresult.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_powerwar_rvr_powerwarstatue.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_profile.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_pvp_deathmatch.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_pvp_pvp_fair.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_pvp_pvp_practice.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_pvp_pvp_result.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_pvp_pvp_roomlist.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_pvp_pvp_tournament02.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_quest.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Interface2_RandomboxBooster.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_result_ver2.0.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_result_ver2.0_rank_effect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_result_ver2.0_rank_letter.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_result_ver2.0_result_eventtag.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_reward_ver2.0.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_secret shop.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_security_card.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_selectcharacter.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_selectcharacter_effect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_selectcharacter_link_system.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_selectdungeon_selectdungeonhell.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_shop.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_shutdown.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_titlebook.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_topsecretarea_timeload.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_tournament.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_ui_community_guild.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_ui_eventlist.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_ui_skillshop.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_interface2_window_title_accessory.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_internationalimage.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_avatar_atfighter.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_avatar_atgunner.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_avatar_atmage.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_avatar_common.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_avatar_fighter.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_avatar_gunner.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_avatar_mage.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_avatar_priest.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_avatar_swordman.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_avatar_thief.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_common.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_creature.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_emblem.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_emoticon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_fighter_bglove.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_fighter_claw.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_fighter_gauntlet.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_fighter_knuckle.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_fighter_tonfa.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_gunner_automatic.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_gunner_bowgun.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_gunner_hcannon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_gunner_musket.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_gunner_revolver.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_mage_broom.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_mage_pole.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_mage_rod.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_mage_spear.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_mage_staff.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_priest_axe.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_priest_cross.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_priest_rosary.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_priest_scythe.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_priest_totem.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_swordman_beamswd.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_swordman_club.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_swordman_katana.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_swordman_lswd.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_swordman_sswd.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_thief_dagger.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_thief_twinswd.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_01_weapon_thief_wand.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_02_cloth_belt.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_02_cloth_coat.NPK

 

[Konishi]

c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_02_cloth_neck.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_02_cloth_pants.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_02_cloth_shoes.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_03_leather_belt.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_03_leather_coat.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_03_leather_neck.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_03_leather_pants.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_03_leather_shoes.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_04_larmor_belt.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_04_larmor_coat.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_04_larmor_neck.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_04_larmor_pants.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_04_larmor_shoes.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_05_harmor_belt.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_05_harmor_coat.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_05_harmor_neck.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_05_harmor_pants.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_05_harmor_shoes.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_06_plate_belt.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_06_plate_coat.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_06_plate_neck.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_06_plate_pants.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_06_plate_shoes.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_07_ring.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_08_necklace.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_09_bracelet.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_10_support.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_new_equipment_11_magicstone.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_stackable.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_throwitem.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_title.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_weapon_fighter.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_weapon_gunner.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_weapon_mage.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_weapon_priest.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_weapon_swordman.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_item_weapon_thief.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act2.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act2_amon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act2_fountain.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act2_ocean.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act2_sepa.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act2_stoneimage.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act3.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act3_gbl_breeding.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act3_gbl_goddess_temple.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act3_gblaradsociety.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act4.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act4_darkelfcemetary.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act4_kingsruins.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act4_magmacave.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act4_marpissalair.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act4_noirpera.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act4_screamingcave.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act4_shadowmaze.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act4_shallowkeep.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act4_underfoot.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act5.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act5_scasalair.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act6.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act6_astraythief.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act6_astraythief_breakableobject.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act6_bloodbutterfly.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act6_bloodbutterfly_flowertrap.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act6_bloodbutterfly_holetrap.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act6_bloodbutterfly_object.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act6_bloodbutterfly_sandtarp.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act6_bloodbutterfly_treetrap.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act6_leshphon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act6_suspicion.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act6_suspicion_object.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act6_suspicion_object_coalwaggon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act6_temptation.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act6_temptation_breakableobject.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act7_antberadd_day.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act7_antberadd_night.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act7_antberadd_tent.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act7_fieldday.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act7_fieldnight.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act7_rampart.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act7_rampart_cannon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act7_rampart2.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act7_supplycut.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act8_background.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act8_ghosttrain.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act8_pirateonthetrain.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_act8_seatrainretaking.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_alfhlyra.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_antber.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_arden.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_breakableobject.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_breakableobject_actiontree.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_breakableobject_actiontreerenew.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_breakableobject_charnakridge.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_breakableobject_eventbarrier.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_breakableobject_fairy.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_breakableobject_grenselos.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_breakableobject_magmacave.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_breakableobject_seagrass.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_breakableobject_skycastle.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_breakableobject_stonepillar.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_breakableobject_underfoot.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_cartelcommand.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_cartelcommand_bridge.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_chaos.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_chaostest.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_church.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_cutscene.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_dimentiongate.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_dimentiongate_bakalcastle.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_dimentiongate_blackearth_background.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_dimentiongate_blackearth_gate.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_dimentiongate_blackearth_object.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_dimentiongate_blackearth_tile.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_dimentiongate_cosmofiend.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_disguiser.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_elvengard.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_event_2008sinhan.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_event_2008xmas.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_event_2009gmarket.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_event_2009newyear.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_event_2010cokacola.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Map_event_2010sonye.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Map_event_2011child.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_event_2011christmas.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_event_2011summer.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_event_bluemarble.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_event_c_event.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_event_dnf5thyear.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_event_dnf6thyear.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_event_halloween.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_event_ingamead.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_event_j_event.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_event_superschool.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_gent.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_goblinkingdom.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_grenselos.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_guildagit.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_haze.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_hellmap.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_hendonmyre.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_hendonmyre_pvp.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_lufthafen.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_minimap.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_npc.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act2.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act3.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act3_gbl_breeding.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act4.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act5.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act5_coldboy.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act6.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act6_bloodbutterfly.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act6_leshphon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act6_suspicion.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act6_temptation.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act7_dayfield.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act7_nightfield.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act7_rampart.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act7_rampart2.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act7_supplycut.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act8_arden.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act8_cartelcommand.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act8_ghosttrain.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act8_haze.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act8_pirateonthetrain.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act8_seatrainretaking.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_act8_testtrain.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_dimensiongate.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_helldungeon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_timegate.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_towerofbloodyfight.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_towerofdespair.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_town_cartelarad.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_town_gblarad.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_town_grim.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_pathgate_town_moonlightpub.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_realskycastle.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_shonan.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_shonan_tournament.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_stormpass.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_timegate.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_timegate_beginning.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_timegate_black_church.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_timegate_conflagration.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_timegate_consciousness.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_timegate_epidemic.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_timegate_formacartel.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_timegate_oldscreamingcave.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_timegate_oldscreamingcave_far.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_timegate_oldscreamingcave_obj.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_timegate_oldscreamingcave_tile.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_timegate_timegate.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_timegate_topsecretarea.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_timegatearea.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_timegaterequiem.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_title.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_title_towerofdespair.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_towers_deadtower.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_towers_illusiontower.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_towers_towerofbloodyfight.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_towers_towerofbloodyfight_tile.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_towers_towerofdespair_downstairs.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_towers_towerofdespair_upstairs.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_towers_towerofultimate.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_trap.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_trap_eyeofobserver.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_trap_goblinbunker.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_trap_grenselosbunker.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_village.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_village_aganzo.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_village_bwanga.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_village_cartel_object.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_village_cartel_object_groznyinside.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_village_cartel_object_groznyoutside.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_village_cartel_object_odesa.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_village_cartel_tile.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_village_cartel_westcoast.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_village_church.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_village_grim.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_village_grim_new_image_new_teil.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_village_grim_new_image_objcet.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_village_grim_new_image_old_teil.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_map_warfare.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_act8_bigghost_flu.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_act8_chiefsars.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_act8_chiefsars_crow.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_act8_chiefsars_die.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_act8_chiefsars_missile.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_act8_chiefsars_soultornado.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_act8_congcong.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_act8_crokhan.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_act8_dark_ghost.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_act8_mermadia.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_act8_merman.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_act8_turtle.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_act8_wooden_doll.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_act8_zombie_marine.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_advanceatlar.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_airsword.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_albert.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_ancient.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_ant.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_apc.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_apc_sand_doll.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_arad.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_babydragon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_bantu.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_bantu_beastmaster.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_bee.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_black_church.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_blood_an_agaress.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_blood_an_chariot.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_blood_an_propeller.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_bloodmoon_zetes.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_bloodybutterfly_bloodybutterfly.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_bloodybutterfly_mosqueen.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_bwanga.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_cartel.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_cartel_cypher.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_cartel_launcher.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_cartel_mafia.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_cartel_nife_clraes.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_cartel_rocketman.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_cartel_smokegranade.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_cartelcommand.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_casillas_appear.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_casillas_body.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_casillas_moveslash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_casillas_slash.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_casillas_swordrain.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_characterstatue.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_characterstatue_passiveobject.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_cocoon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_coldboy.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_coldheart.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_common.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_cosmofiend.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_cosmofiend_sealedgate.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_crimebuffalo_crimebuffaloartifacter.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_crimebuffalo_crimebuffalogeneral.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_crimebuffalo_crimebuffalonormal.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_crimebuffalo_equipment.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_crimebuffalo_grim_crimebuffal.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_crimebuffalo_grim_crimebuffalogeneral.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_crimebuffalo_resurrectioneffect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_crimebuffalo_treasurenamed.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_cyclops.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_darkelf.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_dendroid.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_despair.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_direzie.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_disguiser.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_disguiser_lightning.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_dog.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_dollmaster.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_dollmaster_masterdogridollcontrol.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_draconian.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_dragonknight.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_drake.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_eltis.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_event_bus.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_Monster_Event_clown.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_event_cricket.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_event_j_farmer.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_event_present_box.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_event_seria.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_event_seria_beeswax.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_event_seria_bind.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_event_seria_kaleido.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_event_seria_key.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_event_seria_mega.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_event_seria_remi.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_event_seria_running.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_event_seria_scream.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_event_seria_serabox.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_event_seria_seriaguard.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_event_seriea.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_event_seriea_mega.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_event_sheep_wolf.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_eventbak.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_eventgoblin.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_evileye.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_flydragon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_flydragon_passiveobject.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_gbl_breeding.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_gbl_goddess_temple.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_ghoul.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_goblin.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_goblin_effect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_goblin_equipment.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_goblin_event.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_goblin_golgo.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_goblin_passiveobject.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_goblin_skycastle.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_goblin_skycastle_equipment.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_golem.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_golem_equipment.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_golem_particle.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_golem_passiveobject.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_grim.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_grim_effect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_gunner_exs.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_gunner_ez8.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_gunner_ez8ex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_gunner_fightingspirit.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_gunner_firerx78.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_gunner_headingrx78.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_gunner_healrx78.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_gunner_rx78.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_gunner_tempester.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_gunner_tempesterat.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_haze.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_headlessknight.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_heaven_captain_berhik.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_heaven_captainshured.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_heaven_dorian.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_heaven_gt9600.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_heaven_letsburn_bentinck.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_heaven_mechanicgiselle.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_heaven_silverman.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_heaven_silversmallman.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_heaven_specialforce.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_heaven_vulcherspecialforce.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_hunter.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_hunter_passiveobject.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_icetiger.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_impossible_bakal.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_impossible_blackearth.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_impossible_blackearth_dark_column.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_impossible_blackearth_fear_effect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_impossible_blackearth_howling_pain.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_impossible_blackearth_icon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_impossible_blackearth_spaceescape.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_impossible_cosmofiend.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_impossible_goblin.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_iris.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_laowu.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_leshphon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_leshphon_fire_effect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_lizardman.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_lordoflight.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_lotus.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_lugaru.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_lugaru_ciel_attribute.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_lugaru_equipment.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_machine_ball.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_magma.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_magma_equipment_atlas.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_magma_equipment_goliath.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_magma_equipment_incomplete.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_magma_equipment_titan.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_magma_magmasacrificerbig.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_magma_oilsellerolek.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_medeia.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_militiaman.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_mimic.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_mj.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_monsterflower.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_mouseheadsue.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_nugol.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_oldscreamingcave.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_peterthepiper.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_power_station.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_power_station_furz_station.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_power_station_no3_station.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_power_station_no3_station_effect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_power_station_no3_station_granite_t.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_queen_rosi.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_ranjerus.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_ranjerus_baricate.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_riding_at_5t.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_riding_gatling_tower.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_scarecrow.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_scasa.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_screamingcave.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_screamingcave_apopis.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_screamingcave_hardy.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_screamingcave_highspectresslene.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_sealstone.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_shonan.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_silverspoon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_skeleton.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_skeleton_change.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_skeleton_equipment.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_skeleton_magicmirror.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_skeleton_sleep.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_skeleton_stick.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_skeleton_stone.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_skillhuntress.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_slime.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_slotor.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_snowman.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_soceress.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_soldier.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_soldier_axeexpeller.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_soldier_axionexpeller.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_soldier_expeller.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_soldier_guard.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_soldier_hammerking.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_soldier_heavenexpeller.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_soldier_legionexpeller.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_soldier_passiveobject.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_soldier_sandorexpeller.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_soldier_sandorexpellerex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_soldier_tsmexpeller.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_spacefish.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_spider.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_spikeking.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_spikeking_effect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_spirit.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_spirit_fire_higher.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_spirit_spiritex.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_starfish.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_statue.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_succubus.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_suspicion.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_tau.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_tau_equipment.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_thief.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_timegate.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_timegate_beginning.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_timegate_conflagration.NPK

 

[Konishi]

c:\program files (x86)\dnf\ImagePacks2\sprite_monster_timegate_consciousness.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_timegate_epidemic.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_timegate_parasite.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_timegate_timelord.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_timegate_topsecretarea.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_timegate_topsecretarea_allusion.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_timegate_topsecretarea_effect.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_timegate_topsecretarea_observer.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_toy.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_toy_hiddentoy.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_toy_passiveobject.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_trowgoblin.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_vehicle.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_witch.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_wraith.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_young_scasa.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_zealot.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_zealotrebirth.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_zepplin.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_monster_zombie.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_pet_common.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_pet_falcon.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_temp.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_temp_2006worldcupevent.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_worldmap.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_worldmap_act1.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_worldmap_act2.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_worldmap_act3.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_worldmap_act4.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_worldmap_act5.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_worldmap_act6.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_worldmap_act7.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_worldmap_impossible.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_worldmap_selectdungeonslot.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_worldmap_towers.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_worldmap_village_cartel.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_worldmap_village_gbl.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_worldmap_village_grim.NPK
c:\program files (x86)\dnf\ImagePacks2\sprite_worldmap_village_moonlightpub.NPK
c:\program files (x86)\dnf\LagLog.txt
c:\program files (x86)\dnf\localpackage.lst
c:\program files (x86)\dnf\loginInfo.inf
c:\program files (x86)\dnf\msvcp71.dll
c:\program files (x86)\dnf\msvcr71.dll
c:\program files (x86)\dnf\Music\1st_spine .ogg
c:\program files (x86)\dnf\Music\1st_spine.ogg
c:\program files (x86)\dnf\Music\1st_spine_boss.ogg
c:\program files (x86)\dnf\Music\2011carol_town.ogg
c:\program files (x86)\dnf\Music\2nd_spine.ogg
c:\program files (x86)\dnf\Music\2nd_spine_boss.ogg
c:\program files (x86)\dnf\Music\aganzo.ogg
c:\program files (x86)\dnf\Music\aganzo_boss.ogg
c:\program files (x86)\dnf\Music\alfhlyra_new.ogg
c:\program files (x86)\dnf\Music\arden.ogg
c:\program files (x86)\dnf\Music\arden_boss.ogg
c:\program files (x86)\dnf\Music\b_float_castle.ogg
c:\program files (x86)\dnf\Music\bakalcastle.ogg
c:\program files (x86)\dnf\Music\bakalcastle_boss.ogg
c:\program files (x86)\dnf\Music\bakalcastle_intro.ogg
c:\program files (x86)\dnf\Music\Battle_Festa_01.ogg
c:\program files (x86)\dnf\Music\Battle_Festa_02.ogg
c:\program files (x86)\dnf\Music\Battle_Festa_loading.ogg
c:\program files (x86)\dnf\Music\Battle_Festa_waiting.ogg
c:\program files (x86)\dnf\Music\behemoth_b01_1.ogg
c:\program files (x86)\dnf\Music\blackdragon_event.ogg
c:\program files (x86)\dnf\Music\blackearth.ogg
c:\program files (x86)\dnf\Music\blackearth_boss.ogg
c:\program files (x86)\dnf\Music\blackearth_named.ogg
c:\program files (x86)\dnf\Music\bloodbutterfly.ogg
c:\program files (x86)\dnf\Music\bloodbutterfly_boss.ogg
c:\program files (x86)\dnf\Music\bloodhell.ogg
c:\program files (x86)\dnf\Music\bloodhell_boss.ogg
c:\program files (x86)\dnf\Music\Bloodtower_01.ogg
c:\program files (x86)\dnf\Music\Bloodtower_02.ogg
c:\program files (x86)\dnf\Music\Bloodtower_03.ogg
c:\program files (x86)\dnf\Music\breeding_place.ogg
c:\program files (x86)\dnf\Music\breeding_place_boss.ogg
c:\program files (x86)\dnf\Music\bwanga.ogg
c:\program files (x86)\dnf\Music\bwanga_boss.ogg
c:\program files (x86)\dnf\Music\carol_gate.ogg
c:\program files (x86)\dnf\Music\carol_rock.ogg
c:\program files (x86)\dnf\Music\carol_shop.ogg
c:\program files (x86)\dnf\Music\cartel_headquater.ogg
c:\program files (x86)\dnf\Music\cartel_headquater_boss.ogg
c:\program files (x86)\dnf\Music\cartel_jump_down.ogg
c:\program files (x86)\dnf\Music\characterSelectStage.ogg
c:\program files (x86)\dnf\Music\charnakridge.ogg
c:\program files (x86)\dnf\Music\charnakridge_boss.ogg
c:\program files (x86)\dnf\Music\church.ogg
c:\program files (x86)\dnf\Music\cold_boy.ogg
c:\program files (x86)\dnf\Music\darkelf_amb.ogg
c:\program files (x86)\dnf\Music\darkelf_boss.ogg
c:\program files (x86)\dnf\Music\darkness_enter.ogg
c:\program files (x86)\dnf\Music\darkness_enter_boss.ogg
c:\program files (x86)\dnf\Music\dendroid.ogg
c:\program files (x86)\dnf\Music\despair_tower_top.ogg
c:\program files (x86)\dnf\Music\despair_tower_under.ogg
c:\program files (x86)\dnf\Music\dimensionspace.ogg
c:\program files (x86)\dnf\Music\dimensionspace_boss.ogg
c:\program files (x86)\dnf\Music\draconian_tower.ogg
c:\program files (x86)\dnf\Music\draconian_tower_boss.ogg
c:\program files (x86)\dnf\Music\eventBGM.ogg
c:\program files (x86)\dnf\Music\evilspirit.ogg
c:\program files (x86)\dnf\Music\eviltower_01.ogg
c:\program files (x86)\dnf\Music\eviltower_02.ogg
c:\program files (x86)\dnf\Music\float_castle.ogg
c:\program files (x86)\dnf\Music\forest_town.ogg
c:\program files (x86)\dnf\Music\forest01_new.ogg
c:\program files (x86)\dnf\Music\forest02.ogg
c:\program files (x86)\dnf\Music\gate_new.ogg
c:\program files (x86)\dnf\Music\GBLarad.ogg
c:\program files (x86)\dnf\Music\GBLarad_boss.ogg
c:\program files (x86)\dnf\Music\GBLarad_hatchery.ogg
c:\program files (x86)\dnf\Music\GBLarad_hatchery_boss.ogg
c:\program files (x86)\dnf\Music\GBLarad_lab.ogg
c:\program files (x86)\dnf\Music\GBLarad_lab_boss.ogg
c:\program files (x86)\dnf\Music\gblkingdom.ogg
c:\program files (x86)\dnf\Music\gblkingdom_boss.ogg
c:\program files (x86)\dnf\Music\gentgate.ogg
c:\program files (x86)\dnf\Music\gentgate_boss.ogg
c:\program files (x86)\dnf\Music\gentgate_defence.ogg
c:\program files (x86)\dnf\Music\gentgate_defence_boss.ogg
c:\program files (x86)\dnf\Music\gentgate_east.ogg
c:\program files (x86)\dnf\Music\gentgate_east_boss.ogg
c:\program files (x86)\dnf\Music\gentgate_north.ogg
c:\program files (x86)\dnf\Music\gentgate_north_boss.ogg
c:\program files (x86)\dnf\Music\gentgate_outside.ogg
c:\program files (x86)\dnf\Music\gentgate_outside_boss.ogg
c:\program files (x86)\dnf\Music\ghost_train.ogg
c:\program files (x86)\dnf\Music\ghost_train_boss.ogg
c:\program files (x86)\dnf\Music\goddess_temple.ogg
c:\program files (x86)\dnf\Music\goddess_temple_boss.ogg
c:\program files (x86)\dnf\Music\golem_tower.ogg
c:\program files (x86)\dnf\Music\golem_tower_boss.ogg
c:\program files (x86)\dnf\Music\grakkarak_new.ogg
c:\program files (x86)\dnf\Music\grakkarak_new_boss.ogg
c:\program files (x86)\dnf\Music\grenselos_battle.ogg
c:\program files (x86)\dnf\Music\grenselos_ready.ogg
c:\program files (x86)\dnf\Music\grenselos_truce.ogg
c:\program files (x86)\dnf\Music\grozny_boss.ogg
c:\program files (x86)\dnf\Music\grozny_boss_new.ogg
c:\program files (x86)\dnf\Music\Gseeker01.ogg
c:\program files (x86)\dnf\Music\Gseeker01_boss.ogg
c:\program files (x86)\dnf\Music\Guild_agit.ogg
c:\program files (x86)\dnf\Music\hall_of_doll.ogg
c:\program files (x86)\dnf\Music\hall_of_doll_boss.ogg
c:\program files (x86)\dnf\Music\hameln.ogg
c:\program files (x86)\dnf\Music\hameln_boss.ogg
c:\program files (x86)\dnf\Music\haze.ogg
c:\program files (x86)\dnf\Music\haze_boss.ogg
c:\program files (x86)\dnf\Music\hellmonster.ogg
c:\program files (x86)\dnf\Music\hendonmyre_new.ogg
c:\program files (x86)\dnf\Music\icepalace.ogg
c:\program files (x86)\dnf\Music\icepalace_boss.ogg
c:\program files (x86)\dnf\Music\illusiontower.ogg
c:\program files (x86)\dnf\Music\interception.ogg
c:\program files (x86)\dnf\Music\interception_boss.ogg
c:\program files (x86)\dnf\Music\intro.ogg
c:\program files (x86)\dnf\Music\job_guide.ogg
c:\program files (x86)\dnf\Music\kings_ruins.ogg
c:\program files (x86)\dnf\Music\leshphon.ogg
c:\program files (x86)\dnf\Music\leshphon_boss.ogg
c:\program files (x86)\dnf\Music\lufthafen.ogg
c:\program files (x86)\dnf\Music\magma_cave.ogg
c:\program files (x86)\dnf\Music\mirkwood.ogg
c:\program files (x86)\dnf\Music\mirkwood_boss.ogg
c:\program files (x86)\dnf\Music\mocean.ogg
c:\program files (x86)\dnf\Music\nightattack.ogg
c:\program files (x86)\dnf\Music\nightattack_boss.ogg
c:\program files (x86)\dnf\Music\Npera.ogg
c:\program files (x86)\dnf\Music\Npera_boss.ogg
c:\program files (x86)\dnf\Music\odesa_boss_new.ogg
c:\program files (x86)\dnf\Music\odesa_new.ogg
c:\program files (x86)\dnf\Music\outer_temple.ogg
c:\program files (x86)\dnf\Music\palace_of_load.ogg
c:\program files (x86)\dnf\Music\palace_of_load_boss.ogg
c:\program files (x86)\dnf\Music\pirate.ogg
c:\program files (x86)\dnf\Music\pirate_boss.ogg
c:\program files (x86)\dnf\Music\purgatory.ogg
c:\program files (x86)\dnf\Music\purgatory_boss.ogg
c:\program files (x86)\dnf\Music\pursuit.ogg
c:\program files (x86)\dnf\Music\pursuit_boss.ogg
c:\program files (x86)\dnf\Music\pvp_bwanga.ogg
c:\program files (x86)\dnf\Music\pvp_counter.ogg
c:\program files (x86)\dnf\Music\pvp_odesa.ogg
c:\program files (x86)\dnf\Music\pvp_practice.ogg
c:\program files (x86)\dnf\Music\pvp_pub.ogg
c:\program files (x86)\dnf\Music\pvp_tower.ogg
c:\program files (x86)\dnf\Music\result.ogg
c:\program files (x86)\dnf\Music\riku_boss.ogg
c:\program files (x86)\dnf\Music\riku_cave.ogg
c:\program files (x86)\dnf\Music\sc_01.ogg
c:\program files (x86)\dnf\Music\sc_b01.ogg
c:\program files (x86)\dnf\Music\sc_b02.ogg
c:\program files (x86)\dnf\Music\sc_b03.ogg
c:\program files (x86)\dnf\Music\screaming_cave.ogg
c:\program files (x86)\dnf\Music\screaming_cave_boss.ogg
c:\program files (x86)\dnf\Music\seatrain.ogg
c:\program files (x86)\dnf\Music\seatrain_boss.ogg
c:\program files (x86)\dnf\Music\seatrain_kong.ogg
c:\program files (x86)\dnf\Music\secret.ogg
c:\program files (x86)\dnf\Music\sera_shop_new.ogg
c:\program files (x86)\dnf\Music\shadow_maze.ogg
c:\program files (x86)\dnf\Music\shadow_maze_boss.ogg
c:\program files (x86)\dnf\Music\shallow_keep.ogg
c:\program files (x86)\dnf\Music\shallow_keep_b01.ogg
c:\program files (x86)\dnf\Music\shonan.ogg
c:\program files (x86)\dnf\Music\skasa.ogg
c:\program files (x86)\dnf\Music\skasa_boss.ogg
c:\program files (x86)\dnf\Music\skycastle.ogg
c:\program files (x86)\dnf\Music\skycastle_boss.ogg
c:\program files (x86)\dnf\Music\skystair.ogg
c:\program files (x86)\dnf\Music\SoundPacks\sounds_amb.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_fighter.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_fighter_effect.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_fighter_m.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_fighter_m_effect.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_fighter_weapon.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_gunner.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_gunner_effect.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_gunner_f.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_gunner_f_effect.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_gunner_weapon.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_priest.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_priest_effect.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_priest_weapon.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_swordman.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_swordman_effect.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_swordman_weapon.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_thief.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_thief_effect.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_thief_weapon.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_wizard.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_wizard_effect.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_wizard_m.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_wizard_m_effect.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_char_wizard_weapon.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_creature_common.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_creature_effect.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_dialog.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_effect.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_effect_amb.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_effect_magic.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_equip_acc.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_equip_armor.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_equip_title.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_hookup.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_mon_act1.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_mon_act2.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_mon_act3.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_mon_act4.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_mon_act5.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_mon_act6.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_mon_act7.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_mon_act8.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_mon_actx.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_mon_actx_1.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_mon_blood.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_mon_combat.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_mon_hellmon.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_mon_impossible.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_npc.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_pet.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_stak.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_stak_material.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_stak_recipe.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_stak_throw.npk
c:\program files (x86)\dnf\Music\SoundPacks\sounds_ui.npk
c:\program files (x86)\dnf\Music\spider.ogg
c:\program files (x86)\dnf\Music\spider_boss.ogg
c:\program files (x86)\dnf\Music\squadwar.ogg
c:\program files (x86)\dnf\Music\squadwar_boss.ogg
c:\program files (x86)\dnf\Music\storm_pass.ogg
c:\program files (x86)\dnf\Music\sunderland.ogg
c:\program files (x86)\dnf\Music\sunderland_boss.ogg
c:\program files (x86)\dnf\Music\suspicion.ogg
c:\program files (x86)\dnf\Music\suspicion_boss.ogg
c:\program files (x86)\dnf\Music\t_adios_verrickt(cartel_boss).ogg
c:\program files (x86)\dnf\Music\t_black_holy_war(b_church).ogg
c:\program files (x86)\dnf\Music\t_chaos_begin(conflagration).ogg
c:\program files (x86)\dnf\Music\t_confrontation(old_scave_boss).ogg
c:\program files (x86)\dnf\Music\t_consciousness.ogg
c:\program files (x86)\dnf\Music\t_conspiracy(old_scave).ogg
c:\program files (x86)\dnf\Music\t_failed_metastasis(s_area).ogg
c:\program files (x86)\dnf\Music\t_iris_song.ogg
c:\program files (x86)\dnf\Music\t_land_of_darkness(epidemic).ogg
c:\program files (x86)\dnf\Music\t_out_of_control(b_church_boss).ogg
c:\program files (x86)\dnf\Music\t_quest_theme.ogg
c:\program files (x86)\dnf\Music\t_rage(conflagration_boss).ogg
c:\program files (x86)\dnf\Music\t_skull_knight(epidemic_boss).ogg
c:\program files (x86)\dnf\Music\t_the_kerberos(s_area_boss).ogg
c:\program files (x86)\dnf\Music\t_three_dragons(beginning).ogg
c:\program files (x86)\dnf\Music\t_we_are_desperado(cartel).ogg
c:\program files (x86)\dnf\Music\t_young_skasa(beginning_boss).ogg
c:\program files (x86)\dnf\Music\tavern.ogg
c:\program files (x86)\dnf\Music\temp_mcgee.ogg
c:\program files (x86)\dnf\Music\thief.ogg
c:\program files (x86)\dnf\Music\thief_boss.ogg
c:\program files (x86)\dnf\Music\timegate.ogg
c:\program files (x86)\dnf\Music\tournament_ready.ogg
c:\program files (x86)\dnf\Music\tournament_stage_01.ogg
c:\program files (x86)\dnf\Music\tournament_stage_02.ogg
c:\program files (x86)\dnf\Music\town_ghost.ogg
c:\program files (x86)\dnf\Music\town_pvp.ogg
c:\program files (x86)\dnf\Music\underfoot.ogg
c:\program files (x86)\dnf\Music\underfoot_enterence.ogg
c:\program files (x86)\dnf\Music\underfoot_enterence_boss.ogg
c:\program files (x86)\dnf\Music\vdefence.ogg
c:\program files (x86)\dnf\Music\vilmark.ogg
c:\program files (x86)\dnf\Music\vilmark_boss.ogg
c:\program files (x86)\dnf\Music\westcoast_new.ogg
c:\program files (x86)\dnf\Music\whiteland.ogg
c:\program files (x86)\dnf\Music\whiteland_boss.ogg
c:\program files (x86)\dnf\Music\whitenight.ogg
c:\program files (x86)\dnf\Music\whitenight_boss.ogg
c:\program files (x86)\dnf\neomapa.dll
c:\program files (x86)\dnf\NeopleIns.exe
c:\program files (x86)\dnf\NeopleLauncher.exe
c:\program files (x86)\dnf\package.lst
c:\program files (x86)\dnf\patchw32.dll
c:\program files (x86)\dnf\Script.pvf
c:\program files (x86)\dnf\SoundPacks\sounds_amb.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_darkknight.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_darkknight_effect.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_fighter.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_fighter_effect.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_fighter_m.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_fighter_m_effect.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_fighter_weapon.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_gunner.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_gunner_effect.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_gunner_f.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_gunner_f_effect.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_gunner_weapon.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_priest.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_priest_effect.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_priest_weapon.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_swordman.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_swordman_effect.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_swordman_weapon.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_thief.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_thief_effect.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_thief_weapon.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_wizard.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_wizard_effect.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_wizard_m.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_wizard_m_effect.npk
c:\program files (x86)\dnf\SoundPacks\sounds_char_wizard_weapon.npk
c:\program files (x86)\dnf\SoundPacks\sounds_creature_common.npk
c:\program files (x86)\dnf\SoundPacks\sounds_creature_effect.npk
c:\program files (x86)\dnf\SoundPacks\sounds_dialog.npk
c:\program files (x86)\dnf\SoundPacks\sounds_effect.npk
c:\program files (x86)\dnf\SoundPacks\sounds_effect_amb.npk
c:\program files (x86)\dnf\SoundPacks\sounds_effect_magic.npk
c:\program files (x86)\dnf\SoundPacks\sounds_equip_acc.npk
c:\program files (x86)\dnf\SoundPacks\sounds_equip_armor.npk
c:\program files (x86)\dnf\SoundPacks\sounds_equip_title.npk
c:\program files (x86)\dnf\SoundPacks\sounds_hookup.npk
c:\program files (x86)\dnf\SoundPacks\sounds_mon_act1.npk
c:\program files (x86)\dnf\SoundPacks\sounds_mon_act2.npk
c:\program files (x86)\dnf\SoundPacks\sounds_mon_act3.npk
c:\program files (x86)\dnf\SoundPacks\sounds_mon_act4.npk
c:\program files (x86)\dnf\SoundPacks\sounds_mon_act5.npk
c:\program files (x86)\dnf\SoundPacks\sounds_mon_act6.npk
c:\program files (x86)\dnf\SoundPacks\sounds_mon_act7.npk
c:\program files (x86)\dnf\SoundPacks\sounds_mon_act8.npk
c:\program files (x86)\dnf\SoundPacks\sounds_mon_actx.npk
c:\program files (x86)\dnf\SoundPacks\sounds_mon_actx_1.npk
c:\program files (x86)\dnf\SoundPacks\sounds_mon_blood.npk
c:\program files (x86)\dnf\SoundPacks\sounds_mon_combat.npk
c:\program files (x86)\dnf\SoundPacks\sounds_mon_hellmon.npk
c:\program files (x86)\dnf\SoundPacks\sounds_mon_impossible.npk
c:\program files (x86)\dnf\SoundPacks\sounds_mon_time.npk
c:\program files (x86)\dnf\SoundPacks\sounds_npc.npk
c:\program files (x86)\dnf\SoundPacks\sounds_pet.npk
c:\program files (x86)\dnf\SoundPacks\sounds_stak.npk
c:\program files (x86)\dnf\SoundPacks\sounds_stak_material.npk
c:\program files (x86)\dnf\SoundPacks\sounds_stak_recipe.npk
c:\program files (x86)\dnf\SoundPacks\sounds_stak_throw.npk
c:\program files (x86)\dnf\SoundPacks\sounds_ui.npk
c:\program files (x86)\dnf\version.inf
c:\program files (x86)\dnf\Video\AtFighter\AimVitalPoint.avi
c:\program files (x86)\dnf\Video\AtFighter\AttackSpeedUp.avi
c:\program files (x86)\dnf\Video\AtFighter\BlockBuster.avi
c:\program files (x86)\dnf\Video\AtFighter\ClosePunch.avi
c:\program files (x86)\dnf\Video\AtFighter\CrashLowKick.avi
c:\program files (x86)\dnf\Video\AtFighter\CrazyMount.avi
c:\program files (x86)\dnf\Video\AtFighter\Crouch.avi
c:\program files (x86)\dnf\Video\AtFighter\DamageLowKick.avi
c:\program files (x86)\dnf\Video\AtFighter\DashAfterDash.avi
c:\program files (x86)\dnf\Video\AtFighter\DashAfterDashExtension.avi
c:\program files (x86)\dnf\Video\AtFighter\DashPunch.avi
c:\program files (x86)\dnf\Video\AtFighter\DefiniteGrab.avi
c:\program files (x86)\dnf\Video\AtFighter\DestroyEarthSkyDrop.avi
c:\program files (x86)\dnf\Video\AtFighter\EarthBreak.avi
c:\program files (x86)\dnf\Video\AtFighter\EnchantPoison.avi
c:\program files (x86)\dnf\Video\AtFighter\EnergyBall.avi
c:\program files (x86)\dnf\Video\AtFighter\FastDash.avi
c:\program files (x86)\dnf\Video\AtFighter\FlameLegs.avi
c:\program files (x86)\dnf\Video\AtFighter\GrabExplosion.avi
c:\program files (x86)\dnf\Video\AtFighter\GroundKick.avi
c:\program files (x86)\dnf\Video\AtFighter\HiddenSting.avi
c:\program files (x86)\dnf\Video\AtFighter\HoldUp.avi
c:\program files (x86)\dnf\Video\AtFighter\IllusionBomb.avi
c:\program files (x86)\dnf\Video\AtFighter\JunkSpin.avi
c:\program files (x86)\dnf\Video\AtFighter\Kensin.avi
c:\program files (x86)\dnf\Video\AtFighter\Kikouken.avi
c:\program files (x86)\dnf\Video\AtFighter\LegSuplex.avi
c:\program files (x86)\dnf\Video\AtFighter\LiftUpper.avi
c:\program files (x86)\dnf\Video\AtFighter\LightningDance.avi
c:\program files (x86)\dnf\Video\AtFighter\LightningDragon.avi
c:\program files (x86)\dnf\Video\AtFighter\LightToleranceUp.avi
c:\program files (x86)\dnf\Video\AtFighter\Mount.avi
c:\program files (x86)\dnf\Video\AtFighter\MuscleShift.avi
c:\program files (x86)\dnf\Video\AtFighter\NenFlower.avi
c:\program files (x86)\dnf\Video\AtFighter\NenGuard.avi
c:\program files (x86)\dnf\Video\AtFighter\NenMonsterWhiteTiger.avi
c:\program files (x86)\dnf\Video\AtFighter\Provocation.avi
c:\program files (x86)\dnf\Video\AtFighter\PunchAfterReturn.avi
c:\program files (x86)\dnf\Video\AtFighter\RandomKick.avi
c:\program files (x86)\dnf\Video\AtFighter\RisingUpper.avi
c:\program files (x86)\dnf\Video\AtFighter\Sajahu.avi
c:\program files (x86)\dnf\Video\AtFighter\ShoulderCharge.avi
c:\program files (x86)\dnf\Video\AtFighter\ShoulderTackle.avi
c:\program files (x86)\dnf\Video\AtFighter\SingleKick.avi
c:\program files (x86)\dnf\Video\AtFighter\SlowDownPowerUp.avi
c:\program files (x86)\dnf\Video\AtFighter\SpiralNen.avi
c:\program files (x86)\dnf\Video\AtFighter\SpiralNenShoot.avi
c:\program files (x86)\dnf\Video\AtFighter\SpiralNenSpin.avi
c:\program files (x86)\dnf\Video\AtFighter\Spire.avi
c:\program files (x86)\dnf\Video\AtFighter\Stomp.avi
c:\program files (x86)\dnf\Video\AtFighter\SuperArmor.avi
c:\program files (x86)\dnf\Video\AtFighter\Suplex.avi
c:\program files (x86)\dnf\Video\AtFighter\SuplexCyclone.avi
c:\program files (x86)\dnf\Video\AtFighter\ThrowEnemy.avi
c:\program files (x86)\dnf\Video\AtFighter\ThrowSand.avi
c:\program files (x86)\dnf\Video\AtFighter\ThrowWeb.avi
c:\program files (x86)\dnf\Video\AtFighter\TunderSuplex.avi
c:\program files (x86)\dnf\Video\AtFighter\Typhoon.avi
c:\program files (x86)\dnf\Video\AtFighter\VenomMine.avi
c:\program files (x86)\dnf\Video\AtFighter\WhirlWindKick.avi
c:\program files (x86)\dnf\Video\AtFighter\WildCannonSpike.avi
c:\program files (x86)\dnf\Video\AtGunner\AerialGatling.avi
c:\program files (x86)\dnf\Video\AtGunner\AerialKnee.avi
c:\program files (x86)\dnf\Video\AtGunner\AirRadEx.avi
c:\program files (x86)\dnf\Video\AtGunner\AirRaid.avi
c:\program files (x86)\dnf\Video\AtGunner\AncientTrigger.avi
c:\program files (x86)\dnf\Video\AtGunner\BlizzardThrowerBoost.avi
c:\program files (x86)\dnf\Video\AtGunner\BulletGuard.avi
c:\program files (x86)\dnf\Video\AtGunner\C4Remote.avi
c:\program files (x86)\dnf\Video\AtGunner\C4RemoteEx.avi
c:\program files (x86)\dnf\Video\AtGunner\Camouflage.avi
c:\program files (x86)\dnf\Video\AtGunner\CannonBall.avi
c:\program files (x86)\dnf\Video\AtGunner\CounterShoot.avi
c:\program files (x86)\dnf\Video\AtGunner\CrossShoot.avi
c:\program files (x86)\dnf\Video\AtGunner\DoubleGunhawk.avi
c:\program files (x86)\dnf\Video\AtGunner\EMPStorm.avi
c:\program files (x86)\dnf\Video\AtGunner\Extruder.avi
c:\program files (x86)\dnf\Video\AtGunner\FastKnee.avi
c:\program files (x86)\dnf\Video\AtGunner\FastShoot.avi
c:\program files (x86)\dnf\Video\AtGunner\FlameBullet.avi
c:\program files (x86)\dnf\Video\AtGunner\FlameThrower.avi
c:\program files (x86)\dnf\Video\AtGunner\FlameThrowerBoost.avi
c:\program files (x86)\dnf\Video\AtGunner\FlashMine.avi
c:\program files (x86)\dnf\Video\AtGunner\FlashMineEx.avi
c:\program files (x86)\dnf\Video\AtGunner\FreezeBullet.avi
c:\program files (x86)\dnf\Video\AtGunner\Frezze Grenade.avi
c:\program files (x86)\dnf\Video\AtGunner\G0.avi
c:\program files (x86)\dnf\Video\AtGunner\G1.avi
c:\program files (x86)\dnf\Video\AtGunner\G2.avi
c:\program files (x86)\dnf\Video\AtGunner\G3.avi
c:\program files (x86)\dnf\Video\AtGunner\Gatling.avi
c:\program files (x86)\dnf\Video\AtGunner\GrenadeLight.avi
c:\program files (x86)\dnf\Video\AtGunner\GrenadeNone.avi
c:\program files (x86)\dnf\Video\AtGunner\GrenadeWater.avi
c:\program files (x86)\dnf\Video\AtGunner\HeadShot.avi
c:\program files (x86)\dnf\Video\AtGunner\HighAngleSliding.avi
c:\program files (x86)\dnf\Video\AtGunner\ImproveHitDelay.avi
c:\program files (x86)\dnf\Video\AtGunner\ImprovePiercing.avi
c:\program files (x86)\dnf\Video\AtGunner\LaserRifle.avi
c:\program files (x86)\dnf\Video\AtGunner\LaserRifleCharge.avi
c:\program files (x86)\dnf\Video\AtGunner\LiftShot.avi
c:\program files (x86)\dnf\Video\AtGunner\MechaDrop.avi
c:\program files (x86)\dnf\Video\AtGunner\MultiHaedShotEx.avi
c:\program files (x86)\dnf\Video\AtGunner\MultiHeadShot.avi
c:\program files (x86)\dnf\Video\AtGunner\NapalmBomb.avi
c:\program files (x86)\dnf\Video\AtGunner\NielSniping.avi
c:\program files (x86)\dnf\Video\AtGunner\Punisher.avi
c:\program files (x86)\dnf\Video\AtGunner\RandomShoot.avi
c:\program files (x86)\dnf\Video\AtGunner\RevolverCriticalDamageUp.avi
c:\program files (x86)\dnf\Video\AtGunner\RobotExs.avi
c:\program files (x86)\dnf\Video\AtGunner\RobotExsEx.avi
c:\program files (x86)\dnf\Video\AtGunner\RobotEz8.avi
c:\program files (x86)\dnf\Video\AtGunner\RobotEz8Ex.avi
c:\program files (x86)\dnf\Video\AtGunner\Robotics.avi
c:\program files (x86)\dnf\Video\AtGunner\RobotRX78.avi
c:\program files (x86)\dnf\Video\AtGunner\RobotsExplosion.avi
c:\program files (x86)\dnf\Video\AtGunner\RobotTempester.avi
c:\program files (x86)\dnf\Video\AtGunner\SilverBullet.avi
c:\program files (x86)\dnf\Video\AtGunner\SparrowFactory.avi
c:\program files (x86)\dnf\Video\AtGunner\StayOnJumpShoot.avi
c:\program files (x86)\dnf\Video\AtGunner\SteyrHeavyRifle.avi
c:\program files (x86)\dnf\Video\AtGunner\Stinger.avi
c:\program files (x86)\dnf\Video\AtGunner\StingerEx.avi
c:\program files (x86)\dnf\Video\AtGunner\SubWeaponStuckDown.avi
c:\program files (x86)\dnf\Video\AtGunner\TurningShoot.avi
c:\program files (x86)\dnf\Video\AtGunner\TwinGunblade.avi
c:\program files (x86)\dnf\Video\AtGunner\UraniumBomb.avi
c:\program files (x86)\dnf\Video\AtGunner\WalkShoot.avi
c:\program files (x86)\dnf\Video\AtGunner\Windmill.avi
c:\program files (x86)\dnf\Video\AtMage\BlueDragonWill.avi
c:\program files (x86)\dnf\Video\AtMage\BrokenArrow.avi
c:\program files (x86)\dnf\Video\AtMage\ChainLightning.avi

 

[Konishi]

c:\program files (x86)\dnf\Video\AtMage\Concentrate.avi
c:\program files (x86)\dnf\Video\AtMage\CrystalAttack.avi
c:\program files (x86)\dnf\Video\AtMage\DarkChange.avi
c:\program files (x86)\dnf\Video\AtMage\DarknessMantle.avi
c:\program files (x86)\dnf\Video\AtMage\ElementalBuster.avi
c:\program files (x86)\dnf\Video\AtMage\ElementalChange.avi
c:\program files (x86)\dnf\Video\AtMage\ElementalRain.avi
c:\program files (x86)\dnf\Video\AtMage\ElementalStrikeEx.avi
c:\program files (x86)\dnf\Video\AtMage\FallenBlossoms.avi
c:\program files (x86)\dnf\Video\AtMage\FirePillar.avi
c:\program files (x86)\dnf\Video\AtMage\FireRoad.avi
c:\program files (x86)\dnf\Video\AtMage\FlameCircle.avi
c:\program files (x86)\dnf\Video\AtMage\FrozenLand.avi
c:\program files (x86)\dnf\Video\AtMage\HolongLight.avi
c:\program files (x86)\dnf\Video\AtMage\IceArea.avi
c:\program files (x86)\dnf\Video\AtMage\IceChakram.avi
c:\program files (x86)\dnf\Video\AtMage\IceCrash.avi
c:\program files (x86)\dnf\Video\AtMage\IceFieldEx.avi
c:\program files (x86)\dnf\Video\AtMage\IceMan.avi
c:\program files (x86)\dnf\Video\AtMage\IceOrbEx.avi
c:\program files (x86)\dnf\Video\AtMage\IceRoad.avi
c:\program files (x86)\dnf\Video\AtMage\IceSword.avi
c:\program files (x86)\dnf\Video\AtMage\LightningWall.avi
c:\program files (x86)\dnf\Video\AtMage\MagicCannon.avi
c:\program files (x86)\dnf\Video\AtMage\MagicShield.avi
c:\program files (x86)\dnf\Video\AtMage\ManaBurst.avi
c:\program files (x86)\dnf\Video\AtMage\MultiShot.avi
c:\program files (x86)\dnf\Video\AtMage\PieceOfIce.avi
c:\program files (x86)\dnf\Video\AtMage\PushOut.avi
c:\program files (x86)\dnf\Video\AtMage\Resonance.avi
c:\program files (x86)\dnf\Video\AtMage\Teleport.avi
c:\program files (x86)\dnf\Video\AtMage\TurnWindmill.avi
c:\program files (x86)\dnf\Video\AtMage\WaterCannon.avi
c:\program files (x86)\dnf\Video\AtMage\WindStrike.avi
c:\program files (x86)\dnf\Video\ClassChange0.avi
c:\program files (x86)\dnf\Video\ClassChange1.avi
c:\program files (x86)\dnf\Video\ClassChange10.avi
c:\program files (x86)\dnf\Video\ClassChange11.avi
c:\program files (x86)\dnf\Video\ClassChange12.avi
c:\program files (x86)\dnf\Video\ClassChange13.avi
c:\program files (x86)\dnf\Video\ClassChange14.avi
c:\program files (x86)\dnf\Video\ClassChange15.avi
c:\program files (x86)\dnf\Video\ClassChange16.avi
c:\program files (x86)\dnf\Video\ClassChange17.avi
c:\program files (x86)\dnf\Video\ClassChange18.avi
c:\program files (x86)\dnf\Video\ClassChange19.avi
c:\program files (x86)\dnf\Video\ClassChange2.avi
c:\program files (x86)\dnf\Video\ClassChange20.avi
c:\program files (x86)\dnf\Video\ClassChange21.avi
c:\program files (x86)\dnf\Video\ClassChange22.avi
c:\program files (x86)\dnf\Video\ClassChange23.avi
c:\program files (x86)\dnf\Video\ClassChange24.avi
c:\program files (x86)\dnf\Video\ClassChange25.avi
c:\program files (x86)\dnf\Video\ClassChange28.avi
c:\program files (x86)\dnf\Video\ClassChange29.avi
c:\program files (x86)\dnf\Video\ClassChange3.avi
c:\program files (x86)\dnf\Video\ClassChange30.avi
c:\program files (x86)\dnf\Video\ClassChange31.avi
c:\program files (x86)\dnf\Video\ClassChange32.avi
c:\program files (x86)\dnf\Video\ClassChange33.avi
c:\program files (x86)\dnf\Video\ClassChange4.avi
c:\program files (x86)\dnf\Video\ClassChange5.avi
c:\program files (x86)\dnf\Video\ClassChange6.avi
c:\program files (x86)\dnf\Video\ClassChange7.avi
c:\program files (x86)\dnf\Video\ClassChange8.avi
c:\program files (x86)\dnf\Video\ClassChange9.avi
c:\program files (x86)\dnf\Video\Fighter\AimVitalPoint.avi
c:\program files (x86)\dnf\Video\Fighter\AttackSpeedUp.avi
c:\program files (x86)\dnf\Video\Fighter\BlockBuster.avi
c:\program files (x86)\dnf\Video\Fighter\BlockBusterEx.avi
c:\program files (x86)\dnf\Video\Fighter\ClosePunch.avi
c:\program files (x86)\dnf\Video\Fighter\CrashLowKick.avi
c:\program files (x86)\dnf\Video\Fighter\CrazyMount.avi
c:\program files (x86)\dnf\Video\Fighter\Crouch.avi
c:\program files (x86)\dnf\Video\Fighter\DamageLowKick.avi
c:\program files (x86)\dnf\Video\Fighter\DashAfterDash.avi
c:\program files (x86)\dnf\Video\Fighter\DashAfterDashExtension.avi
c:\program files (x86)\dnf\Video\Fighter\DashPunch.avi
c:\program files (x86)\dnf\Video\Fighter\DashPunchEx.avi
c:\program files (x86)\dnf\Video\Fighter\DefiniteGrab.avi
c:\program files (x86)\dnf\Video\Fighter\DoubleThrow.avi
c:\program files (x86)\dnf\Video\Fighter\EarthBreak.avi
c:\program files (x86)\dnf\Video\Fighter\EnchantPoison.avi
c:\program files (x86)\dnf\Video\Fighter\EnergyBall.avi
c:\program files (x86)\dnf\Video\Fighter\EnergyBallCharge.avi
c:\program files (x86)\dnf\Video\Fighter\GrabExplosion.avi
c:\program files (x86)\dnf\Video\Fighter\GrabExplosionEx.avi
c:\program files (x86)\dnf\Video\Fighter\HiddenSting.avi
c:\program files (x86)\dnf\Video\Fighter\HoldUp.avi
c:\program files (x86)\dnf\Video\Fighter\IllusionBomb.avi
c:\program files (x86)\dnf\Video\Fighter\JunkSpin.avi
c:\program files (x86)\dnf\Video\Fighter\Kensin.avi
c:\program files (x86)\dnf\Video\Fighter\Kikouken.avi
c:\program files (x86)\dnf\Video\Fighter\LegSuplex.avi
c:\program files (x86)\dnf\Video\Fighter\LegSuplexEx.avi
c:\program files (x86)\dnf\Video\Fighter\LiftUpper.avi
c:\program files (x86)\dnf\Video\Fighter\LightEnchantWeapon.avi
c:\program files (x86)\dnf\Video\Fighter\LightningDance.avi
c:\program files (x86)\dnf\Video\Fighter\LightningDragon.avi
c:\program files (x86)\dnf\Video\Fighter\LightToleranceUp.avi
c:\program files (x86)\dnf\Video\Fighter\Mount.avi
c:\program files (x86)\dnf\Video\Fighter\MuscleShift.avi
c:\program files (x86)\dnf\Video\Fighter\NenFlower.avi
c:\program files (x86)\dnf\Video\Fighter\NenGuard.avi
c:\program files (x86)\dnf\Video\Fighter\NenGuardEx.avi
c:\program files (x86)\dnf\Video\Fighter\NenMonsterWhiteTiger.avi
c:\program files (x86)\dnf\Video\Fighter\PoisonMist.avi
c:\program files (x86)\dnf\Video\Fighter\Provocation.avi
c:\program files (x86)\dnf\Video\Fighter\PunchAfterReturn.avi
c:\program files (x86)\dnf\Video\Fighter\RandomKick.avi
c:\program files (x86)\dnf\Video\Fighter\RisingUpper.avi
c:\program files (x86)\dnf\Video\Fighter\RisingUpperEx.avi
c:\program files (x86)\dnf\Video\Fighter\Sajahu.avi
c:\program files (x86)\dnf\Video\Fighter\SajahuEx.avi
c:\program files (x86)\dnf\Video\Fighter\ShoulderCharge.avi
c:\program files (x86)\dnf\Video\Fighter\ShoulderTackle.avi
c:\program files (x86)\dnf\Video\Fighter\SingleKick.avi
c:\program files (x86)\dnf\Video\Fighter\SlideGrab.avi
c:\program files (x86)\dnf\Video\Fighter\SlowDownPowerUp.avi
c:\program files (x86)\dnf\Video\Fighter\SpiralNen.avi
c:\program files (x86)\dnf\Video\Fighter\Spire.avi
c:\program files (x86)\dnf\Video\Fighter\Stomp.avi
c:\program files (x86)\dnf\Video\Fighter\StrongestLowKick.avi
c:\program files (x86)\dnf\Video\Fighter\SuperArmor.avi
c:\program files (x86)\dnf\Video\Fighter\Suplex.avi
c:\program files (x86)\dnf\Video\Fighter\SuplexCyclone.avi
c:\program files (x86)\dnf\Video\Fighter\SuplexCycloneEx.avi
c:\program files (x86)\dnf\Video\Fighter\ThrowEnemy.avi
c:\program files (x86)\dnf\Video\Fighter\ThrowSand.avi
c:\program files (x86)\dnf\Video\Fighter\ThrowWeb.avi
c:\program files (x86)\dnf\Video\Fighter\ThunderSuplex.avi
c:\program files (x86)\dnf\Video\Fighter\Typhoon.avi
c:\program files (x86)\dnf\Video\Fighter\VenomMine.avi
c:\program files (x86)\dnf\Video\Fighter\WhirlWindKick.avi
c:\program files (x86)\dnf\Video\Fighter\WildCannonSpike.avi
c:\program files (x86)\dnf\Video\Gunner\AerialGatling.avi
c:\program files (x86)\dnf\Video\Gunner\AerialKnee.avi
c:\program files (x86)\dnf\Video\Gunner\AirRaid.avi
c:\program files (x86)\dnf\Video\Gunner\AirRaidEx.avi
c:\program files (x86)\dnf\Video\Gunner\BlackRose.avi
c:\program files (x86)\dnf\Video\Gunner\BlizzardThrowerBoost.avi
c:\program files (x86)\dnf\Video\Gunner\BulletGuard.avi
c:\program files (x86)\dnf\Video\Gunner\C4Remote.avi
c:\program files (x86)\dnf\Video\Gunner\C4RemoteEx.avi
c:\program files (x86)\dnf\Video\Gunner\Camouflage.avi
c:\program files (x86)\dnf\Video\Gunner\CannonBall.avi
c:\program files (x86)\dnf\Video\Gunner\CounterShoot.avi
c:\program files (x86)\dnf\Video\Gunner\CrossShoot.avi
c:\program files (x86)\dnf\Video\Gunner\CrossShot.avi
c:\program files (x86)\dnf\Video\Gunner\Desperado.avi
c:\program files (x86)\dnf\Video\Gunner\DoubleGunhawk.avi
c:\program files (x86)\dnf\Video\Gunner\Extruder.avi
c:\program files (x86)\dnf\Video\Gunner\FastKnee.avi
c:\program files (x86)\dnf\Video\Gunner\FastShoot.avi
c:\program files (x86)\dnf\Video\Gunner\FlameBullet.avi
c:\program files (x86)\dnf\Video\Gunner\FlameThrower.avi
c:\program files (x86)\dnf\Video\Gunner\FlameThrowerBoost.avi
c:\program files (x86)\dnf\Video\Gunner\FlashMine.avi
c:\program files (x86)\dnf\Video\Gunner\FlashMineEx.avi
c:\program files (x86)\dnf\Video\Gunner\FreezeBulle.avi
c:\program files (x86)\dnf\Video\Gunner\FreezeBullet.avi
c:\program files (x86)\dnf\Video\Gunner\G1.avi
c:\program files (x86)\dnf\Video\Gunner\G2.avi
c:\program files (x86)\dnf\Video\Gunner\G3.avi
c:\program files (x86)\dnf\Video\Gunner\GaebolgPunch.avi
c:\program files (x86)\dnf\Video\Gunner\Gatling.avi
c:\program files (x86)\dnf\Video\Gunner\GrenadeLight.avi
c:\program files (x86)\dnf\Video\Gunner\GrenadeNone.avi
c:\program files (x86)\dnf\Video\Gunner\GrenadeWater.avi
c:\program files (x86)\dnf\Video\Gunner\GunnerJumpPowerUp.avi
c:\program files (x86)\dnf\Video\Gunner\HeadShot.avi
c:\program files (x86)\dnf\Video\Gunner\HighAngleSliding.avi
c:\program files (x86)\dnf\Video\Gunner\ImproveHitDelay.avi
c:\program files (x86)\dnf\Video\Gunner\ImprovePiercing.avi
c:\program files (x86)\dnf\Video\Gunner\LaserRifle.avi
c:\program files (x86)\dnf\Video\Gunner\LaserRifleCharge.avi
c:\program files (x86)\dnf\Video\Gunner\LiftShot.avi
c:\program files (x86)\dnf\Video\Gunner\MechaDrop.avi
c:\program files (x86)\dnf\Video\Gunner\MultiHeadShot.avi
c:\program files (x86)\dnf\Video\Gunner\MultiHeadShotEx.avi
c:\program files (x86)\dnf\Video\Gunner\NapalmBomb.avi
c:\program files (x86)\dnf\Video\Gunner\NielSniping.avi
c:\program files (x86)\dnf\Video\Gunner\Punisher.avi
c:\program files (x86)\dnf\Video\Gunner\RandomShoot.avi
c:\program files (x86)\dnf\Video\Gunner\RevolverCriticalDamageUp.avi
c:\program files (x86)\dnf\Video\Gunner\RobotExs.avi
c:\program files (x86)\dnf\Video\Gunner\RobotExsEx.avi
c:\program files (x86)\dnf\Video\Gunner\RobotEz8.avi
c:\program files (x86)\dnf\Video\Gunner\RobotEz8Ex.avi
c:\program files (x86)\dnf\Video\Gunner\Robotics.avi
c:\program files (x86)\dnf\Video\Gunner\RobotRX78.avi
c:\program files (x86)\dnf\Video\Gunner\RobotsExplosion.avi
c:\program files (x86)\dnf\Video\Gunner\RobotsExplosion2.avi
c:\program files (x86)\dnf\Video\Gunner\RobotTempester.avi
c:\program files (x86)\dnf\Video\Gunner\SatelliteLaser.avi
c:\program files (x86)\dnf\Video\Gunner\SilverBullet.avi
c:\program files (x86)\dnf\Video\Gunner\SparrowFactory.avi
c:\program files (x86)\dnf\Video\Gunner\StayOnJumpShoot.avi
c:\program files (x86)\dnf\Video\Gunner\SteyrHeavyRifle.avi
c:\program files (x86)\dnf\Video\Gunner\Stinger.avi
c:\program files (x86)\dnf\Video\Gunner\StingerEx.avi
c:\program files (x86)\dnf\Video\Gunner\SubWeaponStuckDown.avi
c:\program files (x86)\dnf\Video\Gunner\TripleClutch.avi
c:\program files (x86)\dnf\Video\Gunner\TurningShoot.avi
c:\program files (x86)\dnf\Video\Gunner\UraniumBomb.avi
c:\program files (x86)\dnf\Video\Gunner\WalkShoot.avi
c:\program files (x86)\dnf\Video\Gunner\Windmill.avi
c:\program files (x86)\dnf\Video\Mage\AcidCloud.avi
c:\program files (x86)\dnf\Video\Mage\AntiGravityStarter.avi
c:\program files (x86)\dnf\Video\Mage\AuraShield.avi
c:\program files (x86)\dnf\Video\Mage\Bellatrix.avi
c:\program files (x86)\dnf\Video\Mage\BlackHole.avi
c:\program files (x86)\dnf\Video\Mage\BlackMantle.avi
c:\program files (x86)\dnf\Video\Mage\BroomSpin.avi
c:\program files (x86)\dnf\Video\Mage\BroomSpinEx.avi
c:\program files (x86)\dnf\Video\Mage\ChaserAutoCreate.avi
c:\program files (x86)\dnf\Video\Mage\ChasersExplosion.avi
c:\program files (x86)\dnf\Video\Mage\ChillingPowder.avi
c:\program files (x86)\dnf\Video\Mage\DeathPowder.avi
c:\program files (x86)\dnf\Video\Mage\DisActiveStatus.avi
c:\program files (x86)\dnf\Video\Mage\Disenchant.avi
c:\program files (x86)\dnf\Video\Mage\DragonSpear.avi
c:\program files (x86)\dnf\Video\Mage\ElementalChain.avi
c:\program files (x86)\dnf\Video\Mage\ElementalShower.avi
c:\program files (x86)\dnf\Video\Mage\ElementalWeak.avi
c:\program files (x86)\dnf\Video\Mage\EnhancedMagicMissile.avi
c:\program files (x86)\dnf\Video\Mage\FlameStrike.avi
c:\program files (x86)\dnf\Video\Mage\FlameVolcanoVoid.avi
c:\program files (x86)\dnf\Video\Mage\FluoreCollider.avi
c:\program files (x86)\dnf\Video\Mage\FollowMe.avi
c:\program files (x86)\dnf\Video\Mage\FusionCraft.avi
c:\program files (x86)\dnf\Video\Mage\HalloweenBuster.avi
c:\program files (x86)\dnf\Video\Mage\HandStrike.avi
c:\program files (x86)\dnf\Video\Mage\HeatingFurnace.avi
c:\program files (x86)\dnf\Video\Mage\IceField.avi
c:\program files (x86)\dnf\Video\Mage\ImprovedShururu.avi
c:\program files (x86)\dnf\Video\Mage\LaunchBlackCat.avi
c:\program files (x86)\dnf\Video\Mage\LaunchFluorescent.avi
c:\program files (x86)\dnf\Video\Mage\LaunchFrostHead.avi
c:\program files (x86)\dnf\Video\Mage\LaunchJOL.avi
c:\program files (x86)\dnf\Video\Mage\LavaPotion.avi
c:\program files (x86)\dnf\Video\Mage\MagicalTempoUp.avi
c:\program files (x86)\dnf\Video\Mage\MagicMissile.avi
c:\program files (x86)\dnf\Video\Mage\MegaDrill.avi
c:\program files (x86)\dnf\Video\Mage\MpRegenRateUp.avi
c:\program files (x86)\dnf\Video\Mage\PokeThrow.avi
c:\program files (x86)\dnf\Video\Mage\ProvocationDoll.avi
c:\program files (x86)\dnf\Video\Mage\RandomPierceStrike.avi
c:\program files (x86)\dnf\Video\Mage\RandomPierceStrikeEx.avi
c:\program files (x86)\dnf\Video\Mage\SacrificeSpirit.avi
c:\program files (x86)\dnf\Video\Mage\SacrificeSpiritAttackDark.avi
c:\program files (x86)\dnf\Video\Mage\SacrificeSpiritAttackFire.avi
c:\program files (x86)\dnf\Video\Mage\SacrificeSpiritAttackLight.avi
c:\program files (x86)\dnf\Video\Mage\SacrificeSpiritAttackWater.avi
c:\program files (x86)\dnf\Video\Mage\StrengthHandStrike.avi
c:\program files (x86)\dnf\Video\Mage\SummonAuxo.avi
c:\program files (x86)\dnf\Video\Mage\SummonBabyDragon.avi
c:\program files (x86)\dnf\Video\Mage\SummonCasillas.avi
c:\program files (x86)\dnf\Video\Mage\SummonEcheverra.avi
c:\program files (x86)\dnf\Video\Mage\SummonHodor.avi
c:\program files (x86)\dnf\Video\Mage\SummonLuis.avi
c:\program files (x86)\dnf\Video\Mage\SummonMonsterReckless.avi
c:\program files (x86)\dnf\Video\Mage\SummonSandor.avi
c:\program files (x86)\dnf\Video\Mage\SummonSandorEx.avi
c:\program files (x86)\dnf\Video\Mage\SummonSpiritDark.avi
c:\program files (x86)\dnf\Video\Mage\SummonSpiritDarkEx.avi
c:\program files (x86)\dnf\Video\Mage\SummonSpiritDarkHigher.avi
c:\program files (x86)\dnf\Video\Mage\SummonSpiritFire.avi
c:\program files (x86)\dnf\Video\Mage\SummonSpiritFireEx.avi
c:\program files (x86)\dnf\Video\Mage\SummonSpiritFireHigher.avi
c:\program files (x86)\dnf\Video\Mage\SummonSpiritLight.avi
c:\program files (x86)\dnf\Video\Mage\SummonSpiritLightEx.avi
c:\program files (x86)\dnf\Video\Mage\SummonSpiritLightHigher.avi
c:\program files (x86)\dnf\Video\Mage\SummonSpiritWater.avi
c:\program files (x86)\dnf\Video\Mage\SummonSpiritWaterEx.avi
c:\program files (x86)\dnf\Video\Mage\SummonSpiritWaterHigher.avi
c:\program files (x86)\dnf\Video\Mage\SunBurst.avi
c:\program files (x86)\dnf\Video\Mage\SweetCandyBar.avi
c:\program files (x86)\dnf\Video\Mage\Swing.avi
c:\program files (x86)\dnf\Video\Mage\SwingEx.avi
c:\program files (x86)\dnf\Video\Mage\TargetIt.avi
c:\program files (x86)\dnf\Video\Mage\Thrust.avi
c:\program files (x86)\dnf\Video\Mage\ThunderStrike.avi
c:\program files (x86)\dnf\Video\Mage\TransformFlapper.avi
c:\program files (x86)\dnf\Video\Mage\TransformFlapperEx.avi
c:\program files (x86)\dnf\Video\Mage\UpperSwing.avi
c:\program files (x86)\dnf\Video\Mage\Void.avi
c:\program files (x86)\dnf\Video\Mage\WallOfIce.avi
c:\program files (x86)\dnf\Video\Mage\WallOfIceEx.avi
c:\program files (x86)\dnf\Video\Mage\WarpOnDamage.avi
c:\program files (x86)\dnf\Video\Mage\Whip.avi
c:\program files (x86)\dnf\Video\movie\NewCharacter_Cinematic.avi
c:\program files (x86)\dnf\Video\movie\timegate_intro.avi
c:\program files (x86)\dnf\Video\movie\timegate_outro.avi
c:\program files (x86)\dnf\Video\Priest\AirRadEx.avi
c:\program files (x86)\dnf\Video\Priest\AncientTrigger.avi
c:\program files (x86)\dnf\Video\Priest\AntiairUpper.avi
c:\program files (x86)\dnf\Video\Priest\Apocalypse.avi
c:\program files (x86)\dnf\Video\Priest\AtomicSmash.avi
c:\program files (x86)\dnf\Video\Priest\Awakening.avi
c:\program files (x86)\dnf\Video\Priest\BaekHo.avi
c:\program files (x86)\dnf\Video\Priest\BigBangPunch.avi
c:\program files (x86)\dnf\Video\Priest\BladeOfPureWhite.avi
c:\program files (x86)\dnf\Video\Priest\Bless.avi
c:\program files (x86)\dnf\Video\Priest\BlizzardThrowerBoost.avi
c:\program files (x86)\dnf\Video\Priest\BlueDragon.avi
c:\program files (x86)\dnf\Video\Priest\C4RemoteEx.avi
c:\program files (x86)\dnf\Video\Priest\ChakraOfCalmness.avi
c:\program files (x86)\dnf\Video\Priest\ChakraOfPassion.avi
c:\program files (x86)\dnf\Video\Priest\ChangeHpToMp.avi
c:\program files (x86)\dnf\Video\Priest\ChargeWeapon.avi
c:\program files (x86)\dnf\Video\Priest\ChoppingHammer.avi
c:\program files (x86)\dnf\Video\Priest\Cure.avi
c:\program files (x86)\dnf\Video\Priest\CuttingDarkness.avi
c:\program files (x86)\dnf\Video\Priest\DeflectWall.avi
c:\program files (x86)\dnf\Video\Priest\DeflectWallEx.avi
c:\program files (x86)\dnf\Video\Priest\DivineCrush.avi
c:\program files (x86)\dnf\Video\Priest\DivineLight.avi
c:\program files (x86)\dnf\Video\Priest\Ducking.avi
c:\program files (x86)\dnf\Video\Priest\DuckingBodyBlow.avi
c:\program files (x86)\dnf\Video\Priest\DuckingStraight.avi
c:\program files (x86)\dnf\Video\Priest\DuckingUpper.avi
c:\program files (x86)\dnf\Video\Priest\EarthQuake.avi
c:\program files (x86)\dnf\Video\Priest\EmblemOfSafeguard.avi
c:\program files (x86)\dnf\Video\Priest\EMPStorm.avi
c:\program files (x86)\dnf\Video\Priest\EnteringNirvana.avi
c:\program files (x86)\dnf\Video\Priest\Execution.avi
c:\program files (x86)\dnf\Video\Priest\FallingSoul.avi
c:\program files (x86)\dnf\Video\Priest\FastHeal.avi
c:\program files (x86)\dnf\Video\Priest\FastKnee.avi
c:\program files (x86)\dnf\Video\Priest\Fastmove.avi
c:\program files (x86)\dnf\Video\Priest\FlashGlobe.avi
c:\program files (x86)\dnf\Video\Priest\FlashGlobeEx.avi
c:\program files (x86)\dnf\Video\Priest\FlashMineEx.avi
c:\program files (x86)\dnf\Video\Priest\FountainOfLife.avi
c:\program files (x86)\dnf\Video\Priest\G0.avi
c:\program files (x86)\dnf\Video\Priest\GaleSmash.avi
c:\program files (x86)\dnf\Video\Priest\GiantSwing.avi
c:\program files (x86)\dnf\Video\Priest\GloriousBless.avi
c:\program files (x86)\dnf\Video\Priest\GorgeousCombination.avi
c:\program files (x86)\dnf\Video\Priest\GraspHandOfAnger.avi
c:\program files (x86)\dnf\Video\Priest\GrenadeNone.avi
c:\program files (x86)\dnf\Video\Priest\GrenadeWater.avi
c:\program files (x86)\dnf\Video\Priest\HammerOfContrition.avi
c:\program files (x86)\dnf\Video\Priest\HealWind.avi
c:\program files (x86)\dnf\Video\Priest\HeavenlyCombination.avi
c:\program files (x86)\dnf\Video\Priest\HeavenlyCombinationEx.avi
c:\program files (x86)\dnf\Video\Priest\Hedgehog.avi
c:\program files (x86)\dnf\Video\Priest\HighSpeedSlash.avi
c:\program files (x86)\dnf\Video\Priest\HolyCounter.avi
c:\program files (x86)\dnf\Video\Priest\HomeRun.avi
c:\program files (x86)\dnf\Video\Priest\HpMaxUpPersonal.avi
c:\program files (x86)\dnf\Video\Priest\HurricaneOfJudgement.avi
c:\program files (x86)\dnf\Video\Priest\HurricaneRoll.avi
c:\program files (x86)\dnf\Video\Priest\HyunMoo.avi
c:\program files (x86)\dnf\Video\Priest\HyunMooEx.avi
c:\program files (x86)\dnf\Video\Priest\Judgement.avi
c:\program files (x86)\dnf\Video\Priest\LuckyStraight.avi
c:\program files (x86)\dnf\Video\Priest\MachineGunJab.avi
c:\program files (x86)\dnf\Video\Priest\MachineGunJabEx.avi
c:\program files (x86)\dnf\Video\Priest\MultiHaedShotEx.avi
c:\program files (x86)\dnf\Video\Priest\NapalmBomb.avi
c:\program files (x86)\dnf\Video\Priest\OppressionTalisman.avi
c:\program files (x86)\dnf\Video\Priest\PowerOfDarkness.avi
c:\program files (x86)\dnf\Video\Priest\QuakeArea.avi
c:\program files (x86)\dnf\Video\Priest\RepeatedSmash.avi
c:\program files (x86)\dnf\Video\Priest\RepeatedSmashEx.avi
c:\program files (x86)\dnf\Video\Priest\RevengeOfLight.avi
c:\program files (x86)\dnf\Video\Priest\Ripper.avi
c:\program files (x86)\dnf\Video\Priest\RisingArea.avi
c:\program files (x86)\dnf\Video\Priest\RobotExsEx.avi
c:\program files (x86)\dnf\Video\Priest\RobotEz8Ex.avi
c:\program files (x86)\dnf\Video\Priest\SecondUpper.avi
c:\program files (x86)\dnf\Video\Priest\ShadowBoxer.avi
c:\program files (x86)\dnf\Video\Priest\Shikigami.avi
c:\program files (x86)\dnf\Video\Priest\Sidewind.avi
c:\program files (x86)\dnf\Video\Priest\SlowHeal.avi
c:\program files (x86)\dnf\Video\Priest\Smasher.avi
c:\program files (x86)\dnf\Video\Priest\SpearOfVictory.avi
c:\program files (x86)\dnf\Video\Priest\Spincutter.avi
c:\program files (x86)\dnf\Video\Priest\StingerEx.avi
c:\program files (x86)\dnf\Video\Priest\Striking.avi
c:\program files (x86)\dnf\Video\Priest\SubWeaponStuckDown.avi
c:\program files (x86)\dnf\Video\Priest\Sway.avi
c:\program files (x86)\dnf\Video\Priest\ThrowWeapon.avi
c:\program files (x86)\dnf\Video\Priest\ThunderboltTalisman.avi
c:\program files (x86)\dnf\Video\Priest\WillDriver.avi
c:\program files (x86)\dnf\Video\striker\AtFighter\7_1_721.avi
c:\program files (x86)\dnf\Video\striker\AtFighter\7_1_722.avi
c:\program files (x86)\dnf\Video\striker\AtFighter\7_1_723.avi
c:\program files (x86)\dnf\Video\striker\AtFighter\7_2_741.avi
c:\program files (x86)\dnf\Video\striker\AtFighter\7_2_742.avi
c:\program files (x86)\dnf\Video\striker\AtFighter\7_2_743.avi
c:\program files (x86)\dnf\Video\striker\AtFighter\7_3_761.avi
c:\program files (x86)\dnf\Video\striker\AtFighter\7_3_762.avi
c:\program files (x86)\dnf\Video\striker\AtFighter\7_3_763.avi
c:\program files (x86)\dnf\Video\striker\AtFighter\7_4_701.avi
c:\program files (x86)\dnf\Video\striker\AtFighter\7_4_702.avi
c:\program files (x86)\dnf\Video\striker\AtFighter\7_4_703.avi
c:\program files (x86)\dnf\Video\striker\AtGunner\5_1_521.avi
c:\program files (x86)\dnf\Video\striker\AtGunner\5_1_522.avi
c:\program files (x86)\dnf\Video\striker\AtGunner\5_1_523.avi
c:\program files (x86)\dnf\Video\striker\AtGunner\5_2_502.avi
c:\program files (x86)\dnf\Video\striker\AtGunner\5_2_503.avi
c:\program files (x86)\dnf\Video\striker\AtGunner\5_2_504.avi
c:\program files (x86)\dnf\Video\striker\AtGunner\5_3_541.avi
c:\program files (x86)\dnf\Video\striker\AtGunner\5_3_542.avi
c:\program files (x86)\dnf\Video\striker\AtGunner\5_3_543.avi
c:\program files (x86)\dnf\Video\striker\AtGunner\5_4_562.avi
c:\program files (x86)\dnf\Video\striker\AtGunner\5_4_563.avi
c:\program files (x86)\dnf\Video\striker\AtGunner\5_4_564.avi
c:\program files (x86)\dnf\Video\striker\AtMage\8_1_821.avi
c:\program files (x86)\dnf\Video\striker\AtMage\8_1_822.avi
c:\program files (x86)\dnf\Video\striker\AtMage\8_1_823.avi
c:\program files (x86)\dnf\Video\striker\AtMage\8_2_801.avi
c:\program files (x86)\dnf\Video\striker\AtMage\8_2_802.avi
c:\program files (x86)\dnf\Video\striker\AtMage\8_2_803.avi
c:\program files (x86)\dnf\Video\striker\Fighter\1_1_121.avi
c:\program files (x86)\dnf\Video\striker\Fighter\1_1_122.avi
c:\program files (x86)\dnf\Video\striker\Fighter\1_1_123.avi
c:\program files (x86)\dnf\Video\striker\Fighter\1_2_141.avi
c:\program files (x86)\dnf\Video\striker\Fighter\1_2_142.avi
c:\program files (x86)\dnf\Video\striker\Fighter\1_2_143.avi
c:\program files (x86)\dnf\Video\striker\Fighter\1_3_161.avi
c:\program files (x86)\dnf\Video\striker\Fighter\1_3_162.avi
c:\program files (x86)\dnf\Video\striker\Fighter\1_3_163.avi
c:\program files (x86)\dnf\Video\striker\Fighter\1_4_101.avi
c:\program files (x86)\dnf\Video\striker\Fighter\1_4_102.avi
c:\program files (x86)\dnf\Video\striker\Fighter\1_4_103.avi
c:\program files (x86)\dnf\Video\striker\Gunner\2_1_221.avi
c:\program files (x86)\dnf\Video\striker\Gunner\2_1_222.avi
c:\program files (x86)\dnf\Video\striker\Gunner\2_1_223.avi
c:\program files (x86)\dnf\Video\striker\Gunner\2_2_202.avi
c:\program files (x86)\dnf\Video\striker\Gunner\2_2_203.avi
c:\program files (x86)\dnf\Video\striker\Gunner\2_2_204.avi
c:\program files (x86)\dnf\Video\striker\Gunner\2_3_241.avi
c:\program files (x86)\dnf\Video\striker\Gunner\2_3_242.avi
c:\program files (x86)\dnf\Video\striker\Gunner\2_3_243.avi
c:\program files (x86)\dnf\Video\striker\Gunner\2_4_262.avi
c:\program files (x86)\dnf\Video\striker\Gunner\2_4_263.avi
c:\program files (x86)\dnf\Video\striker\Gunner\2_4_264.avi
c:\program files (x86)\dnf\Video\striker\Mage\3_1_361.avi
c:\program files (x86)\dnf\Video\striker\Mage\3_1_362.avi
c:\program files (x86)\dnf\Video\striker\Mage\3_1_363.avi
c:\program files (x86)\dnf\Video\striker\Mage\3_2_341.avi
c:\program files (x86)\dnf\Video\striker\Mage\3_2_342.avi
c:\program files (x86)\dnf\Video\striker\Mage\3_2_343.avi
c:\program files (x86)\dnf\Video\striker\Mage\3_3_321.avi
c:\program files (x86)\dnf\Video\striker\Mage\3_3_322.avi
c:\program files (x86)\dnf\Video\striker\Mage\3_3_323.avi
c:\program files (x86)\dnf\Video\striker\Mage\3_4_302.avi
c:\program files (x86)\dnf\Video\striker\Mage\3_4_303.avi
c:\program files (x86)\dnf\Video\striker\Mage\3_4_304.avi
c:\program files (x86)\dnf\Video\striker\Priest\4_1_441.avi
c:\program files (x86)\dnf\Video\striker\Priest\4_1_442.avi
c:\program files (x86)\dnf\Video\striker\Priest\4_1_443.avi
c:\program files (x86)\dnf\Video\striker\Priest\4_1_444.avi
c:\program files (x86)\dnf\Video\striker\Priest\4_2_421.avi
c:\program files (x86)\dnf\Video\striker\Priest\4_2_422.avi
c:\program files (x86)\dnf\Video\striker\Priest\4_2_423.avi
c:\program files (x86)\dnf\Video\striker\Priest\4_3_461.avi
c:\program files (x86)\dnf\Video\striker\Priest\4_3_462.avi
c:\program files (x86)\dnf\Video\striker\Priest\4_3_464.avi
c:\program files (x86)\dnf\Video\striker\Priest\4_3_465.avi
c:\program files (x86)\dnf\Video\striker\Priest\4_3_466.avi
c:\program files (x86)\dnf\Video\striker\Priest\4_4_401.avi
c:\program files (x86)\dnf\Video\striker\Priest\4_4_402.avi
c:\program files (x86)\dnf\Video\striker\Priest\4_4_403.avi
c:\program files (x86)\dnf\Video\striker\Swordman\0_1_61.avi
c:\program files (x86)\dnf\Video\striker\Swordman\0_1_62.avi
c:\program files (x86)\dnf\Video\striker\Swordman\0_1_63.avi
c:\program files (x86)\dnf\Video\striker\Swordman\0_2_21.avi
c:\program files (x86)\dnf\Video\striker\Swordman\0_2_22.avi
c:\program files (x86)\dnf\Video\striker\Swordman\0_2_23.avi
c:\program files (x86)\dnf\Video\striker\Swordman\0_3_1.avi
c:\program files (x86)\dnf\Video\striker\Swordman\0_3_2.avi
c:\program files (x86)\dnf\Video\striker\Swordman\0_3_3.avi
c:\program files (x86)\dnf\Video\striker\Swordman\0_4_41.avi
c:\program files (x86)\dnf\Video\striker\Swordman\0_4_42.avi
c:\program files (x86)\dnf\Video\striker\Swordman\0_4_43.avi
c:\program files (x86)\dnf\Video\striker\Thief\6_1_601.avi
c:\program files (x86)\dnf\Video\striker\Thief\6_1_602.avi
c:\program files (x86)\dnf\Video\striker\Thief\6_1_604.avi
c:\program files (x86)\dnf\Video\striker\Thief\6_2_621.avi
c:\program files (x86)\dnf\Video\striker\Thief\6_2_622.avi
c:\program files (x86)\dnf\Video\striker\Thief\6_2_623.avi
c:\program files (x86)\dnf\Video\Swordman\AshenFork.avi
c:\program files (x86)\dnf\Video\Swordman\AutoGuard.avi
c:\program files (x86)\dnf\Video\Swordman\BackStepCutter.avi
c:\program files (x86)\dnf\Video\Swordman\Blache.avi
c:\program files (x86)\dnf\Video\Swordman\BloodBlast.avi
c:\program files (x86)\dnf\Video\Swordman\BloodBlastEx.avi
c:\program files (x86)\dnf\Video\Swordman\BloodyRave.avi
c:\program files (x86)\dnf\Video\Swordman\Bremen.avi
c:\program files (x86)\dnf\Video\Swordman\ChargeCrash.avi
c:\program files (x86)\dnf\Video\Swordman\ChargeCrashEx.avi
c:\program files (x86)\dnf\Video\Swordman\DarkToleranceUp.avi
c:\program files (x86)\dnf\Video\Swordman\DashAttackMultiHit.avi
c:\program files (x86)\dnf\Video\Swordman\DieHard.avi
c:\program files (x86)\dnf\Video\Swordman\DOTArea.avi
c:\program files (x86)\dnf\Video\Swordman\EpidemicRasa.avi
c:\program files (x86)\dnf\Video\Swordman\FireWave.avi
c:\program files (x86)\dnf\Video\Swordman\FireWaveEx.avi
c:\program files (x86)\dnf\Video\Swordman\Frenzy.avi
c:\program files (x86)\dnf\Video\Swordman\GhostStep.avi
c:\program files (x86)\dnf\Video\Swordman\GhostStepSlash.avi
c:\program files (x86)\dnf\Video\Swordman\GoreCross.avi
c:\program files (x86)\dnf\Video\Swordman\GrabBlastBlood.avi
c:\program files (x86)\dnf\Video\Swordman\GrabBlastBloodEx.avi
c:\program files (x86)\dnf\Video\Swordman\GrandWave.avi
c:\program files (x86)\dnf\Video\Swordman\GrandWaveCharge.avi
c:\program files (x86)\dnf\Video\Swordman\Guard.avi
c:\program files (x86)\dnf\Video\Swordman\HardAttack.avi
c:\program files (x86)\dnf\Video\Swordman\HardAttackCharge.avi
c:\program files (x86)\dnf\Video\Swordman\Hellbenter.avi
c:\program files (x86)\dnf\Video\Swordman\HitBack.avi
c:\program files (x86)\dnf\Video\Swordman\HopSmash.avi
c:\program files (x86)\dnf\Video\Swordman\HundredSword.avi
c:\program files (x86)\dnf\Video\Swordman\IceWave.avi
c:\program files (x86)\dnf\Video\Swordman\IceWaveEx.avi
c:\program files (x86)\dnf\Video\Swordman\IllusionSlash.avi
c:\program files (x86)\dnf\Video\Swordman\JumpAttackMulti.avi
c:\program files (x86)\dnf\Video\Swordman\Kalla.avi
c:\program files (x86)\dnf\Video\Swordman\Keiga.avi
c:\program files (x86)\dnf\Video\Swordman\Khazan.avi
c:\program files (x86)\dnf\Video\Swordman\MindFlash.avi
c:\program files (x86)\dnf\Video\Swordman\MomentarySlash.avi
c:\program files (x86)\dnf\Video\Swordman\MomentarySlashEx.avi
c:\program files (x86)\dnf\Video\Swordman\MoonlightSlash.avi
c:\program files (x86)\dnf\Video\Swordman\NormalWave.avi
c:\program files (x86)\dnf\Video\Swordman\OutRageBreak.avi
c:\program files (x86)\dnf\Video\Swordman\OverDrive.avi
c:\program files (x86)\dnf\Video\Swordman\RapidMoveSlash.avi
c:\program files (x86)\dnf\Video\Swordman\Reckless.avi
c:\program files (x86)\dnf\Video\Swordman\ReflectGuard.avi
c:\program files (x86)\dnf\Video\Swordman\ReleaseWave.avi
c:\program files (x86)\dnf\Video\Swordman\Saya.avi
c:\program files (x86)\dnf\Video\Swordman\SayaEx.avi
c:\program files (x86)\dnf\Video\Swordman\ShockWaveArea.avi
c:\program files (x86)\dnf\Video\Swordman\StandAloneWave.avi
c:\program files (x86)\dnf\Video\Swordman\TombStoneRain.avi
c:\program files (x86)\dnf\Video\Swordman\TombStoneRainEx.avi
c:\program files (x86)\dnf\Video\Swordman\TripleSlash.avi
c:\program files (x86)\dnf\Video\Swordman\UpperSlash.avi
c:\program files (x86)\dnf\Video\Swordman\VaneSlash.avi
c:\program files (x86)\dnf\Video\Swordman\WaveEye.avi
c:\program files (x86)\dnf\Video\Swordman\WaveMark.avi
c:\program files (x86)\dnf\Video\Swordman\WaveSpinArea.avi
c:\program files (x86)\dnf\Video\Swordman\WeaponCombo.avi
c:\program files (x86)\dnf\Video\Teaser\120725_DnF_NewCharacter_Cinematic.avi
c:\program files (x86)\dnf\Video\Teaser\DNF_DarkNight_Intro_0726_0809.avi
c:\program files (x86)\dnf\Video\Teaser\DnF_Time_Promotion_0628_0726.avi
c:\program files (x86)\dnf\Video\Teaser\Teaser.avi
c:\program files (x86)\dnf\Video\Thief\AerialJump.avi
c:\program files (x86)\dnf\Video\Thief\AmbitionOfBallacre.avi
c:\program files (x86)\dnf\Video\Thief\AnkleCut.avi
c:\program files (x86)\dnf\Video\Thief\ApportBallacre.avi
c:\program files (x86)\dnf\Video\Thief\BlameOfDead.avi
c:\program files (x86)\dnf\Video\Thief\BlameOfDeadEx.avi
c:\program files (x86)\dnf\Video\Thief\BoneShield.avi
c:\program files (x86)\dnf\Video\Thief\BreakingRush.avi
c:\program files (x86)\dnf\Video\Thief\ChainSaw.avi
c:\program files (x86)\dnf\Video\Thief\ChainSawEx.avi
c:\program files (x86)\dnf\Video\Thief\CurseSpear.avi
c:\program files (x86)\dnf\Video\Thief\DarkLure.avi
c:\program files (x86)\dnf\Video\Thief\DarkNail.avi
c:\program files (x86)\dnf\Video\Thief\DarkRitual.avi
c:\program files (x86)\dnf\Video\Thief\DarkSoul.avi
c:\program files (x86)\dnf\Video\Thief\DivingArrow.avi
c:\program files (x86)\dnf\Video\Thief\DoublePierce.avi
c:\program files (x86)\dnf\Video\Thief\Eraser.avi
c:\program files (x86)\dnf\Video\Thief\ExcelStrike.avi
c:\program files (x86)\dnf\Video\Thief\FlameCut.avi
c:\program files (x86)\dnf\Video\Thief\FlyingSquirrel.avi
c:\program files (x86)\dnf\Video\Thief\Guillotine.avi
c:\program files (x86)\dnf\Video\Thief\Hurricane.avi
c:\program files (x86)\dnf\Video\Thief\LightningArrow.avi
c:\program files (x86)\dnf\Video\Thief\NicolasBehavior.avi
c:\program files (x86)\dnf\Video\Thief\NicolasBlackArea.avi
c:\program files (x86)\dnf\Video\Thief\NicolasBlackArea.skl.avi
c:\program files (x86)\dnf\Video\Thief\NicolasBlackWave.avi
c:\program files (x86)\dnf\Video\Thief\NicolasBlackWaveEx.avi
c:\program files (x86)\dnf\Video\Thief\NicolasSummonZombie.avi
c:\program files (x86)\dnf\Video\Thief\Phantomstrom.avi
c:\program files (x86)\dnf\Video\Thief\RisingCut.avi
c:\program files (x86)\dnf\Video\Thief\ShadowCut.avi
c:\program files (x86)\dnf\Video\Thief\ShiningCut.avi
c:\program files (x86)\dnf\Video\Thief\Shuriken.avi
c:\program files (x86)\dnf\Video\Thief\SideStep.avi
c:\program files (x86)\dnf\Video\Thief\SilverStream.avi
c:\program files (x86)\dnf\Video\Thief\SkinTakeOff.avi
c:\program files (x86)\dnf\Video\Thief\Slicer.avi
c:\program files (x86)\dnf\Video\Thief\SonicAssault.avi
c:\program files (x86)\dnf\Video\Thief\SummonNicolas.avi
c:\program files (x86)\dnf\Video\Thief\VanditCut.avi
c:\program files (x86)\dnf\Video\Thief\VerticalSpiral.avi
c:\program files (x86)\dnf\Video\Thief\VerticalSpiralEx.avi

 

[Konishi]

((((((((((((((((((((((((( Files Created from 2012-07-08 to 2012-08-08 )))))))))))))))))))))))))))))))
.
.
2012-08-08 19:27 . 2012-08-08 19:27--------d-----w-c:\users\Public\AppData\Local\temp
2012-08-08 19:27 . 2012-08-08 19:27--------d-----w-c:\users\Default\AppData\Local\temp
2012-08-07 15:19 . 2012-08-07 15:19--------d-----w-c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-07 15:19 . 2012-07-03 16:4624904----a-w-c:\windows\system32\drivers\mbam.sys
2012-08-07 15:06 . 2012-07-03 16:21355856----a-w-c:\windows\system32\drivers\aswSP.sys
2012-08-07 15:06 . 2012-07-03 16:2125232----a-w-c:\windows\system32\drivers\aswFsBlk.sys
2012-08-07 15:06 . 2012-07-03 16:2154072----a-w-c:\windows\system32\drivers\aswRdr2.sys
2012-08-07 15:06 . 2012-07-03 16:2159728----a-w-c:\windows\system32\drivers\aswTdi.sys
2012-08-07 15:06 . 2012-07-03 16:21958400----a-w-c:\windows\system32\drivers\aswSnx.sys
2012-08-07 15:06 . 2012-07-03 16:2171064----a-w-c:\windows\system32\drivers\aswMonFlt.sys
2012-08-07 15:06 . 2012-07-03 16:2141224----a-w-c:\windows\avastSS.scr
2012-08-07 15:06 . 2012-07-03 16:21227648----a-w-c:\windows\SysWow64\aswBoot.exe
2012-08-06 21:04 . 2012-08-08 14:26282696----a-w-c:\windows\SysWow64\PnkBstrB.exe
2012-08-06 21:04 . 2012-08-07 17:49282696----a-w-c:\windows\SysWow64\PnkBstrB.ex0
2012-08-06 21:04 . 2012-08-06 21:0476888----a-w-c:\windows\SysWow64\PnkBstrA.exe
2012-08-02 03:54 . 2012-07-03 16:21285328----a-w-c:\windows\system32\aswBoot.exe
2012-08-02 03:53 . 2012-08-07 15:06--------d-----w-c:\programdata\AVAST Software
2012-08-02 03:53 . 2012-08-07 15:06--------d-----w-c:\program files\AVAST Software
2012-08-02 02:16 . 2012-08-02 02:16--------d-----w-c:\program files (x86)\Trend Micro
2012-07-25 04:10 . 2012-07-27 22:15--------d-----w-c:\programdata\paltiosoft
2012-07-25 00:43 . 2012-07-25 00:43--------d-----w-c:\users\Konishi\AppData\Roaming\Nitroplus
2012-07-23 05:55 . 2012-07-23 05:55--------d-----w-c:\users\Konishi\AppData\Local\Chromium
2012-07-23 02:22 . 2012-07-27 21:56--------d-----w-c:\program files (x86)\Rockstar Games
2012-07-23 02:21 . 2012-07-23 02:21--------d-----w-c:\programdata\Rockstar Games
2012-07-19 08:10 . 2012-06-27 09:44166792----a-w-c:\windows\system32\drivers\klb64mkd.sys
2012-07-19 02:56 . 2009-03-18 20:3533856---ha-w-c:\windows\system32\hamachi.sys
2012-07-18 22:34 . 2012-08-02 03:34--------d-----w-c:\users\Konishi\AppData\Local\LogMeIn Hamachi
2012-07-14 00:41 . 2012-08-08 14:26282696----a-w-c:\windows\SysWow64\PnkBstrB.xtr
2012-07-14 00:12 . 2012-07-16 02:03--------d-----w-c:\users\Konishi\AppData\Local\Ubisoft Game Launcher
2012-07-13 22:50 . 2012-07-13 22:50--------d-----w-c:\users\Konishi\AppData\Roaming\Ubisoft
2012-07-13 22:46 . 2012-07-13 22:58--------d-----w-c:\program files (x86)\Ubisoft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-08 04:28 . 2012-07-08 04:28560184----a-w-c:\windows\system32\drivers\sptd.sys
2012-06-22 06:54 . 2012-06-22 06:5519736----a-w-c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-06-20 15:28 . 2012-06-27 20:364145600----a-w-c:\windows\SysWow64\GameMon.des
2012-05-18 03:03 . 2012-05-18 03:03772552----a-w-c:\windows\SysWow64\npDeployJava1.dll
2012-05-14 19:46 . 2012-05-14 19:4511174400----a-w-c:\windows\system32\drivers\atikmdag.sys
2012-05-14 19:45 . 2012-05-14 19:457431680----a-w-c:\windows\system32\atiumd64.dll
2012-05-14 19:45 . 2012-05-14 19:4543520----a-w-c:\windows\SysWow64\ati2edxx.dll
2012-05-14 19:45 . 2012-05-14 19:4541984----a-w-c:\windows\system32\atig6txx.dll
2012-05-14 19:45 . 2011-12-06 02:1864000----a-w-c:\windows\system32\coinst.dll
2012-05-14 19:45 . 2012-05-14 19:4533280----a-w-c:\windows\SysWow64\atigktxx.dll
2012-05-14 19:45 . 2011-12-06 02:1154784----a-w-c:\windows\system32\atiuxp64.dll
2012-05-14 19:45 . 2012-05-14 19:451831424----a-w-c:\windows\SysWow64\atiumdmv.dll
2012-05-14 19:45 . 2012-05-14 19:4514848----a-w-c:\windows\SysWow64\atiglpxx.dll
2012-05-14 19:45 . 2012-05-14 19:4514848----a-w-c:\windows\system32\atiglpxx.dll
2012-05-14 19:45 . 2012-05-14 19:454731904----a-w-c:\windows\system32\atiumd6a.dll
2012-05-14 19:45 . 2012-05-14 19:45120320----a-w-c:\windows\system32\atitmm64.dll
2012-05-14 19:45 . 2012-05-14 19:45360448----a-w-c:\windows\SysWow64\atiadlxy.dll
2012-05-14 19:45 . 2012-05-14 19:4519753984----a-w-c:\windows\SysWow64\atioglxx.dll
2012-05-14 19:45 . 2012-05-14 19:4554784----a-w-c:\windows\system32\atimpc64.dll
2012-05-14 19:45 . 2012-05-14 19:4554784----a-w-c:\windows\system32\amdpcom64.dll
2012-05-14 19:45 . 2012-05-14 19:4553248----a-w-c:\windows\system32\drivers\ati2erec.dll
2012-05-14 19:45 . 2011-12-06 03:17909312----a-w-c:\windows\SysWow64\aticfx32.dll
2012-05-14 19:45 . 2012-05-14 19:4553760----a-w-c:\windows\SysWow64\atimpc32.dll
2012-05-14 19:45 . 2012-05-14 19:4553760----a-w-c:\windows\SysWow64\amdpcom32.dll
2012-05-14 19:45 . 2012-05-14 19:451120768----a-w-c:\windows\system32\atiumd6v.dll
2012-05-14 19:45 . 2009-08-18 05:267479296----a-w-c:\windows\system32\atidxx64.dll
2012-05-14 19:45 . 2012-05-14 19:4526181632----a-w-c:\windows\system32\atio6axx.dll
2012-05-14 19:45 . 2011-12-06 02:1132256----a-w-c:\windows\SysWow64\atiu9pag.dll
2012-05-14 19:45 . 2011-12-06 03:066800896----a-w-c:\windows\SysWow64\atidxx32.dll
2012-05-14 19:45 . 2012-05-14 19:45236544----a-w-c:\windows\system32\atiesrxx.exe
2012-05-14 19:45 . 2012-05-14 19:45442368----a-w-c:\windows\system32\ATIDEMGX.dll
2012-05-14 19:45 . 2011-12-06 03:161067520----a-w-c:\windows\system32\aticfx64.dll
2012-05-14 19:45 . 2011-12-06 02:336203392----a-w-c:\windows\SysWow64\atiumdag.dll
2012-05-14 19:45 . 2012-05-14 19:4544544----a-w-c:\windows\system32\aticalcl64.dll
2012-05-14 19:45 . 2012-05-14 19:4513764096----a-w-c:\windows\SysWow64\aticaldd.dll
2012-05-14 19:45 . 2012-05-14 19:4416090624----a-w-c:\windows\system32\aticaldd64.dll
2012-05-14 19:45 . 2012-05-14 19:45343040----a-w-c:\windows\system32\drivers\atikmpag.sys
2012-05-14 19:45 . 2011-12-06 02:284795904----a-w-c:\windows\SysWow64\atiumdva.dll
2012-05-14 19:45 . 2012-05-14 19:4517408----a-w-c:\windows\system32\atig6pxx.dll
2012-05-14 19:45 . 2012-05-14 19:4551200----a-w-c:\windows\system32\aticalrt64.dll
2012-05-14 19:45 . 2012-05-14 19:4546080----a-w-c:\windows\SysWow64\aticalrt.dll
2012-05-14 19:44 . 2012-05-14 19:44503808----a-w-c:\windows\system32\atieclxx.exe
2012-05-14 19:44 . 2012-05-14 19:4444544----a-w-c:\windows\system32\atiu9p64.dll
2012-05-14 19:44 . 2012-05-14 19:4421504----a-w-c:\windows\system32\atimuixx.dll
2012-05-14 19:44 . 2012-05-14 19:44159744----a-w-c:\windows\system32\atiapfxx.exe
2012-05-14 19:44 . 2012-05-14 19:4495760----a-w-c:\windows\system32\drivers\AtihdW76.sys
2012-05-14 19:44 . 2012-05-14 19:4444032----a-w-c:\windows\SysWow64\aticalcl.dll
2012-05-14 19:44 . 2011-12-06 02:1141984----a-w-c:\windows\SysWow64\atiuxpag.dll
2012-05-14 19:44 . 2012-05-14 19:4459392----a-w-c:\windows\system32\atiedu64.dll
2012-05-14 19:44 . 2012-05-14 19:44514560----a-w-c:\windows\system32\atiadlxx.dll
2012-05-13 17:27 . 2012-02-13 23:1657848688----a-w-c:\windows\system32\MRT.exe
2012-05-13 10:06 . 2012-05-11 09:3770304----a-w-c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-13 10:06 . 2012-04-13 01:45419488----a-w-c:\windows\SysWow64\FlashPlayerApp.exe
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security PackagesREG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 biafagiz;i8042 Keyboard and PS/2 Mouse Port Helper;c:\windows\System32\svchost.exe [2009-07-14 27136]
R3 dfmirage;dfmirage;c:\windows\system32\DRIVERS\dfmirage.sys [2008-03-26 36432]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 Mkd2Bthf;Mkd2Bthf;c:\windows\system32\drivers\Mkd2Bthf.sys [2012-03-07 98040]
R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2012-03-07 107768]
R3 Mkd3kfNt;Mkd3kfNt;c:\windows\system32\drivers\Mkd3kfNt.sys [2012-03-07 183544]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-05-30 736104]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Servico de Tecnologias de Ativacao do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-14 1255736]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-05-14 236544]
R4 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-04-06 361984]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-25 283200]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 pcapsvc;ProxyCap Service;c:\program files\Proxy Labs\ProxyCap\pcapsvc.exe [2010-09-18 635904]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-05-14 11174400]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-05-14 343040]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 95760]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
biafagiz
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-989966592-1269749742-2495231924-1001Core.job
- c:\users\Konishi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-08 09:02]
.
2012-08-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-989966592-1269749742-2495231924-1001UA.job
- c:\users\Konishi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-08 09:02]
.
.

 

[Konishi]

--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21133400----a-w-c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ProxyCap"="c:\progra~1\PROXYL~1\ProxyCap\pcapui.exe" [2010-09-18 689664]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
filemon701
iAimTV5
CTSYN
rnadirmultiplexor
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://df.nexon.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
LSP: pcapwsp.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Konishi\AppData\Roaming\Mozilla\Firefox\Profiles\f8n672gz.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Notify-ecojink - c:\windows\system32\config\systemprofile\AppData\Local\ecojink.dll
SafeBoot-33219741.sys
SafeBoot-81024271.sys
AddRemove-DNF - c:\program files (x86)\DNF\NeopleLauncher.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e8,44,55,a8,6f,77,c8,40,aa,5f,d5,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e8,44,55,a8,6f,77,c8,40,aa,5f,d5,\
.
[HKEY_USERS\S-1-5-21-989966592-1269749742-2495231924-1001\Software\Gabest\Media Player Classic\Settings\PnSPresets]
@DACL=(02 0000)
"Preset0"="Scale to 16:9 TV,0.500,0.500,1.000,1.333"
"Preset1"="Zoom To Widescreen,0.500,0.500,1.333,1.333"
"Preset2"="Zoom To Ultra-Widescreen,0.500,0.500,1.763,1.763"
.
[HKEY_USERS\S-1-5-21-989966592-1269749742-2495231924-1001\Software\Microsoft\Installer\Products\8B1A8551330FB1445BD66E56F2BAC9C9\SourceList\Media]
@DACL=(02 0000)
"1"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\05C3E32DC552CD7468DDAB40951FE14C\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="Microsoft's Silverlight Installation [1]"
"100"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\1D034B0FAA6BD374B960AAD30DF10D8B\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"="DISK1;1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\29EA0FB2CB3C21140966516443B2F1EA\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"="DISK1;1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\5FD2CD3CCAFE55040901137F5C54DDE9\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"="DISK1;1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\80803434A180D0C47BCC060100103810\SourceList\Media]
@DACL=(02 0000)
"1"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\80803434A180D0C47BCC060100103820\SourceList\Media]
@DACL=(02 0000)
"1"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\8B78C05791FAC3C47B19059D8CA35E27\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"="DISK1;1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\B76A10F976D7F284D9F45D89A044F04D\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"="DISK1;1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\c1c4f01781cc94c4c8fb1542c0981a2a\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"2"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"3"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"4"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"5"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"6"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"7"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"8"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"9"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"10"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"11"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\CFD2C1F142D260E3CB8B271543DA9F98\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\D20352A90C039D93DBF6126ECE614057\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\D7314F9862C648A4DB8BE2A5B47BE100\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="Microsoft's Silverlight Installation [1]"
"1"=";1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\E46CD460F2A7FDF45B893E0C47B7BBC9\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"="DISK1;1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\EFEE0228DC83E77358593193D847A0EC\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-08-08 16:29:34
ComboFix-quarantined-files.txt 2012-08-08 19:29
.
Pre-Run: 102.966.128.640 bytes disponiveis
Post-Run: 102.939.639.808 bytes disponiveis
.
- - End Of File - - A8CAF4C49FB89504E6133C1DF86A292E

 

[Broni]

1. Please open Notepad (Start>All Programs>Accessories>Notepad).

2. Now copy/paste the entire content of the codebox below into the Notepad window:

File::

NetSvc::
biafagiz

Driver::
biafagiz

Registry::

ClearJavaCache::

3. Save the above as CFScript.txt

4. Close/disable all anti virus and anti malware programs again, so they do not interfere with the running of ComboFix.

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:

• Combofix.txt

 

[Konishi]

ComboFix 12-08-08.01 - Konishi 08/08/2012 17:46:40.6.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.949.82.1046.18.4095.2490 [GMT -3:00]
Running from: c:\users\Konishi\Desktop\ComboFix.exe
Command switches used :: c:\users\Konishi\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_biafagiz
.
.
((((((((((((((((((((((((( Files Created from 2012-07-08 to 2012-08-08 )))))))))))))))))))))))))))))))
.
.
2012-08-08 20:52 . 2012-08-08 20:52--------d-----w-c:\users\Public\AppData\Local\temp
2012-08-08 20:52 . 2012-08-08 20:52--------d-----w-c:\users\Default\AppData\Local\temp
2012-08-07 15:19 . 2012-08-07 15:19--------d-----w-c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-07 15:19 . 2012-07-03 16:4624904----a-w-c:\windows\system32\drivers\mbam.sys
2012-08-07 15:06 . 2012-07-03 16:21355856----a-w-c:\windows\system32\drivers\aswSP.sys
2012-08-07 15:06 . 2012-07-03 16:2125232----a-w-c:\windows\system32\drivers\aswFsBlk.sys
2012-08-07 15:06 . 2012-07-03 16:2154072----a-w-c:\windows\system32\drivers\aswRdr2.sys
2012-08-07 15:06 . 2012-07-03 16:2159728----a-w-c:\windows\system32\drivers\aswTdi.sys
2012-08-07 15:06 . 2012-07-03 16:21958400----a-w-c:\windows\system32\drivers\aswSnx.sys
2012-08-07 15:06 . 2012-07-03 16:2171064----a-w-c:\windows\system32\drivers\aswMonFlt.sys
2012-08-07 15:06 . 2012-07-03 16:2141224----a-w-c:\windows\avastSS.scr
2012-08-07 15:06 . 2012-07-03 16:21227648----a-w-c:\windows\SysWow64\aswBoot.exe
2012-08-06 21:04 . 2012-08-08 19:53282696----a-w-c:\windows\SysWow64\PnkBstrB.exe
2012-08-06 21:04 . 2012-08-08 14:26282696----a-w-c:\windows\SysWow64\PnkBstrB.ex0
2012-08-06 21:04 . 2012-08-06 21:0476888----a-w-c:\windows\SysWow64\PnkBstrA.exe
2012-08-02 03:54 . 2012-07-03 16:21285328----a-w-c:\windows\system32\aswBoot.exe
2012-08-02 03:53 . 2012-08-07 15:06--------d-----w-c:\programdata\AVAST Software
2012-08-02 03:53 . 2012-08-07 15:06--------d-----w-c:\program files\AVAST Software
2012-08-02 02:16 . 2012-08-02 02:16--------d-----w-c:\program files (x86)\Trend Micro
2012-07-25 04:10 . 2012-07-27 22:15--------d-----w-c:\programdata\paltiosoft
2012-07-25 00:43 . 2012-07-25 00:43--------d-----w-c:\users\Konishi\AppData\Roaming\Nitroplus
2012-07-23 05:55 . 2012-07-23 05:55--------d-----w-c:\users\Konishi\AppData\Local\Chromium
2012-07-23 02:22 . 2012-07-27 21:56--------d-----w-c:\program files (x86)\Rockstar Games
2012-07-23 02:21 . 2012-07-23 02:21--------d-----w-c:\programdata\Rockstar Games
2012-07-19 08:10 . 2012-06-27 09:44166792----a-w-c:\windows\system32\drivers\klb64mkd.sys
2012-07-19 02:56 . 2009-03-18 20:3533856---ha-w-c:\windows\system32\hamachi.sys
2012-07-18 22:34 . 2012-08-02 03:34--------d-----w-c:\users\Konishi\AppData\Local\LogMeIn Hamachi
2012-07-14 00:41 . 2012-08-08 19:53282696----a-w-c:\windows\SysWow64\PnkBstrB.xtr
2012-07-14 00:12 . 2012-07-16 02:03--------d-----w-c:\users\Konishi\AppData\Local\Ubisoft Game Launcher
2012-07-13 22:50 . 2012-07-13 22:50--------d-----w-c:\users\Konishi\AppData\Roaming\Ubisoft
2012-07-13 22:46 . 2012-07-13 22:58--------d-----w-c:\program files (x86)\Ubisoft
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-08 04:28 . 2012-07-08 04:28560184----a-w-c:\windows\system32\drivers\sptd.sys
2012-06-22 06:54 . 2012-06-22 06:5519736----a-w-c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-06-20 15:28 . 2012-06-27 20:364145600----a-w-c:\windows\SysWow64\GameMon.des
2012-05-18 03:03 . 2012-05-18 03:03772552----a-w-c:\windows\SysWow64\npDeployJava1.dll
2012-05-14 19:46 . 2012-05-14 19:4511174400----a-w-c:\windows\system32\drivers\atikmdag.sys
2012-05-14 19:45 . 2012-05-14 19:457431680----a-w-c:\windows\system32\atiumd64.dll
2012-05-14 19:45 . 2012-05-14 19:4543520----a-w-c:\windows\SysWow64\ati2edxx.dll
2012-05-14 19:45 . 2012-05-14 19:4541984----a-w-c:\windows\system32\atig6txx.dll
2012-05-14 19:45 . 2011-12-06 02:1864000----a-w-c:\windows\system32\coinst.dll
2012-05-14 19:45 . 2012-05-14 19:4533280----a-w-c:\windows\SysWow64\atigktxx.dll
2012-05-14 19:45 . 2011-12-06 02:1154784----a-w-c:\windows\system32\atiuxp64.dll
2012-05-14 19:45 . 2012-05-14 19:451831424----a-w-c:\windows\SysWow64\atiumdmv.dll
2012-05-14 19:45 . 2012-05-14 19:4514848----a-w-c:\windows\SysWow64\atiglpxx.dll
2012-05-14 19:45 . 2012-05-14 19:4514848----a-w-c:\windows\system32\atiglpxx.dll
2012-05-14 19:45 . 2012-05-14 19:454731904----a-w-c:\windows\system32\atiumd6a.dll
2012-05-14 19:45 . 2012-05-14 19:45120320----a-w-c:\windows\system32\atitmm64.dll
2012-05-14 19:45 . 2012-05-14 19:45360448----a-w-c:\windows\SysWow64\atiadlxy.dll
2012-05-14 19:45 . 2012-05-14 19:4519753984----a-w-c:\windows\SysWow64\atioglxx.dll
2012-05-14 19:45 . 2012-05-14 19:4554784----a-w-c:\windows\system32\atimpc64.dll
2012-05-14 19:45 . 2012-05-14 19:4554784----a-w-c:\windows\system32\amdpcom64.dll
2012-05-14 19:45 . 2012-05-14 19:4553248----a-w-c:\windows\system32\drivers\ati2erec.dll
2012-05-14 19:45 . 2011-12-06 03:17909312----a-w-c:\windows\SysWow64\aticfx32.dll
2012-05-14 19:45 . 2012-05-14 19:4553760----a-w-c:\windows\SysWow64\atimpc32.dll
2012-05-14 19:45 . 2012-05-14 19:4553760----a-w-c:\windows\SysWow64\amdpcom32.dll
2012-05-14 19:45 . 2012-05-14 19:451120768----a-w-c:\windows\system32\atiumd6v.dll
2012-05-14 19:45 . 2009-08-18 05:267479296----a-w-c:\windows\system32\atidxx64.dll
2012-05-14 19:45 . 2012-05-14 19:4526181632----a-w-c:\windows\system32\atio6axx.dll
2012-05-14 19:45 . 2011-12-06 02:1132256----a-w-c:\windows\SysWow64\atiu9pag.dll
2012-05-14 19:45 . 2011-12-06 03:066800896----a-w-c:\windows\SysWow64\atidxx32.dll
2012-05-14 19:45 . 2012-05-14 19:45236544----a-w-c:\windows\system32\atiesrxx.exe
2012-05-14 19:45 . 2012-05-14 19:45442368----a-w-c:\windows\system32\ATIDEMGX.dll
2012-05-14 19:45 . 2011-12-06 03:161067520----a-w-c:\windows\system32\aticfx64.dll
2012-05-14 19:45 . 2011-12-06 02:336203392----a-w-c:\windows\SysWow64\atiumdag.dll
2012-05-14 19:45 . 2012-05-14 19:4544544----a-w-c:\windows\system32\aticalcl64.dll
2012-05-14 19:45 . 2012-05-14 19:4513764096----a-w-c:\windows\SysWow64\aticaldd.dll
2012-05-14 19:45 . 2012-05-14 19:4416090624----a-w-c:\windows\system32\aticaldd64.dll
2012-05-14 19:45 . 2012-05-14 19:45343040----a-w-c:\windows\system32\drivers\atikmpag.sys
2012-05-14 19:45 . 2011-12-06 02:284795904----a-w-c:\windows\SysWow64\atiumdva.dll
2012-05-14 19:45 . 2012-05-14 19:4517408----a-w-c:\windows\system32\atig6pxx.dll
2012-05-14 19:45 . 2012-05-14 19:4551200----a-w-c:\windows\system32\aticalrt64.dll
2012-05-14 19:45 . 2012-05-14 19:4546080----a-w-c:\windows\SysWow64\aticalrt.dll
2012-05-14 19:44 . 2012-05-14 19:44503808----a-w-c:\windows\system32\atieclxx.exe
2012-05-14 19:44 . 2012-05-14 19:4444544----a-w-c:\windows\system32\atiu9p64.dll
2012-05-14 19:44 . 2012-05-14 19:4421504----a-w-c:\windows\system32\atimuixx.dll
2012-05-14 19:44 . 2012-05-14 19:44159744----a-w-c:\windows\system32\atiapfxx.exe
2012-05-14 19:44 . 2012-05-14 19:4495760----a-w-c:\windows\system32\drivers\AtihdW76.sys
2012-05-14 19:44 . 2012-05-14 19:4444032----a-w-c:\windows\SysWow64\aticalcl.dll
2012-05-14 19:44 . 2011-12-06 02:1141984----a-w-c:\windows\SysWow64\atiuxpag.dll
2012-05-14 19:44 . 2012-05-14 19:4459392----a-w-c:\windows\system32\atiedu64.dll
2012-05-14 19:44 . 2012-05-14 19:44514560----a-w-c:\windows\system32\atiadlxx.dll
2012-05-13 17:27 . 2012-02-13 23:1657848688----a-w-c:\windows\system32\MRT.exe
2012-05-13 10:06 . 2012-05-11 09:3770304----a-w-c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-13 10:06 . 2012-04-13 01:45419488----a-w-c:\windows\SysWow64\FlashPlayerApp.exe
.
.
((((((((((((((((((((((((((((( SnapShot@2012-08-08_19.27.37 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-08-08 16:2449152 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-08-08 20:5549152 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-08-08 20:5465536 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-08 16:2465536 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2012-02-13 22:12 . 2012-08-08 19:0016384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2012-02-13 22:12 . 2012-08-08 20:0916384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2012-02-13 22:12 . 2012-08-08 19:0016384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-02-13 22:12 . 2012-08-08 20:0916384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-02-16 06:16 . 2012-08-08 20:523032 c:\windows\system32\wdi\ERCQueuedResolutions.dat
- 2012-02-16 06:16 . 2012-08-08 00:323032 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2012-08-08 20:53 . 2012-08-08 20:532048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-08-08 12:23 . 2012-08-08 12:232048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-08-08 12:23 . 2012-08-08 12:232048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-08-08 20:53 . 2012-08-08 20:532048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 04:54 . 2012-08-08 20:54540672 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-08-08 16:24540672 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 05:01 . 2012-08-08 11:45229820 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-08-08 20:52229820 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-02-14 04:34 . 2012-08-08 20:5238377008 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-989966592-1269749742-2495231924-1001-12288.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-02-13 3481408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-07-03 462920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ecojink]
c:\windows\system32\config\systemprofile\AppData\Local\ecojink.dll [BU]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security PackagesREG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R3 dfmirage;dfmirage;c:\windows\system32\DRIVERS\dfmirage.sys [2008-03-26 36432]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 Mkd2Bthf;Mkd2Bthf;c:\windows\system32\drivers\Mkd2Bthf.sys [2012-03-07 98040]
R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2012-03-07 107768]
R3 Mkd3kfNt;Mkd3kfNt;c:\windows\system32\drivers\Mkd3kfNt.sys [2012-03-07 183544]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-19 113120]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe [2012-05-30 736104]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Servico de Tecnologias de Ativacao do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-02-14 1255736]
R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-05-14 236544]
R4 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-04-06 361984]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-02-25 283200]
S2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-07-03 655944]
S2 pcapsvc;ProxyCap Service;c:\program files\Proxy Labs\ProxyCap\pcapsvc.exe [2010-09-18 635904]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-05-14 11174400]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-05-14 343040]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-05-14 95760]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-07-03 24904]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys [2009-09-16 31232]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-989966592-1269749742-2495231924-1001Core.job
- c:\users\Konishi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-08 09:02]
.
2012-08-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-989966592-1269749742-2495231924-1001UA.job
- c:\users\Konishi\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-08 09:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21133400----a-w-c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ProxyCap"="c:\progra~1\PROXYL~1\ProxyCap\pcapui.exe" [2010-09-18 689664]
"combofix"="c:\combofix\CF16024.3XE" [2010-11-20 345088]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
filemon701
iAimTV5
CTSYN
rnadirmultiplexor
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://df.nexon.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
LSP: pcapwsp.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Konishi\AppData\Roaming\Mozilla\Firefox\Profiles\f8n672gz.default\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF - prefs.js: network.proxy.type - 0
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e8,44,55,a8,6f,77,c8,40,aa,5f,d5,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,e8,44,55,a8,6f,77,c8,40,aa,5f,d5,\
.
[HKEY_USERS\S-1-5-21-989966592-1269749742-2495231924-1001\Software\Gabest\Media Player Classic\Settings\PnSPresets]
@DACL=(02 0000)
"Preset0"="Scale to 16:9 TV,0.500,0.500,1.000,1.333"
"Preset1"="Zoom To Widescreen,0.500,0.500,1.333,1.333"
"Preset2"="Zoom To Ultra-Widescreen,0.500,0.500,1.763,1.763"
.
[HKEY_USERS\S-1-5-21-989966592-1269749742-2495231924-1001\Software\Microsoft\Installer\Products\8B1A8551330FB1445BD66E56F2BAC9C9\SourceList\Media]
@DACL=(02 0000)
"1"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Patches\05C3E32DC552CD7468DDAB40951FE14C\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="Microsoft's Silverlight Installation [1]"
"100"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\1D034B0FAA6BD374B960AAD30DF10D8B\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"="DISK1;1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\29EA0FB2CB3C21140966516443B2F1EA\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"="DISK1;1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\5FD2CD3CCAFE55040901137F5C54DDE9\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"="DISK1;1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\80803434A180D0C47BCC060100103810\SourceList\Media]
@DACL=(02 0000)
"1"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\80803434A180D0C47BCC060100103820\SourceList\Media]
@DACL=(02 0000)
"1"=";"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\8B78C05791FAC3C47B19059D8CA35E27\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"="DISK1;1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\B76A10F976D7F284D9F45D89A044F04D\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"="DISK1;1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\c1c4f01781cc94c4c8fb1542c0981a2a\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"2"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"3"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"4"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"5"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"6"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"7"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"8"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"9"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"10"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
"11"=";Microsoft Visual C++ 2005 Redistributable [Disk 1]"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\CFD2C1F142D260E3CB8B271543DA9F98\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\D20352A90C039D93DBF6126ECE614057\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\D7314F9862C648A4DB8BE2A5B47BE100\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="Microsoft's Silverlight Installation [1]"
"1"=";1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\E46CD460F2A7FDF45B893E0C47B7BBC9\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"="DISK1;1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Installer\Products\EFEE0228DC83E77358593193D847A0EC\SourceList\Media]
@DACL=(02 0000)
"DiskPrompt"="[1]"
"1"=";1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
.
**************************************************************************
.
Completion time: 2012-08-08 17:58:10 - machine was rebooted
ComboFix-quarantined-files.txt 2012-08-08 20:58
ComboFix2.txt 2012-08-08 19:29
.
Pre-Run: 102.880.772.096 bytes disponiveis
Post-Run: 102.855.925.760 bytes disponiveis
.
- - End Of File - - 349EBCD7788AF6EFF87DB7EE9E861EDF

 

[Broni]

Looks good

Any current issues?

================================

Download Malwarebytes' Anti-Malware (MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.
NOTE. If you already have MBAM installed, update it before running the scan.

* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad.
* Post the log back here.

Be sure to restart the computer IF MBAM asks you to do so.

The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt

================================

Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• Click the Scan All Users checkbox.
• Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
• When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
• Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.

 

[Konishi]

Well, I think it's good now too

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.07.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Konishi :: KONISHI-PC [administrator]

Protection: Enabled

09/08/2012 07:36:44
mbam-log-2012-08-09 (07-36-44).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 193235
Time elapsed: 2 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

[Konishi]

OTL logfile created on: 09/08/2012 07:41:18 - Run 1
OTL by OldTimer - Version 3.2.56.0 Folder = C:\Users\Konishi\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

4,00 Gb Total Physical Memory | 2,81 Gb Available Physical Memory | 70,31% Memory free
8,00 Gb Paging File | 6,69 Gb Available in Paging File | 83,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 397,41 Gb Total Space | 94,81 Gb Free Space | 23,86% Space Free | Partition Type: NTFS
Drive D: | 37,30 Gb Total Space | 25,31 Gb Free Space | 67,87% Space Free | Partition Type: NTFS
Drive E: | 68,25 Gb Total Space | 37,15 Gb Free Space | 54,43% Space Free | Partition Type: NTFS

Computer Name: KONISHI-PC | User Name: Konishi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/08/09 07:32:23 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Konishi\Desktop\OTL.exe
PRC - [2012/08/06 18:04:39 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/07/03 20:03:22 | 000,228,856 | ---- | M] (AhnLab, Inc.) -- C:\Program Files (x86)\AhnLab\ASP\Components\ASPLnchr.exe
PRC - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/07/03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/07/03 13:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\AVAST Software\Avast\AvastUI.exe
PRC - [2012/07/03 13:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\AVAST Software\Avast\AvastSvc.exe


========== Modules (No Company Name) ==========


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/05/14 16:45:29 | 000,236,544 | ---- | M] (AMD) [Disabled | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/04/05 21:57:34 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Disabled | Stopped] -- c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009/07/13 22:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/06 18:04:39 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/07/18 22:44:05 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/07/03 13:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Arquivos de Programas\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/06/20 12:28:03 | 004,145,600 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2012/05/30 12:02:00 | 000,736,104 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2011/03/28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011/03/16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/09/18 20:09:04 | 000,635,904 | ---- | M] (Proxy Labs) [Auto | Running] -- C:\Arquivos de Programas\Proxy Labs\ProxyCap\pcapsvc.exe -- (pcapsvc)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/07/08 01:28:50 | 000,560,184 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/07/03 13:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/07/03 13:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/07/03 13:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/07/03 13:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/07/03 13:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/07/03 13:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/05/14 16:46:01 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2012/05/14 16:46:01 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/05/14 16:45:11 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/05/14 16:44:51 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012/03/30 18:47:05 | 000,038,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2012/03/07 05:10:00 | 000,183,544 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mkd3kfnt.sys -- (Mkd3kfNt)
DRV:64bit: - [2012/03/07 05:10:00 | 000,107,768 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV:64bit: - [2012/03/07 05:10:00 | 000,098,040 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2BthF.sys -- (Mkd2Bthf)
DRV:64bit: - [2012/03/01 03:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/25 00:31:57 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/03/11 03:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 03:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 10:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 08:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 08:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/09/16 06:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/03/26 16:31:26 | 000,036,432 | ---- | M] (DemoForge, LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dfmirage.sys -- (dfmirage)
DRV:64bit: - [2005/03/29 01:30:38 | 000,008,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2012/03/05 16:04:30 | 000,053,888 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- c:\Arquivos de Programas\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-989966592-1269749742-2495231924-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://df.nexon.com/
IE - HKU\S-1-5-21-989966592-1269749742-2495231924-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
IE - HKU\S-1-5-21-989966592-1269749742-2495231924-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 71 E3 F6 AC 1A 2B CD 01 [binary data]
IE - HKU\S-1-5-21-989966592-1269749742-2495231924-1001\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-989966592-1269749742-2495231924-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-989966592-1269749742-2495231924-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searc...SP_ss&mntrId=0a7ec48300000000000000ff6576abc8
IE - HKU\S-1-5-21-989966592-1269749742-2495231924-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.com"
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=utf-8&q="
FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npaosmgr.1: C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\conflict_475\npaosmgr.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25sp: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKCU\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25sp: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
FF - HKCU\Software\MozillaPlugins\@neople.co.kr/NeopleGameInstaller: C:\ProgramData\NeoplePlugin\npNeopleGameInstaller.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Konishi\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Konishi\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/08/07 12:06:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/18 22:44:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012/02/13 21:59:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Konishi\AppData\Roaming\mozilla\Extensions
[2012/07/13 21:09:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Konishi\AppData\Roaming\mozilla\Firefox\Profiles\f8n672gz.default\extensions
[2012/05/11 06:52:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/07/11 14:44:47 | 000,459,414 | ---- | M] () (No name found) -- C:\USERS\KONISHI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F8N672GZ.DEFAULT\EXTENSIONS\NICOFOX@LITTLEBTC.XPI
[2012/07/18 22:44:05 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/05/07 03:03:48 | 000,002,313 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012/04/20 23:26:25 | 000,001,027 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\buscape.xml
[2012/04/20 23:26:25 | 000,001,212 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolivre.xml
[2012/04/20 23:26:24 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
[2012/04/20 23:26:25 | 000,001,168 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-br.xml
[2012/04/20 23:26:24 | 000,000,952 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-br.xml

========== Chrome ==========

CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage:
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Konishi\AppData\Local\Google\Chrome\Application\21.0.1180.60\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Konishi\AppData\Local\Google\Chrome\Application\21.0.1180.60\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Konishi\AppData\Local\Google\Chrome\Application\21.0.1180.60\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: AhnLab Online Security (Enabled) = C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\conflict_469\npaosmgr.dll
CHR - plugin: AhnLab Online Security Anti-keylogger (Enabled) = C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: neople game installer for firefox (Enabled) = C:\ProgramData\NeoplePlugin\npNeopleGameInstaller.dll
CHR - plugin: Nexon Game Controller (Enabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Konishi\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Konishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Pesquisa do Google = C:\Users\Konishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\Konishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Gmail = C:\Users\Konishi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/08/08 17:54:15 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de Programas\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [ProxyCap] C:\Arquivos de Programas\Proxy Labs\ProxyCap\pcapui.exe (Proxy Labs)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKU\S-1-5-21-989966592-1269749742-2495231924-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-989966592-1269749742-2495231924-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-989966592-1269749742-2495231924-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-989966592-1269749742-2495231924-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\pcapwsp.dll (Proxy Labs)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Arquivos de Programas\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - ppcapwsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - ppcapwsp.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - ppcapwsp.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWow64\pcapwsp.dll (Proxy Labs)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL File not found
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5F5BC493-072E-49C4-AC1F-266A9244ED4E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8ED7000D-53F7-4487-8809-5B511BFF5EEC}: DhcpNameServer = 7.254.254.254
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - Winlogon\Notify\ecojink: DllName - (C:\Windows\system32\config\systemprofile\AppData\Local\ecojink.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

[Konishi]

========== Files/Folders - Created Within 30 Days ==========

[2012/08/09 07:32:21 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Konishi\Desktop\OTL.exe
[2012/08/08 20:23:01 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{064AD42C-2CDA-4627-95E8-DA4411933918}
[2012/08/08 20:22:50 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{894CC702-008E-42D4-A12C-85A8852C99B2}
[2012/08/08 20:04:23 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/08/08 17:58:12 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/08/08 16:00:59 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/08/08 16:00:59 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/08/08 16:00:59 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/08/08 16:00:52 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/08 15:50:38 | 000,000,000 | ---D | C] -- C:\Users\Konishi\Desktop\DNF
[2012/08/08 15:47:52 | 004,727,110 | R--- | C] (Swearware) -- C:\Users\Konishi\Desktop\ComboFix.exe
[2012/08/08 09:22:23 | 000,000,000 | ---D | C] -- C:\Users\Konishi\Desktop\[QRDJ-9] QUAKE TRANCE BEST.9 MIXED BY DJ UTO (mp3 -V 0)
[2012/08/08 08:41:40 | 000,000,000 | ---D | C] -- C:\Users\Konishi\Desktop\tdsskiller
[2012/08/08 08:22:25 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{F04F590D-90F6-47AF-91E3-2B2EFE36C6C0}
[2012/08/08 08:22:11 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{2AB9A94C-24F0-4E31-8E8F-BC8F21C98BE5}
[2012/08/07 20:31:51 | 001,118,624 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Konishi\Desktop\rkill.exe
[2012/08/07 20:31:46 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Konishi\Desktop\aswMBR.exe
[2012/08/07 19:29:33 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{3D846761-85D4-4602-8864-DEC3D7724FF2}
[2012/08/07 19:29:22 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{17823AA5-CB04-4768-AA08-87515647935C}
[2012/08/07 13:01:22 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Konishi\Desktop\dds.com
[2012/08/07 12:19:23 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/08/07 12:19:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/08/07 12:06:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012/08/07 12:06:46 | 000,355,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/08/07 12:06:46 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/08/07 12:06:41 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/08/07 12:06:37 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/08/07 12:06:34 | 000,958,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/08/07 12:06:32 | 000,071,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/08/07 12:06:16 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/08/07 12:06:16 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/08/07 07:28:57 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{DDAB8DFE-D797-4143-9A7B-08A28850DD1A}
[2012/08/07 07:28:46 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{89D32F03-EC65-4C5D-9270-57A942200E5C}
[2012/08/06 19:28:21 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{C6FC6125-CC8B-41AF-9F21-77694EEF98C5}
[2012/08/06 19:28:11 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{50639813-FDCA-422E-9D4E-5B7F634BE863}
[2012/08/06 07:27:45 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{915CB4AC-772A-4631-A2D1-7A1F08216C81}
[2012/08/06 07:27:35 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{82974E9C-0B77-4C2C-BAB9-5C3C27554F08}
[2012/08/05 13:13:32 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{44027318-F02F-412D-8E5E-ABED25A7D9B0}
[2012/08/05 13:13:21 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{AB468F21-D63C-44DA-B751-FDF8EDB6089A}
[2012/08/05 01:12:55 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{9540F04C-6C4C-4550-8728-01947DE9C727}
[2012/08/05 01:12:43 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{4D686B43-D2BF-4BAF-86AC-06179265BFCC}
[2012/08/04 07:23:12 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{06744DB6-1E5A-4D96-94A7-67570B250146}
[2012/08/04 07:23:02 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{DFC53409-AD47-4C25-A671-864BE283B44C}
[2012/08/03 19:22:49 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{2A85ECEA-4C0D-4A38-AF62-50B43CDA9152}
[2012/08/03 19:22:39 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{FA31A21E-4E20-45B4-A87D-8C210D8F43DD}
[2012/08/03 07:22:14 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{A5593731-9E52-4C9E-B143-3C78476BA590}
[2012/08/03 07:22:03 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{0F6B97CA-D2D3-4067-B442-0190D3B88270}
[2012/08/02 19:21:38 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{8C2B1CDF-E525-4C73-A5D3-A2328956810A}
[2012/08/02 19:21:28 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{E6D838D5-0513-489C-BD1F-37194F329AA7}
[2012/08/02 07:21:02 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{9FADF3C2-B1CD-46D2-8F1D-67B17E37829C}
[2012/08/02 07:20:51 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{0BD4AC85-6482-44AF-8B39-EDE8B22A9332}
[2012/08/02 00:54:12 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/08/02 00:53:49 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/08/02 00:53:49 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/08/01 23:16:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/08/01 23:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HijackThis
[2012/08/01 23:07:09 | 010,652,120 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Konishi\Desktop\mbam-setup-1.62.0.1300.exe
[2012/08/01 14:58:23 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{037224F5-AC2B-40B6-A0DC-3F49CCB4F7B7}
[2012/08/01 14:58:02 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{54F08CFD-F453-45BA-9BC2-31A6D40D3656}
[2012/08/01 02:57:37 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{FF6C2500-6C2C-4E26-959D-A6D0BE146880}
[2012/08/01 02:57:16 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{F5706F72-3AFF-47E3-9C7B-ED3EC531B279}
[2012/07/31 14:56:51 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{79805088-1A99-467C-B769-EBF15CA5223A}
[2012/07/31 14:56:29 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{0D3E7946-8FAC-4F17-9A0E-799E4D542997}
[2012/07/31 02:56:04 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{065C4005-83B3-42D1-A9C0-0E0B60A2F0D1}
[2012/07/31 02:55:42 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{AF4A910A-072C-40C2-9FF9-B28CB9D44F4C}
[2012/07/30 14:55:17 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{E8EEEFB2-E0CA-4CC0-B37F-2A280281E788}
[2012/07/30 14:55:04 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{E1379EE4-BD46-4531-B54F-F24F73F960E2}
[2012/07/30 00:29:51 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{070F2390-5CAC-44E9-A7BC-E82F0330DFF3}
[2012/07/30 00:29:30 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{0A3AB5C8-3793-48DA-A13A-AB87B7082A4D}
[2012/07/29 09:42:46 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{27D8BA45-3A5E-4D00-95C1-8832680C62A8}
[2012/07/29 09:42:25 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{D3DFDF53-8335-4355-9532-8C6A3A755347}
[2012/07/28 21:42:03 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{483DD499-9867-41D4-A067-22220DE5C50B}
[2012/07/28 21:41:51 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{213E5C6E-6363-48A2-9C3C-DDFB20C377D0}
[2012/07/28 01:04:25 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{8F2511B1-C3D8-4436-8C69-9F85C65156EB}
[2012/07/28 01:04:04 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{0B0352C5-8C7E-4696-AC39-B0CFD1812A74}
[2012/07/27 13:03:51 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{6E04364B-E41D-4FAF-B4BF-42BC5F72B55C}
[2012/07/27 13:03:40 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{4B68C8FA-C3EF-4CF7-AA72-FBD4A65E3002}
[2012/07/26 19:51:00 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{7FD8FA30-62E2-40EB-9CE8-D400B8A554A9}
[2012/07/26 19:50:39 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{AA46BE7F-5E43-46B8-86F9-19F591BBE827}
[2012/07/26 07:50:14 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{902C9946-2144-492C-8BD8-395754D3FD0D}
[2012/07/26 07:49:52 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{E10489BC-24EA-4709-BDE0-462F887AD25A}
[2012/07/25 19:49:40 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{06CBF655-D695-4891-805D-AD44AD819D11}
[2012/07/25 19:49:18 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{61B1B9E2-2870-4E66-B9DF-1FA9FB0BF88E}
[2012/07/25 07:48:53 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{BE867590-7513-4177-B87B-A6D81ABE6CC2}
[2012/07/25 07:48:42 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{79598CC6-0529-4DCC-9F42-C73BD90FEF67}
[2012/07/25 01:10:10 | 000,000,000 | ---D | C] -- C:\ProgramData\paltiosoft
[2012/07/25 00:51:05 | 000,000,000 | ---D | C] -- C:\Users\Konishi\Desktop\STEINS;GATE
[2012/07/24 21:43:33 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Roaming\Nitroplus
[2012/07/24 19:56:06 | 000,000,000 | ---D | C] -- C:\Users\Konishi\Desktop\Nova pasta
[2012/07/24 18:38:14 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{C8D2E07C-89E7-44F9-8FA5-C95629DDBA5A}
[2012/07/24 18:37:40 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{6F9D773F-27D5-4C0E-BEEF-2C6398A42FF2}
[2012/07/24 06:37:14 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{A696F734-A8F1-4408-97F0-D4CA8073D915}
[2012/07/24 06:37:03 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{7C3937D5-FD69-483A-B36C-D05B610893C8}
[2012/07/24 01:20:01 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{352208B4-E62C-40C2-92B8-EAFCF69BBE96}
[2012/07/23 18:36:51 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{9C370723-9165-4327-8C87-16EB7B1265A2}
[2012/07/23 18:36:30 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{2D95926B-86FD-4A54-AEE3-092029022B37}
[2012/07/23 06:36:02 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{6C467B33-93E6-4C88-8BF5-B43AC952B20E}
[2012/07/23 06:35:25 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{36AC4CE2-5620-46AB-ABF1-015111EA5889}
[2012/07/23 02:55:04 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\Chromium
[2012/07/22 23:22:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
[2012/07/22 23:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Rockstar Games
[2012/07/22 18:35:13 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{091B0562-0505-4C23-ABDA-D89A286C870A}
[2012/07/22 18:34:52 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{6E347045-CDE7-4522-956C-25BFCFE4600B}
[2012/07/22 06:34:15 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{B075590A-6E23-48EE-AB4B-4AFA2D542651}
[2012/07/22 06:34:04 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{E749BC87-F691-4FFA-A749-0031D37C2742}
[2012/07/21 18:33:38 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{012A229B-0F37-4E7F-BF04-2DA563F1AF59}
[2012/07/21 18:33:20 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{9B9EFBA8-92F6-4A00-8319-5279A3E79462}
[2012/07/21 00:46:28 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{BACCCE7C-1683-40D9-8476-162297AA2826}
[2012/07/21 00:46:17 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{D6A2076A-A44B-4C09-8B90-7256E93E673F}
[2012/07/20 12:45:52 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{64A46553-CA78-4F9D-9FA7-D2B60BF87038}
[2012/07/20 12:45:31 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{5C9E36D5-E8EB-4F7B-805C-37E55BA17954}
[2012/07/19 17:49:21 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{01946584-8002-4F7F-BAD2-59E90D73CA5B}
[2012/07/19 17:49:00 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{81BEB27F-C258-4583-A9EE-80DA0C34CF86}
[2012/07/19 05:48:34 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{0B3A594A-45B7-4B01-9687-D4D7C4011070}
[2012/07/19 05:48:12 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{F9546997-9B96-44CF-BC25-533445F1F5EC}
[2012/07/19 05:10:31 | 000,166,792 | ---- | C] (Copyright (C) Korea University C.I.S.T) -- C:\Windows\SysNative\drivers\klb64mkd.sys
[2012/07/18 23:56:12 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2012/07/18 19:34:14 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\LogMeIn Hamachi
[2012/07/18 17:47:45 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{2407B77D-8097-4EB6-A7FE-277E75B9626B}
[2012/07/18 17:47:30 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{D21665B5-6C3F-4001-8793-E9572D84601F}
[2012/07/18 04:40:15 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{F00731E3-653A-481E-8999-A9548CD4AF0C}
[2012/07/18 04:40:04 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{DB0BBB04-41DC-42EB-84BC-0D57E08CF317}
[2012/07/17 16:39:52 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{91A3C3E6-E91A-46F2-AD99-672165698C09}
[2012/07/17 16:39:41 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{7ED39633-F0D3-4655-BB82-27D62A7ED1E4}
[2012/07/16 16:09:02 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{F8FD8ACA-5567-4155-8B14-9EA41FF8B548}
[2012/07/16 16:08:51 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{08C644F6-BC6A-4D58-91DD-A110A02370FD}
[2012/07/16 04:08:26 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{EA1C03A5-0F68-4802-A146-72E71123A825}
[2012/07/16 04:08:14 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{9F857AB5-A206-4B25-9468-4E16932FA8D7}
[2012/07/15 16:07:49 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{EE28E46D-78FC-487D-B3FD-57722BEF62B2}
[2012/07/15 16:07:38 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{C11998EC-E0DF-44C1-B15E-1BBC9E1C4A8A}
[2012/07/15 03:02:03 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{63786BE3-FFDA-45C3-819E-447E9749C9A0}
[2012/07/15 03:01:50 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{5D8FBEC3-5ACB-4BDB-8436-5A17651267EB}
[2012/07/14 12:07:10 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{57D91C13-3E1C-4B6B-B79C-DE0DC941ABD4}
[2012/07/14 12:06:55 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{56F37B71-0671-4F88-BB3A-1FF48D4C2835}
[2012/07/13 21:12:51 | 000,000,000 | ---D | C] -- C:\Users\Konishi\Documents\Ubisoft
[2012/07/13 21:12:38 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\Ubisoft Game Launcher
[2012/07/13 19:50:29 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Roaming\Ubisoft
[2012/07/13 19:46:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2012/07/13 17:12:34 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{47907010-0885-4ECC-85F9-DF20AF9E7865}
[2012/07/13 17:12:24 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{E7634445-1DB6-42C8-96AC-821FE3B14732}
[2012/07/13 05:11:59 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{B467AD3C-BE9C-4417-A414-06558F976C7D}
[2012/07/13 05:11:49 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{39B6A384-1F0B-439B-98D1-71C1984DE318}
[2012/07/12 17:11:24 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{A1B12D24-510C-4251-BCB1-1E86D7AF6D2F}
[2012/07/12 17:11:14 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{15C386E8-C787-4DD8-8B3C-5690BADFB384}
[2012/07/12 05:10:49 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{3363AA38-E36E-49E9-8371-5948808BAE5F}
[2012/07/12 05:10:38 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{6146E002-2683-4548-A033-F072D6F30A1E}
[2012/07/11 17:10:14 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{FB947022-84E5-4322-B392-1EE32A26CAB7}
[2012/07/11 17:10:04 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{49106DC8-2CD6-49A7-9B76-E9A1ADF96B81}
[2012/07/11 05:09:39 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{FCC90C99-26FA-4047-A4DA-47AD7644726C}
[2012/07/11 05:09:29 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{9085ECEB-291F-4881-9A68-80A3DD0200C9}
[2012/07/10 16:59:38 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{A1554DC2-4EB3-4BA9-B203-8DE89C1819B6}
[2012/07/10 16:59:23 | 000,000,000 | ---D | C] -- C:\Users\Konishi\AppData\Local\{BA9772F2-EA94-44D2-AA18-0F331DF1FD50}

========== Files - Modified Within 30 Days ==========

[2012/08/09 07:32:23 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Konishi\Desktop\OTL.exe
[2012/08/09 07:31:46 | 000,000,000 | ---- | M] () -- C:\Users\Konishi\AppData\Local\NeopleIns.exe
[2012/08/09 07:31:17 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_tmp
[2012/08/09 07:13:01 | 000,001,086 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-989966592-1269749742-2495231924-1001UA.job
[2012/08/09 06:51:26 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/09 06:51:26 | 000,014,224 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/09 06:44:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/08/09 06:44:03 | 3220,574,208 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/08 22:23:47 | 000,002,495 | ---- | M] () -- C:\Users\Konishi\Desktop\img_cre_tr3.gif
[2012/08/08 21:13:00 | 000,001,034 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-989966592-1269749742-2495231924-1001Core.job
[2012/08/08 19:59:42 | 002,473,180 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/08/08 19:59:42 | 000,654,272 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2012/08/08 19:59:42 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/08/08 19:59:42 | 000,402,978 | ---- | M] () -- C:\Windows\SysNative\perfh012.dat
[2012/08/08 19:59:42 | 000,383,348 | ---- | M] () -- C:\Windows\SysNative\perfh011.dat
[2012/08/08 19:59:42 | 000,124,724 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2012/08/08 19:59:42 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc011.dat
[2012/08/08 19:59:42 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/08/08 19:59:42 | 000,101,838 | ---- | M] () -- C:\Windows\SysNative\perfc012.dat
[2012/08/08 17:54:15 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/08/08 16:53:30 | 000,282,696 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/08/08 16:53:30 | 000,282,696 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/08/08 15:48:01 | 004,727,110 | R--- | M] (Swearware) -- C:\Users\Konishi\Desktop\ComboFix.exe
[2012/08/08 14:39:33 | 000,115,337 | ---- | M] () -- C:\Users\Konishi\Desktop\fine.png
[2012/08/08 14:15:19 | 001,529,114 | ---- | M] () -- C:\Users\Konishi\Desktop\oo.png
[2012/08/08 11:26:01 | 000,282,696 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/08/08 09:24:02 | 000,267,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/08 08:41:20 | 002,117,108 | ---- | M] () -- C:\Users\Konishi\Desktop\tdsskiller.zip
[2012/08/07 21:04:16 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/08/07 20:32:18 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Konishi\Desktop\aswMBR.exe
[2012/08/07 20:31:55 | 001,118,624 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Konishi\Desktop\rkill.exe
[2012/08/07 13:01:25 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Konishi\Desktop\dds.com
[2012/08/07 12:41:33 | 000,302,592 | ---- | M] () -- C:\Users\Konishi\Desktop\y32o59b4.exe
[2012/08/07 12:19:24 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/07 12:06:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/08/06 18:04:39 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/08/01 23:07:18 | 010,652,120 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Konishi\Desktop\mbam-setup-1.62.0.1300.exe
[2012/08/01 03:15:11 | 000,002,461 | ---- | M] () -- C:\Users\Konishi\Desktop\Google Chrome.lnk
[2012/07/30 16:19:00 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/07/24 22:18:16 | 2525,708,903 | ---- | M] () -- C:\Users\Konishi\Desktop\STEINS;GATE.7z
[2012/07/19 05:57:45 | 000,000,274 | ---- | M] () -- C:\Users\Public\Documents\neople_uninstaller0.bat
[2012/07/19 01:07:08 | 000,001,082 | ---- | M] () -- C:\Users\Konishi\Desktop\VongolaMS - Atalho.lnk
[2012/07/15 22:22:43 | 000,001,376 | ---- | M] () -- C:\Users\Konishi\Desktop\Future Soldier.lnk
[2012/07/12 05:03:50 | 000,000,124 | ---- | M] () -- C:\Users\Konishi\Documents\ax_files.xml

========== Files Created - No Company Name ==========

[2012/08/09 07:31:46 | 000,000,000 | ---- | C] () -- C:\Users\Konishi\AppData\Local\NeopleIns.exe
[2012/08/08 22:23:51 | 000,002,495 | ---- | C] () -- C:\Users\Konishi\Desktop\img_cre_tr3.gif
[2012/08/08 16:00:59 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/08/08 16:00:59 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/08/08 16:00:59 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/08/08 16:00:59 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/08/08 16:00:59 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/08/08 14:39:33 | 000,115,337 | ---- | C] () -- C:\Users\Konishi\Desktop\fine.png
[2012/08/08 14:15:19 | 001,529,114 | ---- | C] () -- C:\Users\Konishi\Desktop\oo.png
[2012/08/08 08:41:09 | 002,117,108 | ---- | C] () -- C:\Users\Konishi\Desktop\tdsskiller.zip
[2012/08/07 12:41:31 | 000,302,592 | ---- | C] () -- C:\Users\Konishi\Desktop\y32o59b4.exe
[2012/08/07 12:19:24 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/07 12:06:47 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012/08/06 18:04:48 | 000,282,696 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/08/06 18:04:48 | 000,282,696 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012/08/06 18:04:39 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012/08/02 00:54:12 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012/07/24 22:03:06 | 2525,708,903 | ---- | C] () -- C:\Users\Konishi\Desktop\STEINS;GATE.7z
[2012/07/21 00:38:01 | 010,738,939 | ---- | C] () -- C:\Users\Konishi\Desktop\【初音ミク】Unfragment【オリジナル】.mp3
[2012/07/19 05:57:45 | 000,000,274 | ---- | C] () -- C:\Users\Public\Documents\neople_uninstaller0.bat
[2012/07/19 05:10:31 | 000,000,147 | ---- | C] () -- C:\Windows\SysNative\drivers\klb64mkd.sig
[2012/07/19 01:07:08 | 000,001,082 | ---- | C] () -- C:\Users\Konishi\Desktop\VongolaMS - Atalho.lnk
[2012/07/15 22:22:43 | 000,001,376 | ---- | C] () -- C:\Users\Konishi\Desktop\Future Soldier.lnk
[2012/07/13 21:41:00 | 000,282,696 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012/05/17 04:32:45 | 000,000,000 | ---- | C] () -- C:\Users\Konishi\defogger_reenable
[2012/05/16 14:19:07 | 000,007,605 | ---- | C] () -- C:\Users\Konishi\AppData\Local\Resmon.ResmonCfg
[2012/05/14 16:45:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012/05/14 16:45:00 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012/05/05 20:44:16 | 000,365,824 | ---- | C] () -- C:\Windows\SysWow64\xjigrgbe.dat
[2012/05/05 20:44:16 | 000,154,368 | ---- | C] () -- C:\Windows\SysWow64\cxgrkvyv.dat
[2012/05/05 20:44:16 | 000,136,960 | ---- | C] () -- C:\Windows\SysWow64\wpcbdxrt.dat
[2012/05/05 20:44:16 | 000,058,112 | ---- | C] () -- C:\Windows\SysWow64\emwfvbkd.dat
[2012/05/05 20:44:16 | 000,055,040 | ---- | C] () -- C:\Windows\SysWow64\qpzuuehn.dat
[2012/05/05 20:44:16 | 000,041,216 | ---- | C] () -- C:\Windows\SysWow64\ogovtfur.dat
[2012/05/05 20:44:16 | 000,036,608 | ---- | C] () -- C:\Windows\SysWow64\vldhibmw.dat
[2012/05/05 20:44:16 | 000,034,048 | ---- | C] () -- C:\Windows\SysWow64\ammmxjyz.dat
[2012/04/21 10:20:30 | 000,000,080 | ---- | C] () -- C:\Windows\studt.ini
[2012/04/14 00:53:54 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll
[2012/04/14 00:53:54 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll
[2012/04/14 00:53:54 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll
[2012/03/09 14:06:14 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012/03/06 16:34:45 | 000,000,176 | ---- | C] () -- C:\Windows\REC-NET.INI
[2012/02/25 00:36:56 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2012/02/24 21:02:39 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2012/02/15 03:06:53 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012/02/13 20:59:19 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011/09/12 20:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/05/31 03:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2011/05/31 03:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2010/09/18 20:08:40 | 000,315,392 | ---- | C] ( ) -- C:\Windows\SysWow64\sbcrreag.dll

========== LOP Check ==========

[2012/07/29 07:12:10 | 000,000,000 | ---D | M] -- C:\Users\Konishi\AppData\Roaming\DAEMON Tools Lite
[2012/04/21 10:17:21 | 000,000,000 | ---D | M] -- C:\Users\Konishi\AppData\Roaming\flatball
[2012/03/30 21:01:54 | 000,000,000 | ---D | M] -- C:\Users\Konishi\AppData\Roaming\Foxit Software
[2012/03/01 03:22:16 | 000,000,000 | ---D | M] -- C:\Users\Konishi\AppData\Roaming\LucasArts
[2012/05/13 08:40:26 | 000,000,000 | ---D | M] -- C:\Users\Konishi\AppData\Roaming\NeopleInstaller
[2012/08/08 16:41:52 | 000,000,000 | ---D | M] -- C:\Users\Konishi\AppData\Roaming\NeopleLauncher
[2012/03/30 15:51:49 | 000,000,000 | ---D | M] -- C:\Users\Konishi\AppData\Roaming\NeopleLauncherDFO
[2012/07/24 21:43:33 | 000,000,000 | ---D | M] -- C:\Users\Konishi\AppData\Roaming\Nitroplus
[2012/06/27 05:45:53 | 000,000,000 | ---D | M] -- C:\Users\Konishi\AppData\Roaming\SEGA
[2012/02/29 23:06:52 | 000,000,000 | ---D | M] -- C:\Users\Konishi\AppData\Roaming\ShanghaiAlice
[2012/03/16 13:28:04 | 000,000,000 | ---D | M] -- C:\Users\Konishi\AppData\Roaming\Tibia
[2012/05/30 18:57:13 | 000,000,000 | ---D | M] -- C:\Users\Konishi\AppData\Roaming\Tunngle
[2012/07/13 19:50:29 | 000,000,000 | ---D | M] -- C:\Users\Konishi\AppData\Roaming\Ubisoft
[2012/08/08 22:21:38 | 000,000,000 | ---D | M] -- C:\Users\Konishi\AppData\Roaming\uTorrent
[2012/08/05 10:23:09 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:05EE1EEF
< End of report >