MicQsenoch

Honorary Members

View Profile See their activity

Posts
69
Joined
January 1, 2013
Last visited
January 12, 2013

Content Type

All Activity

Events

Profiles

Forums

Topics
Posts

Everything posted by MicQsenoch

Outgoing Malicious IP Blocks. Suspect Infection

MicQsenoch replied to MicQsenoch's topic in Resolved Malware Removal Logs

C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\updating18.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\calc.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\CleanHistory.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\windows.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\active-threats18.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\current.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\currently-safe18.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\Facebook.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\weather.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\feedback.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\help.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\configuration.xml - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\labs.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\favicon.ico - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\note.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\Eula.txt - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\icon18.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\search.gif - Ok >C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\remote_configuration.xml is JS-HTML container C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\remote_configuration.xml - container C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\speed-test.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\surf-with-caution18.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\setup.bmp - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\uninstall.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\updating18.gif - Ok >>>>>>>C:\Documents and Settings\Michael Senff\My Documents\Downloads\tdsskiller.exe\data003 - packed by FLY-CODE C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\PostInstall.exe - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\weather.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\windows.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\lip.exe - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\Chrome\content\icons\bg_close.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\Chrome\content\icons\bg_expand.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\Chrome\content\icons\bg_tooltip.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\Chrome\content\icons\bg_tracking.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\Chrome\content\icons\bull4x4.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\Chrome\content\icons\divider.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\GenericWndApi.dll - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\Chrome\content\icons\innerBG_gradient.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\Licenses\Encoding_decoding_base64.txt - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\Licenses\hmac.txt - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\Licenses\LICENSE-bsdiff.txt - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\Licenses\LICENSE-bzip.txt - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\Licenses\LICENSE-JasonCpp.txt - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\Licenses\LICENSE-MPL-NPAPI.txt - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\Licenses\LICENSE-sparsehash.txt - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\Licenses\PassthruApp.txt - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\JQueyExtensions.js - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\uninstall_cp.css - Ok >C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Uninstall_cp.html is JS-HTML container C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Uninstall_cp.html - container C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\cp-bg.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\cp_logo.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\downBtn.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\vprot.exe - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\loader.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\uninstall-bg.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\Images\uninstall\upBtn.png - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\11223344556677889900112233445566 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\6B6C0.dmp - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\AAX2.tmp - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\AAX3.tmp - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Arabic.bin - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\Uninstall.exe - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\AAX6A.tmp - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\ASPNETSetup_00000.log - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\ASPNETSetup_00002.log - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\ASPNETSetup_00001.log - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\ASPNETSetup_00003.log - Ok >C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\jquery-1.5.1.min.js is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\ASPNETSetup_00004.log - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\UninstallRes\ClientPackage\jquery-1.5.1.min.js - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\ASPNETSetup_00006.log - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\ASPNETSetup_00005.log - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\ASPNETSetup_00007.log - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\ASPNETSetup_00008.log - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\ASPNETSetup_00009.log - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Attach.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\ASPNETSetup_00010.log - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\b291_appcompat.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\avg-secure-search.xml - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\avg-secure-search.tmp - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Croatian.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Czech.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Danish.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\DDS.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_ATL80SP1_KB973923MSI40B0.txt - Ok >>>>>C:\Documents and Settings\Michael Senff\My Documents\Downloads\tdsskiller.exe\data004 - packed by FLY-CODE >>>>>>C:\Documents and Settings\Michael Senff\My Documents\Downloads\tdsskiller.exe\data004 - packed by LZMA C:\Documents and Settings\Michael Senff\Local Settings\Temp\avguidx.dll - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_ATL80SP1_KB973923UI40B0.txt - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_clwireg.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_dotnetfx35install.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_dotnetfx35error.txt - Ok >>>>>>>C:\Documents and Settings\Michael Senff\My Documents\Downloads\tdsskiller.exe\data004 - packed by FLY-CODE C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_MSXML6_MSI45EF.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_NET_Framework30_Setup46A6.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_NET_Framework20_Setup460A.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_RGB9RAST_x86.msi45EC.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_vcredistMSI4873.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\chrome_installer.log - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_vcredistMSI48AA.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_NET_Framework35_MSI46F1.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_vcredistUI48AA.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_wcf_retCA2A65.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_wcf_retCA293C.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_vcredistUI4873.txt - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\tdsskiller.exe - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_wcf_retCA34D.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_wcf_retCA2C15.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_wcf_retCA5360.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_WIC.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_wcf_retCA664.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_XPS.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dump.dat - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Dutch.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dw.log - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\eb16fe134b2678a812a5ad6da56c94dc.lock - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\English.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Finnish.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Greek.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\French.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\German.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Hebrew.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Hungarian.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\installer_cfg.ini - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Italian.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Japanese.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Korean.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\LeagueofLegends.exe.log - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\ichcop - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Lithuanian.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\dd_depcheck_NETFX_EXP_35.txt - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2604092_20121230_220034062.html - packed by UNICODE C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2604092_20121230_220034062-Msi0.txt - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2656352_20121230_215727218.html - packed by UNICODE C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2656352_20121230_215727218-Msi0.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2656369_20121230_220215140-Msi0.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\MachineIdCreator.exe - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2656369_20121230_220215140.html - packed by UNICODE C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2686828_20121230_215227890-Msi0.txt - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2686828_20121230_215227890.html - packed by UNICODE >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2656352_20121230_215727218.html is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\fp_pl_pfs_installer.exe - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2729450_20121230_215027812-Msi0.txt - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2729450_20121230_215027812.html - packed by UNICODE C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2656352_20121230_215727218.html - container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2604092_20121230_220034062.html is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2656369_20121230_220215140.html is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB958481_20121230_182437421-Msi0.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2604092_20121230_220034062.html - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB974417_20121230_182727078-Msi0.txt - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB974417_20121230_182727078.html - packed by UNICODE >C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB958481_20121230_182437421.html - packed by UNICODE C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2656369_20121230_220215140.html - container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2686828_20121230_215227890.html is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB976576_20121230_182257156-Msi0.txt - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB976576_20121230_182257156.html - packed by UNICODE C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2686828_20121230_215227890.html - container >C:\Documents and Settings\Michael Senff\Local Settings\Temp\CommonInstaller.exe is BINARYRES container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB979909_20121230_181751984-Msi0.txt - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB979909_20121230_181751984.html - packed by UNICODE >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2729450_20121230_215027812.html is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2729450_20121230_215027812.html - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB2604110_20121230_220418906-Msi0.txt - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB2604110_20121230_220418906.html - packed by UNICODE >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB958481_20121230_182437421.html is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB958481_20121230_182437421.html - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB2656407_20121230_215635390-Msi0.txt - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB2656407_20121230_215635390.html - packed by UNICODE >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB974417_20121230_182727078.html is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB2604110_20121230_220418906.html is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB976576_20121230_182257156.html is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB2604110_20121230_220418906.html - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB958483_20121230_182536218-Msi0.txt - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB958483_20121230_182536218.html - packed by UNICODE C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB976576_20121230_182257156.html - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB974417_20121230_182727078.html - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB977354_20121230_182354468-Msi0.txt - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB977354_20121230_182354468.html - packed by UNICODE C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB982168_20121230_181911718-Msi0.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB982168_20121230_181911718-Msi1.txt - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB982168_20121230_181911718.html - packed by UNICODE >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB979909_20121230_181751984.html is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 2.0-KB979909_20121230_181751984.html - container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB2656407_20121230_215635390.html is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.5-KB2604111_20121230_220348093-Msi0.txt - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB958483_20121230_182536218.html is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB2656407_20121230_215635390.html - container >C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.5-KB2604111_20121230_220348093.html - packed by UNICODE C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.5-KB2657424_20121230_215923203-Msi0.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB958483_20121230_182536218.html - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.5-KB958484_20121230_182546828-Msi0.txt - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.5-KB2657424_20121230_215923203.html - packed by UNICODE >C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.5-KB958484_20121230_182546828.html - packed by UNICODE >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB977354_20121230_182354468.html is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB982168_20121230_181911718.html is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB977354_20121230_182354468.html - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.0-KB982168_20121230_181911718.html - container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.5-KB2604111_20121230_220348093.html is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.5-KB963707_20121230_182246609-Msi0.txt - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.5-KB958484_20121230_182546828.html is JS-HTML container >C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.5-KB963707_20121230_182246609.html - packed by UNICODE >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.5-KB2657424_20121230_215923203.html is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Norwegian.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.5-KB2604111_20121230_220348093.html - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.5-KB958484_20121230_182546828.html - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\pdo360.tmp - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\pdo68.tmp - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\pdo16E.tmp - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Polish.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Perflib_Perfdata_bac.dat - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.5-KB2657424_20121230_215923203.html - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Portuguese(Brazil).bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Portuguese.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Russian.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\qs-en-utf16.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\SimChin.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Slovak.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Slovenian.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Spanish.bin - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.5-KB963707_20121230_182246609.html is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\SWEDISH.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Microsoft .NET Framework 3.5-KB963707_20121230_182246609.html - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\SET191.tmp - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Thai.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\swt-win32-3740.dll - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\toolbar_log.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\TradChin.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Turkish.bin - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\uxeventlog.txt - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\CommonInstaller.exe\data008 - packed by BINARYRES C:\Documents and Settings\Michael Senff\Local Settings\Temp\Set23D.tmp - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\_isdelet.ini - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\OIC58.tmp - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\{7014E919-2EAA-4158-AB8A-7483300316F4}.dll - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\{A48C7142-8C18-463B-AA5B-A0097DD0CE1F}.ini - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\~DF1F2E.tmp - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\CommonInstaller.exe - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\8CD95628-6839BAB8-8251CD28-34F710F0\6qpfy1g7.exe - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\CRX_75DAF8CB7768\manifest.json - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\00zstied - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\CRX_75DAF8CB7768\crl-set - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\0i9s83yd - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\0oao9ybr - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\05oqcdxs - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\13cbkgyc - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\1j9lq59x - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\TFR38.exe - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\0tc4jzi6 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\2c3cc7bp - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\2hrx1bk1 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\3f5cdptq - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\3jdosabx - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\1s48t9jt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\4blf9nhz - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\8CD95628-6839BAB8-8251CD28-34F710F0\3jjqtynh.dll is BINARYRES container C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\3s02dm22 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\4idkbdzp - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\5dge7qmy - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\5i4lciua - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\60uskbwf - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\72bqybon - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\7knz0vya - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\ToolbarInstaller.exe is BINARYRES container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\ToolbarInstaller.exe\data001 is ZIP archive C:\Documents and Settings\Michael Senff\Local Settings\Temp\ToolbarInstaller.exe\data001 - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\8CD95628-6839BAB8-8251CD28-34F710F0\3jjqtynh.dll\data003 - packed by BINARYRES C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\9fnm37mb - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\6qpfy1g7.exe - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\9ky53qsk - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\a2v624wd - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\9wgs10jp - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\a3of1pu2 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\bgbjacyk.key - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ba0jf7bz - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\c5pou474 - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\8CD95628-6839BAB8-8251CD28-34F710F0\3jjqtynh.dll\data004 - packed by BINARYRES C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\cur0kazg - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\dcjtn7qk - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\dedkzu0s - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\bsxqi1u9 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\dwwlku9v - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\3jjqtynh.dll is BINARYRES container C:\Documents and Settings\Michael Senff\Local Settings\Temp\_is20B.exe - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm is CHM container C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ec23fubw - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\e5pmvbxw - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\erhrr0a1 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\evutvfnk - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\fmygzlo9 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\g6iy9kbo - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\g022mtpl - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\gq8olt25 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\8CD95628-6839BAB8-8251CD28-34F710F0\3jjqtynh.dll - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\gz065ne2 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\hw0bbm8g - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\i0seglip - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\i16libsy - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\3jjqtynh.dll\data003 - packed by BINARYRES C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\i99csduf - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\il9gczgy - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm is CHM container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\3jjqtynh.dll\data004 - packed by BINARYRES >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\cureit70_en_popup_text.js is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_additionaloptions.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_cli_parameters.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\cureit70_ja_popup_html.js is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_cli_switches.htm is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\3jjqtynh.dll - container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_customscan.htm is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\jae4x1dz - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_additionaloptions.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_cli_parameters.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_cli_switches.htm is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\jcjydt6v - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_detectionmethods.htm is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\jet4em2a - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_enfmode.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_customscan.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_detectionmethods.htm is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\kbuk6hfc - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_intro.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_legal.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_enfmode.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_quarantine.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_intro.htm is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\kxx242nk - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_legal.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_quickscan.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_quarantine.htm is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\laz4svn3 - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_quickstart.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_quickscan.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_scan_set_1.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_quickstart.htm is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\lghp8ppe - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_scan_set_2.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_scan_set_1.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_scan_set_3.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_scan_set_2.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_scan_set_4.htm is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\m1cnqcni - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_scan_settings.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_scan_set_3.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_setneutrules.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_scan_set_4.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_scan_settings.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_setneutrules.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_snip_scan_1.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_statistics.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_snip_scan_1.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_sysreq.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_techsupport.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_testing.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\dw_update.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_statistics.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_sysreq.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm\helpman_topicinit.js is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_techsupport.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_testing.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\dw_update.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm\helpman_topicinit.js is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\en.chm - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\md0w92v1 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ggv5nwpp.exe - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ja.chm - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\n18t5qzi - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\n6nzvpdy - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ndrb99tv - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\neisoa6b - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ng6y0ln0 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\nhz50bw5 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\nts2jtjx - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\pnsktmnf - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\on8w4e4q - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ppz31w63 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\m5w0426c.dll - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\pqrn25km - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\r3utp6kk - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\q66r8rp5 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\r2u0dpqq - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ru.chm is CHM container C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\rciabzrq - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\rmt0aykz - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\sg7ay0yu - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\sni6aqxc - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\senpbwkw - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\t7pfoqgj - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\szyb64sl - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\ToolbarInstaller.exe\data002 is BINARYRES container C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\tg6afcyk - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ts4vjrbl - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\uj5y1cme - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\vd2yjdma - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\uxgg0rpp - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\vz1bijda - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\wusvly0y - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\x0x8egvs - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\z7inloz3 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ysjt6e70 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\zn7nidtp - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\h35pdxp9.exe is BINARYRES container C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\zmpd1ovn - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\FixitTempFolder(34B9DFE5-2C9B-404E-AC8C-9B4AF77E7D0A)\PreCheckCA.log - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\zufndlbt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\FixitTempFolder(34B9DFE5-2C9B-404E-AC8C-9B4AF77E7D0A)\RunCA.log - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\h35pdxp9.exe - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Motorola\autorun.inf - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\MATS-Temp\Results\IE Performance and Safety_result.cab is CAB archive C:\Documents and Settings\Michael Senff\Local Settings\Temp\MATS-Temp\Results\IE Performance and Safety_result.cab - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\MATS-Temp\Results\IE Performance and Safety_result.cab - archive >C:\Documents and Settings\Michael Senff\Local Settings\Temp\MATS-Temp\Results\Internet Explorer Add-on_result.cab is CAB archive C:\Documents and Settings\Michael Senff\Local Settings\Temp\MATS-Temp\Results\Internet Explorer Add-on_result.cab - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\MATS-Temp\Results\Internet Explorer Add-on_result.cab - archive C:\Documents and Settings\Michael Senff\Local Settings\Temp\Motorola\netmotcm.cat - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Motorola\NetMotCM.inf - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ru.chm\cureit70_popup_text.js is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ru.chm\dw_cli_switches.htm is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Motorola\NetMotCM.sys - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\SUPERSetup\setup.db3 - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ru.chm\dw_quickstart.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ru.chm\dw_scan_set_2.htm is JS-HTML container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ru.chm\dw_scan_set_3.htm is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\SUPERSetup\SAS_LaunchChromeSetup.exe - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\ToolbarInstaller.exe\data002\data001 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\SUPERSetup\setup.dll - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ru.chm\dw_testing.htm is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Motorola\detect.exe - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ru.chm\helpman_topicinit.js is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\ToolbarInstaller.exe\data002\data002 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Motorola\MotUsbDriverInst.exe - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ru.chm - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Temporary Directory 3 for mbar-1.01.0.1011 (1).zip\mbar\License.rtf - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\ToolbarInstaller.exe\data002\data003 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\ToolbarInstaller.exe\data002\data004 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Temporary Directory 4 for mbar-1.01.0.1011 (1).zip\mbar\mbam.dll - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\ToolbarInstaller.exe\data002\data005 - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\SUPERSetup\SupportCom_Chrome_v1.exe - packed by FLY-CODE C:\Documents and Settings\Michael Senff\Local Settings\Temp\ToolbarInstaller.exe\data002\data006 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\ToolbarInstaller.exe\data002\data007 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\WERf24b.dir00\appcompat.txt - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\WERf24b.dir00\IEXPLORE.EXE.hdmp - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\Temporary Directory 1 for mbar-1.01.0.1011 (1).zip\mbar\mbar.exe is BINARYRES container >>>C:\Documents and Settings\Michael Senff\Local Settings\Temp\ToolbarInstaller.exe\data002\data008 - packed by BINARYRES C:\Documents and Settings\Michael Senff\Local Settings\Temp\ToolbarInstaller.exe\data002\data008 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\ToolbarInstaller.exe\data002 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\ToolbarInstaller.exe - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\ToolbarInstaller.exe - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\WERf24b.dir00\IEXPLORE.EXE.mdmp - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\WERf24b.dir00\manifest.txt - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Temporary Directory 1 for mbar-1.01.0.1011 (1).zip\mbar\mbar.exe\data001 - packed by BINARYRES C:\Documents and Settings\Michael Senff\Local Settings\Temp\_ir_tmpfnt_1\Calibri.FON - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\1086062379.cfg - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\11592134.cfg - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Temporary Directory 1 for mbar-1.01.0.1011 (1).zip\mbar\mbar.exe\data002 - packed by BINARYRES C:\Documents and Settings\Michael Senff\Local Settings\Temp\_ir_tmpfnt_1\Calibri.TFT - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\Temporary Directory 5 for mbar-1.01.0.1011 (1).zip\mbar\mbamcore.dll is BINARYRES container C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\1356238373.cfg - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\2078219770.cfg - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\454288769.cfg - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\520036212.cfg - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\537770292.cfg - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\Temporary Directory 1 for mbar-1.01.0.1011 (1).zip\mbar\mbar.exe\data006 is ZLIB container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Temporary Directory 5 for mbar-1.01.0.1011 (1).zip\mbar\mbamcore.dll - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\69070_Setup.CIS - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\SUPERSetup\SupportCom_Chrome_v1.exe is NSIS container C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\69234_Setup.CIS - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\Temporary Directory 1 for mbar-1.01.0.1011 (1).zip\mbar\mbar.exe - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\92785961.cfg - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\69416_Setup.CIS - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\69286_Setup.CIS - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\couponamazing.exe - is adware program Adware.Shopper.320 C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\couponamazing.exe - infected >>>C:\Documents and Settings\Michael Senff\Local Settings\Temp\SUPERSetup\SupportCom_Chrome_v1.exe\GoogleUpdateSetup_1.3.21.123.exe is LZMA container C:\Documents and Settings\Michael Senff\Local Settings\Temp\isp241.tmp\_Setup.dll - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\SUPERSetup\SupportCom_Chrome_v1.exe - container >C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\EVrMEgeYLP.html is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\EVrMEgeYLP.html - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\isp195.tmp\_Setup.dll - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\EVrMEgeYLP.mht is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\EVrMEgeYLP.mht - container >C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\FxwJX4y5Zd.html is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\FxwJX4y5Zd.html - container >C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\FxwJX4y5Zd.mht is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\Temporary Directory 6 for mbar-1.01.0.1011 (1).zip\mbar\mbamnet.dll - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\FxwJX4y5Zd.mht - container >C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\Hg6Sncsuoe.html is JS-HTML container >C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\Hg6Sncsuoe.mht is JS-HTML container >C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\PricePeepInstaller.exe is NSIS container C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\PricePeepInstaller.exe\script.bin - is adware program Adware.Shopper.297 C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\Hg6Sncsuoe.html - container >C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\KCPab4WbLD.html is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\Hg6Sncsuoe.mht - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\KCPab4WbLD.html - container >C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\KCPab4WbLD.mht is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\KCPab4WbLD.mht - container >C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\oilocal_main.min.js is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\oilocal_main.min.js - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\oilocal_screen_2.min.js - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\oilocal_screen_2_4.min.js is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\oilocal_screen_2_4.min.js - container >C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\T1tspDjYSX.html is JS-HTML container >C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\T1tspDjYSX.mht is JS-HTML container >C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\OIAssistWTD.exe - packed by FLY-CODE C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\T1tspDjYSX.html - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\T1tspDjYSX.mht - container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\PricePeepInstaller.exe\pricepeep@getpricepeep.com.xpi is ZIP archive C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\PricePeepInstaller.exe\pricepeep@getpricepeep.com.xpi - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\PricePeepInstaller.exe\_ìÇ is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\PricePeepInstaller.exe\_ìÇ - Ok >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\OIAssistWTD.exe is LZMA container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\PricePeepInstaller.exe\pricepeep.crx - packed by BINARY PACKAGE >>>C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\PricePeepInstaller.exe\pricepeep.crx is BINARYRES container >C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\wSInfVDLtW.html is JS-HTML container >>>>C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\PricePeepInstaller.exe\pricepeep.crx\data001 is ZIP archive C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\PricePeepInstaller.exe\pricepeep.crx\data001 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\PricePeepInstaller.exe\pricepeep.crx - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\winzip170-32.msi is OLE container C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\wSInfVDLtW.html - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\PricePeepInstaller.exe\pricepeep.dll - is adware program Adware.Shopper.297 C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\PricePeepInstaller.exe\pricepeep.dll - infected C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\PricePeepInstaller.exe\installer.ico - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\wSInfVDLtW.mht is JS-HTML container C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\wSInfVDLtW.mht - container >C:\Documents and Settings\Michael Senff\Local Settings\Temp\{457D7505-D665-4F95-91C3-ECB8C56E9ACA}\ycc.dll is BINARYRES container C:\Documents and Settings\Michael Senff\Local Settings\Temp\{457D7505-D665-4F95-91C3-ECB8C56E9ACA}\ycc.dll - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\OIAssistWTD.exe - container C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\PricePeepInstaller.exe\_ÜÇ\inetc.dll - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\PricePeepInstaller.exe - infected container C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\PricePeepInstaller.exe - infected container C:\Documents and Settings\Michael Senff\Local Settings\Temp\{668771E9-5081-4BDF-B025-C1E6722C2542}\_Setup.dll - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\Aug2008_d3dx10_39_x86.cab is CAB archive C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\Aug2008_d3dx10_39_x86.cab - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\Aug2008_d3dx10_39_x86.cab - archive >C:\Documents and Settings\Michael Senff\Local Settings\Temp\{668771E9-5081-4BDF-B025-C1E6722C2542}\ISSetup.dll - packed by UPX >C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\Aug2008_d3dx9_39_x86.cab is CAB archive C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\Aug2008_d3dx9_39_x86.cab - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\Aug2008_d3dx9_39_x86.cab - archive >C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\Aug2008_XAudio_x86.cab is CAB archive C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\Aug2008_XAudio_x86.cab - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\Aug2008_XAudio_x86.cab - archive C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\DSETUP.dll - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\dxdllreg_x86.cab is CAB archive C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\dxdllreg_x86.cab - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\dxdllreg_x86.cab - archive >C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\dxnt.cab is CAB archive C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\dxnt.cab - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\dxnt.cab - archive C:\Documents and Settings\Michael Senff\Local Settings\Temp\{668771E9-5081-4BDF-B025-C1E6722C2542}\ISSetup.dll - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\dxupdate.cab is CAB archive C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\dxupdate.cab - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\dxupdate.cab - archive C:\Documents and Settings\Michael Senff\Local Settings\Temp\~nsu.tmp\1 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\DXSETUP.exe - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe is BINARYRES container C:\Documents and Settings\Michael Senff\Local Settings\Temp\{9D881ADB-E350-4118-8146-09BCC96D6EDE}\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\dsetup32.dll - Ok >C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\69060_Setup.EXE is CAB archive C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\69060_Setup.EXE - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\69060_Setup.EXE - archive >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe\data001 is BINARYRES container >>>C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe\data001\data001 is ZIP archive C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe\data001\data001 - Ok >>>C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe\data001\data002 is BINARYRES container C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe\data001\data002\data001 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe\data001\data002\data002 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe\data001\data002\data003 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe\data001\data002\data004 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe\data001\data002\data005 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe\data001\data002\data006 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe\data001\data002\data007 - Ok >>>>C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe\data001\data002\data008 - packed by BINARYRES C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe\data001\data002\data008 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe\data001\data002 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe\data001 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe\data002 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe\data003 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe\data004 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\avg.exe - container >>C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\winzip170-32.msi\stream000 is CAB archive C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\winzip170-32.msi\stream000 - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\winzip170-32.msi - Ok C:\Documents and Settings\Michael Senff\Local Settings\Temp\oi_l9QOA1j2VI\winzip170-32.msi - container Total 2807290222 bytes in 8797 files scanned (11535 objects) Total 8780 files (11514 objects) are clean Total 2 files (3 objects) are infected Total 17 files are raised error condition Scan time is 00:04:12.328 ----------------------------------------------------------------------------- Start curing ----------------------------------------------------------------------------- C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\couponamazing.exe - quarantined C:\Documents and Settings\Michael Senff\Local Settings\Temp\is754907076\PricePeepInstaller.exe - quarantined Total 2807290222 bytes in 8797 files scanned (11535 objects) Total 8780 files (11514 objects) are clean Total 2 files (3 objects) are infected Total 2 files (3 objects) are neutralized Total 17 files are raised error condition Scan time is 00:04:12.328 ============================================================================= Dr.Web Scanner SE for Windows v7.0.100.12030 © Doctor Web, Ltd., 1992-2012 Scan session started 2013/01/01 20:21:21 Module location : c:\documents and settings\michael senff\local settings\temp\D419F6F6-4A31F54F-720F284C-4CBDCC38\ ============================================================================= OPTION [Automatic Apply Actions] NO OPTION [Turn Off Computer After Scan] NO OPTION [use Sound Alerts] NO OPTION [block Network] NO OPTION [Protect Process] NO OPTION [Protect Raw Disk] NO Using language: "English" ============================================================================= Dr.Web Scanner SE for Windows v7.0.100.12030 © Doctor Web, Ltd., 1992-2012 Scan session started 2013/01/01 20:22:00 Module location : c:\documents and settings\michael senff\local settings\temp\3A5B7962-2EAEEAB4-B9D2C94-B79934C4\ ============================================================================= OPTION [Automatic Apply Actions] NO OPTION [Turn Off Computer After Scan] NO OPTION [use Sound Alerts] NO OPTION [block Network] NO OPTION [Protect Process] NO OPTION [Protect Raw Disk] NO Using language: "English" Available instances: 6 Instances used: 6 Platform: Windows XP Home x86 (Build 2600), Service Pack 3 API Version: 2.2 Scanning Engine version: 8.0.1.11280 Virus Finding Engine version: 7.0.4.9250 Total 89 virus bases are loaded from c:\documents and settings\michael senff\local settings\temp\3A5B7962-2EAEEAB4-B9D2C94-B79934C4 vd2yjdma 7.0 9015eded52680399ec1df18349ecbcd74f613b02 2013/01/01 18:10:28 908 records - OK neisoa6b 7.0 f5d1425097a34628f8d752212dabf9732d209c98 2011/07/25 09:20:03 1 record - OK pnsktmnf 7.0 4c38b4db39d5be63a02c898d2438b6c04405a48f 2013/01/01 13:02:18 3916 records - OK t7pfoqgj 7.0 805b6089c867549c75f843eac96b759c3f8d101f 2012/12/30 21:05:41 18184 records - OK ysjt6e70 7.0 c12a817c1f95bb9fd8238ef0d5f68868a8d95686 2012/12/23 21:05:33 30183 records - OK dcjtn7qk 7.0 33def496782eb5b7b1cc93fdb036a1b62fa6a2fd 2012/12/16 21:06:21 25519 records - OK nts2jtjx 7.0 422abae03c588822f412aa9aae50578a1d61737e 2012/12/09 21:05:04 20358 records - OK n6nzvpdy 7.0 a4f0d0ecad4fb6e0afdb1925f4e0b7863b9d03fa 2012/12/02 21:06:19 20133 records - OK rciabzrq 7.0 86daa918ee3de1e4c1e5dea6f9b5f63544cf8814 2012/11/25 21:05:22 27311 records - OK kxx242nk 7.0 6556881c748e1f894eb9c7943ebae67017e1aec2 2012/11/18 21:06:09 29434 records - OK 0tc4jzi6 7.0 559141ef34f9e6226bb58560e9b52e4cc5165150 2012/11/11 21:06:22 26900 records - OK cur0kazg 7.0 cc55013e63ff89319ec772e34d77056c7108cd3b 2012/11/04 21:05:22 25164 records - OK 05oqcdxs 7.0 f477dc247d9b562bb64fd4f46a7dcbdf7124eb60 2012/10/28 22:06:37 30226 records - OK ndrb99tv 7.0 abaf5f7fda7308fcf7573b193bbf2116723e9802 2012/10/21 22:04:37 16441 records - OK jet4em2a 7.0 5adc85528fb49e201d4bc61eca580d6839cc4a4c 2012/10/14 22:05:04 26289 records - OK g022mtpl 7.0 da8cf3fbd81206bb3d8103347a439f920a74bbe2 2012/10/07 22:05:51 27278 records - OK dedkzu0s 7.0 5988744d3cb357f1a013427d466e2d79ab5f8907 2012/09/30 22:05:11 17444 records - OK n18t5qzi 7.0 d4a0dabf4a4df0f79805c6ccdc025f796765e786 2012/09/23 22:06:30 21205 records - OK 5i4lciua 7.0 82ed005784d9e258213070a0cd8bfceff345018d 2012/09/16 22:05:43 11686 records - OK ba0jf7bz 7.0 a95ae63004b8d857c2db055f4e47c15bfc97f626 2012/09/09 22:04:34 12677 records - OK 7knz0vya 7.0 c39bf233d25242ae9ed8cf204b9b788c8f45ab79 2012/09/02 22:05:28 10118 records - OK 2c3cc7bp 7.0 d37b5484b009947b7cdd3837dafe8148615401c2 2012/08/26 22:05:26 12602 records - OK laz4svn3 7.0 41bf1347794ab7060dec7aaecc1d1d95cf6fecb5 2012/08/19 22:04:05 18298 records - OK 00zstied 7.0 1a997511e5892aaeb69b3db70e06676af36382e3 2012/08/12 22:05:19 17126 records - OK z7inloz3 7.0 f7226c59914e3683e538e668c3b664af3232654d 2012/08/05 22:03:53 20539 records - OK 13cbkgyc 7.0 4035c8d3b617bf935a317a8c57efaa8e835a61f4 2012/07/29 22:05:26 19330 records - OK 4blf9nhz 7.0 09b55bc000f184ed426f1d8b9665669346fe5e71 2012/07/22 22:05:34 19692 records - OK gz065ne2 7.0 f746c097f298e94faa9db94e6f64ef9fd4a7b010 2012/07/15 22:05:43 14727 records - OK ng6y0ln0 7.0 792a6a25a17e764390440cd4c2c6ca5a97ab162f 2012/07/08 22:04:33 19485 records - OK jae4x1dz 7.0 ca9905c39e3d93428a4db65a192debe9fbd7acf7 2012/07/01 22:04:55 22898 records - OK on8w4e4q 7.0 dc29c610b866c66ba5327e7830452b2460149a35 2012/06/24 22:05:17 20551 records - OK m1cnqcni 7.0 c28739bea153508d12942ac9a61abd475d0a0404 2012/06/17 22:03:35 9661 records - OK bsxqi1u9 7.0 e5b5835a7c512120c5348e31483a4caa2a845d28 2012/06/10 22:04:32 23632 records - OK sg7ay0yu 7.0 61853ce89026ef0ebbd80174f1b7dd5d25bbc63a 2012/06/03 22:04:41 12423 records - OK szyb64sl 7.0 4e6c9897e153b47ca97b7da48ceed23e555a7761 2012/05/27 22:04:26 15493 records - OK a3of1pu2 7.0 35f4c105cecd8ec1fd01714abebf30f8f3efb96e 2012/05/20 22:03:29 13065 records - OK i99csduf 7.0 3522aa84677411aa7d67796bb05ea3ab62f02a71 2012/05/13 22:04:24 16238 records - OK r2u0dpqq 7.0 7597333540eda537bd42c0a17d4a6526ad247a2e 2012/05/06 22:04:33 11570 records - OK dwwlku9v 7.0 867814380363bc6ad605acf4b96e02c54dbd60f7 2012/04/29 22:03:28 15478 records - OK zn7nidtp 7.0 3c04f402d91a19039cb9c223c435dc4ea1bb3da4 2012/04/22 22:05:05 11881 records - OK 3f5cdptq 7.0 8d0220a2a50b367e61a51d3b29c2659cde41bb7f 2012/04/15 22:03:29 13578 records - OK 60uskbwf 7.0 b79dc6f5832ad390108d1880694ec538e8b34bb0 2012/04/08 22:05:02 14292 records - OK 2hrx1bk1 7.0 8ff7cc095c43c2154275b7a54a89bf365e8daf4a 2012/04/01 22:03:24 14084 records - OK wusvly0y 7.0 9502a428b32be4ad08556134e271c9ba03195398 2012/03/25 22:04:43 19126 records - OK uj5y1cme 7.0 28c2fabbc645aff41baac12b911a8499ea163536 2012/03/18 22:03:23 14920 records - OK kbuk6hfc 7.0 86de597ff06e58206f94263f2eef33cb41b2530c 2012/03/11 22:03:25 19017 records - OK zmpd1ovn 7.0 5bd1d666e7c9ca70c34e591dc6c55314ce4b11af 2012/03/04 21:04:32 19691 records - OK c5pou474 7.0 15a9d10c451d2fcf124700f29f557d9bf338e671 2012/02/26 21:03:21 23605 records - OK uxgg0rpp 7.0 5647d941e5358105ca6558dce78873f06c48d5dc 2012/02/19 21:03:45 19067 records - OK 4idkbdzp 7.0 c9b2600cb665ce34e0ccd0f19e0a88cd44437f51 2012/02/12 21:04:49 19019 records - OK senpbwkw 7.0 9df2e129e78a9d9ab491186da1329c1dd1190e17 2012/02/05 21:05:25 28028 records - OK 5dge7qmy 7.0 b69b9504a51b8777b8e95a4680dc8ac1d8d8c25d 2012/01/29 21:08:41 29444 records - OK gq8olt25 7.0 3d7431bdee1a22d6329e017f348db7760f2645ac 2012/01/23 02:22:13 19353 records - OK ts4vjrbl 7.0 e04570f78fb00d758abdf77c534a460980e102c0 2012/01/15 21:12:31 20747 records - OK md0w92v1 7.0 2de2479b112c4416e2375343f57ca789b042aecc 2012/01/08 21:04:30 28052 records - OK 3jdosabx 7.0 c4bd9612ff1f71d8bd23b4f1bc114eed1ae2ee6b 2012/01/01 21:04:40 12183 records - OK pqrn25km 7.0 28b1d218ade8f05fdc8550c7456ac3b74f705208 2011/12/25 21:03:33 19984 records - OK q66r8rp5 7.0 539e41e8f3d97a6f347600c7cef903d9f34e0518 2011/12/18 21:08:45 22627 records - OK tg6afcyk 7.0 f8e81968965f555bce0d02fc9933fee840b97aaf 2011/12/12 14:20:22 49580 records - OK nhz50bw5 7.0 14751e0f442bba3efc08ee12d82a2815c61cfeb6 2011/12/04 02:00:00 45195 records - OK 0oao9ybr 7.0 5bc1f5e30792d018658f2dcdb35fc0bcbdcf4e1e 2011/12/04 01:00:00 171075 records - OK 72bqybon 7.0 0f948a7d416c556bfc8a8be2c2c39f998fee6d9e 2011/12/04 00:00:00 170820 records - OK vz1bijda 7.0 9357c3cc73a4a374346a678f197daa22496c7ae5 2011/12/03 23:00:00 171279 records - OK 9ky53qsk 7.0 ae56b06b3d6f1e13c5f10cce4ed68f2cccbf3298 2011/12/03 22:00:00 170253 records - OK evutvfnk 7.0 fdaab5c1079d02c94f20d07c39d638cad79d8771 2011/12/03 21:00:00 170291 records - OK 9wgs10jp 7.0 b59d8841e65d7670b2aae7f2b65734269f6c4fe3 2011/12/03 20:00:00 170501 records - OK
- January 2, 2013
- 79 replies
Outgoing Malicious IP Blocks. Suspect Infection

MicQsenoch replied to MicQsenoch's topic in Resolved Malware Removal Logs

C:\WINDOWS\system32\spool\prtprocs\x64\filterpipelineprintproc.dll - Ok C:\WINDOWS\system32\usmt\archvapp.inf - Ok C:\WINDOWS\system32\spool\drivers\w32x86\3\unires.dll - Ok C:\WINDOWS\system32\usmt\cobramsg.dll - Ok C:\WINDOWS\system32\spool\XPSEP\i386\i386\xpssvcs.dll - Ok C:\WINDOWS\system32\spool\drivers\w32x86\3\unidrvui.dll - Ok C:\WINDOWS\system32\usmt\iconlib.dll - Ok C:\WINDOWS\system32\usmt\log.dll - Ok C:\WINDOWS\system32\usmt\migapp.inf - Ok C:\WINDOWS\system32\usmt\guitrn.dll - Ok C:\WINDOWS\system32\usmt\guitrn_a.dll - Ok C:\WINDOWS\system32\usmt\guitrna.dll - Ok C:\WINDOWS\system32\usmt\migism.inf - Ok C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe - Ok C:\WINDOWS\system32\usmt\migsys.inf - Ok C:\WINDOWS\system32\usmt\miguser.inf - Ok C:\WINDOWS\system32\usmt\migload.exe - Ok C:\WINDOWS\system32\usmt\migism_a.dll - Ok C:\WINDOWS\system32\usmt\migwiz.inf - Ok C:\WINDOWS\system32\usmt\migisma.dll - Ok C:\WINDOWS\system32\usmt\migwiz.exe.manifest - Ok C:\WINDOWS\system32\usmt\migism.dll - Ok C:\WINDOWS\system32\usmt\migwiz.exe - Ok C:\WINDOWS\system32\usmt\scripta.dll - Ok C:\WINDOWS\system32\usmt\script_a.dll - Ok C:\WINDOWS\system32\usmt\script.dll - Ok C:\WINDOWS\system32\usmt\migwiza.exe - Ok C:\WINDOWS\system32\usmt\migwiz_a.exe - Ok C:\WINDOWS\system32\usmt\usmtdef.inf - Ok C:\WINDOWS\system32\spool\drivers\w32x86\3\XpsSvcs.dll - Ok C:\WINDOWS\system32\usmt\sysmoda.dll - Ok C:\WINDOWS\system32\usmt\sysmod.dll - Ok C:\WINDOWS\system32\usmt\sysmod_a.dll - Ok C:\WINDOWS\system32\wbem\dgnet.mof - Ok C:\WINDOWS\system32\wbem\dsprov.mfl - Ok C:\WINDOWS\system32\wbem\cimwin32.mfl - Ok C:\WINDOWS\system32\wbem\dsprov.mof - Ok C:\WINDOWS\system32\wbem\evntrprv.dll - Ok C:\WINDOWS\system32\wbem\cimwin32.mof - Ok C:\WINDOWS\system32\wbem\dsprov.dll - Ok C:\WINDOWS\system32\wbem\evntrprv.mof - Ok C:\WINDOWS\system32\wbem\fconprov.mfl - Ok C:\WINDOWS\system32\wbem\fevprov.mfl - Ok C:\WINDOWS\system32\wbem\fconprov.mof - Ok C:\WINDOWS\system32\wbem\esscli.dll - Ok C:\WINDOWS\system32\wbem\fevprov.mof - Ok C:\WINDOWS\system32\wbem\hnetcfg.mof - Ok C:\WINDOWS\system32\wbem\fastprox.dll - Ok C:\WINDOWS\system32\wbem\ieinfo5.mof - Ok C:\WINDOWS\system32\wbem\fwdprov.dll - Ok C:\WINDOWS\system32\wbem\krnlprov.dll - Ok C:\WINDOWS\system32\wbem\krnlprov.mfl - Ok C:\WINDOWS\system32\wbem\framedyn.dll - Ok C:\WINDOWS\system32\wbem\licwmi.mfl - Ok C:\WINDOWS\system32\wbem\licwmi.mof - Ok C:\WINDOWS\system32\wbem\krnlprov.mof - Ok C:\WINDOWS\system32\wbem\mofcomp.exe - Ok C:\WINDOWS\system32\usmt\sysfiles.inf - Ok C:\WINDOWS\system32\wbem\msi.mfl - Ok C:\WINDOWS\system32\wbem\msi.mof - Ok C:\WINDOWS\system32\wbem\napclientprov.mof - Ok C:\WINDOWS\system32\wbem\ncprov.mfl - Ok C:\WINDOWS\system32\wbem\napclientschema.mof - Ok C:\WINDOWS\system32\wbem\ncprov.dll - Ok C:\WINDOWS\system32\wbem\ncprov.mof - Ok C:\WINDOWS\system32\wbem\ntevt.mfl - Ok C:\WINDOWS\system32\wbem\ntevt.mof - Ok C:\WINDOWS\system32\wbem\mofd.dll - Ok C:\WINDOWS\system32\wbem\regevent.mfl - Ok C:\WINDOWS\system32\wbem\regevent.mof - Ok C:\WINDOWS\system32\wbem\scm.mof - Ok C:\WINDOWS\system32\wbem\repdrvfs.dll - Ok C:\WINDOWS\system32\wbem\scrcons.mfl - Ok C:\WINDOWS\system32\wbem\ntevt.dll - Ok C:\WINDOWS\system32\wbem\scrcons.mof - Ok C:\WINDOWS\system32\wbem\secrcw32.mfl - Ok C:\WINDOWS\system32\wbem\provthrd.dll - Ok C:\WINDOWS\system32\wbem\secrcw32.mof - Ok C:\WINDOWS\system32\wbem\cimwin32.dll - Ok C:\WINDOWS\system32\wbem\msiprov.dll - Ok C:\WINDOWS\system32\wbem\smtpcons.mof - Ok C:\WINDOWS\system32\wbem\smtpcons.mfl - Ok C:\WINDOWS\system32\wbem\sr.mof - Ok C:\WINDOWS\system32\wbem\subscrpt.mof - Ok C:\WINDOWS\system32\wbem\smtpcons.dll - Ok C:\WINDOWS\system32\wbem\tmplprov.mfl - Ok C:\WINDOWS\system32\wbem\tmplprov.mof - Ok C:\WINDOWS\system32\wbem\trnsprov.mfl - Ok C:\WINDOWS\system32\wbem\tmplprov.dll - Ok C:\WINDOWS\system32\wbem\trnsprov.dll - Ok C:\WINDOWS\system32\wbem\trnsprov.mof - Ok C:\WINDOWS\system32\wbem\tscfgwmi.mfl - Ok C:\WINDOWS\system32\wbem\stdprov.dll - Ok C:\WINDOWS\system32\wbem\tscfgwmi.mof - Ok C:\WINDOWS\system32\wbem\updprov.mof - Ok C:\WINDOWS\system32\wbem\updprov.mfl - Ok C:\WINDOWS\system32\wbem\wbemads.dll - Ok C:\WINDOWS\system32\wbem\updprov.dll - Ok C:\WINDOWS\system32\wbem\unsecapp.exe - Ok C:\WINDOWS\system32\wbem\wbemads.tlb - Ok C:\WINDOWS\system32\wbem\viewprov.dll - Ok C:\WINDOWS\system32\wbem\wbemcons.mfl - Ok C:\WINDOWS\system32\wbem\wbemcons.dll - Ok C:\WINDOWS\system32\wbem\system.mof - Ok C:\WINDOWS\system32\wbem\wbemcomn.dll - Ok C:\WINDOWS\system32\wbem\scrcons.exe - Ok C:\WINDOWS\system32\wbem\wbemcons.mof - Ok C:\WINDOWS\system32\wbem\wbemdisp.tlb - Ok C:\WINDOWS\system32\wbem\wbemcntl.dll - Ok C:\WINDOWS\system32\wbem\wbemprox.dll - Ok C:\WINDOWS\system32\wbem\wbemperf.dll - Ok C:\WINDOWS\system32\wbem\wbemsvc.dll - Ok C:\WINDOWS\system32\wbem\wbemcore.dll - Ok C:\WINDOWS\system32\wbem\whqlprov.mof - Ok C:\WINDOWS\system32\wbem\wbemess.dll - Ok C:\WINDOWS\system32\wbem\winmgmtr.dll - Ok C:\WINDOWS\system32\wbem\wbemdisp.dll - Ok C:\WINDOWS\system32\wbem\wmi.mfl - Ok C:\WINDOWS\system32\wbem\wmi.mof - Ok C:\WINDOWS\system32\wbem\wmiapres.dll - Ok C:\WINDOWS\system32\wbem\wbemtest.exe - Ok C:\WINDOWS\system32\wbem\wmiaprpl.dll - Ok C:\WINDOWS\system32\wbem\wmiapsrv.exe - Ok C:\WINDOWS\system32\wbem\winmgmt.exe - Ok C:\WINDOWS\system32\wbem\wmicookr.dll - Ok C:\WINDOWS\system32\wbem\wmipcima.mfl - Ok C:\WINDOWS\system32\wbem\wbemupgd.dll - Ok C:\WINDOWS\system32\wbem\wmimsg.dll - Ok C:\WINDOWS\system32\wbem\wmidcprv.dll - Ok C:\WINDOWS\system32\wbem\wmipcima.mof - Ok C:\WINDOWS\system32\wbem\wmipdskq.mfl - Ok C:\WINDOWS\system32\wbem\wmipcima.dll - Ok C:\WINDOWS\system32\wbem\wmipdskq.mof - Ok C:\WINDOWS\system32\wbem\wmiadap.exe - Ok C:\WINDOWS\system32\wbem\wmipicmp.mfl - Ok C:\WINDOWS\system32\wbem\wmipicmp.mof - Ok C:\WINDOWS\system32\wbem\wmipiprt.mfl - Ok C:\WINDOWS\system32\wbem\wmipiprt.mof - Ok C:\WINDOWS\system32\wbem\wmipicmp.dll - Ok C:\WINDOWS\system32\wbem\wmipiprt.dll - Ok C:\WINDOWS\system32\wbem\wmipjobj.mfl - Ok C:\WINDOWS\system32\wbem\wmipjobj.dll - Ok C:\WINDOWS\system32\wbem\wmipjobj.mof - Ok C:\WINDOWS\system32\wbem\wmiprov.dll - Ok C:\WINDOWS\system32\wbem\wmipsess.mfl - Ok C:\WINDOWS\system32\wbem\wmipsess.mof - Ok C:\WINDOWS\system32\wbem\wmiprvse.exe - Ok C:\WINDOWS\system32\wbem\wmipsess.dll - Ok C:\WINDOWS\system32\wbem\wmitimep.mfl - Ok C:\WINDOWS\system32\wbem\wmipdskq.dll - Ok C:\WINDOWS\system32\wbem\wmitimep.mof - Ok C:\WINDOWS\system32\wbem\wmisvc.dll - Ok C:\WINDOWS\system32\wbem\wmiprvsd.dll - Ok C:\WINDOWS\system32\wbem\AutoRecover\02E78424AB18BDBFA706C08B7D7B9F1D.mof - Ok C:\WINDOWS\system32\wbem\wscenter.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\092389D621F5A8834203DAAC74CCA279.mof - Ok C:\WINDOWS\system32\wbem\wmiutils.dll - Ok C:\WINDOWS\system32\wbem\wmitimep.dll - Ok C:\WINDOWS\system32\wbem\AutoRecover\1E97A05DE566CF6EEAE29D0634E27392.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\20D2C3B8CE10B96CE6B8A3C241EF4416.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\2A61A823DC2C1C838EE71C4351BED0B4.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\26D6C4EB696DD0C83F5D5BF2235000A7.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\2C142C4C15E3B8D139B98154CD083071.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\2DA80135BA8EC175C9B1C1598F659434.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\0A9DBC92D554324656F61F9862679F27.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\2AA23BB86A5EBD8BC2D820944E55B233.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\2CE64FBD51953C097BB5470043A6DAF9.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\37134956F76D3C30C9BE0C12571CAF43.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\42355E8E232EF8CADD187D531DEC55DD.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\1EBE968EB7AF815A32641E6185350A9E.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\42C894EEACAD83A4E41154685841B3E1.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\608B41C6A2CD9460C2263E6CD80C335A.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\701B705ED7DF100F88D5BC4A595E938D.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\26C097A9392F8C541AD42E89B7909073.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\79E817BC978E2D450EB9E3794DFDA6CF.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\7A62FA52E22CE751514BC93BE067BC80.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\6B38F33147D0369D5038BBB61C7A31C8.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\731AE1FC8C795979F40FAD645FFBAEB1.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\72F867EF62976CE9F70993FF3E68A4EB.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\852ECCDBABE77624586E4417FE66F857.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\7BDE76979585395D59B5DA1D62E63C50.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\7F417E1A6D819A9B2FEB55DA6858EA0A.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\903E49C444C46FEF5F2C3A189C9CEF71.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\9AD3182A2F39A3E091E15109132EC6CC.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\98473EDE03F6AA4FAE07C9B8533F89F7.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\3EC317800FF508210BB945C81C0EACE7.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\A99860BB696AE92ED001E48B014365CE.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\958A50DFF8A9DF5FAEA042AC9F60815F.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\ABB70D53B97FC8002205F77E02C97304.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\8636DC7F9479DACE6778109CB4FB4B01.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\A7575F8DE31A912FFE91A7A41B1E382A.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\C81ACF420917AA0F87487BC4D958BEB4.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\AEA50E449C23761CA4D9B7F9ED0D9C89.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\AE7023598F41510BF261111652046301.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\CFC35B349D24A8495FD2CEAB15C32D88.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\C92641594A6F2DA8A55FE4738AFDA539.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\BE81B2C0741907C1FC1C42B6223E59AD.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\7E27EAAD25AA36FEADFF502991DFC5C1.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\CA0106054EB09C302ED3E0669F99D021.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\DBD781C2C031C708BCB490F228E7BEF9.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\E04DE4CDFEC284A342159BB920976701.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\DFD614E4D613EF4506AC8F525F5F514B.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\EDBF963FB003D0670AA9C2219BD091FB.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\C6300BFE37ADE6B52EC023F66124985F.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\E441354B9FE5F63362A481C9B9195A73.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\DFB9AD54AC2D3B8122567AAD3BF3EB7F.mof - Ok C:\WINDOWS\system32\wbem\AutoRecover\E737DE61441445E1FDFCA45EF5E7D987.mof - Ok C:\WINDOWS\system32\wbem\Logs\FrameWork.log - Ok C:\WINDOWS\system32\wbem\AutoRecover\FAAD7D567E76CAB10704AFD7C0488F23.mof - Ok C:\WINDOWS\system32\wbem\Logs\replog.log - Ok C:\WINDOWS\system32\wbem\Logs\setup.log - Ok C:\WINDOWS\system32\wbem\AutoRecover\DC999686F8B85B326CEDFA199DD07F72.mof - Ok C:\WINDOWS\system32\wbem\Logs\WinMgmt.log - Ok C:\WINDOWS\system32\wbem\Logs\wbemprox.log - Ok C:\WINDOWS\system32\wbem\Logs\wmiprov.log - Ok C:\WINDOWS\system32\wbem\Performance\WmiApRpl.h - Ok C:\WINDOWS\system32\wbem\Logs\mofcomp.log - Ok C:\WINDOWS\system32\wbem\Logs\wmiadap.log - Ok C:\WINDOWS\system32\wbem\Logs\wbemess.lo_ - Ok C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR - Ok C:\WINDOWS\system32\wbem\Repository\$WinMgmt.CFG - Ok C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER - Ok C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP - Ok C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP - Ok C:\WINDOWS\system32\wbem\Logs\wbemess.log - Ok C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP - Ok C:\WINDOWS\system32\wbem\Performance\WmiApRpl.ini - Ok C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP - Ok C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA - Ok C:\WINDOWS\system32\wbem\xml\cim20.dtd - Ok C:\WINDOWS\system32\wbem\Logs\wbemcore.log - Ok C:\WINDOWS\system32\wbem\xml\wmi20.dtd - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_arithmetic_operators.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_alias.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_associative_array.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_assignment_operators.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_array.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_automatic_variables.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_break.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_continue.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_command_syntax.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_commonparameters.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_command_search.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_core_commands.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_escape_character.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_environment_variable.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_execution_environment.help.txt - Ok C:\WINDOWS\system32\wbem\xml\wmi2xml.dll - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_for.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_display.xml.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_comparison_operators.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_globbing.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_flow_control.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_filter.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_function.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_if.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_history.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_location.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_line_editing.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_logical_operator.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_foreach.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_method.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_namespace.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_object.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_parameter.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_parsing.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_property.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_provider.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_path_syntax.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_operator.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_pipeline.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_redirection.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_quoting_rules.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_scope.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_ref.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_reserved_words.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_regular_expression.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_script_block.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_pssnapins.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_special_characters.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_shell_variable.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_signing.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_where.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_system_state.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_types.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_wildcard.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\eula.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_switch.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\about_while.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\default.help.txt - Ok C:\WINDOWS\system32\windowspowershell\v1.0\certificate.format.ps1xml - Ok C:\WINDOWS\system32\windowspowershell\v1.0\filesystem.format.ps1xml - Ok C:\WINDOWS\system32\windowspowershell\v1.0\microsoft.powershell.consolehost.dll-help.xml - Ok C:\WINDOWS\system32\windowspowershell\v1.0\dotnettypes.format.ps1xml - Ok C:\WINDOWS\system32\windowspowershell\v1.0\help.format.ps1xml - Ok C:\WINDOWS\system32\windowspowershell\v1.0\microsoft.powershell.commands.management.dll-help.xml - Ok C:\WINDOWS\system32\windowspowershell\v1.0\microsoft.powershell.security.dll-help.xml - Ok C:\WINDOWS\system32\windowspowershell\v1.0\microsoft.powershell.commands.utility.dll-help.xml - Ok C:\WINDOWS\system32\windowspowershell\v1.0\powershell.exe.mui - Ok C:\WINDOWS\system32\windowspowershell\v1.0\powershelltrace.format.ps1xml - Ok C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll - Ok C:\WINDOWS\system32\windowspowershell\v1.0\powershellcore.format.ps1xml - Ok C:\WINDOWS\system32\windowspowershell\v1.0\pwrshmsg.dll - Ok C:\WINDOWS\system32\windowspowershell\v1.0\registry.format.ps1xml - Ok C:\WINDOWS\system32\windowspowershell\v1.0\releasenotes.rtf - Ok C:\WINDOWS\system32\windowspowershell\v1.0\types.ps1xml - Ok C:\WINDOWS\system32\windowspowershell\v1.0\examples\profile.ps1 - Ok C:\Documents and Settings\Michael Senff\My Documents\desktop.ini - Ok C:\WINDOWS\system32\windowspowershell\v1.0\system.management.automation.dll-help.xml - Ok >C:\Documents and Settings\Michael Senff\My Documents\Downloads\dds.scr - packed by UPX C:\WINDOWS\system32\windowspowershell\v1.0\powershell.exe - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\dds.scr:Zone.Identifier - Ok C:\WINDOWS\system32\windowspowershell\v1.0\quadfold.rtf - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\drweb-cureit.exe:Zone.Identifier - Ok >C:\Documents and Settings\Michael Senff\My Documents\Downloads\drweb-cureit.exe is BINARYRES container >C:\Documents and Settings\Michael Senff\My Documents\Downloads\erunt-setup.exe is INNO SETUP container >>C:\Documents and Settings\Michael Senff\My Documents\Downloads\drweb-cureit.exe\data001 - packed by BINARYRES >>C:\Documents and Settings\Michael Senff\My Documents\Downloads\drweb-cureit.exe\data002 - packed by BINARYRES C:\Documents and Settings\Michael Senff\My Documents\Downloads\drweb-cureit.exe - container C:\Documents and Settings\Michael Senff\My Documents\Downloads\erunt-setup.exe:Zone.Identifier - Ok >C:\Documents and Settings\Michael Senff\My Documents\mseinstall.exe is CAB archive C:\Documents and Settings\Michael Senff\My Documents\mseinstall.exe - Ok C:\Documents and Settings\Michael Senff\My Documents\mseinstall.exe - archive C:\Documents and Settings\Michael Senff\My Documents\Downloads\LeagueofLegends.exe:Zone.Identifier - Ok >>C:\Documents and Settings\Michael Senff\My Documents\Downloads\dds.scr - packed by FLY-CODE >C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1).zip is ZIP archive C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1).zip - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1).zip - archive C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1).zip:Zone.Identifier - Ok >C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011(1).zip is ZIP archive C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011(1).zip - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011(1).zip - archive C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011(1).zip:Zone.Identifier - Ok >C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011.zip is ZIP archive C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011.zip - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011.zip - archive C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011.zip:Zone.Identifier - Ok >C:\Documents and Settings\Michael Senff\My Documents\Downloads\LeagueofLegends.exe - packed by UPX >>C:\Documents and Settings\Michael Senff\My Documents\Downloads\erunt-setup.exe\Script2.bin - packed by BINARYRES >C:\Documents and Settings\Michael Senff\My Documents\Downloads\RogueKiller.exe - packed by UPX C:\WINDOWS\system32\windowspowershell\v1.0\gettingstarted.rtf - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\RogueKiller.exe:Zone.Identifier - Ok C:\WINDOWS\system32\windowspowershell\v1.0\userguide.rtf - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\RSIT.exe:Zone.Identifier - Ok >>C:\Documents and Settings\Michael Senff\My Documents\Downloads\erunt-setup.exe\{app}\AUTOBACK.EXE - packed by UPX >>C:\Documents and Settings\Michael Senff\My Documents\Downloads\erunt-setup.exe\{app}\ERDNT.E_E - packed by UPX >C:\Documents and Settings\Michael Senff\My Documents\Downloads\SecurityCheck.exe - packed by FLY-CODE >>>C:\Documents and Settings\Michael Senff\My Documents\Downloads\erunt-setup.exe\{app}\ERDNT.E_E - packed by UPX >>C:\Documents and Settings\Michael Senff\My Documents\Downloads\erunt-setup.exe\{app}\ERUNT.EXE - packed by UPX >C:\Documents and Settings\Michael Senff\My Documents\Downloads\RSIT.exe is AUTOIT container >>>C:\Documents and Settings\Michael Senff\My Documents\Downloads\dds.scr is NSIS container >>C:\Documents and Settings\Michael Senff\My Documents\Downloads\RSIT.exe\Users\ADMINI~1\AppData\Local\Temp\1\autD5FF.tmp - packed by ASCRIPT >>>>C:\Documents and Settings\Michael Senff\My Documents\Downloads\dds.scr\MBR.DAT - packed by UPX >>C:\Documents and Settings\Michael Senff\My Documents\Downloads\erunt-setup.exe\{app}\LOC_GER.ZIP is ZIP archive C:\Documents and Settings\Michael Senff\My Documents\Downloads\erunt-setup.exe\{app}\LOC_GER.ZIP - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\RSIT.exe - container >>C:\Documents and Settings\Michael Senff\My Documents\Downloads\erunt-setup.exe\{app}\NTREGOPT.EXE - packed by UPX >>>>>C:\Documents and Settings\Michael Senff\My Documents\Downloads\dds.scr\MBR.DAT - packed by BINARYRES C:\Documents and Settings\Michael Senff\My Documents\Downloads\SecurityCheck.exe:Zone.Identifier - Ok >>>>C:\Documents and Settings\Michael Senff\My Documents\Downloads\dds.scr\PEV.DAT - packed by PECOMPACT C:\Documents and Settings\Michael Senff\My Documents\Downloads\erunt-setup.exe\{app}\NTREGOPT.EXE - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\erunt-setup.exe\{app}\NTREGOPT.LOC - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\erunt-setup.exe\{app}\README.TXT - Ok >>C:\Documents and Settings\Michael Senff\My Documents\Downloads\erunt-setup.exe\{tmp}\UNZIP32.EXE - packed by UPX >>C:\Documents and Settings\Michael Senff\My Documents\Downloads\SecurityCheck.exe is ZIP archive C:\Documents and Settings\Michael Senff\My Documents\Downloads\SecurityCheck.exe - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\SecurityCheck.exe - archive C:\Documents and Settings\Michael Senff\My Documents\Downloads\stinger.exe:Zone.Identifier - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\erunt-setup.exe\{tmp}\UNZIP32.EXE - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\erunt-setup.exe - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\stinger.opt - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\stinger.txt - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\erunt-setup.exe - container C:\Documents and Settings\Michael Senff\My Documents\Downloads\tdsskiller.exe:Zone.Identifier - Ok >C:\Documents and Settings\Michael Senff\My Documents\Downloads\stinger.exe - packed by UPX >C:\Documents and Settings\Michael Senff\My Documents\Downloads\tdsskiller.exe - packed by FLY-CODE C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\fixdamage.exe - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\fixdamage.exe:Zone.Identifier - Ok >>C:\Documents and Settings\Michael Senff\My Documents\Downloads\tdsskiller.exe - packed by LZMA >>C:\Documents and Settings\Michael Senff\My Documents\Downloads\RogueKiller.exe - packed by BINARYRES C:\Documents and Settings\Michael Senff\My Documents\Downloads\RogueKiller.exe - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\License.rtf - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\License.rtf:Zone.Identifier - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\mbam.dll:Zone.Identifier - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\dds.scr - container C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\mbamcore.dll:Zone.Identifier - Ok >C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\mbamcore.dll is BINARYRES container C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\mbamcore.dll - container C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\mbamnet.dll:Zone.Identifier - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\mbar-log-2012-12-30 (13-32-31).txt - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\mbam.dll - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\mbar.exe:Zone.Identifier - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\msvcp100.dll - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\msvcp100.dll:Zone.Identifier - Ok >C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\mbar.exe is BINARYRES container >>C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\mbar.exe\data001 - packed by BINARYRES C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\msvcr100.dll - Ok >>C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\mbar.exe\data002 - packed by BINARYRES C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\msvcr100.dll:Zone.Identifier - Ok >>C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\mbar.exe\data006 is ZLIB container C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\mbar.exe - container C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\QtCore4.dll:Zone.Identifier - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\QtCore4.dll - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\QtGui4.dll:Zone.Identifier - Ok >C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\QtGui4.dll is ZLIB container C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\QtGui4.dll - container C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\ReadMe.rtf:Zone.Identifier - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\system-log.txt - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\ReadMe.rtf - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\Data\swissarmy.ref - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\Data\rules.ref - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\Data\Configuration\config.conf:Zone.Identifier - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\Data\Configuration\config.conf - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\Data\Configuration\local.conf - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\Data\Configuration\manifest.conf - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\Data\Configuration\manifest.conf:Zone.Identifier - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\Data\Configuration\database.conf - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\Languages\English.lng:Zone.Identifier - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\Languages\English.lng - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\imageformats\qico4.dll:Zone.Identifier - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\mbamnet.dll - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\imageformats\qico4.dll - Ok C:\Documents and Settings\Michael Senff\My Documents\My Music\Desktop.ini - Ok C:\Documents and Settings\Michael Senff\My Documents\My Music\Sample Music.lnk - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\imageformats\qicod4.dll:Zone.Identifier - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\mbar-1.01.0.1011 (1)\mbar\imageformats\qicod4.dll - Ok C:\Documents and Settings\Michael Senff\My Documents\My Pictures\Desktop.ini - Ok C:\Documents and Settings\Michael Senff\My Documents\My Videos\Desktop.ini - Ok C:\WINDOWS\TEMP\MpCmdRun.log - Ok C:\WINDOWS\TEMP\dw.log - Ok C:\WINDOWS\TEMP\toolbar_log.txt - Ok C:\WINDOWS\TEMP\MpSigStub.log - Ok C:\Documents and Settings\Michael Senff\My Documents\My Pictures\Sample Pictures.lnk - Ok >C:\WINDOWS\TEMP\avg_a00504\Installer.7z is 7-ZIP archive C:\WINDOWS\TEMP\avg_a00504\Installer.7z - Ok C:\WINDOWS\TEMP\avg_a00504\Installer.7z - archive C:\WINDOWS\TEMP\avg_a00504\{95B7759C-8C7F-4BF1-B163-73684A933233} - Ok C:\WINDOWS\TEMP\avg_a00504\CommonFiles\AVG Secure Search\avgdttbx.dll - Ok C:\WINDOWS\TEMP\avg_a00504\CommonFiles\AVG Secure Search\avgtpx64.sys - Ok C:\WINDOWS\TEMP\avg_a00504\CommonFiles\AVG Secure Search\avgtpx86.sys - Ok C:\WINDOWS\TEMP\avg_a00504\CommonFiles\AVG Secure Search\CommonCfg.ini - Ok >>C:\Documents and Settings\Michael Senff\My Documents\Downloads\stinger.exe is BINARYRES container C:\WINDOWS\TEMP\avg_a00504\avg-secure-search-installer.exe - Ok C:\WINDOWS\TEMP\avg_a00504\CommonFiles\AVG Secure Search\DriverInstaller_64.exe - Ok C:\WINDOWS\TEMP\avg_a00504\CommonFiles\AVG Secure Search\npsitesafety.dll - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\stinger.exe - container C:\WINDOWS\TEMP\avg_a00504\CommonFiles\AVG Secure Search\DriverInstaller.exe - Ok C:\WINDOWS\TEMP\avg_a00504\CommonFiles\AVG Secure Search\ToolBand.tlb - Ok C:\WINDOWS\TEMP\avg_a00504\CommonFiles\AVG Secure Search\SiteSafety.dll - Ok C:\WINDOWS\TEMP\avg_a00504\CommonFiles\AVG Secure Search\UpdaterConfig.ini - Ok >>>C:\Documents and Settings\Michael Senff\My Documents\Downloads\tdsskiller.exe - packed by FLY-CODE >C:\WINDOWS\TEMP\{E2FDE7A2-1E1A-4A9D-A08C-BE452F6E41AC}.exe is 7-ZIP archive C:\WINDOWS\TEMP\{E2FDE7A2-1E1A-4A9D-A08C-BE452F6E41AC}.exe - Ok C:\WINDOWS\TEMP\{E2FDE7A2-1E1A-4A9D-A08C-BE452F6E41AC}.exe - archive C:\WINDOWS\TEMP\avg_a00504\CommonFiles\AVG Secure Search\ViProtocol.dll - Ok C:\WINDOWS\TEMP\avg_a00504\ConfigFiles\installer_cfg.ini - Ok C:\WINDOWS\TEMP\avg_a00504\ConfigFiles\avguidx.dll - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\avg-secure-search.tmp - Ok C:\WINDOWS\TEMP\avg_a00504\ConfigFiles\MachineIdCreator.exe - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\avg-secure-search.xml - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\chrome.manifest - Ok C:\Documents and Settings\Michael Senff\My Documents\Downloads\LeagueofLegends.exe - Ok >C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\ChromeExt\13.2.0.5\avg.crx - packed by BINARY PACKAGE C:\WINDOWS\TEMP\avg_a00504\CommonFiles\AVG Secure Search\ToolbarUpdater.exe - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\icon.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\install.rdf - Ok >>C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\ChromeExt\13.2.0.5\avg.crx is BINARYRES container >>>C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\ChromeExt\13.2.0.5\avg.crx\data001 is ZIP archive C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\ChromeExt\13.2.0.5\avg.crx\data001 - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\ChromeExt\13.2.0.5\avg.crx - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\ChromeExt\13.2.0.5\avg.crx - container >C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\chrome\avg.jar is ZIP archive C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\chrome\avg.jar - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\chrome\avg.jar - archive C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\locale\en-US\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\locale\en-US\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\avg.xml - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\avg-dnt-adapter.js - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\components\avg-dnt-policy.js - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\Bindings.xml - Ok C:\WINDOWS\TEMP\avg_a00504\CommonFiles\AVG Secure Search\ScriptHelper.exe - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\avgJsm.js - Ok >>>>C:\Documents and Settings\Michael Senff\My Documents\Downloads\tdsskiller.exe is BINARYRES container C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\configuration_0.css - Ok >C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\configuration.js is JS-HTML container C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\configuration.js - container >C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\configuration_0.xul is JS-HTML container C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\configuration_0.xul - container C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\components\toolbarhomeApi.js - Ok >C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\propertiesJsm.js is JS-HTML container C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\HistoryCleaner.js - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\propertiesJsm.js - container C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\cs\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\da\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\cs\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\Preferences.js - Ok >C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\IOJsm.js is JS-HTML container C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\da\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\de\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\en\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\de\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\es-es\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\IOJsm.js - container C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\es-es\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\en\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\es\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\fr\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\hu\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\es\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\fr\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\id\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\it\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\hu\global.dtd - Ok >>>>>C:\Documents and Settings\Michael Senff\My Documents\Downloads\tdsskiller.exe\data003 - packed by FLY-CODE C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\id\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\ja\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\ja\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\ko\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\ko\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\it\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\ms\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\nl\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\pl\global.dtd - Ok >>>>>>C:\Documents and Settings\Michael Senff\My Documents\Downloads\tdsskiller.exe\data003 - packed by LZMA C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\ms\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\nl\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\pt-br\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\pl\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\pt-br\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\pt\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\ru\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\sk\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\pt\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\ru\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\sr\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\sk\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\tr\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\sr\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\zh-cn\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\tr\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\about.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\zh-tw\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\calc.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\zh-cn\global.dtd - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\locale\zh-tw\global.properties - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\ajax-loader.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\active-threats18.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\CleanHistory.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\close.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\Facebook.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\feedback.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\feedicon.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\current.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\currently-safe18.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\help.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\labs.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\icon18.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\icon_search.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\note.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\information-24.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\search.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\dnt.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\loader.gif - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\questionmarkIcon.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\speed-test.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\window-close.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\surf-with-caution18.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgData\AVG Secure Search\FireFoxExt\13.2.0.5\modules\skin\uninstall.png - Ok C:\WINDOWS\TEMP\avg_a00504\ProgFiles\AVG Secure Search\about.gif - Ok
- January 2, 2013
- 79 replies
Outgoing Malicious IP Blocks. Suspect Infection

MicQsenoch replied to MicQsenoch's topic in Resolved Malware Removal Logs

>>C:\WINDOWS\system32\dllcache\wmplayer.chm\Glossary.js is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\aboutcopyrights.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\accessibilityfeaturesinyourproductnamehelp.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\accessibilityforpeoplewithdisabilities.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\accessibilityofmicrosoftwindows.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\accessiblefeaturesinyourproductnamewindowsmediapla.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\accessibleproductsandservicesfrommicrosoft.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\addingaradiostationtoaplaylist.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\adjustingmicrosoftproductsforpeoplewithaccessibili.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\adjustingthevolume.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\advancededit.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wmpshell.dll - Ok C:\WINDOWS\system32\dllcache\wmpns.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\advancededitsynchronizedlyrics.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wmptour.css - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\advancededitwebsites.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wmpui.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\anchorwindowmenu.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\assistivetechnologyforwindows.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\audiocdproperties.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\audiodeviceproperties.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\basicsecuritymeasure.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\cdaudiofeature.htm is JS-HTML container >C:\WINDOWS\system32\dllcache\wmptour.hta is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\cdcopyprocess.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wmptour.hta - container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\cddrivepropertiesdatacdtab.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\changingdvdviewingoptions.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wmm2res.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\changinghowtheplayerlooks.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\changingportabledevicesettings.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\changingthecoloroftheplayer.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\changingthesizeoftheplayer.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\changingthesizeofthevideowindow.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wmsdmoe.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\changingyouraudioandvideosettings.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\choosingavisualization.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\commontasks.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\compressingcopiesofcdtrackstouselessdiskspace.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\copyingandplayingcds.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\copyingfilestoyourportabledevice.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\copyingmusicfromcds.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\copyingthecontentsofyourmedialibrarytoanewcomputer.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\creatingyourowncds.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\credential_explain_basic_authentication.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wmsdmod.dll - Ok C:\WINDOWS\system32\dllcache\wmspdmod.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\customerserviceforpeoplewhoaredeaforhardofhearing.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\customizinginformationaboutcdsinmedialibrary.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\customizingtheplayer.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\deletingfilesfromaplaylist.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\deletingfilesinmedialibrary.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\displayareasandcontrols.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\downloadingportabledevicedrivers.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\editautoplaylistdialogbox.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\enablingplugins.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\errormessagehelp.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\featuresarea.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wmploc.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\filemenu.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\findingwindowsmediafilesontheinternet.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\formattingdevicesandmedia.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\gettingmoreaccessibilityinformation0.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wmsdmoe2.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\gettingstarted.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\glossary.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\grantingaccesstoyourmedialibrary.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\helpmenu.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wmp.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\howtopreventinformationfrombeingstoredonyourcomput.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\idd_fileopen.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wmv8ds32.ax - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\infocenterviewpane.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\keepingyourcomputersecure.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\keyboardaccess.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wmstream.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\keyboardshortcutsforusingthehelpwindow.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\listeningtoradiostations.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\maintainingyourprivacy.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wmspdmoe.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\mediainformationpane.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\medialibraryfeature.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\mediascan.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\microsoftdocumentationinalternativeformats0.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\miniplayer.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\moreinformationaboutaudioanddatacds.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wmvds32.ax - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\newautoplaylistdialogbox.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\nowplayingarea.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\nowplayingtoolsarea.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\organizingyourmultimediafiles.htm is JS-HTML container >C:\WINDOWS\system32\dllcache\wordpad.exe is BINARYRES container C:\WINDOWS\system32\dllcache\wordpad.exe - container C:\WINDOWS\system32\dllcache\wow32.dll - Ok C:\WINDOWS\system32\dllcache\wowdeb.exe - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\playbackcontrolsarea.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wowexec.exe - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\player_firstrun_privacy.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\player_overview_cdaudio.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wmvdmod.dll - Ok C:\WINDOWS\system32\dllcache\wowfax.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\player_overview_csgz.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\player_overview_dvd.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\player_overview_effects.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wowfaxui.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\player_overview_formats.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\player_overview_medialibrary.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wmvdmoe2.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\player_overview_metadata_fileupdates.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wpabaln.exe - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\player_overview_network.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\player_overview_performance.htm is JS-HTML container C:\WINDOWS\system32\dllcache\ws2ifsl.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\player_overview_player.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\player_overview_portabledevice.htm is JS-HTML container C:\WINDOWS\system32\dllcache\ws2help.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\player_overview_privacy.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\player_overview_security.htm is JS-HTML container C:\WINDOWS\system32\dllcache\write.exe - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\player_playing_files_toaddlyricstoafile.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\player_playing_files_toviewlyrics.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\playercontrols.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\playingadvd.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\playingavcd.htm is JS-HTML container C:\WINDOWS\system32\dllcache\ws2_32.dll - Ok C:\WINDOWS\system32\dllcache\wpnpinst.exe - Ok C:\WINDOWS\system32\dllcache\wscntfy.exe - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\playingdvds.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\playingfiles.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\playingmultimediafilesinmedialibrary.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\playingmusicfromcds.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wshatm.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\playlistpane.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\playlistselectionarea.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\playmenu.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\portabledevicefeature.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wscsvc.dll - Ok C:\WINDOWS\system32\dllcache\wshbth.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\portabledeviceproperties.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wscript.exe - Ok C:\WINDOWS\system32\dllcache\WMVCore.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\searchcomputerformultimedia.htm is JS-HTML container >C:\WINDOWS\system32\dllcache\wscui.cpl is ZLIB container C:\WINDOWS\system32\dllcache\wship6.dll - Ok C:\WINDOWS\system32\dllcache\wshirda.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\settingsthataffectyourprivacy.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wshisn.dll - Ok C:\WINDOWS\system32\dllcache\wshnetbs.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\sharingyourmedialibrary.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wscui.cpl - container C:\WINDOWS\system32\dllcache\wshext.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\skinchooser.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wshcon.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\skinsshortcutmenu.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\sortingandfindingitemsinmedialibrary.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wshrm.dll - Ok C:\WINDOWS\system32\dllcache\wshtcpip.dll - Ok C:\WINDOWS\system32\dllcache\wsiintxx.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\specialfeatures.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\stepbysteptutorials.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wstcodec.sys - Ok C:\WINDOWS\system32\dllcache\wsock32.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\supportedfileformats.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wsnmp32.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tips_addingitemstoplaylistsandmedialibrary.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tips_copyingtoacdorportabledevice.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tips_customizingtheplayer.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wshom.ocx - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tips_organizingfiles.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wtsapi32.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tips_playingfiles.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tips_viewingfileinformation.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tipsandtricks.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toaddaplugin.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toaddaradiostationtoaplaylist.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toaddcdinformation.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toaddfilestoaplaylist.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toaddfilestomedialibrary.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toaddinformationaboutacdtrackorentirealbumtoadatabaseontheinternet.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wuauclt.exe - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toaddnormalizationvaluestofiles.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toaddoreditmediainformationusingtheadvancedtagedit.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toaddsynchronizedlyricstoafile.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wstdecod.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toadjustaudiodynamicrange.htm is JS-HTML container >C:\WINDOWS\system32\dllcache\wuaucpl.cpl - packed by FLY-CODE >C:\WINDOWS\system32\dllcache\wuauclt1.exe is BINARYRES container >>C:\WINDOWS\system32\dllcache\wuauclt1.exe\data001 is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toadjusttheaudioeffects.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toadjustthegraphicequalizerlevels.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toadjustthenumberofsecondscontentisbuffered.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toadjustthevolume.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wuauclt1.exe - container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toadjustvideosettings.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toapplyaskin.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wuauserv.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toautomaticallyaddfilestomedialibrarywhenplayed.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toautomaticallyplaydvds.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wuapi.dll - Ok C:\WINDOWS\system32\dllcache\wuaueng1.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tobackupyourlicenses.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tocaptureadvdimage.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tochangecaptionorsubtitlelanguage.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tochangecdrorcdrwdrivesettings.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tochangecopyquality.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tochangehowmediainformationisupdated.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wups.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tochangescriptcommandoptions.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tochangesoundtracklanguage.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tochangetheappearanceofahelptopic.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tochangethecolorofthebackgroundortextinhelp.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wupdmgr.exe - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tochangethecoloroftheplayer.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wuaucpl.cpl - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tochangethecopyqualityofmusiccopiedfromcds.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tochangethefoldersthataremonitored.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tochangethefolderwhereyouraudioandvideofilesarestored.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tochangethefontinhelp.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tochangethelanguageofthedvdmenu.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wvchntxx.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tochangethenumberofstarsforanitem.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tochangetheorderinwhichpluginsoperate.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tochangethetypesoffilesfileformatsthattheplayerplays.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wucltui.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tochangezonesettings.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tocheckwhetherdigitalcopyingisselected.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wuweb.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tochooseavisualization.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wzcsapi.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tochoosewhichcolumnsdisplayinmedialibrary.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toconfiguretheplayertoplayhdcdsusing20bitaudio.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toconfiguretheplayertoplaymultichanneldvds.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toconfiguretheplayertoplaymultichannelwindowsmedia.htm is JS-HTML container C:\WINDOWS\system32\dllcache\xcopy.exe - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tocopyanaudiocd.htm is JS-HTML container >C:\WINDOWS\system32\dllcache\xactsrv.dll - packed by FLY-CODE >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tocopycdsinsuccession.htm is JS-HTML container C:\WINDOWS\system32\dllcache\xem336n5.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tocopyfilestoyourportabledevice.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tocreatealistofyourownpresetradiostations.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tocreateanautoplaylist.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tocreateaplaylist.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tocreateyourowncd.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tocrossfadefiles.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\todeleteafilefrommedialibrary.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\todeleteaplaylist.htm is JS-HTML container C:\WINDOWS\system32\dllcache\xactsrv.dll - Ok C:\WINDOWS\system32\dllcache\wzcdlg.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\todeleteaskin.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\todeletefilesfromaplaylist.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wuaueng.dll - Ok C:\WINDOWS\system32\dllcache\xjis.nls - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\todisableaplugin.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\todownloadaportabledevicedriver.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\todownloadpluginsfromtheinternet.htm is JS-HTML container C:\WINDOWS\system32\dllcache\wzcsvc.dll - Ok C:\WINDOWS\system32\dllcache\xenroll.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\todownloadskinsfromtheinternet.htm is JS-HTML container C:\WINDOWS\system32\dllcache\xmlprovi.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\todownloadvisualizationsfromtheinternet.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toeditalbuminformationforanindividualtrackinmedialibrary.htm is JS-HTML container C:\WINDOWS\system32\dllcache\xlog.exe - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toeditanautoplaylist.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toeditaplaylist.htm is JS-HTML container C:\WINDOWS\system32\dllcache\xmlprov.dll - Ok C:\WINDOWS\system32\dllcache\xolehlp.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toeditinformationforseveraltrackssimultaneously.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toedititemsandplaylistsbeforecopyingtoaportabledevice.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toejectacd.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toenableaplugin.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toenableaudionormalization.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toeraseacdrw.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tofastforwardafile.htm is JS-HTML container C:\WINDOWS\system32\dllcache\xpsp1res.dll - Ok C:\WINDOWS\system32\dllcache\xpob2res.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tofindaradiostationontheinternet.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tofinddigitalmediausingasubscriptionservice.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tofindwindowsmediafilesontheinternet.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toformatadeviceormedia.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\togetorchangeinformationaboutanalbumontheinternet.htm is JS-HTML container C:\WINDOWS\system32\dllcache\xpshims.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tohidethefeaturestaskbar.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tohidethemenubar.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tolocateotheritemsbyartistoralbuminmedialibrary.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toolsmenu.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\topauseafile.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\topermanentlydeletefilesfrommedialibrary.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toplayadvd.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toplayanaudiocd.htm is JS-HTML container >C:\WINDOWS\system32\dllcache\xpsp3res.dll is BINARYRES container >>C:\WINDOWS\system32\dllcache\xpsp3res.dll\data001 is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toplayanyportionofafile.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toplayaplaylist.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\xpsp3res.dll\data002 is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toplayaradiostationontheinternet.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toplayavcd.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toplaycontentatvariablespeeds.htm is JS-HTML container C:\WINDOWS\system32\dllcache\xrxflnch.exe - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toplayfiles.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\xpsp3res.dll\data004 is JS-HTML container C:\WINDOWS\system32\dllcache\xpsshhdr.dll - Ok C:\WINDOWS\system32\dllcache\xpsp3res.dll - container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toplayfilesinrandomorder.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toplayitemsinacategoryasaplaylist.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toplaymarkedsectionsinafile.htm is JS-HTML container C:\WINDOWS\system32\dllcache\xrxscnui.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toplayspecialfeaturesonadvd.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toplaytracksinadifferentorder.htm is JS-HTML container C:\WINDOWS\system32\dllcache\xrxwbtmp.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toplayvideooneframeatatime.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\topreventplayofcertaindvdsbysettingparentalcontrols.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\torearrangefilesonaplaylist.htm is JS-HTML container C:\WINDOWS\system32\dllcache\xrxwiadr.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toremoveaplugin.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toremoveasubscriptionservice.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toremoveduplicateitemsfromyourmedialibrary.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toremovelistsoffilesplayedorinternetaddressesurlsv.htm is JS-HTML container C:\WINDOWS\system32\dllcache\zcorem.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toremovestoredmediainformationforcdsanddvds.htm is JS-HTML container C:\WINDOWS\system32\dllcache\xrxftplt.exe - Ok C:\WINDOWS\system32\dllcache\zeeverm.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\torenameaplaylist.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\torenametitlesandchapters.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toresizetheplayer.htm is JS-HTML container C:\WINDOWS\system32\dllcache\znetm.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toresizetheplayerautomaticallytofitavideo.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toresizethevideowindow.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\torestoreyourlicenses.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\torewindafile.htm is JS-HTML container C:\WINDOWS\system32\dllcache\zoneclim.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tosaveatemporaryplaylistwithadifferentname.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tosearchforitemsinmedialibrary.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tosearchyourcomputerformusicandvideo.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toselectthefiletypefortrackscopiedfromcds.htm is JS-HTML container C:\WINDOWS\system32\dllcache\zonelibm.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tosetpluginoptions.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toshareaclipwithafriend.htm is JS-HTML container C:\WINDOWS\system32\dllcache\zoneoc.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toskipplayingtracksonacd.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toskiptothenextfile.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toskiptothepreviousfile.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tosortitemsusingadifferentcolumnheadinginmedialibr.htm is JS-HTML container C:\WINDOWS\system32\dllcache\zclientm.exe - Ok C:\WINDOWS\system32\dllcache\xpssvcs.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tospecifytheinformationthatappearsinatrackfilename.htm is JS-HTML container C:\WINDOWS\system32\drivers\acpi.sys - Ok C:\WINDOWS\system32\drivers\acpiec.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tostopacquiringlicensesautomatically.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tostopafile.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tostopbeingaskedifyouwanttobackupyourlicenses.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tostopretrievingmediainformationautomatically.htm is JS-HTML container C:\WINDOWS\system32\drivers\adv01nt5.dll - Ok C:\WINDOWS\system32\dllcache\zipfldr.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toswitchbetweenmodes.htm is JS-HTML container C:\WINDOWS\system32\drivers\adv05nt5.dll - Ok C:\WINDOWS\system32\drivers\adv02nt5.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toswitchcameraangles.htm is JS-HTML container C:\WINDOWS\system32\drivers\adv09nt5.dll - Ok C:\WINDOWS\system32\drivers\adv11nt5.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toswitchtootherprograms.htm is JS-HTML container C:\WINDOWS\system32\drivers\adv07nt5.dll - Ok C:\WINDOWS\system32\drivers\adv08nt5.dll - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\totemporarilyadditemstoaplaylist.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\totemporarilyrearrangeitemsinaplaylist.htm is JS-HTML container C:\WINDOWS\system32\drivers\aec.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toturnoffcopyrightprotectionlicenses.htm is JS-HTML container C:\WINDOWS\system32\drivers\agpcpq.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toturnoffscreensaverduringplayback.htm is JS-HTML container >C:\WINDOWS\system32\dllcache\xpsp2res.dll is BINARYRES container C:\WINDOWS\system32\drivers\agp440.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toturnoncaptions.htm is JS-HTML container C:\WINDOWS\system32\drivers\afd.sys - Ok >>C:\WINDOWS\system32\dllcache\xpsp2res.dll\data001 is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toupdateinformationaboutadvd.htm is JS-HTML container C:\WINDOWS\system32\drivers\alim1541.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toupdateorfindalbuminformationontheinternet.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toupgradetheplayer.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\touseapluginwithafileorplaylist.htm is JS-HTML container C:\WINDOWS\system32\drivers\amdagp.sys - Ok >>C:\WINDOWS\system32\dllcache\xpsp2res.dll\data002 is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\tousedigitalplaybackanderrorcorrection.htm is JS-HTML container C:\WINDOWS\system32\drivers\amdk6.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toviewalbumdetails.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toviewdetailsaboutafile.htm is JS-HTML container C:\WINDOWS\system32\drivers\AppleCharger.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toviewinformationaboutadvd.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\xpsp2res.dll\data003 is JS-HTML container C:\WINDOWS\system32\drivers\asyncmac.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toviewinformationabouterrors.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\xpsp2res.dll\data004 is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toviewinformationaboutmultimediacontent.htm is JS-HTML container C:\WINDOWS\system32\dllcache\xpsp2res.dll - container C:\WINDOWS\system32\drivers\amdk7.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toviewlicensedetails.htm is JS-HTML container C:\WINDOWS\system32\drivers\atapi.sys - Ok C:\WINDOWS\system32\drivers\arp1394.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toviewstatisticsaboutplayback.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toviewthevideousingtheentirescreen.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toviewtitlesandchapters.htm is JS-HTML container C:\WINDOWS\system32\drivers\ati1btxx.sys - Ok C:\WINDOWS\system32\drivers\ati1pdxx.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\toworkoffline.htm is JS-HTML container C:\WINDOWS\system32\drivers\ati1mdxx.sys - Ok C:\WINDOWS\system32\drivers\Ambfilt.sys - Ok C:\WINDOWS\system32\drivers\ati1raxx.sys - Ok C:\WINDOWS\system32\drivers\ati1snxx.sys - Ok C:\WINDOWS\system32\drivers\ati1rvxx.sys - Ok C:\WINDOWS\system32\drivers\ati1xbxx.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\typesofblankcds.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\understandingbuffering.htm is JS-HTML container C:\WINDOWS\system32\drivers\ati1ttxx.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\understandingdigitalmediaconcepts.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\understandinglicensedfiles.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\understandingprogressivedownloading.htm is JS-HTML container C:\WINDOWS\system32\drivers\ati1tuxx.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\understandingstreamingmedia.htm is JS-HTML container C:\WINDOWS\system32\drivers\ati1xsxx.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\upgradingtheplayer.htm is JS-HTML container C:\WINDOWS\system32\drivers\atinbtxx.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\usingaudiocrossfade.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\usingaudionormalization.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\usinghelp.htm is JS-HTML container C:\WINDOWS\system32\drivers\atinmdxx.sys - Ok C:\WINDOWS\system32\drivers\atinpdxx.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\usingplugins.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\usingshortcutkeys.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\usingsurroundsound.htm is JS-HTML container C:\WINDOWS\system32\drivers\atinraxx.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\usingvcds.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\usingwindowsmediaplayer.htm is JS-HTML container C:\WINDOWS\system32\drivers\atinsnxx.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\videoandvisualizationpane.htm is JS-HTML container C:\WINDOWS\system32\drivers\atinttxx.sys - Ok C:\WINDOWS\system32\drivers\ati2mtaa.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\viewingcdinformation.htm is JS-HTML container C:\WINDOWS\system32\drivers\atinrvxx.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\viewinginformationaboutadvd.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\viewinginformationaboutfilesandcontent.htm is JS-HTML container C:\WINDOWS\system32\drivers\atintuxx.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\viewmenu.htm is JS-HTML container C:\WINDOWS\system32\drivers\atinxbxx.sys - Ok C:\WINDOWS\system32\drivers\ativmc20.cod - Ok C:\WINDOWS\system32\drivers\atmarpc.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\windowsmediaplayererrorcenter.htm is JS-HTML container C:\WINDOWS\system32\drivers\atinxsxx.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\windowsmediaplayerhelp.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\windowsmediaplayerwebhelp.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\workingoffline.htm is JS-HTML container C:\WINDOWS\system32\drivers\atmepvc.sys - Ok >>C:\WINDOWS\system32\dllcache\wmplayer.chm\htm\workingwithplaylists.htm is JS-HTML container C:\WINDOWS\system32\drivers\atmlane.sys - Ok C:\WINDOWS\system32\drivers\atv01nt5.dll - Ok C:\WINDOWS\system32\drivers\atv02nt5.dll - Ok C:\WINDOWS\system32\drivers\atv04nt5.dll - Ok C:\WINDOWS\system32\drivers\audstub.sys - Ok C:\WINDOWS\system32\drivers\atv06nt5.dll - Ok C:\WINDOWS\system32\drivers\atv10nt5.dll - Ok C:\WINDOWS\system32\drivers\ati2mtag.sys - Ok C:\WINDOWS\system32\drivers\beep.sys - Ok C:\WINDOWS\system32\drivers\avgtpx86.sys - Ok C:\WINDOWS\system32\drivers\bridge.sys - Ok C:\WINDOWS\system32\dllcache\wmplayer.chm - container C:\WINDOWS\system32\drivers\bthenum.sys - Ok C:\WINDOWS\system32\drivers\bthmodem.sys - Ok C:\WINDOWS\system32\drivers\bthusb.sys - Ok C:\WINDOWS\system32\drivers\cbidf2k.sys - Ok C:\WINDOWS\system32\drivers\bthprint.sys - Ok C:\WINDOWS\system32\drivers\cdaudio.sys - Ok C:\WINDOWS\system32\drivers\cdfs.sys - Ok C:\WINDOWS\system32\drivers\bthpan.sys - Ok C:\WINDOWS\system32\drivers\cdrom.sys - Ok C:\WINDOWS\system32\drivers\ch7xxnt5.dll - Ok C:\WINDOWS\system32\drivers\cpqdap01.sys - Ok C:\WINDOWS\system32\drivers\atmuni.sys - Ok C:\WINDOWS\system32\drivers\disk.sys - Ok C:\WINDOWS\system32\drivers\classpnp.sys - Ok C:\WINDOWS\system32\drivers\cxthsfs2.cty - Ok C:\WINDOWS\system32\drivers\crusoe.sys - Ok C:\WINDOWS\system32\drivers\dmload.sys - Ok C:\WINDOWS\system32\drivers\bthport.sys - Ok C:\WINDOWS\system32\drivers\diskdump.sys - Ok C:\WINDOWS\system32\drivers\dmio.sys - Ok C:\WINDOWS\system32\drivers\dmusic.sys - Ok C:\WINDOWS\system32\drivers\drmkaud.sys - Ok C:\WINDOWS\system32\drivers\drmk.sys - Ok C:\WINDOWS\system32\drivers\dxapi.sys - Ok C:\WINDOWS\system32\drivers\cinemst2.sys - Ok C:\WINDOWS\system32\drivers\EtronXHCI.sys - Ok C:\WINDOWS\system32\drivers\dxgthk.sys - Ok C:\WINDOWS\system32\drivers\dxg.sys - Ok C:\WINDOWS\system32\drivers\dmboot.sys - Ok C:\WINDOWS\system32\drivers\fdc.sys - Ok C:\WINDOWS\system32\drivers\flpydisk.sys - Ok C:\WINDOWS\system32\drivers\fastfat.sys - Ok C:\WINDOWS\system32\drivers\fips.sys - Ok C:\WINDOWS\system32\drivers\fs_rec.sys - Ok C:\WINDOWS\system32\drivers\fsvga.sys - Ok C:\WINDOWS\system32\drivers\EtronHub3.sys - Ok C:\WINDOWS\system32\drivers\gmreadme.txt - Ok C:\WINDOWS\system32\drivers\fltmgr.sys - Ok C:\WINDOWS\system32\drivers\GVTDrv.sys - Ok C:\WINDOWS\system32\drivers\ftdisk.sys - Ok C:\WINDOWS\system32\drivers\gagp30kx.sys - Ok C:\WINDOWS\system32\drivers\HECI.sys - Ok C:\WINDOWS\system32\drivers\hdaudbus.sys - Ok C:\WINDOWS\system32\drivers\hidbth.sys - Ok C:\WINDOWS\system32\drivers\hidclass.sys - Ok C:\WINDOWS\system32\drivers\hidparse.sys - Ok C:\WINDOWS\system32\drivers\hidusb.sys - Ok C:\WINDOWS\system32\drivers\gm.dls - Ok C:\WINDOWS\system32\drivers\hidir.sys - Ok C:\WINDOWS\system32\drivers\i8042prt.sys - Ok C:\WINDOWS\system32\drivers\imapi.sys - Ok C:\WINDOWS\system32\drivers\http.sys - Ok C:\WINDOWS\system32\drivers\intelppm.sys - Ok C:\WINDOWS\system32\drivers\IntelMEFWVer.dll - Ok C:\WINDOWS\system32\drivers\ip6fw.sys - Ok C:\WINDOWS\system32\drivers\ipfltdrv.sys - Ok C:\WINDOWS\system32\drivers\Hdaudio.sys - Ok C:\WINDOWS\system32\drivers\ipinip.sys - Ok C:\WINDOWS\system32\drivers\irenum.sys - Ok C:\WINDOWS\system32\drivers\hsfbs2s2.sys - Ok C:\WINDOWS\system32\drivers\ipnat.sys - Ok C:\WINDOWS\system32\drivers\isapnp.sys - Ok C:\WINDOWS\system32\drivers\kbdclass.sys - Ok C:\WINDOWS\system32\drivers\ksecdd.sys - Ok C:\WINDOWS\system32\drivers\ks.sys - Ok C:\WINDOWS\system32\drivers\kmixer.sys - Ok C:\WINDOWS\system32\drivers\mbam.sys - Ok C:\WINDOWS\system32\drivers\mcd.sys - Ok C:\WINDOWS\system32\drivers\mbamchameleon.sys - Ok C:\WINDOWS\system32\drivers\mnmdd.sys - Ok C:\WINDOWS\system32\drivers\mdmxsdk.sys - Ok C:\WINDOWS\system32\drivers\modem.sys - Ok C:\WINDOWS\system32\drivers\mf.sys - Ok C:\WINDOWS\system32\drivers\mouclass.sys - Ok C:\WINDOWS\system32\drivers\mouhid.sys - Ok C:\WINDOWS\system32\drivers\mountmgr.sys - Ok C:\WINDOWS\system32\drivers\MpFilter.sys - Ok C:\WINDOWS\system32\drivers\hsfdpsp2.sys - Ok C:\WINDOWS\system32\drivers\ipsec.sys - Ok C:\WINDOWS\system32\drivers\mrxdav.sys - Ok C:\WINDOWS\system32\drivers\msfs.sys - Ok C:\WINDOWS\system32\drivers\mspclock.sys - Ok C:\WINDOWS\system32\drivers\msgpc.sys - Ok C:\WINDOWS\system32\drivers\mspqm.sys - Ok C:\WINDOWS\system32\drivers\mssmbios.sys - Ok C:\WINDOWS\system32\drivers\Monfilt.sys - Ok C:\WINDOWS\system32\drivers\mskssrv.sys - Ok C:\WINDOWS\system32\drivers\mup.sys - Ok C:\WINDOWS\system32\drivers\mrxsmb.sys - Ok C:\WINDOWS\system32\drivers\mtlmnt5.sys - Ok C:\WINDOWS\system32\drivers\mutohpen.sys - Ok C:\WINDOWS\system32\drivers\ndistapi.sys - Ok C:\WINDOWS\system32\drivers\ndisuio.sys - Ok C:\WINDOWS\system32\drivers\ndproxy.sys - Ok C:\WINDOWS\system32\drivers\ndiswan.sys - Ok C:\WINDOWS\system32\drivers\netbios.sys - Ok C:\WINDOWS\system32\drivers\ndis.sys - Ok C:\WINDOWS\system32\drivers\netwlan5.img - Ok C:\WINDOWS\system32\drivers\nikedrv.sys - Ok C:\WINDOWS\system32\drivers\netbt.sys - Ok C:\WINDOWS\system32\drivers\nic1394.sys - Ok C:\WINDOWS\system32\drivers\mtxparhm.sys - Ok C:\WINDOWS\system32\drivers\nmnt.sys - Ok C:\WINDOWS\system32\drivers\npfs.sys - Ok C:\WINDOWS\system32\drivers\null.sys - Ok C:\WINDOWS\system32\drivers\nvhda32.sys - Ok C:\WINDOWS\system32\drivers\ntmtlfax.sys - Ok C:\WINDOWS\system32\drivers\nwlnkflt.sys - Ok C:\WINDOWS\system32\drivers\nwlnkfwd.sys - Ok C:\WINDOWS\system32\drivers\nwlnkipx.sys - Ok C:\WINDOWS\system32\drivers\ntfs.sys - Ok C:\WINDOWS\system32\drivers\nwlnknb.sys - Ok C:\WINDOWS\system32\drivers\nwlnkspx.sys - Ok C:\WINDOWS\system32\drivers\parport.sys - Ok C:\WINDOWS\system32\drivers\oprghdlr.sys - Ok C:\WINDOWS\system32\drivers\partmgr.sys - Ok C:\WINDOWS\system32\drivers\hsfcxts2.sys - Ok C:\WINDOWS\system32\drivers\nv4_mini.sys - Ok C:\WINDOWS\system32\drivers\parvdm.sys - Ok C:\WINDOWS\system32\drivers\pciide.sys - Ok C:\WINDOWS\system32\drivers\p3.sys - Ok C:\WINDOWS\system32\drivers\pci.sys - Ok C:\WINDOWS\system32\drivers\portcls.sys - Ok C:\WINDOWS\system32\drivers\pciidex.sys - Ok C:\WINDOWS\system32\drivers\psched.sys - Ok C:\WINDOWS\system32\drivers\ptilink.sys - Ok C:\WINDOWS\system32\drivers\pcmcia.sys - Ok C:\WINDOWS\system32\drivers\mtlstrm.sys - Ok C:\WINDOWS\system32\drivers\processr.sys - Ok C:\WINDOWS\system32\drivers\rasacd.sys - Ok C:\WINDOWS\system32\drivers\raspppoe.sys - Ok C:\WINDOWS\system32\drivers\rasl2tp.sys - Ok C:\WINDOWS\system32\drivers\raspptp.sys - Ok C:\WINDOWS\system32\drivers\raspti.sys - Ok C:\WINDOWS\system32\drivers\rdpcdd.sys - Ok C:\WINDOWS\system32\drivers\rdpwd.sys - Ok C:\WINDOWS\system32\drivers\redbook.sys - Ok C:\WINDOWS\system32\drivers\recagent.sys - Ok C:\WINDOWS\system32\drivers\rawwan.sys - Ok C:\WINDOWS\system32\drivers\riodrv.sys - Ok C:\WINDOWS\system32\drivers\rdbss.sys - Ok C:\WINDOWS\system32\drivers\rio8drv.sys - Ok C:\WINDOWS\system32\drivers\rfcomm.sys - Ok C:\WINDOWS\system32\drivers\RTAIODAT.DAT - Ok C:\WINDOWS\system32\drivers\rndismpx.sys - Ok C:\WINDOWS\system32\drivers\rndismp.sys - Ok C:\WINDOWS\system32\drivers\rootmdm.sys - Ok C:\WINDOWS\system32\drivers\scsiport.sys - Ok C:\WINDOWS\system32\drivers\rdpdr.sys - Ok C:\WINDOWS\system32\drivers\Rtenicxp.sys - Ok C:\WINDOWS\system32\drivers\secdrv.sys - Ok C:\WINDOWS\system32\drivers\rmcast.sys - Ok C:\WINDOWS\system32\drivers\serenum.sys - Ok C:\WINDOWS\system32\drivers\RtkHDAud.sys - Ok C:\WINDOWS\system32\drivers\serial.sys - Ok C:\WINDOWS\system32\drivers\sfloppy.sys - Ok C:\WINDOWS\system32\drivers\sffp_mmc.sys - Ok C:\WINDOWS\system32\drivers\sdbus.sys - Ok C:\WINDOWS\system32\drivers\s3gnbm.sys - Ok C:\WINDOWS\system32\drivers\sffdisk.sys - Ok C:\WINDOWS\system32\drivers\sffp_sd.sys - Ok C:\WINDOWS\system32\drivers\siint5.dll - Ok C:\WINDOWS\system32\drivers\slwdmsup.sys - Ok C:\WINDOWS\system32\drivers\smbali.sys - Ok C:\WINDOWS\system32\drivers\sisagp.sys - Ok C:\WINDOWS\system32\drivers\splitter.sys - Ok C:\WINDOWS\system32\drivers\sonydcam.sys - Ok C:\WINDOWS\system32\drivers\smclib.sys - Ok C:\WINDOWS\system32\drivers\slnthal.sys - Ok C:\WINDOWS\system32\drivers\stream.sys - Ok C:\WINDOWS\system32\drivers\swenum.sys - Ok C:\WINDOWS\system32\drivers\sr.sys - Ok C:\WINDOWS\system32\drivers\tape.sys - Ok C:\WINDOWS\system32\drivers\swmidi.sys - Ok C:\WINDOWS\system32\drivers\slnt7554.sys - Ok C:\WINDOWS\system32\drivers\sysaudio.sys - Ok C:\WINDOWS\system32\drivers\tdi.sys - Ok C:\WINDOWS\system32\drivers\tdtcp.sys - Ok C:\WINDOWS\system32\drivers\slntamr.sys - Ok C:\WINDOWS\system32\drivers\termdd.sys - Ok C:\WINDOWS\system32\drivers\tdpipe.sys - Ok C:\WINDOWS\system32\drivers\srv.sys - Ok C:\WINDOWS\system32\drivers\tsbvcap.sys - Ok C:\WINDOWS\system32\drivers\tcpip6.sys - Ok C:\WINDOWS\system32\drivers\tunmp.sys - Ok C:\WINDOWS\system32\drivers\tosdvd.sys - Ok C:\WINDOWS\system32\drivers\uagp35.sys - Ok C:\WINDOWS\system32\drivers\tcpip.sys - Ok C:\WINDOWS\system32\drivers\udfs.sys - Ok C:\WINDOWS\system32\drivers\usb8023x.sys - Ok C:\WINDOWS\system32\drivers\usbd.sys - Ok C:\WINDOWS\system32\drivers\usbcamd.sys - Ok C:\WINDOWS\system32\drivers\usbcamd2.sys - Ok C:\WINDOWS\system32\drivers\usb8023.sys - Ok C:\WINDOWS\system32\drivers\update.sys - Ok C:\WINDOWS\system32\drivers\usbehci.sys - Ok C:\WINDOWS\system32\drivers\usbhub.sys - Ok C:\WINDOWS\system32\drivers\usbstor.sys - Ok C:\WINDOWS\system32\drivers\usbport.sys - Ok C:\WINDOWS\system32\drivers\vga.sys - Ok C:\WINDOWS\system32\drivers\vchnt5.dll - Ok C:\WINDOWS\system32\drivers\usbintel.sys - Ok C:\WINDOWS\system32\drivers\videoprt.sys - Ok C:\WINDOWS\system32\drivers\volsnap.sys - Ok C:\WINDOWS\system32\drivers\vdmindvd.sys - Ok C:\WINDOWS\system32\drivers\wacompen.sys - Ok C:\WINDOWS\system32\drivers\viaagp.sys - Ok C:\WINDOWS\system32\drivers\wadv08nt.sys - Ok C:\WINDOWS\system32\drivers\usbvideo.sys - Ok C:\WINDOWS\system32\drivers\wadv11nt.sys - Ok C:\WINDOWS\system32\drivers\wadv09nt.sys - Ok C:\WINDOWS\system32\drivers\wanarp.sys - Ok C:\WINDOWS\system32\drivers\wmilib.sys - Ok C:\WINDOWS\system32\drivers\wadv07nt.sys - Ok C:\WINDOWS\system32\drivers\etc\hosts - Ok C:\WINDOWS\system32\drivers\watv10nt.sys - Ok C:\WINDOWS\system32\drivers\etc\networks - Ok C:\WINDOWS\system32\drivers\ws2ifsl.sys - Ok C:\WINDOWS\system32\drivers\etc\services - Ok C:\WINDOWS\system32\drivers\etc\lmhosts.sam - Ok C:\WINDOWS\system32\drivers\watv06nt.sys - Ok C:\WINDOWS\system32\drivers\etc\protocol - Ok C:\WINDOWS\system32\drivers\wdmaud.sys - Ok C:\WINDOWS\system32\en-US\admparse.dll.mui - Ok C:\WINDOWS\system32\en-US\ie4uinit.exe.mui - Ok C:\WINDOWS\system32\en-US\html.iec.mui - Ok >C:\WINDOWS\system32\en-US\icardie.dll.mui is BINARYRES container C:\WINDOWS\system32\en-US\aaclient.dll.mui - Ok C:\WINDOWS\system32\en-US\icardie.dll.mui - container C:\WINDOWS\system32\en-US\ieakeng.dll.mui - Ok C:\WINDOWS\system32\en-US\iepeers.dll.mui - Ok C:\WINDOWS\system32\en-US\iernonce.dll.mui - Ok C:\WINDOWS\system32\en-US\IERtUtil.dll.mui - Ok C:\WINDOWS\system32\en-US\ieaksie.dll.mui - Ok C:\WINDOWS\system32\en-US\ieudinit.exe.mui - Ok C:\WINDOWS\system32\en-US\ieui.dll.mui - Ok C:\WINDOWS\system32\en-US\iedkcs32.dll.mui - Ok C:\WINDOWS\system32\en-US\ieakui.dll.mui - Ok >C:\WINDOWS\system32\en-US\iesetup.dll.mui is BINARYRES container C:\WINDOWS\system32\en-US\inseng.dll.mui - Ok C:\WINDOWS\system32\en-US\msfeedsbs.dll.mui - Ok C:\WINDOWS\system32\en-US\jscript.dll.mui - Ok C:\WINDOWS\system32\en-US\licmgr10.dll.mui - Ok C:\WINDOWS\system32\en-US\ieframe.dll.mui - Ok >>C:\WINDOWS\system32\en-US\iesetup.dll.mui\data003 is JS-HTML container C:\WINDOWS\system32\en-US\mshta.exe.mui - Ok C:\WINDOWS\system32\en-US\iesetup.dll.mui - container C:\WINDOWS\system32\en-US\inetcpl.cpl.mui - Ok >C:\WINDOWS\system32\en-US\mshtml.dll.mui is BINARYRES container C:\WINDOWS\system32\en-US\mstsc.exe.mui - Ok C:\WINDOWS\system32\en-US\mshtmler.dll.mui - Ok C:\WINDOWS\system32\en-US\mshtml.dll.mui - container C:\WINDOWS\system32\en-US\msrating.dll.mui - Ok C:\WINDOWS\system32\en-US\mstscax.dll.mui - Ok C:\WINDOWS\system32\en-US\PresentationHost.exe.mui - Ok C:\WINDOWS\system32\en-US\occache.dll.mui - Ok C:\WINDOWS\system32\en-US\urlmon.dll.mui - Ok C:\WINDOWS\system32\en-US\vbscript.dll.mui - Ok C:\WINDOWS\system32\en-US\UIAutomationCore.dll.mui - Ok C:\WINDOWS\system32\en-US\WinFXDocObj.exe.mui - Ok C:\WINDOWS\system32\en-US\wininet.dll.mui - Ok C:\WINDOWS\system32\en\microsoft.managementconsole.resources.dll - Ok C:\WINDOWS\system32\en\mmcfxcommon.resources.dll - Ok C:\WINDOWS\system32\icsxml\cmnicfg.xml - Ok C:\WINDOWS\system32\icsxml\ipcfg.xml - Ok C:\WINDOWS\system32\en\mmcex.resources.dll - Ok C:\WINDOWS\system32\icsxml\osinfo.xml - Ok C:\WINDOWS\system32\en-US\webcheck.dll.mui - Ok C:\WINDOWS\system32\icsxml\potscfg.xml - Ok C:\WINDOWS\system32\icsxml\pppcfg.xml - Ok C:\WINDOWS\system32\mui\0409\mscorees.dll - Ok C:\WINDOWS\system32\ias\dnary.mdb - Ok C:\WINDOWS\system32\ias\ias.mdb - Ok C:\WINDOWS\system32\mui\0009\hhctrlui.dll - Ok C:\WINDOWS\system32\mui\041b\xpsp1res.dll - Ok C:\WINDOWS\system32\mui\041b\xpob2res.dll - Ok C:\WINDOWS\system32\mui\0424\xpob2res.dll - Ok C:\WINDOWS\system32\mui\0424\xpsp1res.dll - Ok >C:\WINDOWS\system32\mui\041b\xpsp3res.dll is BINARYRES container >>C:\WINDOWS\system32\mui\041b\xpsp3res.dll\data001 is JS-HTML container C:\WINDOWS\system32\mui\041b\xpsp3res.dll - container >C:\WINDOWS\system32\mui\0409\icardres.dll.mui is BINARYRES container C:\WINDOWS\system32\npp\ndisnpp.dll - Ok >C:\WINDOWS\system32\mui\041b\xpsp2res.dll is BINARYRES container >>C:\WINDOWS\system32\mui\041b\xpsp2res.dll\data001 is JS-HTML container >>C:\WINDOWS\system32\mui\041b\xpsp2res.dll\data002 is JS-HTML container >>C:\WINDOWS\system32\mui\041b\xpsp2res.dll\data003 is JS-HTML container >>C:\WINDOWS\system32\mui\041b\xpsp2res.dll\data004 is JS-HTML container C:\WINDOWS\system32\mui\0409\icardres.dll.mui - container C:\WINDOWS\system32\mui\041b\xpsp2res.dll - container >C:\WINDOWS\system32\oobe\agtscrp2.js is JS-HTML container >C:\WINDOWS\system32\mui\0424\xpsp3res.dll is BINARYRES container >>C:\WINDOWS\system32\mui\0424\xpsp3res.dll\data001 is JS-HTML container >C:\WINDOWS\system32\mui\0424\xpsp2res.dll is BINARYRES container C:\WINDOWS\system32\mui\0424\xpsp3res.dll - container >C:\WINDOWS\system32\oobe\actshell.htm is JS-HTML container C:\WINDOWS\system32\oobe\agtscrp2.js - container >>C:\WINDOWS\system32\mui\0424\xpsp2res.dll\data001 is JS-HTML container >C:\WINDOWS\system32\oobe\agtcore.js is JS-HTML container >>C:\WINDOWS\system32\mui\0424\xpsp2res.dll\data002 is JS-HTML container >C:\WINDOWS\system32\oobe\dialmgr.js is JS-HTML container >>C:\WINDOWS\system32\mui\0424\xpsp2res.dll\data003 is JS-HTML container C:\WINDOWS\system32\npp\nppagent.exe - Ok >>C:\WINDOWS\system32\mui\0424\xpsp2res.dll\data004 is JS-HTML container C:\WINDOWS\system32\mui\0424\xpsp2res.dll - container C:\WINDOWS\system32\oobe\agtcore.js - container C:\WINDOWS\system32\oobe\actshell.htm - container C:\WINDOWS\system32\oobe\dialmgr.js - container >C:\WINDOWS\system32\oobe\dslmain.js is JS-HTML container C:\WINDOWS\system32\oobe\dslmain.js - container >C:\WINDOWS\system32\oobe\error.js is JS-HTML container >C:\WINDOWS\system32\oobe\isptype.js is JS-HTML container C:\WINDOWS\system32\oobe\isptype.js - container C:\WINDOWS\system32\oobe\migip.dun - Ok C:\WINDOWS\system32\oobe\migrate.isp - Ok C:\WINDOWS\system32\oobe\error.js - container >C:\WINDOWS\system32\oobe\iconnect.js is JS-HTML container >C:\WINDOWS\system32\oobe\icsmgr.js is JS-HTML container C:\WINDOWS\system32\oobe\iconnect.js - container C:\WINDOWS\system32\oobe\migx25a.dun - Ok C:\WINDOWS\system32\oobe\migx25b.dun - Ok C:\WINDOWS\system32\oobe\icsmgr.js - container C:\WINDOWS\system32\oobe\migx25c.dun - Ok C:\WINDOWS\system32\oobe\migrate.obe - Ok >C:\WINDOWS\system32\oobe\dtsgnup.htm is JS-HTML container C:\WINDOWS\system32\oobe\msobdl.dll - Ok C:\WINDOWS\system32\oobe\msobe.isp - Ok C:\WINDOWS\system32\oobe\msobcomm.dll - Ok >C:\WINDOWS\system32\oobe\mousetut.js is JS-HTML container >C:\WINDOWS\system32\oobe\msobshel.dll is BINARYRES container C:\WINDOWS\system32\oobe\mousetut.js - container >>C:\WINDOWS\system32\oobe\msobshel.dll\data001 is JS-HTML container >C:\WINDOWS\system32\oobe\migrate.js is JS-HTML container C:\WINDOWS\system32\oobe\dtsgnup.htm - container C:\WINDOWS\system32\oobe\msobshel.dll - container >C:\WINDOWS\system32\oobe\agtscrpt.js is JS-HTML container C:\WINDOWS\system32\oobe\migrate.js - container C:\WINDOWS\system32\oobe\msobmain.dll - Ok C:\WINDOWS\system32\oobe\msobweb.dll - Ok >C:\WINDOWS\system32\oobe\oobeinfo.ini is JS-HTML container C:\WINDOWS\system32\oobe\msoobe.exe - Ok C:\WINDOWS\system32\oobe\obeip.dun - Ok C:\WINDOWS\system32\oobe\oobeinfo.ini - container >C:\WINDOWS\system32\oobe\oobeutil.js is JS-HTML container C:\WINDOWS\system32\oobe\phone.inf - Ok C:\WINDOWS\system32\oobe\oobeutil.js - container C:\WINDOWS\system32\oobe\reg.isp - Ok >C:\WINDOWS\system32\oobe\sconnect.js is JS-HTML container C:\WINDOWS\system32\oobe\sconnect.js - container >C:\WINDOWS\system32\oobe\msobshel.htm is JS-HTML container C:\WINDOWS\system32\oobe\oobebaln.exe - Ok C:\WINDOWS\system32\oobe\phone.obe - Ok C:\WINDOWS\system32\oobe\agtscrpt.js - container >C:\WINDOWS\system32\oobe\actsetup\actdone.htm is JS-HTML container C:\WINDOWS\system32\oobe\actsetup\actdone.htm - container >C:\WINDOWS\system32\oobe\actsetup\actconn.htm is JS-HTML container C:\WINDOWS\system32\oobe\actsetup\actconn.htm - container >C:\WINDOWS\system32\oobe\actsetup\activerr.htm is JS-HTML container C:\WINDOWS\system32\oobe\actsetup\activerr.htm - container >C:\WINDOWS\system32\oobe\updshell.htm is JS-HTML container >C:\WINDOWS\system32\oobe\actsetup\activ.htm is JS-HTML container C:\WINDOWS\system32\oobe\actsetup\activ.htm - container >C:\WINDOWS\system32\oobe\actsetup\actlan.htm is JS-HTML container C:\WINDOWS\system32\oobe\actsetup\actlan.htm - container >C:\WINDOWS\system32\oobe\actsetup\activsvc.htm is JS-HTML container C:\WINDOWS\system32\oobe\actsetup\activsvc.htm - container >C:\WINDOWS\system32\oobe\actsetup\adeskerr.htm is JS-HTML container C:\WINDOWS\system32\oobe\actsetup\adeskerr.htm - container C:\WINDOWS\system32\oobe\msobshel.htm - container >C:\WINDOWS\system32\oobe\actsetup\adrdyreg.htm is JS-HTML container C:\WINDOWS\system32\oobe\actsetup\adrdyreg.htm - container >C:\WINDOWS\system32\oobe\actsetup\aregdial.htm is JS-HTML container C:\WINDOWS\system32\oobe\actsetup\aregdial.htm - container >C:\WINDOWS\system32\oobe\actsetup\apolicy.htm is JS-HTML container C:\WINDOWS\system32\oobe\actsetup\apolicy.htm - container C:\WINDOWS\system32\oobe\updshell.htm - container >C:\WINDOWS\system32\oobe\actsetup\areg1.htm is JS-HTML container C:\WINDOWS\system32\oobe\actsetup\areg1.htm - container >C:\WINDOWS\system32\oobe\actsetup\aregdone.htm is JS-HTML container C:\WINDOWS\system32\oobe\actsetup\aregdone.htm - container >C:\WINDOWS\system32\oobe\actsetup\aprvcyms.htm is JS-HTML container C:\WINDOWS\system32\oobe\actsetup\aregsty2.css - Ok C:\WINDOWS\system32\oobe\actsetup\aprvcyms.htm - container C:\WINDOWS\system32\oobe\actsetup\aregstyl.css - Ok >C:\WINDOWS\system32\oobe\error\cnncterr.htm is JS-HTML container >C:\WINDOWS\system32\oobe\error\hndshake.htm is JS-HTML container C:\WINDOWS\system32\oobe\error\cnncterr.htm - container >C:\WINDOWS\system32\oobe\error\isp2busy.htm is JS-HTML container C:\WINDOWS\system32\oobe\error\hndshake.htm - container C:\WINDOWS\system32\oobe\error\isp2busy.htm - container >C:\WINDOWS\system32\oobe\error\dialtone.htm is JS-HTML container C:\WINDOWS\system32\oobe\error\dialtone.htm - container >C:\WINDOWS\system32\oobe\error\pberr.htm is JS-HTML container C:\WINDOWS\system32\oobe\error\pberr.htm - container >C:\WINDOWS\system32\oobe\actsetup\ausrinfo.htm is JS-HTML container C:\WINDOWS\system32\oobe\actsetup\ausrinfo.htm - container >C:\WINDOWS\system32\oobe\error\pulse.htm is JS-HTML container >C:\WINDOWS\system32\oobe\error\noanswer.htm is JS-HTML container C:\WINDOWS\system32\oobe\error\pulse.htm - container C:\WINDOWS\system32\oobe\error\noanswer.htm - container >C:\WINDOWS\system32\oobe\html\dslmain\dsl_a.htm is JS-HTML container C:\WINDOWS\system32\oobe\html\dslmain\dsl_a.htm - container >C:\WINDOWS\system32\oobe\html\iconnect\icntlast.htm is JS-HTML container >C:\WINDOWS\system32\oobe\html\dslmain\dslmain.htm is JS-HTML container >C:\WINDOWS\system32\oobe\error\toobusy.htm is JS-HTML container C:\WINDOWS\system32\oobe\error\toobusy.htm - container >C:\WINDOWS\system32\oobe\html\dslmain\dsl_b.htm is JS-HTML container C:\WINDOWS\system32\oobe\html\dslmain\dsl_b.htm - container >C:\WINDOWS\system32\oobe\html\iconnect\iconnect.htm is JS-HTML container >C:\WINDOWS\system32\oobe\html\isptype\isptype.htm is JS-HTML container C:\WINDOWS\system32\oobe\html\dslmain\dslmain.htm - container >C:\WINDOWS\system32\oobe\html\mouse\mouse_a.htm is JS-HTML container C:\WINDOWS\system32\oobe\html\iconnect\icntlast.htm - container C:\WINDOWS\system32\oobe\html\iconnect\iconnect.htm - container C:\WINDOWS\system32\oobe\html\mouse\mouse_a.htm - container >C:\WINDOWS\system32\oobe\html\mouse\mouse.htm is JS-HTML container C:\WINDOWS\system32\oobe\html\isptype\isptype.htm - container >C:\WINDOWS\system32\oobe\html\mouse\mouse_b.htm is JS-HTML container >C:\WINDOWS\system32\oobe\html\mouse\mouse_c.htm is JS-HTML container >C:\WINDOWS\system32\oobe\html\mouse\mouse_e.htm is JS-HTML container C:\WINDOWS\system32\oobe\html\mouse\mouse_b.htm - container >C:\WINDOWS\system32\oobe\html\mouse\mouse_d.htm is JS-HTML container C:\WINDOWS\system32\oobe\html\mouse\mouse.htm - container C:\WINDOWS\system32\oobe\html\mouse\mouse_c.htm - container >C:\WINDOWS\system32\oobe\html\mouse\mouse_f.htm is JS-HTML container C:\WINDOWS\system32\oobe\html\mouse\mouse_f.htm - container C:\WINDOWS\system32\oobe\html\mouse\mouse_e.htm - container C:\WINDOWS\system32\oobe\html\mouse\mouse_d.htm - container >C:\WINDOWS\system32\oobe\html\mouse\mouse_h.htm is JS-HTML container C:\WINDOWS\system32\oobe\html\mouse\mouse_h.htm - container >C:\WINDOWS\system32\oobe\html\mouse\mouse_g.htm is JS-HTML container >C:\WINDOWS\system32\oobe\html\mouse\mouse_j.htm is JS-HTML container C:\WINDOWS\system32\oobe\html\mouse\mouse_j.htm - container C:\WINDOWS\system32\oobe\html\mouse\mouse_g.htm - container C:\WINDOWS\system32\oobe\html\mouse\images\bulzanom.jpg - Ok >C:\WINDOWS\system32\oobe\html\mouse\mouse_i.htm is JS-HTML container C:\WINDOWS\system32\oobe\html\mouse\images\but1_idl.gif - Ok C:\WINDOWS\system32\oobe\html\mouse\images\bulzano.jpg - Ok C:\WINDOWS\system32\oobe\html\mouse\mouse_i.htm - container C:\WINDOWS\system32\oobe\html\mouse\images\but1_dwn.gif - Ok C:\WINDOWS\system32\oobe\html\mouse\images\but1_up.gif - Ok C:\WINDOWS\system32\oobe\html\mouse\images\but2_up.gif - Ok C:\WINDOWS\system32\oobe\html\mouse\images\but2_dwn.gif - Ok C:\WINDOWS\system32\oobe\html\mouse\images\but2_idl.gif - Ok C:\WINDOWS\system32\oobe\html\mouse\images\but3_dwn.gif - Ok C:\WINDOWS\system32\oobe\html\mouse\images\but4_idl.gif - Ok C:\WINDOWS\system32\oobe\html\mouse\images\but3_up.gif - Ok C:\WINDOWS\system32\oobe\html\mouse\images\but3_idl.gif - Ok C:\WINDOWS\system32\oobe\html\mouse\images\but4_dwn.gif - Ok C:\WINDOWS\system32\oobe\html\mouse\images\but4_up.gif - Ok C:\WINDOWS\system32\oobe\html\mouse\images\desktop3.gif - Ok >C:\WINDOWS\system32\oobe\html\mouse\mouse_k.htm is JS-HTML container C:\WINDOWS\system32\oobe\html\mouse\images\clicking.gif - Ok C:\WINDOWS\system32\oobe\html\mouse\images\heidelbm.jpg - Ok C:\WINDOWS\system32\oobe\html\mouse\mouse_k.htm - container C:\WINDOWS\system32\oobe\html\mouse\images\mouse4.gif - Ok C:\WINDOWS\system32\oobe\html\mouse\images\heidelb.jpg - Ok C:\WINDOWS\system32\oobe\html\mouse\images\parism.jpg - Ok C:\WINDOWS\system32\oobe\html\mouse\images\mouseimg.gif - Ok C:\WINDOWS\system32\oobe\html\mouse\images\pisa.jpg - Ok C:\WINDOWS\system32\oobe\html\mouse\images\pisam.jpg - Ok C:\WINDOWS\system32\oobe\html\mouse\images\praguem.jpg - Ok C:\WINDOWS\system32\oobe\html\mouse\images\prague.jpg - Ok C:\WINDOWS\system32\oobe\html\mouse\images\paris.jpg - Ok C:\WINDOWS\system32\oobe\html\mouse\images\tyrol.jpg - Ok C:\WINDOWS\system32\oobe\html\mouse\images\tyrolm.jpg - Ok C:\WINDOWS\system32\oobe\html\mouse\images\venicem.jpg - Ok C:\WINDOWS\system32\oobe\html\mouse\images\venice.jpg - Ok C:\WINDOWS\system32\oobe\html\mouse\images\verona.jpg - Ok C:\WINDOWS\system32\oobe\html\mouse\images\veronam.jpg - Ok C:\WINDOWS\system32\oobe\images\arrow.gif - Ok C:\WINDOWS\system32\oobe\images\backover.jpg - Ok C:\WINDOWS\system32\oobe\images\backoff.jpg - Ok C:\WINDOWS\system32\oobe\images\backup.jpg - Ok C:\WINDOWS\system32\oobe\images\btn1.gif - Ok >C:\WINDOWS\system32\oobe\html\sconnect\scntlast.htm is JS-HTML container >C:\WINDOWS\system32\oobe\html\sconnect\sconnect.htm is JS-HTML container C:\WINDOWS\system32\oobe\images\btn2.gif - Ok C:\WINDOWS\system32\oobe\images\backdown.jpg - Ok C:\WINDOWS\system32\oobe\images\btn3.gif - Ok C:\WINDOWS\system32\oobe\images\bullet1.gif - Ok C:\WINDOWS\system32\oobe\images\clickhr.gif - Ok C:\WINDOWS\system32\oobe\images\dialtone.gif - Ok C:\WINDOWS\system32\oobe\images\greenshd.gif - Ok >C:\WINDOWS\system32\oobe\icserror\icsdc.htm is JS-HTML container C:\WINDOWS\system32\oobe\images\clickerx.wav - Ok C:\WINDOWS\system32\oobe\icserror\icsdc.htm - container C:\WINDOWS\system32\oobe\images\dialup.gif - Ok C:\WINDOWS\system32\oobe\images\grn_btn.gif - Ok C:\WINDOWS\system32\oobe\html\sconnect\scntlast.htm - container C:\WINDOWS\system32\oobe\images\hand1.gif - Ok C:\WINDOWS\system32\oobe\images\hand2.gif - Ok C:\WINDOWS\system32\oobe\html\sconnect\sconnect.htm - container C:\WINDOWS\system32\oobe\images\merlin.gif - Ok C:\WINDOWS\system32\oobe\images\magnify.gif - Ok C:\WINDOWS\system32\oobe\images\monitor.gif - Ok C:\WINDOWS\system32\oobe\images\monitor2.gif - Ok C:\WINDOWS\system32\oobe\images\mouse.gif - Ok C:\WINDOWS\system32\oobe\images\mslogo.jpg - Ok C:\WINDOWS\system32\oobe\images\newbtm1.jpg - Ok C:\WINDOWS\system32\oobe\images\newmark1.jpg - Ok C:\WINDOWS\system32\oobe\images\newtop1.jpg - Ok C:\WINDOWS\system32\oobe\images\mousewn1.gif - Ok C:\WINDOWS\system32\oobe\images\newbtm8.jpg - Ok C:\WINDOWS\system32\oobe\images\newtop8.jpg - Ok C:\WINDOWS\system32\oobe\images\nextdown.jpg - Ok C:\WINDOWS\system32\oobe\images\nextoff.jpg - Ok C:\WINDOWS\system32\oobe\images\nextup.jpg - Ok C:\WINDOWS\system32\oobe\images\nextover.jpg - Ok C:\WINDOWS\system32\oobe\images\oemcoa.jpg - Ok C:\WINDOWS\system32\oobe\images\newmark8.jpg - Ok C:\WINDOWS\system32\oobe\images\oemlogo.gif - Ok C:\WINDOWS\system32\oobe\images\qmark.gif - Ok C:\WINDOWS\system32\oobe\images\qmark.acs - Ok C:\WINDOWS\system32\oobe\images\redshd.gif - Ok C:\WINDOWS\system32\oobe\images\prodkey.gif - Ok C:\WINDOWS\system32\oobe\images\skipup.jpg - Ok C:\WINDOWS\system32\oobe\images\skipdown.jpg - Ok C:\WINDOWS\system32\oobe\images\skipoff.jpg - Ok C:\WINDOWS\system32\oobe\images\skipover.jpg - Ok C:\WINDOWS\system32\oobe\images\progress.gif - Ok C:\WINDOWS\system32\oobe\images\wpabtm.jpg - Ok C:\WINDOWS\system32\oobe\images\intro.wmv - Ok C:\WINDOWS\system32\oobe\images\wpaflag.jpg - Ok C:\WINDOWS\system32\oobe\images\thanks8.png - Ok C:\WINDOWS\system32\oobe\images\wpaback.jpg - Ok C:\WINDOWS\system32\oobe\images\wpakey.jpg - Ok C:\WINDOWS\system32\oobe\images\thanks10.png - Ok C:\WINDOWS\system32\oobe\images\wpatop.jpg - Ok C:\WINDOWS\system32\oobe\isperror\ispins.htm - Ok C:\WINDOWS\system32\oobe\isperror\ispcnerr.htm - Ok C:\WINDOWS\system32\oobe\images\title.wma - Ok C:\WINDOWS\system32\oobe\isperror\isphdshk.htm - Ok C:\WINDOWS\system32\oobe\isperror\ispdtone.htm - Ok >C:\WINDOWS\system32\oobe\isperror\isppberr.htm is JS-HTML container C:\WINDOWS\system32\oobe\isperror\ispnoanw.htm - Ok C:\WINDOWS\system32\oobe\isperror\isppberr.htm - container >C:\WINDOWS\system32\oobe\regerror\rcnterr.htm is JS-HTML container C:\WINDOWS\system32\oobe\regerror\rcnterr.htm - container C:\WINDOWS\system32\oobe\isperror\ispphbsy.htm - Ok C:\WINDOWS\system32\oobe\isperror\ispsbusy.htm - Ok >C:\WINDOWS\system32\oobe\regerror\rhndshk.htm is JS-HTML container >C:\WINDOWS\system32\oobe\regerror\rdtone.htm is JS-HTML container C:\WINDOWS\system32\oobe\regerror\rdtone.htm - container C:\WINDOWS\system32\oobe\regerror\rhndshk.htm - container >C:\WINDOWS\system32\oobe\regerror\rpberr.htm is JS-HTML container C:\WINDOWS\system32\oobe\regerror\rpberr.htm - container >C:\WINDOWS\system32\oobe\regerror\rpulse.htm is JS-HTML container C:\WINDOWS\system32\oobe\regerror\rpulse.htm - container >C:\WINDOWS\system32\oobe\regerror\rnomdm.htm is JS-HTML container C:\WINDOWS\system32\oobe\regerror\rnomdm.htm - container >C:\WINDOWS\system32\oobe\regerror\rtoobusy.htm is JS-HTML container C:\WINDOWS\system32\oobe\regerror\rtoobusy.htm - container >C:\WINDOWS\system32\oobe\regerror\rnoansw.htm is JS-HTML container C:\WINDOWS\system32\oobe\regerror\rnoansw.htm - container >C:\WINDOWS\system32\oobe\setup\acterror.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\acterror.htm - container >C:\WINDOWS\system32\oobe\setup\act_plcy.htm is JS-HTML container >C:\WINDOWS\system32\oobe\setup\autoupdt.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\act_plcy.htm - container C:\WINDOWS\system32\oobe\setup\autoupdt.htm - container >C:\WINDOWS\system32\oobe\setup\activate.htm is JS-HTML container >C:\WINDOWS\system32\oobe\setup\badeula.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\activate.htm - container >C:\WINDOWS\system32\oobe\setup\badpkey.htm is JS-HTML container >C:\WINDOWS\system32\oobe\setup\dialup.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\badeula.htm - container C:\WINDOWS\system32\oobe\setup\dialup.htm - container >C:\WINDOWS\system32\oobe\setup\au_plcy.htm is JS-HTML container >C:\WINDOWS\system32\oobe\setup\drdyisp.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\badpkey.htm - container C:\WINDOWS\system32\oobe\setup\au_plcy.htm - container C:\WINDOWS\system32\oobe\setup\drdyisp.htm - container >C:\WINDOWS\system32\oobe\setup\compname.htm is JS-HTML container >C:\WINDOWS\system32\oobe\setup\dtiwait.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\compname.htm - container C:\WINDOWS\system32\oobe\setup\dtiwait.htm - container >C:\WINDOWS\system32\oobe\setup\drdymig.htm is JS-HTML container >C:\WINDOWS\system32\oobe\setup\drdyoem.htm is JS-HTML container >C:\WINDOWS\system32\oobe\setup\drdyref.htm is JS-HTML container >C:\WINDOWS\system32\oobe\setup\hnwprmpt.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\hnwprmpt.htm - container C:\WINDOWS\system32\oobe\setup\drdyoem.htm - container C:\WINDOWS\system32\oobe\setup\drdymig.htm - container >C:\WINDOWS\system32\oobe\setup\fini.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\drdyref.htm - container C:\WINDOWS\system32\oobe\setup\fini.htm - container >C:\WINDOWS\system32\oobe\setup\iconn.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\iconn.htm - container >C:\WINDOWS\system32\oobe\setup\ispwait.htm is JS-HTML container >C:\WINDOWS\system32\oobe\setup\isp.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\ispwait.htm - container C:\WINDOWS\system32\oobe\setup\isp.htm - container >C:\WINDOWS\system32\oobe\setup\ident1.htm is JS-HTML container >C:\WINDOWS\system32\oobe\setup\ics.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\ident1.htm - container >C:\WINDOWS\system32\oobe\setup\jndomain.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\ics.htm - container C:\WINDOWS\system32\oobe\setup\jndomain.htm - container >C:\WINDOWS\system32\oobe\setup\keybdcmt.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\migdial.htm - Ok C:\WINDOWS\system32\oobe\setup\keybdcmt.htm - container >C:\WINDOWS\system32\oobe\setup\keybd.htm is JS-HTML container >C:\WINDOWS\system32\oobe\setup\jndom_a.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\keybd.htm - container C:\WINDOWS\system32\oobe\setup\jndom_a.htm - container >C:\WINDOWS\system32\oobe\setup\miglist.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\miglist.htm - container >C:\WINDOWS\system32\oobe\setup\ident2.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\ident2.htm - container >C:\WINDOWS\system32\oobe\setup\neweula2.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\Oobedisc.htm - Ok >C:\WINDOWS\system32\oobe\setup\oempriv.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\oempriv.htm - container C:\WINDOWS\system32\oobe\setup\neweula2.htm - container >C:\WINDOWS\system32\oobe\setup\migpage.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\oobestyl.css - Ok C:\WINDOWS\system32\oobe\setup\migpage.htm - container >C:\WINDOWS\system32\oobe\setup\neweula.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\neweula.htm - container >C:\WINDOWS\system32\oobe\setup\reg1.htm is JS-HTML container >C:\WINDOWS\system32\oobe\setup\prodkey.htm is JS-HTML container >C:\WINDOWS\system32\oobe\setup\prvcyms.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\reg1.htm - container C:\WINDOWS\system32\oobe\setup\prvcyms.htm - container >C:\WINDOWS\system32\oobe\setup\refdial.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\regdial.htm - Ok C:\WINDOWS\system32\oobe\setup\refdial.htm - container C:\WINDOWS\system32\oobe\setup\prodkey.htm - container >C:\WINDOWS\system32\oobe\setup\reg3.htm is JS-HTML container >C:\WINDOWS\system32\oobe\setup\timezone.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\timezone.htm - container C:\WINDOWS\system32\oobe\setup\reg3.htm - container C:\WINDOWS\system32\ras\cis.scp - Ok C:\WINDOWS\system32\ras\pad.inf - Ok >C:\WINDOWS\system32\oobe\setup\security.htm is JS-HTML container C:\WINDOWS\system32\ras\pppmenu.scp - Ok C:\WINDOWS\system32\oobe\setup\security.htm - container C:\WINDOWS\system32\ras\switch.inf - Ok C:\WINDOWS\system32\ras\slip.scp - Ok C:\WINDOWS\system32\ras\slipmenu.scp - Ok >C:\WINDOWS\system32\oobe\setup\username.htm is JS-HTML container C:\WINDOWS\system32\oobe\setup\username.htm - container >C:\WINDOWS\system32\oobe\setup\welcome.htm is JS-HTML container C:\WINDOWS\system32\scripting\msscript.ocx.mui - Ok C:\WINDOWS\system32\scripting\scrobj.dll.mui - Ok C:\WINDOWS\system32\scripting\cscript.exe.mui - Ok C:\WINDOWS\system32\scripting\jscript.dll.mui - Ok C:\WINDOWS\system32\scripting\scrrun.dll.mui - Ok C:\WINDOWS\system32\oobe\setup\welcome.htm - container C:\WINDOWS\system32\scripting\wscript.exe.mui - Ok C:\WINDOWS\system32\spool\XPSEP\msxpsinc.gpd - Ok C:\WINDOWS\system32\scripting\wshom.ocx.mui - Ok C:\WINDOWS\system32\scripting\vbscript.dll.mui - Ok C:\WINDOWS\system32\scripting\wshext.dll.mui - Ok C:\WINDOWS\system32\spool\XPSEP\msxpsdrv.cat - Ok C:\WINDOWS\system32\spool\XPSEP\msxpsdrv.inf - Ok C:\WINDOWS\system32\spool\XPSEP\msxpsinc.ppd - Ok C:\WINDOWS\system32\spool\XPSEP\amd64\msxpsinc.ppd - Ok C:\WINDOWS\system32\spool\XPSEP\amd64\msxpsinc.gpd - Ok C:\WINDOWS\system32\spool\XPSEP\amd64\msxpsdrv.cat - Ok C:\WINDOWS\system32\spool\XPSEP\amd64\msxpsdrv.inf - Ok C:\WINDOWS\system32\spool\XPSEP\i386\msxpsdrv.inf - Ok C:\WINDOWS\system32\spool\XPSEP\i386\msxpsdrv.cat - Ok C:\WINDOWS\system32\spool\XPSEP\i386\msxpsinc.gpd - Ok C:\WINDOWS\system32\spool\XPSEP\i386\msxpsinc.ppd - Ok C:\WINDOWS\system32\spool\XPSEP\amd64\mxdwdrv.dll - Ok C:\WINDOWS\system32\spool\XPSEP\amd64\amd64\mxdwdrv.dll - Ok C:\WINDOWS\system32\spool\XPSEP\amd64\amd64\xpssvcs.dll - Ok C:\WINDOWS\system32\spool\drivers\color\is330.icm - Ok C:\WINDOWS\system32\spool\XPSEP\amd64\xpssvcs.dll - Ok C:\WINDOWS\system32\spool\drivers\color\sRGB Color Space Profile.icm - Ok C:\WINDOWS\system32\spool\drivers\color\kodak_dc.icm - Ok C:\WINDOWS\system32\spool\drivers\w32x86\3\mxdwdui.BUD - Ok C:\WINDOWS\system32\spool\XPSEP\i386\mxdwdrv.dll - Ok C:\WINDOWS\system32\spool\drivers\w32x86\3\mxdwdui.gpd - Ok C:\WINDOWS\system32\spool\drivers\w32x86\3\mxdwdui.dll - Ok C:\WINDOWS\system32\spool\drivers\w32x86\3\mxdwdui.ini - Ok C:\WINDOWS\system32\spool\drivers\w32x86\3\stddtype.gdl - Ok C:\WINDOWS\system32\spool\XPSEP\i386\i386\mxdwdrv.dll - Ok C:\WINDOWS\system32\spool\drivers\w32x86\3\stdschem.gdl - Ok C:\WINDOWS\system32\spool\drivers\w32x86\3\stdschmx.gdl - Ok C:\WINDOWS\system32\spool\drivers\w32x86\3\unidrv.hlp - Ok C:\WINDOWS\system32\spool\drivers\w32x86\3\stdnames.gpd - Ok C:\WINDOWS\system32\spool\drivers\w32x86\3\mxdwdrv.dll - Ok C:\WINDOWS\system32\spool\XPSEP\i386\xpssvcs.dll - Ok C:\WINDOWS\system32\spool\drivers\w32x86\3\unidrv.dll - Ok C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - Ok
- January 2, 2013
- 79 replies
Outgoing Malicious IP Blocks. Suspect Infection

MicQsenoch replied to MicQsenoch's topic in Resolved Malware Removal Logs

C:\WINDOWS\system32\dllcache\msgpc.sys - Ok C:\WINDOWS\system32\dllcache\msgrocm.dll - Ok C:\WINDOWS\system32\dllcache\msdxm.ocx - Ok C:\WINDOWS\system32\dllcache\msgsvc.dll - Ok C:\WINDOWS\system32\dllcache\mshearts.exe - Ok C:\WINDOWS\system32\dllcache\msftedit.dll - Ok C:\WINDOWS\system32\dllcache\mshta.exe - Ok C:\WINDOWS\system32\dllcache\mshtmled.dll - Ok C:\WINDOWS\system32\dllcache\mshtmler.dll - Ok C:\WINDOWS\system32\dllcache\msident.dll - Ok C:\WINDOWS\system32\dllcache\msgina.dll - Ok C:\WINDOWS\system32\dllcache\msidntld.dll - Ok C:\WINDOWS\system32\dllcache\msidle.dll - Ok C:\WINDOWS\system32\dllcache\msieftp.dll - Ok C:\WINDOWS\system32\dllcache\mshtml.tlb - Ok C:\WINDOWS\system32\dllcache\msimain.sdb - Ok C:\WINDOWS\system32\dllcache\msiexec.exe - Ok C:\WINDOWS\system32\dllcache\msimg32.dll - Ok C:\WINDOWS\system32\dllcache\msihnd.dll - Ok C:\WINDOWS\system32\dllcache\msimn.exe - Ok C:\WINDOWS\system32\dllcache\msimtf.dll - Ok C:\WINDOWS\system32\dllcache\msi.dll - Ok C:\WINDOWS\system32\dllcache\msimsg.dll - Ok C:\WINDOWS\system32\dllcache\msinfo32.exe - Ok C:\WINDOWS\system32\dllcache\msinfo.dll - Ok C:\WINDOWS\system32\dllcache\msircomm.sys - Ok C:\WINDOWS\system32\dllcache\msir3jp.dll - Ok >C:\WINDOWS\system32\dllcache\msisip.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\msgr3en.dll - Ok C:\WINDOWS\system32\dllcache\msisip.dll - Ok C:\WINDOWS\system32\dllcache\msiregmv.exe - Ok C:\WINDOWS\system32\dllcache\msiprov.dll - Ok C:\WINDOWS\system32\dllcache\msjint40.dll - Ok C:\WINDOWS\system32\dllcache\msjro.dll - Ok C:\WINDOWS\system32\dllcache\msjter40.dll - Ok C:\WINDOWS\system32\dllcache\mskssrv.sys - Ok C:\WINDOWS\system32\dllcache\msjetol1.dll - Ok C:\WINDOWS\system32\dllcache\msjet40.dll - Ok C:\WINDOWS\system32\dllcache\msjtes40.dll - Ok C:\WINDOWS\system32\dllcache\mslbui.dll - Ok C:\WINDOWS\system32\dllcache\msls31.dll - Ok C:\WINDOWS\system32\dllcache\mslwvtts.dll - Ok C:\WINDOWS\system32\dllcache\msmpu401.sys - Ok C:\WINDOWS\system32\dllcache\msltus40.dll - Ok C:\WINDOWS\system32\dllcache\msobdl.dll - Ok C:\WINDOWS\system32\dllcache\msobcomm.dll - Ok C:\WINDOWS\system32\dllcache\msnetobj.dll - Ok C:\WINDOWS\system32\dllcache\msir3jp.lex - Ok C:\WINDOWS\system32\dllcache\msobjs.dll - Ok >C:\WINDOWS\system32\dllcache\msobshel.dll is BINARYRES container C:\WINDOWS\system32\dllcache\msobweb.dll - Ok >>C:\WINDOWS\system32\dllcache\msobshel.dll\data001 is JS-HTML container C:\WINDOWS\system32\dllcache\msobshel.dll - container C:\WINDOWS\system32\dllcache\msnsspc.dll - Ok C:\WINDOWS\system32\dllcache\mshtml.dll - Ok C:\WINDOWS\system32\dllcache\msoobe.exe - Ok C:\WINDOWS\system32\dllcache\msoert2.dll - Ok C:\WINDOWS\system32\dllcache\msorc32r.dll - Ok C:\WINDOWS\system32\dllcache\msoeacct.dll - Ok C:\WINDOWS\system32\dllcache\msobmain.dll - Ok C:\WINDOWS\system32\dllcache\msorcl32.dll - Ok C:\WINDOWS\system32\dllcache\mspatcha.dll - Ok C:\WINDOWS\system32\dllcache\mspclock.sys - Ok C:\WINDOWS\system32\dllcache\mspaint.exe - Ok C:\WINDOWS\system32\dllcache\mspbde40.dll - Ok >C:\WINDOWS\system32\dllcache\msoe.dll is BINARYRES container >>C:\WINDOWS\system32\dllcache\msoe.dll\data001 is JS-HTML container C:\WINDOWS\system32\dllcache\msoe.dll - container C:\WINDOWS\system32\dllcache\mspmsp.dll - Ok C:\WINDOWS\system32\dllcache\msprivs.dll - Ok C:\WINDOWS\system32\dllcache\mspqm.sys - Ok C:\WINDOWS\system32\dllcache\msr2cenu.dll - Ok C:\WINDOWS\system32\dllcache\msports.dll - Ok C:\WINDOWS\system32\dllcache\msr2c.dll - Ok C:\WINDOWS\system32\dllcache\msratelc.dll - Ok C:\WINDOWS\system32\dllcache\mspmsnsv.dll - Ok C:\WINDOWS\system32\dllcache\msrating.dll - Ok C:\WINDOWS\system32\dllcache\msriffwv.sys - Ok C:\WINDOWS\system32\dllcache\msrle32.dll - Ok C:\WINDOWS\system32\dllcache\msscds32.ax - Ok >C:\WINDOWS\system32\dllcache\msoeres.dll is BINARYRES container C:\WINDOWS\system32\dllcache\msrd2x40.dll - Ok C:\WINDOWS\system32\dllcache\msoeres.dll - container C:\WINDOWS\system32\dllcache\mssap.dll - Ok C:\WINDOWS\system32\dllcache\msscript.ocx - Ok C:\WINDOWS\system32\dllcache\msshamsg.dll - Ok C:\WINDOWS\system32\dllcache\msrepl40.dll - Ok C:\WINDOWS\system32\dllcache\mssha.dll - Ok C:\WINDOWS\system32\dllcache\mssmbios.sys - Ok C:\WINDOWS\system32\dllcache\mssign32.dll - Ok C:\WINDOWS\system32\dllcache\mssip32.dll - Ok C:\WINDOWS\system32\dllcache\mssoapr.dll - Ok C:\WINDOWS\system32\dllcache\msswch.dll - Ok C:\WINDOWS\system32\dllcache\msrd3x40.dll - Ok C:\WINDOWS\system32\dllcache\msswchx.exe - Ok C:\WINDOWS\system32\dllcache\msscp.dll - Ok C:\WINDOWS\system32\dllcache\mstee.sys - Ok C:\WINDOWS\system32\dllcache\mst123.dll - Ok C:\WINDOWS\system32\dllcache\mstape.sys - Ok C:\WINDOWS\system32\dllcache\mssoap1.dll - Ok C:\WINDOWS\system32\dllcache\mst120.dll - Ok C:\WINDOWS\system32\dllcache\mstlsapi.dll - Ok C:\WINDOWS\system32\dllcache\mstask.dll - Ok C:\WINDOWS\system32\dllcache\mstext40.dll - Ok C:\WINDOWS\system32\dllcache\mstime.dll - Ok C:\WINDOWS\system32\dllcache\msv1_0.dll - Ok C:\WINDOWS\system32\dllcache\msvcirt.dll - Ok C:\WINDOWS\system32\dllcache\msutb.dll - Ok C:\WINDOWS\system32\dllcache\mstsc.exe - Ok C:\WINDOWS\system32\dllcache\msvcp60.dll - Ok C:\WINDOWS\system32\dllcache\mstinit.exe - Ok C:\WINDOWS\system32\dllcache\msvcrt40.dll - Ok C:\WINDOWS\system32\dllcache\msvcp50.dll - Ok C:\WINDOWS\system32\dllcache\msvcrt.dll - Ok C:\WINDOWS\system32\dllcache\msvidc32.dll - Ok C:\WINDOWS\system32\dllcache\msvideo.dll - Ok C:\WINDOWS\system32\dllcache\msvcrt20.dll - Ok C:\WINDOWS\system32\dllcache\msw3prt.dll - Ok C:\WINDOWS\system32\dllcache\msvfw32.dll - Ok C:\WINDOWS\system32\dllcache\mswsock.dll - Ok C:\WINDOWS\system32\dllcache\mswmdm.dll - Ok C:\WINDOWS\system32\dllcache\mswdat10.dll - Ok C:\WINDOWS\system32\dllcache\mswebdvd.dll - Ok C:\WINDOWS\system32\dllcache\msxactps.dll - Ok C:\WINDOWS\system32\dllcache\mstscax.dll - Ok C:\WINDOWS\system32\dllcache\msxbde40.dll - Ok C:\WINDOWS\system32\dllcache\msxml2r.dll - Ok C:\WINDOWS\system32\dllcache\mswstr10.dll - Ok C:\WINDOWS\system32\dllcache\msxml3r.dll - Ok C:\WINDOWS\system32\dllcache\msvidctl.dll - Ok >C:\WINDOWS\system32\dllcache\msxml.dll is BINARYRES container >>C:\WINDOWS\system32\dllcache\msxml.dll\data001 is JS-HTML container >>C:\WINDOWS\system32\dllcache\msxml.dll\data002 is JS-HTML container >>C:\WINDOWS\system32\dllcache\msxml.dll\data003 is JS-HTML container C:\WINDOWS\system32\dllcache\msxml.dll - container C:\WINDOWS\system32\dllcache\msxmlr.dll - Ok C:\WINDOWS\system32\dllcache\msxml6r.dll - Ok C:\WINDOWS\system32\dllcache\msyuv.dll - Ok C:\WINDOWS\system32\dllcache\mtsadmin.tlb - Ok C:\WINDOWS\system32\dllcache\mtlmnt5.sys - Ok C:\WINDOWS\system32\dllcache\mtxclu.dll - Ok C:\WINDOWS\system32\dllcache\mtstocom.exe - Ok C:\WINDOWS\system32\dllcache\mtxex.dll - Ok >C:\WINDOWS\system32\dllcache\msxml2.dll is BINARYRES container >>C:\WINDOWS\system32\dllcache\msxml2.dll\data001 is JS-HTML container >>C:\WINDOWS\system32\dllcache\msxml2.dll\data002 is JS-HTML container >>C:\WINDOWS\system32\dllcache\msxml2.dll\data003 is JS-HTML container C:\WINDOWS\system32\dllcache\msxml2.dll - container C:\WINDOWS\system32\dllcache\mtxlegih.dll - Ok C:\WINDOWS\system32\dllcache\mtxoci.dll - Ok C:\WINDOWS\system32\dllcache\mtlstrm.sys - Ok C:\WINDOWS\system32\dllcache\msxml3.dll - Ok C:\WINDOWS\system32\dllcache\mtxdm.dll - Ok C:\WINDOWS\system32\dllcache\mtxvideo.sys - Ok C:\WINDOWS\system32\dllcache\mutohpen.sys - Ok C:\WINDOWS\system32\dllcache\mtxparhm.sys - Ok C:\WINDOWS\system32\dllcache\MW770.CAT - Ok C:\WINDOWS\system32\dllcache\mup.sys - Ok C:\WINDOWS\system32\dllcache\mxcard.sys - Ok C:\WINDOWS\system32\dllcache\mxnic.sys - Ok C:\WINDOWS\system32\dllcache\mxicfg.dll - Ok C:\WINDOWS\system32\dllcache\msxml6.dll - Ok C:\WINDOWS\system32\dllcache\mxport.dll - Ok C:\WINDOWS\system32\dllcache\mxport.sys - Ok C:\WINDOWS\system32\dllcache\n1000nt5.sys - Ok C:\WINDOWS\system32\dllcache\multibox.dll - Ok C:\WINDOWS\system32\dllcache\mydocs.dll - Ok C:\WINDOWS\system32\dllcache\mycomput.dll - Ok C:\WINDOWS\system32\dllcache\n9i128.sys - Ok C:\WINDOWS\system32\dllcache\n9i128.dll - Ok C:\WINDOWS\system32\dllcache\n9i3d.sys - Ok C:\WINDOWS\system32\dllcache\n100325.sys - Ok C:\WINDOWS\system32\dllcache\n9i128v2.sys - Ok C:\WINDOWS\system32\dllcache\n9i128v2.dll - Ok C:\WINDOWS\system32\dllcache\n9i3disp.dll - Ok C:\WINDOWS\system32\dllcache\napipsec.dll - Ok C:\WINDOWS\system32\dllcache\nabtsfec.sys - Ok C:\WINDOWS\system32\dllcache\napmontr.dll - Ok C:\WINDOWS\system32\dllcache\narrator.exe - Ok C:\WINDOWS\system32\dllcache\nac.dll - Ok C:\WINDOWS\system32\dllcache\nbtstat.exe - Ok C:\WINDOWS\system32\dllcache\ncobjapi.dll - Ok C:\WINDOWS\system32\dllcache\ncpa.cpl - Ok C:\WINDOWS\system32\dllcache\mtxparhd.dll - Ok C:\WINDOWS\system32\dllcache\ncxpnt.dll - Ok C:\WINDOWS\system32\dllcache\narrhook.dll - Ok >C:\WINDOWS\system32\dllcache\nddeapi.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\ncprov.dll - Ok C:\WINDOWS\system32\dllcache\nddenb32.dll - Ok C:\WINDOWS\system32\dllcache\napstat.exe - Ok C:\WINDOWS\system32\dllcache\nddeapir.exe - Ok C:\WINDOWS\system32\dllcache\ndisip.sys - Ok C:\WINDOWS\system32\dllcache\ndistapi.sys - Ok C:\WINDOWS\system32\dllcache\nddeapi.dll - Ok C:\WINDOWS\system32\dllcache\ndisuio.sys - Ok C:\WINDOWS\system32\dllcache\ndisnpp.dll - Ok C:\WINDOWS\system32\dllcache\ne2000.sys - Ok C:\WINDOWS\system32\dllcache\ndproxy.sys - Ok C:\WINDOWS\system32\dllcache\ndptsp.tsp - Ok C:\WINDOWS\system32\dllcache\ndiswan.sys - Ok C:\WINDOWS\system32\dllcache\neo20xx.dll - Ok C:\WINDOWS\system32\dllcache\neo20xx.sys - Ok C:\WINDOWS\system32\dllcache\ndis.sys - Ok C:\WINDOWS\system32\dllcache\net.exe - Ok C:\WINDOWS\system32\dllcache\netbios.sys - Ok C:\WINDOWS\system32\dllcache\netapi.dll - Ok C:\WINDOWS\system32\dllcache\net1.exe - Ok C:\WINDOWS\system32\dllcache\netflx3.sys - Ok C:\WINDOWS\system32\dllcache\netevent.dll - Ok C:\WINDOWS\system32\dllcache\netbt.sys - Ok C:\WINDOWS\system32\dllcache\netdde.exe - Ok C:\WINDOWS\system32\dllcache\netapi32.dll - Ok C:\WINDOWS\system32\dllcache\netmsg.dll - Ok C:\WINDOWS\system32\dllcache\neth.dll - Ok C:\WINDOWS\system32\dllcache\netid.dll - Ok C:\WINDOWS\system32\dllcache\netrap.dll - Ok C:\WINDOWS\system32\dllcache\netoc.dll - Ok C:\WINDOWS\system32\dllcache\netsetup.cpl - Ok C:\WINDOWS\system32\dllcache\netman.dll - Ok C:\WINDOWS\system32\dllcache\netlogon.dll - Ok C:\WINDOWS\system32\dllcache\netsh.exe - Ok C:\WINDOWS\system32\dllcache\netstat.exe - Ok C:\WINDOWS\system32\dllcache\netcfgx.dll - Ok C:\WINDOWS\system32\dllcache\netui0.dll - Ok >C:\WINDOWS\system32\dllcache\netsetup.exe is CAB archive C:\WINDOWS\system32\dllcache\netsetup.exe - Ok C:\WINDOWS\system32\dllcache\netsetup.exe - archive C:\WINDOWS\system32\dllcache\netplwiz.dll - Ok C:\WINDOWS\system32\dllcache\netui1.dll - Ok C:\WINDOWS\system32\dllcache\netwlan5.sys - Ok C:\WINDOWS\system32\dllcache\netui2.dll - Ok C:\WINDOWS\system32\dllcache\ngrpci.sys - Ok C:\WINDOWS\system32\dllcache\nikedrv.sys - Ok C:\WINDOWS\system32\dllcache\nic1394.sys - Ok >C:\WINDOWS\system32\dllcache\nlsfunc.exe - packed by EXEPACK C:\WINDOWS\system32\dllcache\nlsfunc.exe - Ok C:\WINDOWS\system32\dllcache\nls302en.lex - Ok C:\WINDOWS\system32\dllcache\nlhtml.dll - Ok C:\WINDOWS\system32\dllcache\newdev.dll - Ok C:\WINDOWS\system32\dllcache\nm6wdm.sys - Ok C:\WINDOWS\system32\dllcache\nm5a2wdm.sys - Ok C:\WINDOWS\system32\dllcache\nmevtmsg.dll - Ok C:\WINDOWS\system32\dllcache\nmchat.dll - Ok C:\WINDOWS\system32\dllcache\nmcom.dll - Ok C:\WINDOWS\system32\dllcache\nmasnt.dll - Ok C:\WINDOWS\system32\dllcache\nmmkcert.dll - Ok C:\WINDOWS\system32\dllcache\nmnt.sys - Ok C:\WINDOWS\system32\dllcache\nmas.dll - Ok C:\WINDOWS\system32\dllcache\nmft.dll - Ok C:\WINDOWS\system32\dllcache\notepad.exe - Ok >C:\WINDOWS\system32\dllcache\npdrmv2.zip is ZIP archive C:\WINDOWS\system32\dllcache\npdrmv2.zip - Ok C:\WINDOWS\system32\dllcache\npdrmv2.zip - archive C:\WINDOWS\system32\dllcache\netshell.dll - Ok C:\WINDOWS\system32\dllcache\nmwb.dll - Ok C:\WINDOWS\system32\dllcache\nmoldwb.dll - Ok >C:\WINDOWS\system32\dllcache\npds.zip is ZIP archive C:\WINDOWS\system32\dllcache\npds.zip - Ok C:\WINDOWS\system32\dllcache\npds.zip - archive C:\WINDOWS\system32\dllcache\notiflag.exe - Ok C:\WINDOWS\system32\dllcache\npfs.sys - Ok C:\WINDOWS\system32\dllcache\npdrmv2.dll - Ok C:\WINDOWS\system32\dllcache\npwmsdrm.dll - Ok C:\WINDOWS\system32\dllcache\nscirda.sys - Ok C:\WINDOWS\system32\dllcache\npptools.dll - Ok C:\WINDOWS\system32\dllcache\nsmmc.sys - Ok C:\WINDOWS\system32\dllcache\ntapm.sys - Ok C:\WINDOWS\system32\dllcache\ntdos.sys - Ok C:\WINDOWS\system32\dllcache\NT5IIS.CAT - Ok C:\WINDOWS\system32\dllcache\nslookup.exe - Ok C:\WINDOWS\system32\dllcache\ntdos404.sys - Ok C:\WINDOWS\system32\dllcache\ntdos411.sys - Ok C:\WINDOWS\system32\dllcache\nppagent.exe - Ok C:\WINDOWS\system32\dllcache\ntdos412.sys - Ok C:\WINDOWS\system32\dllcache\ntdos804.sys - Ok C:\WINDOWS\system32\dllcache\ntgrip.sys - Ok C:\WINDOWS\system32\dllcache\ntio.sys - Ok C:\WINDOWS\system32\dllcache\ntdsapi.dll - Ok C:\WINDOWS\system32\dllcache\ntio411.sys - Ok C:\WINDOWS\system32\dllcache\ntio404.sys - Ok C:\WINDOWS\system32\dllcache\ntio804.sys - Ok C:\WINDOWS\system32\dllcache\ntio412.sys - Ok >C:\WINDOWS\system32\dllcache\npdsplay.dll is BINARYRES container >>C:\WINDOWS\system32\dllcache\npdsplay.dll\data001 is JS-HTML container C:\WINDOWS\system32\dllcache\npdsplay.dll - container C:\WINDOWS\system32\dllcache\ntevt.dll - Ok C:\WINDOWS\system32\dllcache\ntlanman.dll - Ok C:\WINDOWS\system32\dllcache\ntdll.dll - Ok C:\WINDOWS\system32\dllcache\ntlanui.dll - Ok C:\WINDOWS\system32\dllcache\ntlsapi.dll - Ok C:\WINDOWS\system32\dllcache\ntlanui2.dll - Ok C:\WINDOWS\system32\dllcache\ntfs.sys - Ok C:\WINDOWS\system32\dllcache\ntmsapi.dll - Ok C:\WINDOWS\system32\dllcache\ntmsevt.dll - Ok C:\WINDOWS\system32\dllcache\ntmarta.dll - Ok C:\WINDOWS\system32\dllcache\ntmsdba.dll - Ok C:\WINDOWS\system32\dllcache\ntmtlfax.sys - Ok C:\WINDOWS\system32\dllcache\ntoc.dll - Ok C:\WINDOWS\system32\dllcache\ntmssvc.dll - Ok C:\WINDOWS\system32\dllcache\ntmsmgr.dll - Ok C:\WINDOWS\system32\dllcache\ntprint.dll - Ok C:\WINDOWS\system32\dllcache\ntprint.cat - Ok C:\WINDOWS\system32\dllcache\ntsdexts.dll - Ok C:\WINDOWS\system32\dllcache\ntkrnlpa.exe - Ok C:\WINDOWS\system32\dllcache\ntkrpamp.exe - Ok C:\WINDOWS\system32\dllcache\ntsd.exe - Ok C:\WINDOWS\system32\dllcache\ntvdmd.dll - Ok C:\WINDOWS\system32\dllcache\ntshrui.dll - Ok C:\WINDOWS\system32\dllcache\null.sys - Ok C:\WINDOWS\system32\dllcache\nuskin.wmv - Ok C:\WINDOWS\system32\dllcache\nv3.dll - Ok C:\WINDOWS\system32\dllcache\ntkrnlmp.exe - Ok >C:\WINDOWS\system32\dllcache\nusrmgr.cpl is BINARYRES container >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data001 is JS-HTML container C:\WINDOWS\system32\dllcache\nv3.sys - Ok >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data002 is JS-HTML container C:\WINDOWS\system32\dllcache\ntvdm.exe - Ok C:\WINDOWS\system32\dllcache\nwlnkflt.sys - Ok >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data003 is JS-HTML container >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data004 is JS-HTML container >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data005 is JS-HTML container C:\WINDOWS\system32\dllcache\nwlnkfwd.sys - Ok >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data006 is JS-HTML container >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data007 is JS-HTML container C:\WINDOWS\system32\dllcache\nwlnknb.sys - Ok >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data008 is JS-HTML container C:\WINDOWS\system32\dllcache\nwlnkipx.sys - Ok >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data009 is JS-HTML container >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data010 is JS-HTML container >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data011 is JS-HTML container >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data012 is JS-HTML container >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data013 is JS-HTML container C:\WINDOWS\system32\dllcache\nwlnkspx.sys - Ok >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data014 is JS-HTML container C:\WINDOWS\system32\dllcache\nwprovau.dll - Ok >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data015 is JS-HTML container >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data016 is JS-HTML container >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data017 is JS-HTML container C:\WINDOWS\system32\dllcache\oakley.dll - Ok >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data018 is JS-HTML container >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data019 is JS-HTML container >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data020 is JS-HTML container >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data021 is JS-HTML container >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data022 is JS-HTML container >>C:\WINDOWS\system32\dllcache\nusrmgr.cpl\data023 is JS-HTML container C:\WINDOWS\system32\dllcache\nusrmgr.cpl - container C:\WINDOWS\system32\dllcache\objsel.dll - Ok C:\WINDOWS\system32\dllcache\obrb041b.dll - Ok C:\WINDOWS\system32\dllcache\obrb0424.dll - Ok C:\WINDOWS\system32\dllcache\ocgen.dll - Ok C:\WINDOWS\system32\dllcache\ocmsn.dll - Ok C:\WINDOWS\system32\dllcache\odbc16gt.dll - Ok C:\WINDOWS\system32\dllcache\occache.dll - Ok C:\WINDOWS\system32\dllcache\ocmanage.dll - Ok C:\WINDOWS\system32\dllcache\odbc32gt.dll - Ok C:\WINDOWS\system32\dllcache\odbc32.dll - Ok C:\WINDOWS\system32\dllcache\odbcad32.exe - Ok C:\WINDOWS\system32\dllcache\odbcconf.dll - Ok C:\WINDOWS\system32\dllcache\odbcconf.rsp - Ok C:\WINDOWS\system32\dllcache\ntoskrnl.exe - Ok C:\WINDOWS\system32\dllcache\odbccp32.cpl - Ok C:\WINDOWS\system32\dllcache\odbcconf.exe - Ok C:\WINDOWS\system32\dllcache\odbccu32.dll - Ok C:\WINDOWS\system32\dllcache\odbccr32.dll - Ok C:\WINDOWS\system32\dllcache\odbccp32.dll - Ok C:\WINDOWS\system32\dllcache\odbcp32r.dll - Ok C:\WINDOWS\system32\dllcache\odbcint.dll - Ok C:\WINDOWS\system32\dllcache\odbcji32.dll - Ok C:\WINDOWS\system32\dllcache\nv4_disp.dll - Ok C:\WINDOWS\system32\dllcache\oddbse32.dll - Ok C:\WINDOWS\system32\dllcache\odexl32.dll - Ok C:\WINDOWS\system32\dllcache\odfox32.dll - Ok C:\WINDOWS\system32\dllcache\odpdx32.dll - Ok C:\WINDOWS\system32\dllcache\odtext32.dll - Ok C:\WINDOWS\system32\dllcache\OEMBIOS.CAT - Ok C:\WINDOWS\system32\dllcache\oembios.dat - Ok C:\WINDOWS\system32\dllcache\oembios.bin - Ok C:\WINDOWS\system32\dllcache\oembios.sig - Ok C:\WINDOWS\system32\dllcache\odbctrac.dll - Ok C:\WINDOWS\system32\dllcache\odbcjt32.dll - Ok C:\WINDOWS\system32\dllcache\oeimport.dll - Ok C:\WINDOWS\system32\dllcache\ohci1394.sys - Ok C:\WINDOWS\system32\dllcache\ole2.dll - Ok C:\WINDOWS\system32\dllcache\ole2disp.dll - Ok C:\WINDOWS\system32\dllcache\ole2nls.dll - Ok C:\WINDOWS\system32\dllcache\offfilt.dll - Ok C:\WINDOWS\system32\dllcache\oemiglib.dll - Ok C:\WINDOWS\system32\dllcache\oleaccrc.dll - Ok C:\WINDOWS\system32\dllcache\oemig50.exe - Ok C:\WINDOWS\system32\dllcache\olecli.dll - Ok C:\WINDOWS\system32\dllcache\oleacc.dll - Ok C:\WINDOWS\system32\dllcache\olecli32.dll - Ok C:\WINDOWS\system32\dllcache\olecnv32.dll - Ok C:\WINDOWS\system32\dllcache\nv4_mini.sys - Ok C:\WINDOWS\system32\dllcache\oledb32r.dll - Ok C:\WINDOWS\system32\dllcache\oleaut32.dll - Ok C:\WINDOWS\system32\dllcache\oledlg.dll - Ok C:\WINDOWS\system32\dllcache\olepro32.dll - Ok C:\WINDOWS\system32\dllcache\oleprn.dll - Ok C:\WINDOWS\system32\dllcache\olesvr.dll - Ok C:\WINDOWS\system32\dllcache\olesvr32.dll - Ok C:\WINDOWS\system32\dllcache\olethk32.dll - Ok C:\WINDOWS\system32\dllcache\oobebaln.exe - Ok C:\WINDOWS\system32\dllcache\opl3sax.sys - Ok C:\WINDOWS\system32\dllcache\onex.dll - Ok C:\WINDOWS\system32\dllcache\oprghdlr.sys - Ok C:\WINDOWS\system32\dllcache\oledb32.dll - Ok C:\WINDOWS\system32\dllcache\osuninst.dll - Ok C:\WINDOWS\system32\dllcache\otc06x5.sys - Ok >C:\WINDOWS\system32\dllcache\ole32.dll is BINARYRES container C:\WINDOWS\system32\dllcache\otcsercb.sys - Ok C:\WINDOWS\system32\dllcache\otceth5.sys - Ok C:\WINDOWS\system32\dllcache\ole32.dll - container C:\WINDOWS\system32\dllcache\osuninst.exe - Ok C:\WINDOWS\system32\dllcache\ovca.sys - Ok C:\WINDOWS\system32\dllcache\ovcd.sys - Ok C:\WINDOWS\system32\dllcache\ovcam2.sys - Ok C:\WINDOWS\system32\dllcache\osk.exe - Ok C:\WINDOWS\system32\dllcache\ovce.sys - Ok C:\WINDOWS\system32\dllcache\ovsound2.sys - Ok C:\WINDOWS\system32\dllcache\ovcomc.dll - Ok C:\WINDOWS\system32\dllcache\ovcodec2.dll - Ok C:\WINDOWS\system32\dllcache\opengl32.dll - Ok C:\WINDOWS\system32\dllcache\ovcodek2.sys - Ok C:\WINDOWS\system32\dllcache\ovui2rc.dll - Ok C:\WINDOWS\system32\dllcache\ovcoms.exe - Ok C:\WINDOWS\system32\dllcache\p2pgasvc.dll - Ok C:\WINDOWS\system32\dllcache\p2p.dll - Ok C:\WINDOWS\system32\dllcache\ovui2.dll - Ok C:\WINDOWS\system32\dllcache\p2pnetsh.dll - Ok C:\WINDOWS\system32\dllcache\p3.sys - Ok C:\WINDOWS\system32\dllcache\p2pgraph.dll - Ok C:\WINDOWS\system32\dllcache\padrs412.dll - Ok C:\WINDOWS\system32\dllcache\padrs411.dll - Ok C:\WINDOWS\system32\dllcache\padrs804.dll - Ok C:\WINDOWS\system32\dllcache\packager.exe - Ok C:\WINDOWS\system32\dllcache\padrs404.dll - Ok C:\WINDOWS\system32\dllcache\panmap.dll - Ok C:\WINDOWS\system32\dllcache\partmgr.sys - Ok C:\WINDOWS\system32\dllcache\parvdm.sys - Ok C:\WINDOWS\system32\dllcache\parport.sys - Ok C:\WINDOWS\system32\dllcache\pathping.exe - Ok C:\WINDOWS\system32\dllcache\pc100nds.sys - Ok C:\WINDOWS\system32\dllcache\paqsp.dll - Ok C:\WINDOWS\system32\dllcache\pautoenr.dll - Ok C:\WINDOWS\system32\dllcache\pca200e.sys - Ok C:\WINDOWS\system32\dllcache\pciide.sys - Ok C:\WINDOWS\system32\dllcache\pciidex.sys - Ok C:\WINDOWS\system32\dllcache\pchsvc.dll - Ok C:\WINDOWS\system32\dllcache\pchshell.dll - Ok C:\WINDOWS\system32\dllcache\pci.sys - Ok C:\WINDOWS\system32\dllcache\pcmlm56.sys - Ok C:\WINDOWS\system32\dllcache\pcntn5hl.sys - Ok C:\WINDOWS\system32\dllcache\p2psvc.dll - Ok C:\WINDOWS\system32\dllcache\pcntpci5.sys - Ok C:\WINDOWS\system32\dllcache\pcntn5m.sys - Ok C:\WINDOWS\system32\dllcache\pcmcia.sys - Ok C:\WINDOWS\system32\dllcache\pentnt.exe - Ok >C:\WINDOWS\system32\dllcache\pcx500.sys - packed by FLY-CODE C:\WINDOWS\system32\dllcache\perc2.sys - Ok C:\WINDOWS\system32\dllcache\perc2hib.sys - Ok C:\WINDOWS\system32\dllcache\perfctrs.dll - Ok C:\WINDOWS\system32\dllcache\pdh.dll - Ok C:\WINDOWS\system32\dllcache\perfnet.dll - Ok C:\WINDOWS\system32\dllcache\pcx500.sys - Ok C:\WINDOWS\system32\dllcache\perfos.dll - Ok C:\WINDOWS\system32\dllcache\pctspk.exe - Ok C:\WINDOWS\system32\dllcache\perfdisk.dll - Ok C:\WINDOWS\system32\dllcache\perfmon.exe - Ok C:\WINDOWS\system32\dllcache\perfproc.dll - Ok C:\WINDOWS\system32\dllcache\perm2.sys - Ok C:\WINDOWS\system32\dllcache\perm3.sys - Ok >C:\WINDOWS\system32\dllcache\perfts.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\philcam1.dll - Ok C:\WINDOWS\system32\dllcache\perfts.dll - Ok C:\WINDOWS\system32\dllcache\philcam1.sys - Ok C:\WINDOWS\system32\dllcache\philtune.sys - Ok C:\WINDOWS\system32\dllcache\phdsext.ax - Ok C:\WINDOWS\system32\dllcache\phildec.sys - Ok C:\WINDOWS\system32\dllcache\perm2dll.dll - Ok C:\WINDOWS\system32\dllcache\philcam2.sys - Ok C:\WINDOWS\system32\dllcache\pid.inf - Ok C:\WINDOWS\system32\dllcache\perm3dd.dll - Ok C:\WINDOWS\system32\dllcache\pidgen.dll - Ok C:\WINDOWS\system32\dllcache\pifmgr.dll - Ok C:\WINDOWS\system32\dllcache\pid.dll - Ok C:\WINDOWS\system32\dllcache\phon.ime - Ok C:\WINDOWS\system32\dllcache\ping.exe - Ok C:\WINDOWS\system32\dllcache\phvfwext.dll - Ok C:\WINDOWS\system32\dllcache\ping6.exe - Ok C:\WINDOWS\system32\dllcache\pintlcsd.dll - Ok C:\WINDOWS\system32\dllcache\photowiz.dll - Ok >C:\WINDOWS\system32\dllcache\pjlmon.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\pintlcsa.dll - Ok C:\WINDOWS\system32\dllcache\plustab.dll - Ok C:\WINDOWS\system32\dllcache\plylst1.wpl - Ok C:\WINDOWS\system32\dllcache\plylst10.wpl - Ok C:\WINDOWS\system32\dllcache\plylst11.wpl - Ok C:\WINDOWS\system32\dllcache\pjlmon.dll - Ok C:\WINDOWS\system32\dllcache\plylst12.wpl - Ok C:\WINDOWS\system32\dllcache\plylst13.wpl - Ok C:\WINDOWS\system32\dllcache\plylst14.wpl - Ok C:\WINDOWS\system32\dllcache\plylst15.wpl - Ok C:\WINDOWS\system32\dllcache\pintlphr.exe - Ok C:\WINDOWS\system32\dllcache\plylst3.wpl - Ok C:\WINDOWS\system32\dllcache\plylst2.wpl - Ok C:\WINDOWS\system32\dllcache\plylst4.wpl - Ok C:\WINDOWS\system32\dllcache\plylst6.wpl - Ok C:\WINDOWS\system32\dllcache\pinball.exe - Ok C:\WINDOWS\system32\dllcache\plylst5.wpl - Ok C:\WINDOWS\system32\dllcache\plylst8.wpl - Ok C:\WINDOWS\system32\dllcache\plylst7.wpl - Ok C:\WINDOWS\system32\dllcache\plylst9.wpl - Ok C:\WINDOWS\system32\dllcache\pintlgnt.ime - Ok C:\WINDOWS\system32\dllcache\pmxgl.dll - Ok C:\WINDOWS\system32\dllcache\pmspl.dll - Ok >C:\WINDOWS\system32\dllcache\plyr_err.chm is CHM container C:\WINDOWS\system32\dllcache\pnrmc.sys - Ok C:\WINDOWS\system32\dllcache\pmigrate.dll - Ok C:\WINDOWS\system32\dllcache\pngfilt.dll - Ok C:\WINDOWS\system32\dllcache\pmxviceo.dll - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\Glossary.js is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\80040218_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\80040241_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\80040255_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\80041002_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\polstore.dll - Ok C:\WINDOWS\system32\dllcache\pnrpnsp.dll - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\8007001f_0x00000000.htm is JS-HTML container >C:\WINDOWS\system32\dllcache\pmxmcro.dll - packed by FLY-CODE >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\800704cf_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\powerfil.sys - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\800c000d_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d000f_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d001f_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\powercfg.cpl - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d07f1_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\powercfg.exe - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d07f2_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d0bc1_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d0bc2_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d0bc8_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\powrprof.dll - Ok C:\WINDOWS\system32\dllcache\ppa3.sys - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d0bce_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\ppa.sys - Ok C:\WINDOWS\system32\dllcache\portcls.sys - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d0fa3_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d0fa4_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d0faa_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\prflbmsg.dll - Ok C:\WINDOWS\system32\dllcache\prc.nls - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d0fab_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\prcp.nls - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d0fb0_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\print.exe - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d0fb2_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d0fb3_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\pmxmcro.dll - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d0fcd_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d0fd6_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\processr.sys - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d0fd9_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d1057_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d106a_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d1074_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\profmap.dll - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d1076_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d1090_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d10b6_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d10ba_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\proctexe.ocx - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d1104_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\progman.exe - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d1163_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d1167_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d1168_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d116a_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\proxycfg.exe - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d116b_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d116e_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d1171_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d1176_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d1178_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\psapi.dll - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d117a_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d1194_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\provthrd.dll - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d1196_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d1197_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d1198_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d1199_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\pschdprf.dll - Ok C:\WINDOWS\system32\dllcache\psbase.dll - Ok C:\WINDOWS\system32\dllcache\proquota.exe - Ok C:\WINDOWS\system32\dllcache\printui.dll - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d119a_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d119c_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d119d_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\pscr.sys - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d119f_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d11ab_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\psched.sys - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d11ac_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\psisload.dll - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d11b3_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d11b6_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d11ba_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\psisrndr.ax - Ok C:\WINDOWS\system32\dllcache\psnppagn.dll - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d11bb_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d11bd_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\printfilterpipelinesvc.exe - Ok C:\WINDOWS\system32\dllcache\ptilink.sys - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d11be_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d11bf_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d11c0_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d11c4_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\pstorec.dll - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d11c9_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\pstorsvc.dll - Ok C:\WINDOWS\system32\dllcache\ptpusb.dll - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d11cb_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d11d1_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d11d2_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d11f8_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d2720_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d274b_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d274d_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\psisdecd.dll - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d2eec_0x00000000.htm is JS-HTML container >>C:\WINDOWS\system32\dllcache\plyr_err.chm\htm\c00d2eee_0x00000000.htm is JS-HTML container C:\WINDOWS\system32\dllcache\ptserli.sys - Ok C:\WINDOWS\system32\dllcache\ptpusd.dll - Ok C:\WINDOWS\system32\dllcache\pubprn.vbs - Ok C:\WINDOWS\system32\dllcache\ptserlp.sys - Ok C:\WINDOWS\system32\dllcache\ptserlv.sys - Ok C:\WINDOWS\system32\dllcache\qappsrv.exe - Ok >>C:\WINDOWS\system32\dllcache\plyr_err.chm\redirect.js is JS-HTML container C:\WINDOWS\system32\dllcache\qagent.dll - Ok C:\WINDOWS\system32\dllcache\qcliprov.dll - Ok C:\WINDOWS\system32\dllcache\plyr_err.chm - container C:\WINDOWS\system32\dllcache\qasf.dll - Ok C:\WINDOWS\system32\dllcache\qagentrt.dll - Ok C:\WINDOWS\system32\dllcache\qcap.dll - Ok C:\WINDOWS\system32\dllcache\qic157.sys - Ok C:\WINDOWS\system32\dllcache\ql1080.sys - Ok C:\WINDOWS\system32\dllcache\ql10wnt.sys - Ok C:\WINDOWS\system32\dllcache\ql12160.sys - Ok C:\WINDOWS\system32\dllcache\ql1240.sys - Ok C:\WINDOWS\system32\dllcache\ql1280.sys - Ok C:\WINDOWS\system32\dllcache\qdvd.dll - Ok C:\WINDOWS\system32\dllcache\qdv.dll - Ok C:\WINDOWS\system32\dllcache\qmgrprxy.dll - Ok C:\WINDOWS\system32\dllcache\qosname.dll - Ok C:\WINDOWS\system32\dllcache\qprocess.exe - Ok >C:\WINDOWS\system32\dllcache\query.exe - packed by FLY-CODE C:\WINDOWS\system32\dllcache\query.exe - Ok C:\WINDOWS\system32\dllcache\qedwipes.dll - Ok C:\WINDOWS\system32\dllcache\qedit.dll - Ok C:\WINDOWS\system32\dllcache\quser.exe - Ok C:\WINDOWS\system32\dllcache\quick.ime - Ok C:\WINDOWS\system32\dllcache\qmgr.dll - Ok C:\WINDOWS\system32\dllcache\qv2kux.sys - Ok C:\WINDOWS\system32\dllcache\qutil.dll - Ok C:\WINDOWS\system32\dllcache\qwinsta.exe - Ok C:\WINDOWS\system32\dllcache\qvusd.dll - Ok C:\WINDOWS\system32\dllcache\racpldlg.dll - Ok C:\WINDOWS\system32\dllcache\r1033tts.lxa - Ok C:\WINDOWS\system32\dllcache\ramdisk.sys - Ok C:\WINDOWS\system32\dllcache\rasacd.sys - Ok C:\WINDOWS\system32\dllcache\rasadhlp.dll - Ok C:\WINDOWS\system32\dllcache\rasauto.dll - Ok C:\WINDOWS\system32\dllcache\rasapi32.dll - Ok C:\WINDOWS\system32\dllcache\rasautou.exe - Ok C:\WINDOWS\system32\dllcache\rasctrs.dll - Ok C:\WINDOWS\system32\dllcache\raschap.dll - Ok C:\WINDOWS\system32\dllcache\query.dll - Ok C:\WINDOWS\system32\dllcache\rasdial.exe - Ok C:\WINDOWS\system32\dllcache\rasirda.sys - Ok C:\WINDOWS\system32\dllcache\r2mdmkxx.sys - Ok C:\WINDOWS\system32\dllcache\rasl2tp.sys - Ok C:\WINDOWS\system32\dllcache\rasman.dll - Ok C:\WINDOWS\system32\dllcache\rasmxs.dll - Ok C:\WINDOWS\system32\dllcache\quartz.dll - Ok C:\WINDOWS\system32\dllcache\rasmontr.dll - Ok C:\WINDOWS\system32\dllcache\r2mdkxga.sys - Ok C:\WINDOWS\system32\dllcache\rasmans.dll - Ok C:\WINDOWS\system32\dllcache\raspppoe.sys - Ok C:\WINDOWS\system32\dllcache\raspti.sys - Ok C:\WINDOWS\system32\dllcache\raspptp.sys - Ok C:\WINDOWS\system32\dllcache\rasqec.dll - Ok C:\WINDOWS\system32\dllcache\rasppp.dll - Ok C:\WINDOWS\system32\dllcache\rasrad.dll - Ok >C:\WINDOWS\system32\dllcache\rasser.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\rasdlg.dll - Ok C:\WINDOWS\system32\dllcache\rassapi.dll - Ok C:\WINDOWS\system32\dllcache\rastapi.dll - Ok C:\WINDOWS\system32\dllcache\rawwan.sys - Ok C:\WINDOWS\system32\dllcache\rasser.dll - Ok C:\WINDOWS\system32\dllcache\rcp.exe - Ok C:\WINDOWS\system32\dllcache\rcbdyctl.dll - Ok C:\WINDOWS\system32\dllcache\rastls.dll - Ok C:\WINDOWS\system32\dllcache\rdpcdd.sys - Ok C:\WINDOWS\system32\dllcache\rdpcfgex.dll - Ok C:\WINDOWS\system32\dllcache\rcimlby.exe - Ok C:\WINDOWS\system32\dllcache\rdbss.sys - Ok C:\WINDOWS\system32\dllcache\rdpdd.dll - Ok C:\WINDOWS\system32\dllcache\rdchost.dll - Ok C:\WINDOWS\system32\dllcache\rdpsnd.dll - Ok C:\WINDOWS\system32\dllcache\rasphone.exe - Ok C:\WINDOWS\system32\dllcache\rdpdr.sys - Ok C:\WINDOWS\system32\dllcache\rdpwd.sys - Ok C:\WINDOWS\system32\dllcache\rdpwsx.dll - Ok C:\WINDOWS\system32\dllcache\recagent.sys - Ok C:\WINDOWS\system32\dllcache\rdsaddin.exe - Ok C:\WINDOWS\system32\dllcache\rdshost.exe - Ok C:\WINDOWS\system32\dllcache\redir.exe - Ok C:\WINDOWS\system32\dllcache\recover.exe - Ok C:\WINDOWS\system32\dllcache\redbook.sys - Ok C:\WINDOWS\system32\dllcache\regedt32.exe - Ok C:\WINDOWS\system32\dllcache\regapi.dll - Ok C:\WINDOWS\system32\dllcache\register.exe - Ok C:\WINDOWS\system32\dllcache\reg.exe - Ok C:\WINDOWS\system32\dllcache\regini.exe - Ok C:\WINDOWS\system32\dllcache\regwiz.exe - Ok C:\WINDOWS\system32\dllcache\regsvr32.exe - Ok C:\WINDOWS\system32\dllcache\regedit.exe - Ok C:\WINDOWS\system32\dllcache\regsvc.dll - Ok C:\WINDOWS\system32\dllcache\rdpclip.exe - Ok C:\WINDOWS\system32\dllcache\remotepg.dll - Ok C:\WINDOWS\system32\dllcache\replace.exe - Ok >C:\WINDOWS\system32\dllcache\reset.exe - packed by FLY-CODE C:\WINDOWS\system32\dllcache\remotesp.tsp - Ok C:\WINDOWS\system32\dllcache\rend.dll - Ok C:\WINDOWS\system32\dllcache\repdrvfs.dll - Ok >C:\WINDOWS\system32\dllcache\revert.wmz is ZIP archive C:\WINDOWS\system32\dllcache\revert.wmz - Ok C:\WINDOWS\system32\dllcache\resutils.dll - Ok C:\WINDOWS\system32\dllcache\revert.wmz - archive C:\WINDOWS\system32\dllcache\rexec.exe - Ok C:\WINDOWS\system32\dllcache\reset.exe - Ok C:\WINDOWS\system32\dllcache\reslog32.dll - Ok C:\WINDOWS\system32\dllcache\riched32.dll - Ok C:\WINDOWS\system32\dllcache\rfcomm.sys - Ok C:\WINDOWS\system32\dllcache\rio8drv.sys - Ok C:\WINDOWS\system32\dllcache\riodrv.sys - Ok C:\WINDOWS\system32\dllcache\regwizc.dll - Ok C:\WINDOWS\system32\dllcache\rlnet5.sys - Ok C:\WINDOWS\system32\dllcache\rndismpx.sys - Ok C:\WINDOWS\system32\dllcache\rndismp.sys - Ok C:\WINDOWS\system32\dllcache\rhttpaa.dll - Ok C:\WINDOWS\system32\dllcache\rnr20.dll - Ok C:\WINDOWS\system32\dllcache\rootmdm.sys - Ok C:\WINDOWS\system32\dllcache\route.exe - Ok C:\WINDOWS\system32\dllcache\romanime.ime - Ok C:\WINDOWS\system32\dllcache\rocket.sys - Ok C:\WINDOWS\system32\dllcache\routemon.exe - Ok C:\WINDOWS\system32\dllcache\rmcast.sys - Ok C:\WINDOWS\system32\dllcache\rpcns4.dll - Ok C:\WINDOWS\system32\dllcache\routetab.dll - Ok C:\WINDOWS\system32\dllcache\rpfun.sys - Ok C:\WINDOWS\system32\dllcache\rsh.exe - Ok C:\WINDOWS\system32\dllcache\riched20.dll - Ok C:\WINDOWS\system32\dllcache\rsm.exe - Ok C:\WINDOWS\system32\dllcache\rsaenh.dll - Ok C:\WINDOWS\system32\dllcache\rshx32.dll - Ok C:\WINDOWS\system32\dllcache\rrcm.dll - Ok C:\WINDOWS\system32\dllcache\rsmps.dll - Ok C:\WINDOWS\system32\dllcache\rsmgrstr.dll - Ok C:\WINDOWS\system32\dllcache\rpcss.dll - Ok C:\WINDOWS\system32\dllcache\rpcrt4.dll - Ok C:\WINDOWS\system32\dllcache\rsvpmsg.dll - Ok >C:\WINDOWS\system32\dllcache\rsvpperf.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\rsvpperf.dll - Ok C:\WINDOWS\system32\dllcache\rsmui.exe - Ok C:\WINDOWS\system32\dllcache\rsvp.exe - Ok C:\WINDOWS\system32\dllcache\rthwcls.sys - Ok C:\WINDOWS\system32\dllcache\rtipxmib.dll - Ok C:\WINDOWS\system32\dllcache\rsmsink.exe - Ok C:\WINDOWS\system32\dllcache\rtl8029.sys - Ok C:\WINDOWS\system32\dllcache\rsvpsp.dll - Ok C:\WINDOWS\system32\dllcache\rtl8139.sys - Ok C:\WINDOWS\system32\dllcache\rtcshare.exe - Ok C:\WINDOWS\system32\dllcache\rtuner.wmv - Ok C:\WINDOWS\system32\dllcache\rtm.dll - Ok C:\WINDOWS\system32\dllcache\rtutils.dll - Ok C:\WINDOWS\system32\dllcache\runas.exe - Ok C:\WINDOWS\system32\dllcache\rundll32.exe - Ok C:\WINDOWS\system32\dllcache\runonce.exe - Ok >C:\WINDOWS\system32\dllcache\rstrui.exe is BINARYRES container C:\WINDOWS\system32\dllcache\rvse.dll - Ok >>C:\WINDOWS\system32\dllcache\rstrui.exe\data001 is JS-HTML container C:\WINDOWS\system32\dllcache\rw001ext.dll - Ok C:\WINDOWS\system32\dllcache\rw330ext.dll - Ok >>C:\WINDOWS\system32\dllcache\rstrui.exe\data002 is JS-HTML container C:\WINDOWS\system32\dllcache\rw430ext.dll - Ok >>C:\WINDOWS\system32\dllcache\rstrui.exe\data003 is JS-HTML container C:\WINDOWS\system32\dllcache\rw450ext.dll - Ok >>C:\WINDOWS\system32\dllcache\rstrui.exe\data005 is JS-HTML container C:\WINDOWS\system32\dllcache\rwia001.dll - Ok C:\WINDOWS\system32\dllcache\rwia330.dll - Ok C:\WINDOWS\system32\dllcache\rvsezm.exe - Ok >>C:\WINDOWS\system32\dllcache\rstrui.exe\data006 is JS-HTML container C:\WINDOWS\system32\dllcache\rwia430.dll - Ok C:\WINDOWS\system32\dllcache\rvseres.dll - Ok >>C:\WINDOWS\system32\dllcache\rstrui.exe\data009 is JS-HTML container >>C:\WINDOWS\system32\dllcache\rstrui.exe\data010 is JS-HTML container C:\WINDOWS\system32\dllcache\rwinsta.exe - Ok C:\WINDOWS\system32\dllcache\rwia450.dll - Ok >>C:\WINDOWS\system32\dllcache\rstrui.exe\data011 is JS-HTML container C:\WINDOWS\system32\dllcache\rstrui.exe - container C:\WINDOWS\system32\dllcache\s3legacy.dll - Ok C:\WINDOWS\system32\dllcache\s3legacy.sys - Ok C:\WINDOWS\system32\dllcache\s3mt3d.sys - Ok C:\WINDOWS\system32\dllcache\s3mt3d.dll - Ok C:\WINDOWS\system32\dllcache\s3gnbm.sys - Ok C:\WINDOWS\system32\dllcache\s3mtrio.dll - Ok C:\WINDOWS\system32\dllcache\s3m.sys - Ok C:\WINDOWS\system32\dllcache\s3gnb.dll - Ok C:\WINDOWS\system32\dllcache\s3sav3dm.sys - Ok C:\WINDOWS\system32\dllcache\s3sav4m.sys - Ok C:\WINDOWS\system32\dllcache\s3sav3d.dll - Ok C:\WINDOWS\system32\dllcache\s3savmxm.sys - Ok C:\WINDOWS\system32\dllcache\s3sav4.dll - Ok C:\WINDOWS\system32\dllcache\s3mvirge.dll - Ok C:\WINDOWS\system32\dllcache\safrdm.dll - Ok C:\WINDOWS\system32\dllcache\sam.sdf - Ok C:\WINDOWS\system32\dllcache\safrcdlg.dll - Ok C:\WINDOWS\system32\dllcache\s3savmx.dll - Ok C:\WINDOWS\system32\dllcache\sam.spd - Ok C:\WINDOWS\system32\dllcache\safrslv.dll - Ok C:\WINDOWS\system32\dllcache\samlib.dll - Ok C:\WINDOWS\system32\dllcache\sapisvr.exe - Ok C:\WINDOWS\system32\dllcache\sapi.cpl - Ok C:\WINDOWS\system32\dllcache\samsrv.dll - Ok C:\WINDOWS\system32\dllcache\savedump.exe - Ok C:\WINDOWS\system32\dllcache\sbe.dll - Ok C:\WINDOWS\system32\dllcache\sbp2port.sys - Ok C:\WINDOWS\system32\dllcache\sc.exe - Ok C:\WINDOWS\system32\dllcache\scarddlg.dll - Ok C:\WINDOWS\system32\dllcache\sbeio.dll - Ok C:\WINDOWS\system32\dllcache\scardssp.dll - Ok C:\WINDOWS\system32\dllcache\sccmn50m.sys - Ok C:\WINDOWS\system32\dllcache\scardsvr.exe - Ok C:\WINDOWS\system32\dllcache\sccmusbm.sys - Ok C:\WINDOWS\system32\dllcache\sblfx.dll - Ok C:\WINDOWS\system32\dllcache\sccbase.dll - Ok C:\WINDOWS\system32\dllcache\sccsccp.dll - Ok C:\WINDOWS\system32\dllcache\scecli.dll - Ok C:\WINDOWS\system32\dllcache\sapi.dll - Ok C:\WINDOWS\system32\dllcache\schannel.dll - Ok C:\WINDOWS\system32\dllcache\scesrv.dll - Ok C:\WINDOWS\system32\dllcache\sclgntfy.dll - Ok C:\WINDOWS\system32\dllcache\scmstcs.sys - Ok C:\WINDOWS\system32\dllcache\scr111.sys - Ok C:\WINDOWS\system32\dllcache\script.fon - Ok C:\WINDOWS\system32\dllcache\scredir.dll - Ok C:\WINDOWS\system32\dllcache\scrnsave.scr - Ok C:\WINDOWS\system32\dllcache\schedsvc.dll - Ok C:\WINDOWS\system32\dllcache\scripta.dll - Ok C:\WINDOWS\system32\dllcache\scrcons.exe - Ok C:\WINDOWS\system32\dllcache\script_a.dll - Ok C:\WINDOWS\system32\dllcache\script.dll - Ok C:\WINDOWS\system32\dllcache\scsiport.sys - Ok C:\WINDOWS\system32\dllcache\scsiprnt.sys - Ok C:\WINDOWS\system32\dllcache\scsiscan.sys - Ok C:\WINDOWS\system32\dllcache\scrobj.dll - Ok C:\WINDOWS\system32\dllcache\sdhcinst.dll - Ok C:\WINDOWS\system32\dllcache\scrrun.dll - Ok C:\WINDOWS\system32\dllcache\seaddsmc.sys - Ok C:\WINDOWS\system32\dllcache\secupd.dat - Ok C:\WINDOWS\system32\dllcache\sdbus.sys - Ok C:\WINDOWS\system32\dllcache\secupd.sig - Ok C:\WINDOWS\system32\dllcache\seclogon.dll - Ok C:\WINDOWS\system32\dllcache\security.dll - Ok C:\WINDOWS\system32\dllcache\sdbinst.exe - Ok C:\WINDOWS\system32\dllcache\sdpblb.dll - Ok C:\WINDOWS\system32\dllcache\secur32.dll - Ok C:\WINDOWS\system32\dllcache\sens.dll - Ok C:\WINDOWS\system32\dllcache\sensapi.dll - Ok C:\WINDOWS\system32\dllcache\sendcmsg.dll - Ok C:\WINDOWS\system32\dllcache\sendmail.dll - Ok C:\WINDOWS\system32\dllcache\serenum.sys - Ok C:\WINDOWS\system32\dllcache\senscfg.dll - Ok C:\WINDOWS\system32\dllcache\serialui.dll - Ok C:\WINDOWS\system32\dllcache\sermouse.sys - Ok C:\WINDOWS\system32\dllcache\serscan.sys - Ok C:\WINDOWS\system32\dllcache\serial.sys - Ok C:\WINDOWS\system32\dllcache\serwvdrv.dll - Ok C:\WINDOWS\system32\dllcache\sessmgr.exe - Ok C:\WINDOWS\system32\dllcache\sethc.exe - Ok C:\WINDOWS\system32\dllcache\services.exe - Ok C:\WINDOWS\system32\dllcache\setup.exe - Ok C:\WINDOWS\system32\dllcache\setup50.exe - Ok C:\WINDOWS\system32\dllcache\setupqry.dll - Ok C:\WINDOWS\system32\dllcache\setupn.exe - Ok C:\WINDOWS\system32\dllcache\sfc.dll - Ok C:\WINDOWS\system32\dllcache\sfc.exe - Ok C:\WINDOWS\system32\dllcache\setupdll.dll - Ok C:\WINDOWS\system32\dllcache\sfc_os.dll - Ok C:\WINDOWS\system32\dllcache\servdeps.dll - Ok C:\WINDOWS\system32\dllcache\sffdisk.sys - Ok C:\WINDOWS\system32\dllcache\sffp_sd.sys - Ok C:\WINDOWS\system32\dllcache\sfloppy.sys - Ok C:\WINDOWS\system32\dllcache\sfmanm.sys - Ok C:\WINDOWS\system32\dllcache\sfmapi.dll - Ok >C:\WINDOWS\system32\dllcache\setupapi.dll - packed by BINARYRES >>C:\WINDOWS\system32\dllcache\setupapi.dll - packed by MS COMPRESS C:\WINDOWS\system32\dllcache\setup_wm.exe - Ok C:\WINDOWS\system32\dllcache\setupapi.dll - Ok C:\WINDOWS\system32\dllcache\sgsmld.sys - Ok >C:\WINDOWS\system32\dllcache\share.exe - packed by EXEPACK >>C:\WINDOWS\system32\dllcache\share.exe - packed by COM2EXE C:\WINDOWS\system32\dllcache\share.exe - Ok C:\WINDOWS\system32\dllcache\shadow.exe - Ok C:\WINDOWS\system32\dllcache\sgiulnt5.sys - Ok C:\WINDOWS\system32\dllcache\shell.dll - Ok C:\WINDOWS\system32\dllcache\sgsmusb.sys - Ok C:\WINDOWS\system32\dllcache\sgiul50.dll - Ok C:\WINDOWS\system32\dllcache\shfolder.dll - Ok C:\WINDOWS\system32\dllcache\shgina.dll - Ok C:\WINDOWS\system32\dllcache\sfcfiles.dll - Ok C:\WINDOWS\system32\dllcache\shimeng.dll - Ok >C:\WINDOWS\system32\dllcache\shdoclc.dll is BINARYRES container >>C:\WINDOWS\system32\dllcache\shdoclc.dll\data001 is JS-HTML container >>C:\WINDOWS\system32\dllcache\shdoclc.dll\data002 is JS-HTML container >>C:\WINDOWS\system32\dllcache\shdoclc.dll\data003 is JS-HTML container C:\WINDOWS\system32\dllcache\shmedia.dll - Ok >>C:\WINDOWS\system32\dllcache\shdoclc.dll\data004 is JS-HTML container C:\WINDOWS\system32\dllcache\shlwapi.dll - Ok >>C:\WINDOWS\system32\dllcache\shdoclc.dll\data005 is JS-HTML container >>C:\WINDOWS\system32\dllcache\shdoclc.dll\data006 is JS-HTML container >C:\WINDOWS\system32\dllcache\shimgvw.dll is BINARYRES container >>C:\WINDOWS\system32\dllcache\shimgvw.dll\data001 is JS-HTML container >>C:\WINDOWS\system32\dllcache\shimgvw.dll\data002 is JS-HTML container C:\WINDOWS\system32\dllcache\shimgvw.dll - container C:\WINDOWS\system32\dllcache\shdoclc.dll - container C:\WINDOWS\system32\dllcache\shrpubw.exe - Ok C:\WINDOWS\system32\dllcache\shscrap.dll - Ok C:\WINDOWS\system32\dllcache\shmgrate.exe - Ok C:\WINDOWS\system32\dllcache\shtml.dll - Ok C:\WINDOWS\system32\dllcache\shsvcs.dll - Ok C:\WINDOWS\system32\dllcache\shtml.exe - Ok C:\WINDOWS\system32\dllcache\shutdown.exe - Ok C:\WINDOWS\system32\dllcache\shvl.dll - Ok C:\WINDOWS\system32\dllcache\sigtab.dll - Ok C:\WINDOWS\system32\dllcache\siint5.dll - Ok C:\WINDOWS\system32\dllcache\simpdata.tlb - Ok C:\WINDOWS\system32\dllcache\sigverif.exe - Ok C:\WINDOWS\system32\dllcache\shdocvw.dll - Ok C:\WINDOWS\system32\dllcache\shvlzm.exe - Ok C:\WINDOWS\system32\dllcache\simptcp.dll - Ok C:\WINDOWS\system32\dllcache\sis6306p.sys - Ok C:\WINDOWS\system32\dllcache\sis300ip.sys - Ok C:\WINDOWS\system32\dllcache\sis6306v.dll - Ok C:\WINDOWS\system32\dllcache\sis300iv.dll - Ok C:\WINDOWS\system32\dllcache\sisbkup.dll - Ok C:\WINDOWS\system32\dllcache\sisagp.sys - Ok C:\WINDOWS\system32\dllcache\sisgrp.sys - Ok C:\WINDOWS\system32\dllcache\sisv.sys - Ok C:\WINDOWS\system32\dllcache\sisnic.sys - Ok C:\WINDOWS\system32\dllcache\skdll.dll - Ok C:\WINDOWS\system32\dllcache\sk98xwin.sys - Ok C:\WINDOWS\system32\dllcache\sisv256.dll - Ok C:\WINDOWS\system32\dllcache\sisgrv.dll - Ok C:\WINDOWS\system32\dllcache\skins.inf - Ok C:\WINDOWS\system32\dllcache\slayerxp.dll - Ok C:\WINDOWS\system32\dllcache\sla30nd5.sys - Ok C:\WINDOWS\system32\dllcache\skfpwin.sys - Ok C:\WINDOWS\system32\dllcache\slbrccsp.dll - Ok C:\WINDOWS\system32\dllcache\skeys.exe - Ok C:\WINDOWS\system32\dllcache\slbiop.dll - Ok C:\WINDOWS\system32\dllcache\slcoinst.dll - Ok C:\WINDOWS\system32\dllcache\slbcsp.dll - Ok C:\WINDOWS\system32\dllcache\slip.sys - Ok C:\WINDOWS\system32\dllcache\slnt7554.sys - Ok C:\WINDOWS\system32\dllcache\slextspk.dll - Ok C:\WINDOWS\system32\dllcache\slgen.dll - Ok C:\WINDOWS\system32\dllcache\shvlres.dll - Ok >C:\WINDOWS\system32\dllcache\shell32.dll is BINARYRES container >>C:\WINDOWS\system32\dllcache\shell32.dll\data001 is JS-HTML container C:\WINDOWS\system32\dllcache\slwdmsup.sys - Ok C:\WINDOWS\system32\dllcache\slnthal.sys - Ok C:\WINDOWS\system32\dllcache\shell32.dll - container C:\WINDOWS\system32\dllcache\sm59w.dll - Ok C:\WINDOWS\system32\dllcache\sl_anet.acm - Ok C:\WINDOWS\system32\dllcache\slserv.exe - Ok C:\WINDOWS\system32\dllcache\sm81w.dll - Ok C:\WINDOWS\system32\dllcache\sm87w.dll - Ok C:\WINDOWS\system32\dllcache\sm8aw.dll - Ok C:\WINDOWS\system32\dllcache\sm89w.dll - Ok C:\WINDOWS\system32\dllcache\slntamr.sys - Ok C:\WINDOWS\system32\dllcache\sm8cw.dll - Ok C:\WINDOWS\system32\dllcache\sm90w.dll - Ok C:\WINDOWS\system32\dllcache\sm91w.dll - Ok C:\WINDOWS\system32\dllcache\sm8dw.dll - Ok C:\WINDOWS\system32\dllcache\sm93w.dll - Ok C:\WINDOWS\system32\dllcache\sm92w.dll - Ok C:\WINDOWS\system32\dllcache\sma0w.dll - Ok C:\WINDOWS\system32\dllcache\sma3w.dll - Ok C:\WINDOWS\system32\dllcache\sm9aw.dll - Ok C:\WINDOWS\system32\dllcache\smb0w.dll - Ok C:\WINDOWS\system32\dllcache\smbali.sys - Ok C:\WINDOWS\system32\dllcache\smbclass.sys - Ok C:\WINDOWS\system32\dllcache\smbbatt.sys - Ok C:\WINDOWS\system32\dllcache\smbhc.sys - Ok C:\WINDOWS\system32\dllcache\smb3w.dll - Ok C:\WINDOWS\system32\dllcache\smb6w.dll - Ok C:\WINDOWS\system32\dllcache\smc8000n.sys - Ok C:\WINDOWS\system32\dllcache\smbinst.exe - Ok C:\WINDOWS\system32\dllcache\smclib.sys - Ok C:\WINDOWS\system32\dllcache\smcirda.sys - Ok C:\WINDOWS\system32\dllcache\smcpwr2n.sys - Ok C:\WINDOWS\system32\dllcache\smierrsm.dll - Ok C:\WINDOWS\system32\dllcache\smierrsy.dll - Ok C:\WINDOWS\system32\dllcache\smimsgif.dll - Ok C:\WINDOWS\system32\dllcache\smiminib.sys - Ok C:\WINDOWS\system32\dllcache\slrundll.exe - Ok C:\WINDOWS\system32\dllcache\smtpcons.dll - Ok C:\WINDOWS\system32\dllcache\smss.exe - Ok C:\WINDOWS\system32\dllcache\smidispb.dll - Ok >C:\WINDOWS\system32\dllcache\snd.htm is JS-HTML container C:\WINDOWS\system32\dllcache\smi2smir.exe - Ok C:\WINDOWS\system32\dllcache\snd.htm - container C:\WINDOWS\system32\dllcache\smlogsvc.exe - Ok C:\WINDOWS\system32\dllcache\snmp.exe - Ok C:\WINDOWS\system32\dllcache\sniffpol.dll - Ok C:\WINDOWS\system32\dllcache\smlogcfg.dll - Ok C:\WINDOWS\system32\dllcache\snmpapi.dll - Ok C:\WINDOWS\system32\dllcache\snmpmib.dll - Ok C:\WINDOWS\system32\dllcache\sndrec32.exe - Ok C:\WINDOWS\system32\dllcache\sndvol32.exe - Ok C:\WINDOWS\system32\dllcache\smtpsvc.dll - Ok C:\WINDOWS\system32\dllcache\snmpstup.dll - Ok C:\WINDOWS\system32\dllcache\snmpcl.dll - Ok C:\WINDOWS\system32\dllcache\snmpsmir.dll - Ok C:\WINDOWS\system32\dllcache\snmpsnap.dll - Ok C:\WINDOWS\system32\dllcache\snmptrap.exe - Ok C:\WINDOWS\system32\dllcache\snyaitmc.sys - Ok C:\WINDOWS\system32\dllcache\snmpincl.dll - Ok C:\WINDOWS\system32\dllcache\snmpthrd.dll - Ok C:\WINDOWS\system32\dllcache\softpub.dll - Ok C:\WINDOWS\system32\dllcache\sonyait.sys - Ok C:\WINDOWS\system32\dllcache\sonymc.sys - Ok C:\WINDOWS\system32\dllcache\sonydcam.sys - Ok C:\WINDOWS\system32\dllcache\sonync.sys - Ok C:\WINDOWS\system32\dllcache\sonypvu1.sys - Ok C:\WINDOWS\system32\dllcache\sonypi.sys - Ok C:\WINDOWS\system32\dllcache\softkbd.dll - Ok C:\WINDOWS\system32\dllcache\sort.exe - Ok C:\WINDOWS\system32\dllcache\softkey.dll - Ok C:\WINDOWS\system32\dllcache\sorttbls.nls - Ok C:\WINDOWS\system32\dllcache\sound.drv - Ok C:\WINDOWS\system32\dllcache\sortkey.nls - Ok C:\WINDOWS\system32\dllcache\sol.exe - Ok C:\WINDOWS\system32\dllcache\sonypi.dll - Ok C:\WINDOWS\system32\dllcache\sparrow.sys - Ok C:\WINDOWS\system32\dllcache\SP2.CAT - Ok C:\WINDOWS\system32\dllcache\spgrmr.dll - Ok C:\WINDOWS\system32\dllcache\speed.sys - Ok C:\WINDOWS\system32\dllcache\spcplui.dll - Ok C:\WINDOWS\system32\dllcache\splitter.sys - Ok C:\WINDOWS\system32\dllcache\spcommon.dll - Ok C:\WINDOWS\system32\dllcache\spdports.dll - Ok C:\WINDOWS\system32\dllcache\spnike.dll - Ok C:\WINDOWS\system32\dllcache\spoolss.dll - Ok C:\WINDOWS\system32\dllcache\spnpinst.exe - Ok C:\WINDOWS\system32\dllcache\spoolsv.exe - Ok C:\WINDOWS\system32\dllcache\spra041b.dll - Ok C:\WINDOWS\system32\dllcache\spra0424.dll - Ok C:\WINDOWS\system32\dllcache\sprestrt.exe - Ok C:\WINDOWS\system32\dllcache\spider.exe - Ok C:\WINDOWS\system32\dllcache\sprio600.dll - Ok >C:\WINDOWS\system32\dllcache\sprc041b.dll is BINARYRES container >>C:\WINDOWS\system32\dllcache\sprc041b.dll\data001 is JS-HTML container C:\WINDOWS\system32\dllcache\sprc041b.dll - container >C:\WINDOWS\system32\dllcache\sprb041b.dll is BINARYRES container >C:\WINDOWS\system32\dllcache\sprb0424.dll is BINARYRES container C:\WINDOWS\system32\dllcache\sprio800.dll - Ok >>C:\WINDOWS\system32\dllcache\sprb041b.dll\data001 is JS-HTML container >>C:\WINDOWS\system32\dllcache\sprb0424.dll\data001 is JS-HTML container >C:\WINDOWS\system32\dllcache\sprc0424.dll is BINARYRES container >>C:\WINDOWS\system32\dllcache\sprc0424.dll\data001 is JS-HTML container C:\WINDOWS\system32\dllcache\sprc0424.dll - container C:\WINDOWS\system32\dllcache\spxcoins.dll - Ok >>C:\WINDOWS\system32\dllcache\sprb041b.dll\data002 is JS-HTML container >>C:\WINDOWS\system32\dllcache\sprb0424.dll\data002 is JS-HTML container >>C:\WINDOWS\system32\dllcache\sprb041b.dll\data003 is JS-HTML container >>C:\WINDOWS\system32\dllcache\sprb0424.dll\data003 is JS-HTML container >>C:\WINDOWS\system32\dllcache\sprb0424.dll\data004 is JS-HTML container >>C:\WINDOWS\system32\dllcache\sprb041b.dll\data004 is JS-HTML container C:\WINDOWS\system32\dllcache\sprb041b.dll - container C:\WINDOWS\system32\dllcache\sprb0424.dll - container C:\WINDOWS\system32\dllcache\spxupchk.dll - Ok C:\WINDOWS\system32\dllcache\sptip.dll - Ok C:\WINDOWS\system32\dllcache\sqldb20.dll - Ok C:\WINDOWS\system32\dllcache\sqlse20.dll - Ok C:\WINDOWS\system32\dllcache\sqlunirl.dll - Ok C:\WINDOWS\system32\dllcache\sqlxmlx.dll - Ok C:\WINDOWS\system32\dllcache\spttseng.dll - Ok C:\WINDOWS\system32\dllcache\sr.sys - Ok C:\WINDOWS\system32\dllcache\sqlqp20.dll - Ok C:\WINDOWS\system32\dllcache\srchctls.dll - Ok C:\WINDOWS\system32\dllcache\sqmapi.dll - Ok C:\WINDOWS\system32\dllcache\srframe.mmf - Ok C:\WINDOWS\system32\dllcache\srclient.dll - Ok C:\WINDOWS\system32\dllcache\srgb.icm - Ok C:\WINDOWS\system32\dllcache\srdiag.exe - Ok C:\WINDOWS\system32\dllcache\srusbusd.dll - Ok C:\WINDOWS\system32\dllcache\srusd.dll - Ok C:\WINDOWS\system32\dllcache\srrstr.dll - Ok C:\WINDOWS\system32\dllcache\srsvc.dll - Ok C:\WINDOWS\system32\dllcache\srwlnd5.sys - Ok C:\WINDOWS\system32\dllcache\ssdpapi.dll - Ok C:\WINDOWS\system32\dllcache\srvsvc.dll - Ok C:\WINDOWS\system32\dllcache\ssdpsrv.dll - Ok C:\WINDOWS\system32\dllcache\srv.sys - Ok C:\WINDOWS\system32\dllcache\ssbezier.scr - Ok C:\WINDOWS\system32\dllcache\srchui.dll - Ok C:\WINDOWS\system32\dllcache\ssmyst.scr - Ok C:\WINDOWS\system32\dllcache\ssflwbox.scr - Ok C:\WINDOWS\system32\dllcache\ssmypics.scr - Ok C:\WINDOWS\system32\dllcache\ssmarque.scr - Ok C:\WINDOWS\system32\dllcache\startoc.dll - Ok C:\WINDOWS\system32\dllcache\sstub.dll - Ok C:\WINDOWS\system32\dllcache\stclient.dll - Ok >C:\WINDOWS\system32\dllcache\ss3dfo.scr is ZLIB container C:\WINDOWS\system32\dllcache\stdole.tlb - Ok C:\WINDOWS\system32\dllcache\stcusb.sys - Ok C:\WINDOWS\system32\dllcache\stdole2.tlb - Ok C:\WINDOWS\system32\dllcache\ssstars.scr - Ok C:\WINDOWS\system32\dllcache\sspipes.scr - Ok C:\WINDOWS\system32\dllcache\stdole32.tlb - Ok C:\WINDOWS\system32\dllcache\ss3dfo.scr - container C:\WINDOWS\system32\dllcache\stdprov.dll - Ok C:\WINDOWS\system32\dllcache\stimon.exe - Ok C:\WINDOWS\system32\dllcache\sti.dll - Ok C:\WINDOWS\system32\dllcache\sstext3d.scr - Ok C:\WINDOWS\system32\dllcache\sti_ci.dll - Ok C:\WINDOWS\system32\dllcache\storage.dll - Ok C:\WINDOWS\system32\dllcache\stobject.dll - Ok C:\WINDOWS\system32\dllcache\streamci.dll - Ok C:\WINDOWS\system32\dllcache\stlnprop.dll - Ok C:\WINDOWS\system32\dllcache\stlnata.sys - Ok C:\WINDOWS\system32\dllcache\stream.sys - Ok C:\WINDOWS\system32\dllcache\streamip.sys - Ok C:\WINDOWS\system32\dllcache\subst.exe - Ok C:\WINDOWS\system32\dllcache\storprop.dll - Ok C:\WINDOWS\system32\dllcache\strmfilt.dll - Ok C:\WINDOWS\system32\dllcache\svcpack.dll - Ok C:\WINDOWS\system32\dllcache\swenum.sys - Ok C:\WINDOWS\system32\dllcache\svchost.exe - Ok C:\WINDOWS\system32\dllcache\swmidi.sys - Ok C:\WINDOWS\system32\dllcache\swpdflt2.dll - Ok C:\WINDOWS\system32\dllcache\swpidflt.dll - Ok C:\WINDOWS\system32\dllcache\swusbflt.sys - Ok C:\WINDOWS\system32\dllcache\strmdll.dll - Ok C:\WINDOWS\system32\dllcache\sw_wheel.dll - Ok C:\WINDOWS\system32\dllcache\sw_effct.dll - Ok C:\WINDOWS\system32\dllcache\symc810.sys - Ok C:\WINDOWS\system32\dllcache\swprv.dll - Ok C:\WINDOWS\system32\dllcache\sxports.dll - Ok C:\WINDOWS\system32\dllcache\symc8xx.sys - Ok C:\WINDOWS\system32\dllcache\stlncoin.dll - Ok C:\WINDOWS\system32\dllcache\sx.sys - Ok C:\WINDOWS\system32\dllcache\sym_hi.sys - Ok C:\WINDOWS\system32\dllcache\sym_u3.sys - Ok C:\WINDOWS\system32\dllcache\synceng.dll - Ok C:\WINDOWS\system32\dllcache\sysedit.exe - Ok C:\WINDOWS\system32\dllcache\sysaudio.sys - Ok C:\WINDOWS\system32\dllcache\sysinv.dll - Ok C:\WINDOWS\system32\dllcache\syncui.dll - Ok C:\WINDOWS\system32\dllcache\sysdm.cpl - Ok C:\WINDOWS\system32\dllcache\sysmain.sdb - Ok C:\WINDOWS\system32\dllcache\sxs.dll - Ok C:\WINDOWS\system32\dllcache\syskey.exe - Ok C:\WINDOWS\system32\dllcache\sysmod.dll - Ok C:\WINDOWS\system32\dllcache\sysmoda.dll - Ok C:\WINDOWS\system32\dllcache\sysmod_a.dll - Ok C:\WINDOWS\system32\dllcache\system.drv - Ok C:\WINDOWS\system32\dllcache\systray.exe - Ok C:\WINDOWS\system32\dllcache\sysocmgr.exe - Ok C:\WINDOWS\system32\dllcache\t2embed.dll - Ok C:\WINDOWS\system32\dllcache\syncapp.exe - Ok C:\WINDOWS\system32\dllcache\t2r4disp.dll - Ok C:\WINDOWS\system32\dllcache\sysmon.ocx - Ok C:\WINDOWS\system32\dllcache\tandqic.sys - Ok C:\WINDOWS\system32\dllcache\taoff.gif - Ok C:\WINDOWS\system32\dllcache\taoffh.gif - Ok C:\WINDOWS\system32\dllcache\t2r4mini.sys - Ok C:\WINDOWS\system32\dllcache\taon.gif - Ok C:\WINDOWS\system32\dllcache\taonh.gif - Ok C:\WINDOWS\system32\dllcache\tahoma.ttf - Ok C:\WINDOWS\system32\dllcache\tapi.dll - Ok C:\WINDOWS\system32\dllcache\tape.sys - Ok C:\WINDOWS\system32\dllcache\tapiperf.dll - Ok C:\WINDOWS\system32\dllcache\tahomabd.ttf - Ok C:\WINDOWS\system32\dllcache\tapiui.dll - Ok C:\WINDOWS\system32\dllcache\tapi32.dll - Ok C:\WINDOWS\system32\dllcache\tapisrv.dll - Ok C:\WINDOWS\system32\dllcache\taskman.exe - Ok C:\WINDOWS\system32\dllcache\tbatm155.sys - Ok C:\WINDOWS\system32\dllcache\taskmgr.exe - Ok C:\WINDOWS\system32\dllcache\tcpmib.dll - Ok C:\WINDOWS\system32\dllcache\syssetup.dll - Ok C:\WINDOWS\system32\dllcache\tcpmon.dll - Ok C:\WINDOWS\system32\dllcache\tcpsvcs.exe - Ok C:\WINDOWS\system32\dllcache\tcpip6.sys - Ok C:\WINDOWS\system32\dllcache\tcpmonui.dll - Ok C:\WINDOWS\system32\dllcache\tcmsetup.exe - Ok C:\WINDOWS\system32\dllcache\tcptsat.dll - Ok C:\WINDOWS\system32\dllcache\tdasync.sys - Ok C:\WINDOWS\system32\dllcache\tdi.sys - Ok C:\WINDOWS\system32\dllcache\tdc.ocx - Ok C:\WINDOWS\system32\dllcache\tcpip.sys - Ok C:\WINDOWS\system32\dllcache\tdipx.sys - Ok C:\WINDOWS\system32\dllcache\tdkcd31.sys - Ok C:\WINDOWS\system32\dllcache\tdk100b.sys - Ok C:\WINDOWS\system32\dllcache\tdpipe.sys - Ok C:\WINDOWS\system32\dllcache\tapi3.dll - Ok C:\WINDOWS\system32\dllcache\tdspx.sys - Ok C:\WINDOWS\system32\dllcache\tdtcp.sys - Ok C:\WINDOWS\system32\dllcache\telephon.cpl - Ok C:\WINDOWS\system32\dllcache\termdd.sys - Ok C:\WINDOWS\system32\dllcache\tftp.exe - Ok >C:\WINDOWS\system32\dllcache\telnet.exe - packed by FLY-CODE C:\WINDOWS\system32\dllcache\tffsport.sys - Ok C:\WINDOWS\system32\dllcache\tgiul50.dll - Ok C:\WINDOWS\system32\dllcache\telnet.exe - Ok C:\WINDOWS\system32\dllcache\termmgr.dll - Ok C:\WINDOWS\system32\dllcache\termsrv.dll - Ok C:\WINDOWS\system32\dllcache\timer.drv - Ok C:\WINDOWS\system32\dllcache\tgiulnt5.sys - Ok C:\WINDOWS\system32\dllcache\thawbrkr.dll - Ok C:\WINDOWS\system32\dllcache\timedate.cpl - Ok C:\WINDOWS\system32\dllcache\tjisdn.sys - Ok C:\WINDOWS\system32\dllcache\tcptest.exe - Ok C:\WINDOWS\system32\dllcache\themeui.dll - Ok C:\WINDOWS\system32\dllcache\tintsetp.exe - Ok C:\WINDOWS\system32\dllcache\toolhelp.dll - Ok C:\WINDOWS\system32\dllcache\tos4mo.sys - Ok C:\WINDOWS\system32\dllcache\tmplprov.dll - Ok C:\WINDOWS\system32\dllcache\tintlphr.exe - Ok C:\WINDOWS\system32\dllcache\tosdvd.sys - Ok C:\WINDOWS\system32\dllcache\tintlgnt.ime - Ok C:\WINDOWS\system32\dllcache\toside.sys - Ok C:\WINDOWS\system32\dllcache\tourbg.gif - Ok >C:\WINDOWS\system32\dllcache\tour.js is JS-HTML container C:\WINDOWS\system32\dllcache\tour.js - container C:\WINDOWS\system32\dllcache\tosdvd02.sys - Ok C:\WINDOWS\system32\dllcache\tosdvd03.sys - Ok C:\WINDOWS\system32\dllcache\tp4res.dll - Ok C:\WINDOWS\system32\dllcache\tourstrt.exe - Ok C:\WINDOWS\system32\dllcache\tp4.dll - Ok C:\WINDOWS\system32\dllcache\tpause.gif - Ok C:\WINDOWS\system32\dllcache\tplayh.gif - Ok C:\WINDOWS\system32\dllcache\tplay.gif - Ok C:\WINDOWS\system32\dllcache\tpauseh.gif - Ok C:\WINDOWS\system32\dllcache\tp4mon.exe - Ok C:\WINDOWS\system32\dllcache\tracert.exe - Ok C:\WINDOWS\system32\dllcache\tracert6.exe - Ok C:\WINDOWS\system32\dllcache\tpro4.sys - Ok C:\WINDOWS\system32\dllcache\traffic.dll - Ok C:\WINDOWS\system32\dllcache\tmigrate.dll - Ok C:\WINDOWS\system32\dllcache\trialoc.dll - Ok C:\WINDOWS\system32\dllcache\trid3dm.sys - Ok C:\WINDOWS\system32\dllcache\tridkbm.sys - Ok C:\WINDOWS\system32\dllcache\trid3d.dll - Ok C:\WINDOWS\system32\dllcache\tridkb.dll - Ok C:\WINDOWS\system32\dllcache\tridxp.dll - Ok C:\WINDOWS\system32\dllcache\tridxpm.sys - Ok C:\WINDOWS\system32\dllcache\trkwks.dll - Ok C:\WINDOWS\system32\dllcache\triedit.dll - Ok C:\WINDOWS\system32\dllcache\trnsprov.dll - Ok C:\WINDOWS\system32\dllcache\tsbvcap.sys - Ok C:\WINDOWS\system32\dllcache\tsappcmp.dll - Ok C:\WINDOWS\system32\dllcache\tsbyuv.dll - Ok C:\WINDOWS\system32\dllcache\tsd32.dll - Ok C:\WINDOWS\system32\dllcache\tscon.exe - Ok C:\WINDOWS\system32\dllcache\tsddd.dll - Ok C:\WINDOWS\system32\dllcache\tsdiscon.exe - Ok C:\WINDOWS\system32\dllcache\tsgqec.dll - Ok C:\WINDOWS\system32\dllcache\tscfgwmi.dll - Ok C:\WINDOWS\system32\dllcache\tskill.exe - Ok C:\WINDOWS\system32\dllcache\tsprof.exe - Ok C:\WINDOWS\system32\dllcache\tspkg.dll - Ok C:\WINDOWS\system32\dllcache\tsoc.dll - Ok C:\WINDOWS\system32\dllcache\tscupgrd.exe - Ok C:\WINDOWS\system32\dllcache\tsshutdn.exe - Ok C:\WINDOWS\system32\dllcache\tunmp.sys - Ok C:\WINDOWS\system32\dllcache\twext.dll - Ok C:\WINDOWS\system32\dllcache\twotrack.sys - Ok C:\WINDOWS\system32\dllcache\twain_32.dll - Ok >C:\WINDOWS\system32\dllcache\tshoot.dll is BINARYRES container C:\WINDOWS\system32\dllcache\twain.dll - Ok C:\WINDOWS\system32\dllcache\twunk_16.exe - Ok >>C:\WINDOWS\system32\dllcache\tshoot.dll\data002 is JS-HTML container C:\WINDOWS\system32\dllcache\uagp35.sys - Ok C:\WINDOWS\system32\dllcache\tshoot.dll - container C:\WINDOWS\system32\dllcache\typelib.dll - Ok C:\WINDOWS\system32\dllcache\txflog.dll - Ok C:\WINDOWS\system32\dllcache\twunk_32.exe - Ok C:\WINDOWS\system32\dllcache\udhisapi.dll - Ok C:\WINDOWS\system32\dllcache\udfs.sys - Ok C:\WINDOWS\system32\dllcache\ultra.sys - Ok C:\WINDOWS\system32\dllcache\ufat.dll - Ok C:\WINDOWS\system32\dllcache\umandlg.dll - Ok C:\WINDOWS\system32\dllcache\ulib.dll - Ok C:\WINDOWS\system32\dllcache\um34scan.dll - Ok C:\WINDOWS\system32\dllcache\um54scan.dll - Ok C:\WINDOWS\system32\dllcache\umaxcam.dll - Ok C:\WINDOWS\system32\dllcache\umaxpcls.sys - Ok C:\WINDOWS\system32\dllcache\umaxu22.dll - Ok C:\WINDOWS\system32\dllcache\umaxu40.dll - Ok C:\WINDOWS\system32\dllcache\umaxscan.dll - Ok C:\WINDOWS\system32\dllcache\umdmxfrm.dll - Ok C:\WINDOWS\system32\dllcache\umaxp60.dll - Ok C:\WINDOWS\system32\dllcache\umaxu12.dll - Ok C:\WINDOWS\system32\dllcache\unicdime.ime - Ok C:\WINDOWS\system32\dllcache\umaxud32.dll - Ok C:\WINDOWS\system32\dllcache\unicode.nls - Ok C:\WINDOWS\system32\dllcache\uniansi.dll - Ok C:\WINDOWS\system32\dllcache\umpnpmgr.dll - Ok C:\WINDOWS\system32\dllcache\unlodctr.exe - Ok >C:\WINDOWS\system32\dllcache\uniplat.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\unimdmat.dll - Ok C:\WINDOWS\system32\dllcache\uniplat.dll - Ok C:\WINDOWS\system32\dllcache\uniime.dll - Ok C:\WINDOWS\system32\dllcache\unimdm.tsp - Ok >C:\WINDOWS\system32\dllcache\tourP.exe is ZLIB container C:\WINDOWS\system32\dllcache\tourP.exe - container C:\WINDOWS\system32\dllcache\unsecapp.exe - Ok C:\WINDOWS\system32\dllcache\unregmp2.exe - Ok C:\WINDOWS\system32\dllcache\untfs.dll - Ok C:\WINDOWS\system32\dllcache\update.sys - Ok C:\WINDOWS\system32\dllcache\upnp.dll - Ok C:\WINDOWS\system32\dllcache\updprov.dll - Ok C:\WINDOWS\system32\dllcache\uploadm.exe - Ok C:\WINDOWS\system32\dllcache\ureg.dll - Ok C:\WINDOWS\system32\dllcache\ups.exe - Ok C:\WINDOWS\system32\dllcache\upnpcont.exe - Ok C:\WINDOWS\system32\dllcache\usb8023.sys - Ok C:\WINDOWS\system32\dllcache\usb101et.sys - Ok C:\WINDOWS\system32\dllcache\url.dll - Ok C:\WINDOWS\system32\dllcache\upnphost.dll - Ok C:\WINDOWS\system32\dllcache\usb8023x.sys - Ok C:\WINDOWS\system32\dllcache\usbcamd.sys - Ok C:\WINDOWS\system32\dllcache\usbcamd2.sys - Ok C:\WINDOWS\system32\dllcache\usbaudio.sys - Ok C:\WINDOWS\system32\dllcache\usbd.sys - Ok C:\WINDOWS\system32\dllcache\upnpui.dll - Ok C:\WINDOWS\system32\dllcache\usbccgp.sys - Ok C:\WINDOWS\system32\dllcache\usbehci.sys - Ok C:\WINDOWS\system32\dllcache\usbintel.sys - Ok C:\WINDOWS\system32\dllcache\usbohci.sys - Ok C:\WINDOWS\system32\dllcache\usbmon.dll - Ok C:\WINDOWS\system32\dllcache\usbhub.sys - Ok C:\WINDOWS\system32\dllcache\usbprint.sys - Ok C:\WINDOWS\system32\dllcache\usbscan.sys - Ok C:\WINDOWS\system32\dllcache\usbuhci.sys - Ok C:\WINDOWS\system32\dllcache\usbstor.sys - Ok C:\WINDOWS\system32\dllcache\usbser.sys - Ok C:\WINDOWS\system32\dllcache\user.exe - Ok C:\WINDOWS\system32\dllcache\usbui.dll - Ok C:\WINDOWS\system32\dllcache\usbvideo.sys - Ok C:\WINDOWS\system32\dllcache\usbport.sys - Ok C:\WINDOWS\system32\dllcache\userinit.exe - Ok C:\WINDOWS\system32\dllcache\usp10.dll - Ok C:\WINDOWS\system32\dllcache\user32.dll - Ok C:\WINDOWS\system32\dllcache\urlmon.dll - Ok C:\WINDOWS\system32\dllcache\userenv.dll - Ok C:\WINDOWS\system32\dllcache\usrcntra.dll - Ok C:\WINDOWS\system32\dllcache\usr1807a.sys - Ok C:\WINDOWS\system32\dllcache\usr1801.sys - Ok C:\WINDOWS\system32\dllcache\usr1806.sys - Ok C:\WINDOWS\system32\dllcache\usrcoina.dll - Ok C:\WINDOWS\system32\dllcache\usrdpa.dll - Ok C:\WINDOWS\system32\dllcache\usroslba.sys - Ok C:\WINDOWS\system32\dllcache\usrlbva.dll - Ok C:\WINDOWS\system32\dllcache\usrfaxa.dll - Ok C:\WINDOWS\system32\dllcache\usrmlnka.exe - Ok C:\WINDOWS\system32\dllcache\usrrtosa.dll - Ok C:\WINDOWS\system32\dllcache\usrpda.sys - Ok C:\WINDOWS\system32\dllcache\usrsdpia.dll - Ok C:\WINDOWS\system32\dllcache\usrdtea.dll - Ok C:\WINDOWS\system32\dllcache\usr1806v.sys - Ok C:\WINDOWS\system32\dllcache\usrsvpia.dll - Ok C:\WINDOWS\system32\dllcache\usrv80a.dll - Ok >C:\WINDOWS\system32\dllcache\usrv42a.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\usrvpa.dll - Ok C:\WINDOWS\system32\dllcache\usrshuta.exe - Ok C:\WINDOWS\system32\dllcache\usrvoica.dll - Ok C:\WINDOWS\system32\dllcache\utildll.dll - Ok C:\WINDOWS\system32\dllcache\uxtheme.dll - Ok C:\WINDOWS\system32\dllcache\usrprbda.exe - Ok C:\WINDOWS\system32\dllcache\usrv42a.dll - Ok C:\WINDOWS\system32\dllcache\vbisurf.ax - Ok C:\WINDOWS\system32\dllcache\utilman.exe - Ok C:\WINDOWS\system32\dllcache\vcdex.dll - Ok C:\WINDOWS\system32\dllcache\vchnt5.dll - Ok C:\WINDOWS\system32\dllcache\usrti.sys - Ok C:\WINDOWS\system32\dllcache\vdmdbg.dll - Ok C:\WINDOWS\system32\dllcache\usrwdxjs.sys - Ok C:\WINDOWS\system32\dllcache\ver.dll - Ok C:\WINDOWS\system32\dllcache\vdmindvd.sys - Ok C:\WINDOWS\system32\dllcache\vdmredir.dll - Ok C:\WINDOWS\system32\dllcache\version.dll - Ok C:\WINDOWS\system32\dllcache\vga.dll - Ok C:\WINDOWS\system32\dllcache\verifier.dll - Ok C:\WINDOWS\system32\dllcache\verifier.exe - Ok C:\WINDOWS\system32\dllcache\vga.drv - Ok C:\WINDOWS\system32\dllcache\vbajet32.dll - Ok C:\WINDOWS\system32\dllcache\vga256.dll - Ok C:\WINDOWS\system32\dllcache\vga.sys - Ok C:\WINDOWS\system32\dllcache\vga64k.dll - Ok C:\WINDOWS\system32\dllcache\vgaoem.fon - Ok C:\WINDOWS\system32\dllcache\viaide.sys - Ok C:\WINDOWS\system32\dllcache\vbscript.dll - Ok C:\WINDOWS\system32\dllcache\vfwwdm32.dll - Ok C:\WINDOWS\system32\dllcache\viairda.sys - Ok C:\WINDOWS\system32\dllcache\viaagp.sys - Ok C:\WINDOWS\system32\dllcache\vidcap.ax - Ok C:\WINDOWS\system32\dllcache\vidsamp.gif - Ok C:\WINDOWS\system32\dllcache\videobg.gif - Ok C:\WINDOWS\system32\dllcache\vjoy.dll - Ok C:\WINDOWS\system32\dllcache\videoprt.sys - Ok C:\WINDOWS\system32\dllcache\vmmreg32.dll - Ok C:\WINDOWS\system32\dllcache\viz.wmv - Ok C:\WINDOWS\system32\dllcache\viewprov.dll - Ok C:\WINDOWS\system32\dllcache\vinwm.sys - Ok C:\WINDOWS\system32\dllcache\volsnap.sys - Ok C:\WINDOWS\system32\dllcache\voicesub.dll - Ok C:\WINDOWS\system32\dllcache\vssadmin.exe - Ok C:\WINDOWS\system32\dllcache\vmodem.sys - Ok C:\WINDOWS\system32\dllcache\vpctcom.sys - Ok C:\WINDOWS\system32\dllcache\vss_ps.dll - Ok C:\WINDOWS\system32\dllcache\voicepad.dll - Ok C:\WINDOWS\system32\dllcache\vssapi.dll - Ok C:\WINDOWS\system32\dllcache\w32.dll - Ok C:\WINDOWS\system32\dllcache\w32topl.dll - Ok C:\WINDOWS\system32\dllcache\vvoice.sys - Ok C:\WINDOWS\system32\dllcache\w32tm.exe - Ok C:\WINDOWS\system32\dllcache\w3ssl.dll - Ok C:\WINDOWS\system32\dllcache\w926nd.sys - Ok C:\WINDOWS\system32\dllcache\w840nd.sys - Ok C:\WINDOWS\system32\dllcache\vssvc.exe - Ok C:\WINDOWS\system32\dllcache\w940nd.sys - Ok C:\WINDOWS\system32\dllcache\vgx.dll - Ok C:\WINDOWS\system32\dllcache\w32time.dll - Ok C:\WINDOWS\system32\dllcache\wabfind.dll - Ok C:\WINDOWS\system32\dllcache\wacompen.sys - Ok C:\WINDOWS\system32\dllcache\wab32res.dll - Ok C:\WINDOWS\system32\dllcache\wabimp.dll - Ok C:\WINDOWS\system32\dllcache\wadv02nt.sys - Ok C:\WINDOWS\system32\dllcache\wadv01nt.sys - Ok C:\WINDOWS\system32\dllcache\wadv05nt.sys - Ok C:\WINDOWS\system32\dllcache\wadv07nt.sys - Ok C:\WINDOWS\system32\dllcache\wab.exe - Ok C:\WINDOWS\system32\dllcache\wadv08nt.sys - Ok C:\WINDOWS\system32\dllcache\wadv09nt.sys - Ok C:\WINDOWS\system32\dllcache\wadv11nt.sys - Ok C:\WINDOWS\system32\dllcache\wanarp.sys - Ok C:\WINDOWS\system32\dllcache\watchdog.sys - Ok C:\WINDOWS\system32\dllcache\watv02nt.sys - Ok C:\WINDOWS\system32\dllcache\watv01nt.sys - Ok C:\WINDOWS\system32\dllcache\watv06nt.sys - Ok C:\WINDOWS\system32\dllcache\watv04nt.sys - Ok >C:\WINDOWS\system32\dllcache\wb32.exe - packed by FLY-CODE C:\WINDOWS\system32\dllcache\watv10nt.sys - Ok C:\WINDOWS\system32\dllcache\wbemads.dll - Ok C:\WINDOWS\system32\dllcache\wb32.exe - Ok C:\WINDOWS\system32\dllcache\wbemads.tlb - Ok C:\WINDOWS\system32\dllcache\wab32.dll - Ok C:\WINDOWS\system32\dllcache\wbemcons.dll - Ok C:\WINDOWS\system32\dllcache\wavemsp.dll - Ok C:\WINDOWS\system32\dllcache\wbemcomn.dll - Ok C:\WINDOWS\system32\dllcache\wbemcntl.dll - Ok C:\WINDOWS\system32\dllcache\wbemdisp.tlb - Ok C:\WINDOWS\system32\dllcache\wbemprox.dll - Ok C:\WINDOWS\system32\dllcache\wabmig.exe - Ok C:\WINDOWS\system32\dllcache\wbemsvc.dll - Ok C:\WINDOWS\system32\dllcache\wbemperf.dll - Ok C:\WINDOWS\system32\dllcache\wbemdisp.dll - Ok C:\WINDOWS\system32\dllcache\wbfirdma.sys - Ok C:\WINDOWS\system32\dllcache\wceusbsh.sys - Ok C:\WINDOWS\system32\dllcache\wch7xxnt.sys - Ok C:\WINDOWS\system32\dllcache\wbemess.dll - Ok C:\WINDOWS\system32\dllcache\wdigest.dll - Ok C:\WINDOWS\system32\dllcache\wdmaud.drv - Ok C:\WINDOWS\system32\dllcache\wbemcore.dll - Ok C:\WINDOWS\system32\dllcache\wbemtest.exe - Ok C:\WINDOWS\system32\dllcache\webhits.dll - Ok C:\WINDOWS\system32\dllcache\wdmaud.sys - Ok C:\WINDOWS\system32\dllcache\wbemupgd.dll - Ok C:\WINDOWS\system32\dllcache\weitekp9.dll - Ok C:\WINDOWS\system32\dllcache\weitekp9.sys - Ok C:\WINDOWS\system32\dllcache\webclnt.dll - Ok C:\WINDOWS\system32\dllcache\wfwnet.drv - Ok C:\WINDOWS\system32\dllcache\webcheck.dll - Ok C:\WINDOWS\system32\dllcache\webvw.dll - Ok C:\WINDOWS\system32\dllcache\wiadss.dll - Ok C:\WINDOWS\system32\dllcache\wiafbdrv.dll - Ok C:\WINDOWS\system32\dllcache\wiamsmud.dll - Ok C:\WINDOWS\system32\dllcache\wdhaalba.sys - Ok C:\WINDOWS\system32\dllcache\wiadefui.dll - Ok C:\WINDOWS\system32\dllcache\wextract.exe - Ok C:\WINDOWS\system32\dllcache\wiascr.dll - Ok C:\WINDOWS\system32\dllcache\wiasf.ax - Ok C:\WINDOWS\system32\dllcache\wifeman.dll - Ok C:\WINDOWS\system32\dllcache\wiaacmgr.exe - Ok C:\WINDOWS\system32\dllcache\wiavideo.dll - Ok C:\WINDOWS\system32\dllcache\win87em.dll - Ok C:\WINDOWS\system32\dllcache\wiavusd.dll - Ok C:\WINDOWS\system32\dllcache\wiaservc.dll - Ok C:\WINDOWS\system32\dllcache\win32spl.dll - Ok C:\WINDOWS\system32\dllcache\winar30.ime - Ok C:\WINDOWS\system32\dllcache\winfax.dll - Ok C:\WINDOWS\system32\dllcache\wiashext.dll - Ok C:\WINDOWS\system32\dllcache\wingb.ime - Ok C:\WINDOWS\system32\dllcache\winhelp.exe - Ok C:\WINDOWS\system32\dllcache\winacisa.sys - Ok C:\WINDOWS\system32\dllcache\winchat.exe - Ok C:\WINDOWS\system32\dllcache\winime.ime - Ok C:\WINDOWS\system32\dllcache\winhstb.exe - Ok C:\WINDOWS\system32\dllcache\winhttp.dll - Ok C:\WINDOWS\system32\dllcache\winipsec.dll - Ok C:\WINDOWS\system32\dllcache\winmgmt.exe - Ok C:\WINDOWS\system32\dllcache\winhlp32.exe - Ok C:\WINDOWS\system32\dllcache\winmgmtr.dll - Ok C:\WINDOWS\system32\dllcache\winbrand.dll - Ok C:\WINDOWS\system32\dllcache\winmine.exe - Ok C:\WINDOWS\system32\dllcache\wininet.dll - Ok C:\WINDOWS\system32\dllcache\winnls.dll - Ok C:\WINDOWS\system32\dllcache\winmm.dll - Ok >C:\WINDOWS\system32\dllcache\winrnr.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\winrnr.dll - Ok C:\WINDOWS\system32\dllcache\winpy.ime - Ok C:\WINDOWS\system32\dllcache\winlogon.exe - Ok C:\WINDOWS\system32\dllcache\winsock.dll - Ok C:\WINDOWS\system32\dllcache\win32k.sys - Ok C:\WINDOWS\system32\dllcache\winshfhc.dll - Ok C:\WINDOWS\system32\dllcache\winscard.dll - Ok C:\WINDOWS\system32\dllcache\winspool.exe - Ok C:\WINDOWS\system32\dllcache\winmsd.exe - Ok >C:\WINDOWS\system32\dllcache\winsta.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\winspool.drv - Ok C:\WINDOWS\system32\dllcache\winsp.ime - Ok C:\WINDOWS\system32\dllcache\winstrm.dll - Ok C:\WINDOWS\system32\dllcache\winver.exe - Ok C:\WINDOWS\system32\dllcache\winsta.dll - Ok C:\WINDOWS\system32\dllcache\wisc10.dll - Ok C:\WINDOWS\system32\dllcache\winntbbu.dll - Ok C:\WINDOWS\system32\dllcache\winsrv.dll - Ok C:\WINDOWS\system32\dllcache\wintrust.dll - Ok C:\WINDOWS\system32\dllcache\wlandrv2.sys - Ok C:\WINDOWS\system32\dllcache\winzm.ime - Ok C:\WINDOWS\system32\dllcache\wlanapi.dll - Ok C:\WINDOWS\system32\dllcache\wm1.gif - Ok C:\WINDOWS\system32\dllcache\wm2.gif - Ok C:\WINDOWS\system32\dllcache\wm3.gif - Ok C:\WINDOWS\system32\dllcache\wm5.gif - Ok C:\WINDOWS\system32\dllcache\wm4.gif - Ok C:\WINDOWS\system32\dllcache\wm6.gif - Ok C:\WINDOWS\system32\dllcache\wm8.gif - Ok C:\WINDOWS\system32\dllcache\wkssvc.dll - Ok C:\WINDOWS\system32\dllcache\wlnotify.dll - Ok C:\WINDOWS\system32\dllcache\wm7.gif - Ok C:\WINDOWS\system32\dllcache\wm9.gif - Ok C:\WINDOWS\system32\dllcache\wlluc48.sys - Ok C:\WINDOWS\system32\dllcache\wldap32.dll - Ok C:\WINDOWS\system32\dllcache\wmdmps.dll - Ok C:\WINDOWS\system32\dllcache\wmerrenu.cat - Ok C:\WINDOWS\system32\dllcache\wmerrenu.dll - Ok C:\WINDOWS\system32\dllcache\wmdm.inf - Ok C:\WINDOWS\system32\dllcache\wmasf.dll - Ok C:\WINDOWS\system32\dllcache\wmdmlog.dll - Ok C:\WINDOWS\system32\dllcache\wmi.dll - Ok C:\WINDOWS\system32\dllcache\wmerror.dll - Ok C:\WINDOWS\system32\dllcache\wmfsdk.inf - Ok C:\WINDOWS\system32\dllcache\wmiacpi.sys - Ok C:\WINDOWS\system32\dllcache\wmiapres.dll - Ok C:\WINDOWS\system32\dllcache\wmi2xml.dll - Ok C:\WINDOWS\system32\dllcache\wmiaprpl.dll - Ok C:\WINDOWS\system32\dllcache\wmadmod.dll - Ok C:\WINDOWS\system32\dllcache\wmicookr.dll - Ok C:\WINDOWS\system32\dllcache\wmiapsrv.exe - Ok C:\WINDOWS\system32\dllcache\wmilib.sys - Ok C:\WINDOWS\system32\dllcache\wmimsg.dll - Ok C:\WINDOWS\system32\dllcache\wmidcprv.dll - Ok C:\WINDOWS\system32\dllcache\wmiadap.exe - Ok C:\WINDOWS\system32\dllcache\wmadmoe.dll - Ok C:\WINDOWS\system32\dllcache\wmipiprt.dll - Ok C:\WINDOWS\system32\dllcache\wmipicmp.dll - Ok C:\WINDOWS\system32\dllcache\wmidx.dll - Ok C:\WINDOWS\system32\dllcache\wmipcima.dll - Ok >C:\WINDOWS\system32\dllcache\wmiprop.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\wmipdskq.dll - Ok C:\WINDOWS\system32\dllcache\wmipjobj.dll - Ok C:\WINDOWS\system32\dllcache\wmiprop.dll - Ok C:\WINDOWS\system32\dllcache\wmipsess.dll - Ok C:\WINDOWS\system32\dllcache\wmiprov.dll - Ok C:\WINDOWS\system32\dllcache\wmitimep.dll - Ok C:\WINDOWS\system32\dllcache\wmisvc.dll - Ok C:\WINDOWS\system32\dllcache\wmm2eres.dll - Ok C:\WINDOWS\system32\dllcache\wmiprvse.exe - Ok C:\WINDOWS\system32\dllcache\wmm2ext.dll - Ok C:\WINDOWS\system32\dllcache\wmiutils.dll - Ok C:\WINDOWS\system32\dllcache\wmm2ae.dll - Ok C:\WINDOWS\system32\dllcache\wmiprvsd.dll - Ok C:\WINDOWS\system32\dllcache\wmm2res2.dll - Ok C:\WINDOWS\system32\dllcache\wmm2fxb.dll - Ok C:\WINDOWS\system32\dllcache\wmm2filt.dll - Ok C:\WINDOWS\system32\dllcache\wmp.inf - Ok C:\WINDOWS\system32\dllcache\wmm2fxa.dll - Ok C:\WINDOWS\system32\dllcache\wmp.ocx - Ok C:\WINDOWS\system32\dllcache\wmpaud2.wav - Ok C:\WINDOWS\system32\dllcache\wmpaud1.wav - Ok C:\WINDOWS\system32\dllcache\wmpaud4.wav - Ok C:\WINDOWS\system32\dllcache\wmpaud3.wav - Ok C:\WINDOWS\system32\dllcache\wmpaud5.wav - Ok C:\WINDOWS\system32\dllcache\wmpaud7.wav - Ok C:\WINDOWS\system32\dllcache\wmpaud6.wav - Ok C:\WINDOWS\system32\dllcache\wmpasf.dll - Ok C:\WINDOWS\system32\dllcache\wmpaud8.wav - Ok C:\WINDOWS\system32\dllcache\wmpaud9.wav - Ok C:\WINDOWS\system32\dllcache\wmpcd.dll - Ok C:\WINDOWS\system32\dllcache\wmpcore.dll - Ok >C:\WINDOWS\system32\dllcache\wmplay.chm is CHM container C:\WINDOWS\system32\dllcache\wmpband.dll - Ok C:\WINDOWS\system32\dllcache\wmplayer.adm - Ok >C:\WINDOWS\system32\dllcache\wmplayer.chm is CHM container C:\WINDOWS\system32\dllcache\WMNetmgr.dll - Ok C:\WINDOWS\system32\dllcache\wmpdxm.dll - Ok C:\WINDOWS\system32\dllcache\wmplay.chm - container >C:\WINDOWS\system32\dllcache\wmploc.js is JS-HTML container C:\WINDOWS\system32\dllcache\wmploc.js - container C:\WINDOWS\system32\dllcache\wmplayer.exe - Ok C:\WINDOWS\system32\dllcache\wmpocm.inf - Ok
- January 2, 2013
- 79 replies
Outgoing Malicious IP Blocks. Suspect Infection

MicQsenoch replied to MicQsenoch's topic in Resolved Malware Removal Logs

>>C:\WINDOWS\system32\dllcache\cdosys.dll\data001 is JS-HTML container C:\WINDOWS\system32\dllcache\cdosys.dll - container C:\WINDOWS\system32\dllcache\cintlgnt.ime - Ok C:\WINDOWS\system32\dllcache\cintime.dll - Ok C:\WINDOWS\system32\dllcache\cicap.sys - Ok C:\WINDOWS\system32\dllcache\chsbrkr.dll - Ok C:\WINDOWS\system32\dllcache\cirrus.sys - Ok C:\WINDOWS\system32\dllcache\ciodm.dll - Ok C:\WINDOWS\system32\dllcache\cirrus.dll - Ok C:\WINDOWS\system32\dllcache\cisvc.exe - Ok C:\WINDOWS\system32\dllcache\cl5465.dll - Ok C:\WINDOWS\system32\dllcache\cl546x.dll - Ok C:\WINDOWS\system32\dllcache\classpnp.sys - Ok C:\WINDOWS\system32\dllcache\cintsetp.exe - Ok C:\WINDOWS\system32\dllcache\cl546xm.sys - Ok C:\WINDOWS\system32\dllcache\clb.dll - Ok C:\WINDOWS\system32\dllcache\clbcatex.dll - Ok C:\WINDOWS\system32\dllcache\class_ss.dll - Ok C:\WINDOWS\system32\dllcache\clipbrd.exe - Ok C:\WINDOWS\system32\dllcache\cloapp.gif - Ok C:\WINDOWS\system32\dllcache\cloapph.gif - Ok C:\WINDOWS\system32\dllcache\cleanmgr.exe - Ok C:\WINDOWS\system32\dllcache\clbcatq.dll - Ok C:\WINDOWS\system32\dllcache\cmbatt.sys - Ok C:\WINDOWS\system32\dllcache\ckcnv.exe - Ok C:\WINDOWS\system32\dllcache\cmbp0wdm.sys - Ok C:\WINDOWS\system32\dllcache\clusapi.dll - Ok C:\WINDOWS\system32\dllcache\clipsrv.exe - Ok C:\WINDOWS\system32\dllcache\cmdide.sys - Ok C:\WINDOWS\system32\dllcache\cmcfg32.dll - Ok C:\WINDOWS\system32\dllcache\cimwin32.dll - Ok C:\WINDOWS\system32\dllcache\cmmon32.exe - Ok C:\WINDOWS\system32\dllcache\cmnclim.dll - Ok C:\WINDOWS\system32\dllcache\cmd.exe - Ok C:\WINDOWS\system32\dllcache\cmdl32.exe - Ok C:\WINDOWS\system32\dllcache\cmpbk32.dll - Ok C:\WINDOWS\system32\dllcache\cmsetacl.dll - Ok C:\WINDOWS\system32\dllcache\cmutil.dll - Ok C:\WINDOWS\system32\dllcache\cmdial32.dll - Ok C:\WINDOWS\system32\dllcache\cmstp.exe - Ok C:\WINDOWS\system32\dllcache\cntd.gif - Ok C:\WINDOWS\system32\dllcache\cnbjmon.dll - Ok C:\WINDOWS\system32\dllcache\cnetcfg.dll - Ok C:\WINDOWS\system32\dllcache\cnth.gif - Ok C:\WINDOWS\system32\dllcache\cnt.gif - Ok C:\WINDOWS\system32\dllcache\cmprops.dll - Ok C:\WINDOWS\system32\dllcache\cobramsg.dll - Ok C:\WINDOWS\system32\dllcache\cnvfat.dll - Ok C:\WINDOWS\system32\dllcache\cnxt1803.sys - Ok C:\WINDOWS\system32\dllcache\cnusd.dll - Ok C:\WINDOWS\system32\dllcache\comcat.dll - Ok C:\WINDOWS\system32\dllcache\cmnresm.dll - Ok C:\WINDOWS\system32\dllcache\comadmin.dll - Ok C:\WINDOWS\system32\dllcache\commdlg.dll - Ok C:\WINDOWS\system32\dllcache\compact.exe - Ok C:\WINDOWS\system32\dllcache\comdlg32.dll - Ok >C:\WINDOWS\system32\dllcache\compact.wmz is ZIP archive C:\WINDOWS\system32\dllcache\compact.wmz - Ok C:\WINDOWS\system32\dllcache\compact.wmz - archive C:\WINDOWS\system32\dllcache\comp.exe - Ok C:\WINDOWS\system32\dllcache\comaddin.dll - Ok C:\WINDOWS\system32\dllcache\compobj.dll - Ok C:\WINDOWS\system32\dllcache\compbatt.sys - Ok C:\WINDOWS\system32\dllcache\colbact.dll - Ok C:\WINDOWS\system32\dllcache\comrepl.exe - Ok C:\WINDOWS\system32\dllcache\comrereg.exe - Ok C:\WINDOWS\system32\dllcache\comrepl.dll - Ok C:\WINDOWS\system32\dllcache\compstui.dll - Ok C:\WINDOWS\system32\dllcache\comctl32.dll - Ok >C:\WINDOWS\system32\dllcache\compatui.dll is BINARYRES container >>C:\WINDOWS\system32\dllcache\compatui.dll\data002 is JS-HTML container C:\WINDOWS\system32\dllcache\compatui.dll - container C:\WINDOWS\system32\dllcache\comsetup.dll - Ok C:\WINDOWS\system32\dllcache\comsnap.dll - Ok C:\WINDOWS\system32\dllcache\comres.dll - Ok C:\WINDOWS\system32\dllcache\confmrsl.dll - Ok C:\WINDOWS\system32\dllcache\comuid.dll - Ok C:\WINDOWS\system32\dllcache\console.dll - Ok C:\WINDOWS\system32\dllcache\control.exe - Ok >C:\WINDOWS\system32\dllcache\contents.htm is JS-HTML container C:\WINDOWS\system32\dllcache\conime.exe - Ok C:\WINDOWS\system32\dllcache\controls.css - Ok C:\WINDOWS\system32\dllcache\contents.htm - container C:\WINDOWS\system32\dllcache\convert.exe - Ok >C:\WINDOWS\system32\dllcache\controls.js is JS-HTML container C:\WINDOWS\system32\dllcache\confmsp.dll - Ok C:\WINDOWS\system32\dllcache\copycd.wmv - Ok C:\WINDOWS\system32\dllcache\corpol.dll - Ok C:\WINDOWS\system32\dllcache\controls.js - container C:\WINDOWS\system32\dllcache\country.sys - Ok C:\WINDOWS\system32\dllcache\comsvcs.dll - Ok C:\WINDOWS\system32\dllcache\cpqarray.sys - Ok C:\WINDOWS\system32\dllcache\cpqdap01.sys - Ok C:\WINDOWS\system32\dllcache\cpqndis5.sys - Ok C:\WINDOWS\system32\dllcache\cprofile.exe - Ok C:\WINDOWS\system32\dllcache\cpqtrnd5.sys - Ok C:\WINDOWS\system32\dllcache\credssp.dll - Ok C:\WINDOWS\system32\dllcache\crtaud.sys - Ok C:\WINDOWS\system32\dllcache\crusoe.sys - Ok C:\WINDOWS\system32\dllcache\cplexe.exe - Ok C:\WINDOWS\system32\dllcache\cpscan.dll - Ok C:\WINDOWS\system32\dllcache\credui.dll - Ok C:\WINDOWS\system32\dllcache\cryptdll.dll - Ok C:\WINDOWS\system32\dllcache\cryptext.dll - Ok C:\WINDOWS\system32\dllcache\cryptdlg.dll - Ok C:\WINDOWS\system32\dllcache\conf.exe - Ok C:\WINDOWS\system32\dllcache\crtdll.dll - Ok C:\WINDOWS\system32\dllcache\cryptnet.dll - Ok C:\WINDOWS\system32\dllcache\cryptsvc.dll - Ok C:\WINDOWS\system32\dllcache\cscdll.dll - Ok C:\WINDOWS\system32\dllcache\csamsp.dll - Ok C:\WINDOWS\system32\dllcache\csrss.exe - Ok C:\WINDOWS\system32\dllcache\csrsrv.dll - Ok C:\WINDOWS\system32\dllcache\crypt32.dll - Ok C:\WINDOWS\system32\dllcache\cryptui.dll - Ok C:\WINDOWS\system32\dllcache\ctl3dv2.dll - Ok C:\WINDOWS\system32\dllcache\csseqchk.dll - Ok C:\WINDOWS\system32\dllcache\ctlfacem.sys - Ok C:\WINDOWS\system32\dllcache\ctljystk.sys - Ok C:\WINDOWS\system32\dllcache\cscript.exe - Ok C:\WINDOWS\system32\dllcache\cscui.dll - Ok C:\WINDOWS\system32\dllcache\ctwdm32.dll - Ok C:\WINDOWS\system32\dllcache\ctlsb16.sys - Ok C:\WINDOWS\system32\dllcache\ctfmon.exe - Ok C:\WINDOWS\system32\dllcache\ctype.nls - Ok C:\WINDOWS\system32\dllcache\cwbase.sys - Ok C:\WINDOWS\system32\dllcache\cwbmidi.sys - Ok C:\WINDOWS\system32\dllcache\cwcosnt5.sys - Ok C:\WINDOWS\system32\dllcache\cwbwdm.sys - Ok C:\WINDOWS\system32\dllcache\ctmasetp.dll - Ok C:\WINDOWS\system32\dllcache\cwcwdm.sys - Ok C:\WINDOWS\system32\dllcache\cyclad-z.sys - Ok C:\WINDOWS\system32\dllcache\cyclom-y.sys - Ok C:\WINDOWS\system32\dllcache\cwrwdm.sys - Ok C:\WINDOWS\system32\dllcache\cwcspud.sys - Ok C:\WINDOWS\system32\dllcache\custsat.dll - Ok C:\WINDOWS\system32\dllcache\cyycoins.dll - Ok C:\WINDOWS\system32\dllcache\cyyport.sys - Ok C:\WINDOWS\system32\dllcache\cyyports.dll - Ok C:\WINDOWS\system32\dllcache\cyzcoins.dll - Ok C:\WINDOWS\system32\dllcache\cyzport.sys - Ok C:\WINDOWS\system32\dllcache\c_037.nls - Ok C:\WINDOWS\system32\dllcache\cyzports.dll - Ok C:\WINDOWS\system32\dllcache\c_10000.nls - Ok C:\WINDOWS\system32\dllcache\ctl3d32.dll - Ok C:\WINDOWS\system32\dllcache\c_10004.nls - Ok C:\WINDOWS\system32\dllcache\c_10001.nls - Ok C:\WINDOWS\system32\dllcache\c_10003.nls - Ok C:\WINDOWS\system32\dllcache\c_10002.nls - Ok C:\WINDOWS\system32\dllcache\c_10005.nls - Ok C:\WINDOWS\system32\dllcache\c_10006.nls - Ok C:\WINDOWS\system32\dllcache\c_10007.nls - Ok C:\WINDOWS\system32\dllcache\c_10010.nls - Ok C:\WINDOWS\system32\dllcache\c_10017.nls - Ok C:\WINDOWS\system32\dllcache\c_10021.nls - Ok C:\WINDOWS\system32\dllcache\c_10079.nls - Ok C:\WINDOWS\system32\dllcache\c_10029.nls - Ok C:\WINDOWS\system32\dllcache\c_10082.nls - Ok C:\WINDOWS\system32\dllcache\c_10008.nls - Ok C:\WINDOWS\system32\dllcache\c_10081.nls - Ok C:\WINDOWS\system32\dllcache\c_1026.nls - Ok C:\WINDOWS\system32\dllcache\c_1140.nls - Ok C:\WINDOWS\system32\dllcache\c_1047.nls - Ok C:\WINDOWS\system32\dllcache\c_1143.nls - Ok C:\WINDOWS\system32\dllcache\c_1142.nls - Ok C:\WINDOWS\system32\dllcache\c_1141.nls - Ok C:\WINDOWS\system32\dllcache\c_1144.nls - Ok C:\WINDOWS\system32\dllcache\c_1146.nls - Ok C:\WINDOWS\system32\dllcache\c_1145.nls - Ok C:\WINDOWS\system32\dllcache\c_1149.nls - Ok C:\WINDOWS\system32\dllcache\c_1148.nls - Ok C:\WINDOWS\system32\dllcache\c_1147.nls - Ok C:\WINDOWS\system32\dllcache\c_1250.nls - Ok C:\WINDOWS\system32\dllcache\c_1251.nls - Ok C:\WINDOWS\system32\dllcache\c_1252.nls - Ok C:\WINDOWS\system32\dllcache\c_1253.nls - Ok C:\WINDOWS\system32\dllcache\c_1255.nls - Ok C:\WINDOWS\system32\dllcache\c_1254.nls - Ok C:\WINDOWS\system32\dllcache\c_1256.nls - Ok C:\WINDOWS\system32\dllcache\c_1258.nls - Ok C:\WINDOWS\system32\dllcache\c_1257.nls - Ok C:\WINDOWS\system32\dllcache\c_20000.nls - Ok C:\WINDOWS\system32\dllcache\c_20002.nls - Ok C:\WINDOWS\system32\dllcache\c_20001.nls - Ok C:\WINDOWS\system32\dllcache\c_1361.nls - Ok C:\WINDOWS\system32\dllcache\c_20003.nls - Ok C:\WINDOWS\system32\dllcache\c_20004.nls - Ok C:\WINDOWS\system32\dllcache\c_20106.nls - Ok C:\WINDOWS\system32\dllcache\c_20108.nls - Ok C:\WINDOWS\system32\dllcache\c_20105.nls - Ok C:\WINDOWS\system32\dllcache\c_20107.nls - Ok C:\WINDOWS\system32\dllcache\c_20127.nls - Ok C:\WINDOWS\system32\dllcache\c_20005.nls - Ok C:\WINDOWS\system32\dllcache\c_20273.nls - Ok C:\WINDOWS\system32\dllcache\c_20277.nls - Ok C:\WINDOWS\system32\dllcache\c_20278.nls - Ok C:\WINDOWS\system32\dllcache\c_20269.nls - Ok C:\WINDOWS\system32\dllcache\c_20261.nls - Ok C:\WINDOWS\system32\dllcache\c_20285.nls - Ok C:\WINDOWS\system32\dllcache\c_20280.nls - Ok C:\WINDOWS\system32\dllcache\c_20284.nls - Ok C:\WINDOWS\system32\dllcache\c_20297.nls - Ok C:\WINDOWS\system32\dllcache\c_20290.nls - Ok C:\WINDOWS\system32\dllcache\c_20866.nls - Ok C:\WINDOWS\system32\dllcache\c_20423.nls - Ok C:\WINDOWS\system32\dllcache\c_20420.nls - Ok C:\WINDOWS\system32\dllcache\c_20424.nls - Ok C:\WINDOWS\system32\dllcache\c_20833.nls - Ok C:\WINDOWS\system32\dllcache\c_20838.nls - Ok C:\WINDOWS\system32\dllcache\c_20880.nls - Ok C:\WINDOWS\system32\dllcache\c_20924.nls - Ok C:\WINDOWS\system32\dllcache\c_20871.nls - Ok C:\WINDOWS\system32\dllcache\c_20905.nls - Ok C:\WINDOWS\system32\dllcache\c_20936.nls - Ok C:\WINDOWS\system32\dllcache\c_20932.nls - Ok C:\WINDOWS\system32\dllcache\c_20949.nls - Ok C:\WINDOWS\system32\dllcache\c_21025.nls - Ok C:\WINDOWS\system32\dllcache\c_21866.nls - Ok C:\WINDOWS\system32\dllcache\c_21027.nls - Ok C:\WINDOWS\system32\dllcache\c_28591.nls - Ok C:\WINDOWS\system32\dllcache\c_28594.nls - Ok C:\WINDOWS\system32\dllcache\c_28592.nls - Ok C:\WINDOWS\system32\dllcache\c_28593.nls - Ok C:\WINDOWS\system32\dllcache\c_28595.nls - Ok C:\WINDOWS\system32\dllcache\c_28596.nls - Ok C:\WINDOWS\system32\dllcache\c_28603.nls - Ok C:\WINDOWS\system32\dllcache\c_28597.nls - Ok C:\WINDOWS\system32\dllcache\c_28598.nls - Ok C:\WINDOWS\system32\dllcache\c_28599.nls - Ok C:\WINDOWS\system32\dllcache\c_28605.nls - Ok C:\WINDOWS\system32\dllcache\c_437.nls - Ok C:\WINDOWS\system32\dllcache\c_720.nls - Ok C:\WINDOWS\system32\dllcache\c_500.nls - Ok C:\WINDOWS\system32\dllcache\c_737.nls - Ok C:\WINDOWS\system32\dllcache\c_775.nls - Ok C:\WINDOWS\system32\dllcache\c_708.nls - Ok C:\WINDOWS\system32\dllcache\c_850.nls - Ok C:\WINDOWS\system32\dllcache\c_855.nls - Ok C:\WINDOWS\system32\dllcache\c_858.nls - Ok C:\WINDOWS\system32\dllcache\c_852.nls - Ok C:\WINDOWS\system32\dllcache\c_857.nls - Ok C:\WINDOWS\system32\dllcache\c_861.nls - Ok C:\WINDOWS\system32\dllcache\c_860.nls - Ok C:\WINDOWS\system32\dllcache\c_863.nls - Ok C:\WINDOWS\system32\dllcache\c_862.nls - Ok C:\WINDOWS\system32\dllcache\c_865.nls - Ok C:\WINDOWS\system32\dllcache\c_864.nls - Ok C:\WINDOWS\system32\dllcache\c_866.nls - Ok C:\WINDOWS\system32\dllcache\c_869.nls - Ok C:\WINDOWS\system32\dllcache\c_870.nls - Ok C:\WINDOWS\system32\dllcache\c_874.nls - Ok C:\WINDOWS\system32\dllcache\c_875.nls - Ok C:\WINDOWS\system32\dllcache\c_936.nls - Ok C:\WINDOWS\system32\dllcache\c_932.nls - Ok C:\WINDOWS\system32\dllcache\c_is2022.dll - Ok C:\WINDOWS\system32\dllcache\c_950.nls - Ok C:\WINDOWS\system32\dllcache\c_949.nls - Ok C:\WINDOWS\system32\dllcache\c_iscii.dll - Ok C:\WINDOWS\system32\dllcache\d3d8thk.dll - Ok C:\WINDOWS\system32\dllcache\d100ib5.sys - Ok C:\WINDOWS\system32\dllcache\c_g18030.dll - Ok C:\WINDOWS\system32\dllcache\d3dpmesh.dll - Ok C:\WINDOWS\system32\dllcache\d3dim.dll - Ok C:\WINDOWS\system32\dllcache\d3dramp.dll - Ok C:\WINDOWS\system32\dllcache\d3dim700.dll - Ok C:\WINDOWS\system32\dllcache\d3dxof.dll - Ok C:\WINDOWS\system32\dllcache\d3drm.dll - Ok C:\WINDOWS\system32\dllcache\dac960nt.sys - Ok C:\WINDOWS\system32\dllcache\dac2w2k.sys - Ok C:\WINDOWS\system32\dllcache\dataclen.dll - Ok C:\WINDOWS\system32\dllcache\davclnt.dll - Ok C:\WINDOWS\system32\dllcache\d3d8.dll - Ok C:\WINDOWS\system32\dllcache\datime.dll - Ok C:\WINDOWS\system32\dllcache\dayi.ime - Ok C:\WINDOWS\system32\dllcache\daxctle.ocx - Ok C:\WINDOWS\system32\dllcache\dao360.dll - Ok C:\WINDOWS\system32\dllcache\dc210usd.dll - Ok C:\WINDOWS\system32\dllcache\dbnetlib.dll - Ok C:\WINDOWS\system32\dllcache\dc210_32.dll - Ok C:\WINDOWS\system32\dllcache\dc21x4.sys - Ok C:\WINDOWS\system32\dllcache\dc240usd.dll - Ok C:\WINDOWS\system32\dllcache\dc260usd.dll - Ok C:\WINDOWS\system32\dllcache\dciman32.dll - Ok C:\WINDOWS\system32\dllcache\dcap32.dll - Ok C:\WINDOWS\system32\dllcache\dcomcnfg.exe - Ok C:\WINDOWS\system32\dllcache\d3d9.dll - Ok C:\WINDOWS\system32\dllcache\dbghelp.dll - Ok C:\WINDOWS\system32\dllcache\ddeml.dll - Ok C:\WINDOWS\system32\dllcache\ddrawex.dll - Ok >C:\WINDOWS\system32\dllcache\debug.exe - packed by EXEPACK C:\WINDOWS\system32\dllcache\danim.dll - Ok C:\WINDOWS\system32\dllcache\debug.exe - Ok C:\WINDOWS\system32\dllcache\dbgeng.dll - Ok C:\WINDOWS\system32\dllcache\ddsmc.sys - Ok C:\WINDOWS\system32\dllcache\defpa.sys - Ok C:\WINDOWS\system32\dllcache\defrag.exe - Ok C:\WINDOWS\system32\dllcache\deskadp.dll - Ok >C:\WINDOWS\system32\dllcache\deskperf.dll - packed by FLY-CODE >C:\WINDOWS\system32\dllcache\deskmon.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\ddeshare.exe - Ok C:\WINDOWS\system32\dllcache\ddraw.dll - Ok C:\WINDOWS\system32\dllcache\desk.cpl - Ok C:\WINDOWS\system32\dllcache\deskperf.dll - Ok C:\WINDOWS\system32\dllcache\devenum.dll - Ok C:\WINDOWS\system32\dllcache\devcon32.dll - Ok C:\WINDOWS\system32\dllcache\deskmon.dll - Ok C:\WINDOWS\system32\dllcache\dfe650d.sys - Ok C:\WINDOWS\system32\dllcache\dfe650.sys - Ok >C:\WINDOWS\system32\dllcache\dfrgres.dll is BINARYRES container C:\WINDOWS\system32\dllcache\dfrgres.dll - container C:\WINDOWS\system32\dllcache\dfrgsnap.dll - Ok C:\WINDOWS\system32\dllcache\dfrgfat.exe - Ok C:\WINDOWS\system32\dllcache\dfrgntfs.exe - Ok C:\WINDOWS\system32\dllcache\dgapci.sys - Ok C:\WINDOWS\system32\dllcache\dfsshlex.dll - Ok C:\WINDOWS\system32\dllcache\dfrgui.dll - Ok C:\WINDOWS\system32\dllcache\devmgr.dll - Ok C:\WINDOWS\system32\dllcache\dgnet.dll - Ok C:\WINDOWS\system32\dllcache\dhcpcsvc.dll - Ok C:\WINDOWS\system32\dllcache\dgsetup.dll - Ok C:\WINDOWS\system32\dllcache\dhcpsapi.dll - Ok C:\WINDOWS\system32\dllcache\dhcpqec.dll - Ok C:\WINDOWS\system32\dllcache\dgrpsetu.dll - Ok C:\WINDOWS\system32\dllcache\devldr32.exe - Ok C:\WINDOWS\system32\dllcache\dhtmled.ocx - Ok C:\WINDOWS\system32\dllcache\dhcpmon.dll - Ok C:\WINDOWS\system32\dllcache\diantz.exe - Ok C:\WINDOWS\system32\dllcache\dgconfig.dll - Ok C:\WINDOWS\system32\dllcache\diapi2.sys - Ok C:\WINDOWS\system32\dllcache\diactfrm.dll - Ok C:\WINDOWS\system32\dllcache\digest.dll - Ok C:\WINDOWS\system32\dllcache\digiasyn.sys - Ok C:\WINDOWS\system32\dllcache\digiasyn.dll - Ok C:\WINDOWS\system32\dllcache\digifep5.sys - Ok C:\WINDOWS\system32\dllcache\dialer.exe - Ok C:\WINDOWS\system32\dllcache\digidxb.sys - Ok C:\WINDOWS\system32\dllcache\digidbp.dll - Ok C:\WINDOWS\system32\dllcache\digifwrk.dll - Ok C:\WINDOWS\system32\dllcache\digiisdn.dll - Ok C:\WINDOWS\system32\dllcache\digiisdn.sys - Ok C:\WINDOWS\system32\dllcache\digihlc.dll - Ok C:\WINDOWS\system32\dllcache\digiinf.dll - Ok C:\WINDOWS\system32\dllcache\digirlpt.sys - Ok C:\WINDOWS\system32\dllcache\dimaint.sys - Ok C:\WINDOWS\system32\dllcache\dimap.dll - Ok C:\WINDOWS\system32\dllcache\digirlpt.dll - Ok C:\WINDOWS\system32\dllcache\dimsntfy.dll - Ok C:\WINDOWS\system32\dllcache\dimsroam.dll - Ok C:\WINDOWS\system32\dllcache\diapi2NT.dll - Ok C:\WINDOWS\system32\dllcache\disk.sys - Ok C:\WINDOWS\system32\dllcache\diskdump.sys - Ok C:\WINDOWS\system32\dllcache\directdb.dll - Ok C:\WINDOWS\system32\dllcache\dinput.dll - Ok C:\WINDOWS\system32\dllcache\diskperf.exe - Ok C:\WINDOWS\system32\dllcache\dinput8.dll - Ok C:\WINDOWS\system32\dllcache\dispex.dll - Ok C:\WINDOWS\system32\dllcache\disrvci.dll - Ok C:\WINDOWS\system32\dllcache\disrvpp.dll - Ok C:\WINDOWS\system32\dllcache\disrvsu.dll - Ok C:\WINDOWS\system32\dllcache\diskpart.exe - Ok >C:\WINDOWS\system32\dllcache\divaci.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\divasu.dll - Ok C:\WINDOWS\system32\dllcache\divaci.dll - Ok C:\WINDOWS\system32\dllcache\digiview.exe - Ok C:\WINDOWS\system32\dllcache\divaprop.dll - Ok C:\WINDOWS\system32\dllcache\dlh5xnd5.sys - Ok C:\WINDOWS\system32\dllcache\dllhst3g.exe - Ok C:\WINDOWS\system32\dllcache\dlttape.sys - Ok C:\WINDOWS\system32\dllcache\dm9pci5.sys - Ok C:\WINDOWS\system32\dllcache\dllhost.exe - Ok C:\WINDOWS\system32\dllcache\dmband.dll - Ok C:\WINDOWS\system32\dllcache\ditrace.exe - Ok C:\WINDOWS\system32\dllcache\dlimport.exe - Ok C:\WINDOWS\system32\dllcache\dmadmin.exe - Ok C:\WINDOWS\system32\dllcache\dmcompos.dll - Ok C:\WINDOWS\system32\dllcache\diskcopy.dll - Ok C:\WINDOWS\system32\dllcache\dmboot.sys - Ok C:\WINDOWS\system32\dllcache\diwan.sys - Ok C:\WINDOWS\system32\dllcache\dmconfig.dll - Ok C:\WINDOWS\system32\dllcache\dmintf.dll - Ok C:\WINDOWS\system32\dllcache\dmdskres.dll - Ok C:\WINDOWS\system32\dllcache\dmload.sys - Ok C:\WINDOWS\system32\dllcache\dmdlgs.dll - Ok C:\WINDOWS\system32\dllcache\dmocx.dll - Ok C:\WINDOWS\system32\dllcache\dmdskmgr.dll - Ok C:\WINDOWS\system32\dllcache\dmloader.dll - Ok C:\WINDOWS\system32\dllcache\dmime.dll - Ok C:\WINDOWS\system32\dllcache\dmio.sys - Ok C:\WINDOWS\system32\dllcache\dmscript.dll - Ok C:\WINDOWS\system32\dllcache\dmserver.dll - Ok >C:\WINDOWS\system32\dllcache\dmutil.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\dmusic.sys - Ok C:\WINDOWS\system32\dllcache\dmsynth.dll - Ok C:\WINDOWS\system32\dllcache\dmstyle.dll - Ok C:\WINDOWS\system32\dllcache\dmview.ocx - Ok C:\WINDOWS\system32\dllcache\dmusic.dll - Ok C:\WINDOWS\system32\dllcache\dmutil.dll - Ok C:\WINDOWS\system32\dllcache\dmremote.exe - Ok C:\WINDOWS\system32\dllcache\dosapp.fon - Ok C:\WINDOWS\system32\dllcache\dosx.exe - Ok C:\WINDOWS\system32\dllcache\doskey.exe - Ok C:\WINDOWS\system32\dllcache\docprop.dll - Ok C:\WINDOWS\system32\dllcache\dnsrslvr.dll - Ok C:\WINDOWS\system32\dllcache\docprop2.dll - Ok C:\WINDOWS\system32\dllcache\dot3api.dll - Ok C:\WINDOWS\system32\dllcache\dnsapi.dll - Ok C:\WINDOWS\system32\dllcache\dot3cfg.dll - Ok C:\WINDOWS\system32\dllcache\dot3dlg.dll - Ok C:\WINDOWS\system32\dllcache\dot3clnt.dll - Ok C:\WINDOWS\system32\dllcache\dot3msm.dll - Ok C:\WINDOWS\system32\dllcache\dot4usb.sys - Ok C:\WINDOWS\system32\dllcache\dot4prt.sys - Ok C:\WINDOWS\system32\dllcache\dot4scan.sys - Ok C:\WINDOWS\system32\dllcache\dp83820.sys - Ok C:\WINDOWS\system32\dllcache\dpcdll.dll - Ok C:\WINDOWS\system32\dllcache\dplay.dll - Ok C:\WINDOWS\system32\dllcache\dot3svc.dll - Ok C:\WINDOWS\system32\dllcache\dpmodemx.dll - Ok C:\WINDOWS\system32\dllcache\dpnaddr.dll - Ok C:\WINDOWS\system32\dllcache\dot4.sys - Ok C:\WINDOWS\system32\dllcache\dplaysvr.exe - Ok C:\WINDOWS\system32\dllcache\dpnlobby.dll - Ok C:\WINDOWS\system32\dllcache\dpnhpast.dll - Ok C:\WINDOWS\system32\dllcache\dpnhupnp.dll - Ok C:\WINDOWS\system32\dllcache\dot3ui.dll - Ok C:\WINDOWS\system32\dllcache\dplayx.dll - Ok C:\WINDOWS\system32\dllcache\dpnmodem.dll - Ok C:\WINDOWS\system32\dllcache\dpti2o.sys - Ok C:\WINDOWS\system32\dllcache\dpvacm.dll - Ok C:\WINDOWS\system32\dllcache\dpserial.dll - Ok C:\WINDOWS\system32\dllcache\dpnsvr.exe - Ok C:\WINDOWS\system32\dllcache\dpnet.dll - Ok C:\WINDOWS\system32\dllcache\dpvsetup.exe - Ok C:\WINDOWS\system32\dllcache\dpnwsock.dll - Ok C:\WINDOWS\system32\dllcache\dpwsock.dll - Ok C:\WINDOWS\system32\dllcache\drmkaud.sys - Ok C:\WINDOWS\system32\dllcache\dpvvox.dll - Ok C:\WINDOWS\system32\dllcache\drmk.sys - Ok C:\WINDOWS\system32\dllcache\dpvoice.dll - Ok C:\WINDOWS\system32\dllcache\dpwsockx.dll - Ok C:\WINDOWS\system32\dllcache\drvmain.sdb - Ok C:\WINDOWS\system32\dllcache\drprov.dll - Ok C:\WINDOWS\system32\dllcache\drwatson.exe - Ok C:\WINDOWS\system32\dllcache\drmstor.dll - Ok C:\WINDOWS\system32\dllcache\ds16gt.dll - Ok C:\WINDOWS\system32\dllcache\ds32gt.dll - Ok C:\WINDOWS\system32\dllcache\dsauth.dll - Ok C:\WINDOWS\system32\dllcache\drmclien.dll - Ok C:\WINDOWS\system32\dllcache\dshowext.ax - Ok C:\WINDOWS\system32\dllcache\dsdmo.dll - Ok C:\WINDOWS\system32\dllcache\dsdmoprp.dll - Ok C:\WINDOWS\system32\dllcache\dskquota.dll - Ok C:\WINDOWS\system32\dllcache\ds1wdm.sys - Ok C:\WINDOWS\system32\dllcache\drwtsn32.exe - Ok C:\WINDOWS\system32\dllcache\dskquoui.dll - Ok C:\WINDOWS\system32\dllcache\dsprov.dll - Ok C:\WINDOWS\system32\dllcache\dsprop.dll - Ok C:\WINDOWS\system32\dllcache\dsprpres.dll - Ok C:\WINDOWS\system32\dllcache\dssec.dll - Ok C:\WINDOWS\system32\dllcache\dssenh.dll - Ok C:\WINDOWS\system32\dllcache\dsound.dll - Ok C:\WINDOWS\system32\dllcache\drmv2clt.dll - Ok C:\WINDOWS\system32\dllcache\dswave.dll - Ok C:\WINDOWS\system32\dllcache\dsuiext.dll - Ok C:\WINDOWS\system32\dllcache\dsquery.dll - Ok C:\WINDOWS\system32\dllcache\dwil1033.dll - Ok C:\WINDOWS\system32\dllcache\dumprep.exe - Ok C:\WINDOWS\system32\dllcache\dvdupgrd.exe - Ok C:\WINDOWS\system32\dllcache\dvdplay.exe - Ok C:\WINDOWS\system32\dllcache\dxapi.sys - Ok C:\WINDOWS\system32\dllcache\duser.dll - Ok C:\WINDOWS\system32\dllcache\dwwin.exe - Ok C:\WINDOWS\system32\dllcache\dsound3d.dll - Ok C:\WINDOWS\system32\dllcache\dxg.sys - Ok C:\WINDOWS\system32\dllcache\dxgthk.sys - Ok C:\WINDOWS\system32\dllcache\dx7vb.dll - Ok C:\WINDOWS\system32\dllcache\dxtmsft.dll - Ok C:\WINDOWS\system32\dllcache\dxtrans.dll - Ok C:\WINDOWS\system32\dllcache\e1000nt5.sys - Ok C:\WINDOWS\system32\dllcache\dx8vb.dll - Ok C:\WINDOWS\system32\dllcache\e100isa4.sys - Ok C:\WINDOWS\system32\dllcache\eapolqec.dll - Ok C:\WINDOWS\system32\dllcache\dxmasf.dll - Ok C:\WINDOWS\system32\dllcache\e100b325.sys - Ok C:\WINDOWS\system32\dllcache\eappcfg.dll - Ok C:\WINDOWS\system32\dllcache\eapp3hst.dll - Ok C:\WINDOWS\system32\dllcache\eappgnui.dll - Ok C:\WINDOWS\system32\dllcache\eappprxy.dll - Ok C:\WINDOWS\system32\dllcache\eapqec.dll - Ok C:\WINDOWS\system32\dllcache\dxdiag.exe - Ok >C:\WINDOWS\system32\dllcache\edlin.exe - packed by EXEPACK C:\WINDOWS\system32\dllcache\eapphost.dll - Ok C:\WINDOWS\system32\dllcache\edlin.exe - Ok C:\WINDOWS\system32\dllcache\eapsvc.dll - Ok C:\WINDOWS\system32\dllcache\el574nd4.sys - Ok C:\WINDOWS\system32\dllcache\el515.sys - Ok C:\WINDOWS\system32\dllcache\el556nd5.sys - Ok C:\WINDOWS\system32\dllcache\el589nd5.sys - Ok C:\WINDOWS\system32\dllcache\el575nd5.sys - Ok C:\WINDOWS\system32\dllcache\el656cd5.sys - Ok C:\WINDOWS\system32\dllcache\el656nd5.sys - Ok C:\WINDOWS\system32\dllcache\el656se5.sys - Ok C:\WINDOWS\system32\dllcache\el90xbc5.sys - Ok C:\WINDOWS\system32\dllcache\el90xnd5.sys - Ok C:\WINDOWS\system32\dllcache\el98xn5.sys - Ok C:\WINDOWS\system32\dllcache\edb500.dll - Ok C:\WINDOWS\system32\dllcache\elmsmc.sys - Ok C:\WINDOWS\system32\dllcache\elnk3.sys - Ok C:\WINDOWS\system32\dllcache\em556n4.sys - Ok C:\WINDOWS\system32\dllcache\el99xn51.sys - Ok C:\WINDOWS\system32\dllcache\el656ct5.sys - Ok C:\WINDOWS\system32\dllcache\el985n51.sys - Ok C:\WINDOWS\system32\dllcache\dxdiagn.dll - Ok C:\WINDOWS\system32\dllcache\encapi.dll - Ok C:\WINDOWS\system32\dllcache\enum1394.sys - Ok C:\WINDOWS\system32\dllcache\epro4.sys - Ok C:\WINDOWS\system32\dllcache\els.dll - Ok C:\WINDOWS\system32\dllcache\encdec.dll - Ok C:\WINDOWS\system32\dllcache\epcfw2k.sys - Ok C:\WINDOWS\system32\dllcache\emu10k1m.sys - Ok C:\WINDOWS\system32\dllcache\epstw2k.sys - Ok C:\WINDOWS\system32\dllcache\eqnclass.dll - Ok C:\WINDOWS\system32\dllcache\eqn.sys - Ok C:\WINDOWS\system32\dllcache\ersvc.dll - Ok C:\WINDOWS\system32\dllcache\es1370mp.sys - Ok C:\WINDOWS\system32\dllcache\eqnlogr.exe - Ok C:\WINDOWS\system32\dllcache\es1371mp.sys - Ok C:\WINDOWS\system32\dllcache\eqndiag.exe - Ok C:\WINDOWS\system32\dllcache\es1969.sys - Ok C:\WINDOWS\system32\dllcache\eqnloop.exe - Ok C:\WINDOWS\system32\dllcache\es.dll - Ok C:\WINDOWS\system32\dllcache\es198x.sys - Ok >C:\WINDOWS\system32\dllcache\esentprf.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\esentprf.dll - Ok C:\WINDOWS\system32\dllcache\es56tpi.sys - Ok C:\WINDOWS\system32\dllcache\esentutl.exe - Ok C:\WINDOWS\system32\dllcache\es56hpi.sys - Ok C:\WINDOWS\system32\dllcache\ess.sys - Ok C:\WINDOWS\system32\dllcache\es56cvmp.sys - Ok C:\WINDOWS\system32\dllcache\esent.dll - Ok C:\WINDOWS\system32\dllcache\esucmd.dll - Ok C:\WINDOWS\system32\dllcache\esucm.dll - Ok C:\WINDOWS\system32\dllcache\esuimg.dll - Ok C:\WINDOWS\system32\dllcache\esuimgd.dll - Ok C:\WINDOWS\system32\dllcache\essm2e.sys - Ok C:\WINDOWS\system32\dllcache\esuni.dll - Ok C:\WINDOWS\system32\dllcache\esscli.dll - Ok C:\WINDOWS\system32\dllcache\esunib.dll - Ok C:\WINDOWS\system32\dllcache\et4000.sys - Ok C:\WINDOWS\system32\dllcache\esunid.dll - Ok >C:\WINDOWS\system32\dllcache\events.js is JS-HTML container C:\WINDOWS\system32\dllcache\eventcls.dll - Ok C:\WINDOWS\system32\dllcache\events.js - container C:\WINDOWS\system32\dllcache\eventlog.dll - Ok C:\WINDOWS\system32\dllcache\esent97.dll - Ok C:\WINDOWS\system32\dllcache\evntcmd.exe - Ok C:\WINDOWS\system32\dllcache\evntrprv.dll - Ok C:\WINDOWS\system32\dllcache\evntagnt.dll - Ok C:\WINDOWS\system32\dllcache\ex10.sys - Ok C:\WINDOWS\system32\dllcache\eventvwr.exe - Ok C:\WINDOWS\system32\dllcache\exabyte2.sys - Ok C:\WINDOWS\system32\dllcache\eudcedit.exe - Ok C:\WINDOWS\system32\dllcache\EXCH_adsiisex.dll - Ok C:\WINDOWS\system32\dllcache\EXCH_aqadmin.dll - Ok C:\WINDOWS\system32\dllcache\EXCH_fcachdll.dll - Ok C:\WINDOWS\system32\dllcache\EXCH_ntfsdrv.dll - Ok C:\WINDOWS\system32\dllcache\evntwin.exe - Ok C:\WINDOWS\system32\dllcache\EXCH_mailmsg.dll - Ok C:\WINDOWS\system32\dllcache\EXCH_smtpctrs.dll - Ok >C:\WINDOWS\system32\dllcache\exe2bin.exe - packed by EXEPACK C:\WINDOWS\system32\dllcache\EXCH_regtrace.exe - Ok C:\WINDOWS\system32\dllcache\EXCH_seos.dll - Ok C:\WINDOWS\system32\dllcache\exe2bin.exe - Ok C:\WINDOWS\system32\dllcache\EXCH_snprfdll.dll - Ok >C:\WINDOWS\system32\dllcache\EXCH_scripto.dll is BINARYRES container C:\WINDOWS\system32\dllcache\EXCH_scripto.dll - container >C:\WINDOWS\system32\dllcache\expand.exe - packed by BINARYRES >>C:\WINDOWS\system32\dllcache\expand.exe - packed by MS COMPRESS C:\WINDOWS\system32\dllcache\expand.exe - Ok C:\WINDOWS\system32\dllcache\extmgr.dll - Ok C:\WINDOWS\system32\dllcache\f3ab18xi.sys - Ok C:\WINDOWS\system32\dllcache\f3ahvoas.dll - Ok C:\WINDOWS\system32\dllcache\f3ab18xj.sys - Ok C:\WINDOWS\system32\dllcache\fa410nd5.sys - Ok C:\WINDOWS\system32\dllcache\exts.dll - Ok C:\WINDOWS\system32\dllcache\fa312nd5.sys - Ok >C:\WINDOWS\system32\dllcache\fastopen.exe - packed by EXEPACK C:\WINDOWS\system32\dllcache\extrac32.exe - Ok >>C:\WINDOWS\system32\dllcache\fastopen.exe - packed by COM2EXE C:\WINDOWS\system32\dllcache\fastopen.exe - Ok C:\WINDOWS\system32\dllcache\fc.exe - Ok C:\WINDOWS\system32\dllcache\fdc.sys - Ok C:\WINDOWS\system32\dllcache\faultrep.dll - Ok C:\WINDOWS\system32\dllcache\feclient.dll - Ok C:\WINDOWS\system32\dllcache\expsrv.dll - Ok C:\WINDOWS\system32\dllcache\fastfat.sys - Ok C:\WINDOWS\system32\dllcache\fem556n5.sys - Ok C:\WINDOWS\system32\dllcache\fetnd5.sys - Ok C:\WINDOWS\system32\dllcache\find.exe - Ok C:\WINDOWS\system32\dllcache\findstr.exe - Ok C:\WINDOWS\system32\dllcache\finger.exe - Ok C:\WINDOWS\system32\dllcache\filterpipelineprintproc.dll - Ok C:\WINDOWS\system32\dllcache\fastprox.dll - Ok C:\WINDOWS\system32\dllcache\fips.sys - Ok C:\WINDOWS\system32\dllcache\fixmapi.exe - Ok C:\WINDOWS\system32\dllcache\flpydisk.sys - Ok C:\WINDOWS\system32\dllcache\flattemp.exe - Ok C:\WINDOWS\system32\dllcache\firewall.cpl - Ok C:\WINDOWS\system32\dllcache\fldrclnr.dll - Ok C:\WINDOWS\system32\dllcache\fltlib.dll - Ok C:\WINDOWS\system32\dllcache\fltmc.exe - Ok C:\WINDOWS\system32\dllcache\filemgmt.dll - Ok C:\WINDOWS\system32\dllcache\fmifs.dll - Ok C:\WINDOWS\system32\dllcache\fltmgr.sys - Ok C:\WINDOWS\system32\dllcache\fontsub.dll - Ok C:\WINDOWS\system32\dllcache\fnfilter.dll - Ok C:\WINDOWS\system32\dllcache\forehe.sys - Ok C:\WINDOWS\system32\dllcache\forcedos.exe - Ok C:\WINDOWS\system32\dllcache\fp40ext.dll - Ok C:\WINDOWS\system32\dllcache\fontview.exe - Ok C:\WINDOWS\system32\dllcache\fp4areg.dll - Ok C:\WINDOWS\system32\dllcache\explorer.exe - Ok C:\WINDOWS\system32\dllcache\fp4anscp.dll - Ok C:\WINDOWS\system32\dllcache\fp4avnb.dll - Ok C:\WINDOWS\system32\dllcache\fp4apws.dll - Ok C:\WINDOWS\system32\dllcache\fp4avss.dll - Ok >C:\WINDOWS\system32\dllcache\fontext.dll is BINARYRES container >>C:\WINDOWS\system32\dllcache\fontext.dll\data001 - packed by MS COMPRESS C:\WINDOWS\system32\dllcache\fp4awebs.dll - Ok >>C:\WINDOWS\system32\dllcache\fontext.dll\data002 - packed by MS COMPRESS C:\WINDOWS\system32\dllcache\fontext.dll - container C:\WINDOWS\system32\dllcache\fp4atxt.dll - Ok C:\WINDOWS\system32\dllcache\fp98sadm.exe - Ok C:\WINDOWS\system32\dllcache\fpadmcgi.exe - Ok C:\WINDOWS\system32\dllcache\fpadmdll.dll - Ok C:\WINDOWS\system32\dllcache\fp98swin.exe - Ok C:\WINDOWS\system32\dllcache\fp4amsft.dll - Ok >C:\WINDOWS\system32\dllcache\fp4autl.dll is BINARYRES container C:\WINDOWS\system32\dllcache\fp4autl.dll - container C:\WINDOWS\system32\dllcache\fpexedll.dll - Ok C:\WINDOWS\system32\dllcache\fpencode.dll - Ok C:\WINDOWS\system32\dllcache\fpcount.exe - Ok C:\WINDOWS\system32\dllcache\fpcmbase.sys - Ok C:\WINDOWS\system32\dllcache\fpcibase.sys - Ok C:\WINDOWS\system32\dllcache\fpremadm.exe - Ok C:\WINDOWS\system32\dllcache\framd.ttf - Ok C:\WINDOWS\system32\dllcache\framdit.ttf - Ok C:\WINDOWS\system32\dllcache\framebuf.dll - Ok C:\WINDOWS\system32\dllcache\fpmmcsat.dll - Ok >C:\WINDOWS\system32\dllcache\fp4awel.dll is BINARYRES container C:\WINDOWS\system32\dllcache\fsconins.dll - Ok C:\WINDOWS\system32\dllcache\fp4awel.dll - container C:\WINDOWS\system32\dllcache\fsusd.dll - Ok C:\WINDOWS\system32\dllcache\fpnpbase.sys - Ok C:\WINDOWS\system32\dllcache\fsvga.sys - Ok C:\WINDOWS\system32\dllcache\framedyn.dll - Ok C:\WINDOWS\system32\dllcache\fs_rec.sys - Ok C:\WINDOWS\system32\dllcache\fsutil.exe - Ok C:\WINDOWS\system32\dllcache\fsquirt.exe - Ok C:\WINDOWS\system32\dllcache\ftlx041e.dll - Ok C:\WINDOWS\system32\dllcache\ftp.exe - Ok C:\WINDOWS\system32\dllcache\fpmmc.dll - Ok C:\WINDOWS\system32\dllcache\ftdisk.sys - Ok C:\WINDOWS\system32\dllcache\fwcfg.dll - Ok C:\WINDOWS\system32\dllcache\ftsrch.dll - Ok C:\WINDOWS\system32\dllcache\fuusd.dll - Ok C:\WINDOWS\system32\dllcache\fwdprov.dll - Ok C:\WINDOWS\system32\dllcache\fus2base.sys - Ok C:\WINDOWS\system32\dllcache\freecell.exe - Ok C:\WINDOWS\system32\dllcache\fxscfgwz.dll - Ok C:\WINDOWS\system32\dllcache\fxsclnt.exe - Ok C:\WINDOWS\system32\dllcache\fusbbase.sys - Ok C:\WINDOWS\system32\dllcache\fxscom.dll - Ok C:\WINDOWS\system32\dllcache\fxsclntr.dll - Ok C:\WINDOWS\system32\dllcache\fxsdrv.dll - Ok >C:\WINDOWS\system32\dllcache\fxsevent.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\fxsext32.dll - Ok C:\WINDOWS\system32\dllcache\fxsmon.dll - Ok C:\WINDOWS\system32\dllcache\fxsevent.dll - Ok C:\WINDOWS\system32\dllcache\fxsapi.dll - Ok C:\WINDOWS\system32\dllcache\fxscomex.dll - Ok >C:\WINDOWS\system32\dllcache\fxsres.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\fxsperf.dll - Ok C:\WINDOWS\system32\dllcache\fxscover.exe - Ok C:\WINDOWS\system32\dllcache\fxsres.dll - Ok C:\WINDOWS\system32\dllcache\fxsroute.dll - Ok C:\WINDOWS\system32\dllcache\fxsocm.dll - Ok C:\WINDOWS\system32\dllcache\fxssend.exe - Ok C:\WINDOWS\system32\dllcache\fxssvc.exe - Ok C:\WINDOWS\system32\dllcache\fxst30.dll - Ok C:\WINDOWS\system32\dllcache\fxsui.dll - Ok C:\WINDOWS\system32\dllcache\fxsst.dll - Ok C:\WINDOWS\system32\dllcache\fxstiff.dll - Ok C:\WINDOWS\system32\dllcache\fxswzrd.dll - Ok C:\WINDOWS\system32\dllcache\g200m.sys - Ok C:\WINDOWS\system32\dllcache\g400m.sys - Ok C:\WINDOWS\system32\dllcache\g200d.dll - Ok C:\WINDOWS\system32\dllcache\fxusbase.sys - Ok C:\WINDOWS\system32\dllcache\g711codc.ax - Ok C:\WINDOWS\system32\dllcache\gameenum.sys - Ok C:\WINDOWS\system32\dllcache\fxsxp32.dll - Ok C:\WINDOWS\system32\dllcache\gagp30kx.sys - Ok C:\WINDOWS\system32\dllcache\gdi.exe - Ok C:\WINDOWS\system32\dllcache\geo.nls - Ok C:\WINDOWS\system32\dllcache\gckernel.sys - Ok C:\WINDOWS\system32\dllcache\gcdef.dll - Ok C:\WINDOWS\system32\dllcache\gm.dls - Ok C:\WINDOWS\system32\dllcache\gdi32.dll - Ok C:\WINDOWS\system32\dllcache\glu32.dll - Ok C:\WINDOWS\system32\dllcache\gpkrsrc.dll - Ok C:\WINDOWS\system32\dllcache\getuname.dll - Ok C:\WINDOWS\system32\dllcache\glmf32.dll - Ok C:\WINDOWS\system32\dllcache\gpr400.sys - Ok C:\WINDOWS\system32\dllcache\gpkcsp.dll - Ok C:\WINDOWS\system32\dllcache\grserial.sys - Ok C:\WINDOWS\system32\dllcache\grclass.sys - Ok C:\WINDOWS\system32\dllcache\grpconv.exe - Ok C:\WINDOWS\system32\dllcache\guitrna.dll - Ok C:\WINDOWS\system32\dllcache\guitrn.dll - Ok C:\WINDOWS\system32\dllcache\h323cc.dll - Ok C:\WINDOWS\system32\dllcache\hanja.lex - Ok C:\WINDOWS\system32\dllcache\guitrn_a.dll - Ok C:\WINDOWS\system32\dllcache\hcappres.dll - Ok C:\WINDOWS\system32\dllcache\hccoin.dll - Ok C:\WINDOWS\system32\dllcache\g400d.dll - Ok C:\WINDOWS\system32\dllcache\h323.tsp - Ok C:\WINDOWS\system32\dllcache\help.exe - Ok C:\WINDOWS\system32\dllcache\hanjadic.dll - Ok C:\WINDOWS\system32\dllcache\hdwwiz.cpl - Ok C:\WINDOWS\system32\dllcache\hh.exe - Ok C:\WINDOWS\system32\dllcache\helphost.exe - Ok C:\WINDOWS\system32\dllcache\h323msp.dll - Ok C:\WINDOWS\system32\dllcache\hhsetup.dll - Ok C:\WINDOWS\system32\dllcache\hhctrlui.dll - Ok C:\WINDOWS\system32\dllcache\helpctr.exe - Ok C:\WINDOWS\system32\dllcache\hid.dll - Ok C:\WINDOWS\system32\dllcache\hidbatt.sys - Ok >C:\WINDOWS\system32\dllcache\helpsvc.exe is BINARYRES container C:\WINDOWS\system32\dllcache\helpsvc.exe - container C:\WINDOWS\system32\dllcache\hidbth.sys - Ok C:\WINDOWS\system32\dllcache\hhctrl.ocx - Ok C:\WINDOWS\system32\dllcache\hidgame.sys - Ok C:\WINDOWS\system32\dllcache\hidclass.sys - Ok C:\WINDOWS\system32\dllcache\hidir.sys - Ok C:\WINDOWS\system32\dllcache\hidparse.sys - Ok C:\WINDOWS\system32\dllcache\hidusb.sys - Ok C:\WINDOWS\system32\dllcache\hidphone.tsp - Ok C:\WINDOWS\system32\dllcache\hidserv.dll - Ok C:\WINDOWS\system32\dllcache\hidswvd.sys - Ok C:\WINDOWS\system32\dllcache\himem.sys - Ok C:\WINDOWS\system32\dllcache\hlink.dll - Ok C:\WINDOWS\system32\dllcache\hnetmon.dll - Ok C:\WINDOWS\system32\dllcache\hmmapi.dll - Ok C:\WINDOWS\system32\dllcache\hostmib.dll - Ok C:\WINDOWS\system32\dllcache\hcf_msft.sys - Ok C:\WINDOWS\system32\dllcache\hostname.exe - Ok C:\WINDOWS\system32\dllcache\HPCRDP.CAT - Ok C:\WINDOWS\system32\dllcache\home_ss.dll - Ok C:\WINDOWS\system32\dllcache\hnetcfg.dll - Ok C:\WINDOWS\system32\dllcache\hpdigwia.dll - Ok C:\WINDOWS\system32\dllcache\hnetwiz.dll - Ok C:\WINDOWS\system32\dllcache\hpgt21.dll - Ok C:\WINDOWS\system32\dllcache\hotplug.dll - Ok C:\WINDOWS\system32\dllcache\hpgt21tk.dll - Ok C:\WINDOWS\system32\dllcache\hpgt33.dll - Ok C:\WINDOWS\system32\dllcache\hpgt34tk.dll - Ok C:\WINDOWS\system32\dllcache\hpgt33tk.dll - Ok C:\WINDOWS\system32\dllcache\hpgt42tk.dll - Ok C:\WINDOWS\system32\dllcache\hpgt34.dll - Ok C:\WINDOWS\system32\dllcache\hpgt42.dll - Ok C:\WINDOWS\system32\dllcache\hpn.sys - Ok C:\WINDOWS\system32\dllcache\hpgt53tk.dll - Ok C:\WINDOWS\system32\dllcache\hpt4qic.sys - Ok C:\WINDOWS\system32\dllcache\hpsjmcro.dll - Ok C:\WINDOWS\system32\dllcache\hr1w.dll - Ok C:\WINDOWS\system32\dllcache\hpgt53.dll - Ok C:\WINDOWS\system32\dllcache\hpgtmcro.dll - Ok C:\WINDOWS\system32\dllcache\hrtz.dll - Ok C:\WINDOWS\system32\dllcache\hpojwia.dll - Ok C:\WINDOWS\system32\dllcache\hscupd.exe - Ok C:\WINDOWS\system32\dllcache\hsfcisp2.dll - Ok C:\WINDOWS\system32\dllcache\hrtzzm.exe - Ok C:\WINDOWS\system32\dllcache\hsf_amos.sys - Ok C:\WINDOWS\system32\dllcache\hsf_bsc2.sys - Ok C:\WINDOWS\system32\dllcache\hsfbs2s2.sys - Ok C:\WINDOWS\system32\dllcache\hsf_fsks.sys - Ok C:\WINDOWS\system32\dllcache\hsf_faxx.sys - Ok C:\WINDOWS\system32\dllcache\hsf_fall.sys - Ok C:\WINDOWS\system32\dllcache\hsf_inst.dll - Ok C:\WINDOWS\system32\dllcache\hrtzres.dll - Ok C:\WINDOWS\system32\dllcache\hsf_soar.sys - Ok C:\WINDOWS\system32\dllcache\hsf_samp.sys - Ok C:\WINDOWS\system32\dllcache\hsf_tone.sys - Ok C:\WINDOWS\system32\dllcache\hsf_spkp.sys - Ok C:\WINDOWS\system32\dllcache\htrn_jis.dll - Ok C:\WINDOWS\system32\dllcache\hsf_k56k.sys - Ok C:\WINDOWS\system32\dllcache\hsfdpsp2.sys - Ok C:\WINDOWS\system32\dllcache\httpapi.dll - Ok C:\WINDOWS\system32\dllcache\htui.dll - Ok C:\WINDOWS\system32\dllcache\http.sys - Ok C:\WINDOWS\system32\dllcache\hsf_v124.sys - Ok C:\WINDOWS\system32\dllcache\i2omgmt.sys - Ok C:\WINDOWS\system32\dllcache\i2omp.sys - Ok C:\WINDOWS\system32\dllcache\hsf_msft.sys - Ok C:\WINDOWS\system32\dllcache\i740nt5.sys - Ok C:\WINDOWS\system32\dllcache\i8042prt.sys - Ok C:\WINDOWS\system32\dllcache\i740dnt5.dll - Ok C:\WINDOWS\system32\dllcache\hsfcxts2.sys - Ok C:\WINDOWS\system32\dllcache\iacenc.dll - Ok C:\WINDOWS\system32\dllcache\iasacct.dll - Ok C:\WINDOWS\system32\dllcache\i81xnt5.sys - Ok C:\WINDOWS\system32\dllcache\iashlpr.dll - Ok C:\WINDOWS\system32\dllcache\iasads.dll - Ok C:\WINDOWS\system32\dllcache\IASNT4.CAT - Ok >C:\WINDOWS\system32\dllcache\iaspolcy.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\iasnap.dll - Ok C:\WINDOWS\system32\dllcache\i81xdnt5.dll - Ok C:\WINDOWS\system32\dllcache\iaspolcy.dll - Ok C:\WINDOWS\system32\dllcache\iasrad.dll - Ok C:\WINDOWS\system32\dllcache\iassam.dll - Ok C:\WINDOWS\system32\dllcache\iasrecst.dll - Ok C:\WINDOWS\system32\dllcache\iassvcs.dll - Ok C:\WINDOWS\system32\dllcache\ibmexmp.sys - Ok C:\WINDOWS\system32\dllcache\ibmsgnet.dll - Ok C:\WINDOWS\system32\dllcache\iassdo.dll - Ok C:\WINDOWS\system32\dllcache\ibmvcap.sys - Ok C:\WINDOWS\system32\dllcache\ibmtrp.sys - Ok C:\WINDOWS\system32\dllcache\ibmtok.sys - Ok C:\WINDOWS\system32\dllcache\icaapi.dll - Ok C:\WINDOWS\system32\dllcache\icam3ext.dll - Ok C:\WINDOWS\system32\dllcache\icam3.sys - Ok C:\WINDOWS\system32\dllcache\icam4com.dll - Ok C:\WINDOWS\system32\dllcache\icam4ext.dll - Ok C:\WINDOWS\system32\dllcache\icam4usb.sys - Ok C:\WINDOWS\system32\dllcache\icam5com.dll - Ok C:\WINDOWS\system32\dllcache\icam5ext.dll - Ok C:\WINDOWS\system32\dllcache\icfgnt5.dll - Ok C:\WINDOWS\system32\dllcache\icmp.dll - Ok C:\WINDOWS\system32\dllcache\icmui.dll - Ok C:\WINDOWS\system32\dllcache\icam5usb.sys - Ok C:\WINDOWS\system32\dllcache\icm32.dll - Ok C:\WINDOWS\system32\dllcache\icwconn.dll - Ok C:\WINDOWS\system32\dllcache\hwxcht.dll - Ok C:\WINDOWS\system32\dllcache\hwxjpn.dll - Ok C:\WINDOWS\system32\dllcache\icwconn1.exe - Ok C:\WINDOWS\system32\dllcache\icwconn2.exe - Ok C:\WINDOWS\system32\dllcache\icwdl.dll - Ok C:\WINDOWS\system32\dllcache\iconf32.dll - Ok C:\WINDOWS\system32\dllcache\icwphbk.dll - Ok C:\WINDOWS\system32\dllcache\hwxkor.dll - Ok C:\WINDOWS\system32\dllcache\icwdial.dll - Ok C:\WINDOWS\system32\dllcache\icwrmind.exe - Ok C:\WINDOWS\system32\dllcache\icwres.dll - Ok C:\WINDOWS\system32\dllcache\icwhelp.dll - Ok C:\WINDOWS\system32\dllcache\icwutil.dll - Ok C:\WINDOWS\system32\dllcache\idq.dll - Ok C:\WINDOWS\system32\dllcache\ieakui.dll - Ok C:\WINDOWS\system32\dllcache\ieakeng.dll - Ok >C:\WINDOWS\system32\dllcache\icwtutor.exe is BINARYRES container >>C:\WINDOWS\system32\dllcache\icwtutor.exe\data001 is JS-HTML container C:\WINDOWS\system32\dllcache\icwtutor.exe - container C:\WINDOWS\system32\dllcache\ieaksie.dll - Ok C:\WINDOWS\system32\dllcache\ie4uinit.exe - Ok C:\WINDOWS\system32\dllcache\ieencode.dll - Ok C:\WINDOWS\system32\dllcache\ieinfo5.ocx - Ok C:\WINDOWS\system32\dllcache\iedw.exe - Ok C:\WINDOWS\system32\dllcache\iedkcs32.dll - Ok C:\WINDOWS\system32\dllcache\iepeers.dll - Ok C:\WINDOWS\system32\dllcache\ieproxy.dll - Ok C:\WINDOWS\system32\dllcache\iesetup.dll - Ok C:\WINDOWS\system32\dllcache\iexpress.exe - Ok C:\WINDOWS\system32\dllcache\iedvtool.dll - Ok C:\WINDOWS\system32\dllcache\iexplore.exe - Ok C:\WINDOWS\system32\dllcache\igmpagnt.dll - Ok C:\WINDOWS\system32\dllcache\ifsutil.dll - Ok C:\WINDOWS\system32\dllcache\ifmon.dll - Ok C:\WINDOWS\system32\dllcache\ils.dll - Ok C:\WINDOWS\system32\dllcache\iernonce.dll - Ok C:\WINDOWS\system32\dllcache\imagehlp.dll - Ok C:\WINDOWS\system32\dllcache\imapi.sys - Ok C:\WINDOWS\system32\dllcache\iis.dll - Ok C:\WINDOWS\system32\dllcache\imekr.lex - Ok C:\WINDOWS\system32\dllcache\imapi.exe - Ok C:\WINDOWS\system32\dllcache\imekr61.ime - Ok C:\WINDOWS\system32\dllcache\iertutil.dll - Ok C:\WINDOWS\system32\dllcache\imekrcic.dll - Ok C:\WINDOWS\system32\dllcache\imeshare.dll - Ok C:\WINDOWS\system32\dllcache\imekrmbx.dll - Ok C:\WINDOWS\system32\dllcache\imepadsm.dll - Ok C:\WINDOWS\system32\dllcache\imgutil.dll - Ok C:\WINDOWS\system32\dllcache\imekrmig.exe - Ok C:\WINDOWS\system32\dllcache\imjp81.ime - Ok C:\WINDOWS\system32\dllcache\imepadsv.exe - Ok C:\WINDOWS\system32\dllcache\imjpcic.dll - Ok C:\WINDOWS\system32\dllcache\imjpdadm.exe - Ok C:\WINDOWS\system32\dllcache\imjpdct.dll - Ok C:\WINDOWS\system32\dllcache\imjp81k.dll - Ok C:\WINDOWS\system32\dllcache\imjpdsvr.exe - Ok C:\WINDOWS\system32\dllcache\imjpinst.exe - Ok C:\WINDOWS\system32\dllcache\ieframe.dll - Ok C:\WINDOWS\system32\dllcache\imjpcus.dll - Ok C:\WINDOWS\system32\dllcache\imjpdct.exe - Ok C:\WINDOWS\system32\dllcache\imjpmig.exe - Ok C:\WINDOWS\system32\dllcache\imjprw.exe - Ok C:\WINDOWS\system32\dllcache\imjputyc.dll - Ok C:\WINDOWS\system32\dllcache\imjputy.exe - Ok C:\WINDOWS\system32\dllcache\imm32.dll - Ok C:\WINDOWS\system32\dllcache\imlang.dll - Ok C:\WINDOWS\system32\dllcache\imsinsnt.dll - Ok C:\WINDOWS\system32\dllcache\imscinst.exe - Ok C:\WINDOWS\system32\dllcache\imkrinst.exe - Ok C:\WINDOWS\system32\dllcache\inetcfg.dll - Ok C:\WINDOWS\system32\dllcache\inetcplc.dll - Ok C:\WINDOWS\system32\dllcache\imskdic.dll - Ok C:\WINDOWS\system32\dllcache\imjpuex.exe - Ok C:\WINDOWS\system32\dllcache\imskf.dll - Ok C:\WINDOWS\system32\dllcache\inetmib1.dll - Ok C:\WINDOWS\system32\dllcache\inetppui.dll - Ok >C:\WINDOWS\system32\dllcache\inetres.dll is BINARYRES container C:\WINDOWS\system32\dllcache\inetpp.dll - Ok >>C:\WINDOWS\system32\dllcache\inetres.dll\data001 is JS-HTML container C:\WINDOWS\system32\dllcache\inetres.dll - container C:\WINDOWS\system32\dllcache\inetcomm.dll - Ok C:\WINDOWS\system32\dllcache\ini910u.sys - Ok C:\WINDOWS\system32\dllcache\inetwiz.exe - Ok C:\WINDOWS\system32\dllcache\inport.sys - Ok C:\WINDOWS\system32\dllcache\intelide.sys - Ok C:\WINDOWS\system32\dllcache\initpki.dll - Ok C:\WINDOWS\system32\dllcache\intelppm.sys - Ok C:\WINDOWS\system32\dllcache\input.dll - Ok C:\WINDOWS\system32\dllcache\inseng.dll - Ok C:\WINDOWS\system32\dllcache\iologmsg.dll - Ok C:\WINDOWS\system32\dllcache\io8.sys - Ok C:\WINDOWS\system32\dllcache\infosoft.dll - Ok C:\WINDOWS\system32\dllcache\ipconf.tsp - Ok C:\WINDOWS\system32\dllcache\ip5515.sys - Ok C:\WINDOWS\system32\dllcache\ip6fw.sys - Ok C:\WINDOWS\system32\dllcache\inetcpl.cpl - Ok C:\WINDOWS\system32\dllcache\io8ports.dll - Ok C:\WINDOWS\system32\dllcache\ipfltdrv.sys - Ok C:\WINDOWS\system32\dllcache\intl.cpl - Ok C:\WINDOWS\system32\dllcache\ipinip.sys - Ok C:\WINDOWS\system32\dllcache\ipconfig.exe - Ok C:\WINDOWS\system32\dllcache\iprip.dll - Ok C:\WINDOWS\system32\dllcache\iphlpapi.dll - Ok C:\WINDOWS\system32\dllcache\iprop.dll - Ok C:\WINDOWS\system32\dllcache\ipmontr.dll - Ok C:\WINDOWS\system32\dllcache\ipnat.sys - Ok C:\WINDOWS\system32\dllcache\iprtprio.dll - Ok C:\WINDOWS\system32\dllcache\ipsec6.exe - Ok C:\WINDOWS\system32\dllcache\ippromon.dll - Ok C:\WINDOWS\system32\dllcache\ipnathlp.dll - Ok C:\WINDOWS\system32\dllcache\ipsink.ax - Ok C:\WINDOWS\system32\dllcache\iprtrmgr.dll - Ok C:\WINDOWS\system32\dllcache\ipv6.exe - Ok C:\WINDOWS\system32\dllcache\ipsecsvc.dll - Ok C:\WINDOWS\system32\dllcache\ipv6mon.dll - Ok C:\WINDOWS\system32\dllcache\ipsecsnp.dll - Ok C:\WINDOWS\system32\dllcache\ipxrip.dll - Ok C:\WINDOWS\system32\dllcache\ipxroute.exe - Ok C:\WINDOWS\system32\dllcache\ipxmontr.dll - Ok C:\WINDOWS\system32\dllcache\ipxpromn.dll - Ok C:\WINDOWS\system32\dllcache\ipsec.sys - Ok C:\WINDOWS\system32\dllcache\irclass.dll - Ok C:\WINDOWS\system32\dllcache\ipxrtmgr.dll - Ok C:\WINDOWS\system32\dllcache\ipxwan.dll - Ok C:\WINDOWS\system32\dllcache\irenum.sys - Ok C:\WINDOWS\system32\dllcache\ipxsap.dll - Ok C:\WINDOWS\system32\dllcache\irmk7.sys - Ok >C:\WINDOWS\system32\dllcache\irmon.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\ipsmsnap.dll - Ok C:\WINDOWS\system32\dllcache\irsir.sys - Ok C:\WINDOWS\system32\dllcache\irstusb.sys - Ok C:\WINDOWS\system32\dllcache\isapnp.sys - Ok C:\WINDOWS\system32\dllcache\irmon.dll - Ok C:\WINDOWS\system32\dllcache\irda.sys - Ok C:\WINDOWS\system32\dllcache\isrdbg32.dll - Ok C:\WINDOWS\system32\dllcache\irftp.exe - Ok C:\WINDOWS\system32\dllcache\isign32.dll - Ok C:\WINDOWS\system32\dllcache\itircl.dll - Ok C:\WINDOWS\system32\dllcache\irprops.cpl - Ok C:\WINDOWS\system32\dllcache\isignup.exe - Ok C:\WINDOWS\system32\dllcache\ixsso.dll - Ok C:\WINDOWS\system32\dllcache\iyuv_32.dll - Ok C:\WINDOWS\system32\dllcache\itss.dll - Ok C:\WINDOWS\system32\dllcache\joy.cpl - Ok C:\WINDOWS\system32\dllcache\jsproxy.dll - Ok C:\WINDOWS\system32\dllcache\iuengine.dll - Ok C:\WINDOWS\system32\dllcache\kbd101.dll - Ok C:\WINDOWS\system32\dllcache\jupiw.dll - Ok C:\WINDOWS\system32\dllcache\jet500.dll - Ok C:\WINDOWS\system32\dllcache\kbd101a.dll - Ok C:\WINDOWS\system32\dllcache\kbd101b.dll - Ok C:\WINDOWS\system32\dllcache\kbd101c.dll - Ok C:\WINDOWS\system32\dllcache\kbd103.dll - Ok C:\WINDOWS\system32\dllcache\jobexec.dll - Ok C:\WINDOWS\system32\dllcache\kbd106.dll - Ok C:\WINDOWS\system32\dllcache\kbd106n.dll - Ok C:\WINDOWS\system32\dllcache\kbda1.dll - Ok C:\WINDOWS\system32\dllcache\kbda2.dll - Ok C:\WINDOWS\system32\dllcache\kbdarme.dll - Ok C:\WINDOWS\system32\dllcache\kbda3.dll - Ok C:\WINDOWS\system32\dllcache\kbdal.dll - Ok C:\WINDOWS\system32\dllcache\kbdaze.dll - Ok C:\WINDOWS\system32\dllcache\kbdarmw.dll - Ok C:\WINDOWS\system32\dllcache\kbdax2.dll - Ok C:\WINDOWS\system32\dllcache\kbdazel.dll - Ok C:\WINDOWS\system32\dllcache\kbdbe.dll - Ok C:\WINDOWS\system32\dllcache\kbdbene.dll - Ok C:\WINDOWS\system32\dllcache\kbdblr.dll - Ok C:\WINDOWS\system32\dllcache\kbdbr.dll - Ok C:\WINDOWS\system32\dllcache\kbdbhc.dll - Ok C:\WINDOWS\system32\dllcache\kbdbu.dll - Ok C:\WINDOWS\system32\dllcache\kbdca.dll - Ok C:\WINDOWS\system32\dllcache\kbdcan.dll - Ok C:\WINDOWS\system32\dllcache\kbdclass.sys - Ok C:\WINDOWS\system32\dllcache\kbdcr.dll - Ok C:\WINDOWS\system32\dllcache\kbdcz.dll - Ok C:\WINDOWS\system32\dllcache\kbdcz1.dll - Ok C:\WINDOWS\system32\dllcache\kbdcz2.dll - Ok C:\WINDOWS\system32\dllcache\kbdda.dll - Ok C:\WINDOWS\system32\dllcache\kbddiv1.dll - Ok C:\WINDOWS\system32\dllcache\kbddiv2.dll - Ok C:\WINDOWS\system32\dllcache\kbddv.dll - Ok C:\WINDOWS\system32\dllcache\kbdest.dll - Ok C:\WINDOWS\system32\dllcache\kbdes.dll - Ok C:\WINDOWS\system32\dllcache\kbdfa.dll - Ok C:\WINDOWS\system32\dllcache\kbdfc.dll - Ok C:\WINDOWS\system32\dllcache\kbdfr.dll - Ok C:\WINDOWS\system32\dllcache\kbdfi.dll - Ok C:\WINDOWS\system32\dllcache\kbdfo.dll - Ok C:\WINDOWS\system32\dllcache\kbdfi1.dll - Ok C:\WINDOWS\system32\dllcache\kbdgae.dll - Ok C:\WINDOWS\system32\dllcache\kbdgkl.dll - Ok C:\WINDOWS\system32\dllcache\kbdgeo.dll - Ok C:\WINDOWS\system32\dllcache\kbdgr.dll - Ok C:\WINDOWS\system32\dllcache\kbdhe.dll - Ok C:\WINDOWS\system32\dllcache\kbdhe319.dll - Ok C:\WINDOWS\system32\dllcache\kbdhe220.dll - Ok C:\WINDOWS\system32\dllcache\jsdbgui.dll - Ok C:\WINDOWS\system32\dllcache\kbdgr1.dll - Ok C:\WINDOWS\system32\dllcache\kbdhela2.dll - Ok C:\WINDOWS\system32\dllcache\kbdheb.dll - Ok C:\WINDOWS\system32\dllcache\kbdhela3.dll - Ok C:\WINDOWS\system32\dllcache\kbdhid.sys - Ok C:\WINDOWS\system32\dllcache\kbdhept.dll - Ok C:\WINDOWS\system32\dllcache\kbdhu1.dll - Ok C:\WINDOWS\system32\dllcache\kbdhu.dll - Ok C:\WINDOWS\system32\dllcache\kbdibm02.dll - Ok C:\WINDOWS\system32\dllcache\kbdinbe1.dll - Ok C:\WINDOWS\system32\dllcache\kbdindev.dll - Ok C:\WINDOWS\system32\dllcache\kbdinguj.dll - Ok C:\WINDOWS\system32\dllcache\kbdinhin.dll - Ok C:\WINDOWS\system32\dllcache\kbdinkan.dll - Ok C:\WINDOWS\system32\dllcache\kbdic.dll - Ok C:\WINDOWS\system32\dllcache\kbdinben.dll - Ok C:\WINDOWS\system32\dllcache\kbdinmar.dll - Ok C:\WINDOWS\system32\dllcache\kbdinpun.dll - Ok C:\WINDOWS\system32\dllcache\kbdinmal.dll - Ok C:\WINDOWS\system32\dllcache\kbdintam.dll - Ok C:\WINDOWS\system32\dllcache\kbdintel.dll - Ok C:\WINDOWS\system32\dllcache\kbdir.dll - Ok C:\WINDOWS\system32\dllcache\kbdit.dll - Ok C:\WINDOWS\system32\dllcache\kbdiultn.dll - Ok C:\WINDOWS\system32\dllcache\kbdkaz.dll - Ok C:\WINDOWS\system32\dllcache\kbdit142.dll - Ok C:\WINDOWS\system32\dllcache\kbdjpn.dll - Ok C:\WINDOWS\system32\dllcache\kbdkyr.dll - Ok C:\WINDOWS\system32\dllcache\kbdla.dll - Ok C:\WINDOWS\system32\dllcache\kbdkor.dll - Ok C:\WINDOWS\system32\dllcache\kbdlk41a.dll - Ok C:\WINDOWS\system32\dllcache\kbdlk41j.dll - Ok C:\WINDOWS\system32\dllcache\kbdlt.dll - Ok C:\WINDOWS\system32\dllcache\kbdlt1.dll - Ok C:\WINDOWS\system32\dllcache\kbdlv.dll - Ok C:\WINDOWS\system32\dllcache\kbdmac.dll - Ok C:\WINDOWS\system32\dllcache\kbdmaori.dll - Ok C:\WINDOWS\system32\dllcache\kbdlv1.dll - Ok C:\WINDOWS\system32\dllcache\kbdmlt47.dll - Ok C:\WINDOWS\system32\dllcache\kbdmlt48.dll - Ok C:\WINDOWS\system32\dllcache\jscript.dll - Ok C:\WINDOWS\system32\dllcache\kbdne.dll - Ok C:\WINDOWS\system32\dllcache\kbdmon.dll - Ok C:\WINDOWS\system32\dllcache\kbdnec.dll - Ok C:\WINDOWS\system32\dllcache\kbdnec95.dll - Ok C:\WINDOWS\system32\dllcache\kbdno.dll - Ok C:\WINDOWS\system32\dllcache\kbdnecat.dll - Ok C:\WINDOWS\system32\dllcache\kbdnecnt.dll - Ok C:\WINDOWS\system32\dllcache\kbdno1.dll - Ok C:\WINDOWS\system32\dllcache\kbdnepr.dll - Ok C:\WINDOWS\system32\dllcache\kbdpl.dll - Ok C:\WINDOWS\system32\dllcache\kbdpash.dll - Ok C:\WINDOWS\system32\dllcache\kbdru.dll - Ok C:\WINDOWS\system32\dllcache\kbdru1.dll - Ok C:\WINDOWS\system32\dllcache\kbdpl1.dll - Ok C:\WINDOWS\system32\dllcache\kbdpo.dll - Ok C:\WINDOWS\system32\dllcache\kbdsg.dll - Ok C:\WINDOWS\system32\dllcache\kbdsf.dll - Ok C:\WINDOWS\system32\dllcache\kbdro.dll - Ok C:\WINDOWS\system32\dllcache\kbdsl.dll - Ok C:\WINDOWS\system32\dllcache\kbdsl1.dll - Ok C:\WINDOWS\system32\dllcache\kbdsp.dll - Ok C:\WINDOWS\system32\dllcache\kbdsmsfi.dll - Ok C:\WINDOWS\system32\dllcache\kbdsmsno.dll - Ok C:\WINDOWS\system32\dllcache\kbdsyr1.dll - Ok C:\WINDOWS\system32\dllcache\kbdsw.dll - Ok C:\WINDOWS\system32\dllcache\kbdtat.dll - Ok C:\WINDOWS\system32\dllcache\kbdsyr2.dll - Ok C:\WINDOWS\system32\dllcache\kbdth1.dll - Ok C:\WINDOWS\system32\dllcache\kbdth2.dll - Ok C:\WINDOWS\system32\dllcache\kbdth3.dll - Ok C:\WINDOWS\system32\dllcache\kbdtuf.dll - Ok C:\WINDOWS\system32\dllcache\kbdth0.dll - Ok C:\WINDOWS\system32\dllcache\kbdtuq.dll - Ok C:\WINDOWS\system32\dllcache\kbduk.dll - Ok C:\WINDOWS\system32\dllcache\kbdur.dll - Ok C:\WINDOWS\system32\dllcache\kbdukx.dll - Ok C:\WINDOWS\system32\dllcache\kbdus.dll - Ok C:\WINDOWS\system32\dllcache\kbdusl.dll - Ok C:\WINDOWS\system32\dllcache\kbdusr.dll - Ok C:\WINDOWS\system32\dllcache\kbdusx.dll - Ok C:\WINDOWS\system32\dllcache\kbdurdu.dll - Ok C:\WINDOWS\system32\dllcache\kbdusa.dll - Ok C:\WINDOWS\system32\dllcache\kbduzb.dll - Ok C:\WINDOWS\system32\dllcache\kbdycc.dll - Ok C:\WINDOWS\system32\dllcache\kbdvntc.dll - Ok C:\WINDOWS\system32\dllcache\kbdycl.dll - Ok C:\WINDOWS\system32\dllcache\kd1394.dll - Ok C:\WINDOWS\system32\dllcache\kdcom.dll - Ok C:\WINDOWS\system32\dllcache\keyboard.drv - Ok C:\WINDOWS\system32\dllcache\kdsui.dll - Ok C:\WINDOWS\system32\dllcache\keyboard.sys - Ok C:\WINDOWS\system32\dllcache\key01.sys - Ok C:\WINDOWS\system32\dllcache\kmddsp.tsp - Ok C:\WINDOWS\system32\dllcache\kmsvc.dll - Ok C:\WINDOWS\system32\dllcache\kmixer.sys - Ok C:\WINDOWS\system32\dllcache\kerberos.dll - Ok C:\WINDOWS\system32\dllcache\kdsusd.dll - Ok C:\WINDOWS\system32\dllcache\keymgr.dll - Ok C:\WINDOWS\system32\dllcache\korwbrkr.dll - Ok C:\WINDOWS\system32\dllcache\kousd.dll - Ok C:\WINDOWS\system32\dllcache\krnlprov.dll - Ok C:\WINDOWS\system32\dllcache\krnl386.exe - Ok C:\WINDOWS\system32\dllcache\korwbrkr.lex - Ok C:\WINDOWS\system32\dllcache\ksc.nls - Ok C:\WINDOWS\system32\dllcache\ksecdd.sys - Ok C:\WINDOWS\system32\dllcache\ksuser.dll - Ok C:\WINDOWS\system32\dllcache\kstvtune.ax - Ok C:\WINDOWS\system32\dllcache\ks.sys - Ok C:\WINDOWS\system32\dllcache\ktc111.sys - Ok C:\WINDOWS\system32\dllcache\ksxbar.ax - Ok C:\WINDOWS\system32\dllcache\l2store.dll - Ok C:\WINDOWS\system32\dllcache\ksproxy.ax - Ok C:\WINDOWS\system32\dllcache\kswdmcap.ax - Ok C:\WINDOWS\system32\dllcache\lanepic5.sys - Ok C:\WINDOWS\system32\dllcache\label.exe - Ok C:\WINDOWS\system32\dllcache\laprxy.dll - Ok C:\WINDOWS\system32\dllcache\kernel32.dll - Ok C:\WINDOWS\system32\dllcache\lbrtfdc.sys - Ok C:\WINDOWS\system32\dllcache\langwrbk.dll - Ok C:\WINDOWS\system32\dllcache\licmgr10.dll - Ok C:\WINDOWS\system32\dllcache\licwmi.dll - Ok >C:\WINDOWS\system32\dllcache\linkinfo.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\l3codeca.acm - Ok C:\WINDOWS\system32\dllcache\lit220p.sys - Ok C:\WINDOWS\system32\dllcache\lights.exe - Ok C:\WINDOWS\system32\dllcache\linkinfo.dll - Ok C:\WINDOWS\system32\dllcache\lmhsvc.dll - Ok C:\WINDOWS\system32\dllcache\licdll.dll - Ok C:\WINDOWS\system32\dllcache\lmmib2.dll - Ok C:\WINDOWS\system32\dllcache\lmndis3.sys - Ok C:\WINDOWS\system32\dllcache\lne100.sys - Ok C:\WINDOWS\system32\dllcache\lne100tx.sys - Ok C:\WINDOWS\system32\dllcache\loadperf.dll - Ok C:\WINDOWS\system32\dllcache\locale.nls - Ok C:\WINDOWS\system32\dllcache\lhmstsc.exe - Ok C:\WINDOWS\system32\dllcache\lnkstub.exe - Ok C:\WINDOWS\system32\dllcache\localui.dll - Ok C:\WINDOWS\system32\dllcache\lodctr.exe - Ok C:\WINDOWS\system32\dllcache\localspl.dll - Ok C:\WINDOWS\system32\dllcache\localsec.dll - Ok C:\WINDOWS\system32\dllcache\locator.exe - Ok C:\WINDOWS\system32\dllcache\log.dll - Ok C:\WINDOWS\system32\dllcache\lmrt.dll - Ok C:\WINDOWS\system32\dllcache\logoff.exe - Ok C:\WINDOWS\system32\dllcache\loghours.dll - Ok C:\WINDOWS\system32\dllcache\logman.exe - Ok C:\WINDOWS\system32\dllcache\loop.sys - Ok >C:\WINDOWS\system32\dllcache\lpk.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\logagent.exe - Ok C:\WINDOWS\system32\dllcache\lpdsvc.dll - Ok C:\WINDOWS\system32\dllcache\logon.scr - Ok C:\WINDOWS\system32\dllcache\lpq.exe - Ok C:\WINDOWS\system32\dllcache\lpr.exe - Ok C:\WINDOWS\system32\dllcache\lprhelp.dll - Ok C:\WINDOWS\system32\dllcache\lpk.dll - Ok C:\WINDOWS\system32\dllcache\lprmon.dll - Ok C:\WINDOWS\system32\dllcache\lprmonui.dll - Ok C:\WINDOWS\system32\dllcache\lsass.exe - Ok C:\WINDOWS\system32\dllcache\logonui.exe - Ok C:\WINDOWS\system32\dllcache\ltmdmntl.sys - Ok C:\WINDOWS\system32\dllcache\ltmdmnt.sys - Ok C:\WINDOWS\system32\dllcache\lsasrv.dll - Ok C:\WINDOWS\system32\dllcache\ltotape.sys - Ok C:\WINDOWS\system32\dllcache\ltck000c.sys - Ok C:\WINDOWS\system32\dllcache\lhmstscx.dll - Ok C:\WINDOWS\system32\dllcache\ltts1033.lxa - Ok C:\WINDOWS\system32\dllcache\lwadihid.sys - Ok C:\WINDOWS\system32\dllcache\lz32.dll - Ok C:\WINDOWS\system32\dllcache\lzexpand.dll - Ok C:\WINDOWS\system32\dllcache\lwusbhid.sys - Ok C:\WINDOWS\system32\dllcache\l_except.nls - Ok C:\WINDOWS\system32\dllcache\l_intl.nls - Ok C:\WINDOWS\system32\dllcache\m3091dc.dll - Ok C:\WINDOWS\system32\dllcache\ltmdmntt.sys - Ok C:\WINDOWS\system32\dllcache\maestro.sys - Ok C:\WINDOWS\system32\dllcache\m3092dc.dll - Ok C:\WINDOWS\system32\dllcache\magnify.exe - Ok >C:\WINDOWS\system32\dllcache\ltsm.sys - packed by FLY-CODE >C:\WINDOWS\system32\dllcache\ltsmt.sys - packed by FLY-CODE C:\WINDOWS\system32\dllcache\mag_hook.dll - Ok C:\WINDOWS\system32\dllcache\mammoth.sys - Ok C:\WINDOWS\system32\dllcache\makecab.exe - Ok C:\WINDOWS\system32\dllcache\marlett.ttf - Ok C:\WINDOWS\system32\dllcache\main.cpl - Ok C:\WINDOWS\system32\dllcache\mcastmib.dll - Ok C:\WINDOWS\system32\dllcache\MAPIMIG.CAT - Ok C:\WINDOWS\system32\dllcache\mcd.sys - Ok C:\WINDOWS\system32\dllcache\mcdsrv32.dll - Ok C:\WINDOWS\system32\dllcache\mchgrcoi.dll - Ok C:\WINDOWS\system32\dllcache\mcd32.dll - Ok C:\WINDOWS\system32\dllcache\mciavi.drv - Ok C:\WINDOWS\system32\dllcache\mcicda.dll - Ok C:\WINDOWS\system32\dllcache\mciole16.dll - Ok C:\WINDOWS\system32\dllcache\mciqtz32.dll - Ok C:\WINDOWS\system32\dllcache\mciavi32.dll - Ok C:\WINDOWS\system32\dllcache\mciseq.drv - Ok >C:\WINDOWS\system32\dllcache\mciseq.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\mciole32.dll - Ok C:\WINDOWS\system32\dllcache\ltsmt.sys - Ok C:\WINDOWS\system32\dllcache\mciseq.dll - Ok C:\WINDOWS\system32\dllcache\ltsm.sys - Ok C:\WINDOWS\system32\dllcache\mciwave.drv - Ok C:\WINDOWS\system32\dllcache\mciwave.dll - Ok C:\WINDOWS\system32\dllcache\mdlib.wmv - Ok C:\WINDOWS\system32\dllcache\mdhcp.dll - Ok >C:\WINDOWS\system32\dllcache\mem.exe - packed by EXEPACK C:\WINDOWS\system32\dllcache\mem.exe - Ok C:\WINDOWS\system32\dllcache\mdgndis5.sys - Ok C:\WINDOWS\system32\dllcache\memcard.sys - Ok C:\WINDOWS\system32\dllcache\mdminst.dll - Ok C:\WINDOWS\system32\dllcache\memstpci.sys - Ok C:\WINDOWS\system32\dllcache\mf.sys - Ok C:\WINDOWS\system32\dllcache\mdwmdmsp.dll - Ok C:\WINDOWS\system32\dllcache\memgrp.dll - Ok C:\WINDOWS\system32\dllcache\mf3216.dll - Ok C:\WINDOWS\system32\dllcache\luna.mst - Ok C:\WINDOWS\system32\dllcache\metal_ss.dll - Ok C:\WINDOWS\system32\dllcache\mfcsubs.dll - Ok C:\WINDOWS\system32\dllcache\mga.dll - Ok C:\WINDOWS\system32\dllcache\mga.sys - Ok C:\WINDOWS\system32\dllcache\mgaud.dll - Ok C:\WINDOWS\system32\dllcache\mgmtapi.dll - Ok C:\WINDOWS\system32\dllcache\micross.ttf - Ok C:\WINDOWS\system32\dllcache\mgaum.sys - Ok C:\WINDOWS\system32\dllcache\midimap.dll - Ok C:\WINDOWS\system32\dllcache\mfc40u.dll - Ok C:\WINDOWS\system32\dllcache\mfc42u.dll - Ok C:\WINDOWS\system32\dllcache\mfc42.dll - Ok C:\WINDOWS\system32\dllcache\mfc40.dll - Ok C:\WINDOWS\system32\dllcache\miglibnt.dll - Ok C:\WINDOWS\system32\dllcache\migism.dll - Ok C:\WINDOWS\system32\dllcache\migism_a.dll - Ok C:\WINDOWS\system32\dllcache\migisma.dll - Ok C:\WINDOWS\system32\dllcache\migregdb.exe - Ok C:\WINDOWS\system32\dllcache\migload.exe - Ok C:\WINDOWS\system32\dllcache\mimefilt.dll - Ok C:\WINDOWS\system32\dllcache\migisol.exe - Ok C:\WINDOWS\system32\dllcache\migwiz.exe - Ok C:\WINDOWS\system32\dllcache\miniqic.sys - Ok C:\WINDOWS\system32\dllcache\migwiz_a.exe - Ok C:\WINDOWS\system32\dllcache\migwiza.exe - Ok C:\WINDOWS\system32\dllcache\mll_hp.dll - Ok C:\WINDOWS\system32\dllcache\mll_mtf.dll - Ok C:\WINDOWS\system32\dllcache\mlang.dat - Ok C:\WINDOWS\system32\dllcache\mll_qic.dll - Ok C:\WINDOWS\system32\dllcache\mmc30.dll - Ok C:\WINDOWS\system32\dllcache\mmcbase.dll - Ok C:\WINDOWS\system32\dllcache\Mmcfxc.dll - Ok C:\WINDOWS\system32\dllcache\mmcex.dll - Ok C:\WINDOWS\system32\dllcache\mmcperf.exe - Ok C:\WINDOWS\system32\dllcache\mlang.dll - Ok C:\WINDOWS\system32\dllcache\mmdrv.dll - Ok C:\WINDOWS\system32\dllcache\mmfutil.dll - Ok C:\WINDOWS\system32\dllcache\mmsystem.dll - Ok C:\WINDOWS\system32\dllcache\migrate.exe - Ok C:\WINDOWS\system32\dllcache\mmtask.tsk - Ok C:\WINDOWS\system32\dllcache\mmcshext.dll - Ok C:\WINDOWS\system32\dllcache\mnmdd.dll - Ok C:\WINDOWS\system32\dllcache\mnmdd.sys - Ok C:\WINDOWS\system32\dllcache\mmutilse.dll - Ok C:\WINDOWS\system32\dllcache\mnmsrvc.exe - Ok C:\WINDOWS\system32\dllcache\modem.sys - Ok C:\WINDOWS\system32\dllcache\mobsync.dll - Ok C:\WINDOWS\system32\dllcache\mmsys.cpl - Ok C:\WINDOWS\system32\dllcache\modern.fon - Ok C:\WINDOWS\system32\dllcache\modemcsa.sys - Ok C:\WINDOWS\system32\dllcache\mofcomp.exe - Ok C:\WINDOWS\system32\dllcache\mobsync.exe - Ok C:\WINDOWS\system32\dllcache\modex.dll - Ok C:\WINDOWS\system32\dllcache\mouclass.sys - Ok C:\WINDOWS\system32\dllcache\mouhid.sys - Ok C:\WINDOWS\system32\dllcache\mountmgr.sys - Ok C:\WINDOWS\system32\dllcache\modemui.dll - Ok C:\WINDOWS\system32\dllcache\moricons.dll - Ok C:\WINDOWS\system32\dllcache\mofd.dll - Ok >C:\WINDOWS\system32\dllcache\mmc.exe is BINARYRES container >>C:\WINDOWS\system32\dllcache\mmc.exe\data001 is JS-HTML container C:\WINDOWS\system32\dllcache\mouse.drv - Ok C:\WINDOWS\system32\dllcache\mountvol.exe - Ok >>C:\WINDOWS\system32\dllcache\mmc.exe\data002 is JS-HTML container C:\WINDOWS\system32\dllcache\mpe.sys - Ok >>C:\WINDOWS\system32\dllcache\mmc.exe\data003 is JS-HTML container >>C:\WINDOWS\system32\dllcache\mmc.exe\data004 is JS-HTML container >>C:\WINDOWS\system32\dllcache\mmc.exe\data005 is JS-HTML container C:\WINDOWS\system32\dllcache\mpg2data.ax - Ok >>C:\WINDOWS\system32\dllcache\mmc.exe\data006 is JS-HTML container C:\WINDOWS\system32\dllcache\mp43dmod.dll - Ok C:\WINDOWS\system32\dllcache\mmc.exe - container C:\WINDOWS\system32\dllcache\mp4sdmod.dll - Ok C:\WINDOWS\system32\dllcache\mpg2splt.ax - Ok C:\WINDOWS\system32\dllcache\mplayer2.cnt - Ok C:\WINDOWS\system32\dllcache\mpg4dmod.dll - Ok C:\WINDOWS\system32\dllcache\mplayer2.exe - Ok C:\WINDOWS\system32\dllcache\mpg4ds32.ax - Ok C:\WINDOWS\system32\dllcache\mplayer2.hlp - Ok >C:\WINDOWS\system32\dllcache\mmcndmgr.dll is BINARYRES container >>C:\WINDOWS\system32\dllcache\mmcndmgr.dll\data001 is JS-HTML container C:\WINDOWS\system32\dllcache\mplogo.gif - Ok C:\WINDOWS\system32\dllcache\mplogoh.gif - Ok C:\WINDOWS\system32\dllcache\mmcndmgr.dll - container C:\WINDOWS\system32\dllcache\mplayer2.inf - Ok C:\WINDOWS\system32\dllcache\mplay32.exe - Ok C:\WINDOWS\system32\dllcache\mpr.dll - Ok C:\WINDOWS\system32\dllcache\mprapi.dll - Ok C:\WINDOWS\system32\dllcache\mprddm.dll - Ok C:\WINDOWS\system32\dllcache\mprdim.dll - Ok C:\WINDOWS\system32\dllcache\mpnotify.exe - Ok C:\WINDOWS\system32\dllcache\mraid35x.sys - Ok C:\WINDOWS\system32\dllcache\mprmsg.dll - Ok C:\WINDOWS\system32\dllcache\mrinfo.exe - Ok C:\WINDOWS\system32\dllcache\mprui.dll - Ok C:\WINDOWS\system32\dllcache\msacm.dll - Ok C:\WINDOWS\system32\dllcache\msaatext.dll - Ok C:\WINDOWS\system32\dllcache\mrxdav.sys - Ok C:\WINDOWS\system32\dllcache\msacm32.dll - Ok C:\WINDOWS\system32\dllcache\msadcer.dll - Ok C:\WINDOWS\system32\dllcache\mpvis.dll - Ok C:\WINDOWS\system32\dllcache\msadcf.dll - Ok C:\WINDOWS\system32\dllcache\msadcfr.dll - Ok C:\WINDOWS\system32\dllcache\msadcor.dll - Ok C:\WINDOWS\system32\dllcache\msadcs.dll - Ok C:\WINDOWS\system32\dllcache\msadco.dll - Ok C:\WINDOWS\system32\dllcache\msadce.dll - Ok C:\WINDOWS\system32\dllcache\mrxsmb.sys - Ok C:\WINDOWS\system32\dllcache\msaddsr.dll - Ok C:\WINDOWS\system32\dllcache\msadds.dll - Ok C:\WINDOWS\system32\dllcache\msader15.dll - Ok C:\WINDOWS\system32\dllcache\msado20.tlb - Ok C:\WINDOWS\system32\dllcache\msado21.tlb - Ok C:\WINDOWS\system32\dllcache\msado25.tlb - Ok C:\WINDOWS\system32\dllcache\msado26.tlb - Ok C:\WINDOWS\system32\dllcache\msado27.tlb - Ok C:\WINDOWS\system32\dllcache\msadds32.ax - Ok C:\WINDOWS\system32\dllcache\msador15.dll - Ok C:\WINDOWS\system32\dllcache\msadrh15.dll - Ok C:\WINDOWS\system32\dllcache\msafd.dll - Ok C:\WINDOWS\system32\dllcache\msadox.dll - Ok C:\WINDOWS\system32\dllcache\msadomd.dll - Ok C:\WINDOWS\system32\dllcache\msasn1.dll - Ok C:\WINDOWS\system32\dllcache\msapsspc.dll - Ok C:\WINDOWS\system32\dllcache\mscat32.dll - Ok C:\WINDOWS\system32\dllcache\msado15.dll - Ok C:\WINDOWS\system32\dllcache\mscdexnt.exe - Ok C:\WINDOWS\system32\dllcache\msaudite.dll - Ok C:\WINDOWS\system32\dllcache\mscms.dll - Ok C:\WINDOWS\system32\dllcache\msconf.dll - Ok C:\WINDOWS\system32\dllcache\mscpx32r.dll - Ok C:\WINDOWS\system32\dllcache\mscpxl32.dll - Ok C:\WINDOWS\system32\dllcache\msaud32.acm - Ok C:\WINDOWS\system32\dllcache\mscandui.dll - Ok C:\WINDOWS\system32\dllcache\msconfig.exe - Ok C:\WINDOWS\system32\dllcache\msctfp.dll - Ok C:\WINDOWS\system32\dllcache\msdadc.dll - Ok C:\WINDOWS\system32\dllcache\moviemk.exe - Ok C:\WINDOWS\system32\dllcache\msdaenum.dll - Ok C:\WINDOWS\system32\dllcache\msdaer.dll - Ok C:\WINDOWS\system32\dllcache\msctfime.ime - Ok C:\WINDOWS\system32\dllcache\msdaorar.dll - Ok C:\WINDOWS\system32\dllcache\msdaprsr.dll - Ok C:\WINDOWS\system32\dllcache\msdadiag.dll - Ok C:\WINDOWS\system32\dllcache\msdaosp.dll - Ok C:\WINDOWS\system32\dllcache\msctf.dll - Ok C:\WINDOWS\system32\dllcache\msdaremr.dll - Ok C:\WINDOWS\system32\dllcache\msdasc.dll - Ok C:\WINDOWS\system32\dllcache\msdaps.dll - Ok C:\WINDOWS\system32\dllcache\msdarem.dll - Ok C:\WINDOWS\system32\dllcache\msdasqlr.dll - Ok C:\WINDOWS\system32\dllcache\msdaprst.dll - Ok C:\WINDOWS\system32\dllcache\msdaora.dll - Ok C:\WINDOWS\system32\dllcache\msdatsrc.tlb - Ok C:\WINDOWS\system32\dllcache\msdaurl.dll - Ok C:\WINDOWS\system32\dllcache\msdart.dll - Ok C:\WINDOWS\system32\dllcache\msdfmap.dll - Ok C:\WINDOWS\system32\dllcache\msdatt.dll - Ok C:\WINDOWS\system32\dllcache\msdmo.dll - Ok C:\WINDOWS\system32\dllcache\msdatl3.dll - Ok C:\WINDOWS\system32\dllcache\msdtcstp.dll - Ok C:\WINDOWS\system32\dllcache\msdtc.exe - Ok C:\WINDOWS\system32\dllcache\msdasql.dll - Ok C:\WINDOWS\system32\dllcache\msdv.sys - Ok C:\WINDOWS\system32\dllcache\msdvbnp.ax - Ok C:\WINDOWS\system32\dllcache\msdtcprx.dll - Ok C:\WINDOWS\system32\dllcache\msdxmlc.dll - Ok C:\WINDOWS\system32\dllcache\msdtcuiu.dll - Ok C:\WINDOWS\system32\dllcache\msdtclog.dll - Ok C:\WINDOWS\system32\dllcache\msfeedsbs.dll - Ok C:\WINDOWS\system32\dllcache\msfs.sys - Ok C:\WINDOWS\system32\dllcache\msfsio.sys - Ok C:\WINDOWS\system32\dllcache\msdtctm.dll - Ok C:\WINDOWS\system32\dllcache\msexch40.dll - Ok C:\WINDOWS\system32\dllcache\msg.exe - Ok C:\WINDOWS\system32\dllcache\msfeeds.dll - Ok C:\WINDOWS\system32\dllcache\msexcl40.dll - Ok C:\WINDOWS\system32\dllcache\msgame.sys - Ok
- January 2, 2013
- 79 replies
Outgoing Malicious IP Blocks. Suspect Infection

MicQsenoch replied to MicQsenoch's topic in Resolved Malware Removal Logs

>>C:\WINDOWS\system32\setupapi.dll - packed by MS COMPRESS C:\WINDOWS\system32\setupapi.dll - Ok C:\WINDOWS\system32\setver.exe - Ok C:\WINDOWS\system32\sethc.exe - Ok C:\WINDOWS\system32\sfc.dll - Ok C:\WINDOWS\system32\sfc.exe - Ok C:\WINDOWS\system32\setupn.exe - Ok C:\WINDOWS\system32\setup.exe - Ok C:\WINDOWS\system32\sfmapi.dll - Ok >C:\WINDOWS\system32\share.exe - packed by EXEPACK >>C:\WINDOWS\system32\share.exe - packed by COM2EXE C:\WINDOWS\system32\share.exe - Ok C:\WINDOWS\system32\shadow.exe - Ok C:\WINDOWS\system32\sfcfiles.dll - Ok C:\WINDOWS\system32\setupdll.dll - Ok C:\WINDOWS\system32\shell.dll - Ok C:\WINDOWS\system32\sfc_os.dll - Ok >C:\WINDOWS\system32\shdoclc.dll is BINARYRES container >>C:\WINDOWS\system32\shdoclc.dll\data001 is JS-HTML container C:\WINDOWS\system32\shfolder.dll - Ok >>C:\WINDOWS\system32\shdoclc.dll\data002 is JS-HTML container >>C:\WINDOWS\system32\shdoclc.dll\data003 is JS-HTML container C:\WINDOWS\system32\shgina.dll - Ok C:\WINDOWS\system32\shellstyle.dll - Ok >>C:\WINDOWS\system32\shdoclc.dll\data004 is JS-HTML container C:\WINDOWS\system32\shiftjis.uce - Ok C:\WINDOWS\system32\shimeng.dll - Ok C:\WINDOWS\system32\shdocvw.dll - Ok >>C:\WINDOWS\system32\shdoclc.dll\data005 is JS-HTML container >>C:\WINDOWS\system32\shdoclc.dll\data006 is JS-HTML container C:\WINDOWS\system32\shdoclc.dll - container C:\WINDOWS\system32\shlwapi.dll - Ok C:\WINDOWS\system32\shmedia.dll - Ok C:\WINDOWS\system32\shrpubw.exe - Ok >C:\WINDOWS\system32\shell32.dll is BINARYRES container >C:\WINDOWS\system32\shimgvw.dll is BINARYRES container >>C:\WINDOWS\system32\shell32.dll\data001 is JS-HTML container C:\WINDOWS\system32\shscrap.dll - Ok >>C:\WINDOWS\system32\shimgvw.dll\data001 is JS-HTML container C:\WINDOWS\system32\shsvcs.dll - Ok >>C:\WINDOWS\system32\shimgvw.dll\data002 is JS-HTML container C:\WINDOWS\system32\shell32.dll - container C:\WINDOWS\system32\shimgvw.dll - container C:\WINDOWS\system32\sigtab.dll - Ok C:\WINDOWS\system32\shmgrate.exe - Ok C:\WINDOWS\system32\simpdata.tlb - Ok C:\WINDOWS\system32\shutdown.exe - Ok C:\WINDOWS\system32\sisbkup.dll - Ok C:\WINDOWS\system32\skdll.dll - Ok C:\WINDOWS\system32\sigverif.exe - Ok C:\WINDOWS\system32\slayerxp.dll - Ok C:\WINDOWS\system32\slbrccsp.dll - Ok C:\WINDOWS\system32\slbiop.dll - Ok C:\WINDOWS\system32\slcoinst.dll - Ok C:\WINDOWS\system32\skeys.exe - Ok C:\WINDOWS\system32\slbcsp.dll - Ok C:\WINDOWS\system32\slgen.dll - Ok C:\WINDOWS\system32\slserv.exe - Ok C:\WINDOWS\system32\sl_anet.acm - Ok C:\WINDOWS\system32\smbinst.exe - Ok C:\WINDOWS\system32\slextspk.dll - Ok C:\WINDOWS\system32\smss.exe - Ok C:\WINDOWS\system32\smlogsvc.exe - Ok C:\WINDOWS\system32\snmpapi.dll - Ok C:\WINDOWS\system32\sndrec32.exe - Ok C:\WINDOWS\system32\softpub.dll - Ok C:\WINDOWS\system32\sndvol32.exe - Ok C:\WINDOWS\system32\smlogcfg.dll - Ok C:\WINDOWS\system32\sortkey.nls - Ok C:\WINDOWS\system32\sorttbls.nls - Ok C:\WINDOWS\system32\sound.drv - Ok C:\WINDOWS\system32\sort.exe - Ok C:\WINDOWS\system32\snmpsnap.dll - Ok C:\WINDOWS\system32\spmsg.dll - Ok C:\WINDOWS\system32\slrundll.exe - Ok C:\WINDOWS\system32\spdwnwxp.exe - Ok C:\WINDOWS\system32\spnpinst.exe - Ok C:\WINDOWS\system32\spoolss.dll - Ok C:\WINDOWS\system32\spnike.dll - Ok C:\WINDOWS\system32\sol.exe - Ok C:\WINDOWS\system32\sprestrt.exe - Ok C:\WINDOWS\system32\spider.exe - Ok C:\WINDOWS\system32\sprio600.dll - Ok C:\WINDOWS\system32\spupdsvc.exe - Ok C:\WINDOWS\system32\spupdwxp.log - Ok C:\WINDOWS\system32\spupdwxp.exe - Ok >C:\WINDOWS\system32\sqlsodbc.chm is CHM container C:\WINDOWS\system32\spxcoins.dll - Ok C:\WINDOWS\system32\sprio800.dll - Ok C:\WINDOWS\system32\spoolsv.exe - Ok C:\WINDOWS\system32\sqlsrv32.rll - Ok C:\WINDOWS\system32\sqlwid.dll - Ok C:\WINDOWS\system32\sqlsrv32.dll - Ok C:\WINDOWS\system32\sqlwoa.dll - Ok C:\WINDOWS\system32\srclient.dll - Ok >>C:\WINDOWS\system32\sqlsodbc.chm\Basics\mailto.js is JS-HTML container C:\WINDOWS\system32\sqlunirl.dll - Ok C:\WINDOWS\system32\srvsvc.dll - Ok C:\WINDOWS\system32\srsvc.dll - Ok >>C:\WINDOWS\system32\sqlsodbc.chm\Basics\shared.js is JS-HTML container C:\WINDOWS\system32\srrstr.dll - Ok C:\WINDOWS\system32\ssdpapi.dll - Ok C:\WINDOWS\system32\sqlsodbc.chm - container C:\WINDOWS\system32\ssdpsrv.dll - Ok C:\WINDOWS\system32\ssbezier.scr - Ok C:\WINDOWS\system32\ssmarque.scr - Ok >C:\WINDOWS\system32\ss3dfo.scr is ZLIB container C:\WINDOWS\system32\ssmyst.scr - Ok C:\WINDOWS\system32\ssflwbox.scr - Ok C:\WINDOWS\system32\ss3dfo.scr - container C:\WINDOWS\system32\stclient.dll - Ok C:\WINDOWS\system32\stdole2.tlb - Ok C:\WINDOWS\system32\ssstars.scr - Ok C:\WINDOWS\system32\stdole32.tlb - Ok C:\WINDOWS\system32\sti.dll - Ok C:\WINDOWS\system32\stimon.exe - Ok C:\WINDOWS\system32\ssmypics.scr - Ok C:\WINDOWS\system32\storage.dll - Ok C:\WINDOWS\system32\sti_ci.dll - Ok C:\WINDOWS\system32\sspipes.scr - Ok C:\WINDOWS\system32\stobject.dll - Ok C:\WINDOWS\system32\streamci.dll - Ok C:\WINDOWS\system32\storprop.dll - Ok C:\WINDOWS\system32\sstext3d.scr - Ok C:\WINDOWS\system32\strmfilt.dll - Ok C:\WINDOWS\system32\subrange.uce - Ok C:\WINDOWS\system32\subst.exe - Ok C:\WINDOWS\system32\svcpack.dll - Ok C:\WINDOWS\system32\svchost.exe - Ok C:\WINDOWS\system32\synceng.dll - Ok C:\WINDOWS\system32\strmdll.dll - Ok C:\WINDOWS\system32\swprv.dll - Ok C:\WINDOWS\system32\syncui.dll - Ok C:\WINDOWS\system32\sysedit.exe - Ok C:\WINDOWS\system32\sxs.dll - Ok C:\WINDOWS\system32\sysinv.dll - Ok C:\WINDOWS\system32\syncapp.exe - Ok C:\WINDOWS\system32\sysdm.cpl - Ok C:\WINDOWS\system32\sysprint.sep - Ok C:\WINDOWS\system32\sysprtj.sep - Ok C:\WINDOWS\system32\syskey.exe - Ok C:\WINDOWS\system32\system.drv - Ok C:\WINDOWS\system32\sysmon.ocx - Ok C:\WINDOWS\system32\sysocmgr.exe - Ok C:\WINDOWS\system32\systray.exe - Ok C:\WINDOWS\system32\tapi.dll - Ok C:\WINDOWS\system32\tapiperf.dll - Ok C:\WINDOWS\system32\t2embed.dll - Ok C:\WINDOWS\system32\tapi32.dll - Ok C:\WINDOWS\system32\tapiui.dll - Ok C:\WINDOWS\system32\syssetup.dll - Ok C:\WINDOWS\system32\tapisrv.dll - Ok C:\WINDOWS\system32\taskman.exe - Ok C:\WINDOWS\system32\tcpmib.dll - Ok C:\WINDOWS\system32\tcpmon.dll - Ok C:\WINDOWS\system32\tcmsetup.exe - Ok C:\WINDOWS\system32\tcpmonui.dll - Ok C:\WINDOWS\system32\tcpsvcs.exe - Ok C:\WINDOWS\system32\tcpmon.ini - Ok C:\WINDOWS\system32\taskmgr.exe - Ok C:\WINDOWS\system32\telephon.cpl - Ok C:\WINDOWS\system32\tdc.ocx - Ok C:\WINDOWS\system32\tftp.exe - Ok >C:\WINDOWS\system32\telnet.exe - packed by FLY-CODE C:\WINDOWS\system32\termsrv.dll - Ok C:\WINDOWS\system32\ticrf.rat - Ok C:\WINDOWS\system32\telnet.exe - Ok C:\WINDOWS\system32\themeui.dll - Ok C:\WINDOWS\system32\timer.drv - Ok C:\WINDOWS\system32\termmgr.dll - Ok C:\WINDOWS\system32\toolhelp.dll - Ok C:\WINDOWS\system32\tapi3.dll - Ok C:\WINDOWS\system32\tracert.exe - Ok C:\WINDOWS\system32\traffic.dll - Ok C:\WINDOWS\system32\tracert6.exe - Ok C:\WINDOWS\system32\timedate.cpl - Ok C:\WINDOWS\system32\tree.com - Ok C:\WINDOWS\system32\tsbyuv.dll - Ok C:\WINDOWS\system32\tourstart.exe - Ok C:\WINDOWS\system32\tscfgwmi.dll - Ok C:\WINDOWS\system32\tscon.exe - Ok C:\WINDOWS\system32\tsappcmp.dll - Ok C:\WINDOWS\system32\trkwks.dll - Ok C:\WINDOWS\system32\tsd32.dll - Ok C:\WINDOWS\system32\tsddd.dll - Ok C:\WINDOWS\system32\tslabels.h - Ok C:\WINDOWS\system32\tsdiscon.exe - Ok C:\WINDOWS\system32\tskill.exe - Ok C:\WINDOWS\system32\tsgqec.dll - Ok C:\WINDOWS\system32\tssoft32.acm - Ok C:\WINDOWS\system32\tslabels.ini - Ok C:\WINDOWS\system32\tsshutdn.exe - Ok C:\WINDOWS\system32\TsWpfWrp.exe - Ok C:\WINDOWS\system32\tspkg.dll - Ok C:\WINDOWS\system32\twext.dll - Ok C:\WINDOWS\system32\TZLog.log - Ok C:\WINDOWS\system32\typelib.dll - Ok C:\WINDOWS\system32\tscupgrd.exe - Ok C:\WINDOWS\system32\tzchange.exe - Ok C:\WINDOWS\system32\txflog.dll - Ok C:\WINDOWS\system32\udhisapi.dll - Ok C:\WINDOWS\system32\ufat.dll - Ok C:\WINDOWS\system32\umdmxfrm.dll - Ok C:\WINDOWS\system32\unicode.nls - Ok C:\WINDOWS\system32\umandlg.dll - Ok C:\WINDOWS\system32\ulib.dll - Ok C:\WINDOWS\system32\umpnpmgr.dll - Ok C:\WINDOWS\system32\unimdmat.dll - Ok >C:\WINDOWS\system32\uniplat.dll - packed by FLY-CODE C:\WINDOWS\system32\unimdm.tsp - Ok C:\WINDOWS\system32\unlodctr.exe - Ok C:\WINDOWS\system32\uniplat.dll - Ok C:\WINDOWS\system32\unicows.dll - Ok C:\WINDOWS\system32\uiautomationcore.dll - Ok C:\WINDOWS\system32\upnp.dll - Ok C:\WINDOWS\system32\ups.exe - Ok C:\WINDOWS\system32\upnphost.dll - Ok C:\WINDOWS\system32\ureg.dll - Ok C:\WINDOWS\system32\upnpcont.exe - Ok C:\WINDOWS\system32\untfs.dll - Ok C:\WINDOWS\system32\url.dll - Ok C:\WINDOWS\system32\user.exe - Ok C:\WINDOWS\system32\usbmon.dll - Ok C:\WINDOWS\system32\upnpui.dll - Ok C:\WINDOWS\system32\usbui.dll - Ok C:\WINDOWS\system32\userinit.exe - Ok C:\WINDOWS\system32\urlmon.dll - Ok C:\WINDOWS\system32\usp10.dll - Ok C:\WINDOWS\system32\usrcntra.dll - Ok C:\WINDOWS\system32\user32.dll - Ok C:\WINDOWS\system32\usrdpa.dll - Ok C:\WINDOWS\system32\usrcoina.dll - Ok C:\WINDOWS\system32\userenv.dll - Ok C:\WINDOWS\system32\usrlogon.cmd - Ok C:\WINDOWS\system32\usrlbva.dll - Ok C:\WINDOWS\system32\usrfaxa.dll - Ok C:\WINDOWS\system32\usrrtosa.dll - Ok C:\WINDOWS\system32\usrmlnka.exe - Ok C:\WINDOWS\system32\usrprbda.exe - Ok C:\WINDOWS\system32\usrdtea.dll - Ok C:\WINDOWS\system32\usrsdpia.dll - Ok >C:\WINDOWS\system32\usrv42a.dll - packed by FLY-CODE C:\WINDOWS\system32\usrsvpia.dll - Ok C:\WINDOWS\system32\usrshuta.exe - Ok C:\WINDOWS\system32\usrvoica.dll - Ok C:\WINDOWS\system32\usrv80a.dll - Ok C:\WINDOWS\system32\utildll.dll - Ok C:\WINDOWS\system32\usrvpa.dll - Ok C:\WINDOWS\system32\v7vga.rom - Ok C:\WINDOWS\system32\uxtheme.dll - Ok C:\WINDOWS\system32\vbisurf.ax - Ok C:\WINDOWS\system32\vcdex.dll - Ok C:\WINDOWS\system32\usrv42a.dll - Ok C:\WINDOWS\system32\vdmdbg.dll - Ok C:\WINDOWS\system32\ver.dll - Ok C:\WINDOWS\system32\vdmredir.dll - Ok C:\WINDOWS\system32\verifier.dll - Ok C:\WINDOWS\system32\vbscript.dll - Ok C:\WINDOWS\system32\verclsid.exe - Ok C:\WINDOWS\system32\version.dll - Ok C:\WINDOWS\system32\vfpodbc.dll - Ok C:\WINDOWS\system32\verifier.exe - Ok C:\WINDOWS\system32\vga.dll - Ok C:\WINDOWS\system32\vga.drv - Ok C:\WINDOWS\system32\vga256.dll - Ok C:\WINDOWS\system32\View Channels.scf - Ok C:\WINDOWS\system32\vga64k.dll - Ok C:\WINDOWS\system32\vidcap.ax - Ok C:\WINDOWS\system32\vjoy.dll - Ok C:\WINDOWS\system32\vssadmin.exe - Ok C:\WINDOWS\system32\vss_ps.dll - Ok C:\WINDOWS\system32\vssapi.dll - Ok C:\WINDOWS\system32\utilman.exe - Ok C:\WINDOWS\system32\vssvc.exe - Ok C:\WINDOWS\system32\vbajet32.dll - Ok C:\WINDOWS\system32\watchdog.sys - Ok C:\WINDOWS\system32\w32time.dll - Ok C:\WINDOWS\system32\w3ssl.dll - Ok C:\WINDOWS\system32\w32tm.exe - Ok C:\WINDOWS\system32\wbcache.deu - Ok C:\WINDOWS\system32\w32topl.dll - Ok C:\WINDOWS\system32\wbcache.enu - Ok C:\WINDOWS\system32\wbcache.esn - Ok C:\WINDOWS\system32\wbcache.fra - Ok C:\WINDOWS\system32\wbcache.ita - Ok C:\WINDOWS\system32\wbcache.nld - Ok C:\WINDOWS\system32\wbcache.sve - Ok C:\WINDOWS\system32\wbdbase.deu - Ok C:\WINDOWS\system32\wbdbase.enu - Ok C:\WINDOWS\system32\wbdbase.esn - Ok C:\WINDOWS\system32\wbdbase.fra - Ok C:\WINDOWS\system32\wdigest.dll - Ok C:\WINDOWS\system32\wavemsp.dll - Ok C:\WINDOWS\system32\wbdbase.ita - Ok C:\WINDOWS\system32\wbdbase.nld - Ok C:\WINDOWS\system32\wdl.trm - Ok C:\WINDOWS\system32\wbdbase.sve - Ok C:\WINDOWS\system32\wdmaud.drv - Ok C:\WINDOWS\system32\webclnt.dll - Ok C:\WINDOWS\system32\webhits.dll - Ok C:\WINDOWS\system32\webcheck.dll - Ok C:\WINDOWS\system32\wfwnet.drv - Ok >C:\WINDOWS\system32\webfldrs.msi is OLE container C:\WINDOWS\system32\webvw.dll - Ok C:\WINDOWS\system32\wiadss.dll - Ok C:\WINDOWS\system32\wextract.exe - Ok C:\WINDOWS\system32\wiascr.dll - Ok C:\WINDOWS\system32\wiadefui.dll - Ok C:\WINDOWS\system32\wiaacmgr.exe - Ok C:\WINDOWS\system32\wiasf.ax - Ok C:\WINDOWS\system32\wiaservc.dll - Ok C:\WINDOWS\system32\wifeman.dll - Ok C:\WINDOWS\system32\wiavideo.dll - Ok C:\WINDOWS\system32\wiashext.dll - Ok >>C:\WINDOWS\system32\webfldrs.msi\stream001 is CAB archive C:\WINDOWS\system32\webfldrs.msi\stream001 - Ok C:\WINDOWS\system32\webfldrs.msi - Ok C:\WINDOWS\system32\webfldrs.msi - container C:\WINDOWS\system32\wiavusd.dll - Ok C:\WINDOWS\system32\win87em.dll - Ok C:\WINDOWS\system32\win32spl.dll - Ok C:\WINDOWS\system32\win.com - Ok C:\WINDOWS\system32\winbrand.dll - Ok C:\WINDOWS\system32\WindowsLogon.manifest - Ok C:\WINDOWS\system32\winfax.dll - Ok C:\WINDOWS\system32\windowscodecsext.dll - Ok C:\WINDOWS\system32\winhelp.hlp - Ok C:\WINDOWS\system32\winchat.exe - Ok C:\WINDOWS\system32\WinFXDocObj.exe - Ok C:\WINDOWS\system32\win32k.sys - Ok C:\WINDOWS\system32\winipsec.dll - Ok C:\WINDOWS\system32\winhttp.dll - Ok C:\WINDOWS\system32\windowscodecs.dll - Ok C:\WINDOWS\system32\winhlp32.exe - Ok C:\WINDOWS\system32\winmm.dll - Ok C:\WINDOWS\system32\winlogon.exe - Ok C:\WINDOWS\system32\winnls.dll - Ok C:\WINDOWS\system32\wininet.dll - Ok C:\WINDOWS\system32\winmine.exe - Ok C:\WINDOWS\system32\winoldap.mod - Ok >C:\WINDOWS\system32\winrnr.dll - packed by FLY-CODE C:\WINDOWS\system32\winscard.dll - Ok C:\WINDOWS\system32\winsock.dll - Ok C:\WINDOWS\system32\winshfhc.dll - Ok C:\WINDOWS\system32\winrnr.dll - Ok C:\WINDOWS\system32\winspool.exe - Ok C:\WINDOWS\system32\winmsd.exe - Ok >C:\WINDOWS\system32\winsta.dll - packed by FLY-CODE C:\WINDOWS\system32\winstrm.dll - Ok C:\WINDOWS\system32\winspool.drv - Ok C:\WINDOWS\system32\winver.exe - Ok C:\WINDOWS\system32\winsta.dll - Ok C:\WINDOWS\system32\winsrv.dll - Ok C:\WINDOWS\system32\winntbbu.dll - Ok C:\WINDOWS\system32\wintrust.dll - Ok C:\WINDOWS\system32\wlnotify.dll - Ok C:\WINDOWS\system32\wkssvc.dll - Ok C:\WINDOWS\system32\wlanapi.dll - Ok C:\WINDOWS\system32\wldap32.dll - Ok C:\WINDOWS\system32\wmadmod.dll - Ok C:\WINDOWS\system32\wmdmps.dll - Ok C:\WINDOWS\system32\wmasf.dll - Ok C:\WINDOWS\system32\wmerrenu.dll - Ok C:\WINDOWS\system32\wmi.dll - Ok C:\WINDOWS\system32\wmadmoe.dll - Ok C:\WINDOWS\system32\wmimgmt.msc - Ok C:\WINDOWS\system32\wmerror.dll - Ok >C:\WINDOWS\system32\wmiprop.dll - packed by FLY-CODE C:\WINDOWS\system32\wmidx.dll - Ok C:\WINDOWS\system32\wmiprop.dll - Ok C:\WINDOWS\system32\wmdmlog.dll - Ok C:\WINDOWS\system32\wmp.ocx - Ok C:\WINDOWS\system32\wmpcd.dll - Ok C:\WINDOWS\system32\wmpasf.dll - Ok C:\WINDOWS\system32\wmpcore.dll - Ok C:\WINDOWS\system32\WMNetmgr.dll - Ok C:\WINDOWS\system32\wmpdxm.dll - Ok C:\WINDOWS\system32\wmpshell.dll - Ok C:\WINDOWS\system32\wmphoto.dll - Ok C:\WINDOWS\system32\wmpui.dll - Ok C:\WINDOWS\system32\wmploc.dll - Ok C:\WINDOWS\system32\wmsdmoe.dll - Ok C:\WINDOWS\system32\wmsdmod.dll - Ok C:\WINDOWS\system32\wmp.dll - Ok C:\WINDOWS\system32\wmspdmod.dll - Ok C:\WINDOWS\system32\wmspdmoe.dll - Ok C:\WINDOWS\system32\wmsdmoe2.dll - Ok C:\WINDOWS\system32\wmv8ds32.ax - Ok C:\WINDOWS\system32\wmvdmod.dll - Ok C:\WINDOWS\system32\WMVCore.dll - Ok C:\WINDOWS\system32\wmstream.dll - Ok C:\WINDOWS\system32\wowdeb.exe - Ok C:\WINDOWS\system32\wowexec.exe - Ok C:\WINDOWS\system32\wowfax.dll - Ok C:\WINDOWS\system32\wow32.dll - Ok C:\WINDOWS\system32\wpa.bak - Ok C:\WINDOWS\system32\wowfaxui.dll - Ok C:\WINDOWS\system32\wpa.dbl - Ok C:\WINDOWS\system32\wmvds32.ax - Ok C:\WINDOWS\system32\write.exe - Ok C:\WINDOWS\system32\ws2help.dll - Ok C:\WINDOWS\system32\wmvdmoe2.dll - Ok C:\WINDOWS\system32\ws2_32.dll - Ok C:\WINDOWS\system32\wpabaln.exe - Ok C:\WINDOWS\system32\wscsvc.dll - Ok C:\WINDOWS\system32\wshatm.dll - Ok C:\WINDOWS\system32\wpnpinst.exe - Ok C:\WINDOWS\system32\MRT.exe - container C:\WINDOWS\system32\wscript.exe - Ok C:\WINDOWS\system32\wscntfy.exe - Ok C:\WINDOWS\system32\wship6.dll - Ok C:\WINDOWS\system32\wshbth.dll - Ok >C:\WINDOWS\system32\wscui.cpl is ZLIB container C:\WINDOWS\system32\wshnetbs.dll - Ok C:\WINDOWS\system32\wshisn.dll - Ok C:\WINDOWS\system32\wshext.dll - Ok C:\WINDOWS\system32\wshrm.dll - Ok C:\WINDOWS\system32\wshtcpip.dll - Ok C:\WINDOWS\system32\wscui.cpl - container C:\WINDOWS\system32\wshom.ocx - Ok C:\WINDOWS\system32\wsock32.dll - Ok C:\WINDOWS\system32\wshcon.dll - Ok C:\WINDOWS\system32\wuapi.dll.mui - Ok C:\WINDOWS\system32\wtsapi32.dll - Ok C:\WINDOWS\system32\wsnmp32.dll - Ok C:\WINDOWS\system32\wuaucpl.cpl.manifest - Ok >C:\WINDOWS\system32\wuaucpl.cpl - packed by FLY-CODE C:\WINDOWS\system32\wuapi.dll - Ok C:\WINDOWS\system32\wuaucpl.cpl.mui - Ok C:\WINDOWS\system32\wuauclt.exe - Ok C:\WINDOWS\system32\wuaueng.dll.mui - Ok C:\WINDOWS\system32\wuauserv.dll - Ok C:\WINDOWS\system32\wuaucpl.cpl - Ok >C:\WINDOWS\system32\wuauclt1.exe is BINARYRES container >>C:\WINDOWS\system32\wuauclt1.exe\data001 is JS-HTML container C:\WINDOWS\system32\wucltui.dll.mui - Ok C:\WINDOWS\system32\wuauclt1.exe - container C:\WINDOWS\system32\wups.dll - Ok C:\WINDOWS\system32\wuaueng1.dll - Ok C:\WINDOWS\system32\wups2.dll - Ok C:\WINDOWS\system32\wuaueng.dll - Ok C:\WINDOWS\system32\wuweb.dll - Ok C:\WINDOWS\system32\wucltui.dll - Ok C:\WINDOWS\system32\wstdecod.dll - Ok C:\WINDOWS\system32\wzcsapi.dll - Ok >C:\WINDOWS\system32\xactsrv.dll - packed by FLY-CODE C:\WINDOWS\system32\wupdmgr.exe - Ok C:\WINDOWS\system32\XAPOFX1_1.dll - Ok C:\WINDOWS\system32\wzcdlg.dll - Ok C:\WINDOWS\system32\xcopy.exe - Ok C:\WINDOWS\system32\wzcsvc.dll - Ok C:\WINDOWS\system32\xactsrv.dll - Ok C:\WINDOWS\system32\xmllite.dll - Ok C:\WINDOWS\system32\xenroll.dll - Ok C:\WINDOWS\system32\xmlprov.dll - Ok C:\WINDOWS\system32\xmlprovi.dll - Ok C:\WINDOWS\system32\XAudio2_2.dll - Ok C:\WINDOWS\system32\xolehlp.dll - Ok C:\WINDOWS\system32\xpsp1res.dll - Ok C:\WINDOWS\system32\xpsp4res.dll - Ok C:\WINDOWS\system32\xpob2res.dll - Ok >C:\WINDOWS\system32\xpsp3res.dll is BINARYRES container >>C:\WINDOWS\system32\xpsp3res.dll\data001 is JS-HTML container >>C:\WINDOWS\system32\xpsp3res.dll\data002 is JS-HTML container C:\WINDOWS\system32\1033\dwintl.dll - Ok C:\WINDOWS\system32\zipfldr.dll - Ok C:\WINDOWS\system32\CatRoot2\edb.chk - Ok C:\WINDOWS\system32\CatRoot2\edb.log - read error >>C:\WINDOWS\system32\xpsp3res.dll\data004 is JS-HTML container C:\WINDOWS\system32\xpsp3res.dll - container C:\WINDOWS\system32\xpsshhdr.dll - Ok >C:\WINDOWS\system32\xpsp2res.dll is BINARYRES container >>C:\WINDOWS\system32\xpsp2res.dll\data001 is JS-HTML container >>C:\WINDOWS\system32\xpsp2res.dll\data002 is JS-HTML container C:\WINDOWS\system32\CatRoot2\dberr.txt - Ok C:\WINDOWS\system32\CatRoot2\tmp.edb - read error >>C:\WINDOWS\system32\xpsp2res.dll\data003 is JS-HTML container >>C:\WINDOWS\system32\xpsp2res.dll\data004 is JS-HTML container C:\WINDOWS\system32\xpsp2res.dll - container C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\TimeStamp - Ok C:\WINDOWS\system32\CatRoot2\res1.log - Ok C:\WINDOWS\system32\CatRoot2\res2.log - Ok C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TimeStamp - Ok C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\TimeStamp - Ok C:\WINDOWS\system32\CatRoot2\edb0015F.log - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\HPCRDP.CAT - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\IASNT4.CAT - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\fp4.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ims.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ie8.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\1.CAT - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2296011.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2115168.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2345886.cat - Ok C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2347290.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2360937.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2378111.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2387149.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2393802.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2419632.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2440591.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2229593.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2476490.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2478960.cat - Ok C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2478971.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2483185.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2423089.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2506212.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2481109.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2508429.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2509553.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2510531-IE8.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2507938.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2485663.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2443105.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2536276-v2.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2479943.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2564958.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2566454.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2544521-IE8.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2585542.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2584146.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2598479.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2592799.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2570947.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2535512.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2620712.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2544893-v2.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2624667.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2631813.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2619339.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2646524.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2618451.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2653956.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2659262.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2655992.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2661254-v2.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2691442.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2603381.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2686509.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2705219-v2.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2712808.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2719985.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2676562.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2724197.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2661637.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2749655.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2753842-v2.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2758857.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2727528.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2761465-IE8.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2779030.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2723135-v2.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2698365.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2736233.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB888111WXPSP2.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2770660.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2779562.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB892130.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB946648.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB893803v2_wxp.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB950974.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB951748.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB950762.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB952004.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB951978.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB951376-v2.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB952069.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB952954.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB954155.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB954550-v5.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923561.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB955759.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956572.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB926139-v2.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956802.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB955069.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956744.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB952287.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB958869.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956803.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB958644.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956844.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB960225.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB960859.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB967715.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB960803.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB961501.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB959426.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB970430.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB971029.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB969059.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB971657.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB971468.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB961118.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB968389.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973507.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973540.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB970238.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB971961-IE8.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973815.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973869.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB974318.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB972270.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB974392.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB974112.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975025.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975467.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975558.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973687.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB974571.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975713.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973904.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975562.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB976662-IE8.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975561.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB977816.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975560.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB977914.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978695.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978338.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978542.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979309.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978706.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978037.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978601.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979402.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979482.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979559.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979683.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB980232.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB981322.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979687.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB980195.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB982132.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB980218.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB982381-IE8.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB981997.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MAPIMIG.CAT - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msmsgs.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msn7.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB981793.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\mstsweb.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msxpsdrv.CAT - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB981332-IE8.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MW770.CAT - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5IIS.CAT - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5inf.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msn9.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntprint.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem10.CAT - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem0.CAT - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem11.CAT - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB982665.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem7.CAT - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem8.CAT - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem6.CAT - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem2.CAT - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\OEMBIOS.CAT - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\SP2.CAT - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\sp3.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\startoc.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TimeStamp - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\wmerrenu.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem5.CAT - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WIC.cat - Ok C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem9.CAT - Ok C:\WINDOWS\system32\Com\comrereg.exe - Ok C:\WINDOWS\system32\Com\comrepl.exe - Ok C:\WINDOWS\system32\Com\comempty.dat - Ok C:\WINDOWS\system32\Com\comexp.msc - Ok C:\WINDOWS\system32\Com\mtsadmin.tlb - Ok C:\WINDOWS\system32\DRVSTORE\HECI_CC47D7DB081BDADC726A35DD31A48F0D70365DD6\HECI.cat - Ok C:\WINDOWS\system32\DRVSTORE\HECI_CC47D7DB081BDADC726A35DD31A48F0D70365DD6\HECI.inf - Ok C:\WINDOWS\system32\DRVSTORE\SNB2009_5775E781315762F8B8430ECCC7359C226A9DEEC8\SNB2009.cat - Ok C:\WINDOWS\system32\DRVSTORE\SNB2009_5775E781315762F8B8430ECCC7359C226A9DEEC8\SNB2009.inf - Ok C:\WINDOWS\system32\DRVSTORE\cougcore_E839670E2B8E421D8E43C07D82FEE77BCE5DE2FA\cougcore.cat - Ok C:\WINDOWS\system32\DRVSTORE\HECI_CC47D7DB081BDADC726A35DD31A48F0D70365DD6\HECIx64.sys - Ok C:\WINDOWS\system32\DRVSTORE\HECI_CC47D7DB081BDADC726A35DD31A48F0D70365DD6\HECI.sys - Ok C:\WINDOWS\system32\DRVSTORE\cougcore_E839670E2B8E421D8E43C07D82FEE77BCE5DE2FA\cougcore.inf - Ok C:\WINDOWS\system32\Com\comadmin.dll - Ok C:\WINDOWS\system32\DRVSTORE\cougsmb_A898C5300C4E969896DCF896351CD84F4892311E\cougsmb.cat - Ok C:\WINDOWS\system32\DRVSTORE\cougide_A12D2FCAF5A84FB3625271087279B8008B3DE27A\cougide.cat - Ok C:\WINDOWS\system32\DRVSTORE\cougusb_9A94710AD738C3628C36025DA8EFD50E545CB0AA\cougusb.cat - Ok C:\WINDOWS\system32\DRVSTORE\cougide_A12D2FCAF5A84FB3625271087279B8008B3DE27A\cougide.inf - Ok C:\WINDOWS\system32\DirectX\Dinput\actc094.ini - Ok C:\WINDOWS\system32\DRVSTORE\cougsmb_A898C5300C4E969896DCF896351CD84F4892311E\cougsmb.inf - Ok C:\WINDOWS\system32\DRVSTORE\cougusb_9A94710AD738C3628C36025DA8EFD50E545CB0AA\cougusb.inf - Ok C:\WINDOWS\system32\DirectX\Dinput\glmdiggp.png - Ok C:\WINDOWS\system32\DirectX\Dinput\glmda.png - Ok C:\WINDOWS\system32\DirectX\Dinput\act_rs.png - Ok C:\WINDOWS\system32\DirectX\Dinput\gr3001.png - Ok C:\WINDOWS\system32\DirectX\Dinput\glmdiggp.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\gr3001.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\glmda.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\gr4001.png - Ok C:\WINDOWS\system32\DirectX\Dinput\gr4001_g.png - Ok C:\WINDOWS\system32\DirectX\Dinput\gr3001_g.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\gr4005.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\gr4003.png - Ok C:\WINDOWS\system32\DirectX\Dinput\gr4001_g.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\gr4005.png - Ok C:\WINDOWS\system32\DirectX\Dinput\gr4001.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\gr4003.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\ia3002_1.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ia3002_2.png - Ok C:\WINDOWS\system32\DirectX\Dinput\hammer.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\lgc202.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\lgc202.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ia3002.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\lgc209.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\lgc207.png - Ok C:\WINDOWS\system32\DirectX\Dinput\lgc209.png - Ok C:\WINDOWS\system32\DirectX\Dinput\lgc291.ini - Ok C:\WINDOWS\system32\xpssvcs.dll - Ok C:\WINDOWS\system32\DirectX\Dinput\lgc291.png - Ok C:\WINDOWS\system32\DirectX\Dinput\lgc20a.png - Ok C:\WINDOWS\system32\DirectX\Dinput\lgc207.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\ms1b_03.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms1b_01.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms1b_05.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms1b_04.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms1b.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms1b_07.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms1b_06.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms1b_02.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms1b_09.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms1b_08.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms1b_10.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms26_01.png - Ok C:\WINDOWS\system32\DirectX\Dinput\lgc20a.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\ms26_02.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms26.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms26_03.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms26_06.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms26_05.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms26_08.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms26_07.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms26_04.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms1b.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\ms27.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms27_3.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms27_4.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms27_5.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms27_1.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms27_2.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms26.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\ms27.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\ms28_1.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms28_3.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms28_2.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms28_4.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms28.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms28_5.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms28_6.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms28_7.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms28_8.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms34_03.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms34_02.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms34_01.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms34.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms28.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\ms34_04.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms34_08.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms34_07.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms34_05.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms34_06.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms3b_1.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms34.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\ms3b_2.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms3b_4.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms3b_a.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms3b.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\ms3b_3.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms3b_t.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms3b_c.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms3b.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms56_10.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms3b_m.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms56.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms56_3.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms56_2.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms56_1.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms56_6.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms56_4.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms56_5.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms56_7.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms56_8.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms56_9.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms6_1.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms6_2.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms6_10.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms6_4.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms6_3.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms6_5.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms56.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\ms6.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms6_8.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms6_7.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms6_6.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms6_9.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms7_1.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms7_3.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms7_2.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms7.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms7_4.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms7.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\ms7_5.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms7_8.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms7_6.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms7_9.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms7_7.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms6.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\ms8_2.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms8_3.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms8_1.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms8_10.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms8.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms8_4.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms8_7.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms8_5.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms8_6.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms7_g.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\ms8_8.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms8_9.png - Ok C:\WINDOWS\system32\DirectX\Dinput\mse_1.png - Ok C:\WINDOWS\system32\DirectX\Dinput\mse.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms8.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\mse_2.png - Ok C:\WINDOWS\system32\DirectX\Dinput\mse_10.png - Ok C:\WINDOWS\system32\DirectX\Dinput\mse_3.png - Ok C:\WINDOWS\system32\DirectX\Dinput\mse_4.png - Ok C:\WINDOWS\system32\DirectX\Dinput\mse.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\mse_7.png - Ok C:\WINDOWS\system32\DirectX\Dinput\mse_5.png - Ok C:\WINDOWS\system32\DirectX\Dinput\mse_6.png - Ok C:\WINDOWS\system32\DirectX\Dinput\ms8_g.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\mse_8.png - Ok C:\WINDOWS\system32\DirectX\Dinput\msf1f_1.png - Ok C:\WINDOWS\system32\DirectX\Dinput\msf1f.png - Ok C:\WINDOWS\system32\DirectX\Dinput\mse_9.png - Ok C:\WINDOWS\system32\DirectX\Dinput\msf1f_2.png - Ok C:\WINDOWS\system32\DirectX\Dinput\msf1f_4.png - Ok C:\WINDOWS\system32\DirectX\Dinput\msf1f_3.png - Ok C:\WINDOWS\system32\DirectX\Dinput\msf1f_5.png - Ok C:\WINDOWS\system32\DirectX\Dinput\msf1f_7.png - Ok C:\WINDOWS\system32\DirectX\Dinput\msf1f_10.png - Ok C:\WINDOWS\system32\DirectX\Dinput\msf1f_8.png - Ok C:\WINDOWS\system32\DirectX\Dinput\msf1f_6.png - Ok C:\WINDOWS\system32\DirectX\Dinput\msf1f_9.png - Ok C:\WINDOWS\system32\DirectX\Dinput\msprw_1.png - Ok C:\WINDOWS\system32\DirectX\Dinput\msprw_2.png - Ok C:\WINDOWS\system32\DirectX\Dinput\msprw.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\msprw_3.png - Ok C:\WINDOWS\system32\DirectX\Dinput\msf1f.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\mse_g.ini - Ok C:\WINDOWS\system32\DirectX\Dinput\msprw_4.png - Ok C:\WINDOWS\system32\DirectX\Dinput\msprw_5.png - Ok C:\WINDOWS\system32\DirectX\Dinput\msprw_6.png - Ok C:\WINDOWS\system32\DirectX\Dinput\msprw.png - Ok C:\WINDOWS\system32\DirectX\Dinput\msprw_7.png - Ok C:\WINDOWS\system32\DirectX\Dinput\msprw_8.png - Ok C:\WINDOWS\system32\DirectX\Dinput\SV-262e1.png - Ok C:\WINDOWS\system32\DirectX\Dinput\SV-262e3.png - Ok C:\WINDOWS\system32\DirectX\Dinput\sv2511.png - Ok C:\WINDOWS\system32\DirectX\Dinput\sv2512.png - Ok C:\WINDOWS\system32\DirectX\Dinput\SV-262e4.png - Ok C:\WINDOWS\system32\Macromed\Flash\FlashInstall.log - Ok C:\WINDOWS\system32\Macromed\Flash\flashplayer.xpt - Ok C:\WINDOWS\system32\DirectX\Dinput\raiderpd.ini - Ok C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe - Ok C:\WINDOWS\system32\Macromed\Flash\activex.vch - Ok C:\WINDOWS\system32\Macromed\Flash\KB923789.inf - Ok C:\WINDOWS\system32\Macromed\Flash\mms.cfg - Ok C:\WINDOWS\system32\Macromed\Flash\genuinst.exe - Ok C:\WINDOWS\system32\Macromed\Flash\plugin.vch - Ok C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\80dbdd53-18cb-4d6d-abac-e5b3faf8c417 - Ok C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred - Ok C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.dll - Ok C:\WINDOWS\system32\MsDtc\Trace\dtctrace.log - Ok C:\WINDOWS\system32\MsDtc\MSDTC.LOG - Ok C:\WINDOWS\system32\MsDtc\Trace\msdtcvtr.bat - Ok C:\WINDOWS\system32\MsDtc\Trace\msdtctr.mof - Ok C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\spcustom.dll.ref - Ok C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\spmsg.dll.ref - Ok C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\spupdsvc.exe.ref - Ok C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe - Ok C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\spuninst.exe.ref - Ok C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_135_Plugin.exe - Ok >C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll is BINARYRES container >C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\updspapi.dll.ref - packed by BINARYRES >>C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll\data001 - packed by BINARYRES >>>C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll\data001 is WISE container >>C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\updspapi.dll.ref - packed by MS COMPRESS >>C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll\data002 is ZLIB container C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll - container C:\WINDOWS\system32\RTCOM\RTLCPAPI.dll - Ok C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\updspapi.dll.ref - Ok C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\machine.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\machine.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\machine.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\machine.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\pci.sys - Ok C:\WINDOWS\system32\RTCOM\RTCOMDLL.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\machine.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\machine.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\machine.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\machine.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\pci.sys - Ok C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\update.exe.ref - Ok C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\pci.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\machine.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\pci.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\machine.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\machine.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\pci.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\mshdc.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\machine.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\machine.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\isapnp.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\mshdc.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\mshdc.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\pciidex.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\pciide.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\machine.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\mshdc.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\pciide.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\pciidex.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\usbport.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\usbport.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\hccoin.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\usbehci.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\usbport.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\usbport.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\usbhub.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\hccoin.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\usbehci.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\usbhub.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\usbui.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\cougME.cat - Ok C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\cougme.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\cougme.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\cpu.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\usbport.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\cpu.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\usbui.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\cpu.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\cpu.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\cpu.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\intelppm.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\cpu.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\usbport.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\intelppm.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\cpu.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\cpu.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\hdaudbus.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\hdaudbus.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\i386\intelppm.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\intelppm.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\machine.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\hdaudbus.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\hdaudbus.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\machine.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\license.txt - Ok C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nv4_disp.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nv4_disp.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\hdaudbus.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\hdaudbus.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\dbInstaller.exe - Ok C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvapi.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nv4_mini.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nv4_disp.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvdata.bin - Ok C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvcuvenc.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvdrsdb.bin - Ok C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvcuda.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvinfo.pb - Ok C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvdispco32.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvgenco32.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\OpenCL.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\nvhda.inf - Ok >C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvcuvid.dll - packed by FLY-CODE C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\nvhda.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\nvhda32.sys - Ok >C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\nvhdap32.dll - packed by PESTUB C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\nvgenco32.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\drmk.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\nvhdap32.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\ks.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\ksuser.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\ksproxy.ax - Ok C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\stream.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\portcls.sys - Ok >C:\WINDOWS\system32\Macromed\Flash\Flash32_11_5_502_135.ocx is BINARYRES container >>C:\WINDOWS\system32\Macromed\Flash\Flash32_11_5_502_135.ocx\data001 - packed by BINARYRES >>>C:\WINDOWS\system32\Macromed\Flash\Flash32_11_5_502_135.ocx\data001 is WISE container C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\wdmaud.drv - Ok >>C:\WINDOWS\system32\Macromed\Flash\Flash32_11_5_502_135.ocx\data002 is ZLIB container C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvcompiler.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\nvhda.inf - Ok C:\WINDOWS\system32\Macromed\Flash\Flash32_11_5_502_135.ocx - container C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\nvhda.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\drmk.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\nvhda32.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\ks.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\ksuser.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\ksproxy.ax - Ok C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\portcls.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\stream.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\wdmaud.drv - Ok C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\nvhda.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\nvhda.PNF - Ok C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\nvgenco32.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\nvhda32.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvcuvid.dll - Ok >C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\nvhdap32.dll - packed by PESTUB C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\drmk.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\ks.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\ksuser.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\ksproxy.ax - Ok C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\stream.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\wdmaud.drv - Ok C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\portcls.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\nvhda.inf - Ok C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\nvhda.PNF - Ok >C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\nvhdap32.dll - packed by PESTUB C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\nvgenco32.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\nvhda32.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\drmk.sys - Ok >C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\nvhdap32.dll - packed by PESTUB C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\nvhdap32.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\nvgenco32.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\ks.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\ksuser.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\ksproxy.ax - Ok C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\stream.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\nvhdap32.dll - Ok C:\WINDOWS\system32\Restore\MachineGuid.txt - Ok C:\WINDOWS\system32\Restore\filelist.xml - Ok C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\portcls.sys - Ok C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\wdmaud.drv - Ok C:\WINDOWS\system32\Restore\srframe.mmf - Ok C:\WINDOWS\system32\Restore\srdiag.exe - Ok C:\WINDOWS\system32\Setup\fp40ext.dll - Ok C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\nvhdap32.dll - Ok C:\WINDOWS\system32\Setup\fsconins.dll - Ok >C:\WINDOWS\system32\Restore\rstrui.exe is BINARYRES container >>C:\WINDOWS\system32\Restore\rstrui.exe\data001 is JS-HTML container >>C:\WINDOWS\system32\Restore\rstrui.exe\data002 is JS-HTML container >>C:\WINDOWS\system32\Restore\rstrui.exe\data003 is JS-HTML container >>C:\WINDOWS\system32\Restore\rstrui.exe\data005 is JS-HTML container C:\WINDOWS\system32\Setup\imsinsnt.dll - Ok C:\WINDOWS\system32\Setup\fxsocm.dll - Ok >>C:\WINDOWS\system32\Restore\rstrui.exe\data006 is JS-HTML container >C:\WINDOWS\system32\Setup\koc.dll - packed by FLY-CODE C:\WINDOWS\system32\Setup\comsetup.dll - Ok >>C:\WINDOWS\system32\Restore\rstrui.exe\data009 is JS-HTML container >>C:\WINDOWS\system32\Restore\rstrui.exe\data010 is JS-HTML container C:\WINDOWS\system32\Setup\koc.dll - Ok >>C:\WINDOWS\system32\Restore\rstrui.exe\data011 is JS-HTML container C:\WINDOWS\system32\Restore\rstrui.exe - container C:\WINDOWS\system32\Setup\msgrocm.dll - Ok C:\WINDOWS\system32\Setup\msdtcstp.dll - Ok C:\WINDOWS\system32\Setup\ocgen.dll - Ok C:\WINDOWS\system32\Setup\ntoc.dll - Ok C:\WINDOWS\system32\Setup\netoc.dll - Ok C:\WINDOWS\system32\Setup\iis.dll - Ok C:\WINDOWS\system32\Setup\ocmsn.dll - Ok C:\WINDOWS\system32\Setup\zoneoc.dll - Ok C:\WINDOWS\system32\Setup\startoc.dll - Ok C:\WINDOWS\system32\Setup\setupqry.dll - Ok C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll - Ok C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.6.7600.256\wups2.dll - Ok C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.6.7600.256\wups.dll - Ok C:\WINDOWS\system32\XPSViewer\en-US\XPSViewer.exe.mui - Ok C:\WINDOWS\system32\XPSViewer\XPSViewerManifest.xml - Ok >C:\WINDOWS\system32\cache\0025579d476751f2.fb is JS-HTML container C:\WINDOWS\system32\Setup\tsoc.dll - Ok C:\WINDOWS\system32\cache\0025579d476751f2.fb - container C:\WINDOWS\system32\cache\287204568329e189.fb - Ok C:\WINDOWS\system32\cache\272512937d9e61a4.fb - Ok C:\WINDOWS\system32\cache\31a0997e9a5b5eb3.fb - Ok C:\WINDOWS\system32\cache\28bc8f716fd76a47.fb - Ok C:\WINDOWS\system32\cache\3917078cb68ec657.fb - Ok C:\WINDOWS\system32\cache\32c84fe32bb74d60.fb - Ok C:\WINDOWS\system32\cache\590ba23ce359fd0c.fb - Ok C:\WINDOWS\system32\cache\610289e025a3ee9a.fb - Ok C:\WINDOWS\system32\cache\6c59ac5e7e7a3ad0.fb - Ok C:\WINDOWS\system32\cache\6d03dad1035885d3.fb - Ok C:\WINDOWS\system32\cache\651c5d3cdbfb8bd1.fb - Ok C:\WINDOWS\system32\cache\ad10a52aff5e038d.fb - Ok C:\WINDOWS\system32\cache\c1fa887b03019701.fb - Ok C:\WINDOWS\system32\cache\c4d28dca2e7648be.fb - Ok C:\WINDOWS\system32\cache\a8556537add6dfc5.fb - Ok C:\WINDOWS\system32\cache\d2e94710a5708128.fb - Ok C:\WINDOWS\system32\cache\d79b9dfe81484ec4.fb - Ok C:\WINDOWS\system32\cache\d201ef9910cd39de.fb - Ok C:\WINDOWS\system32\XPSViewer\XPSViewer.exe - Ok C:\WINDOWS\system32\config\default - read error C:\WINDOWS\system32\config\default.LOG - read error C:\WINDOWS\system32\config\AppEvent.Evt - Ok C:\WINDOWS\system32\config\default.sav - Ok C:\WINDOWS\system32\config\Doctor Web.evt - Ok C:\WINDOWS\system32\config\SAM - read error C:\WINDOWS\system32\config\SAM.LOG - read error C:\WINDOWS\system32\cache\f998975c9cc711ee.fb - Ok C:\WINDOWS\system32\config\SECURITY - read error C:\WINDOWS\system32\config\SECURITY.LOG - read error C:\WINDOWS\system32\config\software - read error C:\WINDOWS\system32\config\software.LOG - read error C:\WINDOWS\system32\config\Internet.evt - Ok C:\WINDOWS\system32\config\SecEvent.Evt - Ok C:\WINDOWS\system32\config\system - read error C:\WINDOWS\system32\config\system.LOG - read error C:\WINDOWS\system32\config\software.sav - Ok C:\WINDOWS\system32\config\system.sav - Ok C:\WINDOWS\system32\config\TempKey.LOG - Ok C:\WINDOWS\system32\config\userdiff.LOG - Ok C:\WINDOWS\system32\config\SysEvent.Evt - Ok C:\WINDOWS\system32\config\WindowsPowerShell.evt - Ok C:\WINDOWS\system32\config\userdiff - Ok C:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini - Ok C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004 - Ok C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5 - Ok C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\62B5AF9BE9ADC1085C3C56EC07A82BF6 - Ok C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019 - Ok C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\7.4.7600.226\wuapi.dll - Ok C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\12236C41CDDF9E40BA5606CDF086B821 - Ok C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\8DFDF057024880D7A081AFBF6D26B92F - Ok C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\E04822AD18D472EA5B582E6E6F8C6B9A - Ok C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9 - Ok C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\12236C41CDDF9E40BA5606CDF086B821 - Ok >C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015 is CAB archive C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015 - Ok C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004 - Ok C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015 - archive C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5 - Ok C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019 - Ok C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\62B5AF9BE9ADC1085C3C56EC07A82BF6 - Ok C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9 - Ok C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\8DFDF057024880D7A081AFBF6D26B92F - Ok C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015 - Ok C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\E04822AD18D472EA5B582E6E6F8C6B9A - Ok C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.bak - Ok C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.txt - Ok C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat - Ok C:\WINDOWS\system32\config\systemprofile\IETldCache\index.dat - Ok C:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini - Ok C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD - Ok C:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini - Ok C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini - Ok C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat - Ok C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012012123020121231\index.dat - Ok C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\chrome_installer.log - Ok C:\WINDOWS\system32\bits\qmgr.dll - Ok C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini - Ok C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini - Ok C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - Ok C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\G1MFG5MJ\desktop.ini - Ok C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML - Ok C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GPQVOLUV\desktop.ini - Ok C:\WINDOWS\system32\config\systemprofile\SendTo\Compressed (zipped) Folder.ZFSendToTarget - Ok C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\SDQBS523\desktop.ini - Ok C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\S1ERC9YR\desktop.ini - Ok C:\WINDOWS\system32\config\systemprofile\SendTo\Desktop (create shortcut).DeskLink - Ok C:\WINDOWS\system32\config\systemprofile\SendTo\Mail Recipient.MAPIMail - Ok C:\WINDOWS\system32\config\systemprofile\Start Menu\desktop.ini - Ok C:\WINDOWS\system32\config\systemprofile\SendTo\desktop.ini - Ok C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\desktop.ini - Ok C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012012122920121230\index.dat - Ok C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\desktop.ini - Ok C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Windows Media Player.lnk - Ok C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Program Compatibility Wizard.lnk - Ok C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Remote Assistance.lnk - Ok C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Command Prompt.lnk - Ok C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Notepad.lnk - Ok C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\desktop.ini - Ok C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Windows Explorer.lnk - Ok C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb - Ok C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Synchronize.lnk - Ok C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Tour Windows XP.lnk - Ok C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk - Ok C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\desktop.ini - Ok C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini - Ok C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk - Ok C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk - Ok C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\Windows Media Player.lnk - Ok C:\WINDOWS\system32\config\systemprofile\Templates\amipro.sam - Ok C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk - Ok C:\WINDOWS\system32\config\systemprofile\Templates\excel.xls - Ok C:\WINDOWS\system32\config\systemprofile\Templates\presenta.shw - Ok C:\WINDOWS\system32\config\systemprofile\Templates\sndrec.wav - Ok C:\WINDOWS\system32\config\systemprofile\Templates\winword.doc - Ok C:\WINDOWS\system32\config\systemprofile\Templates\quattro.wb2 - Ok C:\WINDOWS\system32\config\systemprofile\Templates\excel4.xls - Ok C:\WINDOWS\system32\config\systemprofile\Templates\lotus.wk4 - Ok C:\WINDOWS\system32\config\systemprofile\Templates\winword2.doc - Ok C:\WINDOWS\system32\config\systemprofile\Templates\powerpnt.ppt - Ok C:\WINDOWS\system32\config\systemprofile\Templates\wordpfct.wpg - Ok C:\WINDOWS\system32\config\systemprofile\Templates\wordpfct.wpd - Ok C:\WINDOWS\system32\dllcache\12520850.cpx - Ok C:\WINDOWS\system32\dllcache\1394vdbg.sys - Ok C:\WINDOWS\system32\dllcache\12520437.cpx - Ok C:\WINDOWS\system32\dllcache\1394bus.sys - Ok C:\WINDOWS\system32\dllcache\4mmdat.sys - Ok C:\WINDOWS\system32\dllcache\61883.sys - Ok C:\WINDOWS\system32\dllcache\8514a.dll - Ok C:\WINDOWS\system32\dllcache\6to4svc.dll - Ok C:\WINDOWS\system32\dllcache\3dfxvsm.sys - Ok C:\WINDOWS\system32\dllcache\aaaamon.dll - Ok C:\WINDOWS\system32\dllcache\a3d.dll - Ok C:\WINDOWS\system32\dllcache\abp480n5.sys - Ok C:\WINDOWS\system32\dllcache\aaclient.dll - Ok C:\WINDOWS\system32\dllcache\3dfxvs.dll - Ok C:\WINDOWS\system32\dllcache\ac97ali.sys - Ok C:\WINDOWS\system32\dllcache\ac97intc.sys - Ok C:\WINDOWS\system32\dllcache\ac97via.sys - Ok C:\WINDOWS\system32\dllcache\a3dapi.dll - Ok C:\WINDOWS\system32\dllcache\acctres.dll - Ok C:\WINDOWS\system32\dllcache\ac97sis.sys - Ok C:\WINDOWS\system32\dllcache\3cwmcru.sys - Ok C:\WINDOWS\system32\dllcache\access.cpl - Ok C:\WINDOWS\system32\dllcache\acerscad.dll - Ok C:\WINDOWS\system32\dllcache\accwiz.exe - Ok C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvoglnt.dll - Ok C:\WINDOWS\system32\dllcache\acledit.dll - Ok C:\WINDOWS\system32\dllcache\acpiec.sys - Ok C:\WINDOWS\system32\dllcache\aclua.dll - Ok C:\WINDOWS\system32\dllcache\acpi.sys - Ok C:\WINDOWS\system32\dllcache\aclui.dll - Ok C:\WINDOWS\system32\dllcache\actmovie.exe - Ok C:\WINDOWS\system32\dllcache\activeds.tlb - Ok C:\WINDOWS\system32\dllcache\activeds.dll - Ok C:\WINDOWS\system32\dllcache\actxprxy.dll - Ok C:\WINDOWS\system32\dllcache\adicvls.sys - Ok C:\WINDOWS\system32\dllcache\adm8511.sys - Ok C:\WINDOWS\system32\dllcache\aclayers.dll - Ok C:\WINDOWS\system32\dllcache\acxtrnal.dll - Ok C:\WINDOWS\system32\dllcache\acspecfc.dll - Ok C:\WINDOWS\system32\dllcache\admin.dll - Ok C:\WINDOWS\system32\dllcache\admin.exe - Ok C:\WINDOWS\system32\dllcache\admjoy.sys - Ok >C:\WINDOWS\system32\dllcache\admparse.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\adptif.dll - Ok C:\WINDOWS\system32\dllcache\adm8820.sys - Ok C:\WINDOWS\system32\dllcache\adm8810.sys - Ok C:\WINDOWS\system32\dllcache\adptsf50.sys - Ok C:\WINDOWS\system32\dllcache\admparse.dll - Ok C:\WINDOWS\system32\dllcache\adpu160m.sys - Ok C:\WINDOWS\system32\dllcache\adm8830.sys - Ok C:\WINDOWS\system32\dllcache\adsmsext.dll - Ok C:\WINDOWS\system32\dllcache\adv01nt5.dll - Ok C:\WINDOWS\system32\dllcache\adv02nt5.dll - Ok C:\WINDOWS\system32\dllcache\adsldpc.dll - Ok C:\WINDOWS\system32\dllcache\adv07nt5.dll - Ok C:\WINDOWS\system32\dllcache\adv05nt5.dll - Ok C:\WINDOWS\system32\dllcache\adsldp.dll - Ok C:\WINDOWS\system32\dllcache\adv09nt5.dll - Ok C:\WINDOWS\system32\dllcache\adv11nt5.dll - Ok C:\WINDOWS\system32\dllcache\adv08nt5.dll - Ok C:\WINDOWS\system32\dllcache\adsnt.dll - Ok C:\WINDOWS\system32\dllcache\aec.sys - Ok C:\WINDOWS\system32\dllcache\advpack.dll - Ok C:\WINDOWS\system32\dllcache\agcgauge.ax - Ok C:\WINDOWS\system32\dllcache\acgenral.dll - Ok C:\WINDOWS\system32\dllcache\afd.sys - Ok C:\WINDOWS\system32\dllcache\agentanm.dll - Ok C:\WINDOWS\system32\dllcache\agentdp2.dll - Ok C:\WINDOWS\system32\dllcache\agentpsh.dll - Ok C:\WINDOWS\system32\dllcache\agentmpx.dll - Ok C:\WINDOWS\system32\dllcache\agentdpv.dll - Ok C:\WINDOWS\system32\dllcache\agentctl.dll - Ok C:\WINDOWS\system32\dllcache\advapi32.dll - Ok C:\WINDOWS\system32\dllcache\agentsr.dll - Ok C:\WINDOWS\system32\dllcache\agp440.sys - Ok C:\WINDOWS\system32\dllcache\agpcpq.sys - Ok C:\WINDOWS\system32\dllcache\agt0401.dll - Ok C:\WINDOWS\system32\dllcache\agt0404.dll - Ok C:\WINDOWS\system32\dllcache\agt0405.dll - Ok C:\WINDOWS\system32\dllcache\agt0406.dll - Ok C:\WINDOWS\system32\dllcache\agt0407.dll - Ok C:\WINDOWS\system32\dllcache\agt0408.dll - Ok C:\WINDOWS\system32\dllcache\agt0409.dll - Ok C:\WINDOWS\system32\dllcache\agt040b.dll - Ok C:\WINDOWS\system32\dllcache\agt040d.dll - Ok C:\WINDOWS\system32\dllcache\agt040e.dll - Ok C:\WINDOWS\system32\dllcache\agt0411.dll - Ok C:\WINDOWS\system32\dllcache\agt0410.dll - Ok C:\WINDOWS\system32\dllcache\agt040c.dll - Ok C:\WINDOWS\system32\dllcache\agt0412.dll - Ok C:\WINDOWS\system32\dllcache\agt0413.dll - Ok C:\WINDOWS\system32\dllcache\agt0419.dll - Ok C:\WINDOWS\system32\dllcache\agt0415.dll - Ok C:\WINDOWS\system32\dllcache\agt0416.dll - Ok C:\WINDOWS\system32\dllcache\agt0414.dll - Ok C:\WINDOWS\system32\dllcache\agt041f.dll - Ok C:\WINDOWS\system32\dllcache\agentsvr.exe - Ok C:\WINDOWS\system32\dllcache\agt041d.dll - Ok C:\WINDOWS\system32\dllcache\agt0816.dll - Ok C:\WINDOWS\system32\dllcache\agt0c0a.dll - Ok C:\WINDOWS\system32\dllcache\agtctl15.tlb - Ok C:\WINDOWS\system32\dllcache\agt0804.dll - Ok C:\WINDOWS\system32\dllcache\aha154x.sys - Ok C:\WINDOWS\system32\dllcache\agtintl.dll - Ok C:\WINDOWS\system32\dllcache\aic78u2.sys - Ok C:\WINDOWS\system32\dllcache\aliide.sys - Ok C:\WINDOWS\system32\dllcache\ali5261.sys - Ok C:\WINDOWS\system32\dllcache\alifir.sys - Ok C:\WINDOWS\system32\dllcache\aic78xx.sys - Ok C:\WINDOWS\system32\dllcache\alrsvc.dll - Ok C:\WINDOWS\system32\dllcache\amb8002.sys - Ok C:\WINDOWS\system32\dllcache\alim1541.sys - Ok C:\WINDOWS\system32\dllcache\alg.exe - Ok C:\WINDOWS\system32\dllcache\amdagp.sys - Ok C:\WINDOWS\system32\dllcache\ahui.exe - Ok C:\WINDOWS\system32\dllcache\amsint.sys - Ok C:\WINDOWS\system32\dllcache\amdk7.sys - Ok C:\WINDOWS\system32\dllcache\amdk6.sys - Ok C:\WINDOWS\system32\dllcache\an983.sys - Ok C:\WINDOWS\system32\dllcache\ansi.sys - Ok C:\WINDOWS\system32\dllcache\apmbatt.sys - Ok C:\WINDOWS\system32\dllcache\append.exe - Ok C:\WINDOWS\system32\dllcache\amstream.dll - Ok >C:\WINDOWS\system32\dllcache\apps.chm is CHM container C:\WINDOWS\system32\dllcache\apph_sp.sdb - Ok C:\WINDOWS\system32\dllcache\apphelp.sdb - Ok C:\WINDOWS\system32\dllcache\apcups.dll - Ok C:\WINDOWS\system32\dllcache\apphelp.dll - Ok C:\WINDOWS\system32\dllcache\archvapp.inf - Ok C:\WINDOWS\system32\dllcache\arp.exe - Ok C:\WINDOWS\system32\dllcache\arp1394.sys - Ok C:\WINDOWS\system32\dllcache\asc.sys - Ok C:\WINDOWS\system32\dllcache\asc3350p.sys - Ok C:\WINDOWS\system32\dllcache\asferror.dll - Ok C:\WINDOWS\system32\dllcache\asc3550.sys - Ok C:\WINDOWS\system32\dllcache\aspndis3.sys - Ok C:\WINDOWS\system32\dllcache\asycfilt.dll - Ok C:\WINDOWS\system32\dllcache\asctrls.ocx - Ok C:\WINDOWS\system32\dllcache\asyncmac.sys - Ok C:\WINDOWS\system32\dllcache\aqueue.dll - Ok C:\WINDOWS\system32\dllcache\at.exe - Ok C:\WINDOWS\system32\dllcache\atapi.sys - Ok C:\WINDOWS\system32\dllcache\ati1mdxx.sys - Ok C:\WINDOWS\system32\dllcache\ati1btxx.sys - Ok C:\WINDOWS\system32\dllcache\ati.dll - Ok C:\WINDOWS\system32\dllcache\ati.sys - Ok >C:\WINDOWS\system32\dllcache\appwiz.cpl is BINARYRES container >>C:\WINDOWS\system32\dllcache\appwiz.cpl\data001 is JS-HTML container C:\WINDOWS\system32\dllcache\ati1pdxx.sys - Ok C:\WINDOWS\system32\dllcache\ati1snxx.sys - Ok C:\WINDOWS\system32\dllcache\ati1raxx.sys - Ok >>C:\WINDOWS\system32\dllcache\appwiz.cpl\data003 is JS-HTML container C:\WINDOWS\system32\dllcache\ati1rvxx.sys - Ok >>C:\WINDOWS\system32\dllcache\appwiz.cpl\data004 is JS-HTML container C:\WINDOWS\system32\dllcache\ati1ttxx.sys - Ok >>C:\WINDOWS\system32\dllcache\appwiz.cpl\data006 is JS-HTML container >>C:\WINDOWS\system32\dllcache\appwiz.cpl\data008 is JS-HTML container C:\WINDOWS\system32\dllcache\ati1xsxx.sys - Ok C:\WINDOWS\system32\dllcache\ati1xbxx.sys - Ok C:\WINDOWS\system32\dllcache\ati1tuxx.sys - Ok >>C:\WINDOWS\system32\dllcache\appwiz.cpl\data009 is JS-HTML container >>C:\WINDOWS\system32\dllcache\appwiz.cpl\data011 is JS-HTML container >>C:\WINDOWS\system32\dllcache\appwiz.cpl\data012 is JS-HTML container >>C:\WINDOWS\system32\dllcache\appwiz.cpl\data014 is JS-HTML container C:\WINDOWS\system32\dllcache\ati2cqag.dll - Ok >>C:\WINDOWS\system32\dllcache\appwiz.cpl\data015 is JS-HTML container >>C:\WINDOWS\system32\dllcache\appwiz.cpl\data016 is JS-HTML container C:\WINDOWS\system32\dllcache\appwiz.cpl - container C:\WINDOWS\system32\dllcache\ati2dvag.dll - Ok C:\WINDOWS\system32\dllcache\ati2dvaa.dll - Ok C:\WINDOWS\system32\dllcache\atibt829.sys - Ok C:\WINDOWS\system32\dllcache\ati2mtaa.sys - Ok C:\WINDOWS\system32\dllcache\atidrae.dll - Ok C:\WINDOWS\system32\dllcache\atidrab.dll - Ok C:\WINDOWS\system32\dllcache\atidvai.dll - Ok C:\WINDOWS\system32\dllcache\ati2mtag.sys - Ok C:\WINDOWS\system32\dllcache\ati3d1ag.dll - Ok C:\WINDOWS\system32\dllcache\atimpae.sys - Ok C:\WINDOWS\system32\dllcache\atinbtxx.sys - Ok C:\WINDOWS\system32\dllcache\atimpab.sys - Ok C:\WINDOWS\system32\dllcache\atievxx.exe - Ok C:\WINDOWS\system32\dllcache\atimtai.sys - Ok C:\WINDOWS\system32\dllcache\atinmdxx.sys - Ok C:\WINDOWS\system32\dllcache\atinpdxx.sys - Ok C:\WINDOWS\system32\dllcache\atinraxx.sys - Ok C:\WINDOWS\system32\dllcache\atinttxx.sys - Ok C:\WINDOWS\system32\dllcache\atinsnxx.sys - Ok C:\WINDOWS\system32\dllcache\atintuxx.sys - Ok C:\WINDOWS\system32\dllcache\atinrvxx.sys - Ok C:\WINDOWS\system32\dllcache\atinxbxx.sys - Ok C:\WINDOWS\system32\dllcache\atipcxxx.sys - Ok C:\WINDOWS\system32\dllcache\atiraged.dll - Ok C:\WINDOWS\system32\dllcache\atinxsxx.sys - Ok C:\WINDOWS\system32\dllcache\ati3duag.dll - Ok C:\WINDOWS\system32\dllcache\atirtsnd.sys - Ok C:\WINDOWS\system32\dllcache\atirtcap.sys - Ok C:\WINDOWS\system32\dllcache\atiragem.sys - Ok C:\WINDOWS\system32\dllcache\atitunep.sys - Ok C:\WINDOWS\system32\dllcache\atitvsnd.sys - Ok C:\WINDOWS\system32\dllcache\ativmvxx.ax - Ok C:\WINDOWS\system32\dllcache\ativmdcd.sys - Ok C:\WINDOWS\system32\dllcache\ativdaxx.ax - Ok C:\WINDOWS\system32\dllcache\ativttxx.sys - Ok C:\WINDOWS\system32\dllcache\ativtmxx.dll - Ok C:\WINDOWS\system32\dllcache\atixbar.sys - Ok C:\WINDOWS\system32\dllcache\ativxbar.sys - Ok C:\WINDOWS\system32\dllcache\atkctrs.dll - Ok C:\WINDOWS\system32\dllcache\atmadm.exe - Ok C:\WINDOWS\system32\dllcache\atl.dll - Ok C:\WINDOWS\system32\dllcache\atmepvc.sys - Ok C:\WINDOWS\system32\dllcache\atmarpc.sys - Ok C:\WINDOWS\system32\dllcache\atmlane.sys - Ok C:\WINDOWS\system32\dllcache\atmpvcno.dll - Ok C:\WINDOWS\system32\dllcache\atmlib.dll - Ok C:\WINDOWS\system32\dllcache\atrace.dll - Ok C:\WINDOWS\system32\dllcache\attrib.exe - Ok C:\WINDOWS\system32\dllcache\atmfd.dll - Ok C:\WINDOWS\system32\dllcache\atv01nt5.dll - Ok C:\WINDOWS\system32\dllcache\ativvaxx.dll - Ok C:\WINDOWS\system32\dllcache\atv02nt5.dll - Ok C:\WINDOWS\system32\dllcache\atv04nt5.dll - Ok C:\WINDOWS\system32\dllcache\atv06nt5.dll - Ok C:\WINDOWS\system32\dllcache\atv10nt5.dll - Ok C:\WINDOWS\system32\dllcache\auditusr.exe - Ok C:\WINDOWS\system32\dllcache\atmuni.sys - Ok C:\WINDOWS\system32\dllcache\audstub.sys - Ok C:\WINDOWS\system32\dllcache\author.dll - Ok C:\WINDOWS\system32\dllcache\audiosrv.dll - Ok C:\WINDOWS\system32\dllcache\author.exe - Ok C:\WINDOWS\system32\dllcache\authz.dll - Ok C:\WINDOWS\system32\dllcache\autodisc.dll - Ok >C:\WINDOWS\system32\dllcache\autolfn.exe - packed by FLY-CODE C:\WINDOWS\system32\dllcache\avc.sys - Ok C:\WINDOWS\system32\dllcache\avcaudio.sys - Ok C:\WINDOWS\system32\dllcache\avcstrm.sys - Ok C:\WINDOWS\system32\dllcache\autofmt.exe - Ok C:\WINDOWS\system32\dllcache\avicap.dll - Ok C:\WINDOWS\system32\dllcache\autochk.exe - Ok C:\WINDOWS\system32\dllcache\avifile.dll - Ok C:\WINDOWS\system32\dllcache\autoconv.exe - Ok C:\WINDOWS\system32\dllcache\avifil32.dll - Ok C:\WINDOWS\system32\dllcache\avicap32.dll - Ok C:\WINDOWS\system32\dllcache\avmeter.dll - Ok C:\WINDOWS\system32\dllcache\avmwan.sys - Ok C:\WINDOWS\system32\dllcache\avmcoxp.dll - Ok C:\WINDOWS\system32\dllcache\avwav.dll - Ok C:\WINDOWS\system32\dllcache\avmenum.dll - Ok C:\WINDOWS\system32\dllcache\aztw2320.sys - Ok C:\WINDOWS\system32\dllcache\azroles.dll - Ok C:\WINDOWS\system32\dllcache\avtapi.dll - Ok C:\WINDOWS\system32\dllcache\b57xp32.sys - Ok C:\WINDOWS\system32\dllcache\b1cbase.sys - Ok C:\WINDOWS\system32\dllcache\banshee.sys - Ok C:\WINDOWS\system32\dllcache\basesrv.dll - Ok C:\WINDOWS\system32\dllcache\battc.sys - Ok C:\WINDOWS\system32\dllcache\batt.dll - Ok C:\WINDOWS\system32\dllcache\autolfn.exe - Ok C:\WINDOWS\system32\dllcache\banshee.dll - Ok C:\WINDOWS\system32\dllcache\batmeter.dll - Ok C:\WINDOWS\system32\dllcache\bckg.dll - Ok C:\WINDOWS\system32\dllcache\bcm42u.sys - Ok C:\WINDOWS\system32\dllcache\bcm42xx5.sys - Ok C:\WINDOWS\system32\dllcache\bcm4e5.sys - Ok C:\WINDOWS\system32\dllcache\bckgzm.exe - Ok C:\WINDOWS\system32\dllcache\bdasup.sys - Ok C:\WINDOWS\system32\dllcache\beep.sys - Ok C:\WINDOWS\system32\dllcache\bdaplgin.ax - Ok C:\WINDOWS\system32\dllcache\big5.nls - Ok C:\WINDOWS\system32\dllcache\apps.chm - container C:\WINDOWS\system32\dllcache\bidispl.dll - Ok C:\WINDOWS\system32\dllcache\bitsprx4.dll - Ok C:\WINDOWS\system32\dllcache\bitsprx3.dll - Ok C:\WINDOWS\system32\dllcache\bitsprx2.dll - Ok C:\WINDOWS\system32\dllcache\bktrh.gif - Ok C:\WINDOWS\system32\dllcache\binlsvc.dll - Ok C:\WINDOWS\system32\dllcache\blastcln.exe - Ok C:\WINDOWS\system32\dllcache\blue_ss.dll - Ok C:\WINDOWS\system32\dllcache\bootok.exe - Ok C:\WINDOWS\system32\dllcache\bootvid.dll - Ok C:\WINDOWS\system32\dllcache\bnts.dll - Ok C:\WINDOWS\system32\dllcache\bootvrfy.exe - Ok C:\WINDOWS\system32\dllcache\blackbox.dll - Ok C:\WINDOWS\system32\dllcache\bopomofo.nls - Ok C:\WINDOWS\system32\dllcache\brbidiif.dll - Ok C:\WINDOWS\system32\dllcache\brcoinst.dll - Ok C:\WINDOWS\system32\dllcache\brfilt.sys - Ok C:\WINDOWS\system32\dllcache\brevif.dll - Ok C:\WINDOWS\system32\dllcache\brfiltup.sys - Ok C:\WINDOWS\system32\dllcache\brfiltlo.sys - Ok C:\WINDOWS\system32\dllcache\brmfbidi.dll - Ok C:\WINDOWS\system32\dllcache\bridge.sys - Ok C:\WINDOWS\system32\dllcache\brmflpt.dll - Ok C:\WINDOWS\system32\dllcache\brmfcwia.dll - Ok >C:\WINDOWS\system32\dllcache\browselc.dll is BINARYRES container C:\WINDOWS\system32\dllcache\brmfusb.dll - Ok >>C:\WINDOWS\system32\dllcache\browselc.dll\data004 is JS-HTML container >>C:\WINDOWS\system32\dllcache\browselc.dll\data008 is JS-HTML container >>C:\WINDOWS\system32\dllcache\browselc.dll\data012 is JS-HTML container >>C:\WINDOWS\system32\dllcache\browselc.dll\data013 is ZLIB container C:\WINDOWS\system32\dllcache\browselc.dll - container >C:\WINDOWS\system32\dllcache\bcmdm.sys - packed by FLY-CODE C:\WINDOWS\system32\dllcache\browser.dll - Ok C:\WINDOWS\system32\dllcache\brmfrsmg.exe - Ok C:\WINDOWS\system32\dllcache\brparimg.sys - Ok C:\WINDOWS\system32\dllcache\browsewm.dll - Ok C:\WINDOWS\system32\dllcache\brpinfo.dll - Ok C:\WINDOWS\system32\dllcache\brparwdm.sys - Ok C:\WINDOWS\system32\dllcache\brscnrsm.dll - Ok C:\WINDOWS\system32\dllcache\bckgres.dll - Ok >C:\WINDOWS\system32\dllcache\brserif.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\brusbmdm.sys - Ok C:\WINDOWS\system32\dllcache\brserwdm.sys - Ok C:\WINDOWS\system32\dllcache\brusbscn.sys - Ok C:\WINDOWS\system32\dllcache\brserif.dll - Ok C:\WINDOWS\system32\dllcache\brzwlan.sys - Ok C:\WINDOWS\system32\dllcache\bthci.dll - Ok C:\WINDOWS\system32\dllcache\bthenum.sys - Ok C:\WINDOWS\system32\dllcache\bthmodem.sys - Ok C:\WINDOWS\system32\dllcache\bthprint.sys - Ok C:\WINDOWS\system32\dllcache\bthpan.sys - Ok C:\WINDOWS\system32\dllcache\bthserv.dll - Ok C:\WINDOWS\system32\dllcache\bthusb.sys - Ok C:\WINDOWS\system32\dllcache\bthprops.cpl - Ok C:\WINDOWS\system32\dllcache\bcmdm.sys - Ok C:\WINDOWS\system32\dllcache\bulltlp3.sys - Ok C:\WINDOWS\system32\dllcache\bthport.sys - Ok C:\WINDOWS\system32\dllcache\browseui.dll - Ok C:\WINDOWS\system32\dllcache\cabinet.dll - Ok C:\WINDOWS\system32\dllcache\cacls.exe - Ok C:\WINDOWS\system32\dllcache\cabview.dll - Ok C:\WINDOWS\system32\dllcache\btpanui.dll - Ok C:\WINDOWS\system32\dllcache\camexo20.ax - Ok C:\WINDOWS\system32\dllcache\camdro21.sys - Ok C:\WINDOWS\system32\dllcache\camdrv21.sys - Ok C:\WINDOWS\system32\dllcache\camdrv30.sys - Ok C:\WINDOWS\system32\dllcache\calc.exe - Ok C:\WINDOWS\system32\dllcache\camexo20.dll - Ok C:\WINDOWS\system32\dllcache\callcont.dll - Ok C:\WINDOWS\system32\dllcache\camext30.ax - Ok C:\WINDOWS\system32\dllcache\camext30.dll - Ok C:\WINDOWS\system32\dllcache\camocx.dll - Ok C:\WINDOWS\system32\dllcache\camext20.ax - Ok C:\WINDOWS\system32\dllcache\cap7146.sys - Ok C:\WINDOWS\system32\dllcache\camext20.dll - Ok C:\WINDOWS\system32\dllcache\cb102.sys - Ok C:\WINDOWS\system32\dllcache\catsrvps.dll - Ok C:\WINDOWS\system32\dllcache\capesnpn.dll - Ok >C:\WINDOWS\system32\dllcache\cb32.exe - packed by FLY-CODE C:\WINDOWS\system32\dllcache\cb325.sys - Ok C:\WINDOWS\system32\dllcache\cb32.exe - Ok C:\WINDOWS\system32\dllcache\cben5.sys - Ok C:\WINDOWS\system32\dllcache\cbidf2k.sys - Ok C:\WINDOWS\system32\dllcache\catsrv.dll - Ok C:\WINDOWS\system32\dllcache\ccdecode.sys - Ok C:\WINDOWS\system32\dllcache\cd20xrnt.sys - Ok C:\WINDOWS\system32\dllcache\cdaudio.sys - Ok C:\WINDOWS\system32\dllcache\cards.dll - Ok C:\WINDOWS\system32\dllcache\ccfgnt.dll - Ok C:\WINDOWS\system32\dllcache\cdfs.sys - Ok >C:\WINDOWS\system32\dllcache\cdmodem.dll - packed by FLY-CODE >C:\WINDOWS\system32\dllcache\cdm.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\cdmodem.dll - Ok >C:\WINDOWS\system32\dllcache\cdfview.dll is BINARYRES container >>C:\WINDOWS\system32\dllcache\cdfview.dll\data001 is JS-HTML container C:\WINDOWS\system32\dllcache\cdrom.sys - Ok C:\WINDOWS\system32\dllcache\catsrvut.dll - Ok C:\WINDOWS\system32\dllcache\ce2n5.sys - Ok >>C:\WINDOWS\system32\dllcache\cdfview.dll\data002 is JS-HTML container C:\WINDOWS\system32\dllcache\ce3n5.sys - Ok C:\WINDOWS\system32\dllcache\cdm.dll - Ok C:\WINDOWS\system32\dllcache\cem33n5.sys - Ok C:\WINDOWS\system32\dllcache\cem28n5.sys - Ok C:\WINDOWS\system32\dllcache\cdfview.dll - container C:\WINDOWS\system32\dllcache\cem56n5.sys - Ok C:\WINDOWS\system32\dllcache\cbmdmkxx.sys - Ok C:\WINDOWS\system32\dllcache\cfgbkend.dll - Ok C:\WINDOWS\system32\dllcache\certcli.dll - Ok C:\WINDOWS\system32\dllcache\cfgmgr32.dll - Ok C:\WINDOWS\system32\dllcache\ch7xxnt5.dll - Ok >C:\WINDOWS\system32\dllcache\change.exe - packed by FLY-CODE C:\WINDOWS\system32\dllcache\cewmdm.dll - Ok C:\WINDOWS\system32\dllcache\chajei.ime - Ok C:\WINDOWS\system32\dllcache\changer.sys - Ok C:\WINDOWS\system32\dllcache\change.exe - Ok C:\WINDOWS\system32\dllcache\chglogon.exe - Ok C:\WINDOWS\system32\dllcache\chgport.exe - Ok C:\WINDOWS\system32\dllcache\cfgwiz.exe - Ok C:\WINDOWS\system32\dllcache\chgusr.exe - Ok C:\WINDOWS\system32\dllcache\chkntfs.exe - Ok C:\WINDOWS\system32\dllcache\certmgr.dll - Ok C:\WINDOWS\system32\dllcache\charmap.exe - Ok C:\WINDOWS\system32\dllcache\chkdsk.exe - Ok C:\WINDOWS\system32\dllcache\chkr.dll - Ok C:\WINDOWS\system32\dllcache\chtmbx.dll - Ok C:\WINDOWS\system32\dllcache\chkrzm.exe - Ok C:\WINDOWS\system32\dllcache\chtskf.dll - Ok >C:\WINDOWS\system32\dllcache\chtskdic.dll - packed by FLY-CODE C:\WINDOWS\system32\dllcache\chkrres.dll - Ok C:\WINDOWS\system32\dllcache\chtskdic.dll - Ok C:\WINDOWS\system32\dllcache\chtbrkr.dll - Ok C:\WINDOWS\system32\dllcache\ciadmin.dll - Ok C:\WINDOWS\system32\dllcache\cidaemon.exe - Ok C:\WINDOWS\system32\dllcache\cic.dll - Ok C:\WINDOWS\system32\dllcache\cinemclc.sys - Ok C:\WINDOWS\system32\dllcache\cinemst2.sys - Ok >C:\WINDOWS\system32\dllcache\chsbrkr.dll - packed by FLY-CODE >C:\WINDOWS\system32\dllcache\cdosys.dll is BINARYRES container
- January 2, 2013
- 79 replies
Outgoing Malicious IP Blocks. Suspect Infection

MicQsenoch replied to MicQsenoch's topic in Resolved Malware Removal Logs

C:\WINDOWS\system32\batmeter.dll - Ok C:\WINDOWS\system32\azroles.dll - Ok C:\WINDOWS\system32\bios4.rom - Ok C:\WINDOWS\system32\bitsprx2.dll - Ok C:\WINDOWS\system32\bitsprx3.dll - Ok C:\WINDOWS\system32\avtapi.dll - Ok C:\WINDOWS\system32\bitsprx4.dll - Ok C:\WINDOWS\system32\bootok.exe - Ok C:\WINDOWS\system32\bootvid.dll - Ok C:\WINDOWS\system32\bootvrfy.exe - Ok C:\WINDOWS\system32\bopomofo.uce - Ok C:\WINDOWS\system32\blackbox.dll - Ok >C:\WINDOWS\system32\browselc.dll is BINARYRES container >>C:\WINDOWS\system32\browselc.dll\data004 is JS-HTML container >>C:\WINDOWS\system32\browselc.dll\data008 is JS-HTML container C:\WINDOWS\system32\blastcln.exe - Ok C:\WINDOWS\system32\browser.dll - Ok C:\WINDOWS\system32\autolfn.exe - Ok >>C:\WINDOWS\system32\browselc.dll\data012 is JS-HTML container C:\WINDOWS\system32\browsewm.dll - Ok C:\WINDOWS\system32\bthci.dll - Ok >>C:\WINDOWS\system32\browselc.dll\data013 is ZLIB container C:\WINDOWS\system32\BuzzingBee.wav - Ok C:\WINDOWS\system32\browselc.dll - container C:\WINDOWS\system32\bthserv.dll - Ok C:\WINDOWS\system32\cabinet.dll - Ok C:\WINDOWS\system32\cabview.dll - Ok C:\WINDOWS\system32\browseui.dll - Ok C:\WINDOWS\system32\cacls.exe - Ok C:\WINDOWS\system32\bthprops.cpl - Ok C:\WINDOWS\system32\calc.exe - Ok C:\WINDOWS\system32\camocx.dll - Ok C:\WINDOWS\system32\catsrv.dll - Ok C:\WINDOWS\system32\btpanui.dll - Ok C:\WINDOWS\system32\catsrvps.dll - Ok C:\WINDOWS\system32\capesnpn.dll - Ok C:\WINDOWS\system32\cards.dll - Ok >C:\WINDOWS\system32\cdm.dll - packed by FLY-CODE >C:\WINDOWS\system32\cdmodem.dll - packed by FLY-CODE C:\WINDOWS\system32\catsrvut.dll - Ok C:\WINDOWS\system32\ccfgnt.dll - Ok C:\WINDOWS\system32\cdplayer.exe.manifest - Ok C:\WINDOWS\system32\cdmodem.dll - Ok >C:\WINDOWS\system32\cdfview.dll is BINARYRES container >>C:\WINDOWS\system32\cdfview.dll\data001 is JS-HTML container C:\WINDOWS\system32\certcli.dll - Ok C:\WINDOWS\system32\certmgr.msc - Ok >>C:\WINDOWS\system32\cdfview.dll\data002 is JS-HTML container C:\WINDOWS\system32\cdm.dll - Ok C:\WINDOWS\system32\cfgmgr32.dll - Ok C:\WINDOWS\system32\cdfview.dll - container C:\WINDOWS\system32\cfgbkend.dll - Ok C:\WINDOWS\system32\chcp.com - Ok C:\WINDOWS\system32\chkdsk.exe - Ok C:\WINDOWS\system32\chkntfs.exe - Ok C:\WINDOWS\system32\ciadv.msc - Ok C:\WINDOWS\system32\charmap.exe - Ok C:\WINDOWS\system32\cidaemon.exe - Ok C:\WINDOWS\system32\cewmdm.dll - Ok C:\WINDOWS\system32\ciadmin.dll - Ok C:\WINDOWS\system32\certmgr.dll - Ok C:\WINDOWS\system32\clb.dll - Ok C:\WINDOWS\system32\ciodm.dll - Ok C:\WINDOWS\system32\cic.dll - Ok C:\WINDOWS\system32\cisvc.exe - Ok >C:\WINDOWS\system32\cliconf.chm is CHM container C:\WINDOWS\system32\ckcnv.exe - Ok C:\WINDOWS\system32\clbcatex.dll - Ok C:\WINDOWS\system32\clbcatq.dll - Ok C:\WINDOWS\system32\cliconfg.rll - Ok C:\WINDOWS\system32\cliconfg.dll - Ok C:\WINDOWS\system32\cleanmgr.exe - Ok C:\WINDOWS\system32\clipsrv.exe - Ok C:\WINDOWS\system32\cliconfg.exe - Ok C:\WINDOWS\system32\clusapi.dll - Ok C:\WINDOWS\system32\clipbrd.exe - Ok >C:\WINDOWS\system32\cdosys.dll is BINARYRES container >>C:\WINDOWS\system32\cdosys.dll\data001 is JS-HTML container C:\WINDOWS\system32\cdosys.dll - container C:\WINDOWS\system32\cmcfg32.dll - Ok C:\WINDOWS\system32\cmmgr32.hlp - Ok C:\WINDOWS\system32\cmos.ram - Ok >>C:\WINDOWS\system32\cliconf.chm\Basics\mailto.js is JS-HTML container C:\WINDOWS\system32\cmd.exe - Ok C:\WINDOWS\system32\cmpbk32.dll - Ok C:\WINDOWS\system32\cmdl32.exe - Ok >>C:\WINDOWS\system32\cliconf.chm\Basics\shared.js is JS-HTML container C:\WINDOWS\system32\cmsetacl.dll - Ok C:\WINDOWS\system32\cmutil.dll - Ok C:\WINDOWS\system32\cmmon32.exe - Ok C:\WINDOWS\system32\cnbjmon.dll - Ok C:\WINDOWS\system32\cmstp.exe - Ok C:\WINDOWS\system32\cnetcfg.dll - Ok C:\WINDOWS\system32\cnvfat.dll - Ok C:\WINDOWS\system32\cmdial32.dll - Ok C:\WINDOWS\system32\cmprops.dll - Ok C:\WINDOWS\system32\comcat.dll - Ok >>C:\WINDOWS\system32\cliconf.chm\Basics\vs70.js is JS-HTML container C:\WINDOWS\system32\comm.drv - Ok >>C:\WINDOWS\system32\cliconf.chm\Basics\vs70link.js is JS-HTML container C:\WINDOWS\system32\command.com - Ok C:\WINDOWS\system32\colbact.dll - Ok C:\WINDOWS\system32\commdlg.dll - Ok C:\WINDOWS\system32\comaddin.dll - Ok C:\WINDOWS\system32\comctl32.dll - Ok C:\WINDOWS\system32\compact.exe - Ok C:\WINDOWS\system32\comp.exe - Ok C:\WINDOWS\system32\comdlg32.dll - Ok C:\WINDOWS\system32\compobj.dll - Ok C:\WINDOWS\system32\compmgmt.msc - Ok C:\WINDOWS\system32\cliconf.chm - container C:\WINDOWS\system32\comres.dll - Ok C:\WINDOWS\system32\comrepl.dll - Ok >C:\WINDOWS\system32\compatui.dll is BINARYRES container C:\WINDOWS\system32\CONFIG.NT - Ok >>C:\WINDOWS\system32\compatui.dll\data002 is JS-HTML container C:\WINDOWS\system32\compatui.dll - container C:\WINDOWS\system32\CONFIG.TMP - Ok C:\WINDOWS\system32\compstui.dll - Ok C:\WINDOWS\system32\comsnap.dll - Ok C:\WINDOWS\system32\control.exe - Ok C:\WINDOWS\system32\comsvcs.dll - Ok C:\WINDOWS\system32\console.dll - Ok C:\WINDOWS\system32\convert.exe - Ok C:\WINDOWS\system32\country.sys - Ok C:\WINDOWS\system32\comuid.dll - Ok C:\WINDOWS\system32\corpol.dll - Ok C:\WINDOWS\system32\conime.exe - Ok C:\WINDOWS\system32\credssp.dll - Ok C:\WINDOWS\system32\cryptdll.dll - Ok C:\WINDOWS\system32\credui.dll - Ok C:\WINDOWS\system32\confmsp.dll - Ok C:\WINDOWS\system32\crypt32.dll - Ok C:\WINDOWS\system32\cryptdlg.dll - Ok C:\WINDOWS\system32\cryptext.dll - Ok C:\WINDOWS\system32\crtdll.dll - Ok C:\WINDOWS\system32\cryptnet.dll - Ok C:\WINDOWS\system32\cryptsvc.dll - Ok C:\WINDOWS\system32\cscdll.dll - Ok C:\WINDOWS\system32\csrsrv.dll - Ok C:\WINDOWS\system32\csrss.exe - Ok C:\WINDOWS\system32\cscript.exe - Ok C:\WINDOWS\system32\cscui.dll - Ok C:\WINDOWS\system32\ctl3dv2.dll - Ok C:\WINDOWS\system32\ctype.nls - Ok C:\WINDOWS\system32\cryptui.dll - Ok C:\WINDOWS\system32\csseqchk.dll - Ok C:\WINDOWS\system32\c_037.nls - Ok C:\WINDOWS\system32\c_10006.nls - Ok C:\WINDOWS\system32\c_10000.nls - Ok C:\WINDOWS\system32\c_10007.nls - Ok C:\WINDOWS\system32\c_10017.nls - Ok C:\WINDOWS\system32\c_10010.nls - Ok C:\WINDOWS\system32\c_10029.nls - Ok C:\WINDOWS\system32\ctfmon.exe - Ok C:\WINDOWS\system32\c_10081.nls - Ok C:\WINDOWS\system32\c_10082.nls - Ok C:\WINDOWS\system32\c_1251.nls - Ok C:\WINDOWS\system32\c_1250.nls - Ok C:\WINDOWS\system32\c_10079.nls - Ok C:\WINDOWS\system32\c_1026.nls - Ok C:\WINDOWS\system32\c_1253.nls - Ok C:\WINDOWS\system32\c_1252.nls - Ok C:\WINDOWS\system32\c_1254.nls - Ok C:\WINDOWS\system32\c_1255.nls - Ok C:\WINDOWS\system32\c_1256.nls - Ok C:\WINDOWS\system32\c_1257.nls - Ok C:\WINDOWS\system32\c_1258.nls - Ok C:\WINDOWS\system32\c_20261.nls - Ok C:\WINDOWS\system32\c_20127.nls - Ok C:\WINDOWS\system32\c_20866.nls - Ok C:\WINDOWS\system32\c_20905.nls - Ok C:\WINDOWS\system32\c_21866.nls - Ok C:\WINDOWS\system32\c_28592.nls - Ok C:\WINDOWS\system32\c_28593.nls - Ok C:\WINDOWS\system32\c_28591.nls - Ok C:\WINDOWS\system32\C_28595.NLS - Ok C:\WINDOWS\system32\C_28594.NLS - Ok C:\WINDOWS\system32\c_28598.nls - Ok C:\WINDOWS\system32\C_28597.NLS - Ok C:\WINDOWS\system32\c_28603.nls - Ok C:\WINDOWS\system32\c_28599.nls - Ok C:\WINDOWS\system32\c_28605.nls - Ok C:\WINDOWS\system32\c_437.nls - Ok C:\WINDOWS\system32\c_737.nls - Ok C:\WINDOWS\system32\c_500.nls - Ok C:\WINDOWS\system32\c_775.nls - Ok C:\WINDOWS\system32\c_850.nls - Ok C:\WINDOWS\system32\c_852.nls - Ok C:\WINDOWS\system32\c_855.nls - Ok C:\WINDOWS\system32\c_861.nls - Ok C:\WINDOWS\system32\c_860.nls - Ok C:\WINDOWS\system32\c_857.nls - Ok C:\WINDOWS\system32\c_863.nls - Ok C:\WINDOWS\system32\CSVer.dll - Ok C:\WINDOWS\system32\c_865.nls - Ok C:\WINDOWS\system32\c_866.nls - Ok C:\WINDOWS\system32\c_869.nls - Ok C:\WINDOWS\system32\c_874.nls - Ok C:\WINDOWS\system32\c_875.nls - Ok C:\WINDOWS\system32\ctl3d32.dll - Ok C:\WINDOWS\system32\d3d8thk.dll - Ok C:\WINDOWS\system32\c_949.nls - Ok C:\WINDOWS\system32\d3d9caps.dat - Ok C:\WINDOWS\system32\c_932.nls - Ok C:\WINDOWS\system32\c_936.nls - Ok C:\WINDOWS\system32\c_950.nls - Ok C:\WINDOWS\system32\d3dpmesh.dll - Ok C:\WINDOWS\system32\d3dim.dll - Ok C:\WINDOWS\system32\d3d9.dll - Ok C:\WINDOWS\system32\d3dim700.dll - Ok C:\WINDOWS\system32\d3dramp.dll - Ok >C:\WINDOWS\system32\d3dx10_39.dll - packed by PESTUB C:\WINDOWS\system32\d3drm.dll - Ok C:\WINDOWS\system32\d3dxof.dll - Ok C:\WINDOWS\system32\d3dx10_39.dll - Ok C:\WINDOWS\system32\dataclen.dll - Ok C:\WINDOWS\system32\davclnt.dll - Ok C:\WINDOWS\system32\d3d8.dll - Ok >C:\WINDOWS\system32\D3DCompiler_39.dll - packed by PESTUB C:\WINDOWS\system32\datime.dll - Ok C:\WINDOWS\system32\daxctle.ocx - Ok C:\WINDOWS\system32\dbmsrpcn.dll - Ok C:\WINDOWS\system32\dbghelp.dll - Ok C:\WINDOWS\system32\dbnetlib.dll - Ok C:\WINDOWS\system32\dcache.bin - Ok >C:\WINDOWS\system32\dbnmpntw.dll - packed by FLY-CODE C:\WINDOWS\system32\dciman32.dll - Ok C:\WINDOWS\system32\dbnmpntw.dll - Ok C:\WINDOWS\system32\D3DCompiler_39.dll - Ok C:\WINDOWS\system32\ddeml.dll - Ok C:\WINDOWS\system32\dcomcnfg.exe - Ok C:\WINDOWS\system32\ddrawex.dll - Ok >C:\WINDOWS\system32\debug.exe - packed by EXEPACK C:\WINDOWS\system32\debug.exe - Ok C:\WINDOWS\system32\ddraw.dll - Ok C:\WINDOWS\system32\danim.dll - Ok C:\WINDOWS\system32\deskadp.dll - Ok C:\WINDOWS\system32\desk.cpl - Ok >C:\WINDOWS\system32\deskmon.dll - packed by FLY-CODE C:\WINDOWS\system32\defrag.exe - Ok C:\WINDOWS\system32\desktop.ini - Ok C:\WINDOWS\system32\ddeshare.exe - Ok >C:\WINDOWS\system32\deskperf.dll - packed by FLY-CODE C:\WINDOWS\system32\devmgmt.msc - Ok C:\WINDOWS\system32\dbgeng.dll - Ok C:\WINDOWS\system32\devenum.dll - Ok C:\WINDOWS\system32\dfrg.msc - Ok C:\WINDOWS\system32\deskmon.dll - Ok C:\WINDOWS\system32\deskperf.dll - Ok C:\WINDOWS\system32\dfrgfat.exe - Ok C:\WINDOWS\system32\dfrgntfs.exe - Ok >C:\WINDOWS\system32\dfrgres.dll is BINARYRES container C:\WINDOWS\system32\dfrgsnap.dll - Ok C:\WINDOWS\system32\dfrgres.dll - container C:\WINDOWS\system32\devmgr.dll - Ok C:\WINDOWS\system32\dfsshlex.dll - Ok C:\WINDOWS\system32\dfrgui.dll - Ok C:\WINDOWS\system32\dgnet.dll - Ok C:\WINDOWS\system32\dhcpcsvc.dll - Ok C:\WINDOWS\system32\dhcpqec.dll - Ok C:\WINDOWS\system32\dfshim.dll - Ok C:\WINDOWS\system32\dgsetup.dll - Ok C:\WINDOWS\system32\dhcpsapi.dll - Ok C:\WINDOWS\system32\dgrpsetu.dll - Ok C:\WINDOWS\system32\digest.dll - Ok C:\WINDOWS\system32\diantz.exe - Ok C:\WINDOWS\system32\dhcpmon.dll - Ok C:\WINDOWS\system32\dimap.dll - Ok C:\WINDOWS\system32\dimsntfy.dll - Ok C:\WINDOWS\system32\dimsroam.dll - Ok C:\WINDOWS\system32\diactfrm.dll - Ok C:\WINDOWS\system32\diskcomp.com - Ok C:\WINDOWS\system32\difxapi.dll - Ok C:\WINDOWS\system32\diskcopy.com - Ok C:\WINDOWS\system32\dinput8.dll - Ok C:\WINDOWS\system32\dinput.dll - Ok C:\WINDOWS\system32\diskmgmt.msc - Ok C:\WINDOWS\system32\diskperf.exe - Ok C:\WINDOWS\system32\dispex.dll - Ok C:\WINDOWS\system32\diskcopy.dll - Ok C:\WINDOWS\system32\dllhst3g.exe - Ok C:\WINDOWS\system32\D3DX9_39.dll - Ok C:\WINDOWS\system32\dmband.dll - Ok C:\WINDOWS\system32\dmadmin.exe - Ok C:\WINDOWS\system32\dllhost.exe - Ok C:\WINDOWS\system32\dmcompos.dll - Ok C:\WINDOWS\system32\diskpart.exe - Ok C:\WINDOWS\system32\dmintf.dll - Ok C:\WINDOWS\system32\dmloader.dll - Ok C:\WINDOWS\system32\dmdskres.dll - Ok C:\WINDOWS\system32\dmocx.dll - Ok C:\WINDOWS\system32\dmdskmgr.dll - Ok C:\WINDOWS\system32\dmdlgs.dll - Ok C:\WINDOWS\system32\dmime.dll - Ok C:\WINDOWS\system32\dmconfig.dll - Ok C:\WINDOWS\system32\dmserver.dll - Ok C:\WINDOWS\system32\dmscript.dll - Ok C:\WINDOWS\system32\dmremote.exe - Ok C:\WINDOWS\system32\dmstyle.dll - Ok >C:\WINDOWS\system32\dmutil.dll - packed by FLY-CODE C:\WINDOWS\system32\dmview.ocx - Ok C:\WINDOWS\system32\dnsapi.dll - Ok C:\WINDOWS\system32\dnsrslvr.dll - Ok C:\WINDOWS\system32\docprop.dll - Ok C:\WINDOWS\system32\dmsynth.dll - Ok C:\WINDOWS\system32\dmusic.dll - Ok C:\WINDOWS\system32\docprop2.dll - Ok C:\WINDOWS\system32\doskey.exe - Ok C:\WINDOWS\system32\dot3cfg.dll - Ok C:\WINDOWS\system32\dosx.exe - Ok C:\WINDOWS\system32\dot3api.dll - Ok C:\WINDOWS\system32\dot3dlg.dll - Ok C:\WINDOWS\system32\dmutil.dll - Ok C:\WINDOWS\system32\dot3gpclnt.dll - Ok C:\WINDOWS\system32\dpcdll.dll - Ok C:\WINDOWS\system32\dot3msm.dll - Ok C:\WINDOWS\system32\dplay.dll - Ok C:\WINDOWS\system32\dot3svc.dll - Ok C:\WINDOWS\system32\dpnaddr.dll - Ok C:\WINDOWS\system32\dpmodemx.dll - Ok C:\WINDOWS\system32\dpnhpast.dll - Ok C:\WINDOWS\system32\dpnhupnp.dll - Ok C:\WINDOWS\system32\dpnlobby.dll - Ok C:\WINDOWS\system32\dplaysvr.exe - Ok C:\WINDOWS\system32\dplayx.dll - Ok C:\WINDOWS\system32\dot3ui.dll - Ok C:\WINDOWS\system32\dpnmodem.dll - Ok C:\WINDOWS\system32\dpvacm.dll - Ok C:\WINDOWS\system32\dpserial.dll - Ok C:\WINDOWS\system32\dpnet.dll - Ok C:\WINDOWS\system32\dpnwsock.dll - Ok C:\WINDOWS\system32\dpwsock.dll - Ok C:\WINDOWS\system32\dpnsvr.exe - Ok C:\WINDOWS\system32\dpvsetup.exe - Ok C:\WINDOWS\system32\dpwsockx.dll - Ok C:\WINDOWS\system32\dpvvox.dll - Ok C:\WINDOWS\system32\drmstor.dll - Ok C:\WINDOWS\system32\drmclien.dll - Ok C:\WINDOWS\system32\drprov.dll - Ok C:\WINDOWS\system32\dpvoice.dll - Ok C:\WINDOWS\system32\ds32gt.dll - Ok C:\WINDOWS\system32\drwatson.exe - Ok C:\WINDOWS\system32\ds16gt.dLL - Ok C:\WINDOWS\system32\dsauth.dll - Ok C:\WINDOWS\system32\dskquota.dll - Ok C:\WINDOWS\system32\dsdmoprp.dll - Ok C:\WINDOWS\system32\dsound.vxd - Ok C:\WINDOWS\system32\drwtsn32.exe - Ok C:\WINDOWS\system32\dskquoui.dll - Ok C:\WINDOWS\system32\drmv2clt.dll - Ok C:\WINDOWS\system32\dsdmo.dll - Ok C:\WINDOWS\system32\dsprpres.dll - Ok C:\WINDOWS\system32\dssec.dll - Ok C:\WINDOWS\system32\dsquery.dll - Ok C:\WINDOWS\system32\dsound.dll - Ok C:\WINDOWS\system32\dssenh.dll - Ok C:\WINDOWS\system32\dsprop.dll - Ok C:\WINDOWS\system32\dsuiext.dll - Ok C:\WINDOWS\system32\dswave.dll - Ok C:\WINDOWS\system32\duser.dll - Ok C:\WINDOWS\system32\dvdplay.exe - Ok C:\WINDOWS\system32\dssec.dat - Ok C:\WINDOWS\system32\dumprep.exe - Ok C:\WINDOWS\system32\dvdupgrd.exe - Ok C:\WINDOWS\system32\dwwin.exe - Ok C:\WINDOWS\system32\dx7vb.dll - Ok C:\WINDOWS\system32\dxdiagn.dll - Ok C:\WINDOWS\system32\dsound3d.dll - Ok C:\WINDOWS\system32\dxmasf.dll - Ok C:\WINDOWS\system32\eapolqec.dll - Ok >C:\WINDOWS\system32\dxva2.dll - packed by FLY-CODE C:\WINDOWS\system32\dx8vb.dll - Ok C:\WINDOWS\system32\eappcfg.dll - Ok C:\WINDOWS\system32\eapp3hst.dll - Ok C:\WINDOWS\system32\dxtrans.dll - Ok C:\WINDOWS\system32\dxtmsft.dll - Ok C:\WINDOWS\system32\dxva2.dll - Ok C:\WINDOWS\system32\eappprxy.dll - Ok C:\WINDOWS\system32\eappgnui.dll - Ok >C:\WINDOWS\system32\edit.com - packed by EXEPACK C:\WINDOWS\system32\eapsvc.dll - Ok C:\WINDOWS\system32\edit.hlp - Ok C:\WINDOWS\system32\eapqec.dll - Ok C:\WINDOWS\system32\ega.cpi - Ok >C:\WINDOWS\system32\edlin.exe - packed by EXEPACK C:\WINDOWS\system32\emptyregdb.dat - Ok C:\WINDOWS\system32\edlin.exe - Ok C:\WINDOWS\system32\dxdiag.exe - Ok C:\WINDOWS\system32\eapphost.dll - Ok C:\WINDOWS\system32\edit.com - Ok C:\WINDOWS\system32\encapi.dll - Ok C:\WINDOWS\system32\ersvc.dll - Ok C:\WINDOWS\system32\els.dll - Ok >C:\WINDOWS\system32\esentprf.dll - packed by FLY-CODE C:\WINDOWS\system32\es.dll - Ok C:\WINDOWS\system32\esentprf.hxx - Ok C:\WINDOWS\system32\encdec.dll - Ok C:\WINDOWS\system32\esentprf.dll - Ok C:\WINDOWS\system32\EqnClass.Dll - Ok C:\WINDOWS\system32\esent.dll - Ok C:\WINDOWS\system32\esentprf.ini - Ok C:\WINDOWS\system32\esentutl.exe - Ok C:\WINDOWS\system32\eula.txt - Ok C:\WINDOWS\system32\eventcls.dll - Ok C:\WINDOWS\system32\eventlog.dll - Ok C:\WINDOWS\system32\eventvwr.msc - Ok >C:\WINDOWS\system32\exe2bin.exe - packed by EXEPACK C:\WINDOWS\system32\exe2bin.exe - Ok >C:\WINDOWS\system32\expand.exe - packed by BINARYRES >>C:\WINDOWS\system32\expand.exe - packed by MS COMPRESS C:\WINDOWS\system32\expand.exe - Ok C:\WINDOWS\system32\eudcedit.exe - Ok C:\WINDOWS\system32\extmgr.dll - Ok C:\WINDOWS\system32\eventvwr.exe - Ok >C:\WINDOWS\system32\fastopen.exe - packed by EXEPACK >>C:\WINDOWS\system32\fastopen.exe - packed by COM2EXE C:\WINDOWS\system32\fastopen.exe - Ok C:\WINDOWS\system32\evr.dll - Ok C:\WINDOWS\system32\extrac32.exe - Ok C:\WINDOWS\system32\exts.dll - Ok C:\WINDOWS\system32\faultrep.dll - Ok C:\WINDOWS\system32\fc.exe - Ok C:\WINDOWS\system32\feclient.dll - Ok C:\WINDOWS\system32\expsrv.dll - Ok C:\WINDOWS\system32\find.exe - Ok C:\WINDOWS\system32\finger.exe - Ok C:\WINDOWS\system32\esent97.dll - Ok C:\WINDOWS\system32\findstr.exe - Ok C:\WINDOWS\system32\firewall.cpl - Ok C:\WINDOWS\system32\fixmapi.exe - Ok C:\WINDOWS\system32\faxpatch.exe - Ok C:\WINDOWS\system32\fltlib.dll - Ok C:\WINDOWS\system32\FlashPlayerCPLApp.cpl - Ok C:\WINDOWS\system32\FNTCACHE.DAT - Ok C:\WINDOWS\system32\filemgmt.dll - Ok C:\WINDOWS\system32\fltmc.exe - Ok C:\WINDOWS\system32\fmifs.dll - Ok C:\WINDOWS\system32\fldrclnr.dll - Ok C:\WINDOWS\system32\fontsub.dll - Ok C:\WINDOWS\system32\FlashPlayerApp.exe - Ok C:\WINDOWS\system32\framebuf.dll - Ok >C:\WINDOWS\system32\fontext.dll is BINARYRES container >>C:\WINDOWS\system32\fontext.dll\data001 - packed by MS COMPRESS C:\WINDOWS\system32\fsmgmt.msc - Ok C:\WINDOWS\system32\forcedos.exe - Ok C:\WINDOWS\system32\format.com - Ok >>C:\WINDOWS\system32\fontext.dll\data002 - packed by MS COMPRESS C:\WINDOWS\system32\fontext.dll - container C:\WINDOWS\system32\fontview.exe - Ok C:\WINDOWS\system32\fsusd.dll - Ok C:\WINDOWS\system32\fsutil.exe - Ok C:\WINDOWS\system32\ftp.exe - Ok C:\WINDOWS\system32\fwcfg.dll - Ok C:\WINDOWS\system32\gb2312.uce - Ok C:\WINDOWS\system32\g711codc.ax - Ok C:\WINDOWS\system32\gdi.exe - Ok C:\WINDOWS\system32\geo.nls - Ok C:\WINDOWS\system32\gcdef.dll - Ok C:\WINDOWS\system32\ftsrch.dll - Ok C:\WINDOWS\system32\gdi32.dll - Ok C:\WINDOWS\system32\freecell.exe - Ok C:\WINDOWS\system32\gpkrsrc.dll - Ok C:\WINDOWS\system32\fsquirt.exe - Ok C:\WINDOWS\system32\graphics.com - Ok C:\WINDOWS\system32\graftabl.com - Ok C:\WINDOWS\system32\graphics.pro - Ok C:\WINDOWS\system32\GVTunner.ref - Ok C:\WINDOWS\system32\gpkcsp.dll - Ok C:\WINDOWS\system32\glu32.dll - Ok C:\WINDOWS\system32\h323log.txt - Ok C:\WINDOWS\system32\HAL.DLL - Ok C:\WINDOWS\system32\hccoin.dll - Ok C:\WINDOWS\system32\grpconv.exe - Ok C:\WINDOWS\system32\h323.tsp - Ok C:\WINDOWS\system32\glmf32.dll - Ok C:\WINDOWS\system32\HdAudRes.dll - Ok >C:\WINDOWS\system32\HdAProp.dll - packed by FLY-CODE C:\WINDOWS\system32\getuname.dll - Ok C:\WINDOWS\system32\help.exe - Ok C:\WINDOWS\system32\hdwwiz.cpl - Ok C:\WINDOWS\system32\HdAShCut.exe - Ok C:\WINDOWS\system32\hid.dll - Ok C:\WINDOWS\system32\himem.sys - Ok C:\WINDOWS\system32\hidphone.tsp - Ok C:\WINDOWS\system32\HdAProp.dll - Ok C:\WINDOWS\system32\hhsetup.dll - Ok C:\WINDOWS\system32\hhctrl.ocx - Ok C:\WINDOWS\system32\hnetmon.dll - Ok C:\WINDOWS\system32\hlink.dll - Ok C:\WINDOWS\system32\homepage.inf - Ok C:\WINDOWS\system32\hostname.exe - Ok C:\WINDOWS\system32\hnetcfg.dll - Ok C:\WINDOWS\system32\hsfcisp2.dll - Ok C:\WINDOWS\system32\hticons.dll - Ok C:\WINDOWS\system32\hnetwiz.dll - Ok C:\WINDOWS\system32\httpapi.dll - Ok C:\WINDOWS\system32\hotplug.dll - Ok C:\WINDOWS\system32\htui.dll - Ok C:\WINDOWS\system32\iac25_32.ax - Ok C:\WINDOWS\system32\h323msp.dll - Ok C:\WINDOWS\system32\iacenc.dll - Ok >C:\WINDOWS\system32\html.iec - packed by PESTUB C:\WINDOWS\system32\iashlpr.dll - Ok C:\WINDOWS\system32\iasads.dll - Ok C:\WINDOWS\system32\iasacct.dll - Ok >C:\WINDOWS\system32\iaspolcy.dll - packed by FLY-CODE C:\WINDOWS\system32\iasnap.dll - Ok C:\WINDOWS\system32\iaspolcy.dll - Ok C:\WINDOWS\system32\iasrad.dll - Ok C:\WINDOWS\system32\html.iec - Ok C:\WINDOWS\system32\iassam.dll - Ok C:\WINDOWS\system32\iassvcs.dll - Ok C:\WINDOWS\system32\icaapi.dll - Ok C:\WINDOWS\system32\iasrecst.dll - Ok C:\WINDOWS\system32\icardres.dll - Ok C:\WINDOWS\system32\hypertrm.dll - Ok C:\WINDOWS\system32\icfgnt5.dll - Ok C:\WINDOWS\system32\iccvid.dll - Ok C:\WINDOWS\system32\icardie.dll - Ok C:\WINDOWS\system32\icmp.dll - Ok >C:\WINDOWS\system32\icardres.dll.mui is BINARYRES container C:\WINDOWS\system32\icmui.dll - Ok C:\WINDOWS\system32\icrav03.rat - Ok C:\WINDOWS\system32\iassdo.dll - Ok C:\WINDOWS\system32\icwdial.dll - Ok C:\WINDOWS\system32\ideograf.uce - Ok C:\WINDOWS\system32\icardres.dll.mui - container C:\WINDOWS\system32\icm32.dll - Ok C:\WINDOWS\system32\icwphbk.dll - Ok C:\WINDOWS\system32\idndl.dll - Ok C:\WINDOWS\system32\ie4uinit.exe.mui - Ok C:\WINDOWS\system32\IE8Eula.rtf - Ok C:\WINDOWS\system32\ie4uinit.exe - Ok C:\WINDOWS\system32\ieakeng.dll - Ok C:\WINDOWS\system32\idq.dll - Ok C:\WINDOWS\system32\ieakui.dll - Ok C:\WINDOWS\system32\iedkcs32.dll - Ok C:\WINDOWS\system32\ieaksie.dll - Ok C:\WINDOWS\system32\icardagt.exe - Ok C:\WINDOWS\system32\iedkcs32.dll.mui - Ok C:\WINDOWS\system32\ieencode.dll - Ok C:\WINDOWS\system32\iepeers.dll - Ok C:\WINDOWS\system32\ieapfltr.dll - Ok C:\WINDOWS\system32\iesetup.dll - Ok C:\WINDOWS\system32\ieframe.dll - Ok C:\WINDOWS\system32\iertutil.dll - Ok C:\WINDOWS\system32\ieudinit.exe - Ok C:\WINDOWS\system32\ieui.dll - Ok C:\WINDOWS\system32\iernonce.dll - Ok C:\WINDOWS\system32\ieframe.dll.mui - Ok C:\WINDOWS\system32\ifmon.dll - Ok C:\WINDOWS\system32\igmpagnt.dll - Ok C:\WINDOWS\system32\iexpress.exe - Ok C:\WINDOWS\system32\ifsutil.dll - Ok C:\WINDOWS\system32\imaadp32.acm - Ok C:\WINDOWS\system32\ieuinit.inf - Ok C:\WINDOWS\system32\imeshare.dll - Ok C:\WINDOWS\system32\imgutil.dll - Ok C:\WINDOWS\system32\ils.dll - Ok C:\WINDOWS\system32\imapi.exe - Ok C:\WINDOWS\system32\imagehlp.dll - Ok C:\WINDOWS\system32\imm32.dll - Ok C:\WINDOWS\system32\inetmib1.dll - Ok C:\WINDOWS\system32\inetcplc.dll - Ok C:\WINDOWS\system32\inetcomm.dll - Ok C:\WINDOWS\system32\inetpp.dll - Ok C:\WINDOWS\system32\inetcfg.dll - Ok C:\WINDOWS\system32\inetppui.dll - Ok >C:\WINDOWS\system32\inetres.dll is BINARYRES container >>C:\WINDOWS\system32\inetres.dll\data001 is JS-HTML container C:\WINDOWS\system32\inetres.dll - container C:\WINDOWS\system32\infocardapi.dll - Ok C:\WINDOWS\system32\infocardcpl.cpl - Ok C:\WINDOWS\system32\inseng.dll - Ok C:\WINDOWS\system32\initpki.dll - Ok C:\WINDOWS\system32\input.dll - Ok C:\WINDOWS\system32\iologmsg.dll - Ok C:\WINDOWS\system32\ipconf.tsp - Ok C:\WINDOWS\system32\infosoft.dll - Ok C:\WINDOWS\system32\iphlpapi.dll - Ok C:\WINDOWS\system32\ipconfig.exe - Ok C:\WINDOWS\system32\intl.cpl - Ok C:\WINDOWS\system32\ipmontr.dll - Ok C:\WINDOWS\system32\iprop.dll - Ok C:\WINDOWS\system32\iprtprio.dll - Ok C:\WINDOWS\system32\ippromon.dll - Ok C:\WINDOWS\system32\inetcpl.cpl - Ok C:\WINDOWS\system32\instcat.sql - Ok C:\WINDOWS\system32\ipnathlp.dll - Ok C:\WINDOWS\system32\ipsec6.exe - Ok C:\WINDOWS\system32\ipsecsvc.dll - Ok C:\WINDOWS\system32\ipv6mon.dll - Ok C:\WINDOWS\system32\iprtrmgr.dll - Ok C:\WINDOWS\system32\ieapfltr.dat - Ok C:\WINDOWS\system32\ipv6.exe - Ok C:\WINDOWS\system32\ipxmontr.dll - Ok C:\WINDOWS\system32\ipxpromn.dll - Ok C:\WINDOWS\system32\ipxrip.dll - Ok C:\WINDOWS\system32\ipxwan.dll - Ok C:\WINDOWS\system32\ipsecsnp.dll - Ok C:\WINDOWS\system32\ipxroute.exe - Ok C:\WINDOWS\system32\ipxrtmgr.dll - Ok C:\WINDOWS\system32\ipxsap.dll - Ok C:\WINDOWS\system32\ipsmsnap.dll - Ok C:\WINDOWS\system32\ir32_32.dll - Ok >C:\WINDOWS\system32\ir41_qc.dll - packed by FLY-CODE C:\WINDOWS\system32\ir50_qc.dll - Ok >C:\WINDOWS\system32\ir50_qcx.dll - packed by FLY-CODE C:\WINDOWS\system32\ir41_32.ax - Ok C:\WINDOWS\system32\ir50_32.dll - Ok C:\WINDOWS\system32\ir41_qcx.dll - Ok C:\WINDOWS\system32\irclass.dll - Ok C:\WINDOWS\system32\isrdbg32.dll - Ok C:\WINDOWS\system32\isign32.dll - Ok C:\WINDOWS\system32\ir41_qc.dll - Ok C:\WINDOWS\system32\itircl.dll - Ok C:\WINDOWS\system32\itss.dll - Ok C:\WINDOWS\system32\ir50_qcx.dll - Ok C:\WINDOWS\system32\iyuv_32.dll - Ok C:\WINDOWS\system32\irprops.cpl - Ok C:\WINDOWS\system32\ixsso.dll - Ok C:\WINDOWS\system32\iuengine.dll - Ok C:\WINDOWS\system32\jgpl400.dll - Ok C:\WINDOWS\system32\jgmd400.dll - Ok C:\WINDOWS\system32\ivfsrc.ax - Ok C:\WINDOWS\system32\jgdw400.dll - Ok C:\WINDOWS\system32\jgsh400.dll - Ok C:\WINDOWS\system32\jgsd400.dll - Ok C:\WINDOWS\system32\joy.cpl - Ok C:\WINDOWS\system32\jsproxy.dll - Ok C:\WINDOWS\system32\kanji_1.uce - Ok C:\WINDOWS\system32\kanji_2.uce - Ok C:\WINDOWS\system32\jet500.dll - Ok C:\WINDOWS\system32\kb16.com - Ok C:\WINDOWS\system32\kbdaze.dll - Ok C:\WINDOWS\system32\KBDAL.DLL - Ok C:\WINDOWS\system32\kbdbe.dll - Ok C:\WINDOWS\system32\kbdazel.dll - Ok C:\WINDOWS\system32\jobexec.dll - Ok C:\WINDOWS\system32\kbdbhc.dll - Ok C:\WINDOWS\system32\kbdbene.dll - Ok C:\WINDOWS\system32\kbdblr.dll - Ok C:\WINDOWS\system32\kbdbr.dll - Ok C:\WINDOWS\system32\kbdca.dll - Ok C:\WINDOWS\system32\kbdbu.dll - Ok C:\WINDOWS\system32\kbdcan.dll - Ok C:\WINDOWS\system32\kbdcr.dll - Ok C:\WINDOWS\system32\jscript.dll - Ok C:\WINDOWS\system32\kbdcz.dll - Ok C:\WINDOWS\system32\kbdcz1.dll - Ok C:\WINDOWS\system32\kbdcz2.dll - Ok C:\WINDOWS\system32\kbddv.dll - Ok C:\WINDOWS\system32\kbdda.dll - Ok C:\WINDOWS\system32\kbdest.dll - Ok C:\WINDOWS\system32\kbdes.dll - Ok C:\WINDOWS\system32\kbdfc.dll - Ok C:\WINDOWS\system32\kbdfi.dll - Ok C:\WINDOWS\system32\kbdfi1.dll - Ok C:\WINDOWS\system32\kbdfo.dll - Ok C:\WINDOWS\system32\kbdfr.dll - Ok C:\WINDOWS\system32\kbdgkl.dll - Ok C:\WINDOWS\system32\kbdgae.dll - Ok C:\WINDOWS\system32\kbdgr1.dll - Ok C:\WINDOWS\system32\kbdgr.dll - Ok C:\WINDOWS\system32\kbdhe220.dll - Ok C:\WINDOWS\system32\kbdhe.dll - Ok C:\WINDOWS\system32\kbdhe319.dll - Ok C:\WINDOWS\system32\kbdhept.dll - Ok C:\WINDOWS\system32\kbdhela2.dll - Ok C:\WINDOWS\system32\kbdic.dll - Ok C:\WINDOWS\system32\kbdhu1.dll - Ok C:\WINDOWS\system32\kbdhu.dll - Ok C:\WINDOWS\system32\jgaw400.dll - Ok C:\WINDOWS\system32\kbdhela3.dll - Ok C:\WINDOWS\system32\kbdit142.dll - Ok C:\WINDOWS\system32\kbdir.dll - Ok C:\WINDOWS\system32\kbdinbe1.dll - Ok C:\WINDOWS\system32\kbdit.dll - Ok C:\WINDOWS\system32\kbdinben.dll - Ok C:\WINDOWS\system32\kbdinmal.dll - Ok C:\WINDOWS\system32\kbdla.dll - Ok C:\WINDOWS\system32\kbdiultn.dll - Ok C:\WINDOWS\system32\kbdlt.dll - Ok C:\WINDOWS\system32\kbdkaz.dll - Ok C:\WINDOWS\system32\kbdkyr.dll - Ok C:\WINDOWS\system32\kbdlt1.dll - Ok C:\WINDOWS\system32\kbdlv.dll - Ok C:\WINDOWS\system32\kbdlv1.dll - Ok C:\WINDOWS\system32\kbdmac.dll - Ok C:\WINDOWS\system32\kbdmaori.dll - Ok C:\WINDOWS\system32\kbdmlt48.dll - Ok C:\WINDOWS\system32\kbdmlt47.dll - Ok C:\WINDOWS\system32\kbdne.dll - Ok C:\WINDOWS\system32\kbdmon.dll - Ok C:\WINDOWS\system32\kbdnec.dll - Ok C:\WINDOWS\system32\kbdnepr.dll - Ok C:\WINDOWS\system32\kbdpl.dll - Ok C:\WINDOWS\system32\kbdno.dll - Ok C:\WINDOWS\system32\kbdpash.dll - Ok C:\WINDOWS\system32\kbdpl1.dll - Ok C:\WINDOWS\system32\kbdno1.dll - Ok C:\WINDOWS\system32\kbdru.dll - Ok C:\WINDOWS\system32\kbdpo.dll - Ok C:\WINDOWS\system32\kbdru1.dll - Ok C:\WINDOWS\system32\kbdro.dll - Ok C:\WINDOWS\system32\kbdsg.dll - Ok C:\WINDOWS\system32\kbdsl1.dll - Ok C:\WINDOWS\system32\kbdsl.dll - Ok C:\WINDOWS\system32\kbdsf.dll - Ok C:\WINDOWS\system32\kbdsmsfi.dll - Ok C:\WINDOWS\system32\kbdsmsno.dll - Ok C:\WINDOWS\system32\kbdtuf.dll - Ok C:\WINDOWS\system32\kbdsp.dll - Ok C:\WINDOWS\system32\kbdsw.dll - Ok C:\WINDOWS\system32\kbdtat.dll - Ok C:\WINDOWS\system32\kbduk.dll - Ok C:\WINDOWS\system32\kbdtuq.dll - Ok C:\WINDOWS\system32\kbdus.dll - Ok C:\WINDOWS\system32\kbdusl.dll - Ok C:\WINDOWS\system32\kbdukx.dll - Ok C:\WINDOWS\system32\kbdusx.dll - Ok C:\WINDOWS\system32\kbdusr.dll - Ok C:\WINDOWS\system32\kbdur.dll - Ok C:\WINDOWS\system32\kbdycc.dll - Ok C:\WINDOWS\system32\kbduzb.dll - Ok C:\WINDOWS\system32\kbdycl.dll - Ok C:\WINDOWS\system32\key01.sys - Ok C:\WINDOWS\system32\keyboard.drv - Ok C:\WINDOWS\system32\kd1394.dll - Ok C:\WINDOWS\system32\kdcom.dll - Ok C:\WINDOWS\system32\keyboard.sys - Ok C:\WINDOWS\system32\kmddsp.tsp - Ok C:\WINDOWS\system32\kerberos.dll - Ok C:\WINDOWS\system32\korean.uce - Ok C:\WINDOWS\system32\kmsvc.dll - Ok C:\WINDOWS\system32\ksuser.dll - Ok C:\WINDOWS\system32\l2gpstore.dll - Ok C:\WINDOWS\system32\krnl386.exe - Ok C:\WINDOWS\system32\kernel32.dll - Ok C:\WINDOWS\system32\keymgr.dll - Ok C:\WINDOWS\system32\label.exe - Ok C:\WINDOWS\system32\laprxy.dll - Ok C:\WINDOWS\system32\l3codeca.acm - Ok C:\WINDOWS\system32\ksproxy.ax - Ok C:\WINDOWS\system32\l3codecx.ax - Ok C:\WINDOWS\system32\langwrbk.dll - Ok C:\WINDOWS\system32\licmgr10.dll - Ok C:\WINDOWS\system32\lanman.drv - Ok >C:\WINDOWS\system32\linkinfo.dll - packed by FLY-CODE C:\WINDOWS\system32\licwmi.dll - Ok C:\WINDOWS\system32\lmhsvc.dll - Ok C:\WINDOWS\system32\licdll.dll - Ok C:\WINDOWS\system32\loadfix.com - Ok C:\WINDOWS\system32\linkinfo.dll - Ok C:\WINDOWS\system32\loadperf.dll - Ok C:\WINDOWS\system32\lnkstub.exe - Ok C:\WINDOWS\system32\locale.nls - Ok C:\WINDOWS\system32\LegitCheckControl.DLL - Ok C:\WINDOWS\system32\lights.exe - Ok C:\WINDOWS\system32\lodctr.exe - Ok C:\WINDOWS\system32\localui.dll - Ok C:\WINDOWS\system32\locator.exe - Ok C:\WINDOWS\system32\localspl.dll - Ok C:\WINDOWS\system32\log.txt - read error C:\WINDOWS\system32\loghours.dll - Ok C:\WINDOWS\system32\logman.exe - Ok C:\WINDOWS\system32\logoff.exe - Ok C:\WINDOWS\system32\logonui.exe.manifest - Ok C:\WINDOWS\system32\logagent.exe - Ok C:\WINDOWS\system32\localsec.dll - Ok C:\WINDOWS\system32\LoopyMusic.wav - Ok C:\WINDOWS\system32\logon.scr - Ok C:\WINDOWS\system32\lpq.exe - Ok >C:\WINDOWS\system32\lpk.dll - packed by FLY-CODE C:\WINDOWS\system32\lpr.exe - Ok C:\WINDOWS\system32\lmrt.dll - Ok C:\WINDOWS\system32\lprmonui.dll - Ok C:\WINDOWS\system32\logonui.exe - Ok C:\WINDOWS\system32\lprhelp.dll - Ok C:\WINDOWS\system32\lz32.dll - Ok C:\WINDOWS\system32\l_except.nls - Ok C:\WINDOWS\system32\lsass.exe - Ok C:\WINDOWS\system32\lzexpand.dll - Ok C:\WINDOWS\system32\lusrmgr.msc - Ok C:\WINDOWS\system32\lpk.dll - Ok C:\WINDOWS\system32\l_intl.nls - Ok C:\WINDOWS\system32\mag_hook.dll - Ok C:\WINDOWS\system32\lsasrv.dll - Ok C:\WINDOWS\system32\mcastmib.dll - Ok C:\WINDOWS\system32\magnify.exe - Ok C:\WINDOWS\system32\makecab.exe - Ok C:\WINDOWS\system32\mcd32.dll - Ok C:\WINDOWS\system32\mchgrcoi.dll - Ok C:\WINDOWS\system32\mcdsrv32.dll - Ok C:\WINDOWS\system32\mciavi.drv - Ok C:\WINDOWS\system32\mapistub.dll - Ok C:\WINDOWS\system32\mapi32.dll - Ok C:\WINDOWS\system32\mciole16.dll - Ok C:\WINDOWS\system32\mcicda.dll - Ok C:\WINDOWS\system32\mciseq.drv - Ok C:\WINDOWS\system32\main.cpl - Ok C:\WINDOWS\system32\mciqtz32.dll - Ok >C:\WINDOWS\system32\mciseq.dll - packed by FLY-CODE C:\WINDOWS\system32\mciavi32.dll - Ok C:\WINDOWS\system32\mciwave.drv - Ok C:\WINDOWS\system32\mciwave.dll - Ok C:\WINDOWS\system32\mciseq.dll - Ok C:\WINDOWS\system32\mciole32.dll - Ok >C:\WINDOWS\system32\mem.exe - packed by EXEPACK C:\WINDOWS\system32\mdhcp.dll - Ok C:\WINDOWS\system32\mem.exe - Ok C:\WINDOWS\system32\mdminst.dll - Ok C:\WINDOWS\system32\mf3216.dll - Ok C:\WINDOWS\system32\mdmxsdk.dll - Ok C:\WINDOWS\system32\mdwmdmsp.dll - Ok C:\WINDOWS\system32\mfcsubs.dll - Ok C:\WINDOWS\system32\mfevtps.exe.378c.deleteme - Ok C:\WINDOWS\system32\mfevtps.exe.8a67.deleteme - Ok C:\WINDOWS\system32\mfc42.dll - Ok C:\WINDOWS\system32\mib.bin - Ok C:\WINDOWS\system32\mgmtapi.dll - Ok C:\WINDOWS\system32\midimap.dll - Ok C:\WINDOWS\system32\miglibnt.dll - Ok C:\WINDOWS\system32\microsoft.managementconsole.dll - Ok C:\WINDOWS\system32\mimefilt.dll - Ok C:\WINDOWS\system32\mfc40u.dll - Ok C:\WINDOWS\system32\mll_hp.dll - Ok C:\WINDOWS\system32\migpwd.exe - Ok C:\WINDOWS\system32\mfc40.dll - Ok C:\WINDOWS\system32\mll_mtf.dll - Ok C:\WINDOWS\system32\mlang.dat - Ok C:\WINDOWS\system32\mll_qic.dll - Ok C:\WINDOWS\system32\mlang.dll - Ok C:\WINDOWS\system32\mmcfxcommon.dll - Ok C:\WINDOWS\system32\mfc42u.dll - Ok C:\WINDOWS\system32\mmcbase.dll - Ok C:\WINDOWS\system32\mmcperf.exe - Ok C:\WINDOWS\system32\mmcex.dll - Ok C:\WINDOWS\system32\mmdriver.inf - Ok C:\WINDOWS\system32\mmdrv.dll - Ok C:\WINDOWS\system32\mmfutil.dll - Ok C:\WINDOWS\system32\mmtask.tsk - Ok C:\WINDOWS\system32\mmsystem.dll - Ok C:\WINDOWS\system32\mnmdd.dll - Ok C:\WINDOWS\system32\mmsys.cpl - Ok C:\WINDOWS\system32\mmutilse.dll - Ok C:\WINDOWS\system32\mnmsrvc.exe - Ok C:\WINDOWS\system32\mmcshext.dll - Ok C:\WINDOWS\system32\mobsync.dll - Ok C:\WINDOWS\system32\mode.com - Ok C:\WINDOWS\system32\modex.dll - Ok C:\WINDOWS\system32\more.com - Ok C:\WINDOWS\system32\moricons.dll - Ok C:\WINDOWS\system32\mountvol.exe - Ok C:\WINDOWS\system32\mouse.drv - Ok C:\WINDOWS\system32\mobsync.exe - Ok C:\WINDOWS\system32\modemui.dll - Ok C:\WINDOWS\system32\mp43dmod.dll - Ok C:\WINDOWS\system32\mp4sdmod.dll - Ok C:\WINDOWS\system32\mpeg2data.ax - Ok C:\WINDOWS\system32\mpg4dmod.dll - Ok >C:\WINDOWS\system32\mmc.exe is BINARYRES container >>C:\WINDOWS\system32\mmc.exe\data001 is JS-HTML container C:\WINDOWS\system32\mpg2splt.ax - Ok C:\WINDOWS\system32\mpnotify.exe - Ok >>C:\WINDOWS\system32\mmc.exe\data002 is JS-HTML container C:\WINDOWS\system32\mpg4ds32.ax - Ok C:\WINDOWS\system32\mpr.dll - Ok C:\WINDOWS\system32\mprapi.dll - Ok C:\WINDOWS\system32\mplay32.exe - Ok C:\WINDOWS\system32\mprdim.dll - Ok >>C:\WINDOWS\system32\mmc.exe\data003 is JS-HTML container C:\WINDOWS\system32\mprmsg.dll - Ok C:\WINDOWS\system32\mprddm.dll - Ok >>C:\WINDOWS\system32\mmc.exe\data004 is JS-HTML container C:\WINDOWS\system32\mrinfo.exe - Ok C:\WINDOWS\system32\mprui.dll - Ok >>C:\WINDOWS\system32\mmc.exe\data005 is JS-HTML container C:\WINDOWS\system32\msacm.dll - Ok >>C:\WINDOWS\system32\mmc.exe\data006 is JS-HTML container C:\WINDOWS\system32\mmc.exe - container C:\WINDOWS\system32\msaatext.dll - Ok C:\WINDOWS\system32\msacm32.dll - Ok >C:\WINDOWS\system32\msacm32.drv - packed by FLY-CODE C:\WINDOWS\system32\msadp32.acm - Ok C:\WINDOWS\system32\MpSigStub.exe - Ok C:\WINDOWS\system32\msafd.dll - Ok C:\WINDOWS\system32\msacm32.drv - Ok C:\WINDOWS\system32\msapsspc.dll - Ok C:\WINDOWS\system32\msasn1.dll - Ok C:\WINDOWS\system32\mscat32.dll - Ok C:\WINDOWS\system32\msaudite.dll - Ok C:\WINDOWS\system32\mscdexnt.exe - Ok C:\WINDOWS\system32\mscms.dll - Ok >C:\WINDOWS\system32\mmcndmgr.dll is BINARYRES container >>C:\WINDOWS\system32\mmcndmgr.dll\data001 is JS-HTML container C:\WINDOWS\system32\mmcndmgr.dll - container C:\WINDOWS\system32\msaud32.acm - Ok C:\WINDOWS\system32\mscoree.dll - Ok C:\WINDOWS\system32\mscorier.dll - Ok C:\WINDOWS\system32\msconf.dll - Ok C:\WINDOWS\system32\mscories.dll - Ok C:\WINDOWS\system32\mscpx32r.dll - Ok C:\WINDOWS\system32\msadds32.ax - Ok C:\WINDOWS\system32\mscpxl32.dll - Ok C:\WINDOWS\system32\msctfp.dll - Ok C:\WINDOWS\system32\msdatsrc.tlb - Ok C:\WINDOWS\system32\msctfime.ime - Ok C:\WINDOWS\system32\msdmo.dll - Ok C:\WINDOWS\system32\msctf.dll - Ok C:\WINDOWS\system32\msdadiag.dll - Ok C:\WINDOWS\system32\msdart.dll - Ok C:\WINDOWS\system32\msdtcprf.h - Ok C:\WINDOWS\system32\msdtc.exe - Ok C:\WINDOWS\system32\msdtcprf.ini - Ok C:\WINDOWS\system32\msdtclog.dll - Ok C:\WINDOWS\system32\msdbg2.dll - Ok C:\WINDOWS\system32\msdtcuiu.dll - Ok C:\WINDOWS\system32\msdxmlc.dll - Ok C:\WINDOWS\system32\msencode.dll - Ok C:\WINDOWS\system32\msdtcprx.dll - Ok C:\WINDOWS\system32\msdxm.ocx - Ok C:\WINDOWS\system32\msfeedsbs.dll - Ok C:\WINDOWS\system32\msdtctm.dll - Ok C:\WINDOWS\system32\msexch40.dll - Ok C:\WINDOWS\system32\msg.exe - Ok C:\WINDOWS\system32\msg711.acm - Ok C:\WINDOWS\system32\msfeedssync.exe - Ok C:\WINDOWS\system32\msg723.acm - Ok C:\WINDOWS\system32\msgsm32.acm - Ok C:\WINDOWS\system32\msgsvc.dll - Ok C:\WINDOWS\system32\msftedit.dll - Ok C:\WINDOWS\system32\msexcl40.dll - Ok C:\WINDOWS\system32\msh263.drv - Ok C:\WINDOWS\system32\msh261.drv - Ok C:\WINDOWS\system32\mshearts.exe - Ok C:\WINDOWS\system32\mshta.exe.mui - Ok C:\WINDOWS\system32\msgina.dll - Ok C:\WINDOWS\system32\msfeeds.dll - Ok C:\WINDOWS\system32\mshtmled.dll - Ok C:\WINDOWS\system32\mshtmler.dll - Ok C:\WINDOWS\system32\mshta.exe - Ok C:\WINDOWS\system32\msident.dll - Ok C:\WINDOWS\system32\msidle.dll - Ok C:\WINDOWS\system32\msidntld.dll - Ok C:\WINDOWS\system32\msi.dll - Ok C:\WINDOWS\system32\msiexec.exe - Ok C:\WINDOWS\system32\msieftp.dll - Ok C:\WINDOWS\system32\msimg32.dll - Ok C:\WINDOWS\system32\msimtf.dll - Ok >C:\WINDOWS\system32\msisip.dll - packed by FLY-CODE C:\WINDOWS\system32\msihnd.dll - Ok C:\WINDOWS\system32\mshtml.dll - Ok C:\WINDOWS\system32\msisip.dll - Ok C:\WINDOWS\system32\mshtml.tlb - Ok C:\WINDOWS\system32\msjint40.dll - Ok C:\WINDOWS\system32\msjter40.dll - Ok C:\WINDOWS\system32\msimsg.dll - Ok C:\WINDOWS\system32\msls31.dll - Ok C:\WINDOWS\system32\msjtes40.dll - Ok C:\WINDOWS\system32\mslbui.dll - Ok C:\WINDOWS\system32\msnetobj.dll - Ok C:\WINDOWS\system32\msltus40.dll - Ok C:\WINDOWS\system32\msnsspc.dll - Ok C:\WINDOWS\system32\msobjs.dll - Ok C:\WINDOWS\system32\msjetoledb40.dll - Ok C:\WINDOWS\system32\msorc32r.dll - Ok C:\WINDOWS\system32\msoert2.dll - Ok C:\WINDOWS\system32\msorcl32.dll - Ok C:\WINDOWS\system32\mspatcha.dll - Ok C:\WINDOWS\system32\msoeacct.dll - Ok C:\WINDOWS\system32\msjet40.dll - Ok >C:\WINDOWS\system32\MRT.exe is BINARYRES container C:\WINDOWS\system32\mspaint.exe - Ok C:\WINDOWS\system32\msprivs.dll - Ok C:\WINDOWS\system32\msports.dll - Ok C:\WINDOWS\system32\msr2cenu.dll - Ok C:\WINDOWS\system32\mspbde40.dll - Ok C:\WINDOWS\system32\mspmsnsv.dll - Ok C:\WINDOWS\system32\msratelc.dll - Ok C:\WINDOWS\system32\msr2c.dll - Ok C:\WINDOWS\system32\mspmsp.dll - Ok C:\WINDOWS\system32\msrating.dll.mui - Ok C:\WINDOWS\system32\msrecr40.dll - Ok C:\WINDOWS\system32\msrclr40.dll - Ok C:\WINDOWS\system32\msrle32.dll - Ok C:\WINDOWS\system32\msrating.dll - Ok C:\WINDOWS\system32\msscds32.ax - Ok C:\WINDOWS\system32\mssap.dll - Ok C:\WINDOWS\system32\msrepl40.dll - Ok C:\WINDOWS\system32\msrd2x40.dll - Ok C:\WINDOWS\system32\msshavmsg.dll - Ok C:\WINDOWS\system32\msscript.ocx - Ok C:\WINDOWS\system32\msscp.dll - Ok C:\WINDOWS\system32\mssip32.dll - Ok C:\WINDOWS\system32\msrd3x40.dll - Ok C:\WINDOWS\system32\msswch.dll - Ok C:\WINDOWS\system32\mssign32.dll - Ok C:\WINDOWS\system32\mssha.dll - Ok C:\WINDOWS\system32\msswchx.exe - Ok C:\WINDOWS\system32\mstask.dll - Ok C:\WINDOWS\system32\mstlsapi.dll - Ok C:\WINDOWS\system32\mstinit.exe - Ok C:\WINDOWS\system32\mstext40.dll - Ok C:\WINDOWS\system32\mstime.dll - Ok C:\WINDOWS\system32\msv1_0.dll - Ok C:\WINDOWS\system32\msutb.dll - Ok C:\WINDOWS\system32\msvcirt.dll - Ok C:\WINDOWS\system32\mstsc.exe - Ok C:\WINDOWS\system32\msvbvm60.dll - Ok C:\WINDOWS\system32\msvcp60.dll - Ok C:\WINDOWS\system32\msvcrt.dll - Ok C:\WINDOWS\system32\msvcrt40.dll - Ok C:\WINDOWS\system32\msvcrt20.dll - Ok C:\WINDOWS\system32\msvfw32.dll - Ok C:\WINDOWS\system32\msvcp50.dll - Ok C:\WINDOWS\system32\msvidc32.dll - Ok C:\WINDOWS\system32\msvideo.dll - Ok C:\WINDOWS\system32\msw3prt.dll - Ok C:\WINDOWS\system32\msvbvm50.dll - Ok >>C:\WINDOWS\system32\MRT.exe\data001 is BINARYRES container C:\WINDOWS\system32\mswebdvd.dll - Ok C:\WINDOWS\system32\msvidctl.dll - Ok C:\WINDOWS\system32\mstscax.dll - Ok C:\WINDOWS\system32\mswsock.dll - Ok C:\WINDOWS\system32\mswmdm.dll - Ok C:\WINDOWS\system32\mswdat10.dll - Ok C:\WINDOWS\system32\msxbde40.dll - Ok C:\WINDOWS\system32\msxml2r.dll - Ok C:\WINDOWS\system32\msxml3r.dll - Ok C:\WINDOWS\system32\mswstr10.dll - Ok C:\WINDOWS\system32\msxml6r.dll - Ok C:\WINDOWS\system32\msxmlr.dll - Ok C:\WINDOWS\system32\msyuv.dll - Ok C:\WINDOWS\system32\mtxclu.dll - Ok >C:\WINDOWS\system32\msxml.dll is BINARYRES container >>C:\WINDOWS\system32\msxml.dll\data001 is JS-HTML container >>C:\WINDOWS\system32\msxml.dll\data002 is JS-HTML container >>C:\WINDOWS\system32\msxml.dll\data003 is JS-HTML container C:\WINDOWS\system32\msxml.dll - container C:\WINDOWS\system32\mtxex.dll - Ok C:\WINDOWS\system32\msxml3.dll - Ok C:\WINDOWS\system32\mtxlegih.dll - Ok C:\WINDOWS\system32\mtxoci.dll - Ok C:\WINDOWS\system32\mtxdm.dll - Ok >C:\WINDOWS\system32\msxml2.dll is BINARYRES container >>C:\WINDOWS\system32\msxml2.dll\data001 is JS-HTML container C:\WINDOWS\system32\mucltui.dll.mui - Ok >>C:\WINDOWS\system32\msxml2.dll\data002 is JS-HTML container >>C:\WINDOWS\system32\msxml2.dll\data003 is JS-HTML container C:\WINDOWS\system32\msxml2.dll - container >C:\WINDOWS\system32\muweb.dll is CAB archive C:\WINDOWS\system32\muweb.dll - Ok C:\WINDOWS\system32\muweb.dll - archive C:\WINDOWS\system32\mycomput.dll - Ok C:\WINDOWS\system32\mucltui.dll - Ok C:\WINDOWS\system32\napipsec.dll - Ok C:\WINDOWS\system32\mydocs.dll - Ok C:\WINDOWS\system32\napmontr.dll - Ok C:\WINDOWS\system32\narrator.exe - Ok C:\WINDOWS\system32\nbtstat.exe - Ok C:\WINDOWS\system32\narrhook.dll - Ok C:\WINDOWS\system32\ncpa.cpl - Ok C:\WINDOWS\system32\ncpa.cpl.manifest - Ok C:\WINDOWS\system32\ncobjapi.dll - Ok C:\WINDOWS\system32\napstat.exe - Ok C:\WINDOWS\system32\ncxpnt.dll - Ok >C:\WINDOWS\system32\nddeapi.dll - packed by FLY-CODE C:\WINDOWS\system32\nddeapir.exe - Ok C:\WINDOWS\system32\msxml6.dll - Ok C:\WINDOWS\system32\nddenb32.dll - Ok C:\WINDOWS\system32\nddeapi.dll - Ok C:\WINDOWS\system32\ndptsp.tsp - Ok C:\WINDOWS\system32\net.exe - Ok C:\WINDOWS\system32\net.hlp - Ok C:\WINDOWS\system32\netapi.dll - Ok C:\WINDOWS\system32\net1.exe - Ok C:\WINDOWS\system32\netapi32.dll - Ok C:\WINDOWS\system32\netevent.dll - Ok C:\WINDOWS\system32\netdde.exe - Ok C:\WINDOWS\system32\mtxparhd.dll - Ok C:\WINDOWS\system32\netfxperf.dll - Ok C:\WINDOWS\system32\neth.dll - Ok C:\WINDOWS\system32\netmsg.dll - Ok C:\WINDOWS\system32\netcfgx.dll - Ok C:\WINDOWS\system32\netlogon.dll - Ok C:\WINDOWS\system32\netrap.dll - Ok C:\WINDOWS\system32\netsetup.cpl - Ok C:\WINDOWS\system32\netman.dll - Ok C:\WINDOWS\system32\netid.dll - Ok C:\WINDOWS\system32\netplwiz.dll - Ok C:\WINDOWS\system32\netstat.exe - Ok C:\WINDOWS\system32\netsh.exe - Ok C:\WINDOWS\system32\netui0.dll - Ok C:\WINDOWS\system32\netui1.dll - Ok C:\WINDOWS\system32\netshell.dll - Ok C:\WINDOWS\system32\newdev.dll - Ok C:\WINDOWS\system32\netui2.dll - Ok C:\WINDOWS\system32\nlsdl.dll - Ok >C:\WINDOWS\system32\nlsfunc.exe - packed by EXEPACK C:\WINDOWS\system32\nmevtmsg.dll - Ok C:\WINDOWS\system32\nlsfunc.exe - Ok C:\WINDOWS\system32\noise.cht - Ok C:\WINDOWS\system32\noise.chs - Ok C:\WINDOWS\system32\noise.dat - Ok >C:\WINDOWS\system32\netsetup.exe is CAB archive C:\WINDOWS\system32\netsetup.exe - Ok C:\WINDOWS\system32\netsetup.exe - archive C:\WINDOWS\system32\noise.eng - Ok C:\WINDOWS\system32\noise.enu - Ok C:\WINDOWS\system32\noise.esn - Ok C:\WINDOWS\system32\nmmkcert.dll - Ok C:\WINDOWS\system32\noise.deu - Ok C:\WINDOWS\system32\nlhtml.dll - Ok C:\WINDOWS\system32\noise.nld - Ok C:\WINDOWS\system32\noise.ita - Ok C:\WINDOWS\system32\noise.sve - Ok C:\WINDOWS\system32\noise.fra - Ok C:\WINDOWS\system32\noise.tha - Ok C:\WINDOWS\system32\normidna.nls - Ok C:\WINDOWS\system32\normaliz.dll - Ok C:\WINDOWS\system32\normnfc.nls - Ok C:\WINDOWS\system32\normnfkc.nls - Ok C:\WINDOWS\system32\normnfd.nls - Ok C:\WINDOWS\system32\nscompat.tlb - Ok C:\WINDOWS\system32\normnfkd.nls - Ok C:\WINDOWS\system32\ntdos.sys - Ok C:\WINDOWS\system32\npptools.dll - Ok C:\WINDOWS\system32\ntdos404.sys - Ok C:\WINDOWS\system32\ntdos412.sys - Ok C:\WINDOWS\system32\ntdos411.sys - Ok C:\WINDOWS\system32\nslookup.exe - Ok C:\WINDOWS\system32\notepad.exe - Ok C:\WINDOWS\system32\ntdos804.sys - Ok C:\WINDOWS\system32\ntdll.dll - Ok C:\WINDOWS\system32\ntimage.gif - Ok C:\WINDOWS\system32\ntio.sys - Ok C:\WINDOWS\system32\ntio404.sys - Ok C:\WINDOWS\system32\ntio412.sys - Ok C:\WINDOWS\system32\ntio804.sys - Ok C:\WINDOWS\system32\ntdsapi.dll - Ok C:\WINDOWS\system32\ntlanman.dll - Ok C:\WINDOWS\system32\ntlanui2.dll - Ok C:\WINDOWS\system32\ntio411.sys - Ok C:\WINDOWS\system32\ntlsapi.dll - Ok C:\WINDOWS\system32\ntlanui.dll - Ok C:\WINDOWS\system32\ntmsevt.dll - Ok C:\WINDOWS\system32\ntmarta.dll - Ok C:\WINDOWS\system32\ntmsmgr.msc - Ok C:\WINDOWS\system32\ntmsapi.dll - Ok C:\WINDOWS\system32\ntmsoprq.msc - Ok C:\WINDOWS\system32\ntmsdba.dll - Ok C:\WINDOWS\system32\ntmssvc.dll - Ok C:\WINDOWS\system32\ntprint.dll - Ok C:\WINDOWS\system32\ntkrnlpa.exe - Ok C:\WINDOWS\system32\ntshrui.dll - Ok C:\WINDOWS\system32\ntsd.exe - Ok C:\WINDOWS\system32\ntsdexts.dll - Ok C:\WINDOWS\system32\ntmsmgr.dll - Ok C:\WINDOWS\system32\ntvdmd.dll - Ok C:\WINDOWS\system32\ntvdm.exe - Ok C:\WINDOWS\system32\ntoskrnl.exe - Ok >C:\WINDOWS\system32\nusrmgr.cpl is BINARYRES container >>C:\WINDOWS\system32\nusrmgr.cpl\data001 is JS-HTML container >>C:\WINDOWS\system32\nusrmgr.cpl\data002 is JS-HTML container >>C:\WINDOWS\system32\nusrmgr.cpl\data003 is JS-HTML container >>C:\WINDOWS\system32\nusrmgr.cpl\data004 is JS-HTML container >>C:\WINDOWS\system32\nusrmgr.cpl\data005 is JS-HTML container >>C:\WINDOWS\system32\nusrmgr.cpl\data006 is JS-HTML container >>C:\WINDOWS\system32\nusrmgr.cpl\data007 is JS-HTML container C:\WINDOWS\system32\nvcolor.exe - Ok >>C:\WINDOWS\system32\nusrmgr.cpl\data008 is JS-HTML container >>C:\WINDOWS\system32\nusrmgr.cpl\data009 is JS-HTML container >>C:\WINDOWS\system32\nusrmgr.cpl\data010 is JS-HTML container >>C:\WINDOWS\system32\nusrmgr.cpl\data011 is JS-HTML container >>C:\WINDOWS\system32\nusrmgr.cpl\data012 is JS-HTML container >>C:\WINDOWS\system32\nusrmgr.cpl\data013 is JS-HTML container >>C:\WINDOWS\system32\nusrmgr.cpl\data014 is JS-HTML container C:\WINDOWS\system32\nvapi.dll - Ok >>C:\WINDOWS\system32\nusrmgr.cpl\data015 is JS-HTML container >>C:\WINDOWS\system32\nusrmgr.cpl\data016 is JS-HTML container >>C:\WINDOWS\system32\nusrmgr.cpl\data017 is JS-HTML container >>C:\WINDOWS\system32\nusrmgr.cpl\data018 is JS-HTML container C:\WINDOWS\system32\nv4_disp.dll - Ok >>C:\WINDOWS\system32\nusrmgr.cpl\data019 is JS-HTML container >>C:\WINDOWS\system32\nusrmgr.cpl\data020 is JS-HTML container >>C:\WINDOWS\system32\nusrmgr.cpl\data021 is JS-HTML container >>C:\WINDOWS\system32\nusrmgr.cpl\data022 is JS-HTML container >>C:\WINDOWS\system32\nusrmgr.cpl\data023 is JS-HTML container C:\WINDOWS\system32\nusrmgr.cpl - container C:\WINDOWS\system32\nvcpl.dll - Ok C:\WINDOWS\system32\nvdata.bin - Ok C:\WINDOWS\system32\nvdata.data - Ok C:\WINDOWS\system32\nvdispco32.dll - Ok C:\WINDOWS\system32\nvcuvenc.dll - Ok C:\WINDOWS\system32\nvdispco3220140.dll - Ok C:\WINDOWS\system32\nvdrsdb0.bin - Ok C:\WINDOWS\system32\nvdrsdb1.bin - Ok C:\WINDOWS\system32\nvdrssel.bin - Ok C:\WINDOWS\system32\nvdrswr.lk - Ok C:\WINDOWS\system32\nvcuvid.dll - Ok C:\WINDOWS\system32\nvdispgenco32.dll - Ok C:\WINDOWS\system32\nvgenco322060.dll - Ok C:\WINDOWS\system32\nvhdagenco3220103.dll - Ok C:\WINDOWS\system32\nvinfo.pb - Ok C:\WINDOWS\system32\nvhdagenco322040.dll - Ok C:\WINDOWS\system32\nvmctray.dll - Ok >C:\WINDOWS\system32\nvhdap32.dll - packed by PESTUB >C:\WINDOWS\system32\nvmccs.dll is ZLIB container C:\WINDOWS\system32\nvmccs.dll - container C:\WINDOWS\system32\nvhdap32.dll - Ok C:\WINDOWS\system32\nvcuda.dll - Ok C:\WINDOWS\system32\nvrsar.dll - Ok C:\WINDOWS\system32\nvrscs.dll - Ok C:\WINDOWS\system32\nvrsda.dll - Ok C:\WINDOWS\system32\nvrsde.dll - Ok C:\WINDOWS\system32\nvrsel.dll - Ok C:\WINDOWS\system32\nvoglnt.dll - Ok C:\WINDOWS\system32\nvrseng.dll - Ok C:\WINDOWS\system32\nvrsfi.dll - Ok C:\WINDOWS\system32\nvrses.dll - Ok C:\WINDOWS\system32\nvrsesm.dll - Ok C:\WINDOWS\system32\nvrsfr.dll - Ok C:\WINDOWS\system32\nvrshu.dll - Ok C:\WINDOWS\system32\nvrshe.dll - Ok C:\WINDOWS\system32\nvrsit.dll - Ok C:\WINDOWS\system32\nvrsja.dll - Ok C:\WINDOWS\system32\nvrsko.dll - Ok C:\WINDOWS\system32\nvcompiler.dll - Ok C:\WINDOWS\system32\nvrsno.dll - Ok C:\WINDOWS\system32\nvrsnl.dll - Ok C:\WINDOWS\system32\nvrspl.dll - Ok C:\WINDOWS\system32\nvrspt.dll - Ok C:\WINDOWS\system32\nvrsru.dll - Ok C:\WINDOWS\system32\nvrsptb.dll - Ok C:\WINDOWS\system32\nvrssk.dll - Ok C:\WINDOWS\system32\nvrssl.dll - Ok C:\WINDOWS\system32\nvrssv.dll - Ok C:\WINDOWS\system32\nvrstr.dll - Ok C:\WINDOWS\system32\nvrsth.dll - Ok C:\WINDOWS\system32\nvwddi.dll - Ok C:\WINDOWS\system32\nwc.cpl.manifest - Ok C:\WINDOWS\system32\nvrszhc.dll - Ok C:\WINDOWS\system32\nvrszht.dll - Ok C:\WINDOWS\system32\nvsvc32.exe - Ok C:\WINDOWS\system32\oakley.dll - Ok C:\WINDOWS\system32\occache.dll - Ok C:\WINDOWS\system32\odbc16gt.dll - Ok C:\WINDOWS\system32\nwprovau.dll - Ok C:\WINDOWS\system32\odbc32.dll - Ok C:\WINDOWS\system32\odbc32gt.dll - Ok C:\WINDOWS\system32\ocmanage.dll - Ok C:\WINDOWS\system32\odbcbcp.dll - Ok C:\WINDOWS\system32\objsel.dll - Ok C:\WINDOWS\system32\odbcconf.rsp - Ok C:\WINDOWS\system32\odbcconf.dll - Ok C:\WINDOWS\system32\odbccp32.cpl - Ok C:\WINDOWS\system32\odbcconf.exe - Ok C:\WINDOWS\system32\odbcad32.exe - Ok C:\WINDOWS\system32\odbccr32.dll - Ok C:\WINDOWS\system32\odbcint.dll - Ok C:\WINDOWS\system32\odbccp32.dll - Ok C:\WINDOWS\system32\odbcp32r.dll - Ok C:\WINDOWS\system32\odbccu32.dll - Ok C:\WINDOWS\system32\odbcji32.dll - Ok C:\WINDOWS\system32\oddbse32.dll - Ok C:\WINDOWS\system32\odexl32.dll - Ok C:\WINDOWS\system32\odfox32.dll - Ok C:\WINDOWS\system32\odtext32.dll - Ok C:\WINDOWS\system32\odpdx32.dll - Ok C:\WINDOWS\system32\odbctrac.dll - Ok C:\WINDOWS\system32\oembios.dat - Ok C:\WINDOWS\system32\oembios.sig - Ok C:\WINDOWS\system32\odbcjt32.dll - Ok C:\WINDOWS\system32\ole2.dll - Ok C:\WINDOWS\system32\oembios.bin - Ok C:\WINDOWS\system32\ole2disp.dll - Ok C:\WINDOWS\system32\ole2nls.dll - Ok C:\WINDOWS\system32\oleaccrc.dll - Ok C:\WINDOWS\system32\oleacc.dll - Ok C:\WINDOWS\system32\offfilt.dll - Ok C:\WINDOWS\system32\olecli.dll - Ok C:\WINDOWS\system32\oleaut32.dll - Ok C:\WINDOWS\system32\olecnv32.dll - Ok C:\WINDOWS\system32\olecli32.dll - Ok C:\WINDOWS\system32\nvopencl.dll - Ok >C:\WINDOWS\system32\ole32.dll is BINARYRES container C:\WINDOWS\system32\ole32.dll - container C:\WINDOWS\system32\oledlg.dll - Ok C:\WINDOWS\system32\oleprn.dll - Ok C:\WINDOWS\system32\olesvr32.dll - Ok C:\WINDOWS\system32\olesvr.dll - Ok C:\WINDOWS\system32\olethk32.dll - Ok C:\WINDOWS\system32\olepro32.dll - Ok C:\WINDOWS\system32\onex.dll - Ok C:\WINDOWS\system32\osuninst.dll - Ok C:\WINDOWS\system32\osuninst.exe - Ok C:\WINDOWS\system32\p2p.dll - Ok C:\WINDOWS\system32\osk.exe - Ok C:\WINDOWS\system32\p2pgasvc.dll - Ok C:\WINDOWS\system32\p2pnetsh.dll - Ok C:\WINDOWS\system32\OpenCL.dll - Ok C:\WINDOWS\system32\p2pgraph.dll - Ok C:\WINDOWS\system32\packager.exe - Ok C:\WINDOWS\system32\panmap.dll - Ok C:\WINDOWS\system32\pathping.exe - Ok C:\WINDOWS\system32\pcl.sep - Ok C:\WINDOWS\system32\pautoenr.dll - Ok C:\WINDOWS\system32\p2psvc.dll - Ok C:\WINDOWS\system32\pdh.dll - Ok C:\WINDOWS\system32\opengl32.dll - Ok C:\WINDOWS\system32\perfc009.dat - Ok C:\WINDOWS\system32\perfci.h - Ok C:\WINDOWS\system32\perfci.ini - Ok C:\WINDOWS\system32\perfd009.dat - Ok C:\WINDOWS\system32\pentnt.exe - Ok C:\WINDOWS\system32\paqsp.dll - Ok C:\WINDOWS\system32\perffilt.h - Ok C:\WINDOWS\system32\perffilt.ini - Ok C:\WINDOWS\system32\perfctrs.dll - Ok C:\WINDOWS\system32\perfh009.dat - Ok C:\WINDOWS\system32\perfdisk.dll - Ok C:\WINDOWS\system32\perfi009.dat - Ok C:\WINDOWS\system32\perfmon.msc - Ok C:\WINDOWS\system32\perfnet.dll - Ok C:\WINDOWS\system32\PerfStringBackup.INI - Ok C:\WINDOWS\system32\perfwci.h - Ok C:\WINDOWS\system32\perfwci.ini - Ok C:\WINDOWS\system32\perfproc.dll - Ok C:\WINDOWS\system32\perfos.dll - Ok >C:\WINDOWS\system32\perfts.dll - packed by FLY-CODE C:\WINDOWS\system32\perfmon.exe - Ok C:\WINDOWS\system32\pid.dll - Ok C:\WINDOWS\system32\perfts.dll - Ok C:\WINDOWS\system32\pid.inf - Ok C:\WINDOWS\system32\photowiz.dll - Ok C:\WINDOWS\system32\pidgen.dll - Ok C:\WINDOWS\system32\pifmgr.dll - Ok >C:\WINDOWS\system32\pjlmon.dll - packed by FLY-CODE C:\WINDOWS\system32\ping.exe - Ok C:\WINDOWS\system32\pmspl.dll - Ok C:\WINDOWS\system32\ping6.exe - Ok C:\WINDOWS\system32\plustab.dll - Ok C:\WINDOWS\system32\pjlmon.dll - Ok C:\WINDOWS\system32\pngfilt.dll - Ok C:\WINDOWS\system32\photometadatahandler.dll - Ok C:\WINDOWS\system32\pnrpnsp.dll - Ok C:\WINDOWS\system32\powrprof.dll - Ok C:\WINDOWS\system32\polstore.dll - Ok C:\WINDOWS\system32\powercfg.exe - Ok C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll - Ok C:\WINDOWS\system32\powercfg.cpl - Ok C:\WINDOWS\system32\prflbmsg.dll - Ok C:\WINDOWS\system32\print.exe - Ok C:\WINDOWS\system32\PresentationHostProxy.dll - Ok C:\WINDOWS\system32\prntvpt.dll - Ok C:\WINDOWS\system32\proctexe.ocx - Ok C:\WINDOWS\system32\prodspec.ini - Ok C:\WINDOWS\system32\PresentationHost.exe - Ok C:\WINDOWS\system32\printui.dll - Ok C:\WINDOWS\system32\profmap.dll - Ok C:\WINDOWS\system32\proxycfg.exe - Ok C:\WINDOWS\system32\psapi.dll - Ok C:\WINDOWS\system32\psbase.dll - Ok C:\WINDOWS\system32\pschdcnt.h - Ok C:\WINDOWS\system32\pschdprf.dll - Ok C:\WINDOWS\system32\pscript.sep - Ok C:\WINDOWS\system32\progman.exe - Ok C:\WINDOWS\system32\psnppagn.dll - Ok C:\WINDOWS\system32\pschdprf.ini - Ok C:\WINDOWS\system32\pubprn.vbs - Ok C:\WINDOWS\system32\PresentationNative_v0300.dll - Ok C:\WINDOWS\system32\pstorsvc.dll - Ok C:\WINDOWS\system32\pstorec.dll - Ok C:\WINDOWS\system32\proquota.exe - Ok C:\WINDOWS\system32\qappsrv.exe - Ok C:\WINDOWS\system32\qagent.dll - Ok C:\WINDOWS\system32\qagentrt.dll - Ok C:\WINDOWS\system32\qcliprov.dll - Ok C:\WINDOWS\system32\qasf.dll - Ok C:\WINDOWS\system32\qcap.dll - Ok C:\WINDOWS\system32\qmgr.dll - Ok C:\WINDOWS\system32\qmgrprxy.dll - Ok C:\WINDOWS\system32\qdvd.dll - Ok C:\WINDOWS\system32\qosname.dll - Ok C:\WINDOWS\system32\qdv.dll - Ok C:\WINDOWS\system32\qprocess.exe - Ok C:\WINDOWS\system32\qutil.dll - Ok C:\WINDOWS\system32\qedit.dll - Ok C:\WINDOWS\system32\qedwipes.dll - Ok C:\WINDOWS\system32\rasadhlp.dll - Ok C:\WINDOWS\system32\qwinsta.exe - Ok C:\WINDOWS\system32\racpldlg.dll - Ok C:\WINDOWS\system32\rasauto.dll - Ok C:\WINDOWS\system32\rasapi32.dll - Ok C:\WINDOWS\system32\rasautou.exe - Ok C:\WINDOWS\system32\query.dll - Ok C:\WINDOWS\system32\rasctrnm.h - Ok C:\WINDOWS\system32\rasctrs.dll - Ok C:\WINDOWS\system32\rasctrs.ini - Ok C:\WINDOWS\system32\raschap.dll - Ok C:\WINDOWS\system32\rasman.dll - Ok C:\WINDOWS\system32\rasdial.exe - Ok C:\WINDOWS\system32\rasmontr.dll - Ok C:\WINDOWS\system32\rasmans.dll - Ok C:\WINDOWS\system32\quartz.dll - Ok C:\WINDOWS\system32\rasqec.dll - Ok C:\WINDOWS\system32\rasmxs.dll - Ok C:\WINDOWS\system32\rasdlg.dll - Ok >C:\WINDOWS\system32\rasser.dll - packed by FLY-CODE C:\WINDOWS\system32\rasrad.dll - Ok C:\WINDOWS\system32\rasppp.dll - Ok C:\WINDOWS\system32\rassapi.dll - Ok C:\WINDOWS\system32\rastapi.dll - Ok C:\WINDOWS\system32\rcbdyctl.dll - Ok C:\WINDOWS\system32\rastls.dll - Ok C:\WINDOWS\system32\rasser.dll - Ok C:\WINDOWS\system32\rdpcfgex.dll - Ok C:\WINDOWS\system32\rcp.exe - Ok C:\WINDOWS\system32\rdpdd.dll - Ok C:\WINDOWS\system32\rdpsnd.dll - Ok C:\WINDOWS\system32\rdchost.dll - Ok C:\WINDOWS\system32\rdpwsx.dll - Ok C:\WINDOWS\system32\rcimlby.exe - Ok C:\WINDOWS\system32\recover.exe - Ok C:\WINDOWS\system32\redir.exe - Ok C:\WINDOWS\system32\rdsaddin.exe - Ok C:\WINDOWS\system32\rdshost.exe - Ok C:\WINDOWS\system32\regapi.dll - Ok C:\WINDOWS\system32\reg.exe - Ok C:\WINDOWS\system32\regedt32.exe - Ok C:\WINDOWS\system32\regini.exe - Ok C:\WINDOWS\system32\rdpclip.exe - Ok C:\WINDOWS\system32\regsvc.dll - Ok C:\WINDOWS\system32\rasphone.exe - Ok C:\WINDOWS\system32\regwiz.exe - Ok C:\WINDOWS\system32\remotepg.dll - Ok C:\WINDOWS\system32\remotesp.tsp - Ok C:\WINDOWS\system32\replace.exe - Ok >C:\WINDOWS\system32\reset.exe - packed by FLY-CODE C:\WINDOWS\system32\regsvr32.exe - Ok C:\WINDOWS\system32\resutils.dll - Ok C:\WINDOWS\system32\rend.dll - Ok C:\WINDOWS\system32\rexec.exe - Ok C:\WINDOWS\system32\reset.exe - Ok C:\WINDOWS\system32\riched32.dll - Ok C:\WINDOWS\system32\rnr20.dll - Ok C:\WINDOWS\system32\regwizc.dll - Ok C:\WINDOWS\system32\route.exe - Ok C:\WINDOWS\system32\rgb9rast_2.dll - Ok C:\WINDOWS\system32\routemon.exe - Ok C:\WINDOWS\system32\routetab.dll - Ok C:\WINDOWS\system32\rpcns4.dll - Ok C:\WINDOWS\system32\rhttpaa.dll - Ok C:\WINDOWS\system32\rsaci.rat - Ok C:\WINDOWS\system32\rpcrt4.dll - Ok C:\WINDOWS\system32\riched20.dll - Ok C:\WINDOWS\system32\rsh.exe - Ok C:\WINDOWS\system32\rsaenh.dll - Ok C:\WINDOWS\system32\rshx32.dll - Ok C:\WINDOWS\system32\rsmps.dll - Ok C:\WINDOWS\system32\rsm.exe - Ok C:\WINDOWS\system32\rpcss.dll - Ok C:\WINDOWS\system32\rsvp.ini - Ok C:\WINDOWS\system32\rsvpcnts.h - Ok C:\WINDOWS\system32\rsvp.exe - Ok C:\WINDOWS\system32\rsvpmsg.dll - Ok >C:\WINDOWS\system32\rsvpperf.dll - packed by FLY-CODE C:\WINDOWS\system32\rsvpperf.dll - Ok C:\WINDOWS\system32\rsvpsp.dll - Ok C:\WINDOWS\system32\rsmsink.exe - Ok C:\WINDOWS\system32\rtipxmib.dll - Ok C:\WINDOWS\system32\RtkCoLDRXP.dll - Ok C:\WINDOWS\system32\rsmui.exe - Ok C:\WINDOWS\system32\rtcshare.exe - Ok C:\WINDOWS\system32\RtkCoInstIIXP.dll - Ok C:\WINDOWS\system32\rtm.dll - Ok C:\WINDOWS\system32\RtNicProp32.dll - Ok C:\WINDOWS\system32\rtutils.dll - Ok C:\WINDOWS\system32\runas.exe - Ok C:\WINDOWS\system32\RTNUninst32.dll - Ok C:\WINDOWS\system32\rundll32.exe - Ok C:\WINDOWS\system32\rwinsta.exe - Ok C:\WINDOWS\system32\runonce.exe - Ok C:\WINDOWS\system32\safrdm.dll - Ok C:\WINDOWS\system32\safrslv.dll - Ok C:\WINDOWS\system32\safrcdlg.dll - Ok C:\WINDOWS\system32\samlib.dll - Ok C:\WINDOWS\system32\sapi.cpl.manifest - Ok C:\WINDOWS\system32\s3gnb.dll - Ok C:\WINDOWS\system32\samsrv.dll - Ok C:\WINDOWS\system32\sc.exe - Ok C:\WINDOWS\system32\savedump.exe - Ok C:\WINDOWS\system32\scarddlg.dll - Ok C:\WINDOWS\system32\sbe.dll - Ok C:\WINDOWS\system32\sbeio.dll - Ok C:\WINDOWS\system32\scardsvr.exe - Ok C:\WINDOWS\system32\RTSndMgr.CPL - Ok C:\WINDOWS\system32\scardssp.dll - Ok C:\WINDOWS\system32\scecli.dll - Ok C:\WINDOWS\system32\sccbase.dll - Ok C:\WINDOWS\system32\scesrv.dll - Ok C:\WINDOWS\system32\sclgntfy.dll - Ok C:\WINDOWS\system32\schannel.dll - Ok C:\WINDOWS\system32\sccsccp.dll - Ok C:\WINDOWS\system32\scredir.dll - Ok C:\WINDOWS\system32\schedsvc.dll - Ok C:\WINDOWS\system32\sdhcinst.dll - Ok C:\WINDOWS\system32\scrrun.dll - Ok C:\WINDOWS\system32\seclogon.dll - Ok C:\WINDOWS\system32\scrnsave.scr - Ok C:\WINDOWS\system32\secupd.dat - Ok C:\WINDOWS\system32\scrobj.dll - Ok C:\WINDOWS\system32\secupd.sig - Ok C:\WINDOWS\system32\sdpblb.dll - Ok C:\WINDOWS\system32\security.dll - Ok C:\WINDOWS\system32\sdbinst.exe - Ok C:\WINDOWS\system32\secur32.dll - Ok C:\WINDOWS\system32\sensapi.dll - Ok C:\WINDOWS\system32\sens.dll - Ok C:\WINDOWS\system32\sendmail.dll - Ok C:\WINDOWS\system32\senscfg.dll - Ok C:\WINDOWS\system32\serialui.dll - Ok C:\WINDOWS\system32\services.msc - Ok C:\WINDOWS\system32\serwvdrv.dll - Ok C:\WINDOWS\system32\sendcmsg.dll - Ok C:\WINDOWS\system32\services.exe - Ok C:\WINDOWS\system32\sessmgr.exe - Ok C:\WINDOWS\system32\servdeps.dll - Ok C:\WINDOWS\system32\setup.bmp - Ok >C:\WINDOWS\system32\setupapi.dll - packed by BINARYRES
- January 2, 2013
- 79 replies
Outgoing Malicious IP Blocks. Suspect Infection

MicQsenoch replied to MicQsenoch's topic in Resolved Malware Removal Logs

c:\documents and settings\updatususer\start menu\programs\startup\desktop.ini - Ok c:\documents and settings\michael senff\start menu\programs\startup\desktop.ini - Ok c:\windows\system32\config\systemprofile\start menu\programs\startup\desktop.ini - Ok c:\documents and settings\default user\start menu\programs\startup\desktop.ini - Ok c:\documents and settings\all users\start menu\programs\startup\desktop.ini - Ok c:\windows\system32\dot3cfg.dll - Ok c:\windows\system32\napmontr.dll - Ok c:\windows\system32\fwcfg.dll - Ok c:\windows\system32\hnetmon.dll - Ok c:\windows\system32\dgnet.dll - Ok c:\windows\system32\ipxpromn.dll - Ok c:\windows\system32\ipxmontr.dll - Ok c:\windows\system32\rasmontr.dll - Ok c:\windows\system32\ippromon.dll - Ok c:\windows\system32\ifmon.dll - Ok c:\windows\system32\ipmontr.dll - Ok c:\windows\system32\ipv6mon.dll - Ok c:\windows\system32\dfrg.msc - Ok c:\windows\system32\cleanmgr.exe - Ok c:\windows\system32\calc.exe - Ok c:\windows\system32\rdpwsx.dll - Ok c:\windows\system32\rdpclip.exe - Ok c:\windows\system32\rdpcfgex.dll - Ok c:\windows\system32\cmd.exe - Ok c:\windows\system32\msobjs.dll - Ok c:\windows\system32\msaudite.dll - Ok c:\windows\system32\iassvcs.dll - Ok c:\windows\system32\win32k.sys - Ok c:\windows\system32\syssetup.dll - Ok c:\windows\system32\savedump.exe - Ok c:\windows\system32\rsvpmsg.dll - Ok c:\windows\system32\ntmsevt.dll - Ok c:\windows\system32\napipsec.dll - Ok c:\program files\microsoft security client\mpevmsg.dll - Ok c:\windows\system32\rtm.dll - Ok c:\windows\system32\spmsg.dll - Ok c:\windows\system32\dhcpqec.dll - Ok c:\windows\system32\mprmsg.dll - Ok c:\windows\system32\netmsg.dll - Ok c:\windows\system32\iologmsg.dll - Ok c:\windows\system32\wuaucpl.cpl.mui - Ok c:\windows\system32\xpob2res.dll - Ok c:\windows\system32\wbem\wmiapres.dll - Ok c:\windows\system32\dpcdll.dll - Ok c:\windows\system32\netevent.dll - Ok c:\windows\system32\msvbvm60.dll - Ok c:\windows\microsoft.net\framework\v2.0.50727\eventlogmessages.dll - Ok c:\windows\system32\safrslv.dll - Ok c:\windows\system32\safrdm.dll - Ok c:\windows\system32\perfmon.exe - Ok c:\windows\system32\prflbmsg.dll - Ok c:\program files\nvidia corporation\nview\nview.dll - Ok c:\windows\system32\msshavmsg.dll - Ok c:\windows\system32\nmevtmsg.dll - Ok >c:\program files\microsoft security client\msmpres.dll is ZLIB container c:\program files\microsoft security client\msmpres.dll - container c:\windows\system32\loadperf.dll - Ok c:\windows\pchealth\helpctr\binaries\hcappres.dll - Ok c:\windows\system32\drwtsn32.exe - Ok c:\windows\system32\ulib.dll - Ok c:\windows\system32\pautoenr.dll - Ok c:\windows\system32\faultrep.dll - Ok c:\program files\common files\microsoft shared\dw\dw20.exe - Ok c:\windows\microsoft.net\framework\v3.0\windows communication foundation\servicemodelevents.dll.mui - Ok c:\windows\system32\query.dll - Ok >c:\windows\system32\icardres.dll.mui is BINARYRES container c:\windows\system32\icardres.dll.mui - container c:\windows\microsoft.net\framework\v2.0.50727\aspnet_rc.dll - Ok c:\program files\avg secure search\13.2.0.5\avg secure search_toolbar.dll - Ok c:\program files\nvidia corporation\nview\nvshell.dll - Ok c:\program files\microsoft security client\shellext.dll - Ok c:\windows\system32\xpsshhdr.dll - Ok c:\windows\system32\dfshim.dll - Ok c:\windows\system32\wmpshell.dll - Ok c:\program files\outlook express\wabfind.dll - Ok c:\windows\system32\cabview.dll - Ok c:\windows\system32\mmcshext.dll - Ok c:\windows\system32\photowiz.dll - Ok c:\windows\system32\dfsshlex.dll - Ok c:\windows\msagent\agentpsh.dll - Ok c:\windows\system32\mydocs.dll - Ok c:\windows\system32\dsuiext.dll - Ok c:\windows\system32\dsquery.dll - Ok c:\windows\system32\docprop2.dll - Ok c:\windows\system32\msieftp.dll - Ok c:\windows\system32\extmgr.dll - Ok c:\windows\system32\zipfldr.dll - Ok c:\windows\system32\netplwiz.dll - Ok >c:\windows\system32\shimgvw.dll is BINARYRES container >>c:\windows\system32\shimgvw.dll\data001 is JS-HTML container >>c:\windows\system32\shimgvw.dll\data002 is JS-HTML container c:\windows\system32\shimgvw.dll - container >c:\windows\system32\appwiz.cpl is BINARYRES container >>c:\windows\system32\appwiz.cpl\data001 is JS-HTML container >>c:\windows\system32\appwiz.cpl\data003 is JS-HTML container >>c:\windows\system32\appwiz.cpl\data004 is JS-HTML container >>c:\windows\system32\appwiz.cpl\data006 is JS-HTML container >>c:\windows\system32\appwiz.cpl\data008 is JS-HTML container >>c:\windows\system32\appwiz.cpl\data009 is JS-HTML container >>c:\windows\system32\appwiz.cpl\data011 is JS-HTML container >>c:\windows\system32\appwiz.cpl\data012 is JS-HTML container >>c:\windows\system32\appwiz.cpl\data014 is JS-HTML container >>c:\windows\system32\appwiz.cpl\data015 is JS-HTML container >>c:\windows\system32\appwiz.cpl\data016 is JS-HTML container c:\windows\system32\appwiz.cpl - container c:\windows\system32\occache.dll - Ok c:\windows\system32\sendmail.dll - Ok c:\windows\system32\shmedia.dll - Ok c:\windows\system32\twext.dll - Ok >c:\windows\system32\wuaucpl.cpl - packed by FLY-CODE c:\windows\system32\wuaucpl.cpl - Ok c:\program files\common files\system\ole db\oledb32.dll - Ok c:\windows\system32\wshext.dll - Ok c:\windows\system32\remotepg.dll - Ok c:\windows\system32\wiashext.dll - Ok c:\windows\system32\cryptext.dll - Ok >c:\windows\system32\deskperf.dll - packed by FLY-CODE c:\windows\system32\deskperf.dll - Ok >c:\windows\system32\fontext.dll is BINARYRES container >>c:\windows\system32\fontext.dll\data001 - packed by MS COMPRESS >>c:\windows\system32\fontext.dll\data002 - packed by MS COMPRESS c:\windows\system32\fontext.dll - container c:\windows\system32\hticons.dll - Ok c:\windows\system32\syncui.dll - Ok c:\windows\system32\dskquoui.dll - Ok c:\windows\system32\printui.dll - Ok c:\windows\system32\ntlanui2.dll - Ok c:\windows\system32\diskcopy.dll - Ok c:\windows\system32\shscrap.dll - Ok c:\windows\system32\slayerxp.dll - Ok c:\windows\system32\dssec.dll - Ok >c:\windows\system32\deskmon.dll - packed by FLY-CODE c:\windows\system32\deskmon.dll - Ok c:\windows\system32\deskadp.dll - Ok c:\windows\system32\docprop.dll - Ok c:\windows\system32\rshx32.dll - Ok c:\windows\system32\icmui.dll - Ok c:\windows\system32\mmsys.cpl - Ok c:\windows\system32\wiascr.dll - Ok c:\program files\common files\avg secure search\viprotocolinstaller\13.2.0\viprotocol.dll - Ok c:\windows\system32\inetcomm.dll - Ok c:\windows\system32\itss.dll - Ok c:\windows\system32\msvidctl.dll - Ok c:\windows\system32\mshtml.dll - Ok c:\windows\system32\mscoree.dll - Ok c:\windows\system32\rsvpsp.dll - Ok c:\windows\system32\sclgntfy.dll - Ok c:\windows\system32\ntsd.exe - Ok c:\windows\system32\xmlprov.dll - Ok c:\windows\system32\drivers\ws2ifsl.sys - Ok c:\windows\system32\wbem\wmiapsrv.exe - Ok c:\windows\system32\wbem\wmiaprpl.dll - Ok c:\windows\system32\mspmsnsv.dll - Ok c:\windows\system32\winsock.dll - Ok c:\windows\system32\drivers\wdmaud.sys - Ok c:\windows\system32\drivers\wanarp.sys - Ok c:\windows\system32\vssvc.exe - Ok c:\windows\system32\drivers\volsnap.sys - Ok c:\windows\system32\drivers\vga.sys - Ok c:\windows\system32\drivers\usbstor.sys - Ok c:\windows\system32\drivers\usbhub.sys - Ok c:\windows\system32\drivers\usbehci.sys - Ok c:\windows\system32\ups.exe - Ok c:\windows\system32\upnphost.dll - Ok c:\windows\system32\drivers\update.sys - Ok c:\windows\system32\drivers\udfs.sys - Ok c:\windows\system32\tsddd.dll - Ok c:\windows\system32\drivers\termdd.sys - Ok c:\windows\system32\drivers\tdtcp.sys - Ok c:\windows\system32\drivers\tdpipe.sys - Ok c:\windows\system32\drivers\tcpip.sys - Ok c:\windows\system32\smlogsvc.exe - Ok c:\windows\system32\drivers\sysaudio.sys - Ok c:\windows\system32\drivers\swmidi.sys - Ok c:\windows\system32\drivers\swenum.sys - Ok c:\windows\system32\wiaservc.dll - Ok c:\windows\system32\drivers\srv.sys - Ok c:\windows\system32\drivers\sr.sys - Ok c:\windows\system32\drivers\splitter.sys - Ok c:\windows\system32\drivers\sfloppy.sys - Ok c:\windows\system32\drivers\serial.sys - Ok c:\windows\system32\drivers\secdrv.sys - Ok c:\windows\system32\drivers\scsiport.sys - Ok c:\windows\system32\scardsvr.exe - Ok c:\windows\system32\drivers\rtenicxp.sys - Ok c:\windows\system32\rsvp.exe - Ok c:\windows\system32\locator.exe - Ok c:\windows\system32\mprdim.dll - Ok c:\windows\system32\drivers\redbook.sys - Ok c:\windows\system32\sessmgr.exe - Ok c:\windows\system32\drivers\rdpwd.sys - Ok c:\windows\system32\rdpdd.dll - Ok c:\windows\system32\drivers\rdpcdd.sys - Ok c:\windows\system32\drivers\rdbss.sys - Ok c:\windows\system32\drivers\raspti.sys - Ok c:\windows\system32\drivers\raspppoe.sys - Ok c:\windows\system32\drivers\rasl2tp.sys - Ok c:\windows\system32\rasauto.dll - Ok c:\windows\system32\drivers\rasacd.sys - Ok c:\windows\system32\drivers\ptilink.sys - Ok c:\windows\system32\drivers\psched.sys - Ok c:\windows\system32\drivers\raspptp.sys - Ok c:\windows\system32\perfproc.dll - Ok c:\windows\system32\perfnet.dll - Ok c:\windows\system32\perfdisk.dll - Ok c:\windows\system32\drivers\pcmcia.sys - Ok c:\windows\system32\drivers\pciide.sys - Ok c:\windows\system32\drivers\pci.sys - Ok c:\windows\system32\drivers\parvdm.sys - Ok c:\windows\system32\drivers\partmgr.sys - Ok c:\windows\system32\drivers\parport.sys - Ok c:\windows\system32\drivers\nwlnkfwd.sys - Ok c:\windows\system32\drivers\nwlnkflt.sys - Ok c:\windows\system32\drivers\nvhda32.sys - Ok c:\windows\system32\drivers\nv4_mini.sys - Ok c:\windows\system32\drivers\null.sys - Ok c:\windows\system32\ntmssvc.dll - Ok c:\windows\system32\drivers\ntfs.sys - Ok c:\windows\system32\drivers\npfs.sys - Ok c:\windows\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe - Ok c:\windows\system32\netdde.exe - Ok c:\windows\system32\drivers\netbt.sys - Ok c:\windows\system32\drivers\netbios.sys - Ok c:\windows\system32\drivers\ndproxy.sys - Ok c:\windows\system32\drivers\ndiswan.sys - Ok c:\windows\system32\drivers\ndisuio.sys - Ok c:\windows\system32\drivers\ndistapi.sys - Ok c:\windows\system32\drivers\ndis.sys - Ok c:\windows\system32\qagentrt.dll - Ok c:\windows\system32\drivers\mup.sys - Ok c:\windows\system32\drivers\mssmbios.sys - Ok c:\windows\system32\drivers\mspqm.sys - Ok c:\windows\system32\drivers\mspclock.sys - Ok c:\windows\system32\drivers\mskssrv.sys - Ok c:\windows\system32\msiexec.exe - Ok c:\windows\system32\drivers\msfs.sys - Ok c:\windows\system32\drivers\bridge.sys - Ok c:\windows\system32\msdtc.exe - Ok c:\windows\system32\drivers\mrxsmb.sys - Ok c:\windows\system32\drivers\mrxdav.sys - Ok c:\windows\system32\drivers\mpfilter.sys - Ok c:\program files\mozilla maintenance service\maintenanceservice.exe - Ok c:\windows\system32\drivers\mountmgr.sys - Ok c:\windows\system32\drivers\mouhid.sys - Ok c:\windows\system32\drivers\mouclass.sys - Ok c:\windows\system32\drivers\monfilt.sys - Ok c:\windows\system32\drivers\modem.sys - Ok c:\windows\system32\mnmsrvc.exe - Ok c:\windows\system32\mnmdd.dll - Ok c:\windows\system32\msgsvc.dll - Ok c:\windows\system32\drivers\heci.sys - Ok c:\program files\malwarebytes' anti-malware\mbamservice.exe - Ok c:\program files\malwarebytes' anti-malware\mbamscheduler.exe - Ok c:\windows\system32\drivers\mbam.sys - Ok c:\windows\system32\drivers\mbamchameleon.sys - Ok c:\windows\system32\drivers\ksecdd.sys - Ok c:\windows\system32\drivers\kmixer.sys - Ok c:\windows\system32\drivers\kbdclass.sys - Ok c:\windows\system32\drivers\isapnp.sys - Ok c:\windows\system32\drivers\irenum.sys - Ok c:\windows\system32\drivers\ipsec.sys - Ok c:\windows\system32\drivers\ipnat.sys - Ok c:\windows\system32\drivers\ipinip.sys - Ok c:\windows\system32\drivers\ipfltdrv.sys - Ok c:\windows\system32\drivers\ip6fw.sys - Ok c:\windows\system32\drivers\intelppm.sys - Ok c:\windows\system32\drivers\rtkhdaud.sys - Ok c:\windows\system32\imapi.exe - Ok c:\windows\system32\drivers\imapi.sys - Ok c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe - Ok c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe - Ok c:\windows\system32\drivers\i8042prt.sys - Ok c:\windows\system32\w3ssl.dll - Ok c:\windows\system32\drivers\http.sys - Ok c:\windows\system32\kmsvc.dll - Ok c:\windows\system32\drivers\hidusb.sys - Ok c:\windows\system32\drivers\hdaudbus.sys - Ok c:\windows\system32\drivers\gvtdrv.sys - Ok c:\program files\google\update\googleupdate.exe - Ok c:\windows\system32\drivers\msgpc.sys - Ok c:\program files\gigabyte\et6\amifldrv32.sys - Ok c:\windows\gdrv.sys - Ok c:\windows\system32\drivers\ftdisk.sys - Ok c:\windows\system32\drivers\fs_rec.sys - Ok c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe - Ok c:\windows\system32\drivers\fltmgr.sys - Ok c:\windows\system32\drivers\flpydisk.sys - Ok c:\windows\system32\drivers\fips.sys - Ok c:\windows\system32\drivers\fdc.sys - Ok c:\windows\system32\drivers\fastfat.sys - Ok c:\windows\system32\drivers\etronxhci.sys - Ok c:\windows\system32\drivers\etronhub3.sys - Ok c:\windows\system32\eapsvc.dll - Ok c:\windows\system32\drivers\drmkaud.sys - Ok c:\windows\system32\dot3svc.dll - Ok c:\windows\system32\drivers\dmusic.sys - Ok c:\windows\system32\dmserver.dll - Ok c:\windows\system32\drivers\dmload.sys - Ok c:\windows\system32\drivers\dmio.sys - Ok c:\windows\system32\drivers\dmboot.sys - Ok c:\windows\system32\dmadmin.exe - Ok c:\windows\system32\drivers\disk.sys - Ok c:\windows\system32\dllhost.exe - Ok c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe - Ok c:\windows\system32\clipsrv.exe - Ok c:\windows\system32\cisvc.exe - Ok c:\windows\system32\drivers\cdrom.sys - Ok c:\windows\system32\drivers\cdfs.sys - Ok c:\windows\system32\drivers\cdaudio.sys - Ok c:\windows\system32\drivers\cbidf2k.sys - Ok c:\windows\system32\drivers\beep.sys - Ok c:\windows\system32\drivers\avgtpx86.sys - Ok c:\windows\system32\drivers\audstub.sys - Ok c:\windows\system32\drivers\atmarpc.sys - Ok c:\windows\system32\drivers\atapi.sys - Ok c:\windows\system32\drivers\asyncmac.sys - Ok c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe - Ok c:\windows\system32\applechargersrv.exe - Ok c:\windows\system32\drivers\applecharger.sys - Ok c:\windows\system32\drivers\ambfilt.sys - Ok c:\windows\system32\alrsvc.dll - Ok c:\windows\system32\drivers\afd.sys - Ok c:\windows\system32\drivers\aec.sys - Ok c:\windows\system32\macromed\flash\flashplayerupdateservice.exe - Ok c:\windows\system32\drivers\acpiec.sys - Ok c:\windows\system32\drivers\acpi.sys - Ok c:\windows\system32\mscories.dll - Ok c:\windows\system32\ie4uinit.exe - Ok c:\windows\inf\wmp.inf - Ok c:\windows\inf\msmsgs.inf - Ok c:\windows\inf\msnetmtg.inf - Ok c:\windows\system32\\user.exe - Ok c:\program files\outlook express\setup50.exe - Ok c:\windows\system32\regsvr32.exe - Ok c:\windows\system32\shmgrate.exe - Ok c:\windows\inf\unregmp2.exe - Ok c:\windows\system32\ieudinit.exe - Ok c:\windows\system32\url.dll - Ok c:\windows\system32\olethk32.dll - Ok c:\windows\system32\olesvr32.dll - Ok c:\windows\system32\olecnv32.dll - Ok c:\windows\system32\olecli32.dll - Ok c:\program files\nvidia corporation\nview\nwiz.exe - Ok c:\windows\system32\nvcpl.dll - Ok c:\windows\system32\logon.scr - Ok c:\windows\system32\logonui.exe - Ok c:\windows\system32\dot3gpclnt.dll - Ok c:\windows\system32\iedkcs32.dll - Ok c:\windows\system32\dskquota.dll - Ok c:\windows\system32\msnsspc.dll - Ok c:\windows\system32\digest.dll - Ok c:\windows\system32\msapsspc.dll - Ok c:\windows\npmsdm.dll - Ok >c:\windows\system32\muweb.dll is CAB archive c:\windows\system32\muweb.dll - Ok c:\windows\system32\muweb.dll - archive c:\windows\system32\wuweb.dll - Ok >c:\windows\downloaded program files\qsax.dll - packed by UPX c:\windows\downloaded program files\qsax.dll - Ok c:\windows\system32\legitcheckcontrol.dll - Ok c:\program files\messenger\msmsgs.exe - Ok c:\windows\network diagnostic\xpnetdiag.exe - Ok c:\program files\pando networks\media booster\pmb.cpl - Ok c:\program files\common files\microsoft shared\speech\sapi.cpl - Ok c:\windows\system32\netsetup.cpl - Ok c:\windows\system32\firewall.cpl - Ok c:\windows\system32\autochk.exe - Ok c:\windows\system32\userinit.exe - Ok c:\windows\system32\l3codeca.acm - Ok c:\windows\system32\ir50_32.dll - Ok c:\windows\system32\iac25_32.ax - Ok c:\windows\system32\sl_anet.acm - Ok c:\windows\system32\msaud32.acm - Ok c:\windows\system32\msh261.drv - Ok c:\windows\system32\msg723.acm - Ok c:\windows\system32\tsbyuv.dll - Ok c:\windows\system32\msyuv.dll - Ok c:\windows\system32\msvidc32.dll - Ok c:\windows\system32\msrle32.dll - Ok c:\windows\system32\iyuv_32.dll - Ok c:\windows\system32\ir41_32.ax - Ok c:\windows\system32\ir32_32.dll - Ok c:\windows\system32\msh263.drv - Ok c:\windows\system32\iccvid.dll - Ok c:\windows\system32\tssoft32.acm - Ok c:\windows\system32\msgsm32.acm - Ok c:\windows\system32\msg711.acm - Ok c:\windows\system32\msadp32.acm - Ok c:\windows\system32\imaadp32.acm - Ok c:\windows\system32\ntkrnlpa.exe - Ok c:\documents and settings\michael senff\local settings\temp\1af96bff7.sys - file not found c:\windows\system32\hal.dll - Ok c:\windows\system32\drivers\videoprt.sys - Ok c:\windows\system32\drivers\usbport.sys - Ok Process :0 - read error Process System:4 - Ok Process \SystemRoot\System32\smss.exe:624 - Ok Process \??\C:\WINDOWS\system32\csrss.exe:684 - Ok Process \??\C:\WINDOWS\system32\winlogon.exe:708 - Ok Process C:\WINDOWS\system32\services.exe:752 - Ok Process C:\WINDOWS\system32\lsass.exe:764 - Ok Process C:\WINDOWS\system32\svchost.exe:932 - Ok Process C:\WINDOWS\system32\svchost.exe:1020 - Ok Process c:\Program Files\Microsoft Security Client\MsMpEng.exe:1116 - Ok Process C:\WINDOWS\System32\svchost.exe:1152 - Ok Process C:\WINDOWS\system32\svchost.exe:1240 - Ok Process C:\WINDOWS\system32\svchost.exe:1308 - Ok Process C:\WINDOWS\system32\spoolsv.exe:1580 - Ok Process C:\WINDOWS\system32\svchost.exe:1736 - Ok Process C:\WINDOWS\Explorer.EXE:1756 - Ok Process C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe:1868 - Ok Process C:\WINDOWS\system32\nvsvc32.exe:1952 - Ok Process C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:188 - Ok Process C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe:260 - Ok Process C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe:460 - Ok Process C:\WINDOWS\system32\wscntfy.exe:1852 - Ok Process C:\WINDOWS\RTHDCPL.EXE:648 - Ok Process C:\Program Files\Microsoft Security Client\msseces.exe:1092 - Ok Process C:\Program Files\AVG Secure Search\vprot.exe:1404 - Ok Process C:\WINDOWS\system32\RunDLL32.exe:1988 - Ok Process C:\WINDOWS\system32\ctfmon.exe:2708 - Ok Process C:\Program Files\Pando Networks\Media Booster\PMB.exe:2988 - Ok Process C:\WINDOWS\System32\alg.exe:1096 - Ok Process C:\Program Files\Mozilla Firefox\firefox.exe:2696 - Ok Process C:\Documents and Settings\Michael Senff\My Documents\Downloads\drweb-cureit.exe:3420 - Ok Process c:\documents and settings\michael senff\local settings\temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ggv5nwpp.exe:3468 - Ok Process c:\documents and settings\michael senff\local settings\temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\h35pdxp9.exe:3324 - Ok Process c:\documents and settings\michael senff\local settings\temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\6qpfy1g7.exe:2544 - Ok HDD0 MBR - Ok HDD0 Active OS\2 or WinNT Boot Sector - Ok c:\documents and settings\all users\start menu\programs\startup\desktop.ini - Ok c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\6qpfy1g7.exe - Ok c:\documents and settings\michael senff\start menu\programs\startup\desktop.ini - Ok >c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll is BINARYRES container >>c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll\data003 - packed by BINARYRES c:\program files\avg secure search\13.2.0.5\avg secure search_toolbar.dll - Ok c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\ggv5nwpp.exe - Ok >>c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll\data004 - packed by BINARYRES >c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe is BINARYRES container >c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d873c0aa-3bbe-4452-a0dd-17897ba963e0}\mpengine.dll is BINARYRES container >>c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe\data001 - packed by BINARYRES c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll - container >>c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe\data002 - packed by BINARYRES >c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\h35pdxp9.exe is BINARYRES container c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe - container c:\program files\common files\avg secure search\dntinstaller\13.2.0\avgdttbx.dll - Ok c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d873c0aa-3bbe-4452-a0dd-17897ba963e0}\mpengine.dll - container c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\h35pdxp9.exe - container c:\program files\common files\avg secure search\sitesafetyinstaller\13.2.0\sitesafety.dll - Ok c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe - Ok c:\program files\common files\avg secure search\viprotocolinstaller\13.2.0\viprotocol.dll - Ok c:\program files\avg secure search\vprot.exe - Ok c:\program files\gigabyte\et6\amifldrv32.sys - Ok c:\program files\common files\microsoft shared\speech\sapi.cpl - Ok c:\program files\google\update\googleupdate.exe - Ok c:\program files\common files\system\ole db\oledb32.dll - Ok c:\program files\intel\intel® management engine components\uns\statusstrings.dll - Ok c:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\toolbarupdater.exe - Ok c:\program files\intel\intel® management engine components\lms\lms.exe - Ok c:\program files\common files\microsoft shared\dw\dw20.exe - Ok c:\program files\malwarebytes' anti-malware\mbamscheduler.exe - Ok c:\program files\microsoft security client\eppmanifest.dll - Ok c:\program files\intel\intel® management engine components\uns\xerces-c_2_7.dll - Ok c:\program files\microsoft security client\mpclient.dll - Ok c:\program files\microsoft security client\mpevmsg.dll - Ok c:\program files\malwarebytes' anti-malware\mbamservice.exe - Ok c:\program files\messenger\msmsgs.exe - Ok c:\program files\microsoft security client\mpcmdrun.exe - Ok c:\program files\microsoft security client\msmpeng.exe - Ok c:\program files\microsoft security client\mpoav.dll - Ok c:\program files\microsoft security client\mprtp.dll - Ok c:\program files\microsoft security client\shellext.dll - Ok >c:\program files\microsoft security client\msmpres.dll is ZLIB container c:\program files\microsoft security client\sqmapi.dll - Ok c:\program files\mozilla firefox\components\browsercomps.dll - Ok c:\program files\microsoft security client\msseces.exe - Ok c:\program files\mozilla firefox\firefox.exe - Ok c:\program files\microsoft security client\mpsvc.dll - Ok c:\program files\mozilla firefox\mozalloc.dll - Ok c:\program files\mozilla firefox\mozglue.dll - Ok c:\program files\intel\intel® management engine components\uns\uns.exe - Ok c:\program files\mozilla firefox\mozsqlite3.dll - Ok c:\program files\mozilla firefox\freebl3.dll - Ok c:\program files\mozilla firefox\nspr4.dll - Ok c:\program files\mozilla firefox\mozjs.dll - Ok c:\program files\mozilla firefox\msvcp100.dll - Ok c:\program files\mozilla firefox\gkmedias.dll - Ok c:\program files\mozilla firefox\msvcr100.dll - Ok c:\program files\mozilla firefox\nssutil3.dll - Ok c:\program files\mozilla firefox\plc4.dll - Ok c:\program files\mozilla firefox\nss3.dll - Ok c:\program files\mozilla firefox\plds4.dll - Ok c:\program files\mozilla firefox\nssdbm3.dll - Ok c:\program files\mozilla firefox\nssckbi.dll - Ok c:\program files\mozilla firefox\xpcom.dll - Ok c:\program files\mozilla firefox\smime3.dll - Ok c:\program files\mozilla firefox\ssl3.dll - Ok c:\program files\mozilla firefox\softokn3.dll - Ok c:\program files\mozilla maintenance service\maintenanceservice.exe - Ok c:\program files\nvidia corporation\nview\nvshell.dll - Ok c:\program files\microsoft security client\msmpres.dll - container c:\program files\nvidia corporation\nview\nview.dll - Ok c:\program files\nvidia corporation\nvidia update core\daemonu.exe - Ok c:\program files\nvidia corporation\update common\easydaemonapiu.dll - Ok c:\program files\nvidia corporation\update common\nvupdtr.dll - Ok c:\program files\outlook express\setup50.exe - Ok c:\program files\nvidia corporation\nview\nwiz.exe - Ok c:\program files\outlook express\wabfind.dll - Ok c:\program files\pando networks\media booster\bugsplat.dll - Ok c:\program files\pando networks\media booster\nspr4.dll - Ok c:\program files\pando networks\media booster\microsoft.vc90.crt\msvcr90.dll - Ok c:\program files\pando networks\media booster\microsoft.vc90.crt\msvcp90.dll - Ok >c:\program files\pando networks\media booster\plc4.dll - packed by FLY-CODE c:\program files\pando networks\media booster\plds4.dll - Ok c:\program files\pando networks\media booster\freebl3.dll - Ok c:\program files\pando networks\media booster\nss3.dll - Ok c:\program files\pando networks\media booster\smime3.dll - Ok c:\program files\nvidia corporation\update common\nvupdt.dll - Ok c:\program files\pando networks\media booster\pmb.cpl - Ok c:\program files\pando networks\media booster\plc4.dll - Ok c:\program files\pando networks\media booster\ssl3.dll - Ok c:\windows\apppatch\acadproc.dll - Ok c:\program files\pando networks\media booster\softokn3.dll - Ok c:\windows\gdrv.sys - Ok >c:\windows\downloaded program files\qsax.dll - packed by UPX c:\windows\inf\msmsgs.inf - Ok c:\windows\inf\msnetmtg.inf - Ok >c:\program files\pando networks\media booster\pmb.exe is ZLIB container c:\program files\pando networks\media booster\pmb.exe - container c:\windows\inf\unregmp2.exe - Ok c:\windows\inf\wmp.inf - Ok c:\windows\microsoft.net\framework\v2.0.50727\aspnet_rc.dll - Ok c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe - Ok c:\windows\apppatch\acgenral.dll - Ok c:\windows\explorer.exe - Ok c:\windows\microsoft.net\framework\v3.0\windows communication foundation\servicemodelevents.dll.mui - Ok c:\windows\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe - Ok c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe - Ok c:\windows\microsoft.net\framework\v2.0.50727\eventlogmessages.dll - Ok c:\windows\msagent\agentpsh.dll - Ok c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe - Ok c:\program files\mozilla firefox\xul.dll - Ok c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe - Ok c:\windows\pchealth\helpctr\binaries\hcappres.dll - Ok c:\windows\pchealth\helpctr\binaries\pchsvc.dll - Ok c:\windows\npmsdm.dll - Ok c:\windows\system32\adsldpc.dll - Ok c:\windows\system32\activeds.dll - Ok c:\windows\network diagnostic\xpnetdiag.exe - Ok c:\windows\system32\advpack.dll - Ok c:\windows\system32\alrsvc.dll - Ok c:\windows\downloaded program files\qsax.dll - Ok c:\windows\system32\apphelp.dll - Ok c:\windows\system32\advapi32.dll - Ok c:\windows\system32\atl.dll - Ok c:\windows\system32\audiosrv.dll - Ok c:\windows\system32\authz.dll - Ok c:\windows\system32\basesrv.dll - Ok >c:\windows\system32\browselc.dll is BINARYRES container >c:\windows\system32\appwiz.cpl is BINARYRES container c:\windows\system32\batmeter.dll - Ok >>c:\windows\system32\appwiz.cpl\data001 is JS-HTML container >>c:\windows\system32\browselc.dll\data004 is JS-HTML container c:\windows\system32\browser.dll - Ok >>c:\windows\system32\appwiz.cpl\data003 is JS-HTML container c:\windows\system32\autochk.exe - Ok >>c:\windows\system32\appwiz.cpl\data004 is JS-HTML container >>c:\windows\system32\browselc.dll\data008 is JS-HTML container >>c:\windows\system32\appwiz.cpl\data006 is JS-HTML container >>c:\windows\system32\browselc.dll\data012 is JS-HTML container >>c:\windows\system32\browselc.dll\data013 is ZLIB container c:\windows\system32\browselc.dll - container >>c:\windows\system32\appwiz.cpl\data008 is JS-HTML container c:\windows\system32\cabinet.dll - Ok >>c:\windows\system32\appwiz.cpl\data009 is JS-HTML container c:\windows\system32\cabview.dll - Ok >>c:\windows\system32\appwiz.cpl\data011 is JS-HTML container c:\windows\system32\alg.exe - Ok >>c:\windows\system32\appwiz.cpl\data012 is JS-HTML container c:\windows\system32\certcli.dll - Ok >>c:\windows\system32\appwiz.cpl\data014 is JS-HTML container c:\windows\system32\catsrv.dll - Ok >>c:\windows\system32\appwiz.cpl\data015 is JS-HTML container c:\windows\system32\browseui.dll - Ok c:\windows\system32\cisvc.exe - Ok c:\windows\system32\catsrvut.dll - Ok >>c:\windows\system32\appwiz.cpl\data016 is JS-HTML container c:\windows\system32\appwiz.cpl - container c:\windows\system32\clusapi.dll - Ok c:\windows\system32\cnbjmon.dll - Ok c:\windows\system32\clbcatq.dll - Ok c:\windows\system32\cmd.exe - Ok c:\windows\system32\comres.dll - Ok c:\windows\system32\comctl32.dll - Ok c:\windows\system32\comdlg32.dll - Ok c:\windows\system32\colbact.dll - Ok c:\windows\system32\cryptdll.dll - Ok c:\windows\system32\credui.dll - Ok c:\windows\system32\cryptext.dll - Ok c:\windows\system32\comsvcs.dll - Ok c:\windows\system32\cryptsvc.dll - Ok c:\windows\system32\cryptnet.dll - Ok c:\windows\system32\crypt32.dll - Ok c:\windows\system32\clipsrv.exe - Ok c:\windows\system32\csrss.exe - Ok c:\windows\system32\csrsrv.dll - Ok c:\windows\system32\cryptui.dll - Ok c:\windows\system32\cscdll.dll - Ok c:\windows\system32\d3d8thk.dll - Ok c:\windows\system32\davclnt.dll - Ok >c:\windows\rthdcpl.exe is BINARYRES container c:\windows\system32\cscui.dll - Ok >c:\windows\system32\deskmon.dll - packed by FLY-CODE c:\windows\system32\deskadp.dll - Ok c:\windows\system32\ctfmon.exe - Ok >c:\windows\system32\deskperf.dll - packed by FLY-CODE c:\windows\system32\dbghelp.dll - Ok c:\windows\system32\deskmon.dll - Ok c:\windows\system32\deskperf.dll - Ok c:\windows\system32\dfshim.dll - Ok c:\windows\system32\dhcpqec.dll - Ok c:\windows\system32\dfsshlex.dll - Ok c:\windows\system32\dhcpcsvc.dll - Ok c:\windows\system32\dimsntfy.dll - Ok c:\windows\system32\digest.dll - Ok c:\windows\system32\dllhost.exe - Ok c:\windows\system32\d3d9.dll - Ok c:\windows\system32\dnsrslvr.dll - Ok c:\windows\system32\dmadmin.exe - Ok c:\windows\system32\dmserver.dll - Ok c:\windows\system32\dnsapi.dll - Ok c:\windows\system32\diskcopy.dll - Ok c:\windows\system32\docprop.dll - Ok c:\windows\system32\dot3api.dll - Ok c:\windows\system32\docprop2.dll - Ok c:\windows\system32\dot3dlg.dll - Ok c:\windows\system32\drivers\acpiec.sys - Ok c:\windows\system32\dot3svc.dll - Ok c:\windows\system32\dot3gpclnt.dll - Ok c:\windows\system32\dpcdll.dll - Ok c:\windows\system32\drivers\beep.sys - Ok c:\windows\system32\drivers\avgtpx86.sys - Ok c:\windows\system32\drivers\cbidf2k.sys - Ok c:\windows\system32\drivers\cdaudio.sys - Ok c:\windows\system32\drivers\afd.sys - Ok c:\windows\system32\drivers\cdfs.sys - Ok c:\windows\system32\drivers\disk.sys - Ok c:\windows\system32\drivers\dmload.sys - Ok c:\windows\system32\drivers\bridge.sys - Ok c:\windows\system32\drivers\fdc.sys - Ok c:\windows\system32\drivers\dmio.sys - Ok c:\windows\system32\drivers\fastfat.sys - Ok c:\windows\system32\drivers\fs_rec.sys - Ok c:\windows\system32\drivers\flpydisk.sys - Ok c:\windows\system32\drivers\gvtdrv.sys - Ok c:\windows\system32\drivers\dmboot.sys - Ok c:\windows\system32\drivers\fips.sys - Ok c:\windows\system32\drivers\ip6fw.sys - Ok c:\windows\system32\drivers\ksecdd.sys - Ok c:\windows\system32\drivers\modem.sys - Ok c:\windows\system32\drivers\mbamchameleon.sys - Ok c:\windows\system32\drivers\ipnat.sys - Ok c:\windows\system32\drivers\mountmgr.sys - Ok c:\windows\system32\drivers\msfs.sys - Ok c:\windows\system32\drivers\mbam.sys - Ok c:\windows\system32\drivers\ndproxy.sys - Ok c:\windows\system32\drivers\netbios.sys - Ok c:\windows\system32\drivers\ndisuio.sys - Ok c:\windows\system32\drivers\mup.sys - Ok c:\windows\system32\drivers\npfs.sys - Ok c:\windows\system32\drivers\null.sys - Ok c:\windows\system32\drivers\parport.sys - Ok c:\windows\system32\drivers\partmgr.sys - Ok c:\windows\system32\drivers\parvdm.sys - Ok c:\windows\system32\drivers\netbt.sys - Ok c:\windows\system32\drivers\ndis.sys - Ok c:\windows\system32\drivers\rdpcdd.sys - Ok c:\windows\system32\drivers\pci.sys - Ok c:\windows\system32\drivers\pcmcia.sys - Ok c:\windows\system32\drivers\sfloppy.sys - Ok c:\windows\system32\drivers\scsiport.sys - Ok c:\windows\system32\drivers\rdpwd.sys - Ok c:\windows\system32\drivers\serial.sys - Ok c:\windows\system32\drivers\tdi.sys - Ok c:\windows\system32\drivers\tdtcp.sys - Ok c:\windows\system32\drivers\tdpipe.sys - Ok c:\windows\system32\drivers\usbstor.sys - Ok c:\windows\system32\drivers\sr.sys - Ok c:\windows\system32\drivers\udfs.sys - Ok c:\windows\system32\drivers\vga.sys - Ok c:\windows\system32\drivers\volsnap.sys - Ok c:\windows\rthdcpl.exe - container c:\windows\system32\drivers\ws2ifsl.sys - Ok c:\windows\system32\drprov.dll - Ok c:\windows\system32\drivers\tcpip.sys - Ok c:\windows\system32\dskquota.dll - Ok c:\windows\system32\dsquery.dll - Ok c:\windows\system32\drivers\ntfs.sys - Ok c:\windows\system32\dskquoui.dll - Ok c:\windows\system32\dssec.dll - Ok c:\windows\system32\eapolqec.dll - Ok c:\windows\system32\dsuiext.dll - Ok c:\windows\system32\dsound.dll - Ok c:\windows\system32\dssenh.dll - Ok c:\windows\system32\ersvc.dll - Ok c:\windows\system32\eappprxy.dll - Ok c:\windows\system32\eappcfg.dll - Ok c:\windows\system32\eapsvc.dll - Ok c:\windows\system32\duser.dll - Ok c:\windows\system32\es.dll - Ok c:\windows\system32\extmgr.dll - Ok c:\windows\system32\eventlog.dll - Ok c:\windows\system32\faultrep.dll - Ok c:\windows\system32\feclient.dll - Ok c:\windows\system32\drwtsn32.exe - Ok c:\windows\system32\fltlib.dll - Ok c:\windows\system32\firewall.cpl - Ok c:\windows\system32\gdi32.dll - Ok c:\windows\system32\hid.dll - Ok c:\windows\system32\hidphone.tsp - Ok c:\windows\system32\esent.dll - Ok c:\windows\system32\hticons.dll - Ok c:\windows\system32\iassvcs.dll - Ok c:\windows\system32\icaapi.dll - Ok >c:\windows\system32\fontext.dll is BINARYRES container >>c:\windows\system32\fontext.dll\data001 - packed by MS COMPRESS c:\windows\system32\iac25_32.ax - Ok c:\windows\system32\h323.tsp - Ok c:\windows\system32\hhctrl.ocx - Ok c:\windows\system32\hnetcfg.dll - Ok >>c:\windows\system32\fontext.dll\data002 - packed by MS COMPRESS c:\windows\system32\iccvid.dll - Ok c:\windows\system32\fontext.dll - container c:\windows\system32\icmp.dll - Ok c:\windows\system32\icmui.dll - Ok >c:\windows\system32\icardres.dll.mui is BINARYRES container c:\windows\system32\ie4uinit.exe - Ok c:\windows\system32\imaadp32.acm - Ok c:\windows\system32\iedkcs32.dll - Ok c:\windows\system32\imapi.exe - Ok c:\windows\system32\imm32.dll - Ok c:\windows\system32\iertutil.dll - Ok c:\windows\system32\icardres.dll.mui - container c:\windows\system32\inetpp.dll - Ok c:\windows\system32\iologmsg.dll - Ok c:\windows\system32\ipconf.tsp - Ok c:\windows\system32\ieudinit.exe - Ok c:\windows\system32\inetcomm.dll - Ok c:\windows\system32\imagehlp.dll - Ok c:\windows\system32\iphlpapi.dll - Ok c:\windows\system32\ir32_32.dll - Ok c:\windows\system32\ipsecsvc.dll - Ok c:\windows\system32\ieframe.dll - Ok c:\windows\system32\ipnathlp.dll - Ok c:\windows\system32\iyuv_32.dll - Ok c:\windows\system32\kmddsp.tsp - Ok c:\windows\system32\ir50_32.dll - Ok c:\windows\system32\itss.dll - Ok c:\windows\system32\kmsvc.dll - Ok c:\windows\system32\kerberos.dll - Ok c:\windows\system32\ksuser.dll - Ok c:\windows\system32\ir41_32.ax - Ok >c:\windows\system32\linkinfo.dll - packed by FLY-CODE c:\windows\system32\kernel32.dll - Ok c:\windows\system32\lmhsvc.dll - Ok c:\windows\system32\l3codeca.acm - Ok c:\windows\system32\loadperf.dll - Ok c:\windows\system32\locator.exe - Ok c:\windows\system32\localspl.dll - Ok c:\windows\system32\linkinfo.dll - Ok c:\windows\system32\lz32.dll - Ok c:\windows\system32\logon.scr - Ok c:\windows\system32\lsass.exe - Ok c:\windows\system32\mfcsubs.dll - Ok c:\windows\system32\midimap.dll - Ok c:\windows\system32\legitcheckcontrol.dll - Ok c:\windows\system32\lsasrv.dll - Ok c:\windows\system32\mnmdd.dll - Ok c:\windows\system32\logonui.exe - Ok c:\windows\system32\macromed\flash\flashplayerupdateservice.exe - Ok c:\windows\system32\mlang.dll - Ok c:\windows\system32\mpr.dll - Ok c:\windows\system32\mnmsrvc.exe - Ok c:\windows\system32\mprdim.dll - Ok c:\windows\system32\mmcshext.dll - Ok c:\windows\system32\mmsys.cpl - Ok c:\windows\system32\mprmsg.dll - Ok >c:\windows\system32\msacm32.drv - packed by FLY-CODE c:\windows\system32\mprapi.dll - Ok c:\windows\system32\msadp32.acm - Ok c:\windows\system32\msasn1.dll - Ok c:\windows\system32\msaudite.dll - Ok c:\windows\system32\msapsspc.dll - Ok c:\windows\system32\msacm32.dll - Ok c:\windows\system32\mscms.dll - Ok c:\windows\system32\mscories.dll - Ok c:\windows\system32\msacm32.drv - Ok c:\windows\system32\mscoree.dll - Ok c:\windows\system32\msdtc.exe - Ok c:\windows\system32\msg711.acm - Ok c:\windows\system32\msaud32.acm - Ok c:\windows\system32\msctfime.ime - Ok c:\windows\system32\msctf.dll - Ok c:\windows\system32\msgsm32.acm - Ok c:\windows\system32\msg723.acm - Ok c:\windows\system32\msgsvc.dll - Ok c:\windows\system32\msh261.drv - Ok c:\windows\system32\msh263.drv - Ok c:\windows\system32\msftedit.dll - Ok c:\windows\system32\msgina.dll - Ok c:\windows\system32\msiexec.exe - Ok c:\windows\system32\msieftp.dll - Ok c:\windows\system32\msidle.dll - Ok c:\windows\system32\msimg32.dll - Ok c:\windows\system32\msobjs.dll - Ok c:\windows\system32\mspatcha.dll - Ok c:\windows\system32\msprivs.dll - Ok c:\windows\system32\msrle32.dll - Ok c:\windows\system32\msshavmsg.dll - Ok c:\windows\system32\msnsspc.dll - Ok c:\windows\system32\mstask.dll - Ok c:\windows\system32\msi.dll - Ok c:\windows\system32\mstlsapi.dll - Ok c:\windows\system32\msv1_0.dll - Ok c:\windows\system32\msutb.dll - Ok c:\windows\system32\mspmsnsv.dll - Ok c:\windows\system32\msvidc32.dll - Ok c:\windows\system32\msvcp60.dll - Ok c:\windows\system32\msvcrt.dll - Ok c:\windows\system32\msyuv.dll - Ok c:\windows\system32\mswsock.dll - Ok c:\windows\system32\mtxclu.dll - Ok c:\windows\system32\mydocs.dll - Ok c:\windows\system32\mshtml.dll - Ok >c:\windows\system32\muweb.dll is CAB archive c:\windows\system32\muweb.dll - Ok c:\windows\system32\muweb.dll - archive c:\windows\system32\msvbvm60.dll - Ok c:\windows\system32\napipsec.dll - Ok >c:\windows\system32\nddeapi.dll - packed by FLY-CODE c:\windows\system32\ncobjapi.dll - Ok c:\windows\system32\ndptsp.tsp - Ok c:\windows\system32\msvidctl.dll - Ok c:\windows\system32\netapi32.dll - Ok c:\windows\system32\msxml3.dll - Ok c:\windows\system32\nddeapi.dll - Ok c:\windows\system32\netdde.exe - Ok c:\windows\system32\netevent.dll - Ok c:\windows\system32\netmsg.dll - Ok c:\windows\system32\netrap.dll - Ok c:\windows\system32\netcfgx.dll - Ok c:\windows\system32\netsetup.cpl - Ok c:\windows\system32\netui0.dll - Ok c:\windows\system32\netman.dll - Ok c:\windows\system32\netlogon.dll - Ok c:\windows\system32\nmevtmsg.dll - Ok c:\windows\system32\normaliz.dll - Ok c:\windows\system32\ntdsapi.dll - Ok c:\windows\system32\netplwiz.dll - Ok c:\windows\system32\netui1.dll - Ok c:\windows\system32\ntlanman.dll - Ok c:\windows\system32\ntlsapi.dll - Ok c:\windows\system32\ntdll.dll - Ok c:\windows\system32\ntlanui2.dll - Ok c:\windows\system32\ntmarta.dll - Ok c:\windows\system32\netshell.dll - Ok c:\windows\system32\ntmsevt.dll - Ok c:\windows\system32\ntshrui.dll - Ok c:\windows\system32\ntmssvc.dll - Ok c:\windows\system32\ntsd.exe - Ok c:\windows\system32\oakley.dll - Ok c:\windows\system32\nvmctray.dll - Ok c:\windows\system32\occache.dll - Ok c:\windows\system32\nvsvc32.exe - Ok c:\windows\system32\odbcint.dll - Ok c:\windows\system32\odbc32.dll - Ok c:\windows\system32\odbcbcp.dll - Ok c:\windows\system32\oleacc.dll - Ok c:\windows\system32\oleaut32.dll - Ok c:\windows\system32\olecnv32.dll - Ok c:\windows\system32\olesvr32.dll - Ok c:\windows\system32\olethk32.dll - Ok c:\windows\system32\olecli32.dll - Ok c:\windows\system32\pautoenr.dll - Ok >c:\windows\system32\ole32.dll is BINARYRES container c:\windows\system32\onex.dll - Ok c:\windows\system32\perfctrs.dll - Ok c:\windows\system32\ole32.dll - container c:\windows\system32\perfdisk.dll - Ok c:\windows\system32\perfnet.dll - Ok c:\windows\system32\pdh.dll - Ok c:\windows\system32\perfmon.exe - Ok c:\windows\system32\nvapi.dll - Ok c:\windows\system32\perfos.dll - Ok c:\windows\system32\perfproc.dll - Ok >c:\windows\system32\pjlmon.dll - packed by FLY-CODE c:\windows\system32\powrprof.dll - Ok c:\windows\system32\pjlmon.dll - Ok c:\windows\system32\prflbmsg.dll - Ok c:\windows\system32\photowiz.dll - Ok c:\windows\system32\nvcpl.dll - Ok c:\windows\system32\profmap.dll - Ok c:\windows\system32\psapi.dll - Ok c:\windows\system32\pstorsvc.dll - Ok c:\windows\system32\printui.dll - Ok c:\windows\system32\psbase.dll - Ok c:\windows\system32\qutil.dll - Ok c:\windows\system32\qagentrt.dll - Ok c:\windows\system32\rasadhlp.dll - Ok c:\windows\system32\qmgr.dll - Ok c:\windows\system32\raschap.dll - Ok c:\windows\system32\rasauto.dll - Ok c:\windows\system32\query.dll - Ok c:\windows\system32\rasman.dll - Ok c:\windows\system32\rasapi32.dll - Ok c:\windows\system32\rasqec.dll - Ok c:\windows\system32\rdpdd.dll - Ok c:\windows\system32\rastapi.dll - Ok c:\windows\system32\rasppp.dll - Ok c:\windows\system32\regapi.dll - Ok c:\windows\system32\rastls.dll - Ok c:\windows\system32\rasdlg.dll - Ok c:\windows\system32\rasmans.dll - Ok c:\windows\system32\resutils.dll - Ok c:\windows\system32\rshx32.dll - Ok c:\windows\system32\remotepg.dll - Ok c:\windows\system32\regsvr32.exe - Ok c:\windows\system32\rsvpmsg.dll - Ok c:\windows\system32\rpcrt4.dll - Ok c:\windows\system32\rsvp.exe - Ok c:\windows\system32\rsaenh.dll - Ok c:\windows\system32\rundll32.exe - Ok c:\windows\system32\rtm.dll - Ok c:\windows\system32\rtutils.dll - Ok c:\windows\system32\safrslv.dll - Ok c:\windows\system32\rsvpsp.dll - Ok c:\windows\system32\safrdm.dll - Ok c:\windows\system32\samlib.dll - Ok c:\windows\system32\rpcss.dll - Ok c:\windows\system32\scardsvr.exe - Ok c:\windows\system32\schannel.dll - Ok c:\windows\system32\scesrv.dll - Ok c:\windows\system32\scecli.dll - Ok c:\windows\system32\savedump.exe - Ok c:\windows\system32\seclogon.dll - Ok c:\windows\system32\samsrv.dll - Ok c:\windows\system32\sclgntfy.dll - Ok c:\windows\system32\sendmail.dll - Ok c:\windows\system32\sensapi.dll - Ok c:\windows\system32\secur32.dll - Ok c:\windows\system32\sens.dll - Ok c:\windows\system32\sfc.dll - Ok c:\windows\system32\schedsvc.dll - Ok c:\windows\system32\services.exe - Ok c:\windows\system32\sessmgr.exe - Ok c:\windows\system32\shfolder.dll - Ok >c:\windows\system32\shdoclc.dll is BINARYRES container >>c:\windows\system32\shdoclc.dll\data001 is JS-HTML container c:\windows\system32\sfc_os.dll - Ok c:\windows\system32\shimeng.dll - Ok >>c:\windows\system32\shdoclc.dll\data002 is JS-HTML container >>c:\windows\system32\shdoclc.dll\data003 is JS-HTML container >c:\windows\system32\setupapi.dll - packed by BINARYRES >>c:\windows\system32\setupapi.dll - packed by MS COMPRESS >>c:\windows\system32\shdoclc.dll\data004 is JS-HTML container c:\windows\system32\setupapi.dll - Ok c:\windows\system32\shlwapi.dll - Ok c:\windows\system32\shdocvw.dll - Ok >>c:\windows\system32\shdoclc.dll\data005 is JS-HTML container >>c:\windows\system32\shdoclc.dll\data006 is JS-HTML container >c:\windows\system32\shimgvw.dll is BINARYRES container >>c:\windows\system32\shimgvw.dll\data001 is JS-HTML container c:\windows\system32\shmgrate.exe - Ok >>c:\windows\system32\shimgvw.dll\data002 is JS-HTML container c:\windows\system32\shdoclc.dll - container c:\windows\system32\shscrap.dll - Ok c:\windows\system32\shimgvw.dll - container c:\windows\system32\shmedia.dll - Ok c:\windows\system32\slayerxp.dll - Ok c:\windows\system32\shsvcs.dll - Ok >c:\windows\system32\shell32.dll is BINARYRES container >>c:\windows\system32\shell32.dll\data001 is JS-HTML container c:\windows\system32\smss.exe - Ok c:\windows\system32\spmsg.dll - Ok c:\windows\system32\sl_anet.acm - Ok c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - Ok c:\windows\system32\shell32.dll - container c:\windows\system32\smlogsvc.exe - Ok c:\windows\system32\spoolss.dll - Ok c:\windows\system32\ssdpapi.dll - Ok c:\windows\system32\srvsvc.dll - Ok c:\windows\system32\srsvc.dll - Ok c:\windows\system32\spoolsv.exe - Ok c:\windows\system32\stobject.dll - Ok c:\windows\system32\ssdpsrv.dll - Ok c:\windows\system32\svchost.exe - Ok c:\windows\system32\sxs.dll - Ok c:\windows\system32\syncui.dll - Ok c:\windows\system32\t2embed.dll - Ok c:\windows\system32\tcpmon.dll - Ok c:\windows\system32\tapi32.dll - Ok c:\windows\system32\trkwks.dll - Ok c:\windows\system32\tsbyuv.dll - Ok c:\windows\system32\tapisrv.dll - Ok c:\windows\system32\tssoft32.acm - Ok c:\windows\system32\tsddd.dll - Ok c:\windows\system32\syssetup.dll - Ok c:\windows\system32\twext.dll - Ok c:\windows\system32\ulib.dll - Ok c:\windows\system32\termsrv.dll - Ok >c:\windows\system32\uniplat.dll - packed by FLY-CODE c:\windows\system32\umpnpmgr.dll - Ok c:\windows\system32\themeui.dll - Ok c:\windows\system32\unimdm.tsp - Ok c:\windows\system32\ups.exe - Ok c:\windows\system32\upnp.dll - Ok c:\windows\system32\url.dll - Ok c:\windows\system32\usbmon.dll - Ok c:\windows\system32\upnphost.dll - Ok c:\windows\system32\userinit.exe - Ok c:\windows\system32\uniplat.dll - Ok c:\windows\system32\uxtheme.dll - Ok c:\windows\system32\version.dll - Ok c:\windows\system32\user32.dll - Ok c:\windows\system32\urlmon.dll - Ok c:\windows\system32\usp10.dll - Ok c:\windows\system32\userenv.dll - Ok c:\windows\system32\w3ssl.dll - Ok c:\windows\system32\wbem\ncprov.dll - Ok c:\windows\system32\wbem\esscli.dll - Ok c:\windows\system32\vssvc.exe - Ok c:\windows\system32\w32time.dll - Ok c:\windows\system32\vssapi.dll - Ok c:\windows\system32\wbem\wbemcomn.dll - Ok c:\windows\system32\wbem\fastprox.dll - Ok c:\windows\system32\wbem\wbemprox.dll - Ok c:\windows\system32\wbem\wbemsvc.dll - Ok c:\windows\system32\wbem\repdrvfs.dll - Ok c:\windows\system32\wbem\wmiapres.dll - Ok c:\windows\system32\wbem\wmiaprpl.dll - Ok c:\windows\system32\wbem\wbemcore.dll - Ok c:\windows\system32\wbem\wmisvc.dll - Ok c:\windows\system32\wbem\wmiapsrv.exe - Ok c:\windows\system32\wdigest.dll - Ok c:\windows\system32\wbem\wbemess.dll - Ok c:\windows\system32\wbem\wmiutils.dll - Ok c:\windows\system32\wdmaud.drv - Ok c:\windows\system32\wbem\wmiprvsd.dll - Ok c:\windows\system32\webclnt.dll - Ok c:\windows\system32\wbem\winmgmt.exe - Ok c:\windows\system32\webcheck.dll - Ok c:\windows\system32\wiascr.dll - Ok c:\windows\system32\winhttp.dll - Ok c:\windows\system32\wiaservc.dll - Ok c:\windows\system32\win32spl.dll - Ok c:\windows\system32\wiashext.dll - Ok c:\windows\system32\winipsec.dll - Ok >c:\windows\system32\winrnr.dll - packed by FLY-CODE c:\windows\system32\winscard.dll - Ok c:\windows\system32\winsock.dll - Ok c:\windows\system32\winmm.dll - Ok c:\windows\system32\winrnr.dll - Ok c:\windows\system32\winspool.drv - Ok c:\windows\system32\wininet.dll - Ok >c:\windows\system32\winsta.dll - packed by FLY-CODE c:\windows\system32\wkssvc.dll - Ok c:\windows\system32\winlogon.exe - Ok c:\windows\system32\wintrust.dll - Ok c:\windows\system32\winsrv.dll - Ok c:\windows\system32\wmi.dll - Ok c:\windows\system32\wlnotify.dll - Ok c:\windows\system32\ws2_32.dll - Ok c:\windows\system32\ws2help.dll - Ok c:\windows\system32\wldap32.dll - Ok c:\windows\system32\wmpshell.dll - Ok c:\windows\system32\win32k.sys - Ok c:\windows\system32\wscsvc.dll - Ok c:\windows\system32\wscntfy.exe - Ok c:\windows\system32\wsock32.dll - Ok c:\windows\system32\wtsapi32.dll - Ok c:\windows\system32\wshtcpip.dll - Ok c:\windows\system32\wuaucpl.cpl.mui - Ok c:\windows\system32\wuauserv.dll - Ok c:\windows\system32\wshext.dll - Ok >c:\windows\system32\wuaucpl.cpl - packed by FLY-CODE c:\windows\system32\wzcsapi.dll - Ok c:\windows\system32\wuweb.dll - Ok c:\windows\system32\winsta.dll - Ok c:\windows\system32\xmlprov.dll - Ok c:\windows\system32\wzcdlg.dll - Ok c:\windows\system32\wzcsvc.dll - Ok c:\windows\system32\xpob2res.dll - Ok c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll - Ok c:\windows\system32\wuaueng.dll - Ok c:\windows\system32\xpsshhdr.dll - Ok c:\windows\system32\zipfldr.dll - Ok c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll - Ok c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Ok >c:\windows\system32\xpsp2res.dll is BINARYRES container >>c:\windows\system32\xpsp2res.dll\data001 is JS-HTML container c:\windows\system32\wuaucpl.cpl - Ok c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll - Ok >>c:\windows\system32\xpsp2res.dll\data002 is JS-HTML container >>c:\windows\system32\xpsp2res.dll\data003 is JS-HTML container >>c:\windows\system32\xpsp2res.dll\data004 is JS-HTML container c:\windows\system32\xpsp2res.dll - container d:\autorun.ico - Ok d:\autorun.inf - Ok d:\autorun.exe - Ok C:\AUTOEXEC.BAT - Ok C:\CONFIG.SYS - Ok C:\end - Ok C:\extensions.sqlite - Ok C:\csb.log - Ok C:\IO.SYS - Ok C:\boot.ini - Ok C:\pagefile.sys - read error C:\MSDOS.SYS - Ok C:\Install.log - Ok C:\RHDSetup.log - Ok C:\TDSSKiller.2.8.15.0_01.01.2013_19.39.23_log.txt - Ok C:\WINDOWS\system32\$winnt$.inf - Ok C:\ntldr - Ok C:\WINDOWS\system32\12520437.cpx - Ok C:\WINDOWS\system32\12520850.cpx - Ok C:\NTDETECT.COM - Ok C:\WINDOWS\system32\aaaamon.dll - Ok C:\WINDOWS\system32\acctres.dll - Ok C:\WINDOWS\system32\6to4svc.dll - Ok C:\WINDOWS\system32\access.cpl - Ok C:\WINDOWS\system32\acelpdec.ax - Ok C:\WINDOWS\system32\aaclient.dll - Ok C:\WINDOWS\system32\activeds.dll - Ok C:\WINDOWS\system32\accwiz.exe - Ok C:\WINDOWS\system32\activeds.tlb - Ok C:\WINDOWS\system32\aclui.dll - Ok C:\WINDOWS\system32\acledit.dll - Ok C:\WINDOWS\system32\actxprxy.dll - Ok C:\WINDOWS\system32\actmovie.exe - Ok >C:\WINDOWS\system32\admparse.dll - packed by FLY-CODE C:\WINDOWS\system32\adptif.dll - Ok C:\WINDOWS\system32\adsldpc.dll - Ok C:\WINDOWS\system32\adsmsext.dll - Ok C:\WINDOWS\system32\advpack.dll - Ok C:\WINDOWS\system32\advpack.dll.mui - Ok C:\WINDOWS\system32\admparse.dll - Ok C:\WINDOWS\system32\advapi32.dll - Ok C:\WINDOWS\system32\adsldp.dll - Ok C:\WINDOWS\system32\amcompat.tlb - Ok C:\WINDOWS\system32\alrsvc.dll - Ok C:\WINDOWS\system32\ansi.sys - Ok C:\WINDOWS\system32\adsnt.dll - Ok C:\WINDOWS\system32\append.exe - Ok C:\WINDOWS\system32\amstream.dll - Ok C:\WINDOWS\system32\ahui.exe - Ok C:\WINDOWS\system32\AppleChargerSrv.exe - Ok C:\WINDOWS\system32\apcups.dll - Ok C:\WINDOWS\system32\apphelp.dll - Ok C:\WINDOWS\system32\arp.exe - Ok C:\WINDOWS\system32\asferror.dll - Ok C:\WINDOWS\system32\alg.exe - Ok C:\WINDOWS\system32\asycfilt.dll - Ok C:\WINDOWS\system32\ALSNDMGR.CPL - Ok C:\WINDOWS\system32\at.exe - Ok C:\WINDOWS\system32\asctrls.ocx - Ok C:\WINDOWS\system32\ati2cqag.dll - Ok >C:\WINDOWS\system32\appwiz.cpl is BINARYRES container >>C:\WINDOWS\system32\appwiz.cpl\data001 is JS-HTML container C:\WINDOWS\system32\ativdaxx.ax - Ok >>C:\WINDOWS\system32\appwiz.cpl\data003 is JS-HTML container >>C:\WINDOWS\system32\appwiz.cpl\data004 is JS-HTML container C:\WINDOWS\system32\ati2dvag.dll - Ok >>C:\WINDOWS\system32\appwiz.cpl\data006 is JS-HTML container C:\WINDOWS\system32\ati2dvaa.dll - Ok C:\WINDOWS\system32\ativmvxx.ax - Ok >>C:\WINDOWS\system32\appwiz.cpl\data008 is JS-HTML container C:\WINDOWS\system32\atkctrs.dll - Ok >>C:\WINDOWS\system32\appwiz.cpl\data009 is JS-HTML container >>C:\WINDOWS\system32\appwiz.cpl\data011 is JS-HTML container C:\WINDOWS\system32\atl.dll - Ok >>C:\WINDOWS\system32\appwiz.cpl\data012 is JS-HTML container >>C:\WINDOWS\system32\appwiz.cpl\data014 is JS-HTML container >>C:\WINDOWS\system32\appwiz.cpl\data015 is JS-HTML container C:\WINDOWS\system32\atmadm.exe - Ok >>C:\WINDOWS\system32\appwiz.cpl\data016 is JS-HTML container C:\WINDOWS\system32\appwiz.cpl - container C:\WINDOWS\system32\ati3d1ag.dll - Ok C:\WINDOWS\system32\ativvaxx.dll - Ok C:\WINDOWS\system32\atmpvcno.dll - Ok C:\WINDOWS\system32\atmlib.dll - Ok C:\WINDOWS\system32\atmfd.dll - Ok C:\WINDOWS\system32\atrace.dll - Ok C:\WINDOWS\system32\auditusr.exe - Ok C:\WINDOWS\system32\attrib.exe - Ok C:\WINDOWS\system32\authz.dll - Ok C:\WINDOWS\system32\audiosrv.dll - Ok C:\WINDOWS\system32\AUTOEXEC.NT - Ok C:\WINDOWS\system32\autodisc.dll - Ok C:\WINDOWS\system32\autochk.exe - Ok >C:\WINDOWS\system32\autolfn.exe - packed by FLY-CODE C:\WINDOWS\system32\avicap.dll - Ok C:\WINDOWS\system32\ativtmxx.dll - Ok C:\WINDOWS\system32\autoconv.exe - Ok C:\WINDOWS\system32\avifil32.dll - Ok C:\WINDOWS\system32\avmeter.dll - Ok C:\WINDOWS\system32\ati3duag.dll - Ok C:\WINDOWS\system32\avifile.dll - Ok C:\WINDOWS\system32\avicap32.dll - Ok C:\WINDOWS\system32\basesrv.dll - Ok C:\WINDOWS\system32\autofmt.exe - Ok C:\WINDOWS\system32\batt.dll - Ok C:\WINDOWS\system32\avwav.dll - Ok C:\WINDOWS\system32\bios1.rom - Ok C:\WINDOWS\system32\bidispl.dll - Ok
- January 2, 2013
- 79 replies
Outgoing Malicious IP Blocks. Suspect Infection

MicQsenoch replied to MicQsenoch's topic in Resolved Malware Removal Logs

============================================================================= Dr.Web Scanner SE for Windows v7.0.100.12030 © Doctor Web, Ltd., 1992-2012 Scan session started 2013/01/01 20:07:43 Module location : c:\documents and settings\michael senff\local settings\temp\8CD95628-6839BAB8-8251CD28-34F710F0\ ============================================================================= OPTION [Automatic Apply Actions] NO OPTION [Turn Off Computer After Scan] NO OPTION [use Sound Alerts] NO OPTION [block Network] NO OPTION [Protect Process] NO OPTION [Protect Raw Disk] NO Using language: "English" Available instances: 6 Instances used: 6 Platform: Windows XP Home x86 (Build 2600), Service Pack 3 API Version: 2.2 Scanning Engine version: 8.0.1.11280 Virus Finding Engine version: 7.0.4.9250 Total 89 virus bases are loaded from c:\documents and settings\michael senff\local settings\temp\8CD95628-6839BAB8-8251CD28-34F710F0 vd2yjdma 7.0 9015eded52680399ec1df18349ecbcd74f613b02 2013/01/01 18:10:28 908 records - OK neisoa6b 7.0 f5d1425097a34628f8d752212dabf9732d209c98 2011/07/25 09:20:03 1 record - OK pnsktmnf 7.0 4c38b4db39d5be63a02c898d2438b6c04405a48f 2013/01/01 13:02:18 3916 records - OK t7pfoqgj 7.0 805b6089c867549c75f843eac96b759c3f8d101f 2012/12/30 21:05:41 18184 records - OK ysjt6e70 7.0 c12a817c1f95bb9fd8238ef0d5f68868a8d95686 2012/12/23 21:05:33 30183 records - OK dcjtn7qk 7.0 33def496782eb5b7b1cc93fdb036a1b62fa6a2fd 2012/12/16 21:06:21 25519 records - OK nts2jtjx 7.0 422abae03c588822f412aa9aae50578a1d61737e 2012/12/09 21:05:04 20358 records - OK n6nzvpdy 7.0 a4f0d0ecad4fb6e0afdb1925f4e0b7863b9d03fa 2012/12/02 21:06:19 20133 records - OK rciabzrq 7.0 86daa918ee3de1e4c1e5dea6f9b5f63544cf8814 2012/11/25 21:05:22 27311 records - OK kxx242nk 7.0 6556881c748e1f894eb9c7943ebae67017e1aec2 2012/11/18 21:06:09 29434 records - OK 0tc4jzi6 7.0 559141ef34f9e6226bb58560e9b52e4cc5165150 2012/11/11 21:06:22 26900 records - OK cur0kazg 7.0 cc55013e63ff89319ec772e34d77056c7108cd3b 2012/11/04 21:05:22 25164 records - OK 05oqcdxs 7.0 f477dc247d9b562bb64fd4f46a7dcbdf7124eb60 2012/10/28 22:06:37 30226 records - OK ndrb99tv 7.0 abaf5f7fda7308fcf7573b193bbf2116723e9802 2012/10/21 22:04:37 16441 records - OK jet4em2a 7.0 5adc85528fb49e201d4bc61eca580d6839cc4a4c 2012/10/14 22:05:04 26289 records - OK g022mtpl 7.0 da8cf3fbd81206bb3d8103347a439f920a74bbe2 2012/10/07 22:05:51 27278 records - OK dedkzu0s 7.0 5988744d3cb357f1a013427d466e2d79ab5f8907 2012/09/30 22:05:11 17444 records - OK n18t5qzi 7.0 d4a0dabf4a4df0f79805c6ccdc025f796765e786 2012/09/23 22:06:30 21205 records - OK 5i4lciua 7.0 82ed005784d9e258213070a0cd8bfceff345018d 2012/09/16 22:05:43 11686 records - OK ba0jf7bz 7.0 a95ae63004b8d857c2db055f4e47c15bfc97f626 2012/09/09 22:04:34 12677 records - OK 7knz0vya 7.0 c39bf233d25242ae9ed8cf204b9b788c8f45ab79 2012/09/02 22:05:28 10118 records - OK 2c3cc7bp 7.0 d37b5484b009947b7cdd3837dafe8148615401c2 2012/08/26 22:05:26 12602 records - OK laz4svn3 7.0 41bf1347794ab7060dec7aaecc1d1d95cf6fecb5 2012/08/19 22:04:05 18298 records - OK 00zstied 7.0 1a997511e5892aaeb69b3db70e06676af36382e3 2012/08/12 22:05:19 17126 records - OK z7inloz3 7.0 f7226c59914e3683e538e668c3b664af3232654d 2012/08/05 22:03:53 20539 records - OK 13cbkgyc 7.0 4035c8d3b617bf935a317a8c57efaa8e835a61f4 2012/07/29 22:05:26 19330 records - OK 4blf9nhz 7.0 09b55bc000f184ed426f1d8b9665669346fe5e71 2012/07/22 22:05:34 19692 records - OK gz065ne2 7.0 f746c097f298e94faa9db94e6f64ef9fd4a7b010 2012/07/15 22:05:43 14727 records - OK ng6y0ln0 7.0 792a6a25a17e764390440cd4c2c6ca5a97ab162f 2012/07/08 22:04:33 19485 records - OK jae4x1dz 7.0 ca9905c39e3d93428a4db65a192debe9fbd7acf7 2012/07/01 22:04:55 22898 records - OK on8w4e4q 7.0 dc29c610b866c66ba5327e7830452b2460149a35 2012/06/24 22:05:17 20551 records - OK m1cnqcni 7.0 c28739bea153508d12942ac9a61abd475d0a0404 2012/06/17 22:03:35 9661 records - OK bsxqi1u9 7.0 e5b5835a7c512120c5348e31483a4caa2a845d28 2012/06/10 22:04:32 23632 records - OK sg7ay0yu 7.0 61853ce89026ef0ebbd80174f1b7dd5d25bbc63a 2012/06/03 22:04:41 12423 records - OK szyb64sl 7.0 4e6c9897e153b47ca97b7da48ceed23e555a7761 2012/05/27 22:04:26 15493 records - OK a3of1pu2 7.0 35f4c105cecd8ec1fd01714abebf30f8f3efb96e 2012/05/20 22:03:29 13065 records - OK i99csduf 7.0 3522aa84677411aa7d67796bb05ea3ab62f02a71 2012/05/13 22:04:24 16238 records - OK r2u0dpqq 7.0 7597333540eda537bd42c0a17d4a6526ad247a2e 2012/05/06 22:04:33 11570 records - OK dwwlku9v 7.0 867814380363bc6ad605acf4b96e02c54dbd60f7 2012/04/29 22:03:28 15478 records - OK zn7nidtp 7.0 3c04f402d91a19039cb9c223c435dc4ea1bb3da4 2012/04/22 22:05:05 11881 records - OK 3f5cdptq 7.0 8d0220a2a50b367e61a51d3b29c2659cde41bb7f 2012/04/15 22:03:29 13578 records - OK 60uskbwf 7.0 b79dc6f5832ad390108d1880694ec538e8b34bb0 2012/04/08 22:05:02 14292 records - OK 2hrx1bk1 7.0 8ff7cc095c43c2154275b7a54a89bf365e8daf4a 2012/04/01 22:03:24 14084 records - OK wusvly0y 7.0 9502a428b32be4ad08556134e271c9ba03195398 2012/03/25 22:04:43 19126 records - OK uj5y1cme 7.0 28c2fabbc645aff41baac12b911a8499ea163536 2012/03/18 22:03:23 14920 records - OK kbuk6hfc 7.0 86de597ff06e58206f94263f2eef33cb41b2530c 2012/03/11 22:03:25 19017 records - OK zmpd1ovn 7.0 5bd1d666e7c9ca70c34e591dc6c55314ce4b11af 2012/03/04 21:04:32 19691 records - OK c5pou474 7.0 15a9d10c451d2fcf124700f29f557d9bf338e671 2012/02/26 21:03:21 23605 records - OK uxgg0rpp 7.0 5647d941e5358105ca6558dce78873f06c48d5dc 2012/02/19 21:03:45 19067 records - OK 4idkbdzp 7.0 c9b2600cb665ce34e0ccd0f19e0a88cd44437f51 2012/02/12 21:04:49 19019 records - OK senpbwkw 7.0 9df2e129e78a9d9ab491186da1329c1dd1190e17 2012/02/05 21:05:25 28028 records - OK 5dge7qmy 7.0 b69b9504a51b8777b8e95a4680dc8ac1d8d8c25d 2012/01/29 21:08:41 29444 records - OK gq8olt25 7.0 3d7431bdee1a22d6329e017f348db7760f2645ac 2012/01/23 02:22:13 19353 records - OK ts4vjrbl 7.0 e04570f78fb00d758abdf77c534a460980e102c0 2012/01/15 21:12:31 20747 records - OK md0w92v1 7.0 2de2479b112c4416e2375343f57ca789b042aecc 2012/01/08 21:04:30 28052 records - OK 3jdosabx 7.0 c4bd9612ff1f71d8bd23b4f1bc114eed1ae2ee6b 2012/01/01 21:04:40 12183 records - OK pqrn25km 7.0 28b1d218ade8f05fdc8550c7456ac3b74f705208 2011/12/25 21:03:33 19984 records - OK q66r8rp5 7.0 539e41e8f3d97a6f347600c7cef903d9f34e0518 2011/12/18 21:08:45 22627 records - OK tg6afcyk 7.0 f8e81968965f555bce0d02fc9933fee840b97aaf 2011/12/12 14:20:22 49580 records - OK nhz50bw5 7.0 14751e0f442bba3efc08ee12d82a2815c61cfeb6 2011/12/04 02:00:00 45195 records - OK 0oao9ybr 7.0 5bc1f5e30792d018658f2dcdb35fc0bcbdcf4e1e 2011/12/04 01:00:00 171075 records - OK 72bqybon 7.0 0f948a7d416c556bfc8a8be2c2c39f998fee6d9e 2011/12/04 00:00:00 170820 records - OK vz1bijda 7.0 9357c3cc73a4a374346a678f197daa22496c7ae5 2011/12/03 23:00:00 171279 records - OK 9ky53qsk 7.0 ae56b06b3d6f1e13c5f10cce4ed68f2cccbf3298 2011/12/03 22:00:00 170253 records - OK evutvfnk 7.0 fdaab5c1079d02c94f20d07c39d638cad79d8771 2011/12/03 21:00:00 170291 records - OK 9wgs10jp 7.0 b59d8841e65d7670b2aae7f2b65734269f6c4fe3 2011/12/03 20:00:00 170501 records - OK hw0bbm8g 7.0 3946b1d195434cf7a70d144da71c87559475c58f 2011/12/03 19:00:00 353582 records - OK erhrr0a1 7.0 8df4695f74ea5949551df6044720694e204b13d7 2011/12/03 18:00:00 852776 records - OK sni6aqxc 7.0 26ec3c7918125b3887aece02a889e2a605a427b3 2013/01/01 18:10:57 785 records - OK i0seglip 7.0 cfbe9cf43615f7856e4c35f0fc02e2baf12e39e7 2012/12/16 21:14:14 1725 records - OK il9gczgy 7.0 047694e79b1a8d295f27ea9c6565062404f84a57 2012/11/11 21:12:52 2050 records - OK jcjydt6v 7.0 f3413603f4ee1c88018a78c1f6faf2abeb8fa8c1 2012/09/23 22:13:14 1456 records - OK i16libsy 7.0 8871f579eeb7e5e7b70c6dd898afd27391d7daf4 2012/06/24 22:12:36 1421 records - OK fmygzlo9 7.0 3ee43130fe7fec4b367a791892a444d0a791b29b 2012/03/25 22:12:30 1385 records - OK x0x8egvs 7.0 fddc5d687537580c7166dbf117d591593bc62261 2012/01/22 22:56:09 1653 records - OK r3utp6kk 7.0 63f8e4864730a8014f1ac0fe810745fa7e0fb4d8 2013/01/01 18:10:45 1215 records - OK lghp8ppe 7.0 cdf3a9d2dcab57f90c378d9eefacbfd358a42699 2012/12/09 21:23:23 1620 records - OK ec23fubw 7.0 c0726ba000e840272f0810b89051e6daa8799084 2012/11/04 21:23:16 1658 records - OK 9fnm37mb 7.0 216611859de0125bf130d6324d43c9115cb05def 2012/10/07 22:23:20 1465 records - OK ppz31w63 7.0 264c14ad60c4423ec292f5f8b182e4448504dfa9 2012/09/09 22:23:14 1588 records - OK a2v624wd 7.0 33197bfe9efefa9db33725d240757103c625b601 2012/07/22 22:22:36 1702 records - OK 1s48t9jt 7.0 74d8e114edb84b95bc09d5a2a36191d15a61e2cb 2012/06/10 22:22:36 1659 records - OK g6iy9kbo 7.0 79ca8239f310688d2b9c314fa3d738a34985cce3 2012/04/29 22:22:34 1670 records - OK rmt0aykz 7.0 aac27e986e3731e5260cb76f5b14558e36660dec 2012/03/11 22:22:28 1729 records - OK e5pmvbxw 7.0 fa5c96b8be693a20c2a295e3545419e6f117fdc4 2012/01/29 21:23:00 1523 records - OK 3s02dm22 7.0 e9b21e0a3578ef2e2067f4876309671ddc78f65f 2011/12/18 21:22:29 1805 records - OK 0i9s83yd 7.0 8f7a8f6f55130f6becc5331ab38dc2108746b8aa 2011/12/03 17:00:00 26456 records - OK zufndlbt 7.0 e6d52b11d2f7d405ccd31347da3b6fde69825168 2011/12/03 16:00:00 74279 records - OK 1j9lq59x 7.0 e20ffde4bbc58e0585b0b3b2f324bc91272c2360 2011/12/03 15:00:00 1 record - OK Total records count: 3527078 Anti-rootkit module version (API 5.00 / 5.00) Using c:\documents and settings\michael senff\local settings\temp\8CD95628-6839BAB8-8251CD28-34F710F0\bgbjacyk.key as Dr.Web ® Key file This Dr.Web ® Key is for 1 computer (A User) ============================================================================= Dr.Web Scanner SE for Windows v7.0.100.12030 © Doctor Web, Ltd., 1992-2012 Scan session started 2013/01/01 20:09:02 Module location : c:\documents and settings\michael senff\local settings\temp\9F31666D-D4A2DF9D-836AF6A9-BE2689FB\ ============================================================================= OPTION [Automatic Apply Actions] NO OPTION [Turn Off Computer After Scan] NO OPTION [use Sound Alerts] NO OPTION [block Network] NO OPTION [Protect Process] NO OPTION [Protect Raw Disk] NO Using language: "English" ============================================================================= Dr.Web Scanner SE for Windows v7.0.100.12030 © Doctor Web, Ltd., 1992-2012 Scan session started 2013/01/01 20:09:32 Module location : c:\documents and settings\michael senff\local settings\temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ ============================================================================= OPTION [Automatic Apply Actions] NO OPTION [Turn Off Computer After Scan] NO OPTION [use Sound Alerts] NO OPTION [block Network] NO OPTION [Protect Process] NO OPTION [Protect Raw Disk] NO Using language: "English" Available instances: 6 Instances used: 6 Platform: Windows XP Home x86 (Build 2600), Service Pack 3 API Version: 2.2 Scanning Engine version: 8.0.1.11280 Virus Finding Engine version: 7.0.4.9250 Total 89 virus bases are loaded from c:\documents and settings\michael senff\local settings\temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B vd2yjdma 7.0 9015eded52680399ec1df18349ecbcd74f613b02 2013/01/01 18:10:28 908 records - OK neisoa6b 7.0 f5d1425097a34628f8d752212dabf9732d209c98 2011/07/25 09:20:03 1 record - OK pnsktmnf 7.0 4c38b4db39d5be63a02c898d2438b6c04405a48f 2013/01/01 13:02:18 3916 records - OK t7pfoqgj 7.0 805b6089c867549c75f843eac96b759c3f8d101f 2012/12/30 21:05:41 18184 records - OK ysjt6e70 7.0 c12a817c1f95bb9fd8238ef0d5f68868a8d95686 2012/12/23 21:05:33 30183 records - OK dcjtn7qk 7.0 33def496782eb5b7b1cc93fdb036a1b62fa6a2fd 2012/12/16 21:06:21 25519 records - OK nts2jtjx 7.0 422abae03c588822f412aa9aae50578a1d61737e 2012/12/09 21:05:04 20358 records - OK n6nzvpdy 7.0 a4f0d0ecad4fb6e0afdb1925f4e0b7863b9d03fa 2012/12/02 21:06:19 20133 records - OK rciabzrq 7.0 86daa918ee3de1e4c1e5dea6f9b5f63544cf8814 2012/11/25 21:05:22 27311 records - OK kxx242nk 7.0 6556881c748e1f894eb9c7943ebae67017e1aec2 2012/11/18 21:06:09 29434 records - OK 0tc4jzi6 7.0 559141ef34f9e6226bb58560e9b52e4cc5165150 2012/11/11 21:06:22 26900 records - OK cur0kazg 7.0 cc55013e63ff89319ec772e34d77056c7108cd3b 2012/11/04 21:05:22 25164 records - OK 05oqcdxs 7.0 f477dc247d9b562bb64fd4f46a7dcbdf7124eb60 2012/10/28 22:06:37 30226 records - OK ndrb99tv 7.0 abaf5f7fda7308fcf7573b193bbf2116723e9802 2012/10/21 22:04:37 16441 records - OK jet4em2a 7.0 5adc85528fb49e201d4bc61eca580d6839cc4a4c 2012/10/14 22:05:04 26289 records - OK g022mtpl 7.0 da8cf3fbd81206bb3d8103347a439f920a74bbe2 2012/10/07 22:05:51 27278 records - OK dedkzu0s 7.0 5988744d3cb357f1a013427d466e2d79ab5f8907 2012/09/30 22:05:11 17444 records - OK n18t5qzi 7.0 d4a0dabf4a4df0f79805c6ccdc025f796765e786 2012/09/23 22:06:30 21205 records - OK 5i4lciua 7.0 82ed005784d9e258213070a0cd8bfceff345018d 2012/09/16 22:05:43 11686 records - OK ba0jf7bz 7.0 a95ae63004b8d857c2db055f4e47c15bfc97f626 2012/09/09 22:04:34 12677 records - OK 7knz0vya 7.0 c39bf233d25242ae9ed8cf204b9b788c8f45ab79 2012/09/02 22:05:28 10118 records - OK 2c3cc7bp 7.0 d37b5484b009947b7cdd3837dafe8148615401c2 2012/08/26 22:05:26 12602 records - OK laz4svn3 7.0 41bf1347794ab7060dec7aaecc1d1d95cf6fecb5 2012/08/19 22:04:05 18298 records - OK 00zstied 7.0 1a997511e5892aaeb69b3db70e06676af36382e3 2012/08/12 22:05:19 17126 records - OK z7inloz3 7.0 f7226c59914e3683e538e668c3b664af3232654d 2012/08/05 22:03:53 20539 records - OK 13cbkgyc 7.0 4035c8d3b617bf935a317a8c57efaa8e835a61f4 2012/07/29 22:05:26 19330 records - OK 4blf9nhz 7.0 09b55bc000f184ed426f1d8b9665669346fe5e71 2012/07/22 22:05:34 19692 records - OK gz065ne2 7.0 f746c097f298e94faa9db94e6f64ef9fd4a7b010 2012/07/15 22:05:43 14727 records - OK ng6y0ln0 7.0 792a6a25a17e764390440cd4c2c6ca5a97ab162f 2012/07/08 22:04:33 19485 records - OK jae4x1dz 7.0 ca9905c39e3d93428a4db65a192debe9fbd7acf7 2012/07/01 22:04:55 22898 records - OK on8w4e4q 7.0 dc29c610b866c66ba5327e7830452b2460149a35 2012/06/24 22:05:17 20551 records - OK m1cnqcni 7.0 c28739bea153508d12942ac9a61abd475d0a0404 2012/06/17 22:03:35 9661 records - OK bsxqi1u9 7.0 e5b5835a7c512120c5348e31483a4caa2a845d28 2012/06/10 22:04:32 23632 records - OK sg7ay0yu 7.0 61853ce89026ef0ebbd80174f1b7dd5d25bbc63a 2012/06/03 22:04:41 12423 records - OK szyb64sl 7.0 4e6c9897e153b47ca97b7da48ceed23e555a7761 2012/05/27 22:04:26 15493 records - OK a3of1pu2 7.0 35f4c105cecd8ec1fd01714abebf30f8f3efb96e 2012/05/20 22:03:29 13065 records - OK i99csduf 7.0 3522aa84677411aa7d67796bb05ea3ab62f02a71 2012/05/13 22:04:24 16238 records - OK r2u0dpqq 7.0 7597333540eda537bd42c0a17d4a6526ad247a2e 2012/05/06 22:04:33 11570 records - OK dwwlku9v 7.0 867814380363bc6ad605acf4b96e02c54dbd60f7 2012/04/29 22:03:28 15478 records - OK zn7nidtp 7.0 3c04f402d91a19039cb9c223c435dc4ea1bb3da4 2012/04/22 22:05:05 11881 records - OK 3f5cdptq 7.0 8d0220a2a50b367e61a51d3b29c2659cde41bb7f 2012/04/15 22:03:29 13578 records - OK 60uskbwf 7.0 b79dc6f5832ad390108d1880694ec538e8b34bb0 2012/04/08 22:05:02 14292 records - OK 2hrx1bk1 7.0 8ff7cc095c43c2154275b7a54a89bf365e8daf4a 2012/04/01 22:03:24 14084 records - OK wusvly0y 7.0 9502a428b32be4ad08556134e271c9ba03195398 2012/03/25 22:04:43 19126 records - OK uj5y1cme 7.0 28c2fabbc645aff41baac12b911a8499ea163536 2012/03/18 22:03:23 14920 records - OK kbuk6hfc 7.0 86de597ff06e58206f94263f2eef33cb41b2530c 2012/03/11 22:03:25 19017 records - OK zmpd1ovn 7.0 5bd1d666e7c9ca70c34e591dc6c55314ce4b11af 2012/03/04 21:04:32 19691 records - OK c5pou474 7.0 15a9d10c451d2fcf124700f29f557d9bf338e671 2012/02/26 21:03:21 23605 records - OK uxgg0rpp 7.0 5647d941e5358105ca6558dce78873f06c48d5dc 2012/02/19 21:03:45 19067 records - OK 4idkbdzp 7.0 c9b2600cb665ce34e0ccd0f19e0a88cd44437f51 2012/02/12 21:04:49 19019 records - OK senpbwkw 7.0 9df2e129e78a9d9ab491186da1329c1dd1190e17 2012/02/05 21:05:25 28028 records - OK 5dge7qmy 7.0 b69b9504a51b8777b8e95a4680dc8ac1d8d8c25d 2012/01/29 21:08:41 29444 records - OK gq8olt25 7.0 3d7431bdee1a22d6329e017f348db7760f2645ac 2012/01/23 02:22:13 19353 records - OK ts4vjrbl 7.0 e04570f78fb00d758abdf77c534a460980e102c0 2012/01/15 21:12:31 20747 records - OK md0w92v1 7.0 2de2479b112c4416e2375343f57ca789b042aecc 2012/01/08 21:04:30 28052 records - OK 3jdosabx 7.0 c4bd9612ff1f71d8bd23b4f1bc114eed1ae2ee6b 2012/01/01 21:04:40 12183 records - OK pqrn25km 7.0 28b1d218ade8f05fdc8550c7456ac3b74f705208 2011/12/25 21:03:33 19984 records - OK q66r8rp5 7.0 539e41e8f3d97a6f347600c7cef903d9f34e0518 2011/12/18 21:08:45 22627 records - OK tg6afcyk 7.0 f8e81968965f555bce0d02fc9933fee840b97aaf 2011/12/12 14:20:22 49580 records - OK nhz50bw5 7.0 14751e0f442bba3efc08ee12d82a2815c61cfeb6 2011/12/04 02:00:00 45195 records - OK 0oao9ybr 7.0 5bc1f5e30792d018658f2dcdb35fc0bcbdcf4e1e 2011/12/04 01:00:00 171075 records - OK 72bqybon 7.0 0f948a7d416c556bfc8a8be2c2c39f998fee6d9e 2011/12/04 00:00:00 170820 records - OK vz1bijda 7.0 9357c3cc73a4a374346a678f197daa22496c7ae5 2011/12/03 23:00:00 171279 records - OK 9ky53qsk 7.0 ae56b06b3d6f1e13c5f10cce4ed68f2cccbf3298 2011/12/03 22:00:00 170253 records - OK evutvfnk 7.0 fdaab5c1079d02c94f20d07c39d638cad79d8771 2011/12/03 21:00:00 170291 records - OK 9wgs10jp 7.0 b59d8841e65d7670b2aae7f2b65734269f6c4fe3 2011/12/03 20:00:00 170501 records - OK hw0bbm8g 7.0 3946b1d195434cf7a70d144da71c87559475c58f 2011/12/03 19:00:00 353582 records - OK erhrr0a1 7.0 8df4695f74ea5949551df6044720694e204b13d7 2011/12/03 18:00:00 852776 records - OK sni6aqxc 7.0 26ec3c7918125b3887aece02a889e2a605a427b3 2013/01/01 18:10:57 785 records - OK i0seglip 7.0 cfbe9cf43615f7856e4c35f0fc02e2baf12e39e7 2012/12/16 21:14:14 1725 records - OK il9gczgy 7.0 047694e79b1a8d295f27ea9c6565062404f84a57 2012/11/11 21:12:52 2050 records - OK jcjydt6v 7.0 f3413603f4ee1c88018a78c1f6faf2abeb8fa8c1 2012/09/23 22:13:14 1456 records - OK i16libsy 7.0 8871f579eeb7e5e7b70c6dd898afd27391d7daf4 2012/06/24 22:12:36 1421 records - OK fmygzlo9 7.0 3ee43130fe7fec4b367a791892a444d0a791b29b 2012/03/25 22:12:30 1385 records - OK x0x8egvs 7.0 fddc5d687537580c7166dbf117d591593bc62261 2012/01/22 22:56:09 1653 records - OK r3utp6kk 7.0 63f8e4864730a8014f1ac0fe810745fa7e0fb4d8 2013/01/01 18:10:45 1215 records - OK lghp8ppe 7.0 cdf3a9d2dcab57f90c378d9eefacbfd358a42699 2012/12/09 21:23:23 1620 records - OK ec23fubw 7.0 c0726ba000e840272f0810b89051e6daa8799084 2012/11/04 21:23:16 1658 records - OK 9fnm37mb 7.0 216611859de0125bf130d6324d43c9115cb05def 2012/10/07 22:23:20 1465 records - OK ppz31w63 7.0 264c14ad60c4423ec292f5f8b182e4448504dfa9 2012/09/09 22:23:14 1588 records - OK a2v624wd 7.0 33197bfe9efefa9db33725d240757103c625b601 2012/07/22 22:22:36 1702 records - OK 1s48t9jt 7.0 74d8e114edb84b95bc09d5a2a36191d15a61e2cb 2012/06/10 22:22:36 1659 records - OK g6iy9kbo 7.0 79ca8239f310688d2b9c314fa3d738a34985cce3 2012/04/29 22:22:34 1670 records - OK rmt0aykz 7.0 aac27e986e3731e5260cb76f5b14558e36660dec 2012/03/11 22:22:28 1729 records - OK e5pmvbxw 7.0 fa5c96b8be693a20c2a295e3545419e6f117fdc4 2012/01/29 21:23:00 1523 records - OK 3s02dm22 7.0 e9b21e0a3578ef2e2067f4876309671ddc78f65f 2011/12/18 21:22:29 1805 records - OK 0i9s83yd 7.0 8f7a8f6f55130f6becc5331ab38dc2108746b8aa 2011/12/03 17:00:00 26456 records - OK zufndlbt 7.0 e6d52b11d2f7d405ccd31347da3b6fde69825168 2011/12/03 16:00:00 74279 records - OK 1j9lq59x 7.0 e20ffde4bbc58e0585b0b3b2f324bc91272c2360 2011/12/03 15:00:00 1 record - OK Total records count: 3527078 Anti-rootkit module version (API 5.00 / 5.00) Using c:\documents and settings\michael senff\local settings\temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\bgbjacyk.key as Dr.Web ® Key file This Dr.Web ® Key is for 1 computer (A User) ----------------------------------------------------------------------------- Start scanning ----------------------------------------------------------------------------- Command line used:-rpcep:\pipe\1C7BE5A87 -rpcpr:np /protmode Object(s) to scan: - Scan processes in memory - Scan boot sectors - Scan startup directory - Scanning for rootkits - C:\AUTOEXEC.BAT - C:\boot.ini - C:\CONFIG.SYS - C:\csb.log - C:\end - C:\extensions.sqlite - C:\Install.log - C:\IO.SYS - C:\MSDOS.SYS - C:\NTDETECT.COM - C:\ntldr - C:\pagefile.sys - C:\RHDSetup.log - C:\TDSSKiller.2.8.15.0_01.01.2013_19.39.23_log.txt - C:\WINDOWS\system32\ - C:\Documents and Settings\Michael Senff\My Documents\ - C:\WINDOWS\TEMP\ - C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\ System Process - file not found c:\program files\nvidia corporation\nvidia update core\daemonu.exe - Ok c:\program files\intel\intel® management engine components\uns\uns.exe - Ok c:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\toolbarupdater.exe - Ok c:\windows\system32\smss.exe - Ok >c:\windows\rthdcpl.exe is BINARYRES container c:\windows\rthdcpl.exe - container c:\windows\system32\csrss.exe - Ok c:\windows\system32\winlogon.exe - Ok c:\windows\system32\services.exe - Ok c:\windows\system32\lsass.exe - Ok c:\windows\system32\svchost.exe - Ok c:\program files\microsoft security client\msseces.exe - Ok c:\windows\system32\alg.exe - Ok c:\program files\microsoft security client\msmpeng.exe - Ok c:\program files\avg secure search\vprot.exe - Ok c:\windows\system32\spoolsv.exe - Ok c:\windows\explorer.exe - Ok c:\windows\system32\wscntfy.exe - Ok c:\program files\intel\intel® management engine components\lms\lms.exe - Ok c:\windows\system32\nvsvc32.exe - Ok c:\windows\system32\rundll32.exe - Ok c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\6qpfy1g7.exe - Ok c:\program files\mozilla firefox\firefox.exe - Ok c:\windows\system32\ctfmon.exe - Ok >c:\program files\pando networks\media booster\pmb.exe is ZLIB container c:\program files\pando networks\media booster\pmb.exe - container >c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\h35pdxp9.exe is BINARYRES container c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\h35pdxp9.exe - container c:\windows\system32\wbem\wmiprvse.exe - Ok >c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe is BINARYRES container >>c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe\data001 - packed by BINARYRES >>c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe\data002 - packed by BINARYRES c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe - container c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe:Zone.Identifier - Ok c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\ggv5nwpp.exe - Ok c:\windows\system32\ntdll.dll - Ok >c:\windows\system32\xpsp2res.dll is BINARYRES container >>c:\windows\system32\xpsp2res.dll\data001 is JS-HTML container >>c:\windows\system32\xpsp2res.dll\data002 is JS-HTML container >>c:\windows\system32\xpsp2res.dll\data003 is JS-HTML container >>c:\windows\system32\xpsp2res.dll\data004 is JS-HTML container c:\windows\system32\xpsp2res.dll - container c:\windows\system32\winhttp.dll - Ok c:\windows\system32\uxtheme.dll - Ok c:\windows\system32\netapi32.dll - Ok c:\windows\system32\comctl32.dll - Ok c:\windows\system32\hnetcfg.dll - Ok c:\windows\system32\rsaenh.dll - Ok c:\windows\system32\dssenh.dll - Ok c:\windows\system32\mswsock.dll - Ok c:\windows\system32\wshtcpip.dll - Ok c:\windows\system32\ws2help.dll - Ok c:\windows\system32\ws2_32.dll - Ok c:\windows\system32\samlib.dll - Ok c:\windows\system32\imm32.dll - Ok c:\windows\system32\schannel.dll - Ok c:\windows\system32\userenv.dll - Ok c:\windows\system32\psapi.dll - Ok c:\windows\system32\wintrust.dll - Ok c:\windows\system32\imagehlp.dll - Ok c:\windows\system32\iphlpapi.dll - Ok c:\windows\system32\dnsapi.dll - Ok c:\windows\system32\wldap32.dll - Ok >c:\windows\system32\winrnr.dll - packed by FLY-CODE c:\windows\system32\winrnr.dll - Ok c:\windows\system32\rasadhlp.dll - Ok c:\windows\system32\clbcatq.dll - Ok c:\windows\system32\comres.dll - Ok c:\windows\system32\oleaut32.dll - Ok c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Ok >c:\windows\system32\ole32.dll is BINARYRES container c:\windows\system32\ole32.dll - container c:\windows\system32\ntmarta.dll - Ok c:\windows\system32\crypt32.dll - Ok c:\windows\system32\msasn1.dll - Ok c:\windows\system32\version.dll - Ok c:\windows\system32\msvcrt.dll - Ok c:\windows\system32\advapi32.dll - Ok c:\windows\system32\rpcrt4.dll - Ok c:\windows\system32\gdi32.dll - Ok c:\windows\system32\shlwapi.dll - Ok c:\windows\system32\secur32.dll - Ok c:\windows\system32\kernel32.dll - Ok >c:\windows\system32\shell32.dll is BINARYRES container >>c:\windows\system32\shell32.dll\data001 is JS-HTML container c:\windows\system32\shell32.dll - container c:\windows\system32\user32.dll - Ok c:\windows\system32\sxs.dll - Ok c:\program files\intel\intel® management engine components\uns\statusstrings.dll - Ok c:\program files\intel\intel® management engine components\uns\xerces-c_2_7.dll - Ok c:\windows\system32\wsock32.dll - Ok >c:\windows\system32\setupapi.dll - packed by BINARYRES >>c:\windows\system32\setupapi.dll - packed by MS COMPRESS c:\windows\system32\setupapi.dll - Ok c:\windows\system32\normaliz.dll - Ok c:\windows\system32\wininet.dll - Ok c:\windows\system32\iertutil.dll - Ok c:\windows\system32\urlmon.dll - Ok c:\windows\system32\mpr.dll - Ok >c:\windows\system32\msacm32.drv - packed by FLY-CODE c:\windows\system32\msacm32.drv - Ok c:\windows\system32\wdmaud.drv - Ok c:\windows\system32\winspool.drv - Ok c:\windows\system32\ksuser.dll - Ok c:\windows\system32\dsound.dll - Ok c:\windows\system32\msctf.dll - Ok c:\windows\system32\msctfime.ime - Ok c:\windows\system32\comdlg32.dll - Ok c:\windows\system32\winmm.dll - Ok c:\windows\system32\midimap.dll - Ok c:\windows\system32\msacm32.dll - Ok c:\windows\system32\hhctrl.ocx - Ok c:\windows\system32\csrsrv.dll - Ok c:\windows\system32\basesrv.dll - Ok c:\windows\system32\winsrv.dll - Ok c:\windows\system32\odbcint.dll - Ok c:\windows\system32\dimsntfy.dll - Ok c:\windows\system32\winscard.dll - Ok c:\windows\system32\odbc32.dll - Ok c:\windows\system32\profmap.dll - Ok >c:\windows\system32\nddeapi.dll - packed by FLY-CODE c:\windows\system32\nddeapi.dll - Ok c:\windows\system32\wlnotify.dll - Ok c:\windows\system32\msgina.dll - Ok >c:\windows\system32\winsta.dll - packed by FLY-CODE c:\windows\system32\winsta.dll - Ok c:\windows\system32\cscdll.dll - Ok c:\windows\system32\cryptdll.dll - Ok c:\windows\system32\atl.dll - Ok c:\windows\system32\sfc.dll - Ok c:\windows\system32\regapi.dll - Ok c:\windows\system32\sfc_os.dll - Ok c:\windows\system32\mprapi.dll - Ok c:\windows\system32\adsldpc.dll - Ok c:\windows\system32\rtutils.dll - Ok c:\windows\system32\wtsapi32.dll - Ok c:\windows\system32\authz.dll - Ok c:\windows\system32\shsvcs.dll - Ok c:\windows\system32\cscui.dll - Ok c:\windows\system32\apphelp.dll - Ok c:\windows\system32\msv1_0.dll - Ok c:\windows\system32\activeds.dll - Ok c:\windows\apppatch\acadproc.dll - Ok c:\windows\system32\shimeng.dll - Ok c:\windows\system32\ncobjapi.dll - Ok c:\windows\system32\cabinet.dll - Ok c:\windows\system32\msvcp60.dll - Ok c:\windows\system32\eventlog.dll - Ok c:\windows\system32\umpnpmgr.dll - Ok c:\windows\system32\scesrv.dll - Ok c:\windows\system32\msprivs.dll - Ok c:\windows\apppatch\acgenral.dll - Ok c:\windows\system32\kerberos.dll - Ok c:\windows\system32\winipsec.dll - Ok c:\windows\system32\pstorsvc.dll - Ok c:\windows\system32\psbase.dll - Ok c:\windows\system32\ipsecsvc.dll - Ok c:\windows\system32\scecli.dll - Ok c:\windows\system32\samsrv.dll - Ok c:\windows\system32\netlogon.dll - Ok c:\windows\system32\lsasrv.dll - Ok c:\windows\system32\oakley.dll - Ok c:\windows\system32\ntdsapi.dll - Ok c:\windows\system32\w32time.dll - Ok c:\windows\system32\wdigest.dll - Ok c:\windows\system32\icaapi.dll - Ok c:\windows\system32\mstlsapi.dll - Ok c:\windows\system32\termsrv.dll - Ok c:\windows\system32\rpcss.dll - Ok c:\program files\microsoft security client\eppmanifest.dll - Ok c:\windows\system32\msftedit.dll - Ok c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll - Ok c:\program files\microsoft security client\mpclient.dll - Ok c:\program files\microsoft security client\sqmapi.dll - Ok c:\windows\system32\msxml3.dll - Ok >c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d873c0aa-3bbe-4452-a0dd-17897ba963e0}\mpengine.dll is BINARYRES container c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d873c0aa-3bbe-4452-a0dd-17897ba963e0}\mpengine.dll - container c:\windows\system32\fltlib.dll - Ok c:\program files\microsoft security client\mpsvc.dll - Ok c:\program files\microsoft security client\mprtp.dll - Ok c:\windows\system32\wbem\wmiprvsd.dll - Ok c:\windows\system32\dot3api.dll - Ok c:\windows\system32\wscsvc.dll - Ok c:\windows\system32\wuauserv.dll - Ok c:\windows\system32\wuaueng.dll - Ok c:\windows\system32\unimdm.tsp - Ok c:\windows\system32\ndptsp.tsp - Ok c:\windows\system32\kmddsp.tsp - Ok c:\windows\system32\ipconf.tsp - Ok c:\windows\system32\hidphone.tsp - Ok c:\windows\system32\h323.tsp - Ok c:\windows\system32\wbem\wmisvc.dll - Ok c:\windows\system32\qmgr.dll - Ok c:\windows\system32\onex.dll - Ok c:\windows\system32\eappprxy.dll - Ok c:\windows\system32\wbem\ncprov.dll - Ok c:\windows\system32\mspatcha.dll - Ok c:\windows\system32\esent.dll - Ok c:\windows\system32\mfcsubs.dll - Ok c:\windows\system32\advpack.dll - Ok c:\windows\system32\ipnathlp.dll - Ok c:\windows\system32\hid.dll - Ok c:\windows\system32\catsrvut.dll - Ok c:\windows\system32\catsrv.dll - Ok c:\windows\system32\audiosrv.dll - Ok >c:\windows\system32\uniplat.dll - packed by FLY-CODE c:\windows\system32\uniplat.dll - Ok c:\windows\system32\rasppp.dll - Ok c:\windows\system32\sensapi.dll - Ok c:\windows\system32\sens.dll - Ok c:\windows\system32\ntlsapi.dll - Ok c:\windows\system32\qutil.dll - Ok c:\windows\system32\eapolqec.dll - Ok c:\windows\system32\rasqec.dll - Ok c:\windows\system32\wzcsapi.dll - Ok c:\windows\system32\tapisrv.dll - Ok c:\windows\system32\dot3dlg.dll - Ok c:\windows\system32\seclogon.dll - Ok c:\windows\system32\wbem\wbemcons.dll - Ok c:\windows\system32\eappcfg.dll - Ok c:\windows\system32\powrprof.dll - Ok c:\windows\system32\wbem\wbemsvc.dll - Ok c:\windows\system32\ssdpapi.dll - Ok c:\windows\pchealth\helpctr\binaries\pchsvc.dll - Ok c:\windows\system32\msidle.dll - Ok c:\windows\system32\ersvc.dll - Ok c:\windows\system32\wbem\wmiutils.dll - Ok c:\windows\system32\trkwks.dll - Ok c:\windows\system32\srvsvc.dll - Ok c:\windows\system32\resutils.dll - Ok c:\windows\system32\mtxclu.dll - Ok c:\windows\system32\colbact.dll - Ok c:\windows\system32\srsvc.dll - Ok c:\windows\system32\wbem\repdrvfs.dll - Ok c:\windows\system32\wbem\wbemcomn.dll - Ok c:\windows\system32\wbem\esscli.dll - Ok c:\windows\system32\wbem\wbemess.dll - Ok c:\windows\system32\vssapi.dll - Ok c:\windows\system32\cryptui.dll - Ok c:\windows\system32\netcfgx.dll - Ok c:\windows\system32\wbem\fastprox.dll - Ok c:\windows\system32\rastapi.dll - Ok c:\windows\system32\cryptnet.dll - Ok c:\windows\system32\wbem\wbemcore.dll - Ok c:\windows\system32\netshell.dll - Ok c:\windows\system32\comsvcs.dll - Ok c:\windows\system32\shfolder.dll - Ok c:\windows\system32\rasdlg.dll - Ok c:\windows\system32\rastls.dll - Ok c:\windows\system32\raschap.dll - Ok c:\windows\system32\credui.dll - Ok c:\windows\system32\cryptsvc.dll - Ok c:\windows\system32\clusapi.dll - Ok c:\windows\system32\wmi.dll - Ok c:\windows\system32\browser.dll - Ok c:\windows\system32\upnp.dll - Ok c:\windows\system32\wkssvc.dll - Ok c:\windows\system32\rasman.dll - Ok c:\windows\system32\tapi32.dll - Ok c:\windows\system32\rasapi32.dll - Ok c:\windows\system32\schedsvc.dll - Ok c:\windows\system32\es.dll - Ok c:\windows\system32\certcli.dll - Ok c:\windows\system32\netman.dll - Ok c:\windows\system32\msi.dll - Ok c:\windows\system32\dhcpcsvc.dll - Ok c:\windows\system32\wzcsvc.dll - Ok c:\windows\system32\rasmans.dll - Ok c:\windows\system32\dnsrslvr.dll - Ok c:\windows\system32\lmhsvc.dll - Ok c:\windows\system32\ssdpsrv.dll - Ok c:\program files\common files\avg secure search\sitesafetyinstaller\13.2.0\sitesafety.dll - Ok c:\program files\common files\avg secure search\dntinstaller\13.2.0\avgdttbx.dll - Ok c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll - Ok c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll - Ok c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - Ok c:\windows\system32\netrap.dll - Ok c:\windows\system32\usbmon.dll - Ok c:\windows\system32\tcpmon.dll - Ok >c:\windows\system32\pjlmon.dll - packed by FLY-CODE c:\windows\system32\pjlmon.dll - Ok c:\windows\system32\cnbjmon.dll - Ok c:\windows\system32\spoolss.dll - Ok c:\windows\system32\inetpp.dll - Ok c:\windows\system32\localspl.dll - Ok c:\windows\system32\win32spl.dll - Ok c:\windows\system32\webclnt.dll - Ok c:\windows\system32\webcheck.dll - Ok c:\windows\system32\ieframe.dll - Ok c:\windows\system32\themeui.dll - Ok c:\windows\system32\wzcdlg.dll - Ok c:\windows\system32\msutb.dll - Ok c:\windows\system32\duser.dll - Ok >c:\windows\system32\browselc.dll is BINARYRES container >>c:\windows\system32\browselc.dll\data004 is JS-HTML container >>c:\windows\system32\browselc.dll\data008 is JS-HTML container >>c:\windows\system32\browselc.dll\data012 is JS-HTML container >>c:\windows\system32\browselc.dll\data013 is ZLIB container c:\windows\system32\browselc.dll - container >c:\windows\system32\shdoclc.dll is BINARYRES container >>c:\windows\system32\shdoclc.dll\data001 is JS-HTML container >>c:\windows\system32\shdoclc.dll\data002 is JS-HTML container >>c:\windows\system32\shdoclc.dll\data003 is JS-HTML container >>c:\windows\system32\shdoclc.dll\data004 is JS-HTML container >>c:\windows\system32\shdoclc.dll\data005 is JS-HTML container >>c:\windows\system32\shdoclc.dll\data006 is JS-HTML container c:\windows\system32\shdoclc.dll - container c:\windows\system32\ntlanman.dll - Ok c:\windows\system32\netui1.dll - Ok c:\windows\system32\netui0.dll - Ok c:\windows\system32\batmeter.dll - Ok c:\windows\system32\mlang.dll - Ok c:\windows\system32\drprov.dll - Ok c:\windows\system32\davclnt.dll - Ok c:\windows\system32\browseui.dll - Ok c:\windows\system32\stobject.dll - Ok c:\windows\system32\msimg32.dll - Ok >c:\windows\system32\linkinfo.dll - packed by FLY-CODE c:\windows\system32\linkinfo.dll - Ok c:\windows\system32\ntshrui.dll - Ok c:\windows\system32\shdocvw.dll - Ok c:\windows\system32\nvapi.dll - Ok c:\program files\nvidia corporation\update common\nvupdt.dll - Ok c:\program files\nvidia corporation\update common\easydaemonapiu.dll - Ok c:\program files\nvidia corporation\update common\nvupdtr.dll - Ok c:\windows\system32\nvmctray.dll - Ok c:\windows\system32\oleacc.dll - Ok >c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll is BINARYRES container >>c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll\data003 - packed by BINARYRES >>c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll\data004 - packed by BINARYRES c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll - container c:\windows\system32\odbcbcp.dll - Ok c:\windows\system32\pdh.dll - Ok c:\program files\mozilla firefox\nspr4.dll - Ok c:\program files\mozilla firefox\plc4.dll - Ok c:\program files\mozilla firefox\plds4.dll - Ok c:\program files\mozilla firefox\mozalloc.dll - Ok c:\program files\mozilla firefox\mozjs.dll - Ok c:\program files\mozilla firefox\nssutil3.dll - Ok c:\program files\mozilla firefox\nss3.dll - Ok c:\program files\mozilla firefox\smime3.dll - Ok c:\program files\mozilla firefox\ssl3.dll - Ok c:\program files\mozilla firefox\mozsqlite3.dll - Ok c:\program files\mozilla firefox\gkmedias.dll - Ok c:\program files\mozilla firefox\xul.dll - Ok c:\program files\mozilla firefox\xpcom.dll - Ok c:\program files\mozilla firefox\components\browsercomps.dll - Ok c:\program files\mozilla firefox\softokn3.dll - Ok c:\program files\mozilla firefox\nssdbm3.dll - Ok c:\program files\mozilla firefox\freebl3.dll - Ok c:\program files\mozilla firefox\nssckbi.dll - Ok c:\program files\mozilla firefox\mozglue.dll - Ok c:\windows\system32\d3d9.dll - Ok c:\windows\system32\dbghelp.dll - Ok c:\program files\microsoft security client\mpoav.dll - Ok c:\windows\system32\feclient.dll - Ok c:\windows\system32\d3d8thk.dll - Ok c:\windows\system32\mscms.dll - Ok c:\windows\system32\t2embed.dll - Ok c:\windows\system32\lz32.dll - Ok c:\windows\system32\usp10.dll - Ok c:\program files\mozilla firefox\msvcp100.dll - Ok c:\program files\mozilla firefox\msvcr100.dll - Ok >c:\program files\pando networks\media booster\plc4.dll - packed by FLY-CODE c:\program files\pando networks\media booster\plc4.dll - Ok c:\program files\pando networks\media booster\bugsplat.dll - Ok c:\program files\pando networks\media booster\plds4.dll - Ok c:\program files\pando networks\media booster\nss3.dll - Ok c:\program files\pando networks\media booster\softokn3.dll - Ok c:\program files\pando networks\media booster\ssl3.dll - Ok c:\program files\pando networks\media booster\smime3.dll - Ok c:\program files\pando networks\media booster\freebl3.dll - Ok c:\program files\pando networks\media booster\nspr4.dll - Ok c:\windows\system32\perfctrs.dll - Ok c:\windows\system32\icmp.dll - Ok c:\program files\pando networks\media booster\microsoft.vc90.crt\msvcp90.dll - Ok c:\program files\pando networks\media booster\microsoft.vc90.crt\msvcr90.dll - Ok c:\windows\system32\wbem\wbemprox.dll - Ok c:\windows\system32\wbem\cimwin32.dll - Ok c:\windows\system32\perfos.dll - Ok c:\windows\system32\wbem\framedyn.dll - Ok c:\windows\system32\security.dll - Ok c:\windows\system32\mstask.dll - Ok
- January 2, 2013
- 79 replies
Outgoing Malicious IP Blocks. Suspect Infection

MicQsenoch replied to MicQsenoch's topic in Resolved Malware Removal Logs

Step 3 log McAfee® Labs Stinger Version 10.2.0.936 built on Jan 1 2013 Copyright © 2012 McAfee, Inc. All Rights Reserved. Virus data file v1000.0000 created on Jan 1 2013. Ready to scan for 6091 viruses, trojans and variants. Scan initiated on Tue Jan 01 19:44:59 2013 Rootkit scan result : Clean Master Boot Record(s):....1 Possibly Infected:.............0 Boot Sector(s):.................1 Possibly Infected: ............0 Number of clean files: 8520 Scan initiated on Tue Jan 01 19:51:29 2013 Rootkit scan result : Clean Master Boot Record(s):....1 Possibly Infected:.............0 Boot Sector(s):.................1 Possibly Infected: ............0 Number of clean files: 8586
- January 2, 2013
- 79 replies
Outgoing Malicious IP Blocks. Suspect Infection

MicQsenoch replied to MicQsenoch's topic in Resolved Malware Removal Logs

Step 2 log 19:39:23.0015 2628 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 19:39:23.0546 2628 ============================================================ 19:39:23.0546 2628 Current date / time: 2013/01/01 19:39:23.0546 19:39:23.0546 2628 SystemInfo: 19:39:23.0546 2628 19:39:23.0546 2628 OS Version: 5.1.2600 ServicePack: 3.0 19:39:23.0546 2628 Product type: Workstation 19:39:23.0546 2628 ComputerName: DEEZGOOD-D8793A 19:39:23.0546 2628 UserName: Michael Senff 19:39:23.0546 2628 Windows directory: C:\WINDOWS 19:39:23.0546 2628 System windows directory: C:\WINDOWS 19:39:23.0546 2628 Processor architecture: Intel x86 19:39:23.0546 2628 Number of processors: 4 19:39:23.0546 2628 Page size: 0x1000 19:39:23.0546 2628 Boot type: Normal boot 19:39:23.0546 2628 ============================================================ 19:39:24.0296 2628 Drive \Device\Harddisk0\DR0 - Size: 0x114FE27E00 (69.25 Gb), SectorSize: 0x200, Cylinders: 0x234F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 19:39:24.0296 2628 ============================================================ 19:39:24.0296 2628 \Device\Harddisk0\DR0: 19:39:24.0296 2628 MBR partitions: 19:39:24.0296 2628 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x8A7818F 19:39:24.0296 2628 ============================================================ 19:39:24.0328 2628 C: <-> \Device\Harddisk0\DR0\Partition1 19:39:24.0328 2628 ============================================================ 19:39:24.0328 2628 Initialize success 19:39:24.0328 2628 ============================================================ 19:39:33.0656 3288 ============================================================ 19:39:33.0656 3288 Scan started 19:39:33.0656 3288 Mode: Manual; 19:39:33.0656 3288 ============================================================ 19:39:33.0890 3288 ================ Scan system memory ======================== 19:39:33.0890 3288 System memory - ok 19:39:33.0890 3288 ================ Scan services ============================= 19:39:33.0937 3288 Abiosdsk - ok 19:39:33.0937 3288 abp480n5 - ok 19:39:33.0968 3288 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 19:39:33.0968 3288 ACPI - ok 19:39:33.0984 3288 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 19:39:33.0984 3288 ACPIEC - ok 19:39:34.0015 3288 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 19:39:34.0015 3288 AdobeFlashPlayerUpdateSvc - ok 19:39:34.0015 3288 adpu160m - ok 19:39:34.0031 3288 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys 19:39:34.0031 3288 aec - ok 19:39:34.0062 3288 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys 19:39:34.0062 3288 AFD - ok 19:39:34.0062 3288 Aha154x - ok 19:39:34.0062 3288 aic78u2 - ok 19:39:34.0062 3288 aic78xx - ok 19:39:34.0078 3288 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll 19:39:34.0078 3288 Alerter - ok 19:39:34.0093 3288 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe 19:39:34.0093 3288 ALG - ok 19:39:34.0093 3288 AliIde - ok 19:39:34.0140 3288 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys 19:39:34.0187 3288 Ambfilt - ok 19:39:34.0187 3288 amsint - ok 19:39:34.0203 3288 [ F5F0F78286A849BC0E45E0E99065B04F ] AppleCharger C:\WINDOWS\system32\DRIVERS\AppleCharger.sys 19:39:34.0203 3288 AppleCharger - ok 19:39:34.0203 3288 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\WINDOWS\system32\AppleChargerSrv.exe 19:39:34.0203 3288 AppleChargerSrv - ok 19:39:34.0203 3288 AppMgmt - ok 19:39:34.0203 3288 asc - ok 19:39:34.0203 3288 asc3350p - ok 19:39:34.0203 3288 asc3550 - ok 19:39:34.0250 3288 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 19:39:34.0250 3288 aspnet_state - ok 19:39:34.0265 3288 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 19:39:34.0265 3288 AsyncMac - ok 19:39:34.0265 3288 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 19:39:34.0265 3288 atapi - ok 19:39:34.0265 3288 Atdisk - ok 19:39:34.0281 3288 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 19:39:34.0281 3288 Atmarpc - ok 19:39:34.0296 3288 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 19:39:34.0296 3288 AudioSrv - ok 19:39:34.0312 3288 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 19:39:34.0312 3288 audstub - ok 19:39:34.0328 3288 [ 57D83B82117C2DDB9D7E9AEA691CEDFC ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys 19:39:34.0343 3288 avgtp - ok 19:39:34.0359 3288 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys 19:39:34.0359 3288 Beep - ok 19:39:34.0375 3288 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll 19:39:34.0390 3288 BITS - ok 19:39:34.0406 3288 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll 19:39:34.0406 3288 Browser - ok 19:39:34.0421 3288 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 19:39:34.0421 3288 cbidf2k - ok 19:39:34.0421 3288 cd20xrnt - ok 19:39:34.0437 3288 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 19:39:34.0437 3288 Cdaudio - ok 19:39:34.0453 3288 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 19:39:34.0453 3288 Cdfs - ok 19:39:34.0453 3288 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 19:39:34.0453 3288 Cdrom - ok 19:39:34.0453 3288 Changer - ok 19:39:34.0468 3288 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe 19:39:34.0468 3288 CiSvc - ok 19:39:34.0484 3288 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 19:39:34.0484 3288 ClipSrv - ok 19:39:34.0484 3288 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 19:39:34.0484 3288 clr_optimization_v2.0.50727_32 - ok 19:39:34.0484 3288 CmdIde - ok 19:39:34.0484 3288 COMSysApp - ok 19:39:34.0500 3288 Cpqarray - ok 19:39:34.0500 3288 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 19:39:34.0500 3288 CryptSvc - ok 19:39:34.0500 3288 dac2w2k - ok 19:39:34.0500 3288 dac960nt - ok 19:39:34.0531 3288 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 19:39:34.0531 3288 DcomLaunch - ok 19:39:34.0546 3288 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 19:39:34.0546 3288 Dhcp - ok 19:39:34.0546 3288 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 19:39:34.0546 3288 Disk - ok 19:39:34.0546 3288 dmadmin - ok 19:39:34.0578 3288 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 19:39:34.0609 3288 dmboot - ok 19:39:34.0609 3288 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys 19:39:34.0609 3288 dmio - ok 19:39:34.0625 3288 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys 19:39:34.0625 3288 dmload - ok 19:39:34.0640 3288 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll 19:39:34.0640 3288 dmserver - ok 19:39:34.0640 3288 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 19:39:34.0640 3288 DMusic - ok 19:39:34.0671 3288 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 19:39:34.0671 3288 Dnscache - ok 19:39:34.0687 3288 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 19:39:34.0687 3288 Dot3svc - ok 19:39:34.0687 3288 dpti2o - ok 19:39:34.0703 3288 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 19:39:34.0703 3288 drmkaud - ok 19:39:34.0718 3288 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll 19:39:34.0718 3288 EapHost - ok 19:39:34.0734 3288 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll 19:39:34.0734 3288 ERSvc - ok 19:39:34.0750 3288 [ 0A780BCC1ACA1DF2BBDECE33E981D4F8 ] EtronHub3 C:\WINDOWS\system32\Drivers\EtronHub3.sys 19:39:34.0750 3288 EtronHub3 - ok 19:39:34.0765 3288 [ 5D8923FA7470B3FDD06D0E57D1242343 ] EtronXHCI C:\WINDOWS\system32\Drivers\EtronXHCI.sys 19:39:34.0765 3288 EtronXHCI - ok 19:39:34.0781 3288 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe 19:39:34.0781 3288 Eventlog - ok 19:39:34.0796 3288 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll 19:39:34.0796 3288 EventSystem - ok 19:39:34.0812 3288 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 19:39:34.0812 3288 Fastfat - ok 19:39:34.0843 3288 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 19:39:34.0843 3288 FastUserSwitchingCompatibility - ok 19:39:34.0843 3288 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys 19:39:34.0843 3288 Fdc - ok 19:39:34.0843 3288 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys 19:39:34.0843 3288 Fips - ok 19:39:34.0859 3288 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 19:39:34.0859 3288 Flpydisk - ok 19:39:34.0875 3288 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 19:39:34.0875 3288 FltMgr - ok 19:39:34.0906 3288 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 19:39:34.0906 3288 FontCache3.0.0.0 - ok 19:39:34.0906 3288 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 19:39:34.0906 3288 Fs_Rec - ok 19:39:34.0906 3288 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 19:39:34.0906 3288 Ftdisk - ok 19:39:34.0937 3288 [ D556CB79967E92B5CC69686D16C1D846 ] gdrv C:\WINDOWS\gdrv.sys 19:39:34.0937 3288 gdrv - ok 19:39:34.0984 3288 [ 51876DECB54BBF027EF052229CE43339 ] GENERICDRV C:\Program Files\GIGABYTE\ET6\amifldrv32.sys 19:39:34.0984 3288 GENERICDRV - ok 19:39:35.0000 3288 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 19:39:35.0000 3288 Gpc - ok 19:39:35.0031 3288 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 19:39:35.0031 3288 gupdate - ok 19:39:35.0031 3288 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 19:39:35.0031 3288 gupdatem - ok 19:39:35.0046 3288 [ 689A8EEF2A2D62B28A0A578A6196531C ] GVTDrv C:\WINDOWS\system32\Drivers\GVTDrv.sys 19:39:35.0046 3288 GVTDrv - ok 19:39:35.0062 3288 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 19:39:35.0062 3288 HDAudBus - ok 19:39:35.0093 3288 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 19:39:35.0093 3288 helpsvc - ok 19:39:35.0093 3288 HidServ - ok 19:39:35.0109 3288 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys 19:39:35.0109 3288 hidusb - ok 19:39:35.0125 3288 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 19:39:35.0125 3288 hkmsvc - ok 19:39:35.0125 3288 hpn - ok 19:39:35.0156 3288 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 19:39:35.0156 3288 HTTP - ok 19:39:35.0171 3288 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 19:39:35.0171 3288 HTTPFilter - ok 19:39:35.0171 3288 i2omgmt - ok 19:39:35.0171 3288 i2omp - ok 19:39:35.0187 3288 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 19:39:35.0187 3288 i8042prt - ok 19:39:35.0218 3288 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe 19:39:35.0218 3288 IDriverT - ok 19:39:35.0265 3288 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 19:39:35.0296 3288 idsvc - ok 19:39:35.0312 3288 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 19:39:35.0312 3288 Imapi - ok 19:39:35.0312 3288 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe 19:39:35.0312 3288 ImapiService - ok 19:39:35.0312 3288 ini910u - ok 19:39:35.0453 3288 [ 5A4308F76EAE30A7C3337B7B9E9B63E9 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys 19:39:35.0468 3288 IntcAzAudAddService - ok 19:39:35.0484 3288 IntelIde - ok 19:39:35.0484 3288 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 19:39:35.0484 3288 intelppm - ok 19:39:35.0500 3288 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys 19:39:35.0500 3288 Ip6Fw - ok 19:39:35.0515 3288 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 19:39:35.0515 3288 IpFilterDriver - ok 19:39:35.0531 3288 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 19:39:35.0531 3288 IpInIp - ok 19:39:35.0531 3288 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 19:39:35.0531 3288 IpNat - ok 19:39:35.0546 3288 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 19:39:35.0546 3288 IPSec - ok 19:39:35.0546 3288 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 19:39:35.0546 3288 IRENUM - ok 19:39:35.0562 3288 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 19:39:35.0562 3288 isapnp - ok 19:39:35.0562 3288 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 19:39:35.0562 3288 Kbdclass - ok 19:39:35.0578 3288 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 19:39:35.0578 3288 kmixer - ok 19:39:35.0593 3288 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 19:39:35.0593 3288 KSecDD - ok 19:39:35.0609 3288 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll 19:39:35.0609 3288 lanmanserver - ok 19:39:35.0609 3288 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 19:39:35.0625 3288 lanmanworkstation - ok 19:39:35.0625 3288 lbrtfdc - ok 19:39:35.0625 3288 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 19:39:35.0625 3288 LmHosts - ok 19:39:35.0656 3288 [ 0803906D607A9B83184447B75B60ECC2 ] LMS C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe 19:39:35.0656 3288 LMS - ok 19:39:35.0671 3288 [ 4A5FFDF0FE830C448830BD4B02B02B4B ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys 19:39:35.0671 3288 mbamchameleon - ok 19:39:35.0687 3288 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys 19:39:35.0687 3288 MBAMProtector - ok 19:39:35.0703 3288 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe 19:39:35.0703 3288 MBAMScheduler - ok 19:39:35.0734 3288 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 19:39:35.0734 3288 MBAMService - ok 19:39:35.0750 3288 [ CFCB18986426A2D8E66F1992636221D0 ] MEI C:\WINDOWS\system32\DRIVERS\HECI.sys 19:39:35.0750 3288 MEI - ok 19:39:35.0765 3288 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll 19:39:35.0765 3288 Messenger - ok 19:39:35.0781 3288 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 19:39:35.0781 3288 mnmdd - ok 19:39:35.0796 3288 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 19:39:35.0796 3288 mnmsrvc - ok 19:39:35.0812 3288 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys 19:39:35.0812 3288 Modem - ok 19:39:35.0843 3288 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys 19:39:35.0875 3288 Monfilt - ok 19:39:35.0890 3288 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 19:39:35.0890 3288 Mouclass - ok 19:39:35.0906 3288 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 19:39:35.0906 3288 mouhid - ok 19:39:35.0921 3288 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 19:39:35.0921 3288 MountMgr - ok 19:39:35.0953 3288 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 19:39:35.0953 3288 MozillaMaintenance - ok 19:39:35.0968 3288 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys 19:39:35.0968 3288 MpFilter - ok 19:39:35.0968 3288 mraid35x - ok 19:39:35.0984 3288 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 19:39:35.0984 3288 MRxDAV - ok 19:39:36.0015 3288 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 19:39:36.0015 3288 MRxSmb - ok 19:39:36.0031 3288 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe 19:39:36.0031 3288 MSDTC - ok 19:39:36.0031 3288 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 19:39:36.0031 3288 Msfs - ok 19:39:36.0031 3288 MSIServer - ok 19:39:36.0046 3288 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 19:39:36.0046 3288 MSKSSRV - ok 19:39:36.0078 3288 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe 19:39:36.0078 3288 MsMpSvc - ok 19:39:36.0078 3288 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 19:39:36.0078 3288 MSPCLOCK - ok 19:39:36.0093 3288 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 19:39:36.0093 3288 MSPQM - ok 19:39:36.0093 3288 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 19:39:36.0093 3288 mssmbios - ok 19:39:36.0109 3288 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 19:39:36.0109 3288 Mup - ok 19:39:36.0140 3288 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll 19:39:36.0140 3288 napagent - ok 19:39:36.0156 3288 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 19:39:36.0156 3288 NDIS - ok 19:39:36.0156 3288 ndiscm - ok 19:39:36.0187 3288 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 19:39:36.0187 3288 NdisTapi - ok 19:39:36.0187 3288 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 19:39:36.0187 3288 Ndisuio - ok 19:39:36.0203 3288 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 19:39:36.0203 3288 NdisWan - ok 19:39:36.0203 3288 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 19:39:36.0203 3288 NDProxy - ok 19:39:36.0203 3288 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 19:39:36.0203 3288 NetBIOS - ok 19:39:36.0218 3288 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 19:39:36.0234 3288 NetBT - ok 19:39:36.0250 3288 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe 19:39:36.0250 3288 NetDDE - ok 19:39:36.0250 3288 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 19:39:36.0250 3288 NetDDEdsdm - ok 19:39:36.0265 3288 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe 19:39:36.0265 3288 Netlogon - ok 19:39:36.0281 3288 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll 19:39:36.0281 3288 Netman - ok 19:39:36.0312 3288 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 19:39:36.0312 3288 NetTcpPortSharing - ok 19:39:36.0328 3288 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll 19:39:36.0328 3288 Nla - ok 19:39:36.0328 3288 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 19:39:36.0343 3288 Npfs - ok 19:39:36.0359 3288 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 19:39:36.0359 3288 Ntfs - ok 19:39:36.0359 3288 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 19:39:36.0359 3288 NtLmSsp - ok 19:39:36.0390 3288 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 19:39:36.0390 3288 NtmsSvc - ok 19:39:36.0406 3288 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys 19:39:36.0406 3288 Null - ok 19:39:36.0890 3288 [ A0A12B3824889E07CB5D19C30F058E68 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys 19:39:36.0937 3288 nv - ok 19:39:36.0953 3288 [ A211AB524324E84C2C805B52DFCDD544 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys 19:39:36.0953 3288 NVHDA - ok 19:39:36.0968 3288 [ 36E24031C29E6BB6F905CCB41FC987C0 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe 19:39:36.0968 3288 NVSvc - ok 19:39:37.0031 3288 [ EF14502139880F7C3DDCF0D7CA12F370 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe 19:39:37.0062 3288 nvUpdatusService - ok 19:39:37.0078 3288 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 19:39:37.0078 3288 NwlnkFlt - ok 19:39:37.0078 3288 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 19:39:37.0078 3288 NwlnkFwd - ok 19:39:37.0093 3288 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys 19:39:37.0093 3288 Parport - ok 19:39:37.0093 3288 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 19:39:37.0093 3288 PartMgr - ok 19:39:37.0125 3288 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 19:39:37.0125 3288 ParVdm - ok 19:39:37.0125 3288 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 19:39:37.0125 3288 PCI - ok 19:39:37.0125 3288 PCIDump - ok 19:39:37.0125 3288 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 19:39:37.0125 3288 PCIIde - ok 19:39:37.0140 3288 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 19:39:37.0140 3288 Pcmcia - ok 19:39:37.0140 3288 PDCOMP - ok 19:39:37.0140 3288 PDFRAME - ok 19:39:37.0156 3288 PDRELI - ok 19:39:37.0156 3288 PDRFRAME - ok 19:39:37.0156 3288 perc2 - ok 19:39:37.0156 3288 perc2hib - ok 19:39:37.0171 3288 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe 19:39:37.0171 3288 PlugPlay - ok 19:39:37.0171 3288 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 19:39:37.0171 3288 PolicyAgent - ok 19:39:37.0187 3288 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 19:39:37.0187 3288 PptpMiniport - ok 19:39:37.0187 3288 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 19:39:37.0187 3288 ProtectedStorage - ok 19:39:37.0187 3288 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 19:39:37.0187 3288 PSched - ok 19:39:37.0203 3288 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 19:39:37.0203 3288 Ptilink - ok 19:39:37.0203 3288 ql1080 - ok 19:39:37.0203 3288 Ql10wnt - ok 19:39:37.0203 3288 ql12160 - ok 19:39:37.0203 3288 ql1240 - ok 19:39:37.0203 3288 ql1280 - ok 19:39:37.0218 3288 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 19:39:37.0218 3288 RasAcd - ok 19:39:37.0234 3288 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll 19:39:37.0234 3288 RasAuto - ok 19:39:37.0250 3288 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 19:39:37.0250 3288 Rasl2tp - ok 19:39:37.0265 3288 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll 19:39:37.0265 3288 RasMan - ok 19:39:37.0265 3288 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 19:39:37.0265 3288 RasPppoe - ok 19:39:37.0265 3288 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 19:39:37.0265 3288 Raspti - ok 19:39:37.0281 3288 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 19:39:37.0281 3288 Rdbss - ok 19:39:37.0296 3288 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 19:39:37.0296 3288 RDPCDD - ok 19:39:37.0312 3288 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 19:39:37.0312 3288 RDPWD - ok 19:39:37.0328 3288 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 19:39:37.0343 3288 RDSessMgr - ok 19:39:37.0343 3288 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 19:39:37.0343 3288 redbook - ok 19:39:37.0359 3288 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 19:39:37.0359 3288 RemoteAccess - ok 19:39:37.0359 3288 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe 19:39:37.0359 3288 RpcLocator - ok 19:39:37.0390 3288 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll 19:39:37.0390 3288 RpcSs - ok 19:39:37.0406 3288 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe 19:39:37.0406 3288 RSVP - ok 19:39:37.0421 3288 [ D3578C3806ED545E5C36B2A20F5C0B5A ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 19:39:37.0421 3288 RTLE8023xp - ok 19:39:37.0421 3288 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe 19:39:37.0421 3288 SamSs - ok 19:39:37.0421 3288 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 19:39:37.0421 3288 SCardSvr - ok 19:39:37.0453 3288 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll 19:39:37.0453 3288 Schedule - ok 19:39:37.0468 3288 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 19:39:37.0468 3288 Secdrv - ok 19:39:37.0468 3288 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll 19:39:37.0484 3288 seclogon - ok 19:39:37.0484 3288 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll 19:39:37.0484 3288 SENS - ok 19:39:37.0484 3288 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys 19:39:37.0484 3288 Serial - ok 19:39:37.0515 3288 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 19:39:37.0515 3288 Sfloppy - ok 19:39:37.0531 3288 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 19:39:37.0531 3288 SharedAccess - ok 19:39:37.0546 3288 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 19:39:37.0546 3288 ShellHWDetection - ok 19:39:37.0546 3288 Simbad - ok 19:39:37.0546 3288 Sparrow - ok 19:39:37.0562 3288 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys 19:39:37.0562 3288 splitter - ok 19:39:37.0578 3288 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe 19:39:37.0578 3288 Spooler - ok 19:39:37.0593 3288 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 19:39:37.0593 3288 sr - ok 19:39:37.0609 3288 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll 19:39:37.0609 3288 srservice - ok 19:39:37.0640 3288 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 19:39:37.0640 3288 Srv - ok 19:39:37.0656 3288 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 19:39:37.0656 3288 SSDPSRV - ok 19:39:37.0671 3288 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll 19:39:37.0687 3288 stisvc - ok 19:39:37.0703 3288 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 19:39:37.0703 3288 swenum - ok 19:39:37.0703 3288 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 19:39:37.0703 3288 swmidi - ok 19:39:37.0703 3288 SwPrv - ok 19:39:37.0703 3288 symc810 - ok 19:39:37.0718 3288 symc8xx - ok 19:39:37.0718 3288 sym_hi - ok 19:39:37.0718 3288 sym_u3 - ok 19:39:37.0718 3288 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 19:39:37.0718 3288 sysaudio - ok 19:39:37.0734 3288 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 19:39:37.0750 3288 SysmonLog - ok 19:39:37.0750 3288 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 19:39:37.0750 3288 TapiSrv - ok 19:39:37.0781 3288 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 19:39:37.0781 3288 Tcpip - ok 19:39:37.0796 3288 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 19:39:37.0796 3288 TDPIPE - ok 19:39:37.0796 3288 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 19:39:37.0796 3288 TDTCP - ok 19:39:37.0812 3288 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 19:39:37.0812 3288 TermDD - ok 19:39:37.0828 3288 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll 19:39:37.0828 3288 TermService - ok 19:39:37.0828 3288 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll 19:39:37.0828 3288 Themes - ok 19:39:37.0828 3288 TosIde - ok 19:39:37.0843 3288 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll 19:39:37.0843 3288 TrkWks - ok 19:39:37.0843 3288 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 19:39:37.0859 3288 Udfs - ok 19:39:37.0859 3288 ultra - ok 19:39:37.0937 3288 [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe 19:39:38.0000 3288 UNS - ok 19:39:38.0015 3288 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 19:39:38.0031 3288 Update - ok 19:39:38.0046 3288 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll 19:39:38.0046 3288 upnphost - ok 19:39:38.0062 3288 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe 19:39:38.0062 3288 UPS - ok 19:39:38.0078 3288 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 19:39:38.0078 3288 usbehci - ok 19:39:38.0078 3288 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 19:39:38.0078 3288 usbhub - ok 19:39:38.0078 3288 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\drivers\usbstor.sys 19:39:38.0078 3288 usbstor - ok 19:39:38.0093 3288 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 19:39:38.0093 3288 VgaSave - ok 19:39:38.0093 3288 ViaIde - ok 19:39:38.0093 3288 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 19:39:38.0093 3288 VolSnap - ok 19:39:38.0109 3288 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe 19:39:38.0125 3288 VSS - ok 19:39:38.0156 3288 [ 7D110D645030C05A06C3CD08D1E47D0A ] vToolbarUpdater13.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe 19:39:38.0171 3288 vToolbarUpdater13.2.0 - ok 19:39:38.0187 3288 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll 19:39:38.0187 3288 W32Time - ok 19:39:38.0203 3288 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 19:39:38.0203 3288 Wanarp - ok 19:39:38.0203 3288 WDICA - ok 19:39:38.0203 3288 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 19:39:38.0203 3288 wdmaud - ok 19:39:38.0218 3288 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll 19:39:38.0218 3288 WebClient - ok 19:39:38.0250 3288 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 19:39:38.0265 3288 winmgmt - ok 19:39:38.0281 3288 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll 19:39:38.0281 3288 WmdmPmSN - ok 19:39:38.0296 3288 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 19:39:38.0296 3288 WmiApSrv - ok 19:39:38.0312 3288 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll 19:39:38.0312 3288 wscsvc - ok 19:39:38.0328 3288 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll 19:39:38.0328 3288 wuauserv - ok 19:39:38.0343 3288 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 19:39:38.0359 3288 WZCSVC - ok 19:39:38.0359 3288 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll 19:39:38.0375 3288 xmlprov - ok 19:39:38.0375 3288 ================ Scan global =============================== 19:39:38.0390 3288 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll 19:39:38.0421 3288 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 19:39:38.0421 3288 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll 19:39:38.0437 3288 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe 19:39:38.0437 3288 [Global] - ok 19:39:38.0437 3288 ================ Scan MBR ================================== 19:39:38.0437 3288 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0 19:39:38.0546 3288 \Device\Harddisk0\DR0 - ok 19:39:38.0546 3288 ================ Scan VBR ================================== 19:39:38.0546 3288 [ 696F7D88C63A76A446D140FEC7690767 ] \Device\Harddisk0\DR0\Partition1 19:39:38.0562 3288 \Device\Harddisk0\DR0\Partition1 - ok 19:39:38.0562 3288 ============================================================ 19:39:38.0562 3288 Scan finished 19:39:38.0562 3288 ============================================================ 19:39:38.0562 3268 Detected object count: 0 19:39:38.0562 3268 Actual detected object count: 0
- January 2, 2013
- 79 replies
Outgoing Malicious IP Blocks. Suspect Infection

MicQsenoch replied to MicQsenoch's topic in Resolved Malware Removal Logs

I ran those programs before I found this website and realized I may have a larger problem on my hands. Rouge Killer log 2 RogueKiller V8.4.2 [Dec 31 2012] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Michael Senff [Admin rights] Mode : Remove -- Date : 01/01/2013 19:31:56 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [RUN][sUSP PATH] HKLM\[...]\RunOnce : Z1 (C:\Documents and Settings\Michael Senff\Desktop\mbar\mbar.exe /cleanup /s) -> DELETED [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NOT SELECTED ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS @ 0xB4528640) ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD740GD-00FLC0 +++++ --- User --- [MBR] 7a1a556ce49d71bcb5d738cd79245330 [bSP] 10c4b9629b14d9b3e29e74b07b251d9d : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 70896 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[2]_D_01012013_02d1931.txt >> RKreport[1]_S_01012013_02d1222.txt ; RKreport[2]_D_01012013_02d1931.txt
- January 2, 2013
- 79 replies
Outgoing Malicious IP Blocks. Suspect Infection

MicQsenoch replied to MicQsenoch's topic in Resolved Malware Removal Logs

FYI, will be heading to a new years party. Will be back later this afternoon.
- January 1, 2013
- 79 replies
Outgoing Malicious IP Blocks. Suspect Infection

MicQsenoch replied to MicQsenoch's topic in Resolved Malware Removal Logs

Step 5 Ran bit deffender and it did not find anything, however i did not see a button that would give me any log. Step 6 Report RogueKiller V8.4.2 [Dec 31 2012] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/ Website : http://tigzy.geekstogo.com/roguekiller.php Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Michael Senff [Admin rights] Mode : Scan -- Date : 01/01/2013 12:22:22 ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 2 ¤¤¤ [RUN][sUSP PATH] HKLM\[...]\RunOnce : Z1 (C:\Documents and Settings\Michael Senff\Desktop\mbar\mbar.exe /cleanup /s) -> FOUND [HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS @ 0xB4528640) ¤¤¤ HOSTS File: ¤¤¤ --> C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: WDC WD740GD-00FLC0 +++++ --- User --- [MBR] 7a1a556ce49d71bcb5d738cd79245330 [bSP] 10c4b9629b14d9b3e29e74b07b251d9d : Windows XP MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 70896 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[1]_S_01012013_02d1222.txt >> RKreport[1]_S_01012013_02d1222.txt
- January 1, 2013
- 79 replies
Outgoing Malicious IP Blocks. Suspect Infection

MicQsenoch replied to MicQsenoch's topic in Resolved Malware Removal Logs

Step 4 log Results of screen317's Security Check version 0.99.56 Windows XP Service Pack 3 x86 Internet Explorer 8 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! AVG Security Toolbar Microsoft Security Essentials `````````Anti-malware/Other Utilities Check:````````` SUPERAntiSpyware Malwarebytes Anti-Malware version 1.70.0.1100 Adobe Flash Player 11.5.502.135 Mozilla Firefox (17.0.1) Google Chrome 22.0.1229.95 Google Chrome 23.0.1271.97 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C:: 26% Defragment your hard drive soon! (Do NOT defrag if SSD!) ````````````````````End of Log``````````````````````
- January 1, 2013
- 79 replies
Outgoing Malicious IP Blocks. Suspect Infection

MicQsenoch replied to MicQsenoch's topic in Resolved Malware Removal Logs

Logfile of random's system information tool 1.09 (written by random/random) Run by Michael Senff at 2013-01-01 11:57:05 Microsoft Windows XP Home Edition Service Pack 3 System drive C: has 50 GB (70%) free of 71 GB Total RAM: 3564 MB (75% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:57:10 AM, on 1/1/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\AVG Secure Search\vprot.exe C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Pando Networks\Media Booster\PMB.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\ERUNT\ERUNT.EXE C:\Documents and Settings\Michael Senff\My Documents\Downloads\RSIT.exe C:\Program Files\trend micro\Michael Senff.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={E63FE547-FCA7-4CEE-A237-B076D05B947B}&mid=〈=&ds=&pr=&d=&v=&sap=hp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet O4 - HKLM\..\RunOnce: [Z1] C:\Documents and Settings\Michael Senff\Desktop\mbar\mbar.exe /cleanup /s O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1356889323531 O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AppleChargerSrv - Unknown owner - C:\WINDOWS\system32\AppleChargerSrv.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- End of file - 6300 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\Adobe Flash Player Updater.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job C:\WINDOWS\tasks\MpIdleTask.job C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 8fdb9f41-1323-4f9b-89f5-9acb22c206d6.job C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task f741a3d6-a2d2-44a2-a58b-53aee11d3046.job =========Mozilla firefox========= ProfilePath - C:\Documents and Settings\Michael Senff\Application Data\Mozilla\Firefox\Profiles\8v50ytho.default "{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ "avg@toolbar"=C:\Documents and Settings\All Users\Application Data\AVG Secure Search\FireFoxExt\13.2.0.5 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.5.502.135 Plugin "Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] "Description"= "Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1] "Description"=Microsoft Download Manager "Path"=C:\WINDOWS\ [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin] "Description"=This plugin detects and launches Pando Media Booster "Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll C:\Program Files\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} C:\Program Files\Mozilla Firefox\components\ binary.manifest browsercomps.dll C:\Program Files\Mozilla Firefox\searchplugins\ amazondotcom.xml avg-secure-search.xml bing.xml eBay.xml google.xml twitter.xml wikipedia.xml yahoo.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] AVG Security Toolbar - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll [2012-12-31 1796552] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll [2012-12-31 1796552] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2011-10-14 20064872] "MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 947176] "vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-12-31 997320] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-11-30 15524712] "NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login [] "nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-12-03 1982312] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Z1"=C:\Documents and Settings\Michael Senff\Desktop\mbar\mbar.exe [2013-01-01 1342312] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360] "SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-11-01 4763008] "Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2012-12-30 3093624] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-18 113024] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe" "C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster" "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.trspch"=tssoft32.acm "vidc.cvid"=iccvid.dll "vidc.I420"=msh263.drv "vidc.iv31"=ir32_32.dll "vidc.iv32"=ir32_32.dll "vidc.iv41"=ir41_32.ax "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "msacm.msg723"=msg723.acm "vidc.M263"=msh263.drv "vidc.M261"=msh261.drv "msacm.msaudio1"=msaud32.acm "msacm.sl_anet"=sl_anet.acm "msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax "vidc.iv50"=ir50_32.dll "msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv ======List of files/folders created in the last 1 month====== 2013-01-01 11:57:05 ----D---- C:\rsit 2013-01-01 11:57:05 ----D---- C:\Program Files\trend micro 2013-01-01 11:51:48 ----D---- C:\Program Files\ERUNT 2013-01-01 09:43:27 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys 2012-12-31 18:12:57 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2012-12-31 18:12:55 ----D---- C:\Program Files\AGEIA Technologies 2012-12-31 18:12:22 ----D---- C:\Documents and Settings\Michael Senff\Application Data\AVG Secure Search 2012-12-31 18:11:27 ----A---- C:\WINDOWS\system32\nvhdagenco3220103.dll 2012-12-31 18:11:25 ----A---- C:\WINDOWS\system32\nvopencl.dll 2012-12-31 18:11:25 ----A---- C:\WINDOWS\system32\nvdispgenco32.dll 2012-12-31 18:11:25 ----A---- C:\WINDOWS\system32\nvdispco32.dll 2012-12-31 18:03:49 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Secure Search 2012-12-31 18:03:47 ----D---- C:\WINDOWS\system32\cache 2012-12-31 18:03:45 ----A---- C:\WINDOWS\system32\drivers\avgtpx86.sys 2012-12-30 16:21:30 ----D---- C:\Documents and Settings\Michael Senff\Application Data\LolClient 2012-12-30 16:05:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$ 2012-12-30 16:05:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$ 2012-12-30 16:04:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$ 2012-12-30 16:04:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$ 2012-12-30 16:04:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$ 2012-12-30 16:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$ 2012-12-30 16:04:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2758857$ 2012-12-30 16:04:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$ 2012-12-30 16:04:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$ 2012-12-30 16:04:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$ 2012-12-30 16:04:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$ 2012-12-30 16:04:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2779030$ 2012-12-30 16:03:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$ 2012-12-30 16:03:54 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2012-12-30 16:03:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$ 2012-12-30 16:03:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$ 2012-12-30 16:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$ 2012-12-30 16:02:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$ 2012-12-30 16:02:04 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$ 2012-12-30 16:02:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2779562$ 2012-12-30 16:01:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$ 2012-12-30 16:01:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$ 2012-12-30 16:01:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$ 2012-12-30 16:01:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$ 2012-12-30 16:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2724197$ 2012-12-30 16:00:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$ 2012-12-30 16:00:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$ 2012-12-30 16:00:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$ 2012-12-30 16:00:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$ 2012-12-30 16:00:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2736233$ 2012-12-30 15:59:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$ 2012-12-30 15:59:53 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$ 2012-12-30 15:59:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$ 2012-12-30 15:59:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$ 2012-12-30 15:59:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$ 2012-12-30 15:59:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$ 2012-12-30 15:59:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$ 2012-12-30 15:59:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$ 2012-12-30 15:58:57 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$ 2012-12-30 15:57:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$ 2012-12-30 15:57:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$ 2012-12-30 15:57:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842-v2$ 2012-12-30 15:57:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2770660$ 2012-12-30 15:57:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$ 2012-12-30 15:56:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$ 2012-12-30 15:56:25 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$ 2012-12-30 15:56:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$ 2012-12-30 15:56:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$ 2012-12-30 15:56:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$ 2012-12-30 15:56:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$ 2012-12-30 15:55:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$ 2012-12-30 15:55:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2749655$ 2012-12-30 15:55:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$ 2012-12-30 15:55:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$ 2012-12-30 15:55:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$ 2012-12-30 15:55:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$ 2012-12-30 15:55:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219-v2$ 2012-12-30 15:55:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$ 2012-12-30 15:55:11 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$ 2012-12-30 15:55:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135-v2$ 2012-12-30 15:55:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$ 2012-12-30 15:54:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2661254-v2$ 2012-12-30 15:54:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$ 2012-12-30 15:54:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$ 2012-12-30 15:52:19 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$ 2012-12-30 15:49:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$ 2012-12-30 15:49:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$ 2012-12-30 15:49:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$ 2012-12-30 15:49:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$ 2012-12-30 15:49:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$ 2012-12-30 15:49:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$ 2012-12-30 15:49:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$ 2012-12-30 15:49:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$ 2012-12-30 15:19:57 ----A---- C:\WINDOWS\system32\XAudio2_2.dll 2012-12-30 15:19:57 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll 2012-12-30 15:19:57 ----A---- C:\WINDOWS\system32\d3dx10_39.dll 2012-12-30 15:19:57 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll 2012-12-30 15:19:56 ----A---- C:\WINDOWS\system32\D3DX9_39.dll 2012-12-30 15:19:53 ----D---- C:\WINDOWS\Logs 2012-12-30 15:13:05 ----D---- C:\Riot Games 2012-12-30 14:35:56 ----N---- C:\WINDOWS\system32\iacenc.dll 2012-12-30 14:30:26 ----D---- C:\Documents and Settings\All Users\Application Data\PMB Files 2012-12-30 14:30:18 ----D---- C:\Program Files\Pando Networks 2012-12-30 14:30:15 ----A---- C:\WINDOWS\system32\mucltui.dll 2012-12-30 14:28:23 ----D---- C:\Documents and Settings\Michael Senff\Application Data\Adobe 2012-12-30 14:27:23 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe 2012-12-30 14:25:39 ----D---- C:\Documents and Settings\Michael Senff\Application Data\MSNInstaller 2012-12-30 14:23:53 ----D---- C:\Documents and Settings\Michael Senff\Application Data\Mozilla 2012-12-30 14:23:44 ----D---- C:\Program Files\Mozilla Maintenance Service 2012-12-30 14:23:44 ----D---- C:\Documents and Settings\All Users\Application Data\Mozilla 2012-12-30 14:23:31 ----D---- C:\Program Files\Mozilla Firefox 2012-12-30 14:17:08 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA 2012-12-30 14:16:47 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation 2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\OpenCL.dll 2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvoglnt.dll 2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvhdap32.dll 2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvhdagenco322040.dll 2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvgenco322060.dll 2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvdispco3220140.dll 2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvcuvid.dll 2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvcuvenc.dll 2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvcuda.dll 2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\drivers\nvhda32.sys 2012-12-30 14:14:52 ----A---- C:\WINDOWS\system32\nvcompiler.dll 2012-12-30 14:14:52 ----A---- C:\WINDOWS\system32\nvapi.dll 2012-12-30 14:14:42 ----D---- C:\Program Files\NVIDIA Corporation 2012-12-30 14:13:51 ----D---- C:\NVIDIA 2012-12-30 13:03:45 ----A---- C:\WINDOWS\system32\d3d9caps.dat 2012-12-30 13:01:47 ----D---- C:\Program Files\Google 2012-12-30 13:01:47 ----D---- C:\Documents and Settings\Michael Senff\Application Data\SUPERAntiSpyware.com 2012-12-30 13:01:40 ----D---- C:\Program Files\SUPERAntiSpyware 2012-12-30 13:01:40 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2012-12-30 12:58:35 ----D---- C:\Documents and Settings\Michael Senff\Application Data\Malwarebytes 2012-12-30 12:58:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2012-12-30 12:58:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2012-12-30 12:58:23 ----A---- C:\WINDOWS\system32\drivers\mbam.sys 2012-12-30 12:50:41 ----D---- C:\Documents and Settings\Michael Senff\Application Data\ElevatedDiagnostics 2012-12-30 12:49:48 ----D---- C:\WINDOWS\system32\windowspowershell 2012-12-30 12:49:44 ----HDC---- C:\WINDOWS\$NtUninstallKB926139-v2$ 2012-12-30 12:46:34 ----D---- C:\WINDOWS\Prefetch 2012-12-30 12:45:33 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$ 2012-12-30 12:45:29 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$ 2012-12-30 12:45:24 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$ 2012-12-30 12:45:20 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$ 2012-12-30 12:45:17 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$ 2012-12-30 12:45:14 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$ 2012-12-30 12:45:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$ 2012-12-30 12:45:07 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$ 2012-12-30 12:45:04 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$ 2012-12-30 12:45:00 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$ 2012-12-30 12:44:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$ 2012-12-30 12:44:53 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$ 2012-12-30 12:44:49 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$ 2012-12-30 12:44:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$ 2012-12-30 12:44:42 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$ 2012-12-30 12:44:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$ 2012-12-30 12:44:34 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$ 2012-12-30 12:44:31 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$ 2012-12-30 12:44:28 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2012-12-30 12:44:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2012-12-30 12:44:21 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2012-12-30 12:44:18 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$ 2012-12-30 12:44:14 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$ 2012-12-30 12:44:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$ 2012-12-30 12:44:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ 2012-12-30 12:44:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$ 2012-12-30 12:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2012-12-30 12:43:57 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$ 2012-12-30 12:43:53 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$ 2012-12-30 12:43:50 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$ 2012-12-30 12:43:47 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$ 2012-12-30 12:43:42 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2012-12-30 12:43:38 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2012-12-30 12:43:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$ 2012-12-30 12:43:29 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$ 2012-12-30 12:43:25 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$ 2012-12-30 12:43:22 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2012-12-30 12:43:19 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2012-12-30 12:43:15 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2012-12-30 12:43:12 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2012-12-30 12:43:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$ 2012-12-30 12:43:05 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2012-12-30 12:43:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2012-12-30 12:42:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2012-12-30 12:42:51 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2012-12-30 12:42:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$ 2012-12-30 12:42:44 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2012-12-30 12:42:41 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2012-12-30 12:42:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2012-12-30 12:42:33 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2012-12-30 12:42:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2012-12-30 12:42:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2012-12-30 12:42:22 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2012-12-30 12:42:19 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2012-12-30 12:42:16 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2012-12-30 12:42:12 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2012-12-30 12:42:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$ 2012-12-30 12:40:53 ----D---- C:\WINDOWS\system32\scripting 2012-12-30 12:40:53 ----D---- C:\WINDOWS\system32\en 2012-12-30 12:40:53 ----D---- C:\WINDOWS\system32\bits 2012-12-30 12:40:53 ----D---- C:\WINDOWS\l2schemas 2012-12-30 12:38:40 ----D---- C:\WINDOWS\network diagnostic 2012-12-30 12:36:50 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2012-12-30 12:36:49 ----D---- C:\WINDOWS\EHome 2012-12-30 12:28:45 ----HDC---- C:\WINDOWS\$NtUninstallKB980218_0$ 2012-12-30 12:28:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$ 2012-12-30 12:28:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$ 2012-12-30 12:28:34 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$ 2012-12-30 12:28:29 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$ 2012-12-30 12:28:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$ 2012-12-30 12:28:22 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$ 2012-12-30 12:27:21 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$ 2012-12-30 12:27:15 ----HDC---- C:\WINDOWS\$NtUninstallKB979683_0$ 2012-12-30 12:27:06 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$ 2012-12-30 12:27:03 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$ 2012-12-30 12:27:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$ 2012-12-30 12:26:57 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$ 2012-12-30 12:26:49 ----HDC---- C:\WINDOWS\$NtUninstallKB980232_0$ 2012-12-30 12:26:44 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$ 2012-12-30 12:26:40 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$ 2012-12-30 12:26:36 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$ 2012-12-30 12:26:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593_0$ 2012-12-30 12:26:27 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$ 2012-12-30 12:26:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$ 2012-12-30 12:26:19 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$ 2012-12-30 12:26:14 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$ 2012-12-30 12:26:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978338_0$ 2012-12-30 12:26:01 ----HDC---- C:\WINDOWS\$NtUninstallKB961118_0$ 2012-12-30 12:25:58 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$ 2012-12-30 12:25:54 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$ 2012-12-30 12:24:31 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$ 2012-12-30 12:24:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$ 2012-12-30 12:24:12 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$ 2012-12-30 12:24:09 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$ 2012-12-30 12:22:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$ 2012-12-30 12:22:41 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$ 2012-12-30 12:22:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2012-12-30 12:22:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$ 2012-12-30 12:22:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$ 2012-12-30 12:22:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$ 2012-12-30 12:22:24 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$ 2012-12-30 12:22:21 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$ 2012-12-30 12:22:17 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$ 2012-12-30 12:22:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$ 2012-12-30 12:22:10 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$ 2012-12-30 12:22:06 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$ 2012-12-30 12:22:02 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$ 2012-12-30 12:21:59 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$ 2012-12-30 12:21:56 ----HDC---- C:\WINDOWS\$NtUninstallKB978601_0$ 2012-12-30 12:21:52 ----HDC---- C:\WINDOWS\$NtUninstallKB979559_0$ 2012-12-30 12:21:36 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$ 2012-12-30 12:21:32 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2012-12-30 12:21:26 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$ 2012-12-30 12:21:23 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$ 2012-12-30 12:21:15 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$ 2012-12-30 12:21:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$ 2012-12-30 12:21:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978542_0$ 2012-12-30 12:20:58 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$ 2012-12-30 12:20:55 ----HDC---- C:\WINDOWS\$NtUninstallKB979309_0$ 2012-12-30 12:20:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$ 2012-12-30 12:20:48 ----HDC---- C:\WINDOWS\$NtUninstallKB979482_0$ 2012-12-30 12:20:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$ 2012-12-30 12:20:40 ----D---- C:\WINDOWS\ServicePackFiles 2012-12-30 12:20:38 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$ 2012-12-30 12:20:32 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$ 2012-12-30 12:20:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$ 2012-12-30 12:20:25 ----HDC---- C:\WINDOWS\$NtUninstallKB975562_0$ 2012-12-30 12:19:05 ----D---- C:\WINDOWS\ie8updates 2012-12-30 12:19:01 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$ 2012-12-30 12:18:55 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$ 2012-12-30 12:18:51 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9L$ 2012-12-30 12:17:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$ 2012-12-30 12:17:34 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$ 2012-12-30 12:17:14 ----A---- C:\WINDOWS\system32\MRT.exe 2012-12-30 12:17:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$ 2012-12-30 12:17:03 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$ 2012-12-30 12:15:17 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys 2012-12-30 12:15:17 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys 2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys 2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys 2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys 2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys 2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys 2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys 2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys 2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys 2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys 2012-12-30 12:15:15 ----N---- C:\WINDOWS\system32\drivers\recagent.sys 2012-12-30 12:15:15 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys 2012-12-30 12:15:15 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys 2012-12-30 12:15:15 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys 2012-12-30 12:15:15 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys 2012-12-30 12:15:15 ----A---- C:\WINDOWS\system32\drivers\nv4_mini.sys 2012-12-30 12:15:12 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys 2012-12-30 12:15:12 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys 2012-12-30 12:15:11 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys 2012-12-30 12:15:11 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys 2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys 2012-12-30 12:07:36 ----N---- C:\WINDOWS\system32\drivers\bthport.sys 2012-12-30 12:05:04 ----N---- C:\WINDOWS\system32\tzchange.exe 2012-12-30 12:04:14 ----N---- C:\WINDOWS\system32\MpSigStub.exe 2012-12-30 12:03:25 ----A---- C:\WINDOWS\system32\xpsp4res.dll 2012-12-30 12:03:25 ----A---- C:\WINDOWS\system32\xpsp3res.dll 2012-12-30 12:02:08 ----D---- C:\Program Files\Microsoft Security Client 2012-12-30 11:58:37 ----D---- C:\Documents and Settings\Michael Senff\Application Data\Macromedia 2012-12-30 11:58:34 ----A---- C:\WINDOWS\system32\wpa.bak 2012-12-30 11:56:32 ----D---- C:\Documents and Settings\Michael Senff\Application Data\MicrosoftSecurityEssentialsPackages 2012-12-30 11:54:29 ----HDC---- C:\WINDOWS\$NtUninstallKB914882$ 2012-12-30 11:51:16 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2012-12-30 11:50:51 ----D---- C:\WINDOWS\system32\PreInstall 2012-12-30 11:50:50 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ 2012-12-30 11:43:58 ----A---- C:\WINDOWS\system32\wups2.dll 2012-12-30 11:43:57 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2012-12-30 11:33:53 ----D---- C:\WINDOWS\WBEM 2012-12-30 11:33:18 ----HDC---- C:\WINDOWS\ie8 2012-12-30 11:28:10 ----A---- C:\WINDOWS\gdrv.sys 2012-12-30 11:28:08 ----D---- C:\WINDOWS\Minidump 2012-12-30 11:27:40 ----D---- C:\Program Files\Common Files\AVG Secure Search 2012-12-30 11:27:39 ----D---- C:\Program Files\AVG Secure Search 2012-12-30 11:03:20 ----N---- C:\WINDOWS\system32\spmsg.dll 2012-12-30 11:03:18 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$ 2012-12-30 11:03:14 ----HD---- C:\WINDOWS\$hf_mig$ 2012-12-30 11:02:59 ----D---- C:\Program Files\Microsoft Download Manager 2012-12-30 09:45:24 ----D---- C:\WINDOWS\system32\Lang 2012-12-30 09:44:07 ----A---- C:\WINDOWS\system32\drivers\splitter.sys 2012-12-30 09:44:06 ----A---- C:\WINDOWS\system32\drivers\GVTDrv.sys 2012-12-30 09:44:05 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys 2012-12-30 09:44:04 ----A---- C:\WINDOWS\system32\drivers\dmusic.sys 2012-12-30 09:44:02 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys 2012-12-30 09:44:01 ----A---- C:\WINDOWS\system32\drivers\aec.sys 2012-12-30 09:44:00 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys 2012-12-30 09:43:59 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys 2012-12-30 09:43:59 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys 2012-12-30 09:43:58 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys 2012-12-30 09:43:57 ----A---- C:\WINDOWS\system32\drivers\mspqm.sys 2012-12-30 09:43:56 ----A---- C:\WINDOWS\system32\drivers\mspclock.sys 2012-12-30 09:41:59 ----D---- C:\Program Files\AMD 2012-12-30 09:41:28 ----A---- C:\WINDOWS\system32\drivers\AppleCharger.sys 2012-12-30 09:41:28 ----A---- C:\WINDOWS\system32\AppleChargerSrv.exe 2012-12-30 09:41:23 ----D---- C:\Program Files\Gigabyte 2012-12-30 09:41:17 ----A---- C:\WINDOWS\system32\drivers\IntelMEFWVer.dll 2012-12-30 09:41:16 ----A---- C:\WINDOWS\system32\log.txt 2012-12-30 09:41:16 ----A---- C:\WINDOWS\IsUninst.exe 2012-12-30 09:41:14 ----D---- C:\Program Files\Common Files\postureAgent 2012-12-30 09:41:11 ----A---- C:\WINDOWS\system32\drivers\HECI.sys 2012-12-30 09:41:11 ----A---- C:\WINDOWS\system32\difxapi.dll 2012-12-30 09:40:58 ----D---- C:\Documents and Settings\Michael Senff\Application Data\InstallShield 2012-12-30 09:40:39 ----D---- C:\WINDOWS\system32\RTCOM 2012-12-30 09:40:36 ----A---- C:\WINDOWS\system32\ksuser.dll 2012-12-30 09:40:36 ----A---- C:\WINDOWS\system32\drivers\drmk.sys 2012-12-30 09:40:26 ----D---- C:\Program Files\Etron Technology 2012-12-30 09:40:24 ----A---- C:\WINDOWS\system32\RTNUninst32.dll 2012-12-30 09:40:24 ----A---- C:\WINDOWS\system32\RtNicProp32.dll 2012-12-30 09:40:24 ----A---- C:\WINDOWS\system32\drivers\Rtenicxp.sys 2012-12-30 09:40:14 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$ 2012-12-30 09:40:11 ----A---- C:\WINDOWS\vncutil.exe 2012-12-30 09:40:10 ----A---- C:\WINDOWS\SOUNDMAN.EXE 2012-12-30 09:40:10 ----A---- C:\WINDOWS\SkyTel.exe 2012-12-30 09:40:09 ----A---- C:\WINDOWS\RtlUpd.exe 2012-12-30 09:40:07 ----A---- C:\WINDOWS\system32\RtkCoLDRXP.dll 2012-12-30 09:40:07 ----A---- C:\WINDOWS\system32\RtkCoInstIIXP.dll 2012-12-30 09:40:07 ----A---- C:\WINDOWS\system32\drivers\RtkHDAud.sys 2012-12-30 09:40:07 ----A---- C:\WINDOWS\RtkAudioService.exe 2012-12-30 09:40:05 ----A---- C:\WINDOWS\RTLCPL.EXE 2012-12-30 09:39:59 ----A---- C:\WINDOWS\system32\drivers\RTAIODAT.DAT 2012-12-30 09:39:59 ----A---- C:\WINDOWS\RTHDCPL.EXE 2012-12-30 09:39:58 ----A---- C:\WINDOWS\system32\drivers\Monfilt.sys 2012-12-30 09:39:57 ----A---- C:\WINDOWS\MicCal.exe 2012-12-30 09:39:47 ----A---- C:\WINDOWS\ALCMTR.EXE 2012-12-30 09:39:46 ----A---- C:\WINDOWS\ALCWZRD.EXE 2012-12-30 09:39:45 ----D---- C:\Program Files\Realtek 2012-12-30 09:39:45 ----A---- C:\WINDOWS\system32\drivers\Ambfilt.sys 2012-12-30 09:39:44 ----HD---- C:\Program Files\InstallShield Installation Information 2012-12-30 09:39:40 ----R---- C:\WINDOWS\RtlExUpd.dll 2012-12-30 09:39:35 ----D---- C:\Program Files\Common Files\InstallShield 2012-12-30 09:39:00 ----D---- C:\WINDOWS\system32\ReinstallBackups 2012-12-30 09:38:58 ----RA---- C:\WINDOWS\system32\CSVer.dll 2012-12-30 09:38:58 ----DC---- C:\WINDOWS\system32\DRVSTORE 2012-12-30 09:38:58 ----D---- C:\Program Files\Intel 2012-12-30 09:38:53 ----D---- C:\Intel 2012-12-30 09:38:19 ----D---- C:\WINDOWS\system32\XPSViewer 2012-12-30 09:38:17 ----D---- C:\WINDOWS\system32\en-US 2012-12-30 09:38:17 ----D---- C:\Program Files\MSBuild 2012-12-30 09:38:14 ----D---- C:\Program Files\Reference Assemblies 2012-12-30 09:38:00 ----N---- C:\WINDOWS\system32\xpssvcs.dll 2012-12-30 09:38:00 ----N---- C:\WINDOWS\system32\xpsshhdr.dll 2012-12-30 09:38:00 ----N---- C:\WINDOWS\system32\prntvpt.dll 2012-12-30 09:38:00 ----D---- C:\931dd4e9d3fec63017e138d3 2012-12-30 09:37:43 ----RSD---- C:\WINDOWS\assembly 2012-12-30 09:37:34 ----D---- C:\WINDOWS\Microsoft.NET 2012-12-30 09:37:19 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2012-12-30 09:37:18 ----HDC---- C:\WINDOWS\$NtUninstallWIC$ 2012-12-30 09:37:16 ----D---- C:\Program Files\MSXML 6.0 2012-12-30 09:36:12 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$ 2012-12-30 09:35:44 ----RA---- C:\WINDOWS\GSetup.exe 2012-12-30 09:35:44 ----A---- C:\WINDOWS\GSetup.ini 2012-12-29 13:34:51 ----A---- C:\WINDOWS\system32\h323log.txt 2012-12-29 13:29:24 ----A---- C:\WINDOWS\system32\drivers\audstub.sys 2012-12-29 13:29:01 ----A---- C:\WINDOWS\system32\drivers\redbook.sys 2012-12-29 13:28:28 ----A---- C:\WINDOWS\system32\usbui.dll 2012-12-29 13:27:47 ----A---- C:\WINDOWS\imsins.BAK 2012-12-29 13:27:45 ----SHD---- C:\WINDOWS\Installer 2012-12-29 13:27:45 ----D---- C:\Program Files\Common Files\ODBC 2012-12-29 13:27:45 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2012-12-29 13:27:45 ----A---- C:\WINDOWS\ODBCINST.INI 2012-12-29 13:27:42 ----D---- C:\Program Files\Common Files\SpeechEngines 2012-12-29 13:27:41 ----RD---- C:\Program Files 2012-12-29 13:27:41 ----D---- C:\Program Files\Common Files\Microsoft Shared 2012-12-29 13:27:41 ----D---- C:\Program Files\Common Files 2012-12-29 13:27:39 ----RA---- C:\WINDOWS\system32\kbdtuq.dll 2012-12-29 13:27:39 ----RA---- C:\WINDOWS\system32\kbdtuf.dll 2012-12-29 13:27:39 ----RA---- C:\WINDOWS\system32\kbdazel.dll 2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdycc.dll 2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbduzb.dll 2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdur.dll 2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdtat.dll 2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdru1.dll 2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdru.dll 2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdmon.dll 2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdkyr.dll 2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdkaz.dll 2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdaze.dll 2012-12-29 13:27:36 ----RA---- C:\WINDOWS\system32\kbdbu.dll 2012-12-29 13:27:36 ----RA---- C:\WINDOWS\system32\kbdblr.dll 2012-12-29 13:27:35 ----RA---- C:\WINDOWS\system32\kbdhept.dll 2012-12-29 13:27:35 ----RA---- C:\WINDOWS\system32\kbdhela3.dll 2012-12-29 13:27:35 ----RA---- C:\WINDOWS\system32\kbdhela2.dll 2012-12-29 13:27:35 ----RA---- C:\WINDOWS\system32\kbdhe319.dll 2012-12-29 13:27:34 ----RA---- C:\WINDOWS\system32\kbdhe220.dll 2012-12-29 13:27:34 ----RA---- C:\WINDOWS\system32\kbdhe.dll 2012-12-29 13:27:34 ----RA---- C:\WINDOWS\system32\kbdgkl.dll 2012-12-29 13:27:33 ----RA---- C:\WINDOWS\system32\kbdlv1.dll 2012-12-29 13:27:33 ----RA---- C:\WINDOWS\system32\kbdlv.dll 2012-12-29 13:27:33 ----RA---- C:\WINDOWS\system32\kbdlt1.dll 2012-12-29 13:27:33 ----RA---- C:\WINDOWS\system32\kbdlt.dll 2012-12-29 13:27:33 ----RA---- C:\WINDOWS\system32\kbdest.dll 2012-12-29 13:27:31 ----RA---- C:\WINDOWS\system32\kbdsl1.dll 2012-12-29 13:27:31 ----RA---- C:\WINDOWS\system32\kbdsl.dll 2012-12-29 13:27:31 ----RA---- C:\WINDOWS\system32\kbdro.dll 2012-12-29 13:27:31 ----RA---- C:\WINDOWS\system32\kbdpl1.dll 2012-12-29 13:27:31 ----RA---- C:\WINDOWS\system32\kbdpl.dll 2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdycl.dll 2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdhu1.dll 2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdhu.dll 2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdcz2.dll 2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdcz1.dll 2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdcz.dll 2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdcr.dll 2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\KBDAL.DLL 2012-12-29 13:27:29 ----A---- C:\WINDOWS\system32\irclass.dll 2012-12-29 13:27:29 ----A---- C:\WINDOWS\system32\dgrpsetu.dll 2012-12-29 13:27:28 ----A---- C:\WINDOWS\system32\spxcoins.dll 2012-12-29 13:27:28 ----A---- C:\WINDOWS\system32\EqnClass.Dll 2012-12-29 13:27:28 ----A---- C:\WINDOWS\system32\dgsetup.dll 2012-12-29 13:27:26 ----N---- C:\WINDOWS\system32\CONFIG.TMP 2012-12-29 13:27:26 ----A---- C:\WINDOWS\TASKMAN.EXE 2012-12-29 13:27:26 ----A---- C:\WINDOWS\system32\drivers\irenum.sys 2012-12-29 13:27:26 ----A---- C:\WINDOWS\system32\batt.dll 2012-12-29 13:27:25 ----A---- C:\WINDOWS\system32\storprop.dll 2012-12-29 13:27:25 ----A---- C:\WINDOWS\notepad.exe 2012-12-29 13:27:20 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini 2012-12-29 13:27:18 ----RA---- C:\WINDOWS\SET8.tmp 2012-12-29 13:27:15 ----RA---- C:\WINDOWS\SET4.tmp 2012-12-29 13:27:14 ----RA---- C:\WINDOWS\SET3.tmp 2012-12-29 13:27:10 ----D---- C:\WINDOWS\system32\CatRoot2 2012-12-29 13:27:10 ----D---- C:\WINDOWS\system32\CatRoot 2012-12-29 13:27:04 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2012-12-29 13:26:46 ----A---- C:\WINDOWS\setuplog.txt 2012-12-29 13:26:45 ----D---- C:\Documents and Settings 2012-12-29 13:26:44 ----SHD---- C:\System Volume Information 2012-12-29 13:26:44 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT 2012-12-29 13:26:07 ----SH---- C:\boot.ini 2012-12-29 13:20:21 ----RSHDC---- C:\WINDOWS\system32\dllcache 2012-12-29 13:20:21 ----RSD---- C:\WINDOWS\Fonts 2012-12-29 13:20:21 ----RD---- C:\WINDOWS\Web 2012-12-29 13:20:21 ----HD---- C:\WINDOWS\inf 2012-12-29 13:20:21 ----D---- C:\WINDOWS\WinSxS 2012-12-29 13:20:21 ----D---- C:\WINDOWS\twain_32 2012-12-29 13:20:21 ----D---- C:\WINDOWS\Temp 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\wins 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\wbem 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\usmt 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\spool 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\ShellExt 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\Setup 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\ras 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\oobe 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\npp 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\mui 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\inetsrv 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\IME 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\icsxml 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\ias 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\export 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\drivers\etc 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\drivers\disdn 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\drivers 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\dhcp 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\config 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\3com_dmi 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\3076 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\2052 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\1054 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\1042 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\1041 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\1037 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\1033 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\1031 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\1028 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\1025 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32 2012-12-29 13:20:21 ----D---- C:\WINDOWS\system 2012-12-29 13:20:21 ----D---- C:\WINDOWS\security 2012-12-29 13:20:21 ----D---- C:\WINDOWS\Resources 2012-12-29 13:20:21 ----D---- C:\WINDOWS\repair 2012-12-29 13:20:21 ----D---- C:\WINDOWS\Provisioning 2012-12-29 13:20:21 ----D---- C:\WINDOWS\PeerNet 2012-12-29 13:20:21 ----D---- C:\WINDOWS\pchealth 2012-12-29 13:20:21 ----D---- C:\WINDOWS\mui 2012-12-29 13:20:21 ----D---- C:\WINDOWS\msapps 2012-12-29 13:20:21 ----D---- C:\WINDOWS\msagent 2012-12-29 13:20:21 ----D---- C:\WINDOWS\Media 2012-12-29 13:20:21 ----D---- C:\WINDOWS\java 2012-12-29 13:20:21 ----D---- C:\WINDOWS\ime 2012-12-29 13:20:21 ----D---- C:\WINDOWS\Help 2012-12-29 13:20:21 ----D---- C:\WINDOWS\Driver Cache 2012-12-29 13:20:21 ----D---- C:\WINDOWS\Debug 2012-12-29 13:20:21 ----D---- C:\WINDOWS\Cursors 2012-12-29 13:20:21 ----D---- C:\WINDOWS\Connection Wizard 2012-12-29 13:20:21 ----D---- C:\WINDOWS\Config 2012-12-29 13:20:21 ----D---- C:\WINDOWS\AppPatch 2012-12-29 13:20:21 ----D---- C:\WINDOWS\addins 2012-12-29 13:20:21 ----D---- C:\WINDOWS 2012-12-29 13:20:21 ----ASH---- C:\pagefile.sys 2012-12-29 12:56:36 ----D---- C:\Program Files\Common Files\Adobe 2012-12-29 12:53:14 ----SHD---- C:\RECYCLER 2012-12-29 12:41:55 ----D---- C:\Documents and Settings\Michael Senff\Application Data\Identities 2012-12-29 12:41:54 ----HD---- C:\Program Files\Uninstall Information 2012-12-29 12:41:52 ----ASH---- C:\Documents and Settings\Michael Senff\Application Data\desktop.ini 2012-12-29 12:41:51 ----SD---- C:\Documents and Settings\Michael Senff\Application Data\Microsoft 2012-12-29 12:41:19 ----D---- C:\WINDOWS\SoftwareDistribution 2012-12-29 12:41:18 ----SD---- C:\WINDOWS\system32\Microsoft 2012-12-29 12:41:18 ----A---- C:\WINDOWS\SchedLgU.Txt 2012-12-29 12:40:27 ----AS---- C:\WINDOWS\bootstat.dat 2012-12-29 12:39:26 ----D---- C:\WINDOWS\system32\xircom 2012-12-29 12:39:26 ----D---- C:\Program Files\xerox 2012-12-29 12:39:26 ----D---- C:\Program Files\microsoft frontpage 2012-12-29 12:39:20 ----RASH---- C:\MSDOS.SYS 2012-12-29 12:39:20 ----RASH---- C:\IO.SYS 2012-12-29 12:39:20 ----A---- C:\WINDOWS\control.ini 2012-12-29 12:39:20 ----A---- C:\CONFIG.SYS 2012-12-29 12:39:20 ----A---- C:\AUTOEXEC.BAT 2012-12-29 12:39:15 ----A---- C:\WINDOWS\OEWABLog.txt 2012-12-29 12:39:13 ----A---- C:\WINDOWS\system32\mapi32.dll 2012-12-29 12:38:49 ----SD---- C:\WINDOWS\Downloaded Program Files 2012-12-29 12:38:49 ----RD---- C:\WINDOWS\Offline Web Pages 2012-12-29 12:38:44 ----HD---- C:\Program Files\WindowsUpdate 2012-12-29 12:38:29 ----D---- C:\WINDOWS\system32\DirectX 2012-12-29 12:38:10 ----A---- C:\WINDOWS\system32\atrace.dll 2012-12-29 12:38:07 ----A---- C:\WINDOWS\system32\desktop.ini 2012-12-29 12:38:07 ----A---- C:\WINDOWS\desktop.ini 2012-12-29 12:38:01 ----A---- C:\WINDOWS\system32\nmevtmsg.dll 2012-12-29 12:38:00 ----A---- C:\WINDOWS\system32\acctres.dll 2012-12-29 12:37:59 ----D---- C:\Program Files\Common Files\Services 2012-12-29 12:37:57 ----SD---- C:\WINDOWS\Tasks 2012-12-29 12:37:57 ----A---- C:\WINDOWS\system32\icfgnt5.dll 2012-12-29 12:37:56 ----D---- C:\Program Files\Common Files\MSSoap 2012-12-29 12:37:52 ----D---- C:\WINDOWS\srchasst 2012-12-29 12:37:51 ----D---- C:\WINDOWS\system32\Macromed 2012-12-29 12:37:48 ----A---- C:\WINDOWS\system32\wuweb.dll 2012-12-29 12:37:48 ----A---- C:\WINDOWS\system32\wucltui.dll 2012-12-29 12:37:48 ----A---- C:\WINDOWS\system32\wuauserv.dll 2012-12-29 12:37:48 ----A---- C:\WINDOWS\system32\wuaueng1.dll 2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\wups.dll 2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\wuaueng.dll 2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\wuauclt1.exe 2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\wuauclt.exe 2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\wuapi.dll 2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\bitsprx3.dll 2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\bitsprx2.dll 2012-12-29 12:37:46 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2012-12-29 12:37:46 ----A---- C:\WINDOWS\system32\qmgr.dll 2012-12-29 12:37:42 ----D---- C:\Program Files\Movie Maker 2012-12-29 12:37:39 ----A---- C:\WINDOWS\system32\safrslv.dll 2012-12-29 12:37:39 ----A---- C:\WINDOWS\system32\safrdm.dll 2012-12-29 12:37:39 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2012-12-29 12:37:38 ----A---- C:\WINDOWS\system32\racpldlg.dll 2012-12-29 12:37:35 ----A---- C:\WINDOWS\system32\fltmc.exe 2012-12-29 12:37:35 ----A---- C:\WINDOWS\system32\fltlib.dll 2012-12-29 12:37:35 ----A---- C:\WINDOWS\system32\drivers\fltmgr.sys 2012-12-29 12:37:34 ----D---- C:\WINDOWS\system32\Restore 2012-12-29 12:37:34 ----A---- C:\WINDOWS\system32\srsvc.dll 2012-12-29 12:37:34 ----A---- C:\WINDOWS\system32\srrstr.dll 2012-12-29 12:37:34 ----A---- C:\WINDOWS\system32\srclient.dll 2012-12-29 12:37:34 ----A---- C:\WINDOWS\system32\drivers\sr.sys 2012-12-29 12:37:33 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2012-12-29 12:37:33 ----A---- C:\WINDOWS\system32\msconf.dll 2012-12-29 12:37:33 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2012-12-29 12:37:33 ----A---- C:\WINDOWS\system32\mnmdd.dll 2012-12-29 12:37:33 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2012-12-29 12:37:33 ----A---- C:\WINDOWS\system32\ils.dll 2012-12-29 12:37:30 ----D---- C:\Program Files\NetMeeting 2012-12-29 12:37:30 ----A---- C:\WINDOWS\system32\msoert2.dll 2012-12-29 12:37:30 ----A---- C:\WINDOWS\system32\msoeacct.dll 2012-12-29 12:37:29 ----A---- C:\WINDOWS\system32\inetres.dll 2012-12-29 12:37:28 ----A---- C:\WINDOWS\system32\inetcomm.dll 2012-12-29 12:37:26 ----D---- C:\Program Files\Outlook Express 2012-12-29 12:37:26 ----A---- C:\WINDOWS\system32\schedsvc.dll 2012-12-29 12:37:26 ----A---- C:\WINDOWS\system32\mstinit.exe 2012-12-29 12:37:26 ----A---- C:\WINDOWS\system32\mstask.dll 2012-12-29 12:37:25 ----A---- C:\WINDOWS\system32\isign32.dll 2012-12-29 12:37:25 ----A---- C:\WINDOWS\system32\inetcfg.dll 2012-12-29 12:37:25 ----A---- C:\WINDOWS\system32\icwphbk.dll 2012-12-29 12:37:25 ----A---- C:\WINDOWS\system32\icwdial.dll 2012-12-29 12:37:20 ----D---- C:\Program Files\Common Files\System 2012-12-29 12:37:19 ----D---- C:\Program Files\Internet Explorer 2012-12-29 12:37:17 ----A---- C:\WINDOWS\system32\emptyregdb.dat 2012-12-29 12:37:11 ----D---- C:\Program Files\ComPlus Applications 2012-12-29 12:37:10 ----A---- C:\WINDOWS\vbaddin.ini 2012-12-29 12:37:10 ----A---- C:\WINDOWS\vb.ini 2012-12-29 12:37:07 ----D---- C:\WINDOWS\Registration 2012-12-29 12:36:53 ----D---- C:\Program Files\Windows Media Player 2012-12-29 12:36:53 ----D---- C:\Program Files\Online Services 2012-12-29 12:36:50 ----D---- C:\Program Files\Messenger 2012-12-29 12:36:46 ----D---- C:\Program Files\MSN Gaming Zone 2012-12-29 12:36:46 ----A---- C:\WINDOWS\system32\write.exe 2012-12-29 12:36:39 ----A---- C:\WINDOWS\system32\sndvol32.exe 2012-12-29 12:36:39 ----A---- C:\WINDOWS\system32\hticons.dll 2012-12-29 12:36:38 ----A---- C:\WINDOWS\system32\winchat.exe 2012-12-29 12:36:38 ----A---- C:\WINDOWS\system32\avwav.dll 2012-12-29 12:36:38 ----A---- C:\WINDOWS\system32\avtapi.dll 2012-12-29 12:36:38 ----A---- C:\WINDOWS\system32\avmeter.dll 2012-12-29 12:36:32 ----A---- C:\WINDOWS\system32\getuname.dll 2012-12-29 12:36:32 ----A---- C:\WINDOWS\system32\charmap.exe 2012-12-29 12:36:31 ----A---- C:\WINDOWS\system32\winmine.exe 2012-12-29 12:36:31 ----A---- C:\WINDOWS\system32\sol.exe 2012-12-29 12:36:31 ----A---- C:\WINDOWS\system32\mshearts.exe 2012-12-29 12:36:31 ----A---- C:\WINDOWS\system32\calc.exe 2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\usrlogon.cmd 2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\tsshutdn.exe 2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\tslabels.ini 2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\tskill.exe 2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\tsdiscon.exe 2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\tscon.exe 2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\shadow.exe 2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\rwinsta.exe 2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\reset.exe 2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\regini.exe 2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\rdpcfgex.dll 2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\qwinsta.exe 2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\freecell.exe 2012-12-29 12:36:29 ----A---- C:\WINDOWS\system32\qappsrv.exe 2012-12-29 12:36:29 ----A---- C:\WINDOWS\system32\msg.exe 2012-12-29 12:36:29 ----A---- C:\WINDOWS\system32\msdtcprf.ini 2012-12-29 12:36:29 ----A---- C:\WINDOWS\system32\logoff.exe 2012-12-29 12:36:29 ----A---- C:\WINDOWS\system32\cdmodem.dll 2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\stclient.dll 2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\mtxlegih.dll 2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\mtxex.dll 2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\mtxdm.dll 2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\dcomcnfg.exe 2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\comsnap.dll 2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\comrepl.dll 2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\comaddin.dll 2012-12-29 12:36:24 ----A---- C:\WINDOWS\system32\wmimgmt.msc 2012-12-29 12:36:09 ----D---- C:\Program Files\MSN 2012-12-29 12:36:08 ----A---- C:\WINDOWS\system32\sndrec32.exe 2012-12-29 12:36:08 ----A---- C:\WINDOWS\system32\accwiz.exe 2012-12-29 12:36:07 ----D---- C:\Program Files\Windows NT 2012-12-29 12:36:07 ----A---- C:\WINDOWS\system32\mspaint.exe 2012-12-29 12:36:07 ----A---- C:\WINDOWS\system32\mplay32.exe 2012-12-29 12:36:07 ----A---- C:\WINDOWS\system32\hypertrm.dll 2012-12-29 12:36:06 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2012-12-29 12:36:06 ----A---- C:\WINDOWS\system32\spider.exe 2012-12-29 12:36:06 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys 2012-12-29 12:36:06 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys 2012-12-29 12:36:06 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys 2012-12-29 12:36:06 ----A---- C:\WINDOWS\system32\clipbrd.exe 2012-12-29 12:36:05 ----A---- C:\WINDOWS\system32\sessmgr.exe 2012-12-29 12:36:05 ----A---- C:\WINDOWS\system32\remotepg.dll 2012-12-29 12:36:05 ----A---- C:\WINDOWS\system32\rdshost.exe 2012-12-29 12:36:05 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2012-12-29 12:36:05 ----A---- C:\WINDOWS\system32\mstscax.dll 2012-12-29 12:36:05 ----A---- C:\WINDOWS\system32\mstsc.exe 2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\tscupgrd.exe 2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\termsrv.dll 2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\rdpclip.exe 2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\rdchost.dll 2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\qprocess.exe 2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\icaapi.dll 2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2012-12-29 12:36:03 ----D---- C:\WINDOWS\system32\MsDtc 2012-12-29 12:36:03 ----A---- C:\WINDOWS\system32\mtxoci.dll 2012-12-29 12:36:03 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2012-12-29 12:36:03 ----A---- C:\WINDOWS\system32\msdtctm.dll 2012-12-29 12:36:03 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2012-12-29 12:36:02 ----A---- C:\WINDOWS\system32\xolehlp.dll 2012-12-29 12:36:02 ----A---- C:\WINDOWS\system32\msdtclog.dll 2012-12-29 12:36:02 ----A---- C:\WINDOWS\system32\msdtc.exe 2012-12-29 12:36:01 ----D---- C:\WINDOWS\system32\Com 2012-12-29 12:36:01 ----A---- C:\WINDOWS\system32\colbact.dll 2012-12-29 12:36:01 ----A---- C:\WINDOWS\system32\clbcatex.dll 2012-12-29 12:36:01 ----A---- C:\WINDOWS\system32\catsrvut.dll 2012-12-29 12:36:01 ----A---- C:\WINDOWS\system32\catsrvps.dll 2012-12-29 12:36:01 ----A---- C:\WINDOWS\system32\catsrv.dll 2012-12-29 12:36:00 ----A---- C:\WINDOWS\system32\comuid.dll 2012-12-29 12:36:00 ----A---- C:\WINDOWS\system32\comsvcs.dll 2012-12-29 12:35:59 ----A---- C:\WINDOWS\system32\clbcatq.dll 2012-12-29 12:35:55 ----A---- C:\WINDOWS\system32\servdeps.dll 2012-12-29 12:35:54 ----A---- C:\WINDOWS\system32\mmfutil.dll 2012-12-29 12:35:54 ----A---- C:\WINDOWS\system32\licwmi.dll 2012-12-29 12:35:54 ----A---- C:\WINDOWS\system32\cmprops.dll 2012-12-29 12:35:51 ----A---- C:\WINDOWS\system32\drivers\termdd.sys 2012-12-29 12:35:51 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys ======List of files/folders modified in the last 1 month====== 2012-12-29 13:27:41 ----A---- C:\WINDOWS\system.ini 2012-12-29 12:39:20 ----A---- C:\WINDOWS\win.ini 2012-12-29 12:39:07 ----ASH---- C:\WINDOWS\fonts\desktop.ini 2012-12-16 06:23:59 ----A---- C:\WINDOWS\system32\atmfd.dll 2012-12-03 09:40:50 ----A---- C:\WINDOWS\system32\nv4_disp.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2012-08-30 193552] R1 AppleCharger;AppleCharger; C:\WINDOWS\system32\DRIVERS\AppleCharger.sys [2011-11-02 19056] R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys [] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352] R1 MpKslbb24b5ac;MpKslbb24b5ac; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{03167648-FD3C-4EDC-A195-A457655F447E}\MpKslbb24b5ac.sys [] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [] R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [] R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\WINDOWS\System32\Drivers\EtronHub3.sys [2011-08-17 45056] R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\WINDOWS\System32\Drivers\EtronXHCI.sys [2011-08-17 64896] R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384] R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-11-22 6452328] R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [] R3 MEI;Intel® Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2010-09-21 41088] R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-12-03 11053992] R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2012-07-03 124264] R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2011-08-24 323816] S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-17 1691480] S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys [] S3 GENERICDRV;GENERICDRV; \??\C:\Program Files\GIGABYTE\ET6\amifldrv32.sys [] S3 GVTDrv;GVTDrv; \??\C:\WINDOWS\system32\Drivers\GVTDrv.sys [] S3 mbamchameleon;mbamchameleon; \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys [] S3 mbr;mbr; \??\C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\mbr.sys [] S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-17 1395800] S3 ndiscm;Motorola SURFboard USB Cable Modem Windows Driver; C:\WINDOWS\system32\DRIVERS\NetMotCM.sys [] S3 usbstor;usbstor; C:\WINDOWS\system32\drivers\usbstor.sys [2008-04-13 26368] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-10-05 325656] R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344] R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 20472] R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-11-30 164712] R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-03 1259880] R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-05 2655768] R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-12-31 711112] S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-31 116648] S2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-31 250808] S3 AppleChargerSrv;AppleChargerSrv; C:\WINDOWS\system32\AppleChargerSrv.exe [2010-04-06 31272] S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312] S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632] S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104] S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-31 116648] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632] S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-11-29 115168] S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096] -----------------EOF-----------------
- January 1, 2013
- 79 replies
Outgoing Malicious IP Blocks. Suspect Infection

MicQsenoch replied to MicQsenoch's topic in Resolved Malware Removal Logs

If this system's Windows is by an OEM (manufacturer) did you remove the included 3rd-party antivirus program (if any) {such as Norton or McAfee) after you re-installed Windows? Not to my knowledge. I dont remember doing that at the very least. Step 3 logs info.txt logfile of random's system information tool 1.09 2013-01-01 11:57:11 ======Uninstall list====== @BIOS-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}\Setup.exe" -l0x9 -removeonly -->MsiExec /X{8B922CF8-8A6C-41CE-A858-F1755D7F5D29} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Adobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe -maintain activex Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_135_Plugin.exe -maintain plugin AVG Security Toolbar-->C:\Program Files\AVG Secure Search\UNINSTALL.exe /PROMPT /UNINSTALL Easy Tune 6 B11.1206.1-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{457D7505-D665-4F95-91C3-ECB8C56E9ACA} Enable S3 for USB Device-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Gigabyte\Enable S3 for USB Device\Uninst.isu" ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe" Etron USB3.0 Host Controller-->MsiExec.exe /I{DFBB738C-71D8-4DC5-B8D2-D65C37680E27} Google Chrome-->"C:\Program Files\Google\Chrome\Application\23.0.1271.97\Installer\setup.exe" --uninstall --multi-install --chrome --system-level Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT="" Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT="" Hotfix for Windows XP (KB2779562)-->"C:\WINDOWS\$NtUninstallKB2779562$\spuninst\spuninst.exe" Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe" Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe" Intel® Management Engine Components-->C:\Program Files\Intel\Intel® Management Engine Components\Uninstall\setup.exe -uninstall Internet Explorer (Enable DEP)-->C:\WINDOWS\system32\sdbinst.exe -u "C:\WINDOWS\AppPatch\Custom\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb" League of Legends-->"C:\Program Files\InstallShield Installation Information\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\setup.exe" -runfromtemp -l0x0409 -removeonly Malwarebytes Anti-Malware version 1.70.0.1100-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} Microsoft Download Manager-->MsiExec.exe /X{654977DB-0001-0002-0001-EABD228DDE8B} Microsoft Security Client-->MsiExec.exe /X{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD} Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /x Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2} Mozilla Firefox 17.0.1 (x86 en-US)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe" MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA} NVIDIA Graphics Driver 310.70-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{6BFD699C-9A30-40A2-A148-4DCA696871B1}\NVI2.DLL",UninstallPackage Display.Driver NVIDIA HD Audio Driver 1.3.18.0-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{6BFD699C-9A30-40A2-A148-4DCA696871B1}\NVI2.DLL",UninstallPackage HDAudio.Driver NVIDIA nView 136.53-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{6BFD699C-9A30-40A2-A148-4DCA696871B1}\NVI2.DLL",UninstallPackage Display.NView NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall NVIDIA PhysX System Software 9.12.1031-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{6BFD699C-9A30-40A2-A148-4DCA696871B1}\NVI2.DLL",UninstallPackage Display.PhysX NVIDIA PhysX-->MsiExec.exe /I{8B922CF8-8A6C-41CE-A858-F1755D7F5D29} NVIDIA Update 1.11.3-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{6BFD699C-9A30-40A2-A148-4DCA696871B1}\NVI2.DLL",UninstallPackage Display.Update ON_OFF Charge B11.1102.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DECD372-76A1-4483-BF10-B547790A3261}\setup.exe" -l0x9 -removeonly Pando Media Booster-->C:\Program Files\Pando Networks\Media Booster\uninst.exe REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\Setup.Exe -runfromtemp -removeonly Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x9 -removeonly Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {94EFE014-E577-310B-B2D5-6973A21D8A90} /qb+ REBOOTPROMPT="" Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT="" Security Update for Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB2761465)-->"C:\WINDOWS\ie8updates\KB2761465-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe" Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9L$\spuninst\spuninst.exe" Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe" Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe" Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe" Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe" Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe" Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe" Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe" Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe" Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe" Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe" Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe" Security Update for Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe" Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe" Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe" Security Update for Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe" Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe" Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe" Security Update for Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe" Security Update for Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe" Security Update for Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe" Security Update for Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe" Security Update for Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe" Security Update for Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe" Security Update for Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe" Security Update for Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe" Security Update for Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe" Security Update for Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe" Security Update for Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe" Security Update for Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe" Security Update for Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe" Security Update for Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe" Security Update for Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe" Security Update for Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe" Security Update for Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe" Security Update for Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe" Security Update for Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe" Security Update for Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe" Security Update for Windows XP (KB2655992)-->"C:\WINDOWS\$NtUninstallKB2655992$\spuninst\spuninst.exe" Security Update for Windows XP (KB2659262)-->"C:\WINDOWS\$NtUninstallKB2659262$\spuninst\spuninst.exe" Security Update for Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe" Security Update for Windows XP (KB2676562)-->"C:\WINDOWS\$NtUninstallKB2676562$\spuninst\spuninst.exe" Security Update for Windows XP (KB2686509)-->"C:\WINDOWS\$NtUninstallKB2686509$\spuninst\spuninst.exe" Security Update for Windows XP (KB2691442)-->"C:\WINDOWS\$NtUninstallKB2691442$\spuninst\spuninst.exe" Security Update for Windows XP (KB2698365)-->"C:\WINDOWS\$NtUninstallKB2698365$\spuninst\spuninst.exe" Security Update for Windows XP (KB2705219-v2)-->"C:\WINDOWS\$NtUninstallKB2705219-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB2712808)-->"C:\WINDOWS\$NtUninstallKB2712808$\spuninst\spuninst.exe" Security Update for Windows XP (KB2719985)-->"C:\WINDOWS\$NtUninstallKB2719985$\spuninst\spuninst.exe" Security Update for Windows XP (KB2723135-v2)-->"C:\WINDOWS\$NtUninstallKB2723135-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB2724197)-->"C:\WINDOWS\$NtUninstallKB2724197$\spuninst\spuninst.exe" Security Update for Windows XP (KB2727528)-->"C:\WINDOWS\$NtUninstallKB2727528$\spuninst\spuninst.exe" Security Update for Windows XP (KB2753842-v2)-->"C:\WINDOWS\$NtUninstallKB2753842-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB2758857)-->"C:\WINDOWS\$NtUninstallKB2758857$\spuninst\spuninst.exe" Security Update for Windows XP (KB2770660)-->"C:\WINDOWS\$NtUninstallKB2770660$\spuninst\spuninst.exe" Security Update for Windows XP (KB2779030)-->"C:\WINDOWS\$NtUninstallKB2779030$\spuninst\spuninst.exe" Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe" Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe" Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe" Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe" Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe" Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe" Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe" Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe" Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe" Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe" SUPERAntiSpyware-->"C:\Program Files\SUPERAntiSpyware\Uninstall.exe" Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT="" Update for Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe" Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe" Update for Windows XP (KB2661254-v2)-->"C:\WINDOWS\$NtUninstallKB2661254-v2$\spuninst\spuninst.exe" Update for Windows XP (KB2736233)-->"C:\WINDOWS\$NtUninstallKB2736233$\spuninst\spuninst.exe" Update for Windows XP (KB2749655)-->"C:\WINDOWS\$NtUninstallKB2749655$\spuninst\spuninst.exe" Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe" Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe" Windows PowerShell 1.0-->"C:\WINDOWS\$NtUninstallKB926139-v2$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" ======Security center information====== AV: Microsoft Security Essentials ======System event log====== Computer Name: DEEZGOOD-D8793A Event Code: 7023 Message: The Application Management service terminated with the following error: The specified module could not be found. Record Number: 877 Source Name: Service Control Manager Time Written: 20121230142407.000000-360 Event Type: error User: Computer Name: DEEZGOOD-D8793A Event Code: 7023 Message: The Application Management service terminated with the following error: The specified module could not be found. Record Number: 874 Source Name: Service Control Manager Time Written: 20121230142407.000000-360 Event Type: error User: Computer Name: DEEZGOOD-D8793A Event Code: 7023 Message: The Application Management service terminated with the following error: The specified module could not be found. Record Number: 871 Source Name: Service Control Manager Time Written: 20121230142407.000000-360 Event Type: error User: Computer Name: DEEZGOOD-D8793A Event Code: 4226 Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts. Record Number: 827 Source Name: Tcpip Time Written: 20121230141129.000000-360 Event Type: warning User: Computer Name: DEEZGOOD-D8793A Event Code: 20 Message: Printer Driver Microsoft XPS Document Writer for Windows NT x86 Version-3 was added or updated. Files:- (null). Record Number: 753 Source Name: Print Time Written: 20121230124707.000000-360 Event Type: warning User: NT AUTHORITY\SYSTEM =====Application event log===== Computer Name: DEEZGOOD-D8793A Event Code: 5000 Message: Record Number: 193 Source Name: Microsoft Security Client Time Written: 20121230120438.000000-360 Event Type: error User: Computer Name: DEEZGOOD-D8793A Event Code: 5000 Message: EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 4.1.522.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL. Record Number: 190 Source Name: MPSampleSubmission Time Written: 20121230120236.000000-360 Event Type: error User: Computer Name: DEEZGOOD-D8793A Event Code: 1000 Message: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module kernel32.dll, version 5.1.2600.2180, fault address 0x0000a2c8. Record Number: 183 Source Name: Application Error Time Written: 20121230120127.000000-360 Event Type: error User: Computer Name: DEEZGOOD-D8793A Event Code: 1000 Message: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module kernel32.dll, version 5.1.2600.2180, fault address 0x0000a2c8. Record Number: 178 Source Name: Application Error Time Written: 20121230120000.000000-360 Event Type: error User: Computer Name: DEEZGOOD-D8793A Event Code: 1000 Message: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module kernel32.dll, version 5.1.2600.2180, fault address 0x0000a2c8. Record Number: 176 Source Name: Application Error Time Written: 20121230115930.000000-360 Event Type: error User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\WINDOWS\system32\WindowsPowerShell\v1.0 "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=6 "PROCESSOR_IDENTIFIER"=x86 Family 6 Model 42 Stepping 7, GenuineIntel "PROCESSOR_REVISION"=2a07 "NUMBER_OF_PROCESSORS"=4 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1 "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP -----------------EOF-----------------
- January 1, 2013
- 79 replies
Outgoing Malicious IP Blocks. Suspect Infection

MicQsenoch replied to MicQsenoch's topic in Resolved Malware Removal Logs

. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows XP Home Edition Boot Device: \Device\HarddiskVolume1 Install Date: 12/29/2012 12:40:25 PM System Uptime: 1/1/2013 9:47:04 AM (1 hours ago) . Motherboard: Gigabyte Tecohnology Co., Ltd. | | H61MA-D3V Processor: Intel Pentium III Xeon processor | Intel® Core i3-2100 CPU @ 3.10GHz | 3092/100mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 69 GiB total, 48.584 GiB free. D: is CDROM (CDFS) . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP1: 12/29/2012 12:42:01 PM - System Checkpoint RP2: 12/30/2012 9:36:18 AM - Installed Windows Installer KB893803v2. RP3: 12/30/2012 9:37:21 AM - Installed Windows XP WIC. RP4: 12/30/2012 9:38:02 AM - Installed Windows KB954550-v5. RP5: 12/30/2012 9:38:05 AM - Printer Driver Microsoft XPS Document Writer Installed RP6: 12/30/2012 9:38:09 AM - Printer Driver Microsoft XPS Document Writer Installed RP7: 12/30/2012 9:39:44 AM - Installed Realtek High Definition Audio Driver RP8: 12/30/2012 9:40:16 AM - Installed REALTEK GbE & FE Ethernet PCI-E NIC Driver RP9: 12/30/2012 11:02:58 AM - Installed Microsoft Download Manager RP10: 12/30/2012 11:03:20 AM - Installed Windows XP KB932823-v3. RP11: 12/30/2012 11:33:44 AM - Installed Windows Internet Explorer 8. RP12: 12/30/2012 11:48:08 AM - Installed Microsoft Fix it 50597 RP13: 12/30/2012 11:48:40 AM - Installed Microsoft Fix it 50597 RP14: 12/30/2012 11:50:44 AM - Software Distribution Service 3.0 RP15: 12/30/2012 11:54:31 AM - Installed Windows XP KB914882. RP16: 12/30/2012 12:04:14 PM - Software Distribution Service 3.0 RP17: 12/30/2012 12:17:02 PM - Software Distribution Service 3.0 RP18: 12/30/2012 12:33:28 PM - Software Distribution Service 3.0 RP19: 12/30/2012 12:49:47 PM - Installed %1 %2. RP20: 12/30/2012 1:33:50 PM - Malwarebytes Anti-Rootkit Restore Point RP21: 12/30/2012 2:15:08 PM - Update to an unsigned driver RP22: 12/30/2012 3:13:04 PM - Installed League of Legends RP23: 12/30/2012 3:48:58 PM - Software Distribution Service 3.0 RP24: 12/31/2012 6:14:41 PM - Software Distribution Service 3.0 . ==== Installed Programs ====================== . @BIOS Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin AVG Security Toolbar Easy Tune 6 B11.1206.1 Enable S3 for USB Device Etron USB3.0 Host Controller Google Chrome Google Update Helper High Definition Audio Driver Package - KB888111 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows XP (KB2779562) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB981793) Intel® Management Engine Components Internet Explorer (Enable DEP) League of Legends Malwarebytes Anti-Malware version 1.70.0.1100 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Application Error Reporting Microsoft Download Manager Microsoft Security Client Microsoft Security Essentials Microsoft Security Essentials Packages Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Mozilla Firefox 17.0.1 (x86 en-US) Mozilla Maintenance Service MSXML 6 Service Pack 2 (KB973686) NVIDIA Control Panel 310.70 NVIDIA Graphics Driver 310.70 NVIDIA HD Audio Driver 1.3.18.0 NVIDIA Install Application NVIDIA nView 136.53 NVIDIA nView Desktop Manager NVIDIA PhysX NVIDIA PhysX System Software 9.12.1031 NVIDIA Update 1.11.3 NVIDIA Update Components ON_OFF Charge B11.1102.1 Pando Media Booster REALTEK GbE & FE Ethernet PCI-E NIC Driver Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2761465) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player (KB979402) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219-v2) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135-v2) Security Update for Windows XP (KB2724197) Security Update for Windows XP (KB2727528) Security Update for Windows XP (KB2753842-v2) Security Update for Windows XP (KB2758857) Security Update for Windows XP (KB2770660) Security Update for Windows XP (KB2779030) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982665) SUPERAntiSpyware Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Windows Internet Explorer 8 (KB976662) Update for Windows XP (KB2345886) Update for Windows XP (KB2661254-v2) Update for Windows XP (KB2736233) Update for Windows XP (KB2749655) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB973687) Update for Windows XP (KB973815) WebFldrs XP Windows Genuine Advantage Validation Tool (KB892130) Windows Imaging Component Windows Internet Explorer 8 Windows PowerShell 1.0 Windows XP Service Pack 3 . ==== Event Viewer Messages From Past Week ======== . 12/30/2012 2:24:20 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found. 1/1/2013 9:46:43 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied. . ==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 Run by Michael Senff at 10:20:39 on 2013-01-01 Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3564.2796 [GMT -6:00] . AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} . ============== Running Processes ================ . c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\AVG Secure Search\vprot.exe C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Pando Networks\Media Booster\PMB.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService . ============== Pseudo HJT Report =============== . uStart Page = hxxps://isearch.avg.com/?cid={E63FE547-FCA7-4CEE-A237-B076D05B947B}&mid=〈=&ds=&pr=&d=&v=&sap=hp BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file> TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe mRun: [RTHDCPL] RTHDCPL.EXE mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [vProt] "c:\program files\avg secure search\vprot.exe" mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet mRunOnce: [Z1] c:\documents and settings\michael senff\desktop\mbar\mbar.exe /cleanup /s uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1356889151328 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1356889323531 DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} - hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\13.2.0\ViProtocol.dll SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\michael senff\application data\mozilla\firefox\profiles\8v50ytho.default\ FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\13.2.0\npsitesafety.dll FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll FF - plugin: c:\windows\npMSDM.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll FF - ExtSQL: 2012-12-30 12:22; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension FF - ExtSQL: 2012-12-31 18:03; avg@toolbar; c:\documents and settings\all users\application data\avg secure search\firefoxext\13.2.0.5 . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552] R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [2012-12-30 19056] R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-12-31 26984] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664] R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608] R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-12-30 398184] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-12-30 682344] R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\intel\intel® management engine components\uns\UNS.exe [2012-12-30 2655768] R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\ToolbarUpdater.exe [2012-12-31 711112] R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\drivers\EtronHub3.sys [2011-8-17 45056] R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\drivers\EtronXHCI.sys [2011-8-17 64896] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-30 21104] R3 MEI;Intel® Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2012-12-30 41088] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2012-12-30 1691480] S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?] S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [2012-12-30 24944] S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-1-1 35144] . =============== Created Last 30 ================ . 2013-01-01 15:43:27 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2013-01-01 00:14:44 6812136 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{03167648-fd3c-4edc-a195-a457655f447e}\mpengine.dll 2013-01-01 00:12:22 -------- d-----w- c:\documents and settings\michael senff\application data\AVG Secure Search 2013-01-01 00:11:27 884072 ----a-w- c:\windows\system32\nvhdagenco3220103.dll 2013-01-01 00:11:25 889192 ----a-w- c:\windows\system32\nvdispgenco32.dll 2013-01-01 00:11:25 5955584 ----a-w- c:\windows\system32\nvopencl.dll 2013-01-01 00:11:25 1011048 ----a-w- c:\windows\system32\nvdispco32.dll 2013-01-01 00:03:54 -------- d-----w- c:\documents and settings\michael senff\local settings\application data\AVG Secure Search 2013-01-01 00:03:49 -------- d-----w- c:\documents and settings\all users\application data\AVG Secure Search 2013-01-01 00:03:47 -------- d-----w- c:\windows\system32\cache 2013-01-01 00:03:45 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2012-12-30 22:21:30 -------- d-----w- c:\documents and settings\michael senff\application data\LolClient 2012-12-30 21:19:57 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll 2012-12-30 21:19:57 509448 ----a-w- c:\windows\system32\XAudio2_2.dll 2012-12-30 21:19:57 467984 ----a-w- c:\windows\system32\d3dx10_39.dll 2012-12-30 21:19:57 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll 2012-12-30 21:19:56 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll 2012-12-30 21:19:53 -------- d-----w- c:\windows\Logs 2012-12-30 21:14:59 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll 2012-12-30 21:13:05 -------- d-----w- C:\Riot Games 2012-12-30 20:35:56 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll 2012-12-30 20:35:56 3072 ------w- c:\windows\system32\iacenc.dll 2012-12-30 20:30:28 -------- d-----w- c:\documents and settings\michael senff\local settings\application data\PMB Files 2012-12-30 20:30:26 -------- d-----w- c:\documents and settings\all users\application data\PMB Files 2012-12-30 20:30:18 -------- d-----w- c:\program files\Pando Networks 2012-12-30 20:30:15 275696 ----a-w- c:\windows\system32\mucltui.dll 2012-12-30 20:30:15 17136 ----a-w- c:\windows\system32\mucltui.dll.mui 2012-12-30 20:30:13 -------- d-----w- c:\documents and settings\michael senff\.swt 2012-12-30 20:27:23 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-12-30 20:27:23 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-12-30 20:25:39 -------- d-----w- c:\documents and settings\michael senff\application data\MSNInstaller 2012-12-30 20:16:47 -------- d-----w- c:\documents and settings\all users\application data\NVIDIA Corporation 2012-12-30 20:15:13 1070792 ----a-w- c:\windows\system32\nvdrsdb1.bin 2012-12-30 20:15:13 1070792 ----a-w- c:\windows\system32\nvdrsdb0.bin 2012-12-30 20:15:13 1 ----a-w- c:\windows\system32\nvdrssel.bin 2012-12-30 20:13:51 -------- d-----w- C:\NVIDIA 2012-12-30 20:12:27 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll 2012-12-30 20:12:25 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll 2012-12-30 20:12:24 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll 2012-12-30 20:12:22 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe 2012-12-30 20:12:19 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe 2012-12-30 20:12:15 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe 2012-12-30 20:12:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys 2012-12-30 20:12:10 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys 2012-12-30 20:12:06 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys 2012-12-30 20:12:05 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys 2012-12-30 20:12:04 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll 2012-12-30 20:11:43 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys 2012-12-30 20:11:39 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys 2012-12-30 20:11:36 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys 2012-12-30 20:11:19 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys 2012-12-30 20:11:14 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll 2012-12-30 20:11:12 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll 2012-12-30 20:11:07 701386 -c--a-w- c:\windows\system32\dllcache\wdhaalba.sys 2012-12-30 20:11:06 23615 -c--a-w- c:\windows\system32\dllcache\wch7xxnt.sys 2012-12-30 20:11:05 31744 -c--a-w- c:\windows\system32\dllcache\wceusbsh.sys 2012-12-30 20:11:03 35871 -c--a-w- c:\windows\system32\dllcache\wbfirdma.sys 2012-12-30 20:11:00 33599 -c--a-w- c:\windows\system32\dllcache\watv04nt.sys 2012-12-30 20:09:59 94720 -c--a-w- c:\windows\system32\dllcache\umaxud32.dll 2012-12-30 20:08:58 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys 2012-12-30 20:07:59 285760 -c--a-w- c:\windows\system32\dllcache\stlnata.sys 2012-12-30 20:06:58 45568 -c--a-w- c:\windows\system32\dllcache\smb3w.dll 2012-12-30 20:05:59 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll 2012-12-30 20:04:59 79872 -c--a-w- c:\windows\system32\dllcache\rwia430.dll 2012-12-30 20:03:59 112574 -c--a-w- c:\windows\system32\dllcache\ptserlp.sys 2012-12-30 20:02:55 41984 -c--a-w- c:\windows\system32\dllcache\ovui2rc.dll 2012-12-30 20:01:59 198144 -c--a-w- c:\windows\system32\dllcache\nv3.sys 2012-12-30 20:00:59 33088 -c--a-w- c:\windows\system32\dllcache\n9i128v2.sys 2012-12-30 19:59:58 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys 2012-12-30 19:58:57 70730 -c--a-w- c:\windows\system32\dllcache\lne100tx.sys 2012-12-30 19:57:58 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys 2012-12-30 19:56:58 58592 -c--a-w- c:\windows\system32\dllcache\i740nt5.sys 2012-12-30 19:55:59 119296 -c--a-w- c:\windows\system32\dllcache\hpdigwia.dll 2012-12-30 19:54:58 347550 -c--a-w- c:\windows\system32\dllcache\es56tpi.sys 2012-12-30 19:53:59 21606 -c--a-w- c:\windows\system32\dllcache\digiisdn.sys 2012-12-30 19:52:57 248064 -c--a-w- c:\windows\system32\dllcache\cl546xm.sys 2012-12-30 19:51:57 9472 -c--a-w- c:\windows\system32\dllcache\ativmdcd.sys 2012-12-30 19:50:59 747392 -c--a-w- c:\windows\system32\dllcache\adm8830.sys 2012-12-30 19:01:49 -------- d-----w- c:\documents and settings\michael senff\local settings\application data\Google 2012-12-30 19:01:47 -------- d-----w- c:\documents and settings\michael senff\application data\SUPERAntiSpyware.com 2012-12-30 19:01:40 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-12-30 19:01:40 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com 2012-12-30 18:58:35 -------- d-----w- c:\documents and settings\michael senff\application data\Malwarebytes 2012-12-30 18:58:24 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2012-12-30 18:58:23 21104 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-12-30 18:58:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-12-30 18:50:41 -------- d-----w- c:\documents and settings\michael senff\application data\ElevatedDiagnostics 2012-12-30 18:40:53 -------- d-----w- c:\windows\system32\scripting 2012-12-30 18:40:53 -------- d-----w- c:\windows\system32\en 2012-12-30 18:40:53 -------- d-----w- c:\windows\system32\bits 2012-12-30 18:40:53 -------- d-----w- c:\windows\l2schemas 2012-12-30 18:38:40 -------- d-----w- c:\windows\network diagnostic 2012-12-30 18:36:49 -------- d-----w- c:\windows\EHome 2012-12-30 18:20:40 -------- d-----w- c:\windows\ServicePackFiles 2012-12-30 18:19:05 -------- d-----w- c:\windows\ie8updates 2012-12-30 18:14:25 73216 -c--a-w- c:\windows\system32\dllcache\atintuxx.sys 2012-12-30 18:07:36 272128 -c--a-w- c:\windows\system32\dllcache\bthport.sys 2012-12-30 18:07:36 272128 ------w- c:\windows\system32\drivers\bthport.sys 2012-12-30 18:06:34 630272 -c----w- c:\windows\system32\dllcache\msfeeds.dll 2012-12-30 18:06:34 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll 2012-12-30 18:06:34 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll 2012-12-30 18:06:33 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll 2012-12-30 18:06:33 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll 2012-12-30 18:06:32 2000384 -c----w- c:\windows\system32\dllcache\iertutil.dll 2012-12-30 18:06:31 11111424 -c----w- c:\windows\system32\dllcache\ieframe.dll 2012-12-30 18:06:25 2192896 -c--a-w- c:\windows\system32\dllcache\ntoskrnl.exe 2012-12-30 18:04:22 6812136 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2012-12-30 18:04:14 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-12-30 18:03:25 689152 -c--a-w- c:\windows\system32\dllcache\xpsp3res.dll 2012-12-30 18:03:25 5120 ----a-w- c:\windows\system32\xpsp4res.dll 2012-12-30 18:02:08 -------- d-----w- c:\program files\Microsoft Security Client 2012-12-30 17:56:32 -------- d-----w- c:\documents and settings\michael senff\application data\MicrosoftSecurityEssentialsPackages 2012-12-30 17:50:51 -------- d-----w- c:\windows\system32\PreInstall 2012-12-30 17:43:58 22040 ----a-w- c:\windows\system32\wucltui.dll.mui 2012-12-30 17:43:57 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui 2012-12-30 17:43:57 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-12-30 17:43:57 15384 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-12-30 17:43:57 -------- d-----w- c:\windows\system32\SoftwareDistribution 2012-12-30 17:35:44 -------- d-sh--w- c:\documents and settings\michael senff\PrivacIE 2012-12-30 17:34:49 -------- d-sh--w- c:\documents and settings\michael senff\IETldCache 2012-12-30 17:33:18 -------- dc-h--w- c:\windows\ie8 2012-12-30 17:29:24 -------- d-sh--w- c:\documents and settings\michael senff\UserData 2012-12-30 17:28:10 17488 ----a-w- c:\windows\gdrv.sys 2012-12-30 17:27:40 -------- d-----w- c:\program files\common files\AVG Secure Search 2012-12-30 17:27:39 -------- d-----w- c:\program files\AVG Secure Search 2012-12-30 17:03:14 -------- d--h--w- c:\windows\$hf_mig$ 2012-12-30 17:02:59 -------- d-----w- c:\program files\Microsoft Download Manager 2012-12-30 15:45:24 -------- d-----w- c:\windows\system32\Lang 2012-12-30 15:43:59 60800 -c--a-w- c:\windows\system32\dllcache\sysaudio.sys 2012-12-30 15:43:59 60800 ----a-w- c:\windows\system32\drivers\sysaudio.sys 2012-12-30 15:43:59 2944 -c--a-w- c:\windows\system32\dllcache\drmkaud.sys 2012-12-30 15:43:59 2944 ----a-w- c:\windows\system32\drivers\drmkaud.sys 2012-12-30 15:43:58 7552 -c--a-w- c:\windows\system32\dllcache\mskssrv.sys 2012-12-30 15:43:58 7552 ----a-w- c:\windows\system32\drivers\mskssrv.sys 2012-12-30 15:43:57 4992 -c--a-w- c:\windows\system32\dllcache\mspqm.sys 2012-12-30 15:43:57 4992 ----a-w- c:\windows\system32\drivers\mspqm.sys 2012-12-30 15:43:56 5376 -c--a-w- c:\windows\system32\dllcache\mspclock.sys 2012-12-30 15:43:56 5376 ----a-w- c:\windows\system32\drivers\mspclock.sys 2012-12-30 15:39:59 21468 ----a-w- c:\windows\system32\drivers\RTAIODAT.DAT 2012-12-30 15:38:58 53248 ----a-r- c:\windows\system32\CSVer.dll 2012-12-30 15:37:19 26144 ----a-w- c:\windows\system32\spupdsvc.exe 2012-12-30 15:37:16 -------- d-----w- c:\program files\MSXML 6.0 2012-12-30 15:35:44 207400 ----a-r- c:\windows\GSetup.exe . ==================== Find3M ==================== . 2012-12-30 22:17:18 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys 2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll 2012-12-03 15:40:50 7606272 ----a-w- c:\windows\system32\nvcuda.dll 2012-12-03 15:40:50 4153600 ----a-w- c:\windows\system32\nv4_disp.dll 2012-12-03 15:40:50 2611560 ----a-w- c:\windows\system32\nvcuvid.dll 2012-12-03 15:40:50 2441728 ----a-w- c:\windows\system32\nvapi.dll 2012-12-03 15:40:50 19460096 ----a-w- c:\windows\system32\nvoglnt.dll 2012-12-03 15:40:50 1874280 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-12-03 15:40:50 17551360 ----a-w- c:\windows\system32\nvcompiler.dll 2012-12-03 15:40:50 11053992 ----a-w- c:\windows\system32\drivers\nv4_mini.sys 2012-12-01 04:53:45 15524712 ----a-w- c:\windows\system32\nvcpl.dll 2012-12-01 04:53:44 164712 ----a-w- c:\windows\system32\nvsvc32.exe 2012-12-01 04:53:43 143720 ----a-w- c:\windows\system32\nvcolor.exe 2012-12-01 04:53:43 108392 ----a-w- c:\windows\system32\nvmctray.dll 2012-12-01 04:52:17 54272 ----a-w- c:\windows\system32\nvwddi.dll 2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys 2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll 2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll 2012-11-01 12:17:54 43520 ----a-w- c:\windows\system32\licmgr10.dll 2012-11-01 12:17:54 1469440 ----a-w- c:\windows\system32\inetcpl.cpl 2012-11-01 00:35:34 385024 ----a-w- c:\windows\system32\html.iec . ============= FINISH: 10:21:37.90 ===============
- January 1, 2013
- 79 replies
Outgoing Malicious IP Blocks. Suspect Infection

MicQsenoch posted a topic in Resolved Malware Removal Logs

I just went through a recent Ransomware attack. The only thing i really do on this computer is play games and sruf the web, so i decided to reformat. Upon reinstalling the basics and Malwarebytes, I started recieving frequent outgoing Malicous IP blocks. Help Appreciated
- January 1, 2013
- 79 replies

Events

Profiles

Forums

Everything posted by MicQsenoch

Important Information