Jump to content

Outgoing Malicious IP Blocks. Suspect Infection


Recommended Posts

  • Replies 79
  • Created
  • Last Reply

Top Posters In This Topic

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume1

Install Date: 12/29/2012 12:40:25 PM

System Uptime: 1/1/2013 9:47:04 AM (1 hours ago)

.

Motherboard: Gigabyte Tecohnology Co., Ltd. | | H61MA-D3V

Processor: Intel Pentium III Xeon processor | Intel® Core i3-2100 CPU @ 3.10GHz | 3092/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 69 GiB total, 48.584 GiB free.

D: is CDROM (CDFS)

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP1: 12/29/2012 12:42:01 PM - System Checkpoint

RP2: 12/30/2012 9:36:18 AM - Installed Windows Installer KB893803v2.

RP3: 12/30/2012 9:37:21 AM - Installed Windows XP WIC.

RP4: 12/30/2012 9:38:02 AM - Installed Windows KB954550-v5.

RP5: 12/30/2012 9:38:05 AM - Printer Driver Microsoft XPS Document Writer Installed

RP6: 12/30/2012 9:38:09 AM - Printer Driver Microsoft XPS Document Writer Installed

RP7: 12/30/2012 9:39:44 AM - Installed Realtek High Definition Audio Driver

RP8: 12/30/2012 9:40:16 AM - Installed REALTEK GbE & FE Ethernet PCI-E NIC Driver

RP9: 12/30/2012 11:02:58 AM - Installed Microsoft Download Manager

RP10: 12/30/2012 11:03:20 AM - Installed Windows XP KB932823-v3.

RP11: 12/30/2012 11:33:44 AM - Installed Windows Internet Explorer 8.

RP12: 12/30/2012 11:48:08 AM - Installed Microsoft Fix it 50597

RP13: 12/30/2012 11:48:40 AM - Installed Microsoft Fix it 50597

RP14: 12/30/2012 11:50:44 AM - Software Distribution Service 3.0

RP15: 12/30/2012 11:54:31 AM - Installed Windows XP KB914882.

RP16: 12/30/2012 12:04:14 PM - Software Distribution Service 3.0

RP17: 12/30/2012 12:17:02 PM - Software Distribution Service 3.0

RP18: 12/30/2012 12:33:28 PM - Software Distribution Service 3.0

RP19: 12/30/2012 12:49:47 PM - Installed %1 %2.

RP20: 12/30/2012 1:33:50 PM - Malwarebytes Anti-Rootkit Restore Point

RP21: 12/30/2012 2:15:08 PM - Update to an unsigned driver

RP22: 12/30/2012 3:13:04 PM - Installed League of Legends

RP23: 12/30/2012 3:48:58 PM - Software Distribution Service 3.0

RP24: 12/31/2012 6:14:41 PM - Software Distribution Service 3.0

.

==== Installed Programs ======================

.

@BIOS

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

AVG Security Toolbar

Easy Tune 6 B11.1206.1

Enable S3 for USB Device

Etron USB3.0 Host Controller

Google Chrome

Google Update Helper

High Definition Audio Driver Package - KB888111

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB2779562)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB981793)

Intel® Management Engine Components

Internet Explorer (Enable DEP)

League of Legends

Malwarebytes Anti-Malware version 1.70.0.1100

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Download Manager

Microsoft Security Client

Microsoft Security Essentials

Microsoft Security Essentials Packages

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Mozilla Firefox 17.0.1 (x86 en-US)

Mozilla Maintenance Service

MSXML 6 Service Pack 2 (KB973686)

NVIDIA Control Panel 310.70

NVIDIA Graphics Driver 310.70

NVIDIA HD Audio Driver 1.3.18.0

NVIDIA Install Application

NVIDIA nView 136.53

NVIDIA nView Desktop Manager

NVIDIA PhysX

NVIDIA PhysX System Software 9.12.1031

NVIDIA Update 1.11.3

NVIDIA Update Components

ON_OFF Charge B11.1102.1

Pando Media Booster

REALTEK GbE & FE Ethernet PCI-E NIC Driver

Realtek High Definition Audio Driver

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2544521)

Security Update for Windows Internet Explorer 8 (KB2761465)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB975558)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player (KB979402)

Security Update for Windows XP (KB2115168)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476490)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2535512)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219-v2)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135-v2)

Security Update for Windows XP (KB2724197)

Security Update for Windows XP (KB2727528)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2779030)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923789)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB970430)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981997)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982665)

SUPERAntiSpyware

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2661254-v2)

Update for Windows XP (KB2736233)

Update for Windows XP (KB2749655)

Update for Windows XP (KB951978)

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB971029)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

WebFldrs XP

Windows Genuine Advantage Validation Tool (KB892130)

Windows Imaging Component

Windows Internet Explorer 8

Windows PowerShell 1.0

Windows XP Service Pack 3

.

==== Event Viewer Messages From Past Week ========

.

12/30/2012 2:24:20 PM, error: Service Control Manager [7023] - The Application Management service terminated with the following error: The specified module could not be found.

1/1/2013 9:46:43 AM, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.

.

==== End Of File ===========================

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702

Run by Michael Senff at 10:20:39 on 2013-01-01

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3564.2796 [GMT -6:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

.

============== Running Processes ================

.

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\AVG Secure Search\vprot.exe

C:\WINDOWS\system32\RunDLL32.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Pando Networks\Media Booster\PMB.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxps://isearch.avg.com/?cid={E63FE547-FCA7-4CEE-A237-B076D05B947B}&mid=〈=&ds=&pr=&d=&v=&sap=hp

BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll

TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>

TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

uRun: [Pando Media Booster] c:\program files\pando networks\media booster\PMB.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

mRun: [vProt] "c:\program files\avg secure search\vprot.exe"

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet

mRunOnce: [Z1] c:\documents and settings\michael senff\desktop\mbar\mbar.exe /cleanup /s

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1356889151328

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1356889323531

DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} - hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\13.2.0\ViProtocol.dll

SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\michael senff\application data\mozilla\firefox\profiles\8v50ytho.default\

FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\13.2.0\npsitesafety.dll

FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll

FF - plugin: c:\windows\npMSDM.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll

FF - ExtSQL: 2012-12-30 12:22; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

FF - ExtSQL: 2012-12-31 18:03; avg@toolbar; c:\documents and settings\all users\application data\avg secure search\firefoxext\13.2.0.5

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2012-8-30 193552]

R1 AppleCharger;AppleCharger;c:\windows\system32\drivers\AppleCharger.sys [2012-12-30 19056]

R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-12-31 26984]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]

R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-12-30 398184]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-12-30 682344]

R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\intel\intel® management engine components\uns\UNS.exe [2012-12-30 2655768]

R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\ToolbarUpdater.exe [2012-12-31 711112]

R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\drivers\EtronHub3.sys [2011-8-17 45056]

R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\drivers\EtronXHCI.sys [2011-8-17 64896]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-30 21104]

R3 MEI;Intel® Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2012-12-30 41088]

S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2012-12-30 1691480]

S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]

S3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [2012-12-30 24944]

S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2013-1-1 35144]

.

=============== Created Last 30 ================

.

2013-01-01 15:43:27 35144 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2013-01-01 00:14:44 6812136 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{03167648-fd3c-4edc-a195-a457655f447e}\mpengine.dll

2013-01-01 00:12:22 -------- d-----w- c:\documents and settings\michael senff\application data\AVG Secure Search

2013-01-01 00:11:27 884072 ----a-w- c:\windows\system32\nvhdagenco3220103.dll

2013-01-01 00:11:25 889192 ----a-w- c:\windows\system32\nvdispgenco32.dll

2013-01-01 00:11:25 5955584 ----a-w- c:\windows\system32\nvopencl.dll

2013-01-01 00:11:25 1011048 ----a-w- c:\windows\system32\nvdispco32.dll

2013-01-01 00:03:54 -------- d-----w- c:\documents and settings\michael senff\local settings\application data\AVG Secure Search

2013-01-01 00:03:49 -------- d-----w- c:\documents and settings\all users\application data\AVG Secure Search

2013-01-01 00:03:47 -------- d-----w- c:\windows\system32\cache

2013-01-01 00:03:45 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys

2012-12-30 22:21:30 -------- d-----w- c:\documents and settings\michael senff\application data\LolClient

2012-12-30 21:19:57 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll

2012-12-30 21:19:57 509448 ----a-w- c:\windows\system32\XAudio2_2.dll

2012-12-30 21:19:57 467984 ----a-w- c:\windows\system32\d3dx10_39.dll

2012-12-30 21:19:57 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll

2012-12-30 21:19:56 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll

2012-12-30 21:19:53 -------- d-----w- c:\windows\Logs

2012-12-30 21:14:59 521728 -c----w- c:\windows\system32\dllcache\jsdbgui.dll

2012-12-30 21:13:05 -------- d-----w- C:\Riot Games

2012-12-30 20:35:56 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll

2012-12-30 20:35:56 3072 ------w- c:\windows\system32\iacenc.dll

2012-12-30 20:30:28 -------- d-----w- c:\documents and settings\michael senff\local settings\application data\PMB Files

2012-12-30 20:30:26 -------- d-----w- c:\documents and settings\all users\application data\PMB Files

2012-12-30 20:30:18 -------- d-----w- c:\program files\Pando Networks

2012-12-30 20:30:15 275696 ----a-w- c:\windows\system32\mucltui.dll

2012-12-30 20:30:15 17136 ----a-w- c:\windows\system32\mucltui.dll.mui

2012-12-30 20:30:13 -------- d-----w- c:\documents and settings\michael senff\.swt

2012-12-30 20:27:23 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-12-30 20:27:23 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-12-30 20:25:39 -------- d-----w- c:\documents and settings\michael senff\application data\MSNInstaller

2012-12-30 20:16:47 -------- d-----w- c:\documents and settings\all users\application data\NVIDIA Corporation

2012-12-30 20:15:13 1070792 ----a-w- c:\windows\system32\nvdrsdb1.bin

2012-12-30 20:15:13 1070792 ----a-w- c:\windows\system32\nvdrsdb0.bin

2012-12-30 20:15:13 1 ----a-w- c:\windows\system32\nvdrssel.bin

2012-12-30 20:13:51 -------- d-----w- C:\NVIDIA

2012-12-30 20:12:27 116224 -c--a-w- c:\windows\system32\dllcache\xrxwiadr.dll

2012-12-30 20:12:25 23040 -c--a-w- c:\windows\system32\dllcache\xrxwbtmp.dll

2012-12-30 20:12:24 18944 -c--a-w- c:\windows\system32\dllcache\xrxscnui.dll

2012-12-30 20:12:22 27648 -c--a-w- c:\windows\system32\dllcache\xrxftplt.exe

2012-12-30 20:12:19 4608 -c--a-w- c:\windows\system32\dllcache\xrxflnch.exe

2012-12-30 20:12:15 99865 -c--a-w- c:\windows\system32\dllcache\xlog.exe

2012-12-30 20:12:11 16970 -c--a-w- c:\windows\system32\dllcache\xem336n5.sys

2012-12-30 20:12:10 19455 -c--a-w- c:\windows\system32\dllcache\wvchntxx.sys

2012-12-30 20:12:06 19200 -c--a-w- c:\windows\system32\dllcache\wstcodec.sys

2012-12-30 20:12:05 12063 -c--a-w- c:\windows\system32\dllcache\wsiintxx.sys

2012-12-30 20:12:04 8192 -c--a-w- c:\windows\system32\dllcache\wshirda.dll

2012-12-30 20:11:43 8832 -c--a-w- c:\windows\system32\dllcache\wmiacpi.sys

2012-12-30 20:11:39 154624 -c--a-w- c:\windows\system32\dllcache\wlluc48.sys

2012-12-30 20:11:36 34890 -c--a-w- c:\windows\system32\dllcache\wlandrv2.sys

2012-12-30 20:11:19 771581 -c--a-w- c:\windows\system32\dllcache\winacisa.sys

2012-12-30 20:11:14 53760 -c--a-w- c:\windows\system32\dllcache\wiamsmud.dll

2012-12-30 20:11:12 87040 -c--a-w- c:\windows\system32\dllcache\wiafbdrv.dll

2012-12-30 20:11:07 701386 -c--a-w- c:\windows\system32\dllcache\wdhaalba.sys

2012-12-30 20:11:06 23615 -c--a-w- c:\windows\system32\dllcache\wch7xxnt.sys

2012-12-30 20:11:05 31744 -c--a-w- c:\windows\system32\dllcache\wceusbsh.sys

2012-12-30 20:11:03 35871 -c--a-w- c:\windows\system32\dllcache\wbfirdma.sys

2012-12-30 20:11:00 33599 -c--a-w- c:\windows\system32\dllcache\watv04nt.sys

2012-12-30 20:09:59 94720 -c--a-w- c:\windows\system32\dllcache\umaxud32.dll

2012-12-30 20:08:58 123995 -c--a-w- c:\windows\system32\dllcache\tjisdn.sys

2012-12-30 20:07:59 285760 -c--a-w- c:\windows\system32\dllcache\stlnata.sys

2012-12-30 20:06:58 45568 -c--a-w- c:\windows\system32\dllcache\smb3w.dll

2012-12-30 20:05:59 386560 -c--a-w- c:\windows\system32\dllcache\sgiul50.dll

2012-12-30 20:04:59 79872 -c--a-w- c:\windows\system32\dllcache\rwia430.dll

2012-12-30 20:03:59 112574 -c--a-w- c:\windows\system32\dllcache\ptserlp.sys

2012-12-30 20:02:55 41984 -c--a-w- c:\windows\system32\dllcache\ovui2rc.dll

2012-12-30 20:01:59 198144 -c--a-w- c:\windows\system32\dllcache\nv3.sys

2012-12-30 20:00:59 33088 -c--a-w- c:\windows\system32\dllcache\n9i128v2.sys

2012-12-30 19:59:58 35200 -c--a-w- c:\windows\system32\dllcache\msgame.sys

2012-12-30 19:58:57 70730 -c--a-w- c:\windows\system32\dllcache\lne100tx.sys

2012-12-30 19:57:58 45632 -c--a-w- c:\windows\system32\dllcache\ip5515.sys

2012-12-30 19:56:58 58592 -c--a-w- c:\windows\system32\dllcache\i740nt5.sys

2012-12-30 19:55:59 119296 -c--a-w- c:\windows\system32\dllcache\hpdigwia.dll

2012-12-30 19:54:58 347550 -c--a-w- c:\windows\system32\dllcache\es56tpi.sys

2012-12-30 19:53:59 21606 -c--a-w- c:\windows\system32\dllcache\digiisdn.sys

2012-12-30 19:52:57 248064 -c--a-w- c:\windows\system32\dllcache\cl546xm.sys

2012-12-30 19:51:57 9472 -c--a-w- c:\windows\system32\dllcache\ativmdcd.sys

2012-12-30 19:50:59 747392 -c--a-w- c:\windows\system32\dllcache\adm8830.sys

2012-12-30 19:01:49 -------- d-----w- c:\documents and settings\michael senff\local settings\application data\Google

2012-12-30 19:01:47 -------- d-----w- c:\documents and settings\michael senff\application data\SUPERAntiSpyware.com

2012-12-30 19:01:40 -------- d-----w- c:\program files\SUPERAntiSpyware

2012-12-30 19:01:40 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com

2012-12-30 18:58:35 -------- d-----w- c:\documents and settings\michael senff\application data\Malwarebytes

2012-12-30 18:58:24 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2012-12-30 18:58:23 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-12-30 18:58:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-12-30 18:50:41 -------- d-----w- c:\documents and settings\michael senff\application data\ElevatedDiagnostics

2012-12-30 18:40:53 -------- d-----w- c:\windows\system32\scripting

2012-12-30 18:40:53 -------- d-----w- c:\windows\system32\en

2012-12-30 18:40:53 -------- d-----w- c:\windows\system32\bits

2012-12-30 18:40:53 -------- d-----w- c:\windows\l2schemas

2012-12-30 18:38:40 -------- d-----w- c:\windows\network diagnostic

2012-12-30 18:36:49 -------- d-----w- c:\windows\EHome

2012-12-30 18:20:40 -------- d-----w- c:\windows\ServicePackFiles

2012-12-30 18:19:05 -------- d-----w- c:\windows\ie8updates

2012-12-30 18:14:25 73216 -c--a-w- c:\windows\system32\dllcache\atintuxx.sys

2012-12-30 18:07:36 272128 -c--a-w- c:\windows\system32\dllcache\bthport.sys

2012-12-30 18:07:36 272128 ------w- c:\windows\system32\drivers\bthport.sys

2012-12-30 18:06:34 630272 -c----w- c:\windows\system32\dllcache\msfeeds.dll

2012-12-30 18:06:34 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll

2012-12-30 18:06:34 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll

2012-12-30 18:06:33 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll

2012-12-30 18:06:33 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll

2012-12-30 18:06:32 2000384 -c----w- c:\windows\system32\dllcache\iertutil.dll

2012-12-30 18:06:31 11111424 -c----w- c:\windows\system32\dllcache\ieframe.dll

2012-12-30 18:06:25 2192896 -c--a-w- c:\windows\system32\dllcache\ntoskrnl.exe

2012-12-30 18:04:22 6812136 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2012-12-30 18:04:14 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-12-30 18:03:25 689152 -c--a-w- c:\windows\system32\dllcache\xpsp3res.dll

2012-12-30 18:03:25 5120 ----a-w- c:\windows\system32\xpsp4res.dll

2012-12-30 18:02:08 -------- d-----w- c:\program files\Microsoft Security Client

2012-12-30 17:56:32 -------- d-----w- c:\documents and settings\michael senff\application data\MicrosoftSecurityEssentialsPackages

2012-12-30 17:50:51 -------- d-----w- c:\windows\system32\PreInstall

2012-12-30 17:43:58 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-12-30 17:43:57 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-12-30 17:43:57 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-12-30 17:43:57 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-12-30 17:43:57 -------- d-----w- c:\windows\system32\SoftwareDistribution

2012-12-30 17:35:44 -------- d-sh--w- c:\documents and settings\michael senff\PrivacIE

2012-12-30 17:34:49 -------- d-sh--w- c:\documents and settings\michael senff\IETldCache

2012-12-30 17:33:18 -------- dc-h--w- c:\windows\ie8

2012-12-30 17:29:24 -------- d-sh--w- c:\documents and settings\michael senff\UserData

2012-12-30 17:28:10 17488 ----a-w- c:\windows\gdrv.sys

2012-12-30 17:27:40 -------- d-----w- c:\program files\common files\AVG Secure Search

2012-12-30 17:27:39 -------- d-----w- c:\program files\AVG Secure Search

2012-12-30 17:03:14 -------- d--h--w- c:\windows\$hf_mig$

2012-12-30 17:02:59 -------- d-----w- c:\program files\Microsoft Download Manager

2012-12-30 15:45:24 -------- d-----w- c:\windows\system32\Lang

2012-12-30 15:43:59 60800 -c--a-w- c:\windows\system32\dllcache\sysaudio.sys

2012-12-30 15:43:59 60800 ----a-w- c:\windows\system32\drivers\sysaudio.sys

2012-12-30 15:43:59 2944 -c--a-w- c:\windows\system32\dllcache\drmkaud.sys

2012-12-30 15:43:59 2944 ----a-w- c:\windows\system32\drivers\drmkaud.sys

2012-12-30 15:43:58 7552 -c--a-w- c:\windows\system32\dllcache\mskssrv.sys

2012-12-30 15:43:58 7552 ----a-w- c:\windows\system32\drivers\mskssrv.sys

2012-12-30 15:43:57 4992 -c--a-w- c:\windows\system32\dllcache\mspqm.sys

2012-12-30 15:43:57 4992 ----a-w- c:\windows\system32\drivers\mspqm.sys

2012-12-30 15:43:56 5376 -c--a-w- c:\windows\system32\dllcache\mspclock.sys

2012-12-30 15:43:56 5376 ----a-w- c:\windows\system32\drivers\mspclock.sys

2012-12-30 15:39:59 21468 ----a-w- c:\windows\system32\drivers\RTAIODAT.DAT

2012-12-30 15:38:58 53248 ----a-r- c:\windows\system32\CSVer.dll

2012-12-30 15:37:19 26144 ----a-w- c:\windows\system32\spupdsvc.exe

2012-12-30 15:37:16 -------- d-----w- c:\program files\MSXML 6.0

2012-12-30 15:35:44 207400 ----a-r- c:\windows\GSetup.exe

.

==================== Find3M ====================

.

2012-12-30 22:17:18 24944 ----a-w- c:\windows\system32\drivers\GVTDrv.sys

2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll

2012-12-03 15:40:50 7606272 ----a-w- c:\windows\system32\nvcuda.dll

2012-12-03 15:40:50 4153600 ----a-w- c:\windows\system32\nv4_disp.dll

2012-12-03 15:40:50 2611560 ----a-w- c:\windows\system32\nvcuvid.dll

2012-12-03 15:40:50 2441728 ----a-w- c:\windows\system32\nvapi.dll

2012-12-03 15:40:50 19460096 ----a-w- c:\windows\system32\nvoglnt.dll

2012-12-03 15:40:50 1874280 ----a-w- c:\windows\system32\nvcuvenc.dll

2012-12-03 15:40:50 17551360 ----a-w- c:\windows\system32\nvcompiler.dll

2012-12-03 15:40:50 11053992 ----a-w- c:\windows\system32\drivers\nv4_mini.sys

2012-12-01 04:53:45 15524712 ----a-w- c:\windows\system32\nvcpl.dll

2012-12-01 04:53:44 164712 ----a-w- c:\windows\system32\nvsvc32.exe

2012-12-01 04:53:43 143720 ----a-w- c:\windows\system32\nvcolor.exe

2012-12-01 04:53:43 108392 ----a-w- c:\windows\system32\nvmctray.dll

2012-12-01 04:52:17 54272 ----a-w- c:\windows\system32\nvwddi.dll

2012-11-13 01:25:12 1866368 ----a-w- c:\windows\system32\win32k.sys

2012-11-02 02:02:42 375296 ----a-w- c:\windows\system32\dpnet.dll

2012-11-01 12:17:54 916992 ----a-w- c:\windows\system32\wininet.dll

2012-11-01 12:17:54 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-11-01 12:17:54 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2012-11-01 00:35:34 385024 ----a-w- c:\windows\system32\html.iec

.

============= FINISH: 10:21:37.90 ===============

Link to post
Share on other sites

Hello MicQ,

If this system's Windows is by an OEM (manufacturer) did you remove the included 3rd-party antivirus program (if any) {such as Norton or McAfee) after you re-installed Windows?

Step 1

1. Go >> Here << and download ERUNT

(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)

2. Install ERUNT by following the prompts

(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)

3. Start ERUNT

(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)

4. Choose a location for the backup

(the default location is C:\WINDOWS\ERDNT which is acceptable).

5. Make sure that at least the first two check boxes are ticked

6. Press OK

7. Press YES to create the folder.

Step 2

Set Windows to show all files and all folders.

On your Desktop, double click My Computer, from the menu options, select tools, then Folder Options, and then select VIEW Tab and look at all of settings listed.

"CHECK" (turn on) Display the contents of system folders.

Under column, Hidden files and folders----choose ( *select* ) Show hidden files and folders.

Next, un-check Hide extensions for known file types.

Next un-check Hide protected operating system files.

Step 3

Download Random's System Information Tool (RSIT) by random/random from here and save it to your desktop.

  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Step 4

Download Security Check by screen317 and save it to your Desktop: here or here

  • Run Security Check
  • Follow the onscreen instructions inside of the command window.
  • A Notepad document should open automatically called checkup.txt; close Notepad. We will need this log, too, so remember where you've saved it!

Step 5
Close all open browsers at this point.
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall
Start Internet Explorer
Using Internet Explorer browser only, go to BitDefender Quickscan website:
http://quickscan.bitdefender.com
and click "Start Scan".
Observe your browser in case it shows a notice/message bar to allow download and installation of a tool.
Allow the download and install of qsax.cab from BitDefender. Right-click the IE info bar and select Install to install the BitDefender quick scan module.
If prompted, reply yes to allow it to run.
Press the Allow button and follow prompts.
Press the "Start Scan" once more.
You'll see the EULA in a pop-up window. Click the I accept & then the OK button
Note: The FAQ is here --> http://quickscan.bitdefender.com/faq/
and that QuickScan has no removal capability.
The site boasts a 60-second scan. Do have patience as it likely will take longer.
It may seem to stall at moments, but have patience; it will move on.
You'll see a progress bar at top right of window.
Hopefully you will see a No infections found in the bar-winddow. Press the View Log button.
The log report will show in your text editor. Save the log.
Do a Select ALL, Copy. Then paste contents into your next reply.
Step 6
  • Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
    >> from here <<
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
    For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Click on Scan.
  • Click on Report and copy/paste the content of the notepad into your next reply.

Step 7

RE-Enable your antivirus program.

Copy & Paste contents of Log.txt & Info.txt & Checkup.txt & log from Bitdefender & RogueKiller log.

Use separate replies as needed if logs do not fit into one reply box.

Link to post
Share on other sites

If this system's Windows is by an OEM (manufacturer) did you remove the included 3rd-party antivirus program (if any) {such as Norton or McAfee) after you re-installed Windows?

Not to my knowledge. I dont remember doing that at the very least.

Step 3 logs

info.txt logfile of random's system information tool 1.09 2013-01-01 11:57:11

======Uninstall list======

@BIOS-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}\Setup.exe" -l0x9 -removeonly

-->MsiExec /X{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Adobe Flash Player 11 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe -maintain activex

Adobe Flash Player 11 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_135_Plugin.exe -maintain plugin

AVG Security Toolbar-->C:\Program Files\AVG Secure Search\UNINSTALL.exe /PROMPT /UNINSTALL

Easy Tune 6 B11.1206.1-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{457D7505-D665-4F95-91C3-ECB8C56E9ACA}

Enable S3 for USB Device-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Gigabyte\Enable S3 for USB Device\Uninst.isu"

ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"

Etron USB3.0 Host Controller-->MsiExec.exe /I{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}

Google Chrome-->"C:\Program Files\Google\Chrome\Application\23.0.1271.97\Installer\setup.exe" --uninstall --multi-install --chrome --system-level

Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""

Hotfix for Windows XP (KB2779562)-->"C:\WINDOWS\$NtUninstallKB2779562$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"

Intel® Management Engine Components-->C:\Program Files\Intel\Intel® Management Engine Components\Uninstall\setup.exe -uninstall

Internet Explorer (Enable DEP)-->C:\WINDOWS\system32\sdbinst.exe -u "C:\WINDOWS\AppPatch\Custom\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb"

League of Legends-->"C:\Program Files\InstallShield Installation Information\{92606477-9366-4D3B-8AE3-6BE4B29727AB}\setup.exe" -runfromtemp -l0x0409 -removeonly

Malwarebytes Anti-Malware version 1.70.0.1100-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe

Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

Microsoft Download Manager-->MsiExec.exe /X{654977DB-0001-0002-0001-EABD228DDE8B}

Microsoft Security Client-->MsiExec.exe /X{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}

Microsoft Security Essentials-->C:\Program Files\Microsoft Security Client\Setup.exe /x

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

Mozilla Firefox 17.0.1 (x86 en-US)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

Mozilla Maintenance Service-->"C:\Program Files\Mozilla Maintenance Service\uninstall.exe"

MSXML 6 Service Pack 2 (KB973686)-->MsiExec.exe /I{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}

NVIDIA Graphics Driver 310.70-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{6BFD699C-9A30-40A2-A148-4DCA696871B1}\NVI2.DLL",UninstallPackage Display.Driver

NVIDIA HD Audio Driver 1.3.18.0-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{6BFD699C-9A30-40A2-A148-4DCA696871B1}\NVI2.DLL",UninstallPackage HDAudio.Driver

NVIDIA nView 136.53-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{6BFD699C-9A30-40A2-A148-4DCA696871B1}\NVI2.DLL",UninstallPackage Display.NView

NVIDIA nView Desktop Manager-->C:\Program Files\NVIDIA Corporation\nView\nViewSetup.exe -uninstall

NVIDIA PhysX System Software 9.12.1031-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{6BFD699C-9A30-40A2-A148-4DCA696871B1}\NVI2.DLL",UninstallPackage Display.PhysX

NVIDIA PhysX-->MsiExec.exe /I{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}

NVIDIA Update 1.11.3-->"C:\WINDOWS\system32\RunDll32.EXE" "C:\Program Files\NVIDIA Corporation\Installer2\installer.{6BFD699C-9A30-40A2-A148-4DCA696871B1}\NVI2.DLL",UninstallPackage Display.Update

ON_OFF Charge B11.1102.1-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3DECD372-76A1-4483-BF10-B547790A3261}\setup.exe" -l0x9 -removeonly

Pando Media Booster-->C:\Program Files\Pando Networks\Media Booster\uninst.exe

REALTEK GbE & FE Ethernet PCI-E NIC Driver-->C:\Program Files\InstallShield Installation Information\{C9BED750-1211-4480-B1A5-718A3BE15525}\Setup.Exe -runfromtemp -removeonly

Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.EXE" -l0x9 -removeonly

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {94EFE014-E577-310B-B2D5-6973A21D8A90} /qb+ REBOOTPROMPT=""

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {F6F5AC31-9833-3E77-AC8E-8E910CAB39AE} /qb+ REBOOTPROMPT=""

Security Update for Microsoft Windows (KB2564958)-->"C:\WINDOWS\$NtUninstallKB2564958$\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2510531)-->"C:\WINDOWS\ie8updates\KB2510531-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2544521)-->"C:\WINDOWS\ie8updates\KB2544521-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB2761465)-->"C:\WINDOWS\ie8updates\KB2761465-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB2378111)-->"C:\WINDOWS\$NtUninstallKB2378111_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB975558)-->"C:\WINDOWS\$NtUninstallKB975558_WM8$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9L$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2296011)-->"C:\WINDOWS\$NtUninstallKB2296011$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2347290)-->"C:\WINDOWS\$NtUninstallKB2347290$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2360937)-->"C:\WINDOWS\$NtUninstallKB2360937$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2387149)-->"C:\WINDOWS\$NtUninstallKB2387149$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2393802)-->"C:\WINDOWS\$NtUninstallKB2393802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2419632)-->"C:\WINDOWS\$NtUninstallKB2419632$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2423089)-->"C:\WINDOWS\$NtUninstallKB2423089$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2440591)-->"C:\WINDOWS\$NtUninstallKB2440591$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2443105)-->"C:\WINDOWS\$NtUninstallKB2443105$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2476490)-->"C:\WINDOWS\$NtUninstallKB2476490$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2478960)-->"C:\WINDOWS\$NtUninstallKB2478960$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2478971)-->"C:\WINDOWS\$NtUninstallKB2478971$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2479943)-->"C:\WINDOWS\$NtUninstallKB2479943$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2481109)-->"C:\WINDOWS\$NtUninstallKB2481109$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2483185)-->"C:\WINDOWS\$NtUninstallKB2483185$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2485663)-->"C:\WINDOWS\$NtUninstallKB2485663$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2506212)-->"C:\WINDOWS\$NtUninstallKB2506212$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2507938)-->"C:\WINDOWS\$NtUninstallKB2507938$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2508429)-->"C:\WINDOWS\$NtUninstallKB2508429$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2509553)-->"C:\WINDOWS\$NtUninstallKB2509553$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2535512)-->"C:\WINDOWS\$NtUninstallKB2535512$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2536276-v2)-->"C:\WINDOWS\$NtUninstallKB2536276-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2544893-v2)-->"C:\WINDOWS\$NtUninstallKB2544893-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2566454)-->"C:\WINDOWS\$NtUninstallKB2566454$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2570947)-->"C:\WINDOWS\$NtUninstallKB2570947$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2584146)-->"C:\WINDOWS\$NtUninstallKB2584146$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2585542)-->"C:\WINDOWS\$NtUninstallKB2585542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2592799)-->"C:\WINDOWS\$NtUninstallKB2592799$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2598479)-->"C:\WINDOWS\$NtUninstallKB2598479$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2603381)-->"C:\WINDOWS\$NtUninstallKB2603381$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2618451)-->"C:\WINDOWS\$NtUninstallKB2618451$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2619339)-->"C:\WINDOWS\$NtUninstallKB2619339$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2620712)-->"C:\WINDOWS\$NtUninstallKB2620712$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2624667)-->"C:\WINDOWS\$NtUninstallKB2624667$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2631813)-->"C:\WINDOWS\$NtUninstallKB2631813$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2646524)-->"C:\WINDOWS\$NtUninstallKB2646524$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2653956)-->"C:\WINDOWS\$NtUninstallKB2653956$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2655992)-->"C:\WINDOWS\$NtUninstallKB2655992$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2659262)-->"C:\WINDOWS\$NtUninstallKB2659262$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2661637)-->"C:\WINDOWS\$NtUninstallKB2661637$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2676562)-->"C:\WINDOWS\$NtUninstallKB2676562$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2686509)-->"C:\WINDOWS\$NtUninstallKB2686509$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2691442)-->"C:\WINDOWS\$NtUninstallKB2691442$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2698365)-->"C:\WINDOWS\$NtUninstallKB2698365$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2705219-v2)-->"C:\WINDOWS\$NtUninstallKB2705219-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2712808)-->"C:\WINDOWS\$NtUninstallKB2712808$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2719985)-->"C:\WINDOWS\$NtUninstallKB2719985$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2723135-v2)-->"C:\WINDOWS\$NtUninstallKB2723135-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2724197)-->"C:\WINDOWS\$NtUninstallKB2724197$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2727528)-->"C:\WINDOWS\$NtUninstallKB2727528$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2753842-v2)-->"C:\WINDOWS\$NtUninstallKB2753842-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2758857)-->"C:\WINDOWS\$NtUninstallKB2758857$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2770660)-->"C:\WINDOWS\$NtUninstallKB2770660$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2779030)-->"C:\WINDOWS\$NtUninstallKB2779030$\spuninst\spuninst.exe"

Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf

Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"

Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979687)-->"C:\WINDOWS\$NtUninstallKB979687$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981322)-->"C:\WINDOWS\$NtUninstallKB981322$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982132)-->"C:\WINDOWS\$NtUninstallKB982132$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"

SUPERAntiSpyware-->"C:\Program Files\SUPERAntiSpyware\Uninstall.exe"

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""

Update for Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"

Update for Windows XP (KB2345886)-->"C:\WINDOWS\$NtUninstallKB2345886$\spuninst\spuninst.exe"

Update for Windows XP (KB2661254-v2)-->"C:\WINDOWS\$NtUninstallKB2661254-v2$\spuninst\spuninst.exe"

Update for Windows XP (KB2736233)-->"C:\WINDOWS\$NtUninstallKB2736233$\spuninst\spuninst.exe"

Update for Windows XP (KB2749655)-->"C:\WINDOWS\$NtUninstallKB2749655$\spuninst\spuninst.exe"

Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"

Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"

Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"

Update for Windows XP (KB971029)-->"C:\WINDOWS\$NtUninstallKB971029$\spuninst\spuninst.exe"

Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"

Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"

Windows Imaging Component-->"C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"

Windows PowerShell 1.0-->"C:\WINDOWS\$NtUninstallKB926139-v2$\spuninst\spuninst.exe"

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

======Security center information======

AV: Microsoft Security Essentials

======System event log======

Computer Name: DEEZGOOD-D8793A

Event Code: 7023

Message: The Application Management service terminated with the following error:

The specified module could not be found.

Record Number: 877

Source Name: Service Control Manager

Time Written: 20121230142407.000000-360

Event Type: error

User:

Computer Name: DEEZGOOD-D8793A

Event Code: 7023

Message: The Application Management service terminated with the following error:

The specified module could not be found.

Record Number: 874

Source Name: Service Control Manager

Time Written: 20121230142407.000000-360

Event Type: error

User:

Computer Name: DEEZGOOD-D8793A

Event Code: 7023

Message: The Application Management service terminated with the following error:

The specified module could not be found.

Record Number: 871

Source Name: Service Control Manager

Time Written: 20121230142407.000000-360

Event Type: error

User:

Computer Name: DEEZGOOD-D8793A

Event Code: 4226

Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 827

Source Name: Tcpip

Time Written: 20121230141129.000000-360

Event Type: warning

User:

Computer Name: DEEZGOOD-D8793A

Event Code: 20

Message: Printer Driver Microsoft XPS Document Writer for Windows NT x86 Version-3 was added or updated. Files:- (null).

Record Number: 753

Source Name: Print

Time Written: 20121230124707.000000-360

Event Type: warning

User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: DEEZGOOD-D8793A

Event Code: 5000

Message:

Record Number: 193

Source Name: Microsoft Security Client

Time Written: 20121230120438.000000-360

Event Type: error

User:

Computer Name: DEEZGOOD-D8793A

Event Code: 5000

Message: EventType mptelemetry, P1 0x80070003, P2 moac, P3 cachereset, P4 4.1.522.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 NIL, P10 NIL.

Record Number: 190

Source Name: MPSampleSubmission

Time Written: 20121230120236.000000-360

Event Type: error

User:

Computer Name: DEEZGOOD-D8793A

Event Code: 1000

Message: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module kernel32.dll, version 5.1.2600.2180, fault address 0x0000a2c8.

Record Number: 183

Source Name: Application Error

Time Written: 20121230120127.000000-360

Event Type: error

User:

Computer Name: DEEZGOOD-D8793A

Event Code: 1000

Message: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module kernel32.dll, version 5.1.2600.2180, fault address 0x0000a2c8.

Record Number: 178

Source Name: Application Error

Time Written: 20121230120000.000000-360

Event Type: error

User:

Computer Name: DEEZGOOD-D8793A

Event Code: 1000

Message: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module kernel32.dll, version 5.1.2600.2180, fault address 0x0000a2c8.

Record Number: 176

Source Name: Application Error

Time Written: 20121230115930.000000-360

Event Type: error

User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=C:\Program Files\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\WINDOWS\system32\WindowsPowerShell\v1.0

"windir"=%SystemRoot%

"FP_NO_HOST_CHECK"=NO

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=6

"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 42 Stepping 7, GenuineIntel

"PROCESSOR_REVISION"=2a07

"NUMBER_OF_PROCESSORS"=4

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.PSC1

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Link to post
Share on other sites

Logfile of random's system information tool 1.09 (written by random/random)

Run by Michael Senff at 2013-01-01 11:57:05

Microsoft Windows XP Home Edition Service Pack 3

System drive C: has 50 GB (70%) free of 71 GB

Total RAM: 3564 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:57:10 AM, on 1/1/2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\AVG Secure Search\vprot.exe

C:\WINDOWS\system32\RunDLL32.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Pando Networks\Media Booster\PMB.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\ERUNT\ERUNT.EXE

C:\Documents and Settings\Michael Senff\My Documents\Downloads\RSIT.exe

C:\Program Files\trend micro\Michael Senff.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={E63FE547-FCA7-4CEE-A237-B076D05B947B}&mid=〈=&ds=&pr=&d=&v=&sap=hp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login

O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet

O4 - HKLM\..\RunOnce: [Z1] C:\Documents and Settings\Michael Senff\Desktop\mbar\mbar.exe /cleanup /s

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files\Pando Networks\Media Booster\PMB.exe

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1356889323531

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AppleChargerSrv - Unknown owner - C:\WINDOWS\system32\AppleChargerSrv.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: vToolbarUpdater13.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

--

End of file - 6300 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

C:\WINDOWS\tasks\MpIdleTask.job

C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 8fdb9f41-1323-4f9b-89f5-9acb22c206d6.job

C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task f741a3d6-a2d2-44a2-a58b-53aee11d3046.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Michael Senff\Application Data\Mozilla\Firefox\Profiles\8v50ytho.default

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

"avg@toolbar"=C:\Documents and Settings\All Users\Application Data\AVG Secure Search\FireFoxExt\13.2.0.5

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.5.502.135 Plugin

"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]

"Description"=

"Path"=C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1]

"Description"=Microsoft Download Manager

"Path"=C:\WINDOWS\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]

"Description"=This plugin detects and launches Pando Media Booster

"Path"=C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll

C:\Program Files\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\

binary.manifest

browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\

amazondotcom.xml

avg-secure-search.xml

bing.xml

eBay.xml

google.xml

twitter.xml

wikipedia.xml

yahoo.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

AVG Security Toolbar - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll [2012-12-31 1796552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll [2012-12-31 1796552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2011-10-14 20064872]

"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2012-09-12 947176]

"vProt"=C:\Program Files\AVG Secure Search\vprot.exe [2012-12-31 997320]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2012-11-30 15524712]

"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit -login []

"nwiz"=C:\Program Files\NVIDIA Corporation\nview\nwiz.exe [2012-12-03 1982312]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Z1"=C:\Documents and Settings\Michael Senff\Desktop\mbar\mbar.exe [2013-01-01 1342312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-11-01 4763008]

"Pando Media Booster"=C:\Program Files\Pando Networks\Media Booster\PMB.exe [2012-12-30 3093624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2011-07-18 113024]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"

"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

"C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Enabled:Daemonu.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Pando Networks\Media Booster\PMB.exe"="C:\Program Files\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"vidc.I420"=msh263.drv

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"vidc.iyuv"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvu9"=tsbyuv.dll

"vidc.yvyu"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax

"vidc.iv50"=ir50_32.dll

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

======List of files/folders created in the last 1 month======

2013-01-01 11:57:05 ----D---- C:\rsit

2013-01-01 11:57:05 ----D---- C:\Program Files\trend micro

2013-01-01 11:51:48 ----D---- C:\Program Files\ERUNT

2013-01-01 09:43:27 ----A---- C:\WINDOWS\system32\drivers\mbamchameleon.sys

2012-12-31 18:12:57 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe

2012-12-31 18:12:55 ----D---- C:\Program Files\AGEIA Technologies

2012-12-31 18:12:22 ----D---- C:\Documents and Settings\Michael Senff\Application Data\AVG Secure Search

2012-12-31 18:11:27 ----A---- C:\WINDOWS\system32\nvhdagenco3220103.dll

2012-12-31 18:11:25 ----A---- C:\WINDOWS\system32\nvopencl.dll

2012-12-31 18:11:25 ----A---- C:\WINDOWS\system32\nvdispgenco32.dll

2012-12-31 18:11:25 ----A---- C:\WINDOWS\system32\nvdispco32.dll

2012-12-31 18:03:49 ----D---- C:\Documents and Settings\All Users\Application Data\AVG Secure Search

2012-12-31 18:03:47 ----D---- C:\WINDOWS\system32\cache

2012-12-31 18:03:45 ----A---- C:\WINDOWS\system32\drivers\avgtpx86.sys

2012-12-30 16:21:30 ----D---- C:\Documents and Settings\Michael Senff\Application Data\LolClient

2012-12-30 16:05:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2387149$

2012-12-30 16:05:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2712808$

2012-12-30 16:04:57 ----HDC---- C:\WINDOWS\$NtUninstallKB2479943$

2012-12-30 16:04:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2659262$

2012-12-30 16:04:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2564958$

2012-12-30 16:04:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2478971$

2012-12-30 16:04:39 ----HDC---- C:\WINDOWS\$NtUninstallKB2758857$

2012-12-30 16:04:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2544893-v2$

2012-12-30 16:04:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2345886$

2012-12-30 16:04:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2536276-v2$

2012-12-30 16:04:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$

2012-12-30 16:04:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2779030$

2012-12-30 16:03:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$

2012-12-30 16:03:54 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$

2012-12-30 16:03:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$

2012-12-30 16:03:36 ----HDC---- C:\WINDOWS\$NtUninstallKB2296011$

2012-12-30 16:03:30 ----HDC---- C:\WINDOWS\$NtUninstallKB2691442$

2012-12-30 16:02:07 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$

2012-12-30 16:02:04 ----HDC---- C:\WINDOWS\$NtUninstallKB975558_WM8$

2012-12-30 16:02:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2779562$

2012-12-30 16:01:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2378111_WM9$

2012-12-30 16:01:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$

2012-12-30 16:01:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2443105$

2012-12-30 16:01:43 ----HDC---- C:\WINDOWS\$NtUninstallKB2655992$

2012-12-30 16:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2724197$

2012-12-30 16:00:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2481109$

2012-12-30 16:00:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2485663$

2012-12-30 16:00:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$

2012-12-30 16:00:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2440591$

2012-12-30 16:00:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2736233$

2012-12-30 15:59:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2686509$

2012-12-30 15:59:53 ----HDC---- C:\WINDOWS\$NtUninstallKB982132$

2012-12-30 15:59:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2507938$

2012-12-30 15:59:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$

2012-12-30 15:59:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2476490$

2012-12-30 15:59:15 ----HDC---- C:\WINDOWS\$NtUninstallKB2347290$

2012-12-30 15:59:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2483185$

2012-12-30 15:59:02 ----HDC---- C:\WINDOWS\$NtUninstallKB2624667$

2012-12-30 15:58:57 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$

2012-12-30 15:57:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2719985$

2012-12-30 15:57:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2592799$

2012-12-30 15:57:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2753842-v2$

2012-12-30 15:57:04 ----HDC---- C:\WINDOWS\$NtUninstallKB2770660$

2012-12-30 15:57:00 ----HDC---- C:\WINDOWS\$NtUninstallKB2535512$

2012-12-30 15:56:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2570947$

2012-12-30 15:56:25 ----HDC---- C:\WINDOWS\$NtUninstallKB981322$

2012-12-30 15:56:19 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$

2012-12-30 15:56:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$

2012-12-30 15:56:08 ----HDC---- C:\WINDOWS\$NtUninstallKB2419632$

2012-12-30 15:56:03 ----HDC---- C:\WINDOWS\$NtUninstallKB2508429$

2012-12-30 15:55:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2653956$

2012-12-30 15:55:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2749655$

2012-12-30 15:55:42 ----HDC---- C:\WINDOWS\$NtUninstallKB971029$

2012-12-30 15:55:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2506212$

2012-12-30 15:55:28 ----HDC---- C:\WINDOWS\$NtUninstallKB2698365$

2012-12-30 15:55:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2619339$

2012-12-30 15:55:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2705219-v2$

2012-12-30 15:55:16 ----HDC---- C:\WINDOWS\$NtUninstallKB2727528$

2012-12-30 15:55:11 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$

2012-12-30 15:55:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2723135-v2$

2012-12-30 15:55:01 ----HDC---- C:\WINDOWS\$NtUninstallKB2618451$

2012-12-30 15:54:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2661254-v2$

2012-12-30 15:54:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2509553$

2012-12-30 15:54:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2676562$

2012-12-30 15:52:19 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$

2012-12-30 15:49:47 ----HDC---- C:\WINDOWS\$NtUninstallKB2478960$

2012-12-30 15:49:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2393802$

2012-12-30 15:49:34 ----HDC---- C:\WINDOWS\$NtUninstallKB2620712$

2012-12-30 15:49:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2566454$

2012-12-30 15:49:27 ----HDC---- C:\WINDOWS\$NtUninstallKB2661637$

2012-12-30 15:49:24 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$

2012-12-30 15:49:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2423089$

2012-12-30 15:49:13 ----HDC---- C:\WINDOWS\$NtUninstallKB2360937$

2012-12-30 15:19:57 ----A---- C:\WINDOWS\system32\XAudio2_2.dll

2012-12-30 15:19:57 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll

2012-12-30 15:19:57 ----A---- C:\WINDOWS\system32\d3dx10_39.dll

2012-12-30 15:19:57 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll

2012-12-30 15:19:56 ----A---- C:\WINDOWS\system32\D3DX9_39.dll

2012-12-30 15:19:53 ----D---- C:\WINDOWS\Logs

2012-12-30 15:13:05 ----D---- C:\Riot Games

2012-12-30 14:35:56 ----N---- C:\WINDOWS\system32\iacenc.dll

2012-12-30 14:30:26 ----D---- C:\Documents and Settings\All Users\Application Data\PMB Files

2012-12-30 14:30:18 ----D---- C:\Program Files\Pando Networks

2012-12-30 14:30:15 ----A---- C:\WINDOWS\system32\mucltui.dll

2012-12-30 14:28:23 ----D---- C:\Documents and Settings\Michael Senff\Application Data\Adobe

2012-12-30 14:27:23 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

2012-12-30 14:25:39 ----D---- C:\Documents and Settings\Michael Senff\Application Data\MSNInstaller

2012-12-30 14:23:53 ----D---- C:\Documents and Settings\Michael Senff\Application Data\Mozilla

2012-12-30 14:23:44 ----D---- C:\Program Files\Mozilla Maintenance Service

2012-12-30 14:23:44 ----D---- C:\Documents and Settings\All Users\Application Data\Mozilla

2012-12-30 14:23:31 ----D---- C:\Program Files\Mozilla Firefox

2012-12-30 14:17:08 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA

2012-12-30 14:16:47 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation

2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\OpenCL.dll

2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvoglnt.dll

2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvhdap32.dll

2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvhdagenco322040.dll

2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvgenco322060.dll

2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvdispco3220140.dll

2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvcuvid.dll

2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvcuvenc.dll

2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\nvcuda.dll

2012-12-30 14:14:54 ----A---- C:\WINDOWS\system32\drivers\nvhda32.sys

2012-12-30 14:14:52 ----A---- C:\WINDOWS\system32\nvcompiler.dll

2012-12-30 14:14:52 ----A---- C:\WINDOWS\system32\nvapi.dll

2012-12-30 14:14:42 ----D---- C:\Program Files\NVIDIA Corporation

2012-12-30 14:13:51 ----D---- C:\NVIDIA

2012-12-30 13:03:45 ----A---- C:\WINDOWS\system32\d3d9caps.dat

2012-12-30 13:01:47 ----D---- C:\Program Files\Google

2012-12-30 13:01:47 ----D---- C:\Documents and Settings\Michael Senff\Application Data\SUPERAntiSpyware.com

2012-12-30 13:01:40 ----D---- C:\Program Files\SUPERAntiSpyware

2012-12-30 13:01:40 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com

2012-12-30 12:58:35 ----D---- C:\Documents and Settings\Michael Senff\Application Data\Malwarebytes

2012-12-30 12:58:24 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2012-12-30 12:58:23 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2012-12-30 12:58:23 ----A---- C:\WINDOWS\system32\drivers\mbam.sys

2012-12-30 12:50:41 ----D---- C:\Documents and Settings\Michael Senff\Application Data\ElevatedDiagnostics

2012-12-30 12:49:48 ----D---- C:\WINDOWS\system32\windowspowershell

2012-12-30 12:49:44 ----HDC---- C:\WINDOWS\$NtUninstallKB926139-v2$

2012-12-30 12:46:34 ----D---- C:\WINDOWS\Prefetch

2012-12-30 12:45:33 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$

2012-12-30 12:45:29 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$

2012-12-30 12:45:24 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$

2012-12-30 12:45:20 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$

2012-12-30 12:45:17 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$

2012-12-30 12:45:14 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$

2012-12-30 12:45:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$

2012-12-30 12:45:07 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$

2012-12-30 12:45:04 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$

2012-12-30 12:45:00 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$

2012-12-30 12:44:57 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$

2012-12-30 12:44:53 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$

2012-12-30 12:44:49 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$

2012-12-30 12:44:45 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$

2012-12-30 12:44:42 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$

2012-12-30 12:44:38 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$

2012-12-30 12:44:34 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$

2012-12-30 12:44:31 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$

2012-12-30 12:44:28 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$

2012-12-30 12:44:24 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$

2012-12-30 12:44:21 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$

2012-12-30 12:44:18 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$

2012-12-30 12:44:14 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$

2012-12-30 12:44:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$

2012-12-30 12:44:07 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$

2012-12-30 12:44:04 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$

2012-12-30 12:44:00 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$

2012-12-30 12:43:57 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$

2012-12-30 12:43:53 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$

2012-12-30 12:43:50 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$

2012-12-30 12:43:47 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$

2012-12-30 12:43:42 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$

2012-12-30 12:43:38 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$

2012-12-30 12:43:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$

2012-12-30 12:43:29 ----HDC---- C:\WINDOWS\$NtUninstallKB961118$

2012-12-30 12:43:25 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$

2012-12-30 12:43:22 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$

2012-12-30 12:43:19 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$

2012-12-30 12:43:15 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$

2012-12-30 12:43:12 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$

2012-12-30 12:43:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$

2012-12-30 12:43:05 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$

2012-12-30 12:43:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$

2012-12-30 12:42:56 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$

2012-12-30 12:42:51 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$

2012-12-30 12:42:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$

2012-12-30 12:42:44 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$

2012-12-30 12:42:41 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$

2012-12-30 12:42:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$

2012-12-30 12:42:33 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$

2012-12-30 12:42:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$

2012-12-30 12:42:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$

2012-12-30 12:42:22 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$

2012-12-30 12:42:19 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$

2012-12-30 12:42:16 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$

2012-12-30 12:42:12 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$

2012-12-30 12:42:09 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$

2012-12-30 12:40:53 ----D---- C:\WINDOWS\system32\scripting

2012-12-30 12:40:53 ----D---- C:\WINDOWS\system32\en

2012-12-30 12:40:53 ----D---- C:\WINDOWS\system32\bits

2012-12-30 12:40:53 ----D---- C:\WINDOWS\l2schemas

2012-12-30 12:38:40 ----D---- C:\WINDOWS\network diagnostic

2012-12-30 12:36:50 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$

2012-12-30 12:36:49 ----D---- C:\WINDOWS\EHome

2012-12-30 12:28:45 ----HDC---- C:\WINDOWS\$NtUninstallKB980218_0$

2012-12-30 12:28:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$

2012-12-30 12:28:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$

2012-12-30 12:28:34 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$

2012-12-30 12:28:29 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$

2012-12-30 12:28:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$

2012-12-30 12:28:22 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$

2012-12-30 12:27:21 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$

2012-12-30 12:27:15 ----HDC---- C:\WINDOWS\$NtUninstallKB979683_0$

2012-12-30 12:27:06 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$

2012-12-30 12:27:03 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$

2012-12-30 12:27:00 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$

2012-12-30 12:26:57 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$

2012-12-30 12:26:49 ----HDC---- C:\WINDOWS\$NtUninstallKB980232_0$

2012-12-30 12:26:44 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$

2012-12-30 12:26:40 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$

2012-12-30 12:26:36 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$

2012-12-30 12:26:31 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593_0$

2012-12-30 12:26:27 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$

2012-12-30 12:26:23 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$

2012-12-30 12:26:19 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$

2012-12-30 12:26:14 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$

2012-12-30 12:26:10 ----HDC---- C:\WINDOWS\$NtUninstallKB978338_0$

2012-12-30 12:26:01 ----HDC---- C:\WINDOWS\$NtUninstallKB961118_0$

2012-12-30 12:25:58 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$

2012-12-30 12:25:54 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$

2012-12-30 12:24:31 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$

2012-12-30 12:24:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$

2012-12-30 12:24:12 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$

2012-12-30 12:24:09 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$

2012-12-30 12:22:51 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$

2012-12-30 12:22:41 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$

2012-12-30 12:22:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$

2012-12-30 12:22:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$

2012-12-30 12:22:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$

2012-12-30 12:22:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$

2012-12-30 12:22:24 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$

2012-12-30 12:22:21 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$

2012-12-30 12:22:17 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$

2012-12-30 12:22:13 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$

2012-12-30 12:22:10 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$

2012-12-30 12:22:06 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$

2012-12-30 12:22:02 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$

2012-12-30 12:21:59 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$

2012-12-30 12:21:56 ----HDC---- C:\WINDOWS\$NtUninstallKB978601_0$

2012-12-30 12:21:52 ----HDC---- C:\WINDOWS\$NtUninstallKB979559_0$

2012-12-30 12:21:36 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$

2012-12-30 12:21:32 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$

2012-12-30 12:21:26 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$

2012-12-30 12:21:23 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$

2012-12-30 12:21:15 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$

2012-12-30 12:21:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$

2012-12-30 12:21:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978542_0$

2012-12-30 12:20:58 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$

2012-12-30 12:20:55 ----HDC---- C:\WINDOWS\$NtUninstallKB979309_0$

2012-12-30 12:20:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$

2012-12-30 12:20:48 ----HDC---- C:\WINDOWS\$NtUninstallKB979482_0$

2012-12-30 12:20:45 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$

2012-12-30 12:20:40 ----D---- C:\WINDOWS\ServicePackFiles

2012-12-30 12:20:38 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$

2012-12-30 12:20:32 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$

2012-12-30 12:20:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$

2012-12-30 12:20:25 ----HDC---- C:\WINDOWS\$NtUninstallKB975562_0$

2012-12-30 12:19:05 ----D---- C:\WINDOWS\ie8updates

2012-12-30 12:19:01 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$

2012-12-30 12:18:55 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$

2012-12-30 12:18:51 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9L$

2012-12-30 12:17:47 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$

2012-12-30 12:17:34 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$

2012-12-30 12:17:14 ----A---- C:\WINDOWS\system32\MRT.exe

2012-12-30 12:17:08 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$

2012-12-30 12:17:03 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$

2012-12-30 12:15:17 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys

2012-12-30 12:15:17 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys

2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys

2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys

2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys

2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys

2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys

2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys

2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys

2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys

2012-12-30 12:15:16 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys

2012-12-30 12:15:15 ----N---- C:\WINDOWS\system32\drivers\recagent.sys

2012-12-30 12:15:15 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys

2012-12-30 12:15:15 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys

2012-12-30 12:15:15 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys

2012-12-30 12:15:15 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys

2012-12-30 12:15:15 ----A---- C:\WINDOWS\system32\drivers\nv4_mini.sys

2012-12-30 12:15:12 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys

2012-12-30 12:15:12 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys

2012-12-30 12:15:11 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys

2012-12-30 12:15:11 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys

2012-12-30 12:14:25 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys

2012-12-30 12:07:36 ----N---- C:\WINDOWS\system32\drivers\bthport.sys

2012-12-30 12:05:04 ----N---- C:\WINDOWS\system32\tzchange.exe

2012-12-30 12:04:14 ----N---- C:\WINDOWS\system32\MpSigStub.exe

2012-12-30 12:03:25 ----A---- C:\WINDOWS\system32\xpsp4res.dll

2012-12-30 12:03:25 ----A---- C:\WINDOWS\system32\xpsp3res.dll

2012-12-30 12:02:08 ----D---- C:\Program Files\Microsoft Security Client

2012-12-30 11:58:37 ----D---- C:\Documents and Settings\Michael Senff\Application Data\Macromedia

2012-12-30 11:58:34 ----A---- C:\WINDOWS\system32\wpa.bak

2012-12-30 11:56:32 ----D---- C:\Documents and Settings\Michael Senff\Application Data\MicrosoftSecurityEssentialsPackages

2012-12-30 11:54:29 ----HDC---- C:\WINDOWS\$NtUninstallKB914882$

2012-12-30 11:51:16 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

2012-12-30 11:50:51 ----D---- C:\WINDOWS\system32\PreInstall

2012-12-30 11:50:50 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$

2012-12-30 11:43:58 ----A---- C:\WINDOWS\system32\wups2.dll

2012-12-30 11:43:57 ----D---- C:\WINDOWS\system32\SoftwareDistribution

2012-12-30 11:33:53 ----D---- C:\WINDOWS\WBEM

2012-12-30 11:33:18 ----HDC---- C:\WINDOWS\ie8

2012-12-30 11:28:10 ----A---- C:\WINDOWS\gdrv.sys

2012-12-30 11:28:08 ----D---- C:\WINDOWS\Minidump

2012-12-30 11:27:40 ----D---- C:\Program Files\Common Files\AVG Secure Search

2012-12-30 11:27:39 ----D---- C:\Program Files\AVG Secure Search

2012-12-30 11:03:20 ----N---- C:\WINDOWS\system32\spmsg.dll

2012-12-30 11:03:18 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$

2012-12-30 11:03:14 ----HD---- C:\WINDOWS\$hf_mig$

2012-12-30 11:02:59 ----D---- C:\Program Files\Microsoft Download Manager

2012-12-30 09:45:24 ----D---- C:\WINDOWS\system32\Lang

2012-12-30 09:44:07 ----A---- C:\WINDOWS\system32\drivers\splitter.sys

2012-12-30 09:44:06 ----A---- C:\WINDOWS\system32\drivers\GVTDrv.sys

2012-12-30 09:44:05 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys

2012-12-30 09:44:04 ----A---- C:\WINDOWS\system32\drivers\dmusic.sys

2012-12-30 09:44:02 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys

2012-12-30 09:44:01 ----A---- C:\WINDOWS\system32\drivers\aec.sys

2012-12-30 09:44:00 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys

2012-12-30 09:43:59 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys

2012-12-30 09:43:59 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys

2012-12-30 09:43:58 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys

2012-12-30 09:43:57 ----A---- C:\WINDOWS\system32\drivers\mspqm.sys

2012-12-30 09:43:56 ----A---- C:\WINDOWS\system32\drivers\mspclock.sys

2012-12-30 09:41:59 ----D---- C:\Program Files\AMD

2012-12-30 09:41:28 ----A---- C:\WINDOWS\system32\drivers\AppleCharger.sys

2012-12-30 09:41:28 ----A---- C:\WINDOWS\system32\AppleChargerSrv.exe

2012-12-30 09:41:23 ----D---- C:\Program Files\Gigabyte

2012-12-30 09:41:17 ----A---- C:\WINDOWS\system32\drivers\IntelMEFWVer.dll

2012-12-30 09:41:16 ----A---- C:\WINDOWS\system32\log.txt

2012-12-30 09:41:16 ----A---- C:\WINDOWS\IsUninst.exe

2012-12-30 09:41:14 ----D---- C:\Program Files\Common Files\postureAgent

2012-12-30 09:41:11 ----A---- C:\WINDOWS\system32\drivers\HECI.sys

2012-12-30 09:41:11 ----A---- C:\WINDOWS\system32\difxapi.dll

2012-12-30 09:40:58 ----D---- C:\Documents and Settings\Michael Senff\Application Data\InstallShield

2012-12-30 09:40:39 ----D---- C:\WINDOWS\system32\RTCOM

2012-12-30 09:40:36 ----A---- C:\WINDOWS\system32\ksuser.dll

2012-12-30 09:40:36 ----A---- C:\WINDOWS\system32\drivers\drmk.sys

2012-12-30 09:40:26 ----D---- C:\Program Files\Etron Technology

2012-12-30 09:40:24 ----A---- C:\WINDOWS\system32\RTNUninst32.dll

2012-12-30 09:40:24 ----A---- C:\WINDOWS\system32\RtNicProp32.dll

2012-12-30 09:40:24 ----A---- C:\WINDOWS\system32\drivers\Rtenicxp.sys

2012-12-30 09:40:14 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$

2012-12-30 09:40:11 ----A---- C:\WINDOWS\vncutil.exe

2012-12-30 09:40:10 ----A---- C:\WINDOWS\SOUNDMAN.EXE

2012-12-30 09:40:10 ----A---- C:\WINDOWS\SkyTel.exe

2012-12-30 09:40:09 ----A---- C:\WINDOWS\RtlUpd.exe

2012-12-30 09:40:07 ----A---- C:\WINDOWS\system32\RtkCoLDRXP.dll

2012-12-30 09:40:07 ----A---- C:\WINDOWS\system32\RtkCoInstIIXP.dll

2012-12-30 09:40:07 ----A---- C:\WINDOWS\system32\drivers\RtkHDAud.sys

2012-12-30 09:40:07 ----A---- C:\WINDOWS\RtkAudioService.exe

2012-12-30 09:40:05 ----A---- C:\WINDOWS\RTLCPL.EXE

2012-12-30 09:39:59 ----A---- C:\WINDOWS\system32\drivers\RTAIODAT.DAT

2012-12-30 09:39:59 ----A---- C:\WINDOWS\RTHDCPL.EXE

2012-12-30 09:39:58 ----A---- C:\WINDOWS\system32\drivers\Monfilt.sys

2012-12-30 09:39:57 ----A---- C:\WINDOWS\MicCal.exe

2012-12-30 09:39:47 ----A---- C:\WINDOWS\ALCMTR.EXE

2012-12-30 09:39:46 ----A---- C:\WINDOWS\ALCWZRD.EXE

2012-12-30 09:39:45 ----D---- C:\Program Files\Realtek

2012-12-30 09:39:45 ----A---- C:\WINDOWS\system32\drivers\Ambfilt.sys

2012-12-30 09:39:44 ----HD---- C:\Program Files\InstallShield Installation Information

2012-12-30 09:39:40 ----R---- C:\WINDOWS\RtlExUpd.dll

2012-12-30 09:39:35 ----D---- C:\Program Files\Common Files\InstallShield

2012-12-30 09:39:00 ----D---- C:\WINDOWS\system32\ReinstallBackups

2012-12-30 09:38:58 ----RA---- C:\WINDOWS\system32\CSVer.dll

2012-12-30 09:38:58 ----DC---- C:\WINDOWS\system32\DRVSTORE

2012-12-30 09:38:58 ----D---- C:\Program Files\Intel

2012-12-30 09:38:53 ----D---- C:\Intel

2012-12-30 09:38:19 ----D---- C:\WINDOWS\system32\XPSViewer

2012-12-30 09:38:17 ----D---- C:\WINDOWS\system32\en-US

2012-12-30 09:38:17 ----D---- C:\Program Files\MSBuild

2012-12-30 09:38:14 ----D---- C:\Program Files\Reference Assemblies

2012-12-30 09:38:00 ----N---- C:\WINDOWS\system32\xpssvcs.dll

2012-12-30 09:38:00 ----N---- C:\WINDOWS\system32\xpsshhdr.dll

2012-12-30 09:38:00 ----N---- C:\WINDOWS\system32\prntvpt.dll

2012-12-30 09:38:00 ----D---- C:\931dd4e9d3fec63017e138d3

2012-12-30 09:37:43 ----RSD---- C:\WINDOWS\assembly

2012-12-30 09:37:34 ----D---- C:\WINDOWS\Microsoft.NET

2012-12-30 09:37:19 ----A---- C:\WINDOWS\system32\spupdsvc.exe

2012-12-30 09:37:18 ----HDC---- C:\WINDOWS\$NtUninstallWIC$

2012-12-30 09:37:16 ----D---- C:\Program Files\MSXML 6.0

2012-12-30 09:36:12 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$

2012-12-30 09:35:44 ----RA---- C:\WINDOWS\GSetup.exe

2012-12-30 09:35:44 ----A---- C:\WINDOWS\GSetup.ini

2012-12-29 13:34:51 ----A---- C:\WINDOWS\system32\h323log.txt

2012-12-29 13:29:24 ----A---- C:\WINDOWS\system32\drivers\audstub.sys

2012-12-29 13:29:01 ----A---- C:\WINDOWS\system32\drivers\redbook.sys

2012-12-29 13:28:28 ----A---- C:\WINDOWS\system32\usbui.dll

2012-12-29 13:27:47 ----A---- C:\WINDOWS\imsins.BAK

2012-12-29 13:27:45 ----SHD---- C:\WINDOWS\Installer

2012-12-29 13:27:45 ----D---- C:\Program Files\Common Files\ODBC

2012-12-29 13:27:45 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2012-12-29 13:27:45 ----A---- C:\WINDOWS\ODBCINST.INI

2012-12-29 13:27:42 ----D---- C:\Program Files\Common Files\SpeechEngines

2012-12-29 13:27:41 ----RD---- C:\Program Files

2012-12-29 13:27:41 ----D---- C:\Program Files\Common Files\Microsoft Shared

2012-12-29 13:27:41 ----D---- C:\Program Files\Common Files

2012-12-29 13:27:39 ----RA---- C:\WINDOWS\system32\kbdtuq.dll

2012-12-29 13:27:39 ----RA---- C:\WINDOWS\system32\kbdtuf.dll

2012-12-29 13:27:39 ----RA---- C:\WINDOWS\system32\kbdazel.dll

2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdycc.dll

2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbduzb.dll

2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdur.dll

2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdtat.dll

2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdru1.dll

2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdru.dll

2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdmon.dll

2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdkyr.dll

2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdkaz.dll

2012-12-29 13:27:37 ----RA---- C:\WINDOWS\system32\kbdaze.dll

2012-12-29 13:27:36 ----RA---- C:\WINDOWS\system32\kbdbu.dll

2012-12-29 13:27:36 ----RA---- C:\WINDOWS\system32\kbdblr.dll

2012-12-29 13:27:35 ----RA---- C:\WINDOWS\system32\kbdhept.dll

2012-12-29 13:27:35 ----RA---- C:\WINDOWS\system32\kbdhela3.dll

2012-12-29 13:27:35 ----RA---- C:\WINDOWS\system32\kbdhela2.dll

2012-12-29 13:27:35 ----RA---- C:\WINDOWS\system32\kbdhe319.dll

2012-12-29 13:27:34 ----RA---- C:\WINDOWS\system32\kbdhe220.dll

2012-12-29 13:27:34 ----RA---- C:\WINDOWS\system32\kbdhe.dll

2012-12-29 13:27:34 ----RA---- C:\WINDOWS\system32\kbdgkl.dll

2012-12-29 13:27:33 ----RA---- C:\WINDOWS\system32\kbdlv1.dll

2012-12-29 13:27:33 ----RA---- C:\WINDOWS\system32\kbdlv.dll

2012-12-29 13:27:33 ----RA---- C:\WINDOWS\system32\kbdlt1.dll

2012-12-29 13:27:33 ----RA---- C:\WINDOWS\system32\kbdlt.dll

2012-12-29 13:27:33 ----RA---- C:\WINDOWS\system32\kbdest.dll

2012-12-29 13:27:31 ----RA---- C:\WINDOWS\system32\kbdsl1.dll

2012-12-29 13:27:31 ----RA---- C:\WINDOWS\system32\kbdsl.dll

2012-12-29 13:27:31 ----RA---- C:\WINDOWS\system32\kbdro.dll

2012-12-29 13:27:31 ----RA---- C:\WINDOWS\system32\kbdpl1.dll

2012-12-29 13:27:31 ----RA---- C:\WINDOWS\system32\kbdpl.dll

2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdycl.dll

2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdhu1.dll

2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdhu.dll

2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdcz2.dll

2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdcz1.dll

2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdcz.dll

2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\kbdcr.dll

2012-12-29 13:27:30 ----RA---- C:\WINDOWS\system32\KBDAL.DLL

2012-12-29 13:27:29 ----A---- C:\WINDOWS\system32\irclass.dll

2012-12-29 13:27:29 ----A---- C:\WINDOWS\system32\dgrpsetu.dll

2012-12-29 13:27:28 ----A---- C:\WINDOWS\system32\spxcoins.dll

2012-12-29 13:27:28 ----A---- C:\WINDOWS\system32\EqnClass.Dll

2012-12-29 13:27:28 ----A---- C:\WINDOWS\system32\dgsetup.dll

2012-12-29 13:27:26 ----N---- C:\WINDOWS\system32\CONFIG.TMP

2012-12-29 13:27:26 ----A---- C:\WINDOWS\TASKMAN.EXE

2012-12-29 13:27:26 ----A---- C:\WINDOWS\system32\drivers\irenum.sys

2012-12-29 13:27:26 ----A---- C:\WINDOWS\system32\batt.dll

2012-12-29 13:27:25 ----A---- C:\WINDOWS\system32\storprop.dll

2012-12-29 13:27:25 ----A---- C:\WINDOWS\notepad.exe

2012-12-29 13:27:20 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini

2012-12-29 13:27:18 ----RA---- C:\WINDOWS\SET8.tmp

2012-12-29 13:27:15 ----RA---- C:\WINDOWS\SET4.tmp

2012-12-29 13:27:14 ----RA---- C:\WINDOWS\SET3.tmp

2012-12-29 13:27:10 ----D---- C:\WINDOWS\system32\CatRoot2

2012-12-29 13:27:10 ----D---- C:\WINDOWS\system32\CatRoot

2012-12-29 13:27:04 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2012-12-29 13:26:46 ----A---- C:\WINDOWS\setuplog.txt

2012-12-29 13:26:45 ----D---- C:\Documents and Settings

2012-12-29 13:26:44 ----SHD---- C:\System Volume Information

2012-12-29 13:26:44 ----A---- C:\WINDOWS\system32\FNTCACHE.DAT

2012-12-29 13:26:07 ----SH---- C:\boot.ini

2012-12-29 13:20:21 ----RSHDC---- C:\WINDOWS\system32\dllcache

2012-12-29 13:20:21 ----RSD---- C:\WINDOWS\Fonts

2012-12-29 13:20:21 ----RD---- C:\WINDOWS\Web

2012-12-29 13:20:21 ----HD---- C:\WINDOWS\inf

2012-12-29 13:20:21 ----D---- C:\WINDOWS\WinSxS

2012-12-29 13:20:21 ----D---- C:\WINDOWS\twain_32

2012-12-29 13:20:21 ----D---- C:\WINDOWS\Temp

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\wins

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\wbem

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\usmt

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\spool

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\ShellExt

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\Setup

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\ras

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\oobe

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\npp

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\mui

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\inetsrv

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\IME

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\icsxml

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\ias

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\export

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\drivers\etc

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\drivers\disdn

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\drivers

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\dhcp

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\config

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\3com_dmi

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\3076

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\2052

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\1054

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\1042

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\1041

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\1037

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\1033

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\1031

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\1028

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32\1025

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system32

2012-12-29 13:20:21 ----D---- C:\WINDOWS\system

2012-12-29 13:20:21 ----D---- C:\WINDOWS\security

2012-12-29 13:20:21 ----D---- C:\WINDOWS\Resources

2012-12-29 13:20:21 ----D---- C:\WINDOWS\repair

2012-12-29 13:20:21 ----D---- C:\WINDOWS\Provisioning

2012-12-29 13:20:21 ----D---- C:\WINDOWS\PeerNet

2012-12-29 13:20:21 ----D---- C:\WINDOWS\pchealth

2012-12-29 13:20:21 ----D---- C:\WINDOWS\mui

2012-12-29 13:20:21 ----D---- C:\WINDOWS\msapps

2012-12-29 13:20:21 ----D---- C:\WINDOWS\msagent

2012-12-29 13:20:21 ----D---- C:\WINDOWS\Media

2012-12-29 13:20:21 ----D---- C:\WINDOWS\java

2012-12-29 13:20:21 ----D---- C:\WINDOWS\ime

2012-12-29 13:20:21 ----D---- C:\WINDOWS\Help

2012-12-29 13:20:21 ----D---- C:\WINDOWS\Driver Cache

2012-12-29 13:20:21 ----D---- C:\WINDOWS\Debug

2012-12-29 13:20:21 ----D---- C:\WINDOWS\Cursors

2012-12-29 13:20:21 ----D---- C:\WINDOWS\Connection Wizard

2012-12-29 13:20:21 ----D---- C:\WINDOWS\Config

2012-12-29 13:20:21 ----D---- C:\WINDOWS\AppPatch

2012-12-29 13:20:21 ----D---- C:\WINDOWS\addins

2012-12-29 13:20:21 ----D---- C:\WINDOWS

2012-12-29 13:20:21 ----ASH---- C:\pagefile.sys

2012-12-29 12:56:36 ----D---- C:\Program Files\Common Files\Adobe

2012-12-29 12:53:14 ----SHD---- C:\RECYCLER

2012-12-29 12:41:55 ----D---- C:\Documents and Settings\Michael Senff\Application Data\Identities

2012-12-29 12:41:54 ----HD---- C:\Program Files\Uninstall Information

2012-12-29 12:41:52 ----ASH---- C:\Documents and Settings\Michael Senff\Application Data\desktop.ini

2012-12-29 12:41:51 ----SD---- C:\Documents and Settings\Michael Senff\Application Data\Microsoft

2012-12-29 12:41:19 ----D---- C:\WINDOWS\SoftwareDistribution

2012-12-29 12:41:18 ----SD---- C:\WINDOWS\system32\Microsoft

2012-12-29 12:41:18 ----A---- C:\WINDOWS\SchedLgU.Txt

2012-12-29 12:40:27 ----AS---- C:\WINDOWS\bootstat.dat

2012-12-29 12:39:26 ----D---- C:\WINDOWS\system32\xircom

2012-12-29 12:39:26 ----D---- C:\Program Files\xerox

2012-12-29 12:39:26 ----D---- C:\Program Files\microsoft frontpage

2012-12-29 12:39:20 ----RASH---- C:\MSDOS.SYS

2012-12-29 12:39:20 ----RASH---- C:\IO.SYS

2012-12-29 12:39:20 ----A---- C:\WINDOWS\control.ini

2012-12-29 12:39:20 ----A---- C:\CONFIG.SYS

2012-12-29 12:39:20 ----A---- C:\AUTOEXEC.BAT

2012-12-29 12:39:15 ----A---- C:\WINDOWS\OEWABLog.txt

2012-12-29 12:39:13 ----A---- C:\WINDOWS\system32\mapi32.dll

2012-12-29 12:38:49 ----SD---- C:\WINDOWS\Downloaded Program Files

2012-12-29 12:38:49 ----RD---- C:\WINDOWS\Offline Web Pages

2012-12-29 12:38:44 ----HD---- C:\Program Files\WindowsUpdate

2012-12-29 12:38:29 ----D---- C:\WINDOWS\system32\DirectX

2012-12-29 12:38:10 ----A---- C:\WINDOWS\system32\atrace.dll

2012-12-29 12:38:07 ----A---- C:\WINDOWS\system32\desktop.ini

2012-12-29 12:38:07 ----A---- C:\WINDOWS\desktop.ini

2012-12-29 12:38:01 ----A---- C:\WINDOWS\system32\nmevtmsg.dll

2012-12-29 12:38:00 ----A---- C:\WINDOWS\system32\acctres.dll

2012-12-29 12:37:59 ----D---- C:\Program Files\Common Files\Services

2012-12-29 12:37:57 ----SD---- C:\WINDOWS\Tasks

2012-12-29 12:37:57 ----A---- C:\WINDOWS\system32\icfgnt5.dll

2012-12-29 12:37:56 ----D---- C:\Program Files\Common Files\MSSoap

2012-12-29 12:37:52 ----D---- C:\WINDOWS\srchasst

2012-12-29 12:37:51 ----D---- C:\WINDOWS\system32\Macromed

2012-12-29 12:37:48 ----A---- C:\WINDOWS\system32\wuweb.dll

2012-12-29 12:37:48 ----A---- C:\WINDOWS\system32\wucltui.dll

2012-12-29 12:37:48 ----A---- C:\WINDOWS\system32\wuauserv.dll

2012-12-29 12:37:48 ----A---- C:\WINDOWS\system32\wuaueng1.dll

2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\wups.dll

2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\wuaueng.dll

2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\wuauclt1.exe

2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\wuauclt.exe

2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\wuapi.dll

2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\bitsprx3.dll

2012-12-29 12:37:47 ----A---- C:\WINDOWS\system32\bitsprx2.dll

2012-12-29 12:37:46 ----A---- C:\WINDOWS\system32\qmgrprxy.dll

2012-12-29 12:37:46 ----A---- C:\WINDOWS\system32\qmgr.dll

2012-12-29 12:37:42 ----D---- C:\Program Files\Movie Maker

2012-12-29 12:37:39 ----A---- C:\WINDOWS\system32\safrslv.dll

2012-12-29 12:37:39 ----A---- C:\WINDOWS\system32\safrdm.dll

2012-12-29 12:37:39 ----A---- C:\WINDOWS\system32\safrcdlg.dll

2012-12-29 12:37:38 ----A---- C:\WINDOWS\system32\racpldlg.dll

2012-12-29 12:37:35 ----A---- C:\WINDOWS\system32\fltmc.exe

2012-12-29 12:37:35 ----A---- C:\WINDOWS\system32\fltlib.dll

2012-12-29 12:37:35 ----A---- C:\WINDOWS\system32\drivers\fltmgr.sys

2012-12-29 12:37:34 ----D---- C:\WINDOWS\system32\Restore

2012-12-29 12:37:34 ----A---- C:\WINDOWS\system32\srsvc.dll

2012-12-29 12:37:34 ----A---- C:\WINDOWS\system32\srrstr.dll

2012-12-29 12:37:34 ----A---- C:\WINDOWS\system32\srclient.dll

2012-12-29 12:37:34 ----A---- C:\WINDOWS\system32\drivers\sr.sys

2012-12-29 12:37:33 ----A---- C:\WINDOWS\system32\nmmkcert.dll

2012-12-29 12:37:33 ----A---- C:\WINDOWS\system32\msconf.dll

2012-12-29 12:37:33 ----A---- C:\WINDOWS\system32\mnmsrvc.exe

2012-12-29 12:37:33 ----A---- C:\WINDOWS\system32\mnmdd.dll

2012-12-29 12:37:33 ----A---- C:\WINDOWS\system32\isrdbg32.dll

2012-12-29 12:37:33 ----A---- C:\WINDOWS\system32\ils.dll

2012-12-29 12:37:30 ----D---- C:\Program Files\NetMeeting

2012-12-29 12:37:30 ----A---- C:\WINDOWS\system32\msoert2.dll

2012-12-29 12:37:30 ----A---- C:\WINDOWS\system32\msoeacct.dll

2012-12-29 12:37:29 ----A---- C:\WINDOWS\system32\inetres.dll

2012-12-29 12:37:28 ----A---- C:\WINDOWS\system32\inetcomm.dll

2012-12-29 12:37:26 ----D---- C:\Program Files\Outlook Express

2012-12-29 12:37:26 ----A---- C:\WINDOWS\system32\schedsvc.dll

2012-12-29 12:37:26 ----A---- C:\WINDOWS\system32\mstinit.exe

2012-12-29 12:37:26 ----A---- C:\WINDOWS\system32\mstask.dll

2012-12-29 12:37:25 ----A---- C:\WINDOWS\system32\isign32.dll

2012-12-29 12:37:25 ----A---- C:\WINDOWS\system32\inetcfg.dll

2012-12-29 12:37:25 ----A---- C:\WINDOWS\system32\icwphbk.dll

2012-12-29 12:37:25 ----A---- C:\WINDOWS\system32\icwdial.dll

2012-12-29 12:37:20 ----D---- C:\Program Files\Common Files\System

2012-12-29 12:37:19 ----D---- C:\Program Files\Internet Explorer

2012-12-29 12:37:17 ----A---- C:\WINDOWS\system32\emptyregdb.dat

2012-12-29 12:37:11 ----D---- C:\Program Files\ComPlus Applications

2012-12-29 12:37:10 ----A---- C:\WINDOWS\vbaddin.ini

2012-12-29 12:37:10 ----A---- C:\WINDOWS\vb.ini

2012-12-29 12:37:07 ----D---- C:\WINDOWS\Registration

2012-12-29 12:36:53 ----D---- C:\Program Files\Windows Media Player

2012-12-29 12:36:53 ----D---- C:\Program Files\Online Services

2012-12-29 12:36:50 ----D---- C:\Program Files\Messenger

2012-12-29 12:36:46 ----D---- C:\Program Files\MSN Gaming Zone

2012-12-29 12:36:46 ----A---- C:\WINDOWS\system32\write.exe

2012-12-29 12:36:39 ----A---- C:\WINDOWS\system32\sndvol32.exe

2012-12-29 12:36:39 ----A---- C:\WINDOWS\system32\hticons.dll

2012-12-29 12:36:38 ----A---- C:\WINDOWS\system32\winchat.exe

2012-12-29 12:36:38 ----A---- C:\WINDOWS\system32\avwav.dll

2012-12-29 12:36:38 ----A---- C:\WINDOWS\system32\avtapi.dll

2012-12-29 12:36:38 ----A---- C:\WINDOWS\system32\avmeter.dll

2012-12-29 12:36:32 ----A---- C:\WINDOWS\system32\getuname.dll

2012-12-29 12:36:32 ----A---- C:\WINDOWS\system32\charmap.exe

2012-12-29 12:36:31 ----A---- C:\WINDOWS\system32\winmine.exe

2012-12-29 12:36:31 ----A---- C:\WINDOWS\system32\sol.exe

2012-12-29 12:36:31 ----A---- C:\WINDOWS\system32\mshearts.exe

2012-12-29 12:36:31 ----A---- C:\WINDOWS\system32\calc.exe

2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\usrlogon.cmd

2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\tsshutdn.exe

2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\tslabels.ini

2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\tskill.exe

2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\tsdiscon.exe

2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\tscon.exe

2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\shadow.exe

2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\rwinsta.exe

2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\reset.exe

2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\regini.exe

2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\rdpcfgex.dll

2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\qwinsta.exe

2012-12-29 12:36:30 ----A---- C:\WINDOWS\system32\freecell.exe

2012-12-29 12:36:29 ----A---- C:\WINDOWS\system32\qappsrv.exe

2012-12-29 12:36:29 ----A---- C:\WINDOWS\system32\msg.exe

2012-12-29 12:36:29 ----A---- C:\WINDOWS\system32\msdtcprf.ini

2012-12-29 12:36:29 ----A---- C:\WINDOWS\system32\logoff.exe

2012-12-29 12:36:29 ----A---- C:\WINDOWS\system32\cdmodem.dll

2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\stclient.dll

2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\mtxlegih.dll

2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\mtxex.dll

2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\mtxdm.dll

2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\dcomcnfg.exe

2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\comsnap.dll

2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\comrepl.dll

2012-12-29 12:36:28 ----A---- C:\WINDOWS\system32\comaddin.dll

2012-12-29 12:36:24 ----A---- C:\WINDOWS\system32\wmimgmt.msc

2012-12-29 12:36:09 ----D---- C:\Program Files\MSN

2012-12-29 12:36:08 ----A---- C:\WINDOWS\system32\sndrec32.exe

2012-12-29 12:36:08 ----A---- C:\WINDOWS\system32\accwiz.exe

2012-12-29 12:36:07 ----D---- C:\Program Files\Windows NT

2012-12-29 12:36:07 ----A---- C:\WINDOWS\system32\mspaint.exe

2012-12-29 12:36:07 ----A---- C:\WINDOWS\system32\mplay32.exe

2012-12-29 12:36:07 ----A---- C:\WINDOWS\system32\hypertrm.dll

2012-12-29 12:36:06 ----A---- C:\WINDOWS\system32\tscfgwmi.dll

2012-12-29 12:36:06 ----A---- C:\WINDOWS\system32\spider.exe

2012-12-29 12:36:06 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys

2012-12-29 12:36:06 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys

2012-12-29 12:36:06 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys

2012-12-29 12:36:06 ----A---- C:\WINDOWS\system32\clipbrd.exe

2012-12-29 12:36:05 ----A---- C:\WINDOWS\system32\sessmgr.exe

2012-12-29 12:36:05 ----A---- C:\WINDOWS\system32\remotepg.dll

2012-12-29 12:36:05 ----A---- C:\WINDOWS\system32\rdshost.exe

2012-12-29 12:36:05 ----A---- C:\WINDOWS\system32\rdsaddin.exe

2012-12-29 12:36:05 ----A---- C:\WINDOWS\system32\mstscax.dll

2012-12-29 12:36:05 ----A---- C:\WINDOWS\system32\mstsc.exe

2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\tscupgrd.exe

2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\termsrv.dll

2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\rdpwsx.dll

2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\rdpsnd.dll

2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\rdpclip.exe

2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\rdchost.dll

2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\qprocess.exe

2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\icaapi.dll

2012-12-29 12:36:04 ----A---- C:\WINDOWS\system32\cfgbkend.dll

2012-12-29 12:36:03 ----D---- C:\WINDOWS\system32\MsDtc

2012-12-29 12:36:03 ----A---- C:\WINDOWS\system32\mtxoci.dll

2012-12-29 12:36:03 ----A---- C:\WINDOWS\system32\msdtcuiu.dll

2012-12-29 12:36:03 ----A---- C:\WINDOWS\system32\msdtctm.dll

2012-12-29 12:36:03 ----A---- C:\WINDOWS\system32\msdtcprx.dll

2012-12-29 12:36:02 ----A---- C:\WINDOWS\system32\xolehlp.dll

2012-12-29 12:36:02 ----A---- C:\WINDOWS\system32\msdtclog.dll

2012-12-29 12:36:02 ----A---- C:\WINDOWS\system32\msdtc.exe

2012-12-29 12:36:01 ----D---- C:\WINDOWS\system32\Com

2012-12-29 12:36:01 ----A---- C:\WINDOWS\system32\colbact.dll

2012-12-29 12:36:01 ----A---- C:\WINDOWS\system32\clbcatex.dll

2012-12-29 12:36:01 ----A---- C:\WINDOWS\system32\catsrvut.dll

2012-12-29 12:36:01 ----A---- C:\WINDOWS\system32\catsrvps.dll

2012-12-29 12:36:01 ----A---- C:\WINDOWS\system32\catsrv.dll

2012-12-29 12:36:00 ----A---- C:\WINDOWS\system32\comuid.dll

2012-12-29 12:36:00 ----A---- C:\WINDOWS\system32\comsvcs.dll

2012-12-29 12:35:59 ----A---- C:\WINDOWS\system32\clbcatq.dll

2012-12-29 12:35:55 ----A---- C:\WINDOWS\system32\servdeps.dll

2012-12-29 12:35:54 ----A---- C:\WINDOWS\system32\mmfutil.dll

2012-12-29 12:35:54 ----A---- C:\WINDOWS\system32\licwmi.dll

2012-12-29 12:35:54 ----A---- C:\WINDOWS\system32\cmprops.dll

2012-12-29 12:35:51 ----A---- C:\WINDOWS\system32\drivers\termdd.sys

2012-12-29 12:35:51 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys

======List of files/folders modified in the last 1 month======

2012-12-29 13:27:41 ----A---- C:\WINDOWS\system.ini

2012-12-29 12:39:20 ----A---- C:\WINDOWS\win.ini

2012-12-29 12:39:07 ----ASH---- C:\WINDOWS\fonts\desktop.ini

2012-12-16 06:23:59 ----A---- C:\WINDOWS\system32\atmfd.dll

2012-12-03 09:40:50 ----A---- C:\WINDOWS\system32\nv4_disp.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2012-08-30 193552]

R1 AppleCharger;AppleCharger; C:\WINDOWS\system32\DRIVERS\AppleCharger.sys [2011-11-02 19056]

R1 avgtp;avgtp; \??\C:\WINDOWS\system32\drivers\avgtpx86.sys []

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]

R1 MpKslbb24b5ac;MpKslbb24b5ac; \??\c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{03167648-FD3C-4EDC-A195-A457655F447E}\MpKslbb24b5ac.sys []

R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []

R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS []

R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver; C:\WINDOWS\System32\Drivers\EtronHub3.sys [2011-08-17 45056]

R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver; C:\WINDOWS\System32\Drivers\EtronXHCI.sys [2011-08-17 64896]

R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2011-11-22 6452328]

R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys []

R3 MEI;Intel® Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2010-09-21 41088]

R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-12-03 11053992]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2012-07-03 124264]

R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2011-08-24 323816]

S3 Ambfilt;Ambfilt; C:\WINDOWS\system32\drivers\Ambfilt.sys [2009-11-17 1691480]

S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []

S3 GENERICDRV;GENERICDRV; \??\C:\Program Files\GIGABYTE\ET6\amifldrv32.sys []

S3 GVTDrv;GVTDrv; \??\C:\WINDOWS\system32\Drivers\GVTDrv.sys []

S3 mbamchameleon;mbamchameleon; \??\C:\WINDOWS\system32\drivers\mbamchameleon.sys []

S3 mbr;mbr; \??\C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\mbr.sys []

S3 Monfilt;Monfilt; C:\WINDOWS\system32\drivers\Monfilt.sys [2009-11-17 1395800]

S3 ndiscm;Motorola SURFboard USB Cable Modem Windows Driver; C:\WINDOWS\system32\DRIVERS\NetMotCM.sys []

S3 usbstor;usbstor; C:\WINDOWS\system32\drivers\usbstor.sys [2008-04-13 26368]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2012-07-11 116608]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-10-05 325656]

R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2012-09-12 20472]

R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\system32\nvsvc32.exe [2012-11-30 164712]

R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-12-03 1259880]

R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-10-05 2655768]

R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [2012-12-31 711112]

S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-31 116648]

S2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-31 250808]

S3 AppleChargerSrv;AppleChargerSrv; C:\WINDOWS\system32\AppleChargerSrv.exe [2010-04-06 31272]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-31 116648]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-11-29 115168]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Link to post
Share on other sites

Step 4 log

Results of screen317's Security Check version 0.99.56

Windows XP Service Pack 3 x86

Internet Explorer 8

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

AVG Security Toolbar

Microsoft Security Essentials

`````````Anti-malware/Other Utilities Check:`````````

SUPERAntiSpyware

Malwarebytes Anti-Malware version 1.70.0.1100

Adobe Flash Player 11.5.502.135

Mozilla Firefox (17.0.1)

Google Chrome 22.0.1229.95

Google Chrome 23.0.1271.97

````````Process Check: objlist.exe by Laurent````````

Microsoft Security Essentials MSMpEng.exe

Microsoft Security Essentials msseces.exe

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C:: 26% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log``````````````````````

Link to post
Share on other sites

Step 5

Ran bit deffender and it did not find anything, however i did not see a button that would give me any log.

Step 6 Report

RogueKiller V8.4.2 [Dec 31 2012] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User : Michael Senff [Admin rights]

Mode : Scan -- Date : 01/01/2013 12:22:22

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤

[RUN][sUSP PATH] HKLM\[...]\RunOnce : Z1 (C:\Documents and Settings\Michael Senff\Desktop\mbar\mbar.exe /cleanup /s) -> FOUND

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS @ 0xB4528640)

¤¤¤ HOSTS File: ¤¤¤

--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD740GD-00FLC0 +++++

--- User ---

[MBR] 7a1a556ce49d71bcb5d738cd79245330

[bSP] 10c4b9629b14d9b3e29e74b07b251d9d : Windows XP MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 70896 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[1]_S_01012013_02d1222.txt >>

RKreport[1]_S_01012013_02d1222.txt

Link to post
Share on other sites

Did you get and run Malwarebytes Anti-rootkit on your own? Please delete MBAR.exe on your desktop.

And if you did not buy S*perantispyware, kindly remove it from auto-starting with Windows.

While I am helping you, for the duration & until I give the all clear, do NOT get or run any tools or fixes, nor make changes without first checking with me.

Just please follow my guidance.

  • Disable your anti-virus program, How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • Right-Click RogueKiller and select Run as Administrator.
  • Wait until Prescan finishes.
  • On the RogueKiller console, click the Registry tab.
    Put a check next to all of these and uncheck the rest: (if found)
    [RUN][sUSP PATH] HKLM\[...]\RunOnce : Z1 (C:\Documents and Settings\Michael Senff\Desktop\mbar\mbar.exe /cleanup /s) -> FOUND
  • Then click on Delete on the right hand column under Options.
  • When done, logoff & Restart the system.
  • The log will be found as RKreport
    Copy & Paste the contents into next reply.

Step 2

Please read carefully and follow these steps.

  • Download TDSSKiller and save it to your Desktop.
  • Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
    If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
  • If an infected file is detected, the default action will be Cure, click on Continue.
    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
    Skip and click on Continue
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Step 3

Download and Save McAfee Stinger to your Desktop

http://www.mcafee.com/us/downloads/free-tools/stinger.aspx

Close all browsers before starting. Disable your antivirus program and anti-malware,if any.

How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

On Windows 7 & Vista systems, Right Click stinger-icon.gif and select Run as Administrator.

On XP, double-click to start it.

The GUI interface will look like this

stinger2.png

The C drive is the default for scanning.

Press the Preferences button. In the top right-block "On virus detection", click Rename

In the bottom block "Heuristic network check for suspicious files" select High

Click the Scan Now button.

When done, use the File menu and select Save report to file

Stinger.txt is the log report and will be saved to your Desktop. I will need a copy of that log.

Stinger is a standalone utility used to detect and remove specific malware. It is not a full scan for all types of malware or viruses.

It is not intended as virus protection.

Step 4

Download Dr.Web CureIt to the desktop.

  • Turn OFF your antivirus program.
    How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
  • Doubleclick the drweb-cureit.exe file, then on Start and allow to run the express scan
  • This will scan the files currently running in memory and when something is found, click the yes button when it asks you if you want to cure it. This is only a short scan.
  • Once the short scan has finished, chose the Complete Scan.
  • Select all drives. A red dot shows which drives have been chosen.
  • Click the green arrow drweb.jpg at the right, and the scan will start.
  • Click 'Yes to all' if it asks if you want to cure/move the file.
  • When the scan has finished, look and see if you can click the following icon next to the files found:
    check.gif
  • If so, click it and then click the next icon right below and select Move incurable as you'll see in next image:
    move.gif
  • This will move it to the %userprofile%\DoctorWeb\quarantaine-folder if it can't be cured. (this in case if we need samples)
  • After selecting, in the Dr.Web CureIt menu on top, click file and choose save report list
  • Save the report to your desktop. The report will be called DrWeb.csv
  • Close Dr.Web Cureit.
  • Reboot your computer to allow files that were in use to be moved/deleted during reboot.
  • After reboot, post the contents of the log from Dr.Web you saved previously in your next reply.

NOTE: During the scan, a pop-up window will open asking for full version purchase. Simply close the window by clicking on X in upper right corner.

Re-Enable your antivirus program when all done.

Link to post
Share on other sites

I ran those programs before I found this website and realized I may have a larger problem on my hands.

Rouge Killer log 2

RogueKiller V8.4.2 [Dec 31 2012] by Tigzy

mail : tigzyRK<at>gmail<dot>com

Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Website : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version

Started in : Normal mode

User : Michael Senff [Admin rights]

Mode : Remove -- Date : 01/01/2013 19:31:56

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤

[RUN][sUSP PATH] HKLM\[...]\RunOnce : Z1 (C:\Documents and Settings\Michael Senff\Desktop\mbar\mbar.exe /cleanup /s) -> DELETED

[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> NOT SELECTED

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

SSDT[257] : NtTerminateProcess @ 0x805D22D8 -> HOOKED (\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS @ 0xB4528640)

¤¤¤ HOSTS File: ¤¤¤

--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD740GD-00FLC0 +++++

--- User ---

[MBR] 7a1a556ce49d71bcb5d738cd79245330

[bSP] 10c4b9629b14d9b3e29e74b07b251d9d : Windows XP MBR Code

Partition table:

0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 70896 Mo

User = LL1 ... OK!

User = LL2 ... OK!

Finished : << RKreport[2]_D_01012013_02d1931.txt >>

RKreport[1]_S_01012013_02d1222.txt ; RKreport[2]_D_01012013_02d1931.txt

Link to post
Share on other sites

Step 2 log

19:39:23.0015 2628 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35

19:39:23.0546 2628 ============================================================

19:39:23.0546 2628 Current date / time: 2013/01/01 19:39:23.0546

19:39:23.0546 2628 SystemInfo:

19:39:23.0546 2628

19:39:23.0546 2628 OS Version: 5.1.2600 ServicePack: 3.0

19:39:23.0546 2628 Product type: Workstation

19:39:23.0546 2628 ComputerName: DEEZGOOD-D8793A

19:39:23.0546 2628 UserName: Michael Senff

19:39:23.0546 2628 Windows directory: C:\WINDOWS

19:39:23.0546 2628 System windows directory: C:\WINDOWS

19:39:23.0546 2628 Processor architecture: Intel x86

19:39:23.0546 2628 Number of processors: 4

19:39:23.0546 2628 Page size: 0x1000

19:39:23.0546 2628 Boot type: Normal boot

19:39:23.0546 2628 ============================================================

19:39:24.0296 2628 Drive \Device\Harddisk0\DR0 - Size: 0x114FE27E00 (69.25 Gb), SectorSize: 0x200, Cylinders: 0x234F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

19:39:24.0296 2628 ============================================================

19:39:24.0296 2628 \Device\Harddisk0\DR0:

19:39:24.0296 2628 MBR partitions:

19:39:24.0296 2628 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x8A7818F

19:39:24.0296 2628 ============================================================

19:39:24.0328 2628 C: <-> \Device\Harddisk0\DR0\Partition1

19:39:24.0328 2628 ============================================================

19:39:24.0328 2628 Initialize success

19:39:24.0328 2628 ============================================================

19:39:33.0656 3288 ============================================================

19:39:33.0656 3288 Scan started

19:39:33.0656 3288 Mode: Manual;

19:39:33.0656 3288 ============================================================

19:39:33.0890 3288 ================ Scan system memory ========================

19:39:33.0890 3288 System memory - ok

19:39:33.0890 3288 ================ Scan services =============================

19:39:33.0937 3288 Abiosdsk - ok

19:39:33.0937 3288 abp480n5 - ok

19:39:33.0968 3288 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

19:39:33.0968 3288 ACPI - ok

19:39:33.0984 3288 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

19:39:33.0984 3288 ACPIEC - ok

19:39:34.0015 3288 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

19:39:34.0015 3288 AdobeFlashPlayerUpdateSvc - ok

19:39:34.0015 3288 adpu160m - ok

19:39:34.0031 3288 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

19:39:34.0031 3288 aec - ok

19:39:34.0062 3288 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

19:39:34.0062 3288 AFD - ok

19:39:34.0062 3288 Aha154x - ok

19:39:34.0062 3288 aic78u2 - ok

19:39:34.0062 3288 aic78xx - ok

19:39:34.0078 3288 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

19:39:34.0078 3288 Alerter - ok

19:39:34.0093 3288 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe

19:39:34.0093 3288 ALG - ok

19:39:34.0093 3288 AliIde - ok

19:39:34.0140 3288 [ 267FC636801EDC5AB28E14036349E3BE ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys

19:39:34.0187 3288 Ambfilt - ok

19:39:34.0187 3288 amsint - ok

19:39:34.0203 3288 [ F5F0F78286A849BC0E45E0E99065B04F ] AppleCharger C:\WINDOWS\system32\DRIVERS\AppleCharger.sys

19:39:34.0203 3288 AppleCharger - ok

19:39:34.0203 3288 [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\WINDOWS\system32\AppleChargerSrv.exe

19:39:34.0203 3288 AppleChargerSrv - ok

19:39:34.0203 3288 AppMgmt - ok

19:39:34.0203 3288 asc - ok

19:39:34.0203 3288 asc3350p - ok

19:39:34.0203 3288 asc3550 - ok

19:39:34.0250 3288 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

19:39:34.0250 3288 aspnet_state - ok

19:39:34.0265 3288 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

19:39:34.0265 3288 AsyncMac - ok

19:39:34.0265 3288 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

19:39:34.0265 3288 atapi - ok

19:39:34.0265 3288 Atdisk - ok

19:39:34.0281 3288 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

19:39:34.0281 3288 Atmarpc - ok

19:39:34.0296 3288 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

19:39:34.0296 3288 AudioSrv - ok

19:39:34.0312 3288 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

19:39:34.0312 3288 audstub - ok

19:39:34.0328 3288 [ 57D83B82117C2DDB9D7E9AEA691CEDFC ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys

19:39:34.0343 3288 avgtp - ok

19:39:34.0359 3288 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

19:39:34.0359 3288 Beep - ok

19:39:34.0375 3288 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll

19:39:34.0390 3288 BITS - ok

19:39:34.0406 3288 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll

19:39:34.0406 3288 Browser - ok

19:39:34.0421 3288 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

19:39:34.0421 3288 cbidf2k - ok

19:39:34.0421 3288 cd20xrnt - ok

19:39:34.0437 3288 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

19:39:34.0437 3288 Cdaudio - ok

19:39:34.0453 3288 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

19:39:34.0453 3288 Cdfs - ok

19:39:34.0453 3288 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

19:39:34.0453 3288 Cdrom - ok

19:39:34.0453 3288 Changer - ok

19:39:34.0468 3288 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe

19:39:34.0468 3288 CiSvc - ok

19:39:34.0484 3288 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

19:39:34.0484 3288 ClipSrv - ok

19:39:34.0484 3288 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:39:34.0484 3288 clr_optimization_v2.0.50727_32 - ok

19:39:34.0484 3288 CmdIde - ok

19:39:34.0484 3288 COMSysApp - ok

19:39:34.0500 3288 Cpqarray - ok

19:39:34.0500 3288 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

19:39:34.0500 3288 CryptSvc - ok

19:39:34.0500 3288 dac2w2k - ok

19:39:34.0500 3288 dac960nt - ok

19:39:34.0531 3288 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

19:39:34.0531 3288 DcomLaunch - ok

19:39:34.0546 3288 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

19:39:34.0546 3288 Dhcp - ok

19:39:34.0546 3288 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

19:39:34.0546 3288 Disk - ok

19:39:34.0546 3288 dmadmin - ok

19:39:34.0578 3288 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

19:39:34.0609 3288 dmboot - ok

19:39:34.0609 3288 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys

19:39:34.0609 3288 dmio - ok

19:39:34.0625 3288 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

19:39:34.0625 3288 dmload - ok

19:39:34.0640 3288 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll

19:39:34.0640 3288 dmserver - ok

19:39:34.0640 3288 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

19:39:34.0640 3288 DMusic - ok

19:39:34.0671 3288 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

19:39:34.0671 3288 Dnscache - ok

19:39:34.0687 3288 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

19:39:34.0687 3288 Dot3svc - ok

19:39:34.0687 3288 dpti2o - ok

19:39:34.0703 3288 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

19:39:34.0703 3288 drmkaud - ok

19:39:34.0718 3288 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll

19:39:34.0718 3288 EapHost - ok

19:39:34.0734 3288 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll

19:39:34.0734 3288 ERSvc - ok

19:39:34.0750 3288 [ 0A780BCC1ACA1DF2BBDECE33E981D4F8 ] EtronHub3 C:\WINDOWS\system32\Drivers\EtronHub3.sys

19:39:34.0750 3288 EtronHub3 - ok

19:39:34.0765 3288 [ 5D8923FA7470B3FDD06D0E57D1242343 ] EtronXHCI C:\WINDOWS\system32\Drivers\EtronXHCI.sys

19:39:34.0765 3288 EtronXHCI - ok

19:39:34.0781 3288 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe

19:39:34.0781 3288 Eventlog - ok

19:39:34.0796 3288 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll

19:39:34.0796 3288 EventSystem - ok

19:39:34.0812 3288 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

19:39:34.0812 3288 Fastfat - ok

19:39:34.0843 3288 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

19:39:34.0843 3288 FastUserSwitchingCompatibility - ok

19:39:34.0843 3288 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys

19:39:34.0843 3288 Fdc - ok

19:39:34.0843 3288 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys

19:39:34.0843 3288 Fips - ok

19:39:34.0859 3288 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys

19:39:34.0859 3288 Flpydisk - ok

19:39:34.0875 3288 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

19:39:34.0875 3288 FltMgr - ok

19:39:34.0906 3288 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

19:39:34.0906 3288 FontCache3.0.0.0 - ok

19:39:34.0906 3288 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

19:39:34.0906 3288 Fs_Rec - ok

19:39:34.0906 3288 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

19:39:34.0906 3288 Ftdisk - ok

19:39:34.0937 3288 [ D556CB79967E92B5CC69686D16C1D846 ] gdrv C:\WINDOWS\gdrv.sys

19:39:34.0937 3288 gdrv - ok

19:39:34.0984 3288 [ 51876DECB54BBF027EF052229CE43339 ] GENERICDRV C:\Program Files\GIGABYTE\ET6\amifldrv32.sys

19:39:34.0984 3288 GENERICDRV - ok

19:39:35.0000 3288 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

19:39:35.0000 3288 Gpc - ok

19:39:35.0031 3288 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

19:39:35.0031 3288 gupdate - ok

19:39:35.0031 3288 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

19:39:35.0031 3288 gupdatem - ok

19:39:35.0046 3288 [ 689A8EEF2A2D62B28A0A578A6196531C ] GVTDrv C:\WINDOWS\system32\Drivers\GVTDrv.sys

19:39:35.0046 3288 GVTDrv - ok

19:39:35.0062 3288 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

19:39:35.0062 3288 HDAudBus - ok

19:39:35.0093 3288 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

19:39:35.0093 3288 helpsvc - ok

19:39:35.0093 3288 HidServ - ok

19:39:35.0109 3288 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys

19:39:35.0109 3288 hidusb - ok

19:39:35.0125 3288 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

19:39:35.0125 3288 hkmsvc - ok

19:39:35.0125 3288 hpn - ok

19:39:35.0156 3288 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

19:39:35.0156 3288 HTTP - ok

19:39:35.0171 3288 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

19:39:35.0171 3288 HTTPFilter - ok

19:39:35.0171 3288 i2omgmt - ok

19:39:35.0171 3288 i2omp - ok

19:39:35.0187 3288 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

19:39:35.0187 3288 i8042prt - ok

19:39:35.0218 3288 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

19:39:35.0218 3288 IDriverT - ok

19:39:35.0265 3288 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

19:39:35.0296 3288 idsvc - ok

19:39:35.0312 3288 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

19:39:35.0312 3288 Imapi - ok

19:39:35.0312 3288 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe

19:39:35.0312 3288 ImapiService - ok

19:39:35.0312 3288 ini910u - ok

19:39:35.0453 3288 [ 5A4308F76EAE30A7C3337B7B9E9B63E9 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

19:39:35.0468 3288 IntcAzAudAddService - ok

19:39:35.0484 3288 IntelIde - ok

19:39:35.0484 3288 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys

19:39:35.0484 3288 intelppm - ok

19:39:35.0500 3288 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys

19:39:35.0500 3288 Ip6Fw - ok

19:39:35.0515 3288 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

19:39:35.0515 3288 IpFilterDriver - ok

19:39:35.0531 3288 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

19:39:35.0531 3288 IpInIp - ok

19:39:35.0531 3288 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

19:39:35.0531 3288 IpNat - ok

19:39:35.0546 3288 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

19:39:35.0546 3288 IPSec - ok

19:39:35.0546 3288 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

19:39:35.0546 3288 IRENUM - ok

19:39:35.0562 3288 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

19:39:35.0562 3288 isapnp - ok

19:39:35.0562 3288 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

19:39:35.0562 3288 Kbdclass - ok

19:39:35.0578 3288 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

19:39:35.0578 3288 kmixer - ok

19:39:35.0593 3288 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

19:39:35.0593 3288 KSecDD - ok

19:39:35.0609 3288 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll

19:39:35.0609 3288 lanmanserver - ok

19:39:35.0609 3288 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

19:39:35.0625 3288 lanmanworkstation - ok

19:39:35.0625 3288 lbrtfdc - ok

19:39:35.0625 3288 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

19:39:35.0625 3288 LmHosts - ok

19:39:35.0656 3288 [ 0803906D607A9B83184447B75B60ECC2 ] LMS C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

19:39:35.0656 3288 LMS - ok

19:39:35.0671 3288 [ 4A5FFDF0FE830C448830BD4B02B02B4B ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys

19:39:35.0671 3288 mbamchameleon - ok

19:39:35.0687 3288 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys

19:39:35.0687 3288 MBAMProtector - ok

19:39:35.0703 3288 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

19:39:35.0703 3288 MBAMScheduler - ok

19:39:35.0734 3288 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

19:39:35.0734 3288 MBAMService - ok

19:39:35.0750 3288 [ CFCB18986426A2D8E66F1992636221D0 ] MEI C:\WINDOWS\system32\DRIVERS\HECI.sys

19:39:35.0750 3288 MEI - ok

19:39:35.0765 3288 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll

19:39:35.0765 3288 Messenger - ok

19:39:35.0781 3288 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

19:39:35.0781 3288 mnmdd - ok

19:39:35.0796 3288 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

19:39:35.0796 3288 mnmsrvc - ok

19:39:35.0812 3288 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys

19:39:35.0812 3288 Modem - ok

19:39:35.0843 3288 [ C7D9F9717916B34C1B00DD4834AF485C ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys

19:39:35.0875 3288 Monfilt - ok

19:39:35.0890 3288 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

19:39:35.0890 3288 Mouclass - ok

19:39:35.0906 3288 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

19:39:35.0906 3288 mouhid - ok

19:39:35.0921 3288 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

19:39:35.0921 3288 MountMgr - ok

19:39:35.0953 3288 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

19:39:35.0953 3288 MozillaMaintenance - ok

19:39:35.0968 3288 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys

19:39:35.0968 3288 MpFilter - ok

19:39:35.0968 3288 mraid35x - ok

19:39:35.0984 3288 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

19:39:35.0984 3288 MRxDAV - ok

19:39:36.0015 3288 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

19:39:36.0015 3288 MRxSmb - ok

19:39:36.0031 3288 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe

19:39:36.0031 3288 MSDTC - ok

19:39:36.0031 3288 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

19:39:36.0031 3288 Msfs - ok

19:39:36.0031 3288 MSIServer - ok

19:39:36.0046 3288 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

19:39:36.0046 3288 MSKSSRV - ok

19:39:36.0078 3288 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe

19:39:36.0078 3288 MsMpSvc - ok

19:39:36.0078 3288 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

19:39:36.0078 3288 MSPCLOCK - ok

19:39:36.0093 3288 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

19:39:36.0093 3288 MSPQM - ok

19:39:36.0093 3288 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

19:39:36.0093 3288 mssmbios - ok

19:39:36.0109 3288 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

19:39:36.0109 3288 Mup - ok

19:39:36.0140 3288 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll

19:39:36.0140 3288 napagent - ok

19:39:36.0156 3288 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

19:39:36.0156 3288 NDIS - ok

19:39:36.0156 3288 ndiscm - ok

19:39:36.0187 3288 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

19:39:36.0187 3288 NdisTapi - ok

19:39:36.0187 3288 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

19:39:36.0187 3288 Ndisuio - ok

19:39:36.0203 3288 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

19:39:36.0203 3288 NdisWan - ok

19:39:36.0203 3288 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

19:39:36.0203 3288 NDProxy - ok

19:39:36.0203 3288 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

19:39:36.0203 3288 NetBIOS - ok

19:39:36.0218 3288 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

19:39:36.0234 3288 NetBT - ok

19:39:36.0250 3288 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe

19:39:36.0250 3288 NetDDE - ok

19:39:36.0250 3288 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

19:39:36.0250 3288 NetDDEdsdm - ok

19:39:36.0265 3288 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe

19:39:36.0265 3288 Netlogon - ok

19:39:36.0281 3288 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll

19:39:36.0281 3288 Netman - ok

19:39:36.0312 3288 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

19:39:36.0312 3288 NetTcpPortSharing - ok

19:39:36.0328 3288 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll

19:39:36.0328 3288 Nla - ok

19:39:36.0328 3288 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

19:39:36.0343 3288 Npfs - ok

19:39:36.0359 3288 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

19:39:36.0359 3288 Ntfs - ok

19:39:36.0359 3288 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

19:39:36.0359 3288 NtLmSsp - ok

19:39:36.0390 3288 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

19:39:36.0390 3288 NtmsSvc - ok

19:39:36.0406 3288 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys

19:39:36.0406 3288 Null - ok

19:39:36.0890 3288 [ A0A12B3824889E07CB5D19C30F058E68 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

19:39:36.0937 3288 nv - ok

19:39:36.0953 3288 [ A211AB524324E84C2C805B52DFCDD544 ] NVHDA C:\WINDOWS\system32\drivers\nvhda32.sys

19:39:36.0953 3288 NVHDA - ok

19:39:36.0968 3288 [ 36E24031C29E6BB6F905CCB41FC987C0 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe

19:39:36.0968 3288 NVSvc - ok

19:39:37.0031 3288 [ EF14502139880F7C3DDCF0D7CA12F370 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

19:39:37.0062 3288 nvUpdatusService - ok

19:39:37.0078 3288 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

19:39:37.0078 3288 NwlnkFlt - ok

19:39:37.0078 3288 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

19:39:37.0078 3288 NwlnkFwd - ok

19:39:37.0093 3288 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys

19:39:37.0093 3288 Parport - ok

19:39:37.0093 3288 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

19:39:37.0093 3288 PartMgr - ok

19:39:37.0125 3288 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

19:39:37.0125 3288 ParVdm - ok

19:39:37.0125 3288 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

19:39:37.0125 3288 PCI - ok

19:39:37.0125 3288 PCIDump - ok

19:39:37.0125 3288 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

19:39:37.0125 3288 PCIIde - ok

19:39:37.0140 3288 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys

19:39:37.0140 3288 Pcmcia - ok

19:39:37.0140 3288 PDCOMP - ok

19:39:37.0140 3288 PDFRAME - ok

19:39:37.0156 3288 PDRELI - ok

19:39:37.0156 3288 PDRFRAME - ok

19:39:37.0156 3288 perc2 - ok

19:39:37.0156 3288 perc2hib - ok

19:39:37.0171 3288 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe

19:39:37.0171 3288 PlugPlay - ok

19:39:37.0171 3288 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

19:39:37.0171 3288 PolicyAgent - ok

19:39:37.0187 3288 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

19:39:37.0187 3288 PptpMiniport - ok

19:39:37.0187 3288 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

19:39:37.0187 3288 ProtectedStorage - ok

19:39:37.0187 3288 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

19:39:37.0187 3288 PSched - ok

19:39:37.0203 3288 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

19:39:37.0203 3288 Ptilink - ok

19:39:37.0203 3288 ql1080 - ok

19:39:37.0203 3288 Ql10wnt - ok

19:39:37.0203 3288 ql12160 - ok

19:39:37.0203 3288 ql1240 - ok

19:39:37.0203 3288 ql1280 - ok

19:39:37.0218 3288 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

19:39:37.0218 3288 RasAcd - ok

19:39:37.0234 3288 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll

19:39:37.0234 3288 RasAuto - ok

19:39:37.0250 3288 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

19:39:37.0250 3288 Rasl2tp - ok

19:39:37.0265 3288 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll

19:39:37.0265 3288 RasMan - ok

19:39:37.0265 3288 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

19:39:37.0265 3288 RasPppoe - ok

19:39:37.0265 3288 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

19:39:37.0265 3288 Raspti - ok

19:39:37.0281 3288 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

19:39:37.0281 3288 Rdbss - ok

19:39:37.0296 3288 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

19:39:37.0296 3288 RDPCDD - ok

19:39:37.0312 3288 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

19:39:37.0312 3288 RDPWD - ok

19:39:37.0328 3288 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

19:39:37.0343 3288 RDSessMgr - ok

19:39:37.0343 3288 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

19:39:37.0343 3288 redbook - ok

19:39:37.0359 3288 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

19:39:37.0359 3288 RemoteAccess - ok

19:39:37.0359 3288 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe

19:39:37.0359 3288 RpcLocator - ok

19:39:37.0390 3288 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll

19:39:37.0390 3288 RpcSs - ok

19:39:37.0406 3288 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe

19:39:37.0406 3288 RSVP - ok

19:39:37.0421 3288 [ D3578C3806ED545E5C36B2A20F5C0B5A ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

19:39:37.0421 3288 RTLE8023xp - ok

19:39:37.0421 3288 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe

19:39:37.0421 3288 SamSs - ok

19:39:37.0421 3288 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

19:39:37.0421 3288 SCardSvr - ok

19:39:37.0453 3288 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll

19:39:37.0453 3288 Schedule - ok

19:39:37.0468 3288 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

19:39:37.0468 3288 Secdrv - ok

19:39:37.0468 3288 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll

19:39:37.0484 3288 seclogon - ok

19:39:37.0484 3288 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll

19:39:37.0484 3288 SENS - ok

19:39:37.0484 3288 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys

19:39:37.0484 3288 Serial - ok

19:39:37.0515 3288 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

19:39:37.0515 3288 Sfloppy - ok

19:39:37.0531 3288 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

19:39:37.0531 3288 SharedAccess - ok

19:39:37.0546 3288 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

19:39:37.0546 3288 ShellHWDetection - ok

19:39:37.0546 3288 Simbad - ok

19:39:37.0546 3288 Sparrow - ok

19:39:37.0562 3288 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys

19:39:37.0562 3288 splitter - ok

19:39:37.0578 3288 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe

19:39:37.0578 3288 Spooler - ok

19:39:37.0593 3288 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

19:39:37.0593 3288 sr - ok

19:39:37.0609 3288 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll

19:39:37.0609 3288 srservice - ok

19:39:37.0640 3288 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

19:39:37.0640 3288 Srv - ok

19:39:37.0656 3288 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

19:39:37.0656 3288 SSDPSRV - ok

19:39:37.0671 3288 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll

19:39:37.0687 3288 stisvc - ok

19:39:37.0703 3288 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

19:39:37.0703 3288 swenum - ok

19:39:37.0703 3288 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

19:39:37.0703 3288 swmidi - ok

19:39:37.0703 3288 SwPrv - ok

19:39:37.0703 3288 symc810 - ok

19:39:37.0718 3288 symc8xx - ok

19:39:37.0718 3288 sym_hi - ok

19:39:37.0718 3288 sym_u3 - ok

19:39:37.0718 3288 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

19:39:37.0718 3288 sysaudio - ok

19:39:37.0734 3288 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

19:39:37.0750 3288 SysmonLog - ok

19:39:37.0750 3288 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

19:39:37.0750 3288 TapiSrv - ok

19:39:37.0781 3288 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

19:39:37.0781 3288 Tcpip - ok

19:39:37.0796 3288 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

19:39:37.0796 3288 TDPIPE - ok

19:39:37.0796 3288 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

19:39:37.0796 3288 TDTCP - ok

19:39:37.0812 3288 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

19:39:37.0812 3288 TermDD - ok

19:39:37.0828 3288 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll

19:39:37.0828 3288 TermService - ok

19:39:37.0828 3288 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll

19:39:37.0828 3288 Themes - ok

19:39:37.0828 3288 TosIde - ok

19:39:37.0843 3288 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll

19:39:37.0843 3288 TrkWks - ok

19:39:37.0843 3288 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

19:39:37.0859 3288 Udfs - ok

19:39:37.0859 3288 ultra - ok

19:39:37.0937 3288 [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

19:39:38.0000 3288 UNS - ok

19:39:38.0015 3288 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

19:39:38.0031 3288 Update - ok

19:39:38.0046 3288 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll

19:39:38.0046 3288 upnphost - ok

19:39:38.0062 3288 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe

19:39:38.0062 3288 UPS - ok

19:39:38.0078 3288 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

19:39:38.0078 3288 usbehci - ok

19:39:38.0078 3288 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

19:39:38.0078 3288 usbhub - ok

19:39:38.0078 3288 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\drivers\usbstor.sys

19:39:38.0078 3288 usbstor - ok

19:39:38.0093 3288 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

19:39:38.0093 3288 VgaSave - ok

19:39:38.0093 3288 ViaIde - ok

19:39:38.0093 3288 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

19:39:38.0093 3288 VolSnap - ok

19:39:38.0109 3288 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe

19:39:38.0125 3288 VSS - ok

19:39:38.0156 3288 [ 7D110D645030C05A06C3CD08D1E47D0A ] vToolbarUpdater13.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe

19:39:38.0171 3288 vToolbarUpdater13.2.0 - ok

19:39:38.0187 3288 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll

19:39:38.0187 3288 W32Time - ok

19:39:38.0203 3288 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

19:39:38.0203 3288 Wanarp - ok

19:39:38.0203 3288 WDICA - ok

19:39:38.0203 3288 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

19:39:38.0203 3288 wdmaud - ok

19:39:38.0218 3288 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll

19:39:38.0218 3288 WebClient - ok

19:39:38.0250 3288 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

19:39:38.0265 3288 winmgmt - ok

19:39:38.0281 3288 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll

19:39:38.0281 3288 WmdmPmSN - ok

19:39:38.0296 3288 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

19:39:38.0296 3288 WmiApSrv - ok

19:39:38.0312 3288 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll

19:39:38.0312 3288 wscsvc - ok

19:39:38.0328 3288 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll

19:39:38.0328 3288 wuauserv - ok

19:39:38.0343 3288 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

19:39:38.0359 3288 WZCSVC - ok

19:39:38.0359 3288 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll

19:39:38.0375 3288 xmlprov - ok

19:39:38.0375 3288 ================ Scan global ===============================

19:39:38.0390 3288 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

19:39:38.0421 3288 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

19:39:38.0421 3288 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

19:39:38.0437 3288 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

19:39:38.0437 3288 [Global] - ok

19:39:38.0437 3288 ================ Scan MBR ==================================

19:39:38.0437 3288 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0

19:39:38.0546 3288 \Device\Harddisk0\DR0 - ok

19:39:38.0546 3288 ================ Scan VBR ==================================

19:39:38.0546 3288 [ 696F7D88C63A76A446D140FEC7690767 ] \Device\Harddisk0\DR0\Partition1

19:39:38.0562 3288 \Device\Harddisk0\DR0\Partition1 - ok

19:39:38.0562 3288 ============================================================

19:39:38.0562 3288 Scan finished

19:39:38.0562 3288 ============================================================

19:39:38.0562 3268 Detected object count: 0

19:39:38.0562 3268 Actual detected object count: 0

Link to post
Share on other sites

Step 3 log

McAfee® Labs Stinger Version 10.2.0.936 built on Jan 1 2013

Copyright © 2012 McAfee, Inc. All Rights Reserved.

Virus data file v1000.0000 created on Jan 1 2013.

Ready to scan for 6091 viruses, trojans and variants.

Scan initiated on Tue Jan 01 19:44:59 2013

Rootkit scan result : Clean

Master Boot Record(s):....1

Possibly Infected:.............0

Boot Sector(s):.................1

Possibly Infected: ............0

Number of clean files: 8520

Scan initiated on Tue Jan 01 19:51:29 2013

Rootkit scan result : Clean

Master Boot Record(s):....1

Possibly Infected:.............0

Boot Sector(s):.................1

Possibly Infected: ............0

Number of clean files: 8586

Link to post
Share on other sites

=============================================================================

Dr.Web Scanner SE for Windows v7.0.100.12030

© Doctor Web, Ltd., 1992-2012

Scan session started 2013/01/01 20:07:43

Module location : c:\documents and settings\michael senff\local settings\temp\8CD95628-6839BAB8-8251CD28-34F710F0\

=============================================================================

OPTION [Automatic Apply Actions] NO

OPTION [Turn Off Computer After Scan] NO

OPTION [use Sound Alerts] NO

OPTION [block Network] NO

OPTION [Protect Process] NO

OPTION [Protect Raw Disk] NO

Using language: "English"

Available instances: 6

Instances used: 6

Platform: Windows XP Home x86 (Build 2600), Service Pack 3

API Version: 2.2

Scanning Engine version: 8.0.1.11280

Virus Finding Engine version: 7.0.4.9250

Total 89 virus bases are loaded from c:\documents and settings\michael senff\local settings\temp\8CD95628-6839BAB8-8251CD28-34F710F0

vd2yjdma 7.0 9015eded52680399ec1df18349ecbcd74f613b02 2013/01/01 18:10:28 908 records - OK

neisoa6b 7.0 f5d1425097a34628f8d752212dabf9732d209c98 2011/07/25 09:20:03 1 record - OK

pnsktmnf 7.0 4c38b4db39d5be63a02c898d2438b6c04405a48f 2013/01/01 13:02:18 3916 records - OK

t7pfoqgj 7.0 805b6089c867549c75f843eac96b759c3f8d101f 2012/12/30 21:05:41 18184 records - OK

ysjt6e70 7.0 c12a817c1f95bb9fd8238ef0d5f68868a8d95686 2012/12/23 21:05:33 30183 records - OK

dcjtn7qk 7.0 33def496782eb5b7b1cc93fdb036a1b62fa6a2fd 2012/12/16 21:06:21 25519 records - OK

nts2jtjx 7.0 422abae03c588822f412aa9aae50578a1d61737e 2012/12/09 21:05:04 20358 records - OK

n6nzvpdy 7.0 a4f0d0ecad4fb6e0afdb1925f4e0b7863b9d03fa 2012/12/02 21:06:19 20133 records - OK

rciabzrq 7.0 86daa918ee3de1e4c1e5dea6f9b5f63544cf8814 2012/11/25 21:05:22 27311 records - OK

kxx242nk 7.0 6556881c748e1f894eb9c7943ebae67017e1aec2 2012/11/18 21:06:09 29434 records - OK

0tc4jzi6 7.0 559141ef34f9e6226bb58560e9b52e4cc5165150 2012/11/11 21:06:22 26900 records - OK

cur0kazg 7.0 cc55013e63ff89319ec772e34d77056c7108cd3b 2012/11/04 21:05:22 25164 records - OK

05oqcdxs 7.0 f477dc247d9b562bb64fd4f46a7dcbdf7124eb60 2012/10/28 22:06:37 30226 records - OK

ndrb99tv 7.0 abaf5f7fda7308fcf7573b193bbf2116723e9802 2012/10/21 22:04:37 16441 records - OK

jet4em2a 7.0 5adc85528fb49e201d4bc61eca580d6839cc4a4c 2012/10/14 22:05:04 26289 records - OK

g022mtpl 7.0 da8cf3fbd81206bb3d8103347a439f920a74bbe2 2012/10/07 22:05:51 27278 records - OK

dedkzu0s 7.0 5988744d3cb357f1a013427d466e2d79ab5f8907 2012/09/30 22:05:11 17444 records - OK

n18t5qzi 7.0 d4a0dabf4a4df0f79805c6ccdc025f796765e786 2012/09/23 22:06:30 21205 records - OK

5i4lciua 7.0 82ed005784d9e258213070a0cd8bfceff345018d 2012/09/16 22:05:43 11686 records - OK

ba0jf7bz 7.0 a95ae63004b8d857c2db055f4e47c15bfc97f626 2012/09/09 22:04:34 12677 records - OK

7knz0vya 7.0 c39bf233d25242ae9ed8cf204b9b788c8f45ab79 2012/09/02 22:05:28 10118 records - OK

2c3cc7bp 7.0 d37b5484b009947b7cdd3837dafe8148615401c2 2012/08/26 22:05:26 12602 records - OK

laz4svn3 7.0 41bf1347794ab7060dec7aaecc1d1d95cf6fecb5 2012/08/19 22:04:05 18298 records - OK

00zstied 7.0 1a997511e5892aaeb69b3db70e06676af36382e3 2012/08/12 22:05:19 17126 records - OK

z7inloz3 7.0 f7226c59914e3683e538e668c3b664af3232654d 2012/08/05 22:03:53 20539 records - OK

13cbkgyc 7.0 4035c8d3b617bf935a317a8c57efaa8e835a61f4 2012/07/29 22:05:26 19330 records - OK

4blf9nhz 7.0 09b55bc000f184ed426f1d8b9665669346fe5e71 2012/07/22 22:05:34 19692 records - OK

gz065ne2 7.0 f746c097f298e94faa9db94e6f64ef9fd4a7b010 2012/07/15 22:05:43 14727 records - OK

ng6y0ln0 7.0 792a6a25a17e764390440cd4c2c6ca5a97ab162f 2012/07/08 22:04:33 19485 records - OK

jae4x1dz 7.0 ca9905c39e3d93428a4db65a192debe9fbd7acf7 2012/07/01 22:04:55 22898 records - OK

on8w4e4q 7.0 dc29c610b866c66ba5327e7830452b2460149a35 2012/06/24 22:05:17 20551 records - OK

m1cnqcni 7.0 c28739bea153508d12942ac9a61abd475d0a0404 2012/06/17 22:03:35 9661 records - OK

bsxqi1u9 7.0 e5b5835a7c512120c5348e31483a4caa2a845d28 2012/06/10 22:04:32 23632 records - OK

sg7ay0yu 7.0 61853ce89026ef0ebbd80174f1b7dd5d25bbc63a 2012/06/03 22:04:41 12423 records - OK

szyb64sl 7.0 4e6c9897e153b47ca97b7da48ceed23e555a7761 2012/05/27 22:04:26 15493 records - OK

a3of1pu2 7.0 35f4c105cecd8ec1fd01714abebf30f8f3efb96e 2012/05/20 22:03:29 13065 records - OK

i99csduf 7.0 3522aa84677411aa7d67796bb05ea3ab62f02a71 2012/05/13 22:04:24 16238 records - OK

r2u0dpqq 7.0 7597333540eda537bd42c0a17d4a6526ad247a2e 2012/05/06 22:04:33 11570 records - OK

dwwlku9v 7.0 867814380363bc6ad605acf4b96e02c54dbd60f7 2012/04/29 22:03:28 15478 records - OK

zn7nidtp 7.0 3c04f402d91a19039cb9c223c435dc4ea1bb3da4 2012/04/22 22:05:05 11881 records - OK

3f5cdptq 7.0 8d0220a2a50b367e61a51d3b29c2659cde41bb7f 2012/04/15 22:03:29 13578 records - OK

60uskbwf 7.0 b79dc6f5832ad390108d1880694ec538e8b34bb0 2012/04/08 22:05:02 14292 records - OK

2hrx1bk1 7.0 8ff7cc095c43c2154275b7a54a89bf365e8daf4a 2012/04/01 22:03:24 14084 records - OK

wusvly0y 7.0 9502a428b32be4ad08556134e271c9ba03195398 2012/03/25 22:04:43 19126 records - OK

uj5y1cme 7.0 28c2fabbc645aff41baac12b911a8499ea163536 2012/03/18 22:03:23 14920 records - OK

kbuk6hfc 7.0 86de597ff06e58206f94263f2eef33cb41b2530c 2012/03/11 22:03:25 19017 records - OK

zmpd1ovn 7.0 5bd1d666e7c9ca70c34e591dc6c55314ce4b11af 2012/03/04 21:04:32 19691 records - OK

c5pou474 7.0 15a9d10c451d2fcf124700f29f557d9bf338e671 2012/02/26 21:03:21 23605 records - OK

uxgg0rpp 7.0 5647d941e5358105ca6558dce78873f06c48d5dc 2012/02/19 21:03:45 19067 records - OK

4idkbdzp 7.0 c9b2600cb665ce34e0ccd0f19e0a88cd44437f51 2012/02/12 21:04:49 19019 records - OK

senpbwkw 7.0 9df2e129e78a9d9ab491186da1329c1dd1190e17 2012/02/05 21:05:25 28028 records - OK

5dge7qmy 7.0 b69b9504a51b8777b8e95a4680dc8ac1d8d8c25d 2012/01/29 21:08:41 29444 records - OK

gq8olt25 7.0 3d7431bdee1a22d6329e017f348db7760f2645ac 2012/01/23 02:22:13 19353 records - OK

ts4vjrbl 7.0 e04570f78fb00d758abdf77c534a460980e102c0 2012/01/15 21:12:31 20747 records - OK

md0w92v1 7.0 2de2479b112c4416e2375343f57ca789b042aecc 2012/01/08 21:04:30 28052 records - OK

3jdosabx 7.0 c4bd9612ff1f71d8bd23b4f1bc114eed1ae2ee6b 2012/01/01 21:04:40 12183 records - OK

pqrn25km 7.0 28b1d218ade8f05fdc8550c7456ac3b74f705208 2011/12/25 21:03:33 19984 records - OK

q66r8rp5 7.0 539e41e8f3d97a6f347600c7cef903d9f34e0518 2011/12/18 21:08:45 22627 records - OK

tg6afcyk 7.0 f8e81968965f555bce0d02fc9933fee840b97aaf 2011/12/12 14:20:22 49580 records - OK

nhz50bw5 7.0 14751e0f442bba3efc08ee12d82a2815c61cfeb6 2011/12/04 02:00:00 45195 records - OK

0oao9ybr 7.0 5bc1f5e30792d018658f2dcdb35fc0bcbdcf4e1e 2011/12/04 01:00:00 171075 records - OK

72bqybon 7.0 0f948a7d416c556bfc8a8be2c2c39f998fee6d9e 2011/12/04 00:00:00 170820 records - OK

vz1bijda 7.0 9357c3cc73a4a374346a678f197daa22496c7ae5 2011/12/03 23:00:00 171279 records - OK

9ky53qsk 7.0 ae56b06b3d6f1e13c5f10cce4ed68f2cccbf3298 2011/12/03 22:00:00 170253 records - OK

evutvfnk 7.0 fdaab5c1079d02c94f20d07c39d638cad79d8771 2011/12/03 21:00:00 170291 records - OK

9wgs10jp 7.0 b59d8841e65d7670b2aae7f2b65734269f6c4fe3 2011/12/03 20:00:00 170501 records - OK

hw0bbm8g 7.0 3946b1d195434cf7a70d144da71c87559475c58f 2011/12/03 19:00:00 353582 records - OK

erhrr0a1 7.0 8df4695f74ea5949551df6044720694e204b13d7 2011/12/03 18:00:00 852776 records - OK

sni6aqxc 7.0 26ec3c7918125b3887aece02a889e2a605a427b3 2013/01/01 18:10:57 785 records - OK

i0seglip 7.0 cfbe9cf43615f7856e4c35f0fc02e2baf12e39e7 2012/12/16 21:14:14 1725 records - OK

il9gczgy 7.0 047694e79b1a8d295f27ea9c6565062404f84a57 2012/11/11 21:12:52 2050 records - OK

jcjydt6v 7.0 f3413603f4ee1c88018a78c1f6faf2abeb8fa8c1 2012/09/23 22:13:14 1456 records - OK

i16libsy 7.0 8871f579eeb7e5e7b70c6dd898afd27391d7daf4 2012/06/24 22:12:36 1421 records - OK

fmygzlo9 7.0 3ee43130fe7fec4b367a791892a444d0a791b29b 2012/03/25 22:12:30 1385 records - OK

x0x8egvs 7.0 fddc5d687537580c7166dbf117d591593bc62261 2012/01/22 22:56:09 1653 records - OK

r3utp6kk 7.0 63f8e4864730a8014f1ac0fe810745fa7e0fb4d8 2013/01/01 18:10:45 1215 records - OK

lghp8ppe 7.0 cdf3a9d2dcab57f90c378d9eefacbfd358a42699 2012/12/09 21:23:23 1620 records - OK

ec23fubw 7.0 c0726ba000e840272f0810b89051e6daa8799084 2012/11/04 21:23:16 1658 records - OK

9fnm37mb 7.0 216611859de0125bf130d6324d43c9115cb05def 2012/10/07 22:23:20 1465 records - OK

ppz31w63 7.0 264c14ad60c4423ec292f5f8b182e4448504dfa9 2012/09/09 22:23:14 1588 records - OK

a2v624wd 7.0 33197bfe9efefa9db33725d240757103c625b601 2012/07/22 22:22:36 1702 records - OK

1s48t9jt 7.0 74d8e114edb84b95bc09d5a2a36191d15a61e2cb 2012/06/10 22:22:36 1659 records - OK

g6iy9kbo 7.0 79ca8239f310688d2b9c314fa3d738a34985cce3 2012/04/29 22:22:34 1670 records - OK

rmt0aykz 7.0 aac27e986e3731e5260cb76f5b14558e36660dec 2012/03/11 22:22:28 1729 records - OK

e5pmvbxw 7.0 fa5c96b8be693a20c2a295e3545419e6f117fdc4 2012/01/29 21:23:00 1523 records - OK

3s02dm22 7.0 e9b21e0a3578ef2e2067f4876309671ddc78f65f 2011/12/18 21:22:29 1805 records - OK

0i9s83yd 7.0 8f7a8f6f55130f6becc5331ab38dc2108746b8aa 2011/12/03 17:00:00 26456 records - OK

zufndlbt 7.0 e6d52b11d2f7d405ccd31347da3b6fde69825168 2011/12/03 16:00:00 74279 records - OK

1j9lq59x 7.0 e20ffde4bbc58e0585b0b3b2f324bc91272c2360 2011/12/03 15:00:00 1 record - OK

Total records count: 3527078

Anti-rootkit module version (API 5.00 / 5.00)

Using c:\documents and settings\michael senff\local settings\temp\8CD95628-6839BAB8-8251CD28-34F710F0\bgbjacyk.key as Dr.Web ® Key file

This Dr.Web ® Key is for 1 computer (A User)

=============================================================================

Dr.Web Scanner SE for Windows v7.0.100.12030

© Doctor Web, Ltd., 1992-2012

Scan session started 2013/01/01 20:09:02

Module location : c:\documents and settings\michael senff\local settings\temp\9F31666D-D4A2DF9D-836AF6A9-BE2689FB\

=============================================================================

OPTION [Automatic Apply Actions] NO

OPTION [Turn Off Computer After Scan] NO

OPTION [use Sound Alerts] NO

OPTION [block Network] NO

OPTION [Protect Process] NO

OPTION [Protect Raw Disk] NO

Using language: "English"

=============================================================================

Dr.Web Scanner SE for Windows v7.0.100.12030

© Doctor Web, Ltd., 1992-2012

Scan session started 2013/01/01 20:09:32

Module location : c:\documents and settings\michael senff\local settings\temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\

=============================================================================

OPTION [Automatic Apply Actions] NO

OPTION [Turn Off Computer After Scan] NO

OPTION [use Sound Alerts] NO

OPTION [block Network] NO

OPTION [Protect Process] NO

OPTION [Protect Raw Disk] NO

Using language: "English"

Available instances: 6

Instances used: 6

Platform: Windows XP Home x86 (Build 2600), Service Pack 3

API Version: 2.2

Scanning Engine version: 8.0.1.11280

Virus Finding Engine version: 7.0.4.9250

Total 89 virus bases are loaded from c:\documents and settings\michael senff\local settings\temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B

vd2yjdma 7.0 9015eded52680399ec1df18349ecbcd74f613b02 2013/01/01 18:10:28 908 records - OK

neisoa6b 7.0 f5d1425097a34628f8d752212dabf9732d209c98 2011/07/25 09:20:03 1 record - OK

pnsktmnf 7.0 4c38b4db39d5be63a02c898d2438b6c04405a48f 2013/01/01 13:02:18 3916 records - OK

t7pfoqgj 7.0 805b6089c867549c75f843eac96b759c3f8d101f 2012/12/30 21:05:41 18184 records - OK

ysjt6e70 7.0 c12a817c1f95bb9fd8238ef0d5f68868a8d95686 2012/12/23 21:05:33 30183 records - OK

dcjtn7qk 7.0 33def496782eb5b7b1cc93fdb036a1b62fa6a2fd 2012/12/16 21:06:21 25519 records - OK

nts2jtjx 7.0 422abae03c588822f412aa9aae50578a1d61737e 2012/12/09 21:05:04 20358 records - OK

n6nzvpdy 7.0 a4f0d0ecad4fb6e0afdb1925f4e0b7863b9d03fa 2012/12/02 21:06:19 20133 records - OK

rciabzrq 7.0 86daa918ee3de1e4c1e5dea6f9b5f63544cf8814 2012/11/25 21:05:22 27311 records - OK

kxx242nk 7.0 6556881c748e1f894eb9c7943ebae67017e1aec2 2012/11/18 21:06:09 29434 records - OK

0tc4jzi6 7.0 559141ef34f9e6226bb58560e9b52e4cc5165150 2012/11/11 21:06:22 26900 records - OK

cur0kazg 7.0 cc55013e63ff89319ec772e34d77056c7108cd3b 2012/11/04 21:05:22 25164 records - OK

05oqcdxs 7.0 f477dc247d9b562bb64fd4f46a7dcbdf7124eb60 2012/10/28 22:06:37 30226 records - OK

ndrb99tv 7.0 abaf5f7fda7308fcf7573b193bbf2116723e9802 2012/10/21 22:04:37 16441 records - OK

jet4em2a 7.0 5adc85528fb49e201d4bc61eca580d6839cc4a4c 2012/10/14 22:05:04 26289 records - OK

g022mtpl 7.0 da8cf3fbd81206bb3d8103347a439f920a74bbe2 2012/10/07 22:05:51 27278 records - OK

dedkzu0s 7.0 5988744d3cb357f1a013427d466e2d79ab5f8907 2012/09/30 22:05:11 17444 records - OK

n18t5qzi 7.0 d4a0dabf4a4df0f79805c6ccdc025f796765e786 2012/09/23 22:06:30 21205 records - OK

5i4lciua 7.0 82ed005784d9e258213070a0cd8bfceff345018d 2012/09/16 22:05:43 11686 records - OK

ba0jf7bz 7.0 a95ae63004b8d857c2db055f4e47c15bfc97f626 2012/09/09 22:04:34 12677 records - OK

7knz0vya 7.0 c39bf233d25242ae9ed8cf204b9b788c8f45ab79 2012/09/02 22:05:28 10118 records - OK

2c3cc7bp 7.0 d37b5484b009947b7cdd3837dafe8148615401c2 2012/08/26 22:05:26 12602 records - OK

laz4svn3 7.0 41bf1347794ab7060dec7aaecc1d1d95cf6fecb5 2012/08/19 22:04:05 18298 records - OK

00zstied 7.0 1a997511e5892aaeb69b3db70e06676af36382e3 2012/08/12 22:05:19 17126 records - OK

z7inloz3 7.0 f7226c59914e3683e538e668c3b664af3232654d 2012/08/05 22:03:53 20539 records - OK

13cbkgyc 7.0 4035c8d3b617bf935a317a8c57efaa8e835a61f4 2012/07/29 22:05:26 19330 records - OK

4blf9nhz 7.0 09b55bc000f184ed426f1d8b9665669346fe5e71 2012/07/22 22:05:34 19692 records - OK

gz065ne2 7.0 f746c097f298e94faa9db94e6f64ef9fd4a7b010 2012/07/15 22:05:43 14727 records - OK

ng6y0ln0 7.0 792a6a25a17e764390440cd4c2c6ca5a97ab162f 2012/07/08 22:04:33 19485 records - OK

jae4x1dz 7.0 ca9905c39e3d93428a4db65a192debe9fbd7acf7 2012/07/01 22:04:55 22898 records - OK

on8w4e4q 7.0 dc29c610b866c66ba5327e7830452b2460149a35 2012/06/24 22:05:17 20551 records - OK

m1cnqcni 7.0 c28739bea153508d12942ac9a61abd475d0a0404 2012/06/17 22:03:35 9661 records - OK

bsxqi1u9 7.0 e5b5835a7c512120c5348e31483a4caa2a845d28 2012/06/10 22:04:32 23632 records - OK

sg7ay0yu 7.0 61853ce89026ef0ebbd80174f1b7dd5d25bbc63a 2012/06/03 22:04:41 12423 records - OK

szyb64sl 7.0 4e6c9897e153b47ca97b7da48ceed23e555a7761 2012/05/27 22:04:26 15493 records - OK

a3of1pu2 7.0 35f4c105cecd8ec1fd01714abebf30f8f3efb96e 2012/05/20 22:03:29 13065 records - OK

i99csduf 7.0 3522aa84677411aa7d67796bb05ea3ab62f02a71 2012/05/13 22:04:24 16238 records - OK

r2u0dpqq 7.0 7597333540eda537bd42c0a17d4a6526ad247a2e 2012/05/06 22:04:33 11570 records - OK

dwwlku9v 7.0 867814380363bc6ad605acf4b96e02c54dbd60f7 2012/04/29 22:03:28 15478 records - OK

zn7nidtp 7.0 3c04f402d91a19039cb9c223c435dc4ea1bb3da4 2012/04/22 22:05:05 11881 records - OK

3f5cdptq 7.0 8d0220a2a50b367e61a51d3b29c2659cde41bb7f 2012/04/15 22:03:29 13578 records - OK

60uskbwf 7.0 b79dc6f5832ad390108d1880694ec538e8b34bb0 2012/04/08 22:05:02 14292 records - OK

2hrx1bk1 7.0 8ff7cc095c43c2154275b7a54a89bf365e8daf4a 2012/04/01 22:03:24 14084 records - OK

wusvly0y 7.0 9502a428b32be4ad08556134e271c9ba03195398 2012/03/25 22:04:43 19126 records - OK

uj5y1cme 7.0 28c2fabbc645aff41baac12b911a8499ea163536 2012/03/18 22:03:23 14920 records - OK

kbuk6hfc 7.0 86de597ff06e58206f94263f2eef33cb41b2530c 2012/03/11 22:03:25 19017 records - OK

zmpd1ovn 7.0 5bd1d666e7c9ca70c34e591dc6c55314ce4b11af 2012/03/04 21:04:32 19691 records - OK

c5pou474 7.0 15a9d10c451d2fcf124700f29f557d9bf338e671 2012/02/26 21:03:21 23605 records - OK

uxgg0rpp 7.0 5647d941e5358105ca6558dce78873f06c48d5dc 2012/02/19 21:03:45 19067 records - OK

4idkbdzp 7.0 c9b2600cb665ce34e0ccd0f19e0a88cd44437f51 2012/02/12 21:04:49 19019 records - OK

senpbwkw 7.0 9df2e129e78a9d9ab491186da1329c1dd1190e17 2012/02/05 21:05:25 28028 records - OK

5dge7qmy 7.0 b69b9504a51b8777b8e95a4680dc8ac1d8d8c25d 2012/01/29 21:08:41 29444 records - OK

gq8olt25 7.0 3d7431bdee1a22d6329e017f348db7760f2645ac 2012/01/23 02:22:13 19353 records - OK

ts4vjrbl 7.0 e04570f78fb00d758abdf77c534a460980e102c0 2012/01/15 21:12:31 20747 records - OK

md0w92v1 7.0 2de2479b112c4416e2375343f57ca789b042aecc 2012/01/08 21:04:30 28052 records - OK

3jdosabx 7.0 c4bd9612ff1f71d8bd23b4f1bc114eed1ae2ee6b 2012/01/01 21:04:40 12183 records - OK

pqrn25km 7.0 28b1d218ade8f05fdc8550c7456ac3b74f705208 2011/12/25 21:03:33 19984 records - OK

q66r8rp5 7.0 539e41e8f3d97a6f347600c7cef903d9f34e0518 2011/12/18 21:08:45 22627 records - OK

tg6afcyk 7.0 f8e81968965f555bce0d02fc9933fee840b97aaf 2011/12/12 14:20:22 49580 records - OK

nhz50bw5 7.0 14751e0f442bba3efc08ee12d82a2815c61cfeb6 2011/12/04 02:00:00 45195 records - OK

0oao9ybr 7.0 5bc1f5e30792d018658f2dcdb35fc0bcbdcf4e1e 2011/12/04 01:00:00 171075 records - OK

72bqybon 7.0 0f948a7d416c556bfc8a8be2c2c39f998fee6d9e 2011/12/04 00:00:00 170820 records - OK

vz1bijda 7.0 9357c3cc73a4a374346a678f197daa22496c7ae5 2011/12/03 23:00:00 171279 records - OK

9ky53qsk 7.0 ae56b06b3d6f1e13c5f10cce4ed68f2cccbf3298 2011/12/03 22:00:00 170253 records - OK

evutvfnk 7.0 fdaab5c1079d02c94f20d07c39d638cad79d8771 2011/12/03 21:00:00 170291 records - OK

9wgs10jp 7.0 b59d8841e65d7670b2aae7f2b65734269f6c4fe3 2011/12/03 20:00:00 170501 records - OK

hw0bbm8g 7.0 3946b1d195434cf7a70d144da71c87559475c58f 2011/12/03 19:00:00 353582 records - OK

erhrr0a1 7.0 8df4695f74ea5949551df6044720694e204b13d7 2011/12/03 18:00:00 852776 records - OK

sni6aqxc 7.0 26ec3c7918125b3887aece02a889e2a605a427b3 2013/01/01 18:10:57 785 records - OK

i0seglip 7.0 cfbe9cf43615f7856e4c35f0fc02e2baf12e39e7 2012/12/16 21:14:14 1725 records - OK

il9gczgy 7.0 047694e79b1a8d295f27ea9c6565062404f84a57 2012/11/11 21:12:52 2050 records - OK

jcjydt6v 7.0 f3413603f4ee1c88018a78c1f6faf2abeb8fa8c1 2012/09/23 22:13:14 1456 records - OK

i16libsy 7.0 8871f579eeb7e5e7b70c6dd898afd27391d7daf4 2012/06/24 22:12:36 1421 records - OK

fmygzlo9 7.0 3ee43130fe7fec4b367a791892a444d0a791b29b 2012/03/25 22:12:30 1385 records - OK

x0x8egvs 7.0 fddc5d687537580c7166dbf117d591593bc62261 2012/01/22 22:56:09 1653 records - OK

r3utp6kk 7.0 63f8e4864730a8014f1ac0fe810745fa7e0fb4d8 2013/01/01 18:10:45 1215 records - OK

lghp8ppe 7.0 cdf3a9d2dcab57f90c378d9eefacbfd358a42699 2012/12/09 21:23:23 1620 records - OK

ec23fubw 7.0 c0726ba000e840272f0810b89051e6daa8799084 2012/11/04 21:23:16 1658 records - OK

9fnm37mb 7.0 216611859de0125bf130d6324d43c9115cb05def 2012/10/07 22:23:20 1465 records - OK

ppz31w63 7.0 264c14ad60c4423ec292f5f8b182e4448504dfa9 2012/09/09 22:23:14 1588 records - OK

a2v624wd 7.0 33197bfe9efefa9db33725d240757103c625b601 2012/07/22 22:22:36 1702 records - OK

1s48t9jt 7.0 74d8e114edb84b95bc09d5a2a36191d15a61e2cb 2012/06/10 22:22:36 1659 records - OK

g6iy9kbo 7.0 79ca8239f310688d2b9c314fa3d738a34985cce3 2012/04/29 22:22:34 1670 records - OK

rmt0aykz 7.0 aac27e986e3731e5260cb76f5b14558e36660dec 2012/03/11 22:22:28 1729 records - OK

e5pmvbxw 7.0 fa5c96b8be693a20c2a295e3545419e6f117fdc4 2012/01/29 21:23:00 1523 records - OK

3s02dm22 7.0 e9b21e0a3578ef2e2067f4876309671ddc78f65f 2011/12/18 21:22:29 1805 records - OK

0i9s83yd 7.0 8f7a8f6f55130f6becc5331ab38dc2108746b8aa 2011/12/03 17:00:00 26456 records - OK

zufndlbt 7.0 e6d52b11d2f7d405ccd31347da3b6fde69825168 2011/12/03 16:00:00 74279 records - OK

1j9lq59x 7.0 e20ffde4bbc58e0585b0b3b2f324bc91272c2360 2011/12/03 15:00:00 1 record - OK

Total records count: 3527078

Anti-rootkit module version (API 5.00 / 5.00)

Using c:\documents and settings\michael senff\local settings\temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\bgbjacyk.key as Dr.Web ® Key file

This Dr.Web ® Key is for 1 computer (A User)

-----------------------------------------------------------------------------

Start scanning

-----------------------------------------------------------------------------

Command line used:-rpcep:\pipe\1C7BE5A87 -rpcpr:np /protmode

Object(s) to scan:

- Scan processes in memory

- Scan boot sectors

- Scan startup directory

- Scanning for rootkits

- C:\AUTOEXEC.BAT

- C:\boot.ini

- C:\CONFIG.SYS

- C:\csb.log

- C:\end

- C:\extensions.sqlite

- C:\Install.log

- C:\IO.SYS

- C:\MSDOS.SYS

- C:\NTDETECT.COM

- C:\ntldr

- C:\pagefile.sys

- C:\RHDSetup.log

- C:\TDSSKiller.2.8.15.0_01.01.2013_19.39.23_log.txt

- C:\WINDOWS\system32\

- C:\Documents and Settings\Michael Senff\My Documents\

- C:\WINDOWS\TEMP\

- C:\DOCUME~1\MICHAE~1\LOCALS~1\Temp\

System Process - file not found

c:\program files\nvidia corporation\nvidia update core\daemonu.exe - Ok

c:\program files\intel\intel® management engine components\uns\uns.exe - Ok

c:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\toolbarupdater.exe - Ok

c:\windows\system32\smss.exe - Ok

>c:\windows\rthdcpl.exe is BINARYRES container

c:\windows\rthdcpl.exe - container

c:\windows\system32\csrss.exe - Ok

c:\windows\system32\winlogon.exe - Ok

c:\windows\system32\services.exe - Ok

c:\windows\system32\lsass.exe - Ok

c:\windows\system32\svchost.exe - Ok

c:\program files\microsoft security client\msseces.exe - Ok

c:\windows\system32\alg.exe - Ok

c:\program files\microsoft security client\msmpeng.exe - Ok

c:\program files\avg secure search\vprot.exe - Ok

c:\windows\system32\spoolsv.exe - Ok

c:\windows\explorer.exe - Ok

c:\windows\system32\wscntfy.exe - Ok

c:\program files\intel\intel® management engine components\lms\lms.exe - Ok

c:\windows\system32\nvsvc32.exe - Ok

c:\windows\system32\rundll32.exe - Ok

c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\6qpfy1g7.exe - Ok

c:\program files\mozilla firefox\firefox.exe - Ok

c:\windows\system32\ctfmon.exe - Ok

>c:\program files\pando networks\media booster\pmb.exe is ZLIB container

c:\program files\pando networks\media booster\pmb.exe - container

>c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\h35pdxp9.exe is BINARYRES container

c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\h35pdxp9.exe - container

c:\windows\system32\wbem\wmiprvse.exe - Ok

>c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe is BINARYRES container

>>c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe\data001 - packed by BINARYRES

>>c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe\data002 - packed by BINARYRES

c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe - container

c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe:Zone.Identifier - Ok

c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\ggv5nwpp.exe - Ok

c:\windows\system32\ntdll.dll - Ok

>c:\windows\system32\xpsp2res.dll is BINARYRES container

>>c:\windows\system32\xpsp2res.dll\data001 is JS-HTML container

>>c:\windows\system32\xpsp2res.dll\data002 is JS-HTML container

>>c:\windows\system32\xpsp2res.dll\data003 is JS-HTML container

>>c:\windows\system32\xpsp2res.dll\data004 is JS-HTML container

c:\windows\system32\xpsp2res.dll - container

c:\windows\system32\winhttp.dll - Ok

c:\windows\system32\uxtheme.dll - Ok

c:\windows\system32\netapi32.dll - Ok

c:\windows\system32\comctl32.dll - Ok

c:\windows\system32\hnetcfg.dll - Ok

c:\windows\system32\rsaenh.dll - Ok

c:\windows\system32\dssenh.dll - Ok

c:\windows\system32\mswsock.dll - Ok

c:\windows\system32\wshtcpip.dll - Ok

c:\windows\system32\ws2help.dll - Ok

c:\windows\system32\ws2_32.dll - Ok

c:\windows\system32\samlib.dll - Ok

c:\windows\system32\imm32.dll - Ok

c:\windows\system32\schannel.dll - Ok

c:\windows\system32\userenv.dll - Ok

c:\windows\system32\psapi.dll - Ok

c:\windows\system32\wintrust.dll - Ok

c:\windows\system32\imagehlp.dll - Ok

c:\windows\system32\iphlpapi.dll - Ok

c:\windows\system32\dnsapi.dll - Ok

c:\windows\system32\wldap32.dll - Ok

>c:\windows\system32\winrnr.dll - packed by FLY-CODE

c:\windows\system32\winrnr.dll - Ok

c:\windows\system32\rasadhlp.dll - Ok

c:\windows\system32\clbcatq.dll - Ok

c:\windows\system32\comres.dll - Ok

c:\windows\system32\oleaut32.dll - Ok

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Ok

>c:\windows\system32\ole32.dll is BINARYRES container

c:\windows\system32\ole32.dll - container

c:\windows\system32\ntmarta.dll - Ok

c:\windows\system32\crypt32.dll - Ok

c:\windows\system32\msasn1.dll - Ok

c:\windows\system32\version.dll - Ok

c:\windows\system32\msvcrt.dll - Ok

c:\windows\system32\advapi32.dll - Ok

c:\windows\system32\rpcrt4.dll - Ok

c:\windows\system32\gdi32.dll - Ok

c:\windows\system32\shlwapi.dll - Ok

c:\windows\system32\secur32.dll - Ok

c:\windows\system32\kernel32.dll - Ok

>c:\windows\system32\shell32.dll is BINARYRES container

>>c:\windows\system32\shell32.dll\data001 is JS-HTML container

c:\windows\system32\shell32.dll - container

c:\windows\system32\user32.dll - Ok

c:\windows\system32\sxs.dll - Ok

c:\program files\intel\intel® management engine components\uns\statusstrings.dll - Ok

c:\program files\intel\intel® management engine components\uns\xerces-c_2_7.dll - Ok

c:\windows\system32\wsock32.dll - Ok

>c:\windows\system32\setupapi.dll - packed by BINARYRES

>>c:\windows\system32\setupapi.dll - packed by MS COMPRESS

c:\windows\system32\setupapi.dll - Ok

c:\windows\system32\normaliz.dll - Ok

c:\windows\system32\wininet.dll - Ok

c:\windows\system32\iertutil.dll - Ok

c:\windows\system32\urlmon.dll - Ok

c:\windows\system32\mpr.dll - Ok

>c:\windows\system32\msacm32.drv - packed by FLY-CODE

c:\windows\system32\msacm32.drv - Ok

c:\windows\system32\wdmaud.drv - Ok

c:\windows\system32\winspool.drv - Ok

c:\windows\system32\ksuser.dll - Ok

c:\windows\system32\dsound.dll - Ok

c:\windows\system32\msctf.dll - Ok

c:\windows\system32\msctfime.ime - Ok

c:\windows\system32\comdlg32.dll - Ok

c:\windows\system32\winmm.dll - Ok

c:\windows\system32\midimap.dll - Ok

c:\windows\system32\msacm32.dll - Ok

c:\windows\system32\hhctrl.ocx - Ok

c:\windows\system32\csrsrv.dll - Ok

c:\windows\system32\basesrv.dll - Ok

c:\windows\system32\winsrv.dll - Ok

c:\windows\system32\odbcint.dll - Ok

c:\windows\system32\dimsntfy.dll - Ok

c:\windows\system32\winscard.dll - Ok

c:\windows\system32\odbc32.dll - Ok

c:\windows\system32\profmap.dll - Ok

>c:\windows\system32\nddeapi.dll - packed by FLY-CODE

c:\windows\system32\nddeapi.dll - Ok

c:\windows\system32\wlnotify.dll - Ok

c:\windows\system32\msgina.dll - Ok

>c:\windows\system32\winsta.dll - packed by FLY-CODE

c:\windows\system32\winsta.dll - Ok

c:\windows\system32\cscdll.dll - Ok

c:\windows\system32\cryptdll.dll - Ok

c:\windows\system32\atl.dll - Ok

c:\windows\system32\sfc.dll - Ok

c:\windows\system32\regapi.dll - Ok

c:\windows\system32\sfc_os.dll - Ok

c:\windows\system32\mprapi.dll - Ok

c:\windows\system32\adsldpc.dll - Ok

c:\windows\system32\rtutils.dll - Ok

c:\windows\system32\wtsapi32.dll - Ok

c:\windows\system32\authz.dll - Ok

c:\windows\system32\shsvcs.dll - Ok

c:\windows\system32\cscui.dll - Ok

c:\windows\system32\apphelp.dll - Ok

c:\windows\system32\msv1_0.dll - Ok

c:\windows\system32\activeds.dll - Ok

c:\windows\apppatch\acadproc.dll - Ok

c:\windows\system32\shimeng.dll - Ok

c:\windows\system32\ncobjapi.dll - Ok

c:\windows\system32\cabinet.dll - Ok

c:\windows\system32\msvcp60.dll - Ok

c:\windows\system32\eventlog.dll - Ok

c:\windows\system32\umpnpmgr.dll - Ok

c:\windows\system32\scesrv.dll - Ok

c:\windows\system32\msprivs.dll - Ok

c:\windows\apppatch\acgenral.dll - Ok

c:\windows\system32\kerberos.dll - Ok

c:\windows\system32\winipsec.dll - Ok

c:\windows\system32\pstorsvc.dll - Ok

c:\windows\system32\psbase.dll - Ok

c:\windows\system32\ipsecsvc.dll - Ok

c:\windows\system32\scecli.dll - Ok

c:\windows\system32\samsrv.dll - Ok

c:\windows\system32\netlogon.dll - Ok

c:\windows\system32\lsasrv.dll - Ok

c:\windows\system32\oakley.dll - Ok

c:\windows\system32\ntdsapi.dll - Ok

c:\windows\system32\w32time.dll - Ok

c:\windows\system32\wdigest.dll - Ok

c:\windows\system32\icaapi.dll - Ok

c:\windows\system32\mstlsapi.dll - Ok

c:\windows\system32\termsrv.dll - Ok

c:\windows\system32\rpcss.dll - Ok

c:\program files\microsoft security client\eppmanifest.dll - Ok

c:\windows\system32\msftedit.dll - Ok

c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll - Ok

c:\program files\microsoft security client\mpclient.dll - Ok

c:\program files\microsoft security client\sqmapi.dll - Ok

c:\windows\system32\msxml3.dll - Ok

>c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d873c0aa-3bbe-4452-a0dd-17897ba963e0}\mpengine.dll is BINARYRES container

c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d873c0aa-3bbe-4452-a0dd-17897ba963e0}\mpengine.dll - container

c:\windows\system32\fltlib.dll - Ok

c:\program files\microsoft security client\mpsvc.dll - Ok

c:\program files\microsoft security client\mprtp.dll - Ok

c:\windows\system32\wbem\wmiprvsd.dll - Ok

c:\windows\system32\dot3api.dll - Ok

c:\windows\system32\wscsvc.dll - Ok

c:\windows\system32\wuauserv.dll - Ok

c:\windows\system32\wuaueng.dll - Ok

c:\windows\system32\unimdm.tsp - Ok

c:\windows\system32\ndptsp.tsp - Ok

c:\windows\system32\kmddsp.tsp - Ok

c:\windows\system32\ipconf.tsp - Ok

c:\windows\system32\hidphone.tsp - Ok

c:\windows\system32\h323.tsp - Ok

c:\windows\system32\wbem\wmisvc.dll - Ok

c:\windows\system32\qmgr.dll - Ok

c:\windows\system32\onex.dll - Ok

c:\windows\system32\eappprxy.dll - Ok

c:\windows\system32\wbem\ncprov.dll - Ok

c:\windows\system32\mspatcha.dll - Ok

c:\windows\system32\esent.dll - Ok

c:\windows\system32\mfcsubs.dll - Ok

c:\windows\system32\advpack.dll - Ok

c:\windows\system32\ipnathlp.dll - Ok

c:\windows\system32\hid.dll - Ok

c:\windows\system32\catsrvut.dll - Ok

c:\windows\system32\catsrv.dll - Ok

c:\windows\system32\audiosrv.dll - Ok

>c:\windows\system32\uniplat.dll - packed by FLY-CODE

c:\windows\system32\uniplat.dll - Ok

c:\windows\system32\rasppp.dll - Ok

c:\windows\system32\sensapi.dll - Ok

c:\windows\system32\sens.dll - Ok

c:\windows\system32\ntlsapi.dll - Ok

c:\windows\system32\qutil.dll - Ok

c:\windows\system32\eapolqec.dll - Ok

c:\windows\system32\rasqec.dll - Ok

c:\windows\system32\wzcsapi.dll - Ok

c:\windows\system32\tapisrv.dll - Ok

c:\windows\system32\dot3dlg.dll - Ok

c:\windows\system32\seclogon.dll - Ok

c:\windows\system32\wbem\wbemcons.dll - Ok

c:\windows\system32\eappcfg.dll - Ok

c:\windows\system32\powrprof.dll - Ok

c:\windows\system32\wbem\wbemsvc.dll - Ok

c:\windows\system32\ssdpapi.dll - Ok

c:\windows\pchealth\helpctr\binaries\pchsvc.dll - Ok

c:\windows\system32\msidle.dll - Ok

c:\windows\system32\ersvc.dll - Ok

c:\windows\system32\wbem\wmiutils.dll - Ok

c:\windows\system32\trkwks.dll - Ok

c:\windows\system32\srvsvc.dll - Ok

c:\windows\system32\resutils.dll - Ok

c:\windows\system32\mtxclu.dll - Ok

c:\windows\system32\colbact.dll - Ok

c:\windows\system32\srsvc.dll - Ok

c:\windows\system32\wbem\repdrvfs.dll - Ok

c:\windows\system32\wbem\wbemcomn.dll - Ok

c:\windows\system32\wbem\esscli.dll - Ok

c:\windows\system32\wbem\wbemess.dll - Ok

c:\windows\system32\vssapi.dll - Ok

c:\windows\system32\cryptui.dll - Ok

c:\windows\system32\netcfgx.dll - Ok

c:\windows\system32\wbem\fastprox.dll - Ok

c:\windows\system32\rastapi.dll - Ok

c:\windows\system32\cryptnet.dll - Ok

c:\windows\system32\wbem\wbemcore.dll - Ok

c:\windows\system32\netshell.dll - Ok

c:\windows\system32\comsvcs.dll - Ok

c:\windows\system32\shfolder.dll - Ok

c:\windows\system32\rasdlg.dll - Ok

c:\windows\system32\rastls.dll - Ok

c:\windows\system32\raschap.dll - Ok

c:\windows\system32\credui.dll - Ok

c:\windows\system32\cryptsvc.dll - Ok

c:\windows\system32\clusapi.dll - Ok

c:\windows\system32\wmi.dll - Ok

c:\windows\system32\browser.dll - Ok

c:\windows\system32\upnp.dll - Ok

c:\windows\system32\wkssvc.dll - Ok

c:\windows\system32\rasman.dll - Ok

c:\windows\system32\tapi32.dll - Ok

c:\windows\system32\rasapi32.dll - Ok

c:\windows\system32\schedsvc.dll - Ok

c:\windows\system32\es.dll - Ok

c:\windows\system32\certcli.dll - Ok

c:\windows\system32\netman.dll - Ok

c:\windows\system32\msi.dll - Ok

c:\windows\system32\dhcpcsvc.dll - Ok

c:\windows\system32\wzcsvc.dll - Ok

c:\windows\system32\rasmans.dll - Ok

c:\windows\system32\dnsrslvr.dll - Ok

c:\windows\system32\lmhsvc.dll - Ok

c:\windows\system32\ssdpsrv.dll - Ok

c:\program files\common files\avg secure search\sitesafetyinstaller\13.2.0\sitesafety.dll - Ok

c:\program files\common files\avg secure search\dntinstaller\13.2.0\avgdttbx.dll - Ok

c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll - Ok

c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll - Ok

c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - Ok

c:\windows\system32\netrap.dll - Ok

c:\windows\system32\usbmon.dll - Ok

c:\windows\system32\tcpmon.dll - Ok

>c:\windows\system32\pjlmon.dll - packed by FLY-CODE

c:\windows\system32\pjlmon.dll - Ok

c:\windows\system32\cnbjmon.dll - Ok

c:\windows\system32\spoolss.dll - Ok

c:\windows\system32\inetpp.dll - Ok

c:\windows\system32\localspl.dll - Ok

c:\windows\system32\win32spl.dll - Ok

c:\windows\system32\webclnt.dll - Ok

c:\windows\system32\webcheck.dll - Ok

c:\windows\system32\ieframe.dll - Ok

c:\windows\system32\themeui.dll - Ok

c:\windows\system32\wzcdlg.dll - Ok

c:\windows\system32\msutb.dll - Ok

c:\windows\system32\duser.dll - Ok

>c:\windows\system32\browselc.dll is BINARYRES container

>>c:\windows\system32\browselc.dll\data004 is JS-HTML container

>>c:\windows\system32\browselc.dll\data008 is JS-HTML container

>>c:\windows\system32\browselc.dll\data012 is JS-HTML container

>>c:\windows\system32\browselc.dll\data013 is ZLIB container

c:\windows\system32\browselc.dll - container

>c:\windows\system32\shdoclc.dll is BINARYRES container

>>c:\windows\system32\shdoclc.dll\data001 is JS-HTML container

>>c:\windows\system32\shdoclc.dll\data002 is JS-HTML container

>>c:\windows\system32\shdoclc.dll\data003 is JS-HTML container

>>c:\windows\system32\shdoclc.dll\data004 is JS-HTML container

>>c:\windows\system32\shdoclc.dll\data005 is JS-HTML container

>>c:\windows\system32\shdoclc.dll\data006 is JS-HTML container

c:\windows\system32\shdoclc.dll - container

c:\windows\system32\ntlanman.dll - Ok

c:\windows\system32\netui1.dll - Ok

c:\windows\system32\netui0.dll - Ok

c:\windows\system32\batmeter.dll - Ok

c:\windows\system32\mlang.dll - Ok

c:\windows\system32\drprov.dll - Ok

c:\windows\system32\davclnt.dll - Ok

c:\windows\system32\browseui.dll - Ok

c:\windows\system32\stobject.dll - Ok

c:\windows\system32\msimg32.dll - Ok

>c:\windows\system32\linkinfo.dll - packed by FLY-CODE

c:\windows\system32\linkinfo.dll - Ok

c:\windows\system32\ntshrui.dll - Ok

c:\windows\system32\shdocvw.dll - Ok

c:\windows\system32\nvapi.dll - Ok

c:\program files\nvidia corporation\update common\nvupdt.dll - Ok

c:\program files\nvidia corporation\update common\easydaemonapiu.dll - Ok

c:\program files\nvidia corporation\update common\nvupdtr.dll - Ok

c:\windows\system32\nvmctray.dll - Ok

c:\windows\system32\oleacc.dll - Ok

>c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll is BINARYRES container

>>c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll\data003 - packed by BINARYRES

>>c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll\data004 - packed by BINARYRES

c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll - container

c:\windows\system32\odbcbcp.dll - Ok

c:\windows\system32\pdh.dll - Ok

c:\program files\mozilla firefox\nspr4.dll - Ok

c:\program files\mozilla firefox\plc4.dll - Ok

c:\program files\mozilla firefox\plds4.dll - Ok

c:\program files\mozilla firefox\mozalloc.dll - Ok

c:\program files\mozilla firefox\mozjs.dll - Ok

c:\program files\mozilla firefox\nssutil3.dll - Ok

c:\program files\mozilla firefox\nss3.dll - Ok

c:\program files\mozilla firefox\smime3.dll - Ok

c:\program files\mozilla firefox\ssl3.dll - Ok

c:\program files\mozilla firefox\mozsqlite3.dll - Ok

c:\program files\mozilla firefox\gkmedias.dll - Ok

c:\program files\mozilla firefox\xul.dll - Ok

c:\program files\mozilla firefox\xpcom.dll - Ok

c:\program files\mozilla firefox\components\browsercomps.dll - Ok

c:\program files\mozilla firefox\softokn3.dll - Ok

c:\program files\mozilla firefox\nssdbm3.dll - Ok

c:\program files\mozilla firefox\freebl3.dll - Ok

c:\program files\mozilla firefox\nssckbi.dll - Ok

c:\program files\mozilla firefox\mozglue.dll - Ok

c:\windows\system32\d3d9.dll - Ok

c:\windows\system32\dbghelp.dll - Ok

c:\program files\microsoft security client\mpoav.dll - Ok

c:\windows\system32\feclient.dll - Ok

c:\windows\system32\d3d8thk.dll - Ok

c:\windows\system32\mscms.dll - Ok

c:\windows\system32\t2embed.dll - Ok

c:\windows\system32\lz32.dll - Ok

c:\windows\system32\usp10.dll - Ok

c:\program files\mozilla firefox\msvcp100.dll - Ok

c:\program files\mozilla firefox\msvcr100.dll - Ok

>c:\program files\pando networks\media booster\plc4.dll - packed by FLY-CODE

c:\program files\pando networks\media booster\plc4.dll - Ok

c:\program files\pando networks\media booster\bugsplat.dll - Ok

c:\program files\pando networks\media booster\plds4.dll - Ok

c:\program files\pando networks\media booster\nss3.dll - Ok

c:\program files\pando networks\media booster\softokn3.dll - Ok

c:\program files\pando networks\media booster\ssl3.dll - Ok

c:\program files\pando networks\media booster\smime3.dll - Ok

c:\program files\pando networks\media booster\freebl3.dll - Ok

c:\program files\pando networks\media booster\nspr4.dll - Ok

c:\windows\system32\perfctrs.dll - Ok

c:\windows\system32\icmp.dll - Ok

c:\program files\pando networks\media booster\microsoft.vc90.crt\msvcp90.dll - Ok

c:\program files\pando networks\media booster\microsoft.vc90.crt\msvcr90.dll - Ok

c:\windows\system32\wbem\wbemprox.dll - Ok

c:\windows\system32\wbem\cimwin32.dll - Ok

c:\windows\system32\perfos.dll - Ok

c:\windows\system32\wbem\framedyn.dll - Ok

c:\windows\system32\security.dll - Ok

c:\windows\system32\mstask.dll - Ok

Link to post
Share on other sites

c:\documents and settings\updatususer\start menu\programs\startup\desktop.ini - Ok

c:\documents and settings\michael senff\start menu\programs\startup\desktop.ini - Ok

c:\windows\system32\config\systemprofile\start menu\programs\startup\desktop.ini - Ok

c:\documents and settings\default user\start menu\programs\startup\desktop.ini - Ok

c:\documents and settings\all users\start menu\programs\startup\desktop.ini - Ok

c:\windows\system32\dot3cfg.dll - Ok

c:\windows\system32\napmontr.dll - Ok

c:\windows\system32\fwcfg.dll - Ok

c:\windows\system32\hnetmon.dll - Ok

c:\windows\system32\dgnet.dll - Ok

c:\windows\system32\ipxpromn.dll - Ok

c:\windows\system32\ipxmontr.dll - Ok

c:\windows\system32\rasmontr.dll - Ok

c:\windows\system32\ippromon.dll - Ok

c:\windows\system32\ifmon.dll - Ok

c:\windows\system32\ipmontr.dll - Ok

c:\windows\system32\ipv6mon.dll - Ok

c:\windows\system32\dfrg.msc - Ok

c:\windows\system32\cleanmgr.exe - Ok

c:\windows\system32\calc.exe - Ok

c:\windows\system32\rdpwsx.dll - Ok

c:\windows\system32\rdpclip.exe - Ok

c:\windows\system32\rdpcfgex.dll - Ok

c:\windows\system32\cmd.exe - Ok

c:\windows\system32\msobjs.dll - Ok

c:\windows\system32\msaudite.dll - Ok

c:\windows\system32\iassvcs.dll - Ok

c:\windows\system32\win32k.sys - Ok

c:\windows\system32\syssetup.dll - Ok

c:\windows\system32\savedump.exe - Ok

c:\windows\system32\rsvpmsg.dll - Ok

c:\windows\system32\ntmsevt.dll - Ok

c:\windows\system32\napipsec.dll - Ok

c:\program files\microsoft security client\mpevmsg.dll - Ok

c:\windows\system32\rtm.dll - Ok

c:\windows\system32\spmsg.dll - Ok

c:\windows\system32\dhcpqec.dll - Ok

c:\windows\system32\mprmsg.dll - Ok

c:\windows\system32\netmsg.dll - Ok

c:\windows\system32\iologmsg.dll - Ok

c:\windows\system32\wuaucpl.cpl.mui - Ok

c:\windows\system32\xpob2res.dll - Ok

c:\windows\system32\wbem\wmiapres.dll - Ok

c:\windows\system32\dpcdll.dll - Ok

c:\windows\system32\netevent.dll - Ok

c:\windows\system32\msvbvm60.dll - Ok

c:\windows\microsoft.net\framework\v2.0.50727\eventlogmessages.dll - Ok

c:\windows\system32\safrslv.dll - Ok

c:\windows\system32\safrdm.dll - Ok

c:\windows\system32\perfmon.exe - Ok

c:\windows\system32\prflbmsg.dll - Ok

c:\program files\nvidia corporation\nview\nview.dll - Ok

c:\windows\system32\msshavmsg.dll - Ok

c:\windows\system32\nmevtmsg.dll - Ok

>c:\program files\microsoft security client\msmpres.dll is ZLIB container

c:\program files\microsoft security client\msmpres.dll - container

c:\windows\system32\loadperf.dll - Ok

c:\windows\pchealth\helpctr\binaries\hcappres.dll - Ok

c:\windows\system32\drwtsn32.exe - Ok

c:\windows\system32\ulib.dll - Ok

c:\windows\system32\pautoenr.dll - Ok

c:\windows\system32\faultrep.dll - Ok

c:\program files\common files\microsoft shared\dw\dw20.exe - Ok

c:\windows\microsoft.net\framework\v3.0\windows communication foundation\servicemodelevents.dll.mui - Ok

c:\windows\system32\query.dll - Ok

>c:\windows\system32\icardres.dll.mui is BINARYRES container

c:\windows\system32\icardres.dll.mui - container

c:\windows\microsoft.net\framework\v2.0.50727\aspnet_rc.dll - Ok

c:\program files\avg secure search\13.2.0.5\avg secure search_toolbar.dll - Ok

c:\program files\nvidia corporation\nview\nvshell.dll - Ok

c:\program files\microsoft security client\shellext.dll - Ok

c:\windows\system32\xpsshhdr.dll - Ok

c:\windows\system32\dfshim.dll - Ok

c:\windows\system32\wmpshell.dll - Ok

c:\program files\outlook express\wabfind.dll - Ok

c:\windows\system32\cabview.dll - Ok

c:\windows\system32\mmcshext.dll - Ok

c:\windows\system32\photowiz.dll - Ok

c:\windows\system32\dfsshlex.dll - Ok

c:\windows\msagent\agentpsh.dll - Ok

c:\windows\system32\mydocs.dll - Ok

c:\windows\system32\dsuiext.dll - Ok

c:\windows\system32\dsquery.dll - Ok

c:\windows\system32\docprop2.dll - Ok

c:\windows\system32\msieftp.dll - Ok

c:\windows\system32\extmgr.dll - Ok

c:\windows\system32\zipfldr.dll - Ok

c:\windows\system32\netplwiz.dll - Ok

>c:\windows\system32\shimgvw.dll is BINARYRES container

>>c:\windows\system32\shimgvw.dll\data001 is JS-HTML container

>>c:\windows\system32\shimgvw.dll\data002 is JS-HTML container

c:\windows\system32\shimgvw.dll - container

>c:\windows\system32\appwiz.cpl is BINARYRES container

>>c:\windows\system32\appwiz.cpl\data001 is JS-HTML container

>>c:\windows\system32\appwiz.cpl\data003 is JS-HTML container

>>c:\windows\system32\appwiz.cpl\data004 is JS-HTML container

>>c:\windows\system32\appwiz.cpl\data006 is JS-HTML container

>>c:\windows\system32\appwiz.cpl\data008 is JS-HTML container

>>c:\windows\system32\appwiz.cpl\data009 is JS-HTML container

>>c:\windows\system32\appwiz.cpl\data011 is JS-HTML container

>>c:\windows\system32\appwiz.cpl\data012 is JS-HTML container

>>c:\windows\system32\appwiz.cpl\data014 is JS-HTML container

>>c:\windows\system32\appwiz.cpl\data015 is JS-HTML container

>>c:\windows\system32\appwiz.cpl\data016 is JS-HTML container

c:\windows\system32\appwiz.cpl - container

c:\windows\system32\occache.dll - Ok

c:\windows\system32\sendmail.dll - Ok

c:\windows\system32\shmedia.dll - Ok

c:\windows\system32\twext.dll - Ok

>c:\windows\system32\wuaucpl.cpl - packed by FLY-CODE

c:\windows\system32\wuaucpl.cpl - Ok

c:\program files\common files\system\ole db\oledb32.dll - Ok

c:\windows\system32\wshext.dll - Ok

c:\windows\system32\remotepg.dll - Ok

c:\windows\system32\wiashext.dll - Ok

c:\windows\system32\cryptext.dll - Ok

>c:\windows\system32\deskperf.dll - packed by FLY-CODE

c:\windows\system32\deskperf.dll - Ok

>c:\windows\system32\fontext.dll is BINARYRES container

>>c:\windows\system32\fontext.dll\data001 - packed by MS COMPRESS

>>c:\windows\system32\fontext.dll\data002 - packed by MS COMPRESS

c:\windows\system32\fontext.dll - container

c:\windows\system32\hticons.dll - Ok

c:\windows\system32\syncui.dll - Ok

c:\windows\system32\dskquoui.dll - Ok

c:\windows\system32\printui.dll - Ok

c:\windows\system32\ntlanui2.dll - Ok

c:\windows\system32\diskcopy.dll - Ok

c:\windows\system32\shscrap.dll - Ok

c:\windows\system32\slayerxp.dll - Ok

c:\windows\system32\dssec.dll - Ok

>c:\windows\system32\deskmon.dll - packed by FLY-CODE

c:\windows\system32\deskmon.dll - Ok

c:\windows\system32\deskadp.dll - Ok

c:\windows\system32\docprop.dll - Ok

c:\windows\system32\rshx32.dll - Ok

c:\windows\system32\icmui.dll - Ok

c:\windows\system32\mmsys.cpl - Ok

c:\windows\system32\wiascr.dll - Ok

c:\program files\common files\avg secure search\viprotocolinstaller\13.2.0\viprotocol.dll - Ok

c:\windows\system32\inetcomm.dll - Ok

c:\windows\system32\itss.dll - Ok

c:\windows\system32\msvidctl.dll - Ok

c:\windows\system32\mshtml.dll - Ok

c:\windows\system32\mscoree.dll - Ok

c:\windows\system32\rsvpsp.dll - Ok

c:\windows\system32\sclgntfy.dll - Ok

c:\windows\system32\ntsd.exe - Ok

c:\windows\system32\xmlprov.dll - Ok

c:\windows\system32\drivers\ws2ifsl.sys - Ok

c:\windows\system32\wbem\wmiapsrv.exe - Ok

c:\windows\system32\wbem\wmiaprpl.dll - Ok

c:\windows\system32\mspmsnsv.dll - Ok

c:\windows\system32\winsock.dll - Ok

c:\windows\system32\drivers\wdmaud.sys - Ok

c:\windows\system32\drivers\wanarp.sys - Ok

c:\windows\system32\vssvc.exe - Ok

c:\windows\system32\drivers\volsnap.sys - Ok

c:\windows\system32\drivers\vga.sys - Ok

c:\windows\system32\drivers\usbstor.sys - Ok

c:\windows\system32\drivers\usbhub.sys - Ok

c:\windows\system32\drivers\usbehci.sys - Ok

c:\windows\system32\ups.exe - Ok

c:\windows\system32\upnphost.dll - Ok

c:\windows\system32\drivers\update.sys - Ok

c:\windows\system32\drivers\udfs.sys - Ok

c:\windows\system32\tsddd.dll - Ok

c:\windows\system32\drivers\termdd.sys - Ok

c:\windows\system32\drivers\tdtcp.sys - Ok

c:\windows\system32\drivers\tdpipe.sys - Ok

c:\windows\system32\drivers\tcpip.sys - Ok

c:\windows\system32\smlogsvc.exe - Ok

c:\windows\system32\drivers\sysaudio.sys - Ok

c:\windows\system32\drivers\swmidi.sys - Ok

c:\windows\system32\drivers\swenum.sys - Ok

c:\windows\system32\wiaservc.dll - Ok

c:\windows\system32\drivers\srv.sys - Ok

c:\windows\system32\drivers\sr.sys - Ok

c:\windows\system32\drivers\splitter.sys - Ok

c:\windows\system32\drivers\sfloppy.sys - Ok

c:\windows\system32\drivers\serial.sys - Ok

c:\windows\system32\drivers\secdrv.sys - Ok

c:\windows\system32\drivers\scsiport.sys - Ok

c:\windows\system32\scardsvr.exe - Ok

c:\windows\system32\drivers\rtenicxp.sys - Ok

c:\windows\system32\rsvp.exe - Ok

c:\windows\system32\locator.exe - Ok

c:\windows\system32\mprdim.dll - Ok

c:\windows\system32\drivers\redbook.sys - Ok

c:\windows\system32\sessmgr.exe - Ok

c:\windows\system32\drivers\rdpwd.sys - Ok

c:\windows\system32\rdpdd.dll - Ok

c:\windows\system32\drivers\rdpcdd.sys - Ok

c:\windows\system32\drivers\rdbss.sys - Ok

c:\windows\system32\drivers\raspti.sys - Ok

c:\windows\system32\drivers\raspppoe.sys - Ok

c:\windows\system32\drivers\rasl2tp.sys - Ok

c:\windows\system32\rasauto.dll - Ok

c:\windows\system32\drivers\rasacd.sys - Ok

c:\windows\system32\drivers\ptilink.sys - Ok

c:\windows\system32\drivers\psched.sys - Ok

c:\windows\system32\drivers\raspptp.sys - Ok

c:\windows\system32\perfproc.dll - Ok

c:\windows\system32\perfnet.dll - Ok

c:\windows\system32\perfdisk.dll - Ok

c:\windows\system32\drivers\pcmcia.sys - Ok

c:\windows\system32\drivers\pciide.sys - Ok

c:\windows\system32\drivers\pci.sys - Ok

c:\windows\system32\drivers\parvdm.sys - Ok

c:\windows\system32\drivers\partmgr.sys - Ok

c:\windows\system32\drivers\parport.sys - Ok

c:\windows\system32\drivers\nwlnkfwd.sys - Ok

c:\windows\system32\drivers\nwlnkflt.sys - Ok

c:\windows\system32\drivers\nvhda32.sys - Ok

c:\windows\system32\drivers\nv4_mini.sys - Ok

c:\windows\system32\drivers\null.sys - Ok

c:\windows\system32\ntmssvc.dll - Ok

c:\windows\system32\drivers\ntfs.sys - Ok

c:\windows\system32\drivers\npfs.sys - Ok

c:\windows\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe - Ok

c:\windows\system32\netdde.exe - Ok

c:\windows\system32\drivers\netbt.sys - Ok

c:\windows\system32\drivers\netbios.sys - Ok

c:\windows\system32\drivers\ndproxy.sys - Ok

c:\windows\system32\drivers\ndiswan.sys - Ok

c:\windows\system32\drivers\ndisuio.sys - Ok

c:\windows\system32\drivers\ndistapi.sys - Ok

c:\windows\system32\drivers\ndis.sys - Ok

c:\windows\system32\qagentrt.dll - Ok

c:\windows\system32\drivers\mup.sys - Ok

c:\windows\system32\drivers\mssmbios.sys - Ok

c:\windows\system32\drivers\mspqm.sys - Ok

c:\windows\system32\drivers\mspclock.sys - Ok

c:\windows\system32\drivers\mskssrv.sys - Ok

c:\windows\system32\msiexec.exe - Ok

c:\windows\system32\drivers\msfs.sys - Ok

c:\windows\system32\drivers\bridge.sys - Ok

c:\windows\system32\msdtc.exe - Ok

c:\windows\system32\drivers\mrxsmb.sys - Ok

c:\windows\system32\drivers\mrxdav.sys - Ok

c:\windows\system32\drivers\mpfilter.sys - Ok

c:\program files\mozilla maintenance service\maintenanceservice.exe - Ok

c:\windows\system32\drivers\mountmgr.sys - Ok

c:\windows\system32\drivers\mouhid.sys - Ok

c:\windows\system32\drivers\mouclass.sys - Ok

c:\windows\system32\drivers\monfilt.sys - Ok

c:\windows\system32\drivers\modem.sys - Ok

c:\windows\system32\mnmsrvc.exe - Ok

c:\windows\system32\mnmdd.dll - Ok

c:\windows\system32\msgsvc.dll - Ok

c:\windows\system32\drivers\heci.sys - Ok

c:\program files\malwarebytes' anti-malware\mbamservice.exe - Ok

c:\program files\malwarebytes' anti-malware\mbamscheduler.exe - Ok

c:\windows\system32\drivers\mbam.sys - Ok

c:\windows\system32\drivers\mbamchameleon.sys - Ok

c:\windows\system32\drivers\ksecdd.sys - Ok

c:\windows\system32\drivers\kmixer.sys - Ok

c:\windows\system32\drivers\kbdclass.sys - Ok

c:\windows\system32\drivers\isapnp.sys - Ok

c:\windows\system32\drivers\irenum.sys - Ok

c:\windows\system32\drivers\ipsec.sys - Ok

c:\windows\system32\drivers\ipnat.sys - Ok

c:\windows\system32\drivers\ipinip.sys - Ok

c:\windows\system32\drivers\ipfltdrv.sys - Ok

c:\windows\system32\drivers\ip6fw.sys - Ok

c:\windows\system32\drivers\intelppm.sys - Ok

c:\windows\system32\drivers\rtkhdaud.sys - Ok

c:\windows\system32\imapi.exe - Ok

c:\windows\system32\drivers\imapi.sys - Ok

c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe - Ok

c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe - Ok

c:\windows\system32\drivers\i8042prt.sys - Ok

c:\windows\system32\w3ssl.dll - Ok

c:\windows\system32\drivers\http.sys - Ok

c:\windows\system32\kmsvc.dll - Ok

c:\windows\system32\drivers\hidusb.sys - Ok

c:\windows\system32\drivers\hdaudbus.sys - Ok

c:\windows\system32\drivers\gvtdrv.sys - Ok

c:\program files\google\update\googleupdate.exe - Ok

c:\windows\system32\drivers\msgpc.sys - Ok

c:\program files\gigabyte\et6\amifldrv32.sys - Ok

c:\windows\gdrv.sys - Ok

c:\windows\system32\drivers\ftdisk.sys - Ok

c:\windows\system32\drivers\fs_rec.sys - Ok

c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe - Ok

c:\windows\system32\drivers\fltmgr.sys - Ok

c:\windows\system32\drivers\flpydisk.sys - Ok

c:\windows\system32\drivers\fips.sys - Ok

c:\windows\system32\drivers\fdc.sys - Ok

c:\windows\system32\drivers\fastfat.sys - Ok

c:\windows\system32\drivers\etronxhci.sys - Ok

c:\windows\system32\drivers\etronhub3.sys - Ok

c:\windows\system32\eapsvc.dll - Ok

c:\windows\system32\drivers\drmkaud.sys - Ok

c:\windows\system32\dot3svc.dll - Ok

c:\windows\system32\drivers\dmusic.sys - Ok

c:\windows\system32\dmserver.dll - Ok

c:\windows\system32\drivers\dmload.sys - Ok

c:\windows\system32\drivers\dmio.sys - Ok

c:\windows\system32\drivers\dmboot.sys - Ok

c:\windows\system32\dmadmin.exe - Ok

c:\windows\system32\drivers\disk.sys - Ok

c:\windows\system32\dllhost.exe - Ok

c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe - Ok

c:\windows\system32\clipsrv.exe - Ok

c:\windows\system32\cisvc.exe - Ok

c:\windows\system32\drivers\cdrom.sys - Ok

c:\windows\system32\drivers\cdfs.sys - Ok

c:\windows\system32\drivers\cdaudio.sys - Ok

c:\windows\system32\drivers\cbidf2k.sys - Ok

c:\windows\system32\drivers\beep.sys - Ok

c:\windows\system32\drivers\avgtpx86.sys - Ok

c:\windows\system32\drivers\audstub.sys - Ok

c:\windows\system32\drivers\atmarpc.sys - Ok

c:\windows\system32\drivers\atapi.sys - Ok

c:\windows\system32\drivers\asyncmac.sys - Ok

c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe - Ok

c:\windows\system32\applechargersrv.exe - Ok

c:\windows\system32\drivers\applecharger.sys - Ok

c:\windows\system32\drivers\ambfilt.sys - Ok

c:\windows\system32\alrsvc.dll - Ok

c:\windows\system32\drivers\afd.sys - Ok

c:\windows\system32\drivers\aec.sys - Ok

c:\windows\system32\macromed\flash\flashplayerupdateservice.exe - Ok

c:\windows\system32\drivers\acpiec.sys - Ok

c:\windows\system32\drivers\acpi.sys - Ok

c:\windows\system32\mscories.dll - Ok

c:\windows\system32\ie4uinit.exe - Ok

c:\windows\inf\wmp.inf - Ok

c:\windows\inf\msmsgs.inf - Ok

c:\windows\inf\msnetmtg.inf - Ok

c:\windows\system32\\user.exe - Ok

c:\program files\outlook express\setup50.exe - Ok

c:\windows\system32\regsvr32.exe - Ok

c:\windows\system32\shmgrate.exe - Ok

c:\windows\inf\unregmp2.exe - Ok

c:\windows\system32\ieudinit.exe - Ok

c:\windows\system32\url.dll - Ok

c:\windows\system32\olethk32.dll - Ok

c:\windows\system32\olesvr32.dll - Ok

c:\windows\system32\olecnv32.dll - Ok

c:\windows\system32\olecli32.dll - Ok

c:\program files\nvidia corporation\nview\nwiz.exe - Ok

c:\windows\system32\nvcpl.dll - Ok

c:\windows\system32\logon.scr - Ok

c:\windows\system32\logonui.exe - Ok

c:\windows\system32\dot3gpclnt.dll - Ok

c:\windows\system32\iedkcs32.dll - Ok

c:\windows\system32\dskquota.dll - Ok

c:\windows\system32\msnsspc.dll - Ok

c:\windows\system32\digest.dll - Ok

c:\windows\system32\msapsspc.dll - Ok

c:\windows\npmsdm.dll - Ok

>c:\windows\system32\muweb.dll is CAB archive

c:\windows\system32\muweb.dll - Ok

c:\windows\system32\muweb.dll - archive

c:\windows\system32\wuweb.dll - Ok

>c:\windows\downloaded program files\qsax.dll - packed by UPX

c:\windows\downloaded program files\qsax.dll - Ok

c:\windows\system32\legitcheckcontrol.dll - Ok

c:\program files\messenger\msmsgs.exe - Ok

c:\windows\network diagnostic\xpnetdiag.exe - Ok

c:\program files\pando networks\media booster\pmb.cpl - Ok

c:\program files\common files\microsoft shared\speech\sapi.cpl - Ok

c:\windows\system32\netsetup.cpl - Ok

c:\windows\system32\firewall.cpl - Ok

c:\windows\system32\autochk.exe - Ok

c:\windows\system32\userinit.exe - Ok

c:\windows\system32\l3codeca.acm - Ok

c:\windows\system32\ir50_32.dll - Ok

c:\windows\system32\iac25_32.ax - Ok

c:\windows\system32\sl_anet.acm - Ok

c:\windows\system32\msaud32.acm - Ok

c:\windows\system32\msh261.drv - Ok

c:\windows\system32\msg723.acm - Ok

c:\windows\system32\tsbyuv.dll - Ok

c:\windows\system32\msyuv.dll - Ok

c:\windows\system32\msvidc32.dll - Ok

c:\windows\system32\msrle32.dll - Ok

c:\windows\system32\iyuv_32.dll - Ok

c:\windows\system32\ir41_32.ax - Ok

c:\windows\system32\ir32_32.dll - Ok

c:\windows\system32\msh263.drv - Ok

c:\windows\system32\iccvid.dll - Ok

c:\windows\system32\tssoft32.acm - Ok

c:\windows\system32\msgsm32.acm - Ok

c:\windows\system32\msg711.acm - Ok

c:\windows\system32\msadp32.acm - Ok

c:\windows\system32\imaadp32.acm - Ok

c:\windows\system32\ntkrnlpa.exe - Ok

c:\documents and settings\michael senff\local settings\temp\1af96bff7.sys - file not found

c:\windows\system32\hal.dll - Ok

c:\windows\system32\drivers\videoprt.sys - Ok

c:\windows\system32\drivers\usbport.sys - Ok

Process :0 - read error

Process System:4 - Ok

Process \SystemRoot\System32\smss.exe:624 - Ok

Process \??\C:\WINDOWS\system32\csrss.exe:684 - Ok

Process \??\C:\WINDOWS\system32\winlogon.exe:708 - Ok

Process C:\WINDOWS\system32\services.exe:752 - Ok

Process C:\WINDOWS\system32\lsass.exe:764 - Ok

Process C:\WINDOWS\system32\svchost.exe:932 - Ok

Process C:\WINDOWS\system32\svchost.exe:1020 - Ok

Process c:\Program Files\Microsoft Security Client\MsMpEng.exe:1116 - Ok

Process C:\WINDOWS\System32\svchost.exe:1152 - Ok

Process C:\WINDOWS\system32\svchost.exe:1240 - Ok

Process C:\WINDOWS\system32\svchost.exe:1308 - Ok

Process C:\WINDOWS\system32\spoolsv.exe:1580 - Ok

Process C:\WINDOWS\system32\svchost.exe:1736 - Ok

Process C:\WINDOWS\Explorer.EXE:1756 - Ok

Process C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe:1868 - Ok

Process C:\WINDOWS\system32\nvsvc32.exe:1952 - Ok

Process C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:188 - Ok

Process C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe:260 - Ok

Process C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe:460 - Ok

Process C:\WINDOWS\system32\wscntfy.exe:1852 - Ok

Process C:\WINDOWS\RTHDCPL.EXE:648 - Ok

Process C:\Program Files\Microsoft Security Client\msseces.exe:1092 - Ok

Process C:\Program Files\AVG Secure Search\vprot.exe:1404 - Ok

Process C:\WINDOWS\system32\RunDLL32.exe:1988 - Ok

Process C:\WINDOWS\system32\ctfmon.exe:2708 - Ok

Process C:\Program Files\Pando Networks\Media Booster\PMB.exe:2988 - Ok

Process C:\WINDOWS\System32\alg.exe:1096 - Ok

Process C:\Program Files\Mozilla Firefox\firefox.exe:2696 - Ok

Process C:\Documents and Settings\Michael Senff\My Documents\Downloads\drweb-cureit.exe:3420 - Ok

Process c:\documents and settings\michael senff\local settings\temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\ggv5nwpp.exe:3468 - Ok

Process c:\documents and settings\michael senff\local settings\temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\h35pdxp9.exe:3324 - Ok

Process c:\documents and settings\michael senff\local settings\temp\D6FE5BC9-1415B5A2-6B4D7F65-CE33891B\6qpfy1g7.exe:2544 - Ok

HDD0 MBR - Ok

HDD0 Active OS\2 or WinNT Boot Sector - Ok

c:\documents and settings\all users\start menu\programs\startup\desktop.ini - Ok

c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\6qpfy1g7.exe - Ok

c:\documents and settings\michael senff\start menu\programs\startup\desktop.ini - Ok

>c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll is BINARYRES container

>>c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll\data003 - packed by BINARYRES

c:\program files\avg secure search\13.2.0.5\avg secure search_toolbar.dll - Ok

c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\ggv5nwpp.exe - Ok

>>c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll\data004 - packed by BINARYRES

>c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe is BINARYRES container

>c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d873c0aa-3bbe-4452-a0dd-17897ba963e0}\mpengine.dll is BINARYRES container

>>c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe\data001 - packed by BINARYRES

c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\3jjqtynh.dll - container

>>c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe\data002 - packed by BINARYRES

>c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\h35pdxp9.exe is BINARYRES container

c:\documents and settings\michael senff\my documents\downloads\drweb-cureit.exe - container

c:\program files\common files\avg secure search\dntinstaller\13.2.0\avgdttbx.dll - Ok

c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{d873c0aa-3bbe-4452-a0dd-17897ba963e0}\mpengine.dll - container

c:\documents and settings\michael senff\local settings\temp\d6fe5bc9-1415b5a2-6b4d7f65-ce33891b\h35pdxp9.exe - container

c:\program files\common files\avg secure search\sitesafetyinstaller\13.2.0\sitesafety.dll - Ok

c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe - Ok

c:\program files\common files\avg secure search\viprotocolinstaller\13.2.0\viprotocol.dll - Ok

c:\program files\avg secure search\vprot.exe - Ok

c:\program files\gigabyte\et6\amifldrv32.sys - Ok

c:\program files\common files\microsoft shared\speech\sapi.cpl - Ok

c:\program files\google\update\googleupdate.exe - Ok

c:\program files\common files\system\ole db\oledb32.dll - Ok

c:\program files\intel\intel® management engine components\uns\statusstrings.dll - Ok

c:\program files\common files\avg secure search\vtoolbarupdater\13.2.0\toolbarupdater.exe - Ok

c:\program files\intel\intel® management engine components\lms\lms.exe - Ok

c:\program files\common files\microsoft shared\dw\dw20.exe - Ok

c:\program files\malwarebytes' anti-malware\mbamscheduler.exe - Ok

c:\program files\microsoft security client\eppmanifest.dll - Ok

c:\program files\intel\intel® management engine components\uns\xerces-c_2_7.dll - Ok

c:\program files\microsoft security client\mpclient.dll - Ok

c:\program files\microsoft security client\mpevmsg.dll - Ok

c:\program files\malwarebytes' anti-malware\mbamservice.exe - Ok

c:\program files\messenger\msmsgs.exe - Ok

c:\program files\microsoft security client\mpcmdrun.exe - Ok

c:\program files\microsoft security client\msmpeng.exe - Ok

c:\program files\microsoft security client\mpoav.dll - Ok

c:\program files\microsoft security client\mprtp.dll - Ok

c:\program files\microsoft security client\shellext.dll - Ok

>c:\program files\microsoft security client\msmpres.dll is ZLIB container

c:\program files\microsoft security client\sqmapi.dll - Ok

c:\program files\mozilla firefox\components\browsercomps.dll - Ok

c:\program files\microsoft security client\msseces.exe - Ok

c:\program files\mozilla firefox\firefox.exe - Ok

c:\program files\microsoft security client\mpsvc.dll - Ok

c:\program files\mozilla firefox\mozalloc.dll - Ok

c:\program files\mozilla firefox\mozglue.dll - Ok

c:\program files\intel\intel® management engine components\uns\uns.exe - Ok

c:\program files\mozilla firefox\mozsqlite3.dll - Ok

c:\program files\mozilla firefox\freebl3.dll - Ok

c:\program files\mozilla firefox\nspr4.dll - Ok

c:\program files\mozilla firefox\mozjs.dll - Ok

c:\program files\mozilla firefox\msvcp100.dll - Ok

c:\program files\mozilla firefox\gkmedias.dll - Ok

c:\program files\mozilla firefox\msvcr100.dll - Ok

c:\program files\mozilla firefox\nssutil3.dll - Ok

c:\program files\mozilla firefox\plc4.dll - Ok

c:\program files\mozilla firefox\nss3.dll - Ok

c:\program files\mozilla firefox\plds4.dll - Ok

c:\program files\mozilla firefox\nssdbm3.dll - Ok

c:\program files\mozilla firefox\nssckbi.dll - Ok

c:\program files\mozilla firefox\xpcom.dll - Ok

c:\program files\mozilla firefox\smime3.dll - Ok

c:\program files\mozilla firefox\ssl3.dll - Ok

c:\program files\mozilla firefox\softokn3.dll - Ok

c:\program files\mozilla maintenance service\maintenanceservice.exe - Ok

c:\program files\nvidia corporation\nview\nvshell.dll - Ok

c:\program files\microsoft security client\msmpres.dll - container

c:\program files\nvidia corporation\nview\nview.dll - Ok

c:\program files\nvidia corporation\nvidia update core\daemonu.exe - Ok

c:\program files\nvidia corporation\update common\easydaemonapiu.dll - Ok

c:\program files\nvidia corporation\update common\nvupdtr.dll - Ok

c:\program files\outlook express\setup50.exe - Ok

c:\program files\nvidia corporation\nview\nwiz.exe - Ok

c:\program files\outlook express\wabfind.dll - Ok

c:\program files\pando networks\media booster\bugsplat.dll - Ok

c:\program files\pando networks\media booster\nspr4.dll - Ok

c:\program files\pando networks\media booster\microsoft.vc90.crt\msvcr90.dll - Ok

c:\program files\pando networks\media booster\microsoft.vc90.crt\msvcp90.dll - Ok

>c:\program files\pando networks\media booster\plc4.dll - packed by FLY-CODE

c:\program files\pando networks\media booster\plds4.dll - Ok

c:\program files\pando networks\media booster\freebl3.dll - Ok

c:\program files\pando networks\media booster\nss3.dll - Ok

c:\program files\pando networks\media booster\smime3.dll - Ok

c:\program files\nvidia corporation\update common\nvupdt.dll - Ok

c:\program files\pando networks\media booster\pmb.cpl - Ok

c:\program files\pando networks\media booster\plc4.dll - Ok

c:\program files\pando networks\media booster\ssl3.dll - Ok

c:\windows\apppatch\acadproc.dll - Ok

c:\program files\pando networks\media booster\softokn3.dll - Ok

c:\windows\gdrv.sys - Ok

>c:\windows\downloaded program files\qsax.dll - packed by UPX

c:\windows\inf\msmsgs.inf - Ok

c:\windows\inf\msnetmtg.inf - Ok

>c:\program files\pando networks\media booster\pmb.exe is ZLIB container

c:\program files\pando networks\media booster\pmb.exe - container

c:\windows\inf\unregmp2.exe - Ok

c:\windows\inf\wmp.inf - Ok

c:\windows\microsoft.net\framework\v2.0.50727\aspnet_rc.dll - Ok

c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe - Ok

c:\windows\apppatch\acgenral.dll - Ok

c:\windows\explorer.exe - Ok

c:\windows\microsoft.net\framework\v3.0\windows communication foundation\servicemodelevents.dll.mui - Ok

c:\windows\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe - Ok

c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe - Ok

c:\windows\microsoft.net\framework\v2.0.50727\eventlogmessages.dll - Ok

c:\windows\msagent\agentpsh.dll - Ok

c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe - Ok

c:\program files\mozilla firefox\xul.dll - Ok

c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe - Ok

c:\windows\pchealth\helpctr\binaries\hcappres.dll - Ok

c:\windows\pchealth\helpctr\binaries\pchsvc.dll - Ok

c:\windows\npmsdm.dll - Ok

c:\windows\system32\adsldpc.dll - Ok

c:\windows\system32\activeds.dll - Ok

c:\windows\network diagnostic\xpnetdiag.exe - Ok

c:\windows\system32\advpack.dll - Ok

c:\windows\system32\alrsvc.dll - Ok

c:\windows\downloaded program files\qsax.dll - Ok

c:\windows\system32\apphelp.dll - Ok

c:\windows\system32\advapi32.dll - Ok

c:\windows\system32\atl.dll - Ok

c:\windows\system32\audiosrv.dll - Ok

c:\windows\system32\authz.dll - Ok

c:\windows\system32\basesrv.dll - Ok

>c:\windows\system32\browselc.dll is BINARYRES container

>c:\windows\system32\appwiz.cpl is BINARYRES container

c:\windows\system32\batmeter.dll - Ok

>>c:\windows\system32\appwiz.cpl\data001 is JS-HTML container

>>c:\windows\system32\browselc.dll\data004 is JS-HTML container

c:\windows\system32\browser.dll - Ok

>>c:\windows\system32\appwiz.cpl\data003 is JS-HTML container

c:\windows\system32\autochk.exe - Ok

>>c:\windows\system32\appwiz.cpl\data004 is JS-HTML container

>>c:\windows\system32\browselc.dll\data008 is JS-HTML container

>>c:\windows\system32\appwiz.cpl\data006 is JS-HTML container

>>c:\windows\system32\browselc.dll\data012 is JS-HTML container

>>c:\windows\system32\browselc.dll\data013 is ZLIB container

c:\windows\system32\browselc.dll - container

>>c:\windows\system32\appwiz.cpl\data008 is JS-HTML container

c:\windows\system32\cabinet.dll - Ok

>>c:\windows\system32\appwiz.cpl\data009 is JS-HTML container

c:\windows\system32\cabview.dll - Ok

>>c:\windows\system32\appwiz.cpl\data011 is JS-HTML container

c:\windows\system32\alg.exe - Ok

>>c:\windows\system32\appwiz.cpl\data012 is JS-HTML container

c:\windows\system32\certcli.dll - Ok

>>c:\windows\system32\appwiz.cpl\data014 is JS-HTML container

c:\windows\system32\catsrv.dll - Ok

>>c:\windows\system32\appwiz.cpl\data015 is JS-HTML container

c:\windows\system32\browseui.dll - Ok

c:\windows\system32\cisvc.exe - Ok

c:\windows\system32\catsrvut.dll - Ok

>>c:\windows\system32\appwiz.cpl\data016 is JS-HTML container

c:\windows\system32\appwiz.cpl - container

c:\windows\system32\clusapi.dll - Ok

c:\windows\system32\cnbjmon.dll - Ok

c:\windows\system32\clbcatq.dll - Ok

c:\windows\system32\cmd.exe - Ok

c:\windows\system32\comres.dll - Ok

c:\windows\system32\comctl32.dll - Ok

c:\windows\system32\comdlg32.dll - Ok

c:\windows\system32\colbact.dll - Ok

c:\windows\system32\cryptdll.dll - Ok

c:\windows\system32\credui.dll - Ok

c:\windows\system32\cryptext.dll - Ok

c:\windows\system32\comsvcs.dll - Ok

c:\windows\system32\cryptsvc.dll - Ok

c:\windows\system32\cryptnet.dll - Ok

c:\windows\system32\crypt32.dll - Ok

c:\windows\system32\clipsrv.exe - Ok

c:\windows\system32\csrss.exe - Ok

c:\windows\system32\csrsrv.dll - Ok

c:\windows\system32\cryptui.dll - Ok

c:\windows\system32\cscdll.dll - Ok

c:\windows\system32\d3d8thk.dll - Ok

c:\windows\system32\davclnt.dll - Ok

>c:\windows\rthdcpl.exe is BINARYRES container

c:\windows\system32\cscui.dll - Ok

>c:\windows\system32\deskmon.dll - packed by FLY-CODE

c:\windows\system32\deskadp.dll - Ok

c:\windows\system32\ctfmon.exe - Ok

>c:\windows\system32\deskperf.dll - packed by FLY-CODE

c:\windows\system32\dbghelp.dll - Ok

c:\windows\system32\deskmon.dll - Ok

c:\windows\system32\deskperf.dll - Ok

c:\windows\system32\dfshim.dll - Ok

c:\windows\system32\dhcpqec.dll - Ok

c:\windows\system32\dfsshlex.dll - Ok

c:\windows\system32\dhcpcsvc.dll - Ok

c:\windows\system32\dimsntfy.dll - Ok

c:\windows\system32\digest.dll - Ok

c:\windows\system32\dllhost.exe - Ok

c:\windows\system32\d3d9.dll - Ok

c:\windows\system32\dnsrslvr.dll - Ok

c:\windows\system32\dmadmin.exe - Ok

c:\windows\system32\dmserver.dll - Ok

c:\windows\system32\dnsapi.dll - Ok

c:\windows\system32\diskcopy.dll - Ok

c:\windows\system32\docprop.dll - Ok

c:\windows\system32\dot3api.dll - Ok

c:\windows\system32\docprop2.dll - Ok

c:\windows\system32\dot3dlg.dll - Ok

c:\windows\system32\drivers\acpiec.sys - Ok

c:\windows\system32\dot3svc.dll - Ok

c:\windows\system32\dot3gpclnt.dll - Ok

c:\windows\system32\dpcdll.dll - Ok

c:\windows\system32\drivers\beep.sys - Ok

c:\windows\system32\drivers\avgtpx86.sys - Ok

c:\windows\system32\drivers\cbidf2k.sys - Ok

c:\windows\system32\drivers\cdaudio.sys - Ok

c:\windows\system32\drivers\afd.sys - Ok

c:\windows\system32\drivers\cdfs.sys - Ok

c:\windows\system32\drivers\disk.sys - Ok

c:\windows\system32\drivers\dmload.sys - Ok

c:\windows\system32\drivers\bridge.sys - Ok

c:\windows\system32\drivers\fdc.sys - Ok

c:\windows\system32\drivers\dmio.sys - Ok

c:\windows\system32\drivers\fastfat.sys - Ok

c:\windows\system32\drivers\fs_rec.sys - Ok

c:\windows\system32\drivers\flpydisk.sys - Ok

c:\windows\system32\drivers\gvtdrv.sys - Ok

c:\windows\system32\drivers\dmboot.sys - Ok

c:\windows\system32\drivers\fips.sys - Ok

c:\windows\system32\drivers\ip6fw.sys - Ok

c:\windows\system32\drivers\ksecdd.sys - Ok

c:\windows\system32\drivers\modem.sys - Ok

c:\windows\system32\drivers\mbamchameleon.sys - Ok

c:\windows\system32\drivers\ipnat.sys - Ok

c:\windows\system32\drivers\mountmgr.sys - Ok

c:\windows\system32\drivers\msfs.sys - Ok

c:\windows\system32\drivers\mbam.sys - Ok

c:\windows\system32\drivers\ndproxy.sys - Ok

c:\windows\system32\drivers\netbios.sys - Ok

c:\windows\system32\drivers\ndisuio.sys - Ok

c:\windows\system32\drivers\mup.sys - Ok

c:\windows\system32\drivers\npfs.sys - Ok

c:\windows\system32\drivers\null.sys - Ok

c:\windows\system32\drivers\parport.sys - Ok

c:\windows\system32\drivers\partmgr.sys - Ok

c:\windows\system32\drivers\parvdm.sys - Ok

c:\windows\system32\drivers\netbt.sys - Ok

c:\windows\system32\drivers\ndis.sys - Ok

c:\windows\system32\drivers\rdpcdd.sys - Ok

c:\windows\system32\drivers\pci.sys - Ok

c:\windows\system32\drivers\pcmcia.sys - Ok

c:\windows\system32\drivers\sfloppy.sys - Ok

c:\windows\system32\drivers\scsiport.sys - Ok

c:\windows\system32\drivers\rdpwd.sys - Ok

c:\windows\system32\drivers\serial.sys - Ok

c:\windows\system32\drivers\tdi.sys - Ok

c:\windows\system32\drivers\tdtcp.sys - Ok

c:\windows\system32\drivers\tdpipe.sys - Ok

c:\windows\system32\drivers\usbstor.sys - Ok

c:\windows\system32\drivers\sr.sys - Ok

c:\windows\system32\drivers\udfs.sys - Ok

c:\windows\system32\drivers\vga.sys - Ok

c:\windows\system32\drivers\volsnap.sys - Ok

c:\windows\rthdcpl.exe - container

c:\windows\system32\drivers\ws2ifsl.sys - Ok

c:\windows\system32\drprov.dll - Ok

c:\windows\system32\drivers\tcpip.sys - Ok

c:\windows\system32\dskquota.dll - Ok

c:\windows\system32\dsquery.dll - Ok

c:\windows\system32\drivers\ntfs.sys - Ok

c:\windows\system32\dskquoui.dll - Ok

c:\windows\system32\dssec.dll - Ok

c:\windows\system32\eapolqec.dll - Ok

c:\windows\system32\dsuiext.dll - Ok

c:\windows\system32\dsound.dll - Ok

c:\windows\system32\dssenh.dll - Ok

c:\windows\system32\ersvc.dll - Ok

c:\windows\system32\eappprxy.dll - Ok

c:\windows\system32\eappcfg.dll - Ok

c:\windows\system32\eapsvc.dll - Ok

c:\windows\system32\duser.dll - Ok

c:\windows\system32\es.dll - Ok

c:\windows\system32\extmgr.dll - Ok

c:\windows\system32\eventlog.dll - Ok

c:\windows\system32\faultrep.dll - Ok

c:\windows\system32\feclient.dll - Ok

c:\windows\system32\drwtsn32.exe - Ok

c:\windows\system32\fltlib.dll - Ok

c:\windows\system32\firewall.cpl - Ok

c:\windows\system32\gdi32.dll - Ok

c:\windows\system32\hid.dll - Ok

c:\windows\system32\hidphone.tsp - Ok

c:\windows\system32\esent.dll - Ok

c:\windows\system32\hticons.dll - Ok

c:\windows\system32\iassvcs.dll - Ok

c:\windows\system32\icaapi.dll - Ok

>c:\windows\system32\fontext.dll is BINARYRES container

>>c:\windows\system32\fontext.dll\data001 - packed by MS COMPRESS

c:\windows\system32\iac25_32.ax - Ok

c:\windows\system32\h323.tsp - Ok

c:\windows\system32\hhctrl.ocx - Ok

c:\windows\system32\hnetcfg.dll - Ok

>>c:\windows\system32\fontext.dll\data002 - packed by MS COMPRESS

c:\windows\system32\iccvid.dll - Ok

c:\windows\system32\fontext.dll - container

c:\windows\system32\icmp.dll - Ok

c:\windows\system32\icmui.dll - Ok

>c:\windows\system32\icardres.dll.mui is BINARYRES container

c:\windows\system32\ie4uinit.exe - Ok

c:\windows\system32\imaadp32.acm - Ok

c:\windows\system32\iedkcs32.dll - Ok

c:\windows\system32\imapi.exe - Ok

c:\windows\system32\imm32.dll - Ok

c:\windows\system32\iertutil.dll - Ok

c:\windows\system32\icardres.dll.mui - container

c:\windows\system32\inetpp.dll - Ok

c:\windows\system32\iologmsg.dll - Ok

c:\windows\system32\ipconf.tsp - Ok

c:\windows\system32\ieudinit.exe - Ok

c:\windows\system32\inetcomm.dll - Ok

c:\windows\system32\imagehlp.dll - Ok

c:\windows\system32\iphlpapi.dll - Ok

c:\windows\system32\ir32_32.dll - Ok

c:\windows\system32\ipsecsvc.dll - Ok

c:\windows\system32\ieframe.dll - Ok

c:\windows\system32\ipnathlp.dll - Ok

c:\windows\system32\iyuv_32.dll - Ok

c:\windows\system32\kmddsp.tsp - Ok

c:\windows\system32\ir50_32.dll - Ok

c:\windows\system32\itss.dll - Ok

c:\windows\system32\kmsvc.dll - Ok

c:\windows\system32\kerberos.dll - Ok

c:\windows\system32\ksuser.dll - Ok

c:\windows\system32\ir41_32.ax - Ok

>c:\windows\system32\linkinfo.dll - packed by FLY-CODE

c:\windows\system32\kernel32.dll - Ok

c:\windows\system32\lmhsvc.dll - Ok

c:\windows\system32\l3codeca.acm - Ok

c:\windows\system32\loadperf.dll - Ok

c:\windows\system32\locator.exe - Ok

c:\windows\system32\localspl.dll - Ok

c:\windows\system32\linkinfo.dll - Ok

c:\windows\system32\lz32.dll - Ok

c:\windows\system32\logon.scr - Ok

c:\windows\system32\lsass.exe - Ok

c:\windows\system32\mfcsubs.dll - Ok

c:\windows\system32\midimap.dll - Ok

c:\windows\system32\legitcheckcontrol.dll - Ok

c:\windows\system32\lsasrv.dll - Ok

c:\windows\system32\mnmdd.dll - Ok

c:\windows\system32\logonui.exe - Ok

c:\windows\system32\macromed\flash\flashplayerupdateservice.exe - Ok

c:\windows\system32\mlang.dll - Ok

c:\windows\system32\mpr.dll - Ok

c:\windows\system32\mnmsrvc.exe - Ok

c:\windows\system32\mprdim.dll - Ok

c:\windows\system32\mmcshext.dll - Ok

c:\windows\system32\mmsys.cpl - Ok

c:\windows\system32\mprmsg.dll - Ok

>c:\windows\system32\msacm32.drv - packed by FLY-CODE

c:\windows\system32\mprapi.dll - Ok

c:\windows\system32\msadp32.acm - Ok

c:\windows\system32\msasn1.dll - Ok

c:\windows\system32\msaudite.dll - Ok

c:\windows\system32\msapsspc.dll - Ok

c:\windows\system32\msacm32.dll - Ok

c:\windows\system32\mscms.dll - Ok

c:\windows\system32\mscories.dll - Ok

c:\windows\system32\msacm32.drv - Ok

c:\windows\system32\mscoree.dll - Ok

c:\windows\system32\msdtc.exe - Ok

c:\windows\system32\msg711.acm - Ok

c:\windows\system32\msaud32.acm - Ok

c:\windows\system32\msctfime.ime - Ok

c:\windows\system32\msctf.dll - Ok

c:\windows\system32\msgsm32.acm - Ok

c:\windows\system32\msg723.acm - Ok

c:\windows\system32\msgsvc.dll - Ok

c:\windows\system32\msh261.drv - Ok

c:\windows\system32\msh263.drv - Ok

c:\windows\system32\msftedit.dll - Ok

c:\windows\system32\msgina.dll - Ok

c:\windows\system32\msiexec.exe - Ok

c:\windows\system32\msieftp.dll - Ok

c:\windows\system32\msidle.dll - Ok

c:\windows\system32\msimg32.dll - Ok

c:\windows\system32\msobjs.dll - Ok

c:\windows\system32\mspatcha.dll - Ok

c:\windows\system32\msprivs.dll - Ok

c:\windows\system32\msrle32.dll - Ok

c:\windows\system32\msshavmsg.dll - Ok

c:\windows\system32\msnsspc.dll - Ok

c:\windows\system32\mstask.dll - Ok

c:\windows\system32\msi.dll - Ok

c:\windows\system32\mstlsapi.dll - Ok

c:\windows\system32\msv1_0.dll - Ok

c:\windows\system32\msutb.dll - Ok

c:\windows\system32\mspmsnsv.dll - Ok

c:\windows\system32\msvidc32.dll - Ok

c:\windows\system32\msvcp60.dll - Ok

c:\windows\system32\msvcrt.dll - Ok

c:\windows\system32\msyuv.dll - Ok

c:\windows\system32\mswsock.dll - Ok

c:\windows\system32\mtxclu.dll - Ok

c:\windows\system32\mydocs.dll - Ok

c:\windows\system32\mshtml.dll - Ok

>c:\windows\system32\muweb.dll is CAB archive

c:\windows\system32\muweb.dll - Ok

c:\windows\system32\muweb.dll - archive

c:\windows\system32\msvbvm60.dll - Ok

c:\windows\system32\napipsec.dll - Ok

>c:\windows\system32\nddeapi.dll - packed by FLY-CODE

c:\windows\system32\ncobjapi.dll - Ok

c:\windows\system32\ndptsp.tsp - Ok

c:\windows\system32\msvidctl.dll - Ok

c:\windows\system32\netapi32.dll - Ok

c:\windows\system32\msxml3.dll - Ok

c:\windows\system32\nddeapi.dll - Ok

c:\windows\system32\netdde.exe - Ok

c:\windows\system32\netevent.dll - Ok

c:\windows\system32\netmsg.dll - Ok

c:\windows\system32\netrap.dll - Ok

c:\windows\system32\netcfgx.dll - Ok

c:\windows\system32\netsetup.cpl - Ok

c:\windows\system32\netui0.dll - Ok

c:\windows\system32\netman.dll - Ok

c:\windows\system32\netlogon.dll - Ok

c:\windows\system32\nmevtmsg.dll - Ok

c:\windows\system32\normaliz.dll - Ok

c:\windows\system32\ntdsapi.dll - Ok

c:\windows\system32\netplwiz.dll - Ok

c:\windows\system32\netui1.dll - Ok

c:\windows\system32\ntlanman.dll - Ok

c:\windows\system32\ntlsapi.dll - Ok

c:\windows\system32\ntdll.dll - Ok

c:\windows\system32\ntlanui2.dll - Ok

c:\windows\system32\ntmarta.dll - Ok

c:\windows\system32\netshell.dll - Ok

c:\windows\system32\ntmsevt.dll - Ok

c:\windows\system32\ntshrui.dll - Ok

c:\windows\system32\ntmssvc.dll - Ok

c:\windows\system32\ntsd.exe - Ok

c:\windows\system32\oakley.dll - Ok

c:\windows\system32\nvmctray.dll - Ok

c:\windows\system32\occache.dll - Ok

c:\windows\system32\nvsvc32.exe - Ok

c:\windows\system32\odbcint.dll - Ok

c:\windows\system32\odbc32.dll - Ok

c:\windows\system32\odbcbcp.dll - Ok

c:\windows\system32\oleacc.dll - Ok

c:\windows\system32\oleaut32.dll - Ok

c:\windows\system32\olecnv32.dll - Ok

c:\windows\system32\olesvr32.dll - Ok

c:\windows\system32\olethk32.dll - Ok

c:\windows\system32\olecli32.dll - Ok

c:\windows\system32\pautoenr.dll - Ok

>c:\windows\system32\ole32.dll is BINARYRES container

c:\windows\system32\onex.dll - Ok

c:\windows\system32\perfctrs.dll - Ok

c:\windows\system32\ole32.dll - container

c:\windows\system32\perfdisk.dll - Ok

c:\windows\system32\perfnet.dll - Ok

c:\windows\system32\pdh.dll - Ok

c:\windows\system32\perfmon.exe - Ok

c:\windows\system32\nvapi.dll - Ok

c:\windows\system32\perfos.dll - Ok

c:\windows\system32\perfproc.dll - Ok

>c:\windows\system32\pjlmon.dll - packed by FLY-CODE

c:\windows\system32\powrprof.dll - Ok

c:\windows\system32\pjlmon.dll - Ok

c:\windows\system32\prflbmsg.dll - Ok

c:\windows\system32\photowiz.dll - Ok

c:\windows\system32\nvcpl.dll - Ok

c:\windows\system32\profmap.dll - Ok

c:\windows\system32\psapi.dll - Ok

c:\windows\system32\pstorsvc.dll - Ok

c:\windows\system32\printui.dll - Ok

c:\windows\system32\psbase.dll - Ok

c:\windows\system32\qutil.dll - Ok

c:\windows\system32\qagentrt.dll - Ok

c:\windows\system32\rasadhlp.dll - Ok

c:\windows\system32\qmgr.dll - Ok

c:\windows\system32\raschap.dll - Ok

c:\windows\system32\rasauto.dll - Ok

c:\windows\system32\query.dll - Ok

c:\windows\system32\rasman.dll - Ok

c:\windows\system32\rasapi32.dll - Ok

c:\windows\system32\rasqec.dll - Ok

c:\windows\system32\rdpdd.dll - Ok

c:\windows\system32\rastapi.dll - Ok

c:\windows\system32\rasppp.dll - Ok

c:\windows\system32\regapi.dll - Ok

c:\windows\system32\rastls.dll - Ok

c:\windows\system32\rasdlg.dll - Ok

c:\windows\system32\rasmans.dll - Ok

c:\windows\system32\resutils.dll - Ok

c:\windows\system32\rshx32.dll - Ok

c:\windows\system32\remotepg.dll - Ok

c:\windows\system32\regsvr32.exe - Ok

c:\windows\system32\rsvpmsg.dll - Ok

c:\windows\system32\rpcrt4.dll - Ok

c:\windows\system32\rsvp.exe - Ok

c:\windows\system32\rsaenh.dll - Ok

c:\windows\system32\rundll32.exe - Ok

c:\windows\system32\rtm.dll - Ok

c:\windows\system32\rtutils.dll - Ok

c:\windows\system32\safrslv.dll - Ok

c:\windows\system32\rsvpsp.dll - Ok

c:\windows\system32\safrdm.dll - Ok

c:\windows\system32\samlib.dll - Ok

c:\windows\system32\rpcss.dll - Ok

c:\windows\system32\scardsvr.exe - Ok

c:\windows\system32\schannel.dll - Ok

c:\windows\system32\scesrv.dll - Ok

c:\windows\system32\scecli.dll - Ok

c:\windows\system32\savedump.exe - Ok

c:\windows\system32\seclogon.dll - Ok

c:\windows\system32\samsrv.dll - Ok

c:\windows\system32\sclgntfy.dll - Ok

c:\windows\system32\sendmail.dll - Ok

c:\windows\system32\sensapi.dll - Ok

c:\windows\system32\secur32.dll - Ok

c:\windows\system32\sens.dll - Ok

c:\windows\system32\sfc.dll - Ok

c:\windows\system32\schedsvc.dll - Ok

c:\windows\system32\services.exe - Ok

c:\windows\system32\sessmgr.exe - Ok

c:\windows\system32\shfolder.dll - Ok

>c:\windows\system32\shdoclc.dll is BINARYRES container

>>c:\windows\system32\shdoclc.dll\data001 is JS-HTML container

c:\windows\system32\sfc_os.dll - Ok

c:\windows\system32\shimeng.dll - Ok

>>c:\windows\system32\shdoclc.dll\data002 is JS-HTML container

>>c:\windows\system32\shdoclc.dll\data003 is JS-HTML container

>c:\windows\system32\setupapi.dll - packed by BINARYRES

>>c:\windows\system32\setupapi.dll - packed by MS COMPRESS

>>c:\windows\system32\shdoclc.dll\data004 is JS-HTML container

c:\windows\system32\setupapi.dll - Ok

c:\windows\system32\shlwapi.dll - Ok

c:\windows\system32\shdocvw.dll - Ok

>>c:\windows\system32\shdoclc.dll\data005 is JS-HTML container

>>c:\windows\system32\shdoclc.dll\data006 is JS-HTML container

>c:\windows\system32\shimgvw.dll is BINARYRES container

>>c:\windows\system32\shimgvw.dll\data001 is JS-HTML container

c:\windows\system32\shmgrate.exe - Ok

>>c:\windows\system32\shimgvw.dll\data002 is JS-HTML container

c:\windows\system32\shdoclc.dll - container

c:\windows\system32\shscrap.dll - Ok

c:\windows\system32\shimgvw.dll - container

c:\windows\system32\shmedia.dll - Ok

c:\windows\system32\slayerxp.dll - Ok

c:\windows\system32\shsvcs.dll - Ok

>c:\windows\system32\shell32.dll is BINARYRES container

>>c:\windows\system32\shell32.dll\data001 is JS-HTML container

c:\windows\system32\smss.exe - Ok

c:\windows\system32\spmsg.dll - Ok

c:\windows\system32\sl_anet.acm - Ok

c:\windows\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - Ok

c:\windows\system32\shell32.dll - container

c:\windows\system32\smlogsvc.exe - Ok

c:\windows\system32\spoolss.dll - Ok

c:\windows\system32\ssdpapi.dll - Ok

c:\windows\system32\srvsvc.dll - Ok

c:\windows\system32\srsvc.dll - Ok

c:\windows\system32\spoolsv.exe - Ok

c:\windows\system32\stobject.dll - Ok

c:\windows\system32\ssdpsrv.dll - Ok

c:\windows\system32\svchost.exe - Ok

c:\windows\system32\sxs.dll - Ok

c:\windows\system32\syncui.dll - Ok

c:\windows\system32\t2embed.dll - Ok

c:\windows\system32\tcpmon.dll - Ok

c:\windows\system32\tapi32.dll - Ok

c:\windows\system32\trkwks.dll - Ok

c:\windows\system32\tsbyuv.dll - Ok

c:\windows\system32\tapisrv.dll - Ok

c:\windows\system32\tssoft32.acm - Ok

c:\windows\system32\tsddd.dll - Ok

c:\windows\system32\syssetup.dll - Ok

c:\windows\system32\twext.dll - Ok

c:\windows\system32\ulib.dll - Ok

c:\windows\system32\termsrv.dll - Ok

>c:\windows\system32\uniplat.dll - packed by FLY-CODE

c:\windows\system32\umpnpmgr.dll - Ok

c:\windows\system32\themeui.dll - Ok

c:\windows\system32\unimdm.tsp - Ok

c:\windows\system32\ups.exe - Ok

c:\windows\system32\upnp.dll - Ok

c:\windows\system32\url.dll - Ok

c:\windows\system32\usbmon.dll - Ok

c:\windows\system32\upnphost.dll - Ok

c:\windows\system32\userinit.exe - Ok

c:\windows\system32\uniplat.dll - Ok

c:\windows\system32\uxtheme.dll - Ok

c:\windows\system32\version.dll - Ok

c:\windows\system32\user32.dll - Ok

c:\windows\system32\urlmon.dll - Ok

c:\windows\system32\usp10.dll - Ok

c:\windows\system32\userenv.dll - Ok

c:\windows\system32\w3ssl.dll - Ok

c:\windows\system32\wbem\ncprov.dll - Ok

c:\windows\system32\wbem\esscli.dll - Ok

c:\windows\system32\vssvc.exe - Ok

c:\windows\system32\w32time.dll - Ok

c:\windows\system32\vssapi.dll - Ok

c:\windows\system32\wbem\wbemcomn.dll - Ok

c:\windows\system32\wbem\fastprox.dll - Ok

c:\windows\system32\wbem\wbemprox.dll - Ok

c:\windows\system32\wbem\wbemsvc.dll - Ok

c:\windows\system32\wbem\repdrvfs.dll - Ok

c:\windows\system32\wbem\wmiapres.dll - Ok

c:\windows\system32\wbem\wmiaprpl.dll - Ok

c:\windows\system32\wbem\wbemcore.dll - Ok

c:\windows\system32\wbem\wmisvc.dll - Ok

c:\windows\system32\wbem\wmiapsrv.exe - Ok

c:\windows\system32\wdigest.dll - Ok

c:\windows\system32\wbem\wbemess.dll - Ok

c:\windows\system32\wbem\wmiutils.dll - Ok

c:\windows\system32\wdmaud.drv - Ok

c:\windows\system32\wbem\wmiprvsd.dll - Ok

c:\windows\system32\webclnt.dll - Ok

c:\windows\system32\wbem\winmgmt.exe - Ok

c:\windows\system32\webcheck.dll - Ok

c:\windows\system32\wiascr.dll - Ok

c:\windows\system32\winhttp.dll - Ok

c:\windows\system32\wiaservc.dll - Ok

c:\windows\system32\win32spl.dll - Ok

c:\windows\system32\wiashext.dll - Ok

c:\windows\system32\winipsec.dll - Ok

>c:\windows\system32\winrnr.dll - packed by FLY-CODE

c:\windows\system32\winscard.dll - Ok

c:\windows\system32\winsock.dll - Ok

c:\windows\system32\winmm.dll - Ok

c:\windows\system32\winrnr.dll - Ok

c:\windows\system32\winspool.drv - Ok

c:\windows\system32\wininet.dll - Ok

>c:\windows\system32\winsta.dll - packed by FLY-CODE

c:\windows\system32\wkssvc.dll - Ok

c:\windows\system32\winlogon.exe - Ok

c:\windows\system32\wintrust.dll - Ok

c:\windows\system32\winsrv.dll - Ok

c:\windows\system32\wmi.dll - Ok

c:\windows\system32\wlnotify.dll - Ok

c:\windows\system32\ws2_32.dll - Ok

c:\windows\system32\ws2help.dll - Ok

c:\windows\system32\wldap32.dll - Ok

c:\windows\system32\wmpshell.dll - Ok

c:\windows\system32\win32k.sys - Ok

c:\windows\system32\wscsvc.dll - Ok

c:\windows\system32\wscntfy.exe - Ok

c:\windows\system32\wsock32.dll - Ok

c:\windows\system32\wtsapi32.dll - Ok

c:\windows\system32\wshtcpip.dll - Ok

c:\windows\system32\wuaucpl.cpl.mui - Ok

c:\windows\system32\wuauserv.dll - Ok

c:\windows\system32\wshext.dll - Ok

>c:\windows\system32\wuaucpl.cpl - packed by FLY-CODE

c:\windows\system32\wzcsapi.dll - Ok

c:\windows\system32\wuweb.dll - Ok

c:\windows\system32\winsta.dll - Ok

c:\windows\system32\xmlprov.dll - Ok

c:\windows\system32\wzcdlg.dll - Ok

c:\windows\system32\wzcsvc.dll - Ok

c:\windows\system32\xpob2res.dll - Ok

c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcp90.dll - Ok

c:\windows\system32\wuaueng.dll - Ok

c:\windows\system32\xpsshhdr.dll - Ok

c:\windows\system32\zipfldr.dll - Ok

c:\windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.21022.8_x-ww_d08d0375\msvcr90.dll - Ok

c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - Ok

>c:\windows\system32\xpsp2res.dll is BINARYRES container

>>c:\windows\system32\xpsp2res.dll\data001 is JS-HTML container

c:\windows\system32\wuaucpl.cpl - Ok

c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\gdiplus.dll - Ok

>>c:\windows\system32\xpsp2res.dll\data002 is JS-HTML container

>>c:\windows\system32\xpsp2res.dll\data003 is JS-HTML container

>>c:\windows\system32\xpsp2res.dll\data004 is JS-HTML container

c:\windows\system32\xpsp2res.dll - container

d:\autorun.ico - Ok

d:\autorun.inf - Ok

d:\autorun.exe - Ok

C:\AUTOEXEC.BAT - Ok

C:\CONFIG.SYS - Ok

C:\end - Ok

C:\extensions.sqlite - Ok

C:\csb.log - Ok

C:\IO.SYS - Ok

C:\boot.ini - Ok

C:\pagefile.sys - read error

C:\MSDOS.SYS - Ok

C:\Install.log - Ok

C:\RHDSetup.log - Ok

C:\TDSSKiller.2.8.15.0_01.01.2013_19.39.23_log.txt - Ok

C:\WINDOWS\system32\$winnt$.inf - Ok

C:\ntldr - Ok

C:\WINDOWS\system32\12520437.cpx - Ok

C:\WINDOWS\system32\12520850.cpx - Ok

C:\NTDETECT.COM - Ok

C:\WINDOWS\system32\aaaamon.dll - Ok

C:\WINDOWS\system32\acctres.dll - Ok

C:\WINDOWS\system32\6to4svc.dll - Ok

C:\WINDOWS\system32\access.cpl - Ok

C:\WINDOWS\system32\acelpdec.ax - Ok

C:\WINDOWS\system32\aaclient.dll - Ok

C:\WINDOWS\system32\activeds.dll - Ok

C:\WINDOWS\system32\accwiz.exe - Ok

C:\WINDOWS\system32\activeds.tlb - Ok

C:\WINDOWS\system32\aclui.dll - Ok

C:\WINDOWS\system32\acledit.dll - Ok

C:\WINDOWS\system32\actxprxy.dll - Ok

C:\WINDOWS\system32\actmovie.exe - Ok

>C:\WINDOWS\system32\admparse.dll - packed by FLY-CODE

C:\WINDOWS\system32\adptif.dll - Ok

C:\WINDOWS\system32\adsldpc.dll - Ok

C:\WINDOWS\system32\adsmsext.dll - Ok

C:\WINDOWS\system32\advpack.dll - Ok

C:\WINDOWS\system32\advpack.dll.mui - Ok

C:\WINDOWS\system32\admparse.dll - Ok

C:\WINDOWS\system32\advapi32.dll - Ok

C:\WINDOWS\system32\adsldp.dll - Ok

C:\WINDOWS\system32\amcompat.tlb - Ok

C:\WINDOWS\system32\alrsvc.dll - Ok

C:\WINDOWS\system32\ansi.sys - Ok

C:\WINDOWS\system32\adsnt.dll - Ok

C:\WINDOWS\system32\append.exe - Ok

C:\WINDOWS\system32\amstream.dll - Ok

C:\WINDOWS\system32\ahui.exe - Ok

C:\WINDOWS\system32\AppleChargerSrv.exe - Ok

C:\WINDOWS\system32\apcups.dll - Ok

C:\WINDOWS\system32\apphelp.dll - Ok

C:\WINDOWS\system32\arp.exe - Ok

C:\WINDOWS\system32\asferror.dll - Ok

C:\WINDOWS\system32\alg.exe - Ok

C:\WINDOWS\system32\asycfilt.dll - Ok

C:\WINDOWS\system32\ALSNDMGR.CPL - Ok

C:\WINDOWS\system32\at.exe - Ok

C:\WINDOWS\system32\asctrls.ocx - Ok

C:\WINDOWS\system32\ati2cqag.dll - Ok

>C:\WINDOWS\system32\appwiz.cpl is BINARYRES container

>>C:\WINDOWS\system32\appwiz.cpl\data001 is JS-HTML container

C:\WINDOWS\system32\ativdaxx.ax - Ok

>>C:\WINDOWS\system32\appwiz.cpl\data003 is JS-HTML container

>>C:\WINDOWS\system32\appwiz.cpl\data004 is JS-HTML container

C:\WINDOWS\system32\ati2dvag.dll - Ok

>>C:\WINDOWS\system32\appwiz.cpl\data006 is JS-HTML container

C:\WINDOWS\system32\ati2dvaa.dll - Ok

C:\WINDOWS\system32\ativmvxx.ax - Ok

>>C:\WINDOWS\system32\appwiz.cpl\data008 is JS-HTML container

C:\WINDOWS\system32\atkctrs.dll - Ok

>>C:\WINDOWS\system32\appwiz.cpl\data009 is JS-HTML container

>>C:\WINDOWS\system32\appwiz.cpl\data011 is JS-HTML container

C:\WINDOWS\system32\atl.dll - Ok

>>C:\WINDOWS\system32\appwiz.cpl\data012 is JS-HTML container

>>C:\WINDOWS\system32\appwiz.cpl\data014 is JS-HTML container

>>C:\WINDOWS\system32\appwiz.cpl\data015 is JS-HTML container

C:\WINDOWS\system32\atmadm.exe - Ok

>>C:\WINDOWS\system32\appwiz.cpl\data016 is JS-HTML container

C:\WINDOWS\system32\appwiz.cpl - container

C:\WINDOWS\system32\ati3d1ag.dll - Ok

C:\WINDOWS\system32\ativvaxx.dll - Ok

C:\WINDOWS\system32\atmpvcno.dll - Ok

C:\WINDOWS\system32\atmlib.dll - Ok

C:\WINDOWS\system32\atmfd.dll - Ok

C:\WINDOWS\system32\atrace.dll - Ok

C:\WINDOWS\system32\auditusr.exe - Ok

C:\WINDOWS\system32\attrib.exe - Ok

C:\WINDOWS\system32\authz.dll - Ok

C:\WINDOWS\system32\audiosrv.dll - Ok

C:\WINDOWS\system32\AUTOEXEC.NT - Ok

C:\WINDOWS\system32\autodisc.dll - Ok

C:\WINDOWS\system32\autochk.exe - Ok

>C:\WINDOWS\system32\autolfn.exe - packed by FLY-CODE

C:\WINDOWS\system32\avicap.dll - Ok

C:\WINDOWS\system32\ativtmxx.dll - Ok

C:\WINDOWS\system32\autoconv.exe - Ok

C:\WINDOWS\system32\avifil32.dll - Ok

C:\WINDOWS\system32\avmeter.dll - Ok

C:\WINDOWS\system32\ati3duag.dll - Ok

C:\WINDOWS\system32\avifile.dll - Ok

C:\WINDOWS\system32\avicap32.dll - Ok

C:\WINDOWS\system32\basesrv.dll - Ok

C:\WINDOWS\system32\autofmt.exe - Ok

C:\WINDOWS\system32\batt.dll - Ok

C:\WINDOWS\system32\avwav.dll - Ok

C:\WINDOWS\system32\bios1.rom - Ok

C:\WINDOWS\system32\bidispl.dll - Ok

Link to post
Share on other sites

C:\WINDOWS\system32\batmeter.dll - Ok

C:\WINDOWS\system32\azroles.dll - Ok

C:\WINDOWS\system32\bios4.rom - Ok

C:\WINDOWS\system32\bitsprx2.dll - Ok

C:\WINDOWS\system32\bitsprx3.dll - Ok

C:\WINDOWS\system32\avtapi.dll - Ok

C:\WINDOWS\system32\bitsprx4.dll - Ok

C:\WINDOWS\system32\bootok.exe - Ok

C:\WINDOWS\system32\bootvid.dll - Ok

C:\WINDOWS\system32\bootvrfy.exe - Ok

C:\WINDOWS\system32\bopomofo.uce - Ok

C:\WINDOWS\system32\blackbox.dll - Ok

>C:\WINDOWS\system32\browselc.dll is BINARYRES container

>>C:\WINDOWS\system32\browselc.dll\data004 is JS-HTML container

>>C:\WINDOWS\system32\browselc.dll\data008 is JS-HTML container

C:\WINDOWS\system32\blastcln.exe - Ok

C:\WINDOWS\system32\browser.dll - Ok

C:\WINDOWS\system32\autolfn.exe - Ok

>>C:\WINDOWS\system32\browselc.dll\data012 is JS-HTML container

C:\WINDOWS\system32\browsewm.dll - Ok

C:\WINDOWS\system32\bthci.dll - Ok

>>C:\WINDOWS\system32\browselc.dll\data013 is ZLIB container

C:\WINDOWS\system32\BuzzingBee.wav - Ok

C:\WINDOWS\system32\browselc.dll - container

C:\WINDOWS\system32\bthserv.dll - Ok

C:\WINDOWS\system32\cabinet.dll - Ok

C:\WINDOWS\system32\cabview.dll - Ok

C:\WINDOWS\system32\browseui.dll - Ok

C:\WINDOWS\system32\cacls.exe - Ok

C:\WINDOWS\system32\bthprops.cpl - Ok

C:\WINDOWS\system32\calc.exe - Ok

C:\WINDOWS\system32\camocx.dll - Ok

C:\WINDOWS\system32\catsrv.dll - Ok

C:\WINDOWS\system32\btpanui.dll - Ok

C:\WINDOWS\system32\catsrvps.dll - Ok

C:\WINDOWS\system32\capesnpn.dll - Ok

C:\WINDOWS\system32\cards.dll - Ok

>C:\WINDOWS\system32\cdm.dll - packed by FLY-CODE

>C:\WINDOWS\system32\cdmodem.dll - packed by FLY-CODE

C:\WINDOWS\system32\catsrvut.dll - Ok

C:\WINDOWS\system32\ccfgnt.dll - Ok

C:\WINDOWS\system32\cdplayer.exe.manifest - Ok

C:\WINDOWS\system32\cdmodem.dll - Ok

>C:\WINDOWS\system32\cdfview.dll is BINARYRES container

>>C:\WINDOWS\system32\cdfview.dll\data001 is JS-HTML container

C:\WINDOWS\system32\certcli.dll - Ok

C:\WINDOWS\system32\certmgr.msc - Ok

>>C:\WINDOWS\system32\cdfview.dll\data002 is JS-HTML container

C:\WINDOWS\system32\cdm.dll - Ok

C:\WINDOWS\system32\cfgmgr32.dll - Ok

C:\WINDOWS\system32\cdfview.dll - container

C:\WINDOWS\system32\cfgbkend.dll - Ok

C:\WINDOWS\system32\chcp.com - Ok

C:\WINDOWS\system32\chkdsk.exe - Ok

C:\WINDOWS\system32\chkntfs.exe - Ok

C:\WINDOWS\system32\ciadv.msc - Ok

C:\WINDOWS\system32\charmap.exe - Ok

C:\WINDOWS\system32\cidaemon.exe - Ok

C:\WINDOWS\system32\cewmdm.dll - Ok

C:\WINDOWS\system32\ciadmin.dll - Ok

C:\WINDOWS\system32\certmgr.dll - Ok

C:\WINDOWS\system32\clb.dll - Ok

C:\WINDOWS\system32\ciodm.dll - Ok

C:\WINDOWS\system32\cic.dll - Ok

C:\WINDOWS\system32\cisvc.exe - Ok

>C:\WINDOWS\system32\cliconf.chm is CHM container

C:\WINDOWS\system32\ckcnv.exe - Ok

C:\WINDOWS\system32\clbcatex.dll - Ok

C:\WINDOWS\system32\clbcatq.dll - Ok

C:\WINDOWS\system32\cliconfg.rll - Ok

C:\WINDOWS\system32\cliconfg.dll - Ok

C:\WINDOWS\system32\cleanmgr.exe - Ok

C:\WINDOWS\system32\clipsrv.exe - Ok

C:\WINDOWS\system32\cliconfg.exe - Ok

C:\WINDOWS\system32\clusapi.dll - Ok

C:\WINDOWS\system32\clipbrd.exe - Ok

>C:\WINDOWS\system32\cdosys.dll is BINARYRES container

>>C:\WINDOWS\system32\cdosys.dll\data001 is JS-HTML container

C:\WINDOWS\system32\cdosys.dll - container

C:\WINDOWS\system32\cmcfg32.dll - Ok

C:\WINDOWS\system32\cmmgr32.hlp - Ok

C:\WINDOWS\system32\cmos.ram - Ok

>>C:\WINDOWS\system32\cliconf.chm\Basics\mailto.js is JS-HTML container

C:\WINDOWS\system32\cmd.exe - Ok

C:\WINDOWS\system32\cmpbk32.dll - Ok

C:\WINDOWS\system32\cmdl32.exe - Ok

>>C:\WINDOWS\system32\cliconf.chm\Basics\shared.js is JS-HTML container

C:\WINDOWS\system32\cmsetacl.dll - Ok

C:\WINDOWS\system32\cmutil.dll - Ok

C:\WINDOWS\system32\cmmon32.exe - Ok

C:\WINDOWS\system32\cnbjmon.dll - Ok

C:\WINDOWS\system32\cmstp.exe - Ok

C:\WINDOWS\system32\cnetcfg.dll - Ok

C:\WINDOWS\system32\cnvfat.dll - Ok

C:\WINDOWS\system32\cmdial32.dll - Ok

C:\WINDOWS\system32\cmprops.dll - Ok

C:\WINDOWS\system32\comcat.dll - Ok

>>C:\WINDOWS\system32\cliconf.chm\Basics\vs70.js is JS-HTML container

C:\WINDOWS\system32\comm.drv - Ok

>>C:\WINDOWS\system32\cliconf.chm\Basics\vs70link.js is JS-HTML container

C:\WINDOWS\system32\command.com - Ok

C:\WINDOWS\system32\colbact.dll - Ok

C:\WINDOWS\system32\commdlg.dll - Ok

C:\WINDOWS\system32\comaddin.dll - Ok

C:\WINDOWS\system32\comctl32.dll - Ok

C:\WINDOWS\system32\compact.exe - Ok

C:\WINDOWS\system32\comp.exe - Ok

C:\WINDOWS\system32\comdlg32.dll - Ok

C:\WINDOWS\system32\compobj.dll - Ok

C:\WINDOWS\system32\compmgmt.msc - Ok

C:\WINDOWS\system32\cliconf.chm - container

C:\WINDOWS\system32\comres.dll - Ok

C:\WINDOWS\system32\comrepl.dll - Ok

>C:\WINDOWS\system32\compatui.dll is BINARYRES container

C:\WINDOWS\system32\CONFIG.NT - Ok

>>C:\WINDOWS\system32\compatui.dll\data002 is JS-HTML container

C:\WINDOWS\system32\compatui.dll - container

C:\WINDOWS\system32\CONFIG.TMP - Ok

C:\WINDOWS\system32\compstui.dll - Ok

C:\WINDOWS\system32\comsnap.dll - Ok

C:\WINDOWS\system32\control.exe - Ok

C:\WINDOWS\system32\comsvcs.dll - Ok

C:\WINDOWS\system32\console.dll - Ok

C:\WINDOWS\system32\convert.exe - Ok

C:\WINDOWS\system32\country.sys - Ok

C:\WINDOWS\system32\comuid.dll - Ok

C:\WINDOWS\system32\corpol.dll - Ok

C:\WINDOWS\system32\conime.exe - Ok

C:\WINDOWS\system32\credssp.dll - Ok

C:\WINDOWS\system32\cryptdll.dll - Ok

C:\WINDOWS\system32\credui.dll - Ok

C:\WINDOWS\system32\confmsp.dll - Ok

C:\WINDOWS\system32\crypt32.dll - Ok

C:\WINDOWS\system32\cryptdlg.dll - Ok

C:\WINDOWS\system32\cryptext.dll - Ok

C:\WINDOWS\system32\crtdll.dll - Ok

C:\WINDOWS\system32\cryptnet.dll - Ok

C:\WINDOWS\system32\cryptsvc.dll - Ok

C:\WINDOWS\system32\cscdll.dll - Ok

C:\WINDOWS\system32\csrsrv.dll - Ok

C:\WINDOWS\system32\csrss.exe - Ok

C:\WINDOWS\system32\cscript.exe - Ok

C:\WINDOWS\system32\cscui.dll - Ok

C:\WINDOWS\system32\ctl3dv2.dll - Ok

C:\WINDOWS\system32\ctype.nls - Ok

C:\WINDOWS\system32\cryptui.dll - Ok

C:\WINDOWS\system32\csseqchk.dll - Ok

C:\WINDOWS\system32\c_037.nls - Ok

C:\WINDOWS\system32\c_10006.nls - Ok

C:\WINDOWS\system32\c_10000.nls - Ok

C:\WINDOWS\system32\c_10007.nls - Ok

C:\WINDOWS\system32\c_10017.nls - Ok

C:\WINDOWS\system32\c_10010.nls - Ok

C:\WINDOWS\system32\c_10029.nls - Ok

C:\WINDOWS\system32\ctfmon.exe - Ok

C:\WINDOWS\system32\c_10081.nls - Ok

C:\WINDOWS\system32\c_10082.nls - Ok

C:\WINDOWS\system32\c_1251.nls - Ok

C:\WINDOWS\system32\c_1250.nls - Ok

C:\WINDOWS\system32\c_10079.nls - Ok

C:\WINDOWS\system32\c_1026.nls - Ok

C:\WINDOWS\system32\c_1253.nls - Ok

C:\WINDOWS\system32\c_1252.nls - Ok

C:\WINDOWS\system32\c_1254.nls - Ok

C:\WINDOWS\system32\c_1255.nls - Ok

C:\WINDOWS\system32\c_1256.nls - Ok

C:\WINDOWS\system32\c_1257.nls - Ok

C:\WINDOWS\system32\c_1258.nls - Ok

C:\WINDOWS\system32\c_20261.nls - Ok

C:\WINDOWS\system32\c_20127.nls - Ok

C:\WINDOWS\system32\c_20866.nls - Ok

C:\WINDOWS\system32\c_20905.nls - Ok

C:\WINDOWS\system32\c_21866.nls - Ok

C:\WINDOWS\system32\c_28592.nls - Ok

C:\WINDOWS\system32\c_28593.nls - Ok

C:\WINDOWS\system32\c_28591.nls - Ok

C:\WINDOWS\system32\C_28595.NLS - Ok

C:\WINDOWS\system32\C_28594.NLS - Ok

C:\WINDOWS\system32\c_28598.nls - Ok

C:\WINDOWS\system32\C_28597.NLS - Ok

C:\WINDOWS\system32\c_28603.nls - Ok

C:\WINDOWS\system32\c_28599.nls - Ok

C:\WINDOWS\system32\c_28605.nls - Ok

C:\WINDOWS\system32\c_437.nls - Ok

C:\WINDOWS\system32\c_737.nls - Ok

C:\WINDOWS\system32\c_500.nls - Ok

C:\WINDOWS\system32\c_775.nls - Ok

C:\WINDOWS\system32\c_850.nls - Ok

C:\WINDOWS\system32\c_852.nls - Ok

C:\WINDOWS\system32\c_855.nls - Ok

C:\WINDOWS\system32\c_861.nls - Ok

C:\WINDOWS\system32\c_860.nls - Ok

C:\WINDOWS\system32\c_857.nls - Ok

C:\WINDOWS\system32\c_863.nls - Ok

C:\WINDOWS\system32\CSVer.dll - Ok

C:\WINDOWS\system32\c_865.nls - Ok

C:\WINDOWS\system32\c_866.nls - Ok

C:\WINDOWS\system32\c_869.nls - Ok

C:\WINDOWS\system32\c_874.nls - Ok

C:\WINDOWS\system32\c_875.nls - Ok

C:\WINDOWS\system32\ctl3d32.dll - Ok

C:\WINDOWS\system32\d3d8thk.dll - Ok

C:\WINDOWS\system32\c_949.nls - Ok

C:\WINDOWS\system32\d3d9caps.dat - Ok

C:\WINDOWS\system32\c_932.nls - Ok

C:\WINDOWS\system32\c_936.nls - Ok

C:\WINDOWS\system32\c_950.nls - Ok

C:\WINDOWS\system32\d3dpmesh.dll - Ok

C:\WINDOWS\system32\d3dim.dll - Ok

C:\WINDOWS\system32\d3d9.dll - Ok

C:\WINDOWS\system32\d3dim700.dll - Ok

C:\WINDOWS\system32\d3dramp.dll - Ok

>C:\WINDOWS\system32\d3dx10_39.dll - packed by PESTUB

C:\WINDOWS\system32\d3drm.dll - Ok

C:\WINDOWS\system32\d3dxof.dll - Ok

C:\WINDOWS\system32\d3dx10_39.dll - Ok

C:\WINDOWS\system32\dataclen.dll - Ok

C:\WINDOWS\system32\davclnt.dll - Ok

C:\WINDOWS\system32\d3d8.dll - Ok

>C:\WINDOWS\system32\D3DCompiler_39.dll - packed by PESTUB

C:\WINDOWS\system32\datime.dll - Ok

C:\WINDOWS\system32\daxctle.ocx - Ok

C:\WINDOWS\system32\dbmsrpcn.dll - Ok

C:\WINDOWS\system32\dbghelp.dll - Ok

C:\WINDOWS\system32\dbnetlib.dll - Ok

C:\WINDOWS\system32\dcache.bin - Ok

>C:\WINDOWS\system32\dbnmpntw.dll - packed by FLY-CODE

C:\WINDOWS\system32\dciman32.dll - Ok

C:\WINDOWS\system32\dbnmpntw.dll - Ok

C:\WINDOWS\system32\D3DCompiler_39.dll - Ok

C:\WINDOWS\system32\ddeml.dll - Ok

C:\WINDOWS\system32\dcomcnfg.exe - Ok

C:\WINDOWS\system32\ddrawex.dll - Ok

>C:\WINDOWS\system32\debug.exe - packed by EXEPACK

C:\WINDOWS\system32\debug.exe - Ok

C:\WINDOWS\system32\ddraw.dll - Ok

C:\WINDOWS\system32\danim.dll - Ok

C:\WINDOWS\system32\deskadp.dll - Ok

C:\WINDOWS\system32\desk.cpl - Ok

>C:\WINDOWS\system32\deskmon.dll - packed by FLY-CODE

C:\WINDOWS\system32\defrag.exe - Ok

C:\WINDOWS\system32\desktop.ini - Ok

C:\WINDOWS\system32\ddeshare.exe - Ok

>C:\WINDOWS\system32\deskperf.dll - packed by FLY-CODE

C:\WINDOWS\system32\devmgmt.msc - Ok

C:\WINDOWS\system32\dbgeng.dll - Ok

C:\WINDOWS\system32\devenum.dll - Ok

C:\WINDOWS\system32\dfrg.msc - Ok

C:\WINDOWS\system32\deskmon.dll - Ok

C:\WINDOWS\system32\deskperf.dll - Ok

C:\WINDOWS\system32\dfrgfat.exe - Ok

C:\WINDOWS\system32\dfrgntfs.exe - Ok

>C:\WINDOWS\system32\dfrgres.dll is BINARYRES container

C:\WINDOWS\system32\dfrgsnap.dll - Ok

C:\WINDOWS\system32\dfrgres.dll - container

C:\WINDOWS\system32\devmgr.dll - Ok

C:\WINDOWS\system32\dfsshlex.dll - Ok

C:\WINDOWS\system32\dfrgui.dll - Ok

C:\WINDOWS\system32\dgnet.dll - Ok

C:\WINDOWS\system32\dhcpcsvc.dll - Ok

C:\WINDOWS\system32\dhcpqec.dll - Ok

C:\WINDOWS\system32\dfshim.dll - Ok

C:\WINDOWS\system32\dgsetup.dll - Ok

C:\WINDOWS\system32\dhcpsapi.dll - Ok

C:\WINDOWS\system32\dgrpsetu.dll - Ok

C:\WINDOWS\system32\digest.dll - Ok

C:\WINDOWS\system32\diantz.exe - Ok

C:\WINDOWS\system32\dhcpmon.dll - Ok

C:\WINDOWS\system32\dimap.dll - Ok

C:\WINDOWS\system32\dimsntfy.dll - Ok

C:\WINDOWS\system32\dimsroam.dll - Ok

C:\WINDOWS\system32\diactfrm.dll - Ok

C:\WINDOWS\system32\diskcomp.com - Ok

C:\WINDOWS\system32\difxapi.dll - Ok

C:\WINDOWS\system32\diskcopy.com - Ok

C:\WINDOWS\system32\dinput8.dll - Ok

C:\WINDOWS\system32\dinput.dll - Ok

C:\WINDOWS\system32\diskmgmt.msc - Ok

C:\WINDOWS\system32\diskperf.exe - Ok

C:\WINDOWS\system32\dispex.dll - Ok

C:\WINDOWS\system32\diskcopy.dll - Ok

C:\WINDOWS\system32\dllhst3g.exe - Ok

C:\WINDOWS\system32\D3DX9_39.dll - Ok

C:\WINDOWS\system32\dmband.dll - Ok

C:\WINDOWS\system32\dmadmin.exe - Ok

C:\WINDOWS\system32\dllhost.exe - Ok

C:\WINDOWS\system32\dmcompos.dll - Ok

C:\WINDOWS\system32\diskpart.exe - Ok

C:\WINDOWS\system32\dmintf.dll - Ok

C:\WINDOWS\system32\dmloader.dll - Ok

C:\WINDOWS\system32\dmdskres.dll - Ok

C:\WINDOWS\system32\dmocx.dll - Ok

C:\WINDOWS\system32\dmdskmgr.dll - Ok

C:\WINDOWS\system32\dmdlgs.dll - Ok

C:\WINDOWS\system32\dmime.dll - Ok

C:\WINDOWS\system32\dmconfig.dll - Ok

C:\WINDOWS\system32\dmserver.dll - Ok

C:\WINDOWS\system32\dmscript.dll - Ok

C:\WINDOWS\system32\dmremote.exe - Ok

C:\WINDOWS\system32\dmstyle.dll - Ok

>C:\WINDOWS\system32\dmutil.dll - packed by FLY-CODE

C:\WINDOWS\system32\dmview.ocx - Ok

C:\WINDOWS\system32\dnsapi.dll - Ok

C:\WINDOWS\system32\dnsrslvr.dll - Ok

C:\WINDOWS\system32\docprop.dll - Ok

C:\WINDOWS\system32\dmsynth.dll - Ok

C:\WINDOWS\system32\dmusic.dll - Ok

C:\WINDOWS\system32\docprop2.dll - Ok

C:\WINDOWS\system32\doskey.exe - Ok

C:\WINDOWS\system32\dot3cfg.dll - Ok

C:\WINDOWS\system32\dosx.exe - Ok

C:\WINDOWS\system32\dot3api.dll - Ok

C:\WINDOWS\system32\dot3dlg.dll - Ok

C:\WINDOWS\system32\dmutil.dll - Ok

C:\WINDOWS\system32\dot3gpclnt.dll - Ok

C:\WINDOWS\system32\dpcdll.dll - Ok

C:\WINDOWS\system32\dot3msm.dll - Ok

C:\WINDOWS\system32\dplay.dll - Ok

C:\WINDOWS\system32\dot3svc.dll - Ok

C:\WINDOWS\system32\dpnaddr.dll - Ok

C:\WINDOWS\system32\dpmodemx.dll - Ok

C:\WINDOWS\system32\dpnhpast.dll - Ok

C:\WINDOWS\system32\dpnhupnp.dll - Ok

C:\WINDOWS\system32\dpnlobby.dll - Ok

C:\WINDOWS\system32\dplaysvr.exe - Ok

C:\WINDOWS\system32\dplayx.dll - Ok

C:\WINDOWS\system32\dot3ui.dll - Ok

C:\WINDOWS\system32\dpnmodem.dll - Ok

C:\WINDOWS\system32\dpvacm.dll - Ok

C:\WINDOWS\system32\dpserial.dll - Ok

C:\WINDOWS\system32\dpnet.dll - Ok

C:\WINDOWS\system32\dpnwsock.dll - Ok

C:\WINDOWS\system32\dpwsock.dll - Ok

C:\WINDOWS\system32\dpnsvr.exe - Ok

C:\WINDOWS\system32\dpvsetup.exe - Ok

C:\WINDOWS\system32\dpwsockx.dll - Ok

C:\WINDOWS\system32\dpvvox.dll - Ok

C:\WINDOWS\system32\drmstor.dll - Ok

C:\WINDOWS\system32\drmclien.dll - Ok

C:\WINDOWS\system32\drprov.dll - Ok

C:\WINDOWS\system32\dpvoice.dll - Ok

C:\WINDOWS\system32\ds32gt.dll - Ok

C:\WINDOWS\system32\drwatson.exe - Ok

C:\WINDOWS\system32\ds16gt.dLL - Ok

C:\WINDOWS\system32\dsauth.dll - Ok

C:\WINDOWS\system32\dskquota.dll - Ok

C:\WINDOWS\system32\dsdmoprp.dll - Ok

C:\WINDOWS\system32\dsound.vxd - Ok

C:\WINDOWS\system32\drwtsn32.exe - Ok

C:\WINDOWS\system32\dskquoui.dll - Ok

C:\WINDOWS\system32\drmv2clt.dll - Ok

C:\WINDOWS\system32\dsdmo.dll - Ok

C:\WINDOWS\system32\dsprpres.dll - Ok

C:\WINDOWS\system32\dssec.dll - Ok

C:\WINDOWS\system32\dsquery.dll - Ok

C:\WINDOWS\system32\dsound.dll - Ok

C:\WINDOWS\system32\dssenh.dll - Ok

C:\WINDOWS\system32\dsprop.dll - Ok

C:\WINDOWS\system32\dsuiext.dll - Ok

C:\WINDOWS\system32\dswave.dll - Ok

C:\WINDOWS\system32\duser.dll - Ok

C:\WINDOWS\system32\dvdplay.exe - Ok

C:\WINDOWS\system32\dssec.dat - Ok

C:\WINDOWS\system32\dumprep.exe - Ok

C:\WINDOWS\system32\dvdupgrd.exe - Ok

C:\WINDOWS\system32\dwwin.exe - Ok

C:\WINDOWS\system32\dx7vb.dll - Ok

C:\WINDOWS\system32\dxdiagn.dll - Ok

C:\WINDOWS\system32\dsound3d.dll - Ok

C:\WINDOWS\system32\dxmasf.dll - Ok

C:\WINDOWS\system32\eapolqec.dll - Ok

>C:\WINDOWS\system32\dxva2.dll - packed by FLY-CODE

C:\WINDOWS\system32\dx8vb.dll - Ok

C:\WINDOWS\system32\eappcfg.dll - Ok

C:\WINDOWS\system32\eapp3hst.dll - Ok

C:\WINDOWS\system32\dxtrans.dll - Ok

C:\WINDOWS\system32\dxtmsft.dll - Ok

C:\WINDOWS\system32\dxva2.dll - Ok

C:\WINDOWS\system32\eappprxy.dll - Ok

C:\WINDOWS\system32\eappgnui.dll - Ok

>C:\WINDOWS\system32\edit.com - packed by EXEPACK

C:\WINDOWS\system32\eapsvc.dll - Ok

C:\WINDOWS\system32\edit.hlp - Ok

C:\WINDOWS\system32\eapqec.dll - Ok

C:\WINDOWS\system32\ega.cpi - Ok

>C:\WINDOWS\system32\edlin.exe - packed by EXEPACK

C:\WINDOWS\system32\emptyregdb.dat - Ok

C:\WINDOWS\system32\edlin.exe - Ok

C:\WINDOWS\system32\dxdiag.exe - Ok

C:\WINDOWS\system32\eapphost.dll - Ok

C:\WINDOWS\system32\edit.com - Ok

C:\WINDOWS\system32\encapi.dll - Ok

C:\WINDOWS\system32\ersvc.dll - Ok

C:\WINDOWS\system32\els.dll - Ok

>C:\WINDOWS\system32\esentprf.dll - packed by FLY-CODE

C:\WINDOWS\system32\es.dll - Ok

C:\WINDOWS\system32\esentprf.hxx - Ok

C:\WINDOWS\system32\encdec.dll - Ok

C:\WINDOWS\system32\esentprf.dll - Ok

C:\WINDOWS\system32\EqnClass.Dll - Ok

C:\WINDOWS\system32\esent.dll - Ok

C:\WINDOWS\system32\esentprf.ini - Ok

C:\WINDOWS\system32\esentutl.exe - Ok

C:\WINDOWS\system32\eula.txt - Ok

C:\WINDOWS\system32\eventcls.dll - Ok

C:\WINDOWS\system32\eventlog.dll - Ok

C:\WINDOWS\system32\eventvwr.msc - Ok

>C:\WINDOWS\system32\exe2bin.exe - packed by EXEPACK

C:\WINDOWS\system32\exe2bin.exe - Ok

>C:\WINDOWS\system32\expand.exe - packed by BINARYRES

>>C:\WINDOWS\system32\expand.exe - packed by MS COMPRESS

C:\WINDOWS\system32\expand.exe - Ok

C:\WINDOWS\system32\eudcedit.exe - Ok

C:\WINDOWS\system32\extmgr.dll - Ok

C:\WINDOWS\system32\eventvwr.exe - Ok

>C:\WINDOWS\system32\fastopen.exe - packed by EXEPACK

>>C:\WINDOWS\system32\fastopen.exe - packed by COM2EXE

C:\WINDOWS\system32\fastopen.exe - Ok

C:\WINDOWS\system32\evr.dll - Ok

C:\WINDOWS\system32\extrac32.exe - Ok

C:\WINDOWS\system32\exts.dll - Ok

C:\WINDOWS\system32\faultrep.dll - Ok

C:\WINDOWS\system32\fc.exe - Ok

C:\WINDOWS\system32\feclient.dll - Ok

C:\WINDOWS\system32\expsrv.dll - Ok

C:\WINDOWS\system32\find.exe - Ok

C:\WINDOWS\system32\finger.exe - Ok

C:\WINDOWS\system32\esent97.dll - Ok

C:\WINDOWS\system32\findstr.exe - Ok

C:\WINDOWS\system32\firewall.cpl - Ok

C:\WINDOWS\system32\fixmapi.exe - Ok

C:\WINDOWS\system32\faxpatch.exe - Ok

C:\WINDOWS\system32\fltlib.dll - Ok

C:\WINDOWS\system32\FlashPlayerCPLApp.cpl - Ok

C:\WINDOWS\system32\FNTCACHE.DAT - Ok

C:\WINDOWS\system32\filemgmt.dll - Ok

C:\WINDOWS\system32\fltmc.exe - Ok

C:\WINDOWS\system32\fmifs.dll - Ok

C:\WINDOWS\system32\fldrclnr.dll - Ok

C:\WINDOWS\system32\fontsub.dll - Ok

C:\WINDOWS\system32\FlashPlayerApp.exe - Ok

C:\WINDOWS\system32\framebuf.dll - Ok

>C:\WINDOWS\system32\fontext.dll is BINARYRES container

>>C:\WINDOWS\system32\fontext.dll\data001 - packed by MS COMPRESS

C:\WINDOWS\system32\fsmgmt.msc - Ok

C:\WINDOWS\system32\forcedos.exe - Ok

C:\WINDOWS\system32\format.com - Ok

>>C:\WINDOWS\system32\fontext.dll\data002 - packed by MS COMPRESS

C:\WINDOWS\system32\fontext.dll - container

C:\WINDOWS\system32\fontview.exe - Ok

C:\WINDOWS\system32\fsusd.dll - Ok

C:\WINDOWS\system32\fsutil.exe - Ok

C:\WINDOWS\system32\ftp.exe - Ok

C:\WINDOWS\system32\fwcfg.dll - Ok

C:\WINDOWS\system32\gb2312.uce - Ok

C:\WINDOWS\system32\g711codc.ax - Ok

C:\WINDOWS\system32\gdi.exe - Ok

C:\WINDOWS\system32\geo.nls - Ok

C:\WINDOWS\system32\gcdef.dll - Ok

C:\WINDOWS\system32\ftsrch.dll - Ok

C:\WINDOWS\system32\gdi32.dll - Ok

C:\WINDOWS\system32\freecell.exe - Ok

C:\WINDOWS\system32\gpkrsrc.dll - Ok

C:\WINDOWS\system32\fsquirt.exe - Ok

C:\WINDOWS\system32\graphics.com - Ok

C:\WINDOWS\system32\graftabl.com - Ok

C:\WINDOWS\system32\graphics.pro - Ok

C:\WINDOWS\system32\GVTunner.ref - Ok

C:\WINDOWS\system32\gpkcsp.dll - Ok

C:\WINDOWS\system32\glu32.dll - Ok

C:\WINDOWS\system32\h323log.txt - Ok

C:\WINDOWS\system32\HAL.DLL - Ok

C:\WINDOWS\system32\hccoin.dll - Ok

C:\WINDOWS\system32\grpconv.exe - Ok

C:\WINDOWS\system32\h323.tsp - Ok

C:\WINDOWS\system32\glmf32.dll - Ok

C:\WINDOWS\system32\HdAudRes.dll - Ok

>C:\WINDOWS\system32\HdAProp.dll - packed by FLY-CODE

C:\WINDOWS\system32\getuname.dll - Ok

C:\WINDOWS\system32\help.exe - Ok

C:\WINDOWS\system32\hdwwiz.cpl - Ok

C:\WINDOWS\system32\HdAShCut.exe - Ok

C:\WINDOWS\system32\hid.dll - Ok

C:\WINDOWS\system32\himem.sys - Ok

C:\WINDOWS\system32\hidphone.tsp - Ok

C:\WINDOWS\system32\HdAProp.dll - Ok

C:\WINDOWS\system32\hhsetup.dll - Ok

C:\WINDOWS\system32\hhctrl.ocx - Ok

C:\WINDOWS\system32\hnetmon.dll - Ok

C:\WINDOWS\system32\hlink.dll - Ok

C:\WINDOWS\system32\homepage.inf - Ok

C:\WINDOWS\system32\hostname.exe - Ok

C:\WINDOWS\system32\hnetcfg.dll - Ok

C:\WINDOWS\system32\hsfcisp2.dll - Ok

C:\WINDOWS\system32\hticons.dll - Ok

C:\WINDOWS\system32\hnetwiz.dll - Ok

C:\WINDOWS\system32\httpapi.dll - Ok

C:\WINDOWS\system32\hotplug.dll - Ok

C:\WINDOWS\system32\htui.dll - Ok

C:\WINDOWS\system32\iac25_32.ax - Ok

C:\WINDOWS\system32\h323msp.dll - Ok

C:\WINDOWS\system32\iacenc.dll - Ok

>C:\WINDOWS\system32\html.iec - packed by PESTUB

C:\WINDOWS\system32\iashlpr.dll - Ok

C:\WINDOWS\system32\iasads.dll - Ok

C:\WINDOWS\system32\iasacct.dll - Ok

>C:\WINDOWS\system32\iaspolcy.dll - packed by FLY-CODE

C:\WINDOWS\system32\iasnap.dll - Ok

C:\WINDOWS\system32\iaspolcy.dll - Ok

C:\WINDOWS\system32\iasrad.dll - Ok

C:\WINDOWS\system32\html.iec - Ok

C:\WINDOWS\system32\iassam.dll - Ok

C:\WINDOWS\system32\iassvcs.dll - Ok

C:\WINDOWS\system32\icaapi.dll - Ok

C:\WINDOWS\system32\iasrecst.dll - Ok

C:\WINDOWS\system32\icardres.dll - Ok

C:\WINDOWS\system32\hypertrm.dll - Ok

C:\WINDOWS\system32\icfgnt5.dll - Ok

C:\WINDOWS\system32\iccvid.dll - Ok

C:\WINDOWS\system32\icardie.dll - Ok

C:\WINDOWS\system32\icmp.dll - Ok

>C:\WINDOWS\system32\icardres.dll.mui is BINARYRES container

C:\WINDOWS\system32\icmui.dll - Ok

C:\WINDOWS\system32\icrav03.rat - Ok

C:\WINDOWS\system32\iassdo.dll - Ok

C:\WINDOWS\system32\icwdial.dll - Ok

C:\WINDOWS\system32\ideograf.uce - Ok

C:\WINDOWS\system32\icardres.dll.mui - container

C:\WINDOWS\system32\icm32.dll - Ok

C:\WINDOWS\system32\icwphbk.dll - Ok

C:\WINDOWS\system32\idndl.dll - Ok

C:\WINDOWS\system32\ie4uinit.exe.mui - Ok

C:\WINDOWS\system32\IE8Eula.rtf - Ok

C:\WINDOWS\system32\ie4uinit.exe - Ok

C:\WINDOWS\system32\ieakeng.dll - Ok

C:\WINDOWS\system32\idq.dll - Ok

C:\WINDOWS\system32\ieakui.dll - Ok

C:\WINDOWS\system32\iedkcs32.dll - Ok

C:\WINDOWS\system32\ieaksie.dll - Ok

C:\WINDOWS\system32\icardagt.exe - Ok

C:\WINDOWS\system32\iedkcs32.dll.mui - Ok

C:\WINDOWS\system32\ieencode.dll - Ok

C:\WINDOWS\system32\iepeers.dll - Ok

C:\WINDOWS\system32\ieapfltr.dll - Ok

C:\WINDOWS\system32\iesetup.dll - Ok

C:\WINDOWS\system32\ieframe.dll - Ok

C:\WINDOWS\system32\iertutil.dll - Ok

C:\WINDOWS\system32\ieudinit.exe - Ok

C:\WINDOWS\system32\ieui.dll - Ok

C:\WINDOWS\system32\iernonce.dll - Ok

C:\WINDOWS\system32\ieframe.dll.mui - Ok

C:\WINDOWS\system32\ifmon.dll - Ok

C:\WINDOWS\system32\igmpagnt.dll - Ok

C:\WINDOWS\system32\iexpress.exe - Ok

C:\WINDOWS\system32\ifsutil.dll - Ok

C:\WINDOWS\system32\imaadp32.acm - Ok

C:\WINDOWS\system32\ieuinit.inf - Ok

C:\WINDOWS\system32\imeshare.dll - Ok

C:\WINDOWS\system32\imgutil.dll - Ok

C:\WINDOWS\system32\ils.dll - Ok

C:\WINDOWS\system32\imapi.exe - Ok

C:\WINDOWS\system32\imagehlp.dll - Ok

C:\WINDOWS\system32\imm32.dll - Ok

C:\WINDOWS\system32\inetmib1.dll - Ok

C:\WINDOWS\system32\inetcplc.dll - Ok

C:\WINDOWS\system32\inetcomm.dll - Ok

C:\WINDOWS\system32\inetpp.dll - Ok

C:\WINDOWS\system32\inetcfg.dll - Ok

C:\WINDOWS\system32\inetppui.dll - Ok

>C:\WINDOWS\system32\inetres.dll is BINARYRES container

>>C:\WINDOWS\system32\inetres.dll\data001 is JS-HTML container

C:\WINDOWS\system32\inetres.dll - container

C:\WINDOWS\system32\infocardapi.dll - Ok

C:\WINDOWS\system32\infocardcpl.cpl - Ok

C:\WINDOWS\system32\inseng.dll - Ok

C:\WINDOWS\system32\initpki.dll - Ok

C:\WINDOWS\system32\input.dll - Ok

C:\WINDOWS\system32\iologmsg.dll - Ok

C:\WINDOWS\system32\ipconf.tsp - Ok

C:\WINDOWS\system32\infosoft.dll - Ok

C:\WINDOWS\system32\iphlpapi.dll - Ok

C:\WINDOWS\system32\ipconfig.exe - Ok

C:\WINDOWS\system32\intl.cpl - Ok

C:\WINDOWS\system32\ipmontr.dll - Ok

C:\WINDOWS\system32\iprop.dll - Ok

C:\WINDOWS\system32\iprtprio.dll - Ok

C:\WINDOWS\system32\ippromon.dll - Ok

C:\WINDOWS\system32\inetcpl.cpl - Ok

C:\WINDOWS\system32\instcat.sql - Ok

C:\WINDOWS\system32\ipnathlp.dll - Ok

C:\WINDOWS\system32\ipsec6.exe - Ok

C:\WINDOWS\system32\ipsecsvc.dll - Ok

C:\WINDOWS\system32\ipv6mon.dll - Ok

C:\WINDOWS\system32\iprtrmgr.dll - Ok

C:\WINDOWS\system32\ieapfltr.dat - Ok

C:\WINDOWS\system32\ipv6.exe - Ok

C:\WINDOWS\system32\ipxmontr.dll - Ok

C:\WINDOWS\system32\ipxpromn.dll - Ok

C:\WINDOWS\system32\ipxrip.dll - Ok

C:\WINDOWS\system32\ipxwan.dll - Ok

C:\WINDOWS\system32\ipsecsnp.dll - Ok

C:\WINDOWS\system32\ipxroute.exe - Ok

C:\WINDOWS\system32\ipxrtmgr.dll - Ok

C:\WINDOWS\system32\ipxsap.dll - Ok

C:\WINDOWS\system32\ipsmsnap.dll - Ok

C:\WINDOWS\system32\ir32_32.dll - Ok

>C:\WINDOWS\system32\ir41_qc.dll - packed by FLY-CODE

C:\WINDOWS\system32\ir50_qc.dll - Ok

>C:\WINDOWS\system32\ir50_qcx.dll - packed by FLY-CODE

C:\WINDOWS\system32\ir41_32.ax - Ok

C:\WINDOWS\system32\ir50_32.dll - Ok

C:\WINDOWS\system32\ir41_qcx.dll - Ok

C:\WINDOWS\system32\irclass.dll - Ok

C:\WINDOWS\system32\isrdbg32.dll - Ok

C:\WINDOWS\system32\isign32.dll - Ok

C:\WINDOWS\system32\ir41_qc.dll - Ok

C:\WINDOWS\system32\itircl.dll - Ok

C:\WINDOWS\system32\itss.dll - Ok

C:\WINDOWS\system32\ir50_qcx.dll - Ok

C:\WINDOWS\system32\iyuv_32.dll - Ok

C:\WINDOWS\system32\irprops.cpl - Ok

C:\WINDOWS\system32\ixsso.dll - Ok

C:\WINDOWS\system32\iuengine.dll - Ok

C:\WINDOWS\system32\jgpl400.dll - Ok

C:\WINDOWS\system32\jgmd400.dll - Ok

C:\WINDOWS\system32\ivfsrc.ax - Ok

C:\WINDOWS\system32\jgdw400.dll - Ok

C:\WINDOWS\system32\jgsh400.dll - Ok

C:\WINDOWS\system32\jgsd400.dll - Ok

C:\WINDOWS\system32\joy.cpl - Ok

C:\WINDOWS\system32\jsproxy.dll - Ok

C:\WINDOWS\system32\kanji_1.uce - Ok

C:\WINDOWS\system32\kanji_2.uce - Ok

C:\WINDOWS\system32\jet500.dll - Ok

C:\WINDOWS\system32\kb16.com - Ok

C:\WINDOWS\system32\kbdaze.dll - Ok

C:\WINDOWS\system32\KBDAL.DLL - Ok

C:\WINDOWS\system32\kbdbe.dll - Ok

C:\WINDOWS\system32\kbdazel.dll - Ok

C:\WINDOWS\system32\jobexec.dll - Ok

C:\WINDOWS\system32\kbdbhc.dll - Ok

C:\WINDOWS\system32\kbdbene.dll - Ok

C:\WINDOWS\system32\kbdblr.dll - Ok

C:\WINDOWS\system32\kbdbr.dll - Ok

C:\WINDOWS\system32\kbdca.dll - Ok

C:\WINDOWS\system32\kbdbu.dll - Ok

C:\WINDOWS\system32\kbdcan.dll - Ok

C:\WINDOWS\system32\kbdcr.dll - Ok

C:\WINDOWS\system32\jscript.dll - Ok

C:\WINDOWS\system32\kbdcz.dll - Ok

C:\WINDOWS\system32\kbdcz1.dll - Ok

C:\WINDOWS\system32\kbdcz2.dll - Ok

C:\WINDOWS\system32\kbddv.dll - Ok

C:\WINDOWS\system32\kbdda.dll - Ok

C:\WINDOWS\system32\kbdest.dll - Ok

C:\WINDOWS\system32\kbdes.dll - Ok

C:\WINDOWS\system32\kbdfc.dll - Ok

C:\WINDOWS\system32\kbdfi.dll - Ok

C:\WINDOWS\system32\kbdfi1.dll - Ok

C:\WINDOWS\system32\kbdfo.dll - Ok

C:\WINDOWS\system32\kbdfr.dll - Ok

C:\WINDOWS\system32\kbdgkl.dll - Ok

C:\WINDOWS\system32\kbdgae.dll - Ok

C:\WINDOWS\system32\kbdgr1.dll - Ok

C:\WINDOWS\system32\kbdgr.dll - Ok

C:\WINDOWS\system32\kbdhe220.dll - Ok

C:\WINDOWS\system32\kbdhe.dll - Ok

C:\WINDOWS\system32\kbdhe319.dll - Ok

C:\WINDOWS\system32\kbdhept.dll - Ok

C:\WINDOWS\system32\kbdhela2.dll - Ok

C:\WINDOWS\system32\kbdic.dll - Ok

C:\WINDOWS\system32\kbdhu1.dll - Ok

C:\WINDOWS\system32\kbdhu.dll - Ok

C:\WINDOWS\system32\jgaw400.dll - Ok

C:\WINDOWS\system32\kbdhela3.dll - Ok

C:\WINDOWS\system32\kbdit142.dll - Ok

C:\WINDOWS\system32\kbdir.dll - Ok

C:\WINDOWS\system32\kbdinbe1.dll - Ok

C:\WINDOWS\system32\kbdit.dll - Ok

C:\WINDOWS\system32\kbdinben.dll - Ok

C:\WINDOWS\system32\kbdinmal.dll - Ok

C:\WINDOWS\system32\kbdla.dll - Ok

C:\WINDOWS\system32\kbdiultn.dll - Ok

C:\WINDOWS\system32\kbdlt.dll - Ok

C:\WINDOWS\system32\kbdkaz.dll - Ok

C:\WINDOWS\system32\kbdkyr.dll - Ok

C:\WINDOWS\system32\kbdlt1.dll - Ok

C:\WINDOWS\system32\kbdlv.dll - Ok

C:\WINDOWS\system32\kbdlv1.dll - Ok

C:\WINDOWS\system32\kbdmac.dll - Ok

C:\WINDOWS\system32\kbdmaori.dll - Ok

C:\WINDOWS\system32\kbdmlt48.dll - Ok

C:\WINDOWS\system32\kbdmlt47.dll - Ok

C:\WINDOWS\system32\kbdne.dll - Ok

C:\WINDOWS\system32\kbdmon.dll - Ok

C:\WINDOWS\system32\kbdnec.dll - Ok

C:\WINDOWS\system32\kbdnepr.dll - Ok

C:\WINDOWS\system32\kbdpl.dll - Ok

C:\WINDOWS\system32\kbdno.dll - Ok

C:\WINDOWS\system32\kbdpash.dll - Ok

C:\WINDOWS\system32\kbdpl1.dll - Ok

C:\WINDOWS\system32\kbdno1.dll - Ok

C:\WINDOWS\system32\kbdru.dll - Ok

C:\WINDOWS\system32\kbdpo.dll - Ok

C:\WINDOWS\system32\kbdru1.dll - Ok

C:\WINDOWS\system32\kbdro.dll - Ok

C:\WINDOWS\system32\kbdsg.dll - Ok

C:\WINDOWS\system32\kbdsl1.dll - Ok

C:\WINDOWS\system32\kbdsl.dll - Ok

C:\WINDOWS\system32\kbdsf.dll - Ok

C:\WINDOWS\system32\kbdsmsfi.dll - Ok

C:\WINDOWS\system32\kbdsmsno.dll - Ok

C:\WINDOWS\system32\kbdtuf.dll - Ok

C:\WINDOWS\system32\kbdsp.dll - Ok

C:\WINDOWS\system32\kbdsw.dll - Ok

C:\WINDOWS\system32\kbdtat.dll - Ok

C:\WINDOWS\system32\kbduk.dll - Ok

C:\WINDOWS\system32\kbdtuq.dll - Ok

C:\WINDOWS\system32\kbdus.dll - Ok

C:\WINDOWS\system32\kbdusl.dll - Ok

C:\WINDOWS\system32\kbdukx.dll - Ok

C:\WINDOWS\system32\kbdusx.dll - Ok

C:\WINDOWS\system32\kbdusr.dll - Ok

C:\WINDOWS\system32\kbdur.dll - Ok

C:\WINDOWS\system32\kbdycc.dll - Ok

C:\WINDOWS\system32\kbduzb.dll - Ok

C:\WINDOWS\system32\kbdycl.dll - Ok

C:\WINDOWS\system32\key01.sys - Ok

C:\WINDOWS\system32\keyboard.drv - Ok

C:\WINDOWS\system32\kd1394.dll - Ok

C:\WINDOWS\system32\kdcom.dll - Ok

C:\WINDOWS\system32\keyboard.sys - Ok

C:\WINDOWS\system32\kmddsp.tsp - Ok

C:\WINDOWS\system32\kerberos.dll - Ok

C:\WINDOWS\system32\korean.uce - Ok

C:\WINDOWS\system32\kmsvc.dll - Ok

C:\WINDOWS\system32\ksuser.dll - Ok

C:\WINDOWS\system32\l2gpstore.dll - Ok

C:\WINDOWS\system32\krnl386.exe - Ok

C:\WINDOWS\system32\kernel32.dll - Ok

C:\WINDOWS\system32\keymgr.dll - Ok

C:\WINDOWS\system32\label.exe - Ok

C:\WINDOWS\system32\laprxy.dll - Ok

C:\WINDOWS\system32\l3codeca.acm - Ok

C:\WINDOWS\system32\ksproxy.ax - Ok

C:\WINDOWS\system32\l3codecx.ax - Ok

C:\WINDOWS\system32\langwrbk.dll - Ok

C:\WINDOWS\system32\licmgr10.dll - Ok

C:\WINDOWS\system32\lanman.drv - Ok

>C:\WINDOWS\system32\linkinfo.dll - packed by FLY-CODE

C:\WINDOWS\system32\licwmi.dll - Ok

C:\WINDOWS\system32\lmhsvc.dll - Ok

C:\WINDOWS\system32\licdll.dll - Ok

C:\WINDOWS\system32\loadfix.com - Ok

C:\WINDOWS\system32\linkinfo.dll - Ok

C:\WINDOWS\system32\loadperf.dll - Ok

C:\WINDOWS\system32\lnkstub.exe - Ok

C:\WINDOWS\system32\locale.nls - Ok

C:\WINDOWS\system32\LegitCheckControl.DLL - Ok

C:\WINDOWS\system32\lights.exe - Ok

C:\WINDOWS\system32\lodctr.exe - Ok

C:\WINDOWS\system32\localui.dll - Ok

C:\WINDOWS\system32\locator.exe - Ok

C:\WINDOWS\system32\localspl.dll - Ok

C:\WINDOWS\system32\log.txt - read error

C:\WINDOWS\system32\loghours.dll - Ok

C:\WINDOWS\system32\logman.exe - Ok

C:\WINDOWS\system32\logoff.exe - Ok

C:\WINDOWS\system32\logonui.exe.manifest - Ok

C:\WINDOWS\system32\logagent.exe - Ok

C:\WINDOWS\system32\localsec.dll - Ok

C:\WINDOWS\system32\LoopyMusic.wav - Ok

C:\WINDOWS\system32\logon.scr - Ok

C:\WINDOWS\system32\lpq.exe - Ok

>C:\WINDOWS\system32\lpk.dll - packed by FLY-CODE

C:\WINDOWS\system32\lpr.exe - Ok

C:\WINDOWS\system32\lmrt.dll - Ok

C:\WINDOWS\system32\lprmonui.dll - Ok

C:\WINDOWS\system32\logonui.exe - Ok

C:\WINDOWS\system32\lprhelp.dll - Ok

C:\WINDOWS\system32\lz32.dll - Ok

C:\WINDOWS\system32\l_except.nls - Ok

C:\WINDOWS\system32\lsass.exe - Ok

C:\WINDOWS\system32\lzexpand.dll - Ok

C:\WINDOWS\system32\lusrmgr.msc - Ok

C:\WINDOWS\system32\lpk.dll - Ok

C:\WINDOWS\system32\l_intl.nls - Ok

C:\WINDOWS\system32\mag_hook.dll - Ok

C:\WINDOWS\system32\lsasrv.dll - Ok

C:\WINDOWS\system32\mcastmib.dll - Ok

C:\WINDOWS\system32\magnify.exe - Ok

C:\WINDOWS\system32\makecab.exe - Ok

C:\WINDOWS\system32\mcd32.dll - Ok

C:\WINDOWS\system32\mchgrcoi.dll - Ok

C:\WINDOWS\system32\mcdsrv32.dll - Ok

C:\WINDOWS\system32\mciavi.drv - Ok

C:\WINDOWS\system32\mapistub.dll - Ok

C:\WINDOWS\system32\mapi32.dll - Ok

C:\WINDOWS\system32\mciole16.dll - Ok

C:\WINDOWS\system32\mcicda.dll - Ok

C:\WINDOWS\system32\mciseq.drv - Ok

C:\WINDOWS\system32\main.cpl - Ok

C:\WINDOWS\system32\mciqtz32.dll - Ok

>C:\WINDOWS\system32\mciseq.dll - packed by FLY-CODE

C:\WINDOWS\system32\mciavi32.dll - Ok

C:\WINDOWS\system32\mciwave.drv - Ok

C:\WINDOWS\system32\mciwave.dll - Ok

C:\WINDOWS\system32\mciseq.dll - Ok

C:\WINDOWS\system32\mciole32.dll - Ok

>C:\WINDOWS\system32\mem.exe - packed by EXEPACK

C:\WINDOWS\system32\mdhcp.dll - Ok

C:\WINDOWS\system32\mem.exe - Ok

C:\WINDOWS\system32\mdminst.dll - Ok

C:\WINDOWS\system32\mf3216.dll - Ok

C:\WINDOWS\system32\mdmxsdk.dll - Ok

C:\WINDOWS\system32\mdwmdmsp.dll - Ok

C:\WINDOWS\system32\mfcsubs.dll - Ok

C:\WINDOWS\system32\mfevtps.exe.378c.deleteme - Ok

C:\WINDOWS\system32\mfevtps.exe.8a67.deleteme - Ok

C:\WINDOWS\system32\mfc42.dll - Ok

C:\WINDOWS\system32\mib.bin - Ok

C:\WINDOWS\system32\mgmtapi.dll - Ok

C:\WINDOWS\system32\midimap.dll - Ok

C:\WINDOWS\system32\miglibnt.dll - Ok

C:\WINDOWS\system32\microsoft.managementconsole.dll - Ok

C:\WINDOWS\system32\mimefilt.dll - Ok

C:\WINDOWS\system32\mfc40u.dll - Ok

C:\WINDOWS\system32\mll_hp.dll - Ok

C:\WINDOWS\system32\migpwd.exe - Ok

C:\WINDOWS\system32\mfc40.dll - Ok

C:\WINDOWS\system32\mll_mtf.dll - Ok

C:\WINDOWS\system32\mlang.dat - Ok

C:\WINDOWS\system32\mll_qic.dll - Ok

C:\WINDOWS\system32\mlang.dll - Ok

C:\WINDOWS\system32\mmcfxcommon.dll - Ok

C:\WINDOWS\system32\mfc42u.dll - Ok

C:\WINDOWS\system32\mmcbase.dll - Ok

C:\WINDOWS\system32\mmcperf.exe - Ok

C:\WINDOWS\system32\mmcex.dll - Ok

C:\WINDOWS\system32\mmdriver.inf - Ok

C:\WINDOWS\system32\mmdrv.dll - Ok

C:\WINDOWS\system32\mmfutil.dll - Ok

C:\WINDOWS\system32\mmtask.tsk - Ok

C:\WINDOWS\system32\mmsystem.dll - Ok

C:\WINDOWS\system32\mnmdd.dll - Ok

C:\WINDOWS\system32\mmsys.cpl - Ok

C:\WINDOWS\system32\mmutilse.dll - Ok

C:\WINDOWS\system32\mnmsrvc.exe - Ok

C:\WINDOWS\system32\mmcshext.dll - Ok

C:\WINDOWS\system32\mobsync.dll - Ok

C:\WINDOWS\system32\mode.com - Ok

C:\WINDOWS\system32\modex.dll - Ok

C:\WINDOWS\system32\more.com - Ok

C:\WINDOWS\system32\moricons.dll - Ok

C:\WINDOWS\system32\mountvol.exe - Ok

C:\WINDOWS\system32\mouse.drv - Ok

C:\WINDOWS\system32\mobsync.exe - Ok

C:\WINDOWS\system32\modemui.dll - Ok

C:\WINDOWS\system32\mp43dmod.dll - Ok

C:\WINDOWS\system32\mp4sdmod.dll - Ok

C:\WINDOWS\system32\mpeg2data.ax - Ok

C:\WINDOWS\system32\mpg4dmod.dll - Ok

>C:\WINDOWS\system32\mmc.exe is BINARYRES container

>>C:\WINDOWS\system32\mmc.exe\data001 is JS-HTML container

C:\WINDOWS\system32\mpg2splt.ax - Ok

C:\WINDOWS\system32\mpnotify.exe - Ok

>>C:\WINDOWS\system32\mmc.exe\data002 is JS-HTML container

C:\WINDOWS\system32\mpg4ds32.ax - Ok

C:\WINDOWS\system32\mpr.dll - Ok

C:\WINDOWS\system32\mprapi.dll - Ok

C:\WINDOWS\system32\mplay32.exe - Ok

C:\WINDOWS\system32\mprdim.dll - Ok

>>C:\WINDOWS\system32\mmc.exe\data003 is JS-HTML container

C:\WINDOWS\system32\mprmsg.dll - Ok

C:\WINDOWS\system32\mprddm.dll - Ok

>>C:\WINDOWS\system32\mmc.exe\data004 is JS-HTML container

C:\WINDOWS\system32\mrinfo.exe - Ok

C:\WINDOWS\system32\mprui.dll - Ok

>>C:\WINDOWS\system32\mmc.exe\data005 is JS-HTML container

C:\WINDOWS\system32\msacm.dll - Ok

>>C:\WINDOWS\system32\mmc.exe\data006 is JS-HTML container

C:\WINDOWS\system32\mmc.exe - container

C:\WINDOWS\system32\msaatext.dll - Ok

C:\WINDOWS\system32\msacm32.dll - Ok

>C:\WINDOWS\system32\msacm32.drv - packed by FLY-CODE

C:\WINDOWS\system32\msadp32.acm - Ok

C:\WINDOWS\system32\MpSigStub.exe - Ok

C:\WINDOWS\system32\msafd.dll - Ok

C:\WINDOWS\system32\msacm32.drv - Ok

C:\WINDOWS\system32\msapsspc.dll - Ok

C:\WINDOWS\system32\msasn1.dll - Ok

C:\WINDOWS\system32\mscat32.dll - Ok

C:\WINDOWS\system32\msaudite.dll - Ok

C:\WINDOWS\system32\mscdexnt.exe - Ok

C:\WINDOWS\system32\mscms.dll - Ok

>C:\WINDOWS\system32\mmcndmgr.dll is BINARYRES container

>>C:\WINDOWS\system32\mmcndmgr.dll\data001 is JS-HTML container

C:\WINDOWS\system32\mmcndmgr.dll - container

C:\WINDOWS\system32\msaud32.acm - Ok

C:\WINDOWS\system32\mscoree.dll - Ok

C:\WINDOWS\system32\mscorier.dll - Ok

C:\WINDOWS\system32\msconf.dll - Ok

C:\WINDOWS\system32\mscories.dll - Ok

C:\WINDOWS\system32\mscpx32r.dll - Ok

C:\WINDOWS\system32\msadds32.ax - Ok

C:\WINDOWS\system32\mscpxl32.dll - Ok

C:\WINDOWS\system32\msctfp.dll - Ok

C:\WINDOWS\system32\msdatsrc.tlb - Ok

C:\WINDOWS\system32\msctfime.ime - Ok

C:\WINDOWS\system32\msdmo.dll - Ok

C:\WINDOWS\system32\msctf.dll - Ok

C:\WINDOWS\system32\msdadiag.dll - Ok

C:\WINDOWS\system32\msdart.dll - Ok

C:\WINDOWS\system32\msdtcprf.h - Ok

C:\WINDOWS\system32\msdtc.exe - Ok

C:\WINDOWS\system32\msdtcprf.ini - Ok

C:\WINDOWS\system32\msdtclog.dll - Ok

C:\WINDOWS\system32\msdbg2.dll - Ok

C:\WINDOWS\system32\msdtcuiu.dll - Ok

C:\WINDOWS\system32\msdxmlc.dll - Ok

C:\WINDOWS\system32\msencode.dll - Ok

C:\WINDOWS\system32\msdtcprx.dll - Ok

C:\WINDOWS\system32\msdxm.ocx - Ok

C:\WINDOWS\system32\msfeedsbs.dll - Ok

C:\WINDOWS\system32\msdtctm.dll - Ok

C:\WINDOWS\system32\msexch40.dll - Ok

C:\WINDOWS\system32\msg.exe - Ok

C:\WINDOWS\system32\msg711.acm - Ok

C:\WINDOWS\system32\msfeedssync.exe - Ok

C:\WINDOWS\system32\msg723.acm - Ok

C:\WINDOWS\system32\msgsm32.acm - Ok

C:\WINDOWS\system32\msgsvc.dll - Ok

C:\WINDOWS\system32\msftedit.dll - Ok

C:\WINDOWS\system32\msexcl40.dll - Ok

C:\WINDOWS\system32\msh263.drv - Ok

C:\WINDOWS\system32\msh261.drv - Ok

C:\WINDOWS\system32\mshearts.exe - Ok

C:\WINDOWS\system32\mshta.exe.mui - Ok

C:\WINDOWS\system32\msgina.dll - Ok

C:\WINDOWS\system32\msfeeds.dll - Ok

C:\WINDOWS\system32\mshtmled.dll - Ok

C:\WINDOWS\system32\mshtmler.dll - Ok

C:\WINDOWS\system32\mshta.exe - Ok

C:\WINDOWS\system32\msident.dll - Ok

C:\WINDOWS\system32\msidle.dll - Ok

C:\WINDOWS\system32\msidntld.dll - Ok

C:\WINDOWS\system32\msi.dll - Ok

C:\WINDOWS\system32\msiexec.exe - Ok

C:\WINDOWS\system32\msieftp.dll - Ok

C:\WINDOWS\system32\msimg32.dll - Ok

C:\WINDOWS\system32\msimtf.dll - Ok

>C:\WINDOWS\system32\msisip.dll - packed by FLY-CODE

C:\WINDOWS\system32\msihnd.dll - Ok

C:\WINDOWS\system32\mshtml.dll - Ok

C:\WINDOWS\system32\msisip.dll - Ok

C:\WINDOWS\system32\mshtml.tlb - Ok

C:\WINDOWS\system32\msjint40.dll - Ok

C:\WINDOWS\system32\msjter40.dll - Ok

C:\WINDOWS\system32\msimsg.dll - Ok

C:\WINDOWS\system32\msls31.dll - Ok

C:\WINDOWS\system32\msjtes40.dll - Ok

C:\WINDOWS\system32\mslbui.dll - Ok

C:\WINDOWS\system32\msnetobj.dll - Ok

C:\WINDOWS\system32\msltus40.dll - Ok

C:\WINDOWS\system32\msnsspc.dll - Ok

C:\WINDOWS\system32\msobjs.dll - Ok

C:\WINDOWS\system32\msjetoledb40.dll - Ok

C:\WINDOWS\system32\msorc32r.dll - Ok

C:\WINDOWS\system32\msoert2.dll - Ok

C:\WINDOWS\system32\msorcl32.dll - Ok

C:\WINDOWS\system32\mspatcha.dll - Ok

C:\WINDOWS\system32\msoeacct.dll - Ok

C:\WINDOWS\system32\msjet40.dll - Ok

>C:\WINDOWS\system32\MRT.exe is BINARYRES container

C:\WINDOWS\system32\mspaint.exe - Ok

C:\WINDOWS\system32\msprivs.dll - Ok

C:\WINDOWS\system32\msports.dll - Ok

C:\WINDOWS\system32\msr2cenu.dll - Ok

C:\WINDOWS\system32\mspbde40.dll - Ok

C:\WINDOWS\system32\mspmsnsv.dll - Ok

C:\WINDOWS\system32\msratelc.dll - Ok

C:\WINDOWS\system32\msr2c.dll - Ok

C:\WINDOWS\system32\mspmsp.dll - Ok

C:\WINDOWS\system32\msrating.dll.mui - Ok

C:\WINDOWS\system32\msrecr40.dll - Ok

C:\WINDOWS\system32\msrclr40.dll - Ok

C:\WINDOWS\system32\msrle32.dll - Ok

C:\WINDOWS\system32\msrating.dll - Ok

C:\WINDOWS\system32\msscds32.ax - Ok

C:\WINDOWS\system32\mssap.dll - Ok

C:\WINDOWS\system32\msrepl40.dll - Ok

C:\WINDOWS\system32\msrd2x40.dll - Ok

C:\WINDOWS\system32\msshavmsg.dll - Ok

C:\WINDOWS\system32\msscript.ocx - Ok

C:\WINDOWS\system32\msscp.dll - Ok

C:\WINDOWS\system32\mssip32.dll - Ok

C:\WINDOWS\system32\msrd3x40.dll - Ok

C:\WINDOWS\system32\msswch.dll - Ok

C:\WINDOWS\system32\mssign32.dll - Ok

C:\WINDOWS\system32\mssha.dll - Ok

C:\WINDOWS\system32\msswchx.exe - Ok

C:\WINDOWS\system32\mstask.dll - Ok

C:\WINDOWS\system32\mstlsapi.dll - Ok

C:\WINDOWS\system32\mstinit.exe - Ok

C:\WINDOWS\system32\mstext40.dll - Ok

C:\WINDOWS\system32\mstime.dll - Ok

C:\WINDOWS\system32\msv1_0.dll - Ok

C:\WINDOWS\system32\msutb.dll - Ok

C:\WINDOWS\system32\msvcirt.dll - Ok

C:\WINDOWS\system32\mstsc.exe - Ok

C:\WINDOWS\system32\msvbvm60.dll - Ok

C:\WINDOWS\system32\msvcp60.dll - Ok

C:\WINDOWS\system32\msvcrt.dll - Ok

C:\WINDOWS\system32\msvcrt40.dll - Ok

C:\WINDOWS\system32\msvcrt20.dll - Ok

C:\WINDOWS\system32\msvfw32.dll - Ok

C:\WINDOWS\system32\msvcp50.dll - Ok

C:\WINDOWS\system32\msvidc32.dll - Ok

C:\WINDOWS\system32\msvideo.dll - Ok

C:\WINDOWS\system32\msw3prt.dll - Ok

C:\WINDOWS\system32\msvbvm50.dll - Ok

>>C:\WINDOWS\system32\MRT.exe\data001 is BINARYRES container

C:\WINDOWS\system32\mswebdvd.dll - Ok

C:\WINDOWS\system32\msvidctl.dll - Ok

C:\WINDOWS\system32\mstscax.dll - Ok

C:\WINDOWS\system32\mswsock.dll - Ok

C:\WINDOWS\system32\mswmdm.dll - Ok

C:\WINDOWS\system32\mswdat10.dll - Ok

C:\WINDOWS\system32\msxbde40.dll - Ok

C:\WINDOWS\system32\msxml2r.dll - Ok

C:\WINDOWS\system32\msxml3r.dll - Ok

C:\WINDOWS\system32\mswstr10.dll - Ok

C:\WINDOWS\system32\msxml6r.dll - Ok

C:\WINDOWS\system32\msxmlr.dll - Ok

C:\WINDOWS\system32\msyuv.dll - Ok

C:\WINDOWS\system32\mtxclu.dll - Ok

>C:\WINDOWS\system32\msxml.dll is BINARYRES container

>>C:\WINDOWS\system32\msxml.dll\data001 is JS-HTML container

>>C:\WINDOWS\system32\msxml.dll\data002 is JS-HTML container

>>C:\WINDOWS\system32\msxml.dll\data003 is JS-HTML container

C:\WINDOWS\system32\msxml.dll - container

C:\WINDOWS\system32\mtxex.dll - Ok

C:\WINDOWS\system32\msxml3.dll - Ok

C:\WINDOWS\system32\mtxlegih.dll - Ok

C:\WINDOWS\system32\mtxoci.dll - Ok

C:\WINDOWS\system32\mtxdm.dll - Ok

>C:\WINDOWS\system32\msxml2.dll is BINARYRES container

>>C:\WINDOWS\system32\msxml2.dll\data001 is JS-HTML container

C:\WINDOWS\system32\mucltui.dll.mui - Ok

>>C:\WINDOWS\system32\msxml2.dll\data002 is JS-HTML container

>>C:\WINDOWS\system32\msxml2.dll\data003 is JS-HTML container

C:\WINDOWS\system32\msxml2.dll - container

>C:\WINDOWS\system32\muweb.dll is CAB archive

C:\WINDOWS\system32\muweb.dll - Ok

C:\WINDOWS\system32\muweb.dll - archive

C:\WINDOWS\system32\mycomput.dll - Ok

C:\WINDOWS\system32\mucltui.dll - Ok

C:\WINDOWS\system32\napipsec.dll - Ok

C:\WINDOWS\system32\mydocs.dll - Ok

C:\WINDOWS\system32\napmontr.dll - Ok

C:\WINDOWS\system32\narrator.exe - Ok

C:\WINDOWS\system32\nbtstat.exe - Ok

C:\WINDOWS\system32\narrhook.dll - Ok

C:\WINDOWS\system32\ncpa.cpl - Ok

C:\WINDOWS\system32\ncpa.cpl.manifest - Ok

C:\WINDOWS\system32\ncobjapi.dll - Ok

C:\WINDOWS\system32\napstat.exe - Ok

C:\WINDOWS\system32\ncxpnt.dll - Ok

>C:\WINDOWS\system32\nddeapi.dll - packed by FLY-CODE

C:\WINDOWS\system32\nddeapir.exe - Ok

C:\WINDOWS\system32\msxml6.dll - Ok

C:\WINDOWS\system32\nddenb32.dll - Ok

C:\WINDOWS\system32\nddeapi.dll - Ok

C:\WINDOWS\system32\ndptsp.tsp - Ok

C:\WINDOWS\system32\net.exe - Ok

C:\WINDOWS\system32\net.hlp - Ok

C:\WINDOWS\system32\netapi.dll - Ok

C:\WINDOWS\system32\net1.exe - Ok

C:\WINDOWS\system32\netapi32.dll - Ok

C:\WINDOWS\system32\netevent.dll - Ok

C:\WINDOWS\system32\netdde.exe - Ok

C:\WINDOWS\system32\mtxparhd.dll - Ok

C:\WINDOWS\system32\netfxperf.dll - Ok

C:\WINDOWS\system32\neth.dll - Ok

C:\WINDOWS\system32\netmsg.dll - Ok

C:\WINDOWS\system32\netcfgx.dll - Ok

C:\WINDOWS\system32\netlogon.dll - Ok

C:\WINDOWS\system32\netrap.dll - Ok

C:\WINDOWS\system32\netsetup.cpl - Ok

C:\WINDOWS\system32\netman.dll - Ok

C:\WINDOWS\system32\netid.dll - Ok

C:\WINDOWS\system32\netplwiz.dll - Ok

C:\WINDOWS\system32\netstat.exe - Ok

C:\WINDOWS\system32\netsh.exe - Ok

C:\WINDOWS\system32\netui0.dll - Ok

C:\WINDOWS\system32\netui1.dll - Ok

C:\WINDOWS\system32\netshell.dll - Ok

C:\WINDOWS\system32\newdev.dll - Ok

C:\WINDOWS\system32\netui2.dll - Ok

C:\WINDOWS\system32\nlsdl.dll - Ok

>C:\WINDOWS\system32\nlsfunc.exe - packed by EXEPACK

C:\WINDOWS\system32\nmevtmsg.dll - Ok

C:\WINDOWS\system32\nlsfunc.exe - Ok

C:\WINDOWS\system32\noise.cht - Ok

C:\WINDOWS\system32\noise.chs - Ok

C:\WINDOWS\system32\noise.dat - Ok

>C:\WINDOWS\system32\netsetup.exe is CAB archive

C:\WINDOWS\system32\netsetup.exe - Ok

C:\WINDOWS\system32\netsetup.exe - archive

C:\WINDOWS\system32\noise.eng - Ok

C:\WINDOWS\system32\noise.enu - Ok

C:\WINDOWS\system32\noise.esn - Ok

C:\WINDOWS\system32\nmmkcert.dll - Ok

C:\WINDOWS\system32\noise.deu - Ok

C:\WINDOWS\system32\nlhtml.dll - Ok

C:\WINDOWS\system32\noise.nld - Ok

C:\WINDOWS\system32\noise.ita - Ok

C:\WINDOWS\system32\noise.sve - Ok

C:\WINDOWS\system32\noise.fra - Ok

C:\WINDOWS\system32\noise.tha - Ok

C:\WINDOWS\system32\normidna.nls - Ok

C:\WINDOWS\system32\normaliz.dll - Ok

C:\WINDOWS\system32\normnfc.nls - Ok

C:\WINDOWS\system32\normnfkc.nls - Ok

C:\WINDOWS\system32\normnfd.nls - Ok

C:\WINDOWS\system32\nscompat.tlb - Ok

C:\WINDOWS\system32\normnfkd.nls - Ok

C:\WINDOWS\system32\ntdos.sys - Ok

C:\WINDOWS\system32\npptools.dll - Ok

C:\WINDOWS\system32\ntdos404.sys - Ok

C:\WINDOWS\system32\ntdos412.sys - Ok

C:\WINDOWS\system32\ntdos411.sys - Ok

C:\WINDOWS\system32\nslookup.exe - Ok

C:\WINDOWS\system32\notepad.exe - Ok

C:\WINDOWS\system32\ntdos804.sys - Ok

C:\WINDOWS\system32\ntdll.dll - Ok

C:\WINDOWS\system32\ntimage.gif - Ok

C:\WINDOWS\system32\ntio.sys - Ok

C:\WINDOWS\system32\ntio404.sys - Ok

C:\WINDOWS\system32\ntio412.sys - Ok

C:\WINDOWS\system32\ntio804.sys - Ok

C:\WINDOWS\system32\ntdsapi.dll - Ok

C:\WINDOWS\system32\ntlanman.dll - Ok

C:\WINDOWS\system32\ntlanui2.dll - Ok

C:\WINDOWS\system32\ntio411.sys - Ok

C:\WINDOWS\system32\ntlsapi.dll - Ok

C:\WINDOWS\system32\ntlanui.dll - Ok

C:\WINDOWS\system32\ntmsevt.dll - Ok

C:\WINDOWS\system32\ntmarta.dll - Ok

C:\WINDOWS\system32\ntmsmgr.msc - Ok

C:\WINDOWS\system32\ntmsapi.dll - Ok

C:\WINDOWS\system32\ntmsoprq.msc - Ok

C:\WINDOWS\system32\ntmsdba.dll - Ok

C:\WINDOWS\system32\ntmssvc.dll - Ok

C:\WINDOWS\system32\ntprint.dll - Ok

C:\WINDOWS\system32\ntkrnlpa.exe - Ok

C:\WINDOWS\system32\ntshrui.dll - Ok

C:\WINDOWS\system32\ntsd.exe - Ok

C:\WINDOWS\system32\ntsdexts.dll - Ok

C:\WINDOWS\system32\ntmsmgr.dll - Ok

C:\WINDOWS\system32\ntvdmd.dll - Ok

C:\WINDOWS\system32\ntvdm.exe - Ok

C:\WINDOWS\system32\ntoskrnl.exe - Ok

>C:\WINDOWS\system32\nusrmgr.cpl is BINARYRES container

>>C:\WINDOWS\system32\nusrmgr.cpl\data001 is JS-HTML container

>>C:\WINDOWS\system32\nusrmgr.cpl\data002 is JS-HTML container

>>C:\WINDOWS\system32\nusrmgr.cpl\data003 is JS-HTML container

>>C:\WINDOWS\system32\nusrmgr.cpl\data004 is JS-HTML container

>>C:\WINDOWS\system32\nusrmgr.cpl\data005 is JS-HTML container

>>C:\WINDOWS\system32\nusrmgr.cpl\data006 is JS-HTML container

>>C:\WINDOWS\system32\nusrmgr.cpl\data007 is JS-HTML container

C:\WINDOWS\system32\nvcolor.exe - Ok

>>C:\WINDOWS\system32\nusrmgr.cpl\data008 is JS-HTML container

>>C:\WINDOWS\system32\nusrmgr.cpl\data009 is JS-HTML container

>>C:\WINDOWS\system32\nusrmgr.cpl\data010 is JS-HTML container

>>C:\WINDOWS\system32\nusrmgr.cpl\data011 is JS-HTML container

>>C:\WINDOWS\system32\nusrmgr.cpl\data012 is JS-HTML container

>>C:\WINDOWS\system32\nusrmgr.cpl\data013 is JS-HTML container

>>C:\WINDOWS\system32\nusrmgr.cpl\data014 is JS-HTML container

C:\WINDOWS\system32\nvapi.dll - Ok

>>C:\WINDOWS\system32\nusrmgr.cpl\data015 is JS-HTML container

>>C:\WINDOWS\system32\nusrmgr.cpl\data016 is JS-HTML container

>>C:\WINDOWS\system32\nusrmgr.cpl\data017 is JS-HTML container

>>C:\WINDOWS\system32\nusrmgr.cpl\data018 is JS-HTML container

C:\WINDOWS\system32\nv4_disp.dll - Ok

>>C:\WINDOWS\system32\nusrmgr.cpl\data019 is JS-HTML container

>>C:\WINDOWS\system32\nusrmgr.cpl\data020 is JS-HTML container

>>C:\WINDOWS\system32\nusrmgr.cpl\data021 is JS-HTML container

>>C:\WINDOWS\system32\nusrmgr.cpl\data022 is JS-HTML container

>>C:\WINDOWS\system32\nusrmgr.cpl\data023 is JS-HTML container

C:\WINDOWS\system32\nusrmgr.cpl - container

C:\WINDOWS\system32\nvcpl.dll - Ok

C:\WINDOWS\system32\nvdata.bin - Ok

C:\WINDOWS\system32\nvdata.data - Ok

C:\WINDOWS\system32\nvdispco32.dll - Ok

C:\WINDOWS\system32\nvcuvenc.dll - Ok

C:\WINDOWS\system32\nvdispco3220140.dll - Ok

C:\WINDOWS\system32\nvdrsdb0.bin - Ok

C:\WINDOWS\system32\nvdrsdb1.bin - Ok

C:\WINDOWS\system32\nvdrssel.bin - Ok

C:\WINDOWS\system32\nvdrswr.lk - Ok

C:\WINDOWS\system32\nvcuvid.dll - Ok

C:\WINDOWS\system32\nvdispgenco32.dll - Ok

C:\WINDOWS\system32\nvgenco322060.dll - Ok

C:\WINDOWS\system32\nvhdagenco3220103.dll - Ok

C:\WINDOWS\system32\nvinfo.pb - Ok

C:\WINDOWS\system32\nvhdagenco322040.dll - Ok

C:\WINDOWS\system32\nvmctray.dll - Ok

>C:\WINDOWS\system32\nvhdap32.dll - packed by PESTUB

>C:\WINDOWS\system32\nvmccs.dll is ZLIB container

C:\WINDOWS\system32\nvmccs.dll - container

C:\WINDOWS\system32\nvhdap32.dll - Ok

C:\WINDOWS\system32\nvcuda.dll - Ok

C:\WINDOWS\system32\nvrsar.dll - Ok

C:\WINDOWS\system32\nvrscs.dll - Ok

C:\WINDOWS\system32\nvrsda.dll - Ok

C:\WINDOWS\system32\nvrsde.dll - Ok

C:\WINDOWS\system32\nvrsel.dll - Ok

C:\WINDOWS\system32\nvoglnt.dll - Ok

C:\WINDOWS\system32\nvrseng.dll - Ok

C:\WINDOWS\system32\nvrsfi.dll - Ok

C:\WINDOWS\system32\nvrses.dll - Ok

C:\WINDOWS\system32\nvrsesm.dll - Ok

C:\WINDOWS\system32\nvrsfr.dll - Ok

C:\WINDOWS\system32\nvrshu.dll - Ok

C:\WINDOWS\system32\nvrshe.dll - Ok

C:\WINDOWS\system32\nvrsit.dll - Ok

C:\WINDOWS\system32\nvrsja.dll - Ok

C:\WINDOWS\system32\nvrsko.dll - Ok

C:\WINDOWS\system32\nvcompiler.dll - Ok

C:\WINDOWS\system32\nvrsno.dll - Ok

C:\WINDOWS\system32\nvrsnl.dll - Ok

C:\WINDOWS\system32\nvrspl.dll - Ok

C:\WINDOWS\system32\nvrspt.dll - Ok

C:\WINDOWS\system32\nvrsru.dll - Ok

C:\WINDOWS\system32\nvrsptb.dll - Ok

C:\WINDOWS\system32\nvrssk.dll - Ok

C:\WINDOWS\system32\nvrssl.dll - Ok

C:\WINDOWS\system32\nvrssv.dll - Ok

C:\WINDOWS\system32\nvrstr.dll - Ok

C:\WINDOWS\system32\nvrsth.dll - Ok

C:\WINDOWS\system32\nvwddi.dll - Ok

C:\WINDOWS\system32\nwc.cpl.manifest - Ok

C:\WINDOWS\system32\nvrszhc.dll - Ok

C:\WINDOWS\system32\nvrszht.dll - Ok

C:\WINDOWS\system32\nvsvc32.exe - Ok

C:\WINDOWS\system32\oakley.dll - Ok

C:\WINDOWS\system32\occache.dll - Ok

C:\WINDOWS\system32\odbc16gt.dll - Ok

C:\WINDOWS\system32\nwprovau.dll - Ok

C:\WINDOWS\system32\odbc32.dll - Ok

C:\WINDOWS\system32\odbc32gt.dll - Ok

C:\WINDOWS\system32\ocmanage.dll - Ok

C:\WINDOWS\system32\odbcbcp.dll - Ok

C:\WINDOWS\system32\objsel.dll - Ok

C:\WINDOWS\system32\odbcconf.rsp - Ok

C:\WINDOWS\system32\odbcconf.dll - Ok

C:\WINDOWS\system32\odbccp32.cpl - Ok

C:\WINDOWS\system32\odbcconf.exe - Ok

C:\WINDOWS\system32\odbcad32.exe - Ok

C:\WINDOWS\system32\odbccr32.dll - Ok

C:\WINDOWS\system32\odbcint.dll - Ok

C:\WINDOWS\system32\odbccp32.dll - Ok

C:\WINDOWS\system32\odbcp32r.dll - Ok

C:\WINDOWS\system32\odbccu32.dll - Ok

C:\WINDOWS\system32\odbcji32.dll - Ok

C:\WINDOWS\system32\oddbse32.dll - Ok

C:\WINDOWS\system32\odexl32.dll - Ok

C:\WINDOWS\system32\odfox32.dll - Ok

C:\WINDOWS\system32\odtext32.dll - Ok

C:\WINDOWS\system32\odpdx32.dll - Ok

C:\WINDOWS\system32\odbctrac.dll - Ok

C:\WINDOWS\system32\oembios.dat - Ok

C:\WINDOWS\system32\oembios.sig - Ok

C:\WINDOWS\system32\odbcjt32.dll - Ok

C:\WINDOWS\system32\ole2.dll - Ok

C:\WINDOWS\system32\oembios.bin - Ok

C:\WINDOWS\system32\ole2disp.dll - Ok

C:\WINDOWS\system32\ole2nls.dll - Ok

C:\WINDOWS\system32\oleaccrc.dll - Ok

C:\WINDOWS\system32\oleacc.dll - Ok

C:\WINDOWS\system32\offfilt.dll - Ok

C:\WINDOWS\system32\olecli.dll - Ok

C:\WINDOWS\system32\oleaut32.dll - Ok

C:\WINDOWS\system32\olecnv32.dll - Ok

C:\WINDOWS\system32\olecli32.dll - Ok

C:\WINDOWS\system32\nvopencl.dll - Ok

>C:\WINDOWS\system32\ole32.dll is BINARYRES container

C:\WINDOWS\system32\ole32.dll - container

C:\WINDOWS\system32\oledlg.dll - Ok

C:\WINDOWS\system32\oleprn.dll - Ok

C:\WINDOWS\system32\olesvr32.dll - Ok

C:\WINDOWS\system32\olesvr.dll - Ok

C:\WINDOWS\system32\olethk32.dll - Ok

C:\WINDOWS\system32\olepro32.dll - Ok

C:\WINDOWS\system32\onex.dll - Ok

C:\WINDOWS\system32\osuninst.dll - Ok

C:\WINDOWS\system32\osuninst.exe - Ok

C:\WINDOWS\system32\p2p.dll - Ok

C:\WINDOWS\system32\osk.exe - Ok

C:\WINDOWS\system32\p2pgasvc.dll - Ok

C:\WINDOWS\system32\p2pnetsh.dll - Ok

C:\WINDOWS\system32\OpenCL.dll - Ok

C:\WINDOWS\system32\p2pgraph.dll - Ok

C:\WINDOWS\system32\packager.exe - Ok

C:\WINDOWS\system32\panmap.dll - Ok

C:\WINDOWS\system32\pathping.exe - Ok

C:\WINDOWS\system32\pcl.sep - Ok

C:\WINDOWS\system32\pautoenr.dll - Ok

C:\WINDOWS\system32\p2psvc.dll - Ok

C:\WINDOWS\system32\pdh.dll - Ok

C:\WINDOWS\system32\opengl32.dll - Ok

C:\WINDOWS\system32\perfc009.dat - Ok

C:\WINDOWS\system32\perfci.h - Ok

C:\WINDOWS\system32\perfci.ini - Ok

C:\WINDOWS\system32\perfd009.dat - Ok

C:\WINDOWS\system32\pentnt.exe - Ok

C:\WINDOWS\system32\paqsp.dll - Ok

C:\WINDOWS\system32\perffilt.h - Ok

C:\WINDOWS\system32\perffilt.ini - Ok

C:\WINDOWS\system32\perfctrs.dll - Ok

C:\WINDOWS\system32\perfh009.dat - Ok

C:\WINDOWS\system32\perfdisk.dll - Ok

C:\WINDOWS\system32\perfi009.dat - Ok

C:\WINDOWS\system32\perfmon.msc - Ok

C:\WINDOWS\system32\perfnet.dll - Ok

C:\WINDOWS\system32\PerfStringBackup.INI - Ok

C:\WINDOWS\system32\perfwci.h - Ok

C:\WINDOWS\system32\perfwci.ini - Ok

C:\WINDOWS\system32\perfproc.dll - Ok

C:\WINDOWS\system32\perfos.dll - Ok

>C:\WINDOWS\system32\perfts.dll - packed by FLY-CODE

C:\WINDOWS\system32\perfmon.exe - Ok

C:\WINDOWS\system32\pid.dll - Ok

C:\WINDOWS\system32\perfts.dll - Ok

C:\WINDOWS\system32\pid.inf - Ok

C:\WINDOWS\system32\photowiz.dll - Ok

C:\WINDOWS\system32\pidgen.dll - Ok

C:\WINDOWS\system32\pifmgr.dll - Ok

>C:\WINDOWS\system32\pjlmon.dll - packed by FLY-CODE

C:\WINDOWS\system32\ping.exe - Ok

C:\WINDOWS\system32\pmspl.dll - Ok

C:\WINDOWS\system32\ping6.exe - Ok

C:\WINDOWS\system32\plustab.dll - Ok

C:\WINDOWS\system32\pjlmon.dll - Ok

C:\WINDOWS\system32\pngfilt.dll - Ok

C:\WINDOWS\system32\photometadatahandler.dll - Ok

C:\WINDOWS\system32\pnrpnsp.dll - Ok

C:\WINDOWS\system32\powrprof.dll - Ok

C:\WINDOWS\system32\polstore.dll - Ok

C:\WINDOWS\system32\powercfg.exe - Ok

C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll - Ok

C:\WINDOWS\system32\powercfg.cpl - Ok

C:\WINDOWS\system32\prflbmsg.dll - Ok

C:\WINDOWS\system32\print.exe - Ok

C:\WINDOWS\system32\PresentationHostProxy.dll - Ok

C:\WINDOWS\system32\prntvpt.dll - Ok

C:\WINDOWS\system32\proctexe.ocx - Ok

C:\WINDOWS\system32\prodspec.ini - Ok

C:\WINDOWS\system32\PresentationHost.exe - Ok

C:\WINDOWS\system32\printui.dll - Ok

C:\WINDOWS\system32\profmap.dll - Ok

C:\WINDOWS\system32\proxycfg.exe - Ok

C:\WINDOWS\system32\psapi.dll - Ok

C:\WINDOWS\system32\psbase.dll - Ok

C:\WINDOWS\system32\pschdcnt.h - Ok

C:\WINDOWS\system32\pschdprf.dll - Ok

C:\WINDOWS\system32\pscript.sep - Ok

C:\WINDOWS\system32\progman.exe - Ok

C:\WINDOWS\system32\psnppagn.dll - Ok

C:\WINDOWS\system32\pschdprf.ini - Ok

C:\WINDOWS\system32\pubprn.vbs - Ok

C:\WINDOWS\system32\PresentationNative_v0300.dll - Ok

C:\WINDOWS\system32\pstorsvc.dll - Ok

C:\WINDOWS\system32\pstorec.dll - Ok

C:\WINDOWS\system32\proquota.exe - Ok

C:\WINDOWS\system32\qappsrv.exe - Ok

C:\WINDOWS\system32\qagent.dll - Ok

C:\WINDOWS\system32\qagentrt.dll - Ok

C:\WINDOWS\system32\qcliprov.dll - Ok

C:\WINDOWS\system32\qasf.dll - Ok

C:\WINDOWS\system32\qcap.dll - Ok

C:\WINDOWS\system32\qmgr.dll - Ok

C:\WINDOWS\system32\qmgrprxy.dll - Ok

C:\WINDOWS\system32\qdvd.dll - Ok

C:\WINDOWS\system32\qosname.dll - Ok

C:\WINDOWS\system32\qdv.dll - Ok

C:\WINDOWS\system32\qprocess.exe - Ok

C:\WINDOWS\system32\qutil.dll - Ok

C:\WINDOWS\system32\qedit.dll - Ok

C:\WINDOWS\system32\qedwipes.dll - Ok

C:\WINDOWS\system32\rasadhlp.dll - Ok

C:\WINDOWS\system32\qwinsta.exe - Ok

C:\WINDOWS\system32\racpldlg.dll - Ok

C:\WINDOWS\system32\rasauto.dll - Ok

C:\WINDOWS\system32\rasapi32.dll - Ok

C:\WINDOWS\system32\rasautou.exe - Ok

C:\WINDOWS\system32\query.dll - Ok

C:\WINDOWS\system32\rasctrnm.h - Ok

C:\WINDOWS\system32\rasctrs.dll - Ok

C:\WINDOWS\system32\rasctrs.ini - Ok

C:\WINDOWS\system32\raschap.dll - Ok

C:\WINDOWS\system32\rasman.dll - Ok

C:\WINDOWS\system32\rasdial.exe - Ok

C:\WINDOWS\system32\rasmontr.dll - Ok

C:\WINDOWS\system32\rasmans.dll - Ok

C:\WINDOWS\system32\quartz.dll - Ok

C:\WINDOWS\system32\rasqec.dll - Ok

C:\WINDOWS\system32\rasmxs.dll - Ok

C:\WINDOWS\system32\rasdlg.dll - Ok

>C:\WINDOWS\system32\rasser.dll - packed by FLY-CODE

C:\WINDOWS\system32\rasrad.dll - Ok

C:\WINDOWS\system32\rasppp.dll - Ok

C:\WINDOWS\system32\rassapi.dll - Ok

C:\WINDOWS\system32\rastapi.dll - Ok

C:\WINDOWS\system32\rcbdyctl.dll - Ok

C:\WINDOWS\system32\rastls.dll - Ok

C:\WINDOWS\system32\rasser.dll - Ok

C:\WINDOWS\system32\rdpcfgex.dll - Ok

C:\WINDOWS\system32\rcp.exe - Ok

C:\WINDOWS\system32\rdpdd.dll - Ok

C:\WINDOWS\system32\rdpsnd.dll - Ok

C:\WINDOWS\system32\rdchost.dll - Ok

C:\WINDOWS\system32\rdpwsx.dll - Ok

C:\WINDOWS\system32\rcimlby.exe - Ok

C:\WINDOWS\system32\recover.exe - Ok

C:\WINDOWS\system32\redir.exe - Ok

C:\WINDOWS\system32\rdsaddin.exe - Ok

C:\WINDOWS\system32\rdshost.exe - Ok

C:\WINDOWS\system32\regapi.dll - Ok

C:\WINDOWS\system32\reg.exe - Ok

C:\WINDOWS\system32\regedt32.exe - Ok

C:\WINDOWS\system32\regini.exe - Ok

C:\WINDOWS\system32\rdpclip.exe - Ok

C:\WINDOWS\system32\regsvc.dll - Ok

C:\WINDOWS\system32\rasphone.exe - Ok

C:\WINDOWS\system32\regwiz.exe - Ok

C:\WINDOWS\system32\remotepg.dll - Ok

C:\WINDOWS\system32\remotesp.tsp - Ok

C:\WINDOWS\system32\replace.exe - Ok

>C:\WINDOWS\system32\reset.exe - packed by FLY-CODE

C:\WINDOWS\system32\regsvr32.exe - Ok

C:\WINDOWS\system32\resutils.dll - Ok

C:\WINDOWS\system32\rend.dll - Ok

C:\WINDOWS\system32\rexec.exe - Ok

C:\WINDOWS\system32\reset.exe - Ok

C:\WINDOWS\system32\riched32.dll - Ok

C:\WINDOWS\system32\rnr20.dll - Ok

C:\WINDOWS\system32\regwizc.dll - Ok

C:\WINDOWS\system32\route.exe - Ok

C:\WINDOWS\system32\rgb9rast_2.dll - Ok

C:\WINDOWS\system32\routemon.exe - Ok

C:\WINDOWS\system32\routetab.dll - Ok

C:\WINDOWS\system32\rpcns4.dll - Ok

C:\WINDOWS\system32\rhttpaa.dll - Ok

C:\WINDOWS\system32\rsaci.rat - Ok

C:\WINDOWS\system32\rpcrt4.dll - Ok

C:\WINDOWS\system32\riched20.dll - Ok

C:\WINDOWS\system32\rsh.exe - Ok

C:\WINDOWS\system32\rsaenh.dll - Ok

C:\WINDOWS\system32\rshx32.dll - Ok

C:\WINDOWS\system32\rsmps.dll - Ok

C:\WINDOWS\system32\rsm.exe - Ok

C:\WINDOWS\system32\rpcss.dll - Ok

C:\WINDOWS\system32\rsvp.ini - Ok

C:\WINDOWS\system32\rsvpcnts.h - Ok

C:\WINDOWS\system32\rsvp.exe - Ok

C:\WINDOWS\system32\rsvpmsg.dll - Ok

>C:\WINDOWS\system32\rsvpperf.dll - packed by FLY-CODE

C:\WINDOWS\system32\rsvpperf.dll - Ok

C:\WINDOWS\system32\rsvpsp.dll - Ok

C:\WINDOWS\system32\rsmsink.exe - Ok

C:\WINDOWS\system32\rtipxmib.dll - Ok

C:\WINDOWS\system32\RtkCoLDRXP.dll - Ok

C:\WINDOWS\system32\rsmui.exe - Ok

C:\WINDOWS\system32\rtcshare.exe - Ok

C:\WINDOWS\system32\RtkCoInstIIXP.dll - Ok

C:\WINDOWS\system32\rtm.dll - Ok

C:\WINDOWS\system32\RtNicProp32.dll - Ok

C:\WINDOWS\system32\rtutils.dll - Ok

C:\WINDOWS\system32\runas.exe - Ok

C:\WINDOWS\system32\RTNUninst32.dll - Ok

C:\WINDOWS\system32\rundll32.exe - Ok

C:\WINDOWS\system32\rwinsta.exe - Ok

C:\WINDOWS\system32\runonce.exe - Ok

C:\WINDOWS\system32\safrdm.dll - Ok

C:\WINDOWS\system32\safrslv.dll - Ok

C:\WINDOWS\system32\safrcdlg.dll - Ok

C:\WINDOWS\system32\samlib.dll - Ok

C:\WINDOWS\system32\sapi.cpl.manifest - Ok

C:\WINDOWS\system32\s3gnb.dll - Ok

C:\WINDOWS\system32\samsrv.dll - Ok

C:\WINDOWS\system32\sc.exe - Ok

C:\WINDOWS\system32\savedump.exe - Ok

C:\WINDOWS\system32\scarddlg.dll - Ok

C:\WINDOWS\system32\sbe.dll - Ok

C:\WINDOWS\system32\sbeio.dll - Ok

C:\WINDOWS\system32\scardsvr.exe - Ok

C:\WINDOWS\system32\RTSndMgr.CPL - Ok

C:\WINDOWS\system32\scardssp.dll - Ok

C:\WINDOWS\system32\scecli.dll - Ok

C:\WINDOWS\system32\sccbase.dll - Ok

C:\WINDOWS\system32\scesrv.dll - Ok

C:\WINDOWS\system32\sclgntfy.dll - Ok

C:\WINDOWS\system32\schannel.dll - Ok

C:\WINDOWS\system32\sccsccp.dll - Ok

C:\WINDOWS\system32\scredir.dll - Ok

C:\WINDOWS\system32\schedsvc.dll - Ok

C:\WINDOWS\system32\sdhcinst.dll - Ok

C:\WINDOWS\system32\scrrun.dll - Ok

C:\WINDOWS\system32\seclogon.dll - Ok

C:\WINDOWS\system32\scrnsave.scr - Ok

C:\WINDOWS\system32\secupd.dat - Ok

C:\WINDOWS\system32\scrobj.dll - Ok

C:\WINDOWS\system32\secupd.sig - Ok

C:\WINDOWS\system32\sdpblb.dll - Ok

C:\WINDOWS\system32\security.dll - Ok

C:\WINDOWS\system32\sdbinst.exe - Ok

C:\WINDOWS\system32\secur32.dll - Ok

C:\WINDOWS\system32\sensapi.dll - Ok

C:\WINDOWS\system32\sens.dll - Ok

C:\WINDOWS\system32\sendmail.dll - Ok

C:\WINDOWS\system32\senscfg.dll - Ok

C:\WINDOWS\system32\serialui.dll - Ok

C:\WINDOWS\system32\services.msc - Ok

C:\WINDOWS\system32\serwvdrv.dll - Ok

C:\WINDOWS\system32\sendcmsg.dll - Ok

C:\WINDOWS\system32\services.exe - Ok

C:\WINDOWS\system32\sessmgr.exe - Ok

C:\WINDOWS\system32\servdeps.dll - Ok

C:\WINDOWS\system32\setup.bmp - Ok

>C:\WINDOWS\system32\setupapi.dll - packed by BINARYRES

Link to post
Share on other sites

>>C:\WINDOWS\system32\setupapi.dll - packed by MS COMPRESS

C:\WINDOWS\system32\setupapi.dll - Ok

C:\WINDOWS\system32\setver.exe - Ok

C:\WINDOWS\system32\sethc.exe - Ok

C:\WINDOWS\system32\sfc.dll - Ok

C:\WINDOWS\system32\sfc.exe - Ok

C:\WINDOWS\system32\setupn.exe - Ok

C:\WINDOWS\system32\setup.exe - Ok

C:\WINDOWS\system32\sfmapi.dll - Ok

>C:\WINDOWS\system32\share.exe - packed by EXEPACK

>>C:\WINDOWS\system32\share.exe - packed by COM2EXE

C:\WINDOWS\system32\share.exe - Ok

C:\WINDOWS\system32\shadow.exe - Ok

C:\WINDOWS\system32\sfcfiles.dll - Ok

C:\WINDOWS\system32\setupdll.dll - Ok

C:\WINDOWS\system32\shell.dll - Ok

C:\WINDOWS\system32\sfc_os.dll - Ok

>C:\WINDOWS\system32\shdoclc.dll is BINARYRES container

>>C:\WINDOWS\system32\shdoclc.dll\data001 is JS-HTML container

C:\WINDOWS\system32\shfolder.dll - Ok

>>C:\WINDOWS\system32\shdoclc.dll\data002 is JS-HTML container

>>C:\WINDOWS\system32\shdoclc.dll\data003 is JS-HTML container

C:\WINDOWS\system32\shgina.dll - Ok

C:\WINDOWS\system32\shellstyle.dll - Ok

>>C:\WINDOWS\system32\shdoclc.dll\data004 is JS-HTML container

C:\WINDOWS\system32\shiftjis.uce - Ok

C:\WINDOWS\system32\shimeng.dll - Ok

C:\WINDOWS\system32\shdocvw.dll - Ok

>>C:\WINDOWS\system32\shdoclc.dll\data005 is JS-HTML container

>>C:\WINDOWS\system32\shdoclc.dll\data006 is JS-HTML container

C:\WINDOWS\system32\shdoclc.dll - container

C:\WINDOWS\system32\shlwapi.dll - Ok

C:\WINDOWS\system32\shmedia.dll - Ok

C:\WINDOWS\system32\shrpubw.exe - Ok

>C:\WINDOWS\system32\shell32.dll is BINARYRES container

>C:\WINDOWS\system32\shimgvw.dll is BINARYRES container

>>C:\WINDOWS\system32\shell32.dll\data001 is JS-HTML container

C:\WINDOWS\system32\shscrap.dll - Ok

>>C:\WINDOWS\system32\shimgvw.dll\data001 is JS-HTML container

C:\WINDOWS\system32\shsvcs.dll - Ok

>>C:\WINDOWS\system32\shimgvw.dll\data002 is JS-HTML container

C:\WINDOWS\system32\shell32.dll - container

C:\WINDOWS\system32\shimgvw.dll - container

C:\WINDOWS\system32\sigtab.dll - Ok

C:\WINDOWS\system32\shmgrate.exe - Ok

C:\WINDOWS\system32\simpdata.tlb - Ok

C:\WINDOWS\system32\shutdown.exe - Ok

C:\WINDOWS\system32\sisbkup.dll - Ok

C:\WINDOWS\system32\skdll.dll - Ok

C:\WINDOWS\system32\sigverif.exe - Ok

C:\WINDOWS\system32\slayerxp.dll - Ok

C:\WINDOWS\system32\slbrccsp.dll - Ok

C:\WINDOWS\system32\slbiop.dll - Ok

C:\WINDOWS\system32\slcoinst.dll - Ok

C:\WINDOWS\system32\skeys.exe - Ok

C:\WINDOWS\system32\slbcsp.dll - Ok

C:\WINDOWS\system32\slgen.dll - Ok

C:\WINDOWS\system32\slserv.exe - Ok

C:\WINDOWS\system32\sl_anet.acm - Ok

C:\WINDOWS\system32\smbinst.exe - Ok

C:\WINDOWS\system32\slextspk.dll - Ok

C:\WINDOWS\system32\smss.exe - Ok

C:\WINDOWS\system32\smlogsvc.exe - Ok

C:\WINDOWS\system32\snmpapi.dll - Ok

C:\WINDOWS\system32\sndrec32.exe - Ok

C:\WINDOWS\system32\softpub.dll - Ok

C:\WINDOWS\system32\sndvol32.exe - Ok

C:\WINDOWS\system32\smlogcfg.dll - Ok

C:\WINDOWS\system32\sortkey.nls - Ok

C:\WINDOWS\system32\sorttbls.nls - Ok

C:\WINDOWS\system32\sound.drv - Ok

C:\WINDOWS\system32\sort.exe - Ok

C:\WINDOWS\system32\snmpsnap.dll - Ok

C:\WINDOWS\system32\spmsg.dll - Ok

C:\WINDOWS\system32\slrundll.exe - Ok

C:\WINDOWS\system32\spdwnwxp.exe - Ok

C:\WINDOWS\system32\spnpinst.exe - Ok

C:\WINDOWS\system32\spoolss.dll - Ok

C:\WINDOWS\system32\spnike.dll - Ok

C:\WINDOWS\system32\sol.exe - Ok

C:\WINDOWS\system32\sprestrt.exe - Ok

C:\WINDOWS\system32\spider.exe - Ok

C:\WINDOWS\system32\sprio600.dll - Ok

C:\WINDOWS\system32\spupdsvc.exe - Ok

C:\WINDOWS\system32\spupdwxp.log - Ok

C:\WINDOWS\system32\spupdwxp.exe - Ok

>C:\WINDOWS\system32\sqlsodbc.chm is CHM container

C:\WINDOWS\system32\spxcoins.dll - Ok

C:\WINDOWS\system32\sprio800.dll - Ok

C:\WINDOWS\system32\spoolsv.exe - Ok

C:\WINDOWS\system32\sqlsrv32.rll - Ok

C:\WINDOWS\system32\sqlwid.dll - Ok

C:\WINDOWS\system32\sqlsrv32.dll - Ok

C:\WINDOWS\system32\sqlwoa.dll - Ok

C:\WINDOWS\system32\srclient.dll - Ok

>>C:\WINDOWS\system32\sqlsodbc.chm\Basics\mailto.js is JS-HTML container

C:\WINDOWS\system32\sqlunirl.dll - Ok

C:\WINDOWS\system32\srvsvc.dll - Ok

C:\WINDOWS\system32\srsvc.dll - Ok

>>C:\WINDOWS\system32\sqlsodbc.chm\Basics\shared.js is JS-HTML container

C:\WINDOWS\system32\srrstr.dll - Ok

C:\WINDOWS\system32\ssdpapi.dll - Ok

C:\WINDOWS\system32\sqlsodbc.chm - container

C:\WINDOWS\system32\ssdpsrv.dll - Ok

C:\WINDOWS\system32\ssbezier.scr - Ok

C:\WINDOWS\system32\ssmarque.scr - Ok

>C:\WINDOWS\system32\ss3dfo.scr is ZLIB container

C:\WINDOWS\system32\ssmyst.scr - Ok

C:\WINDOWS\system32\ssflwbox.scr - Ok

C:\WINDOWS\system32\ss3dfo.scr - container

C:\WINDOWS\system32\stclient.dll - Ok

C:\WINDOWS\system32\stdole2.tlb - Ok

C:\WINDOWS\system32\ssstars.scr - Ok

C:\WINDOWS\system32\stdole32.tlb - Ok

C:\WINDOWS\system32\sti.dll - Ok

C:\WINDOWS\system32\stimon.exe - Ok

C:\WINDOWS\system32\ssmypics.scr - Ok

C:\WINDOWS\system32\storage.dll - Ok

C:\WINDOWS\system32\sti_ci.dll - Ok

C:\WINDOWS\system32\sspipes.scr - Ok

C:\WINDOWS\system32\stobject.dll - Ok

C:\WINDOWS\system32\streamci.dll - Ok

C:\WINDOWS\system32\storprop.dll - Ok

C:\WINDOWS\system32\sstext3d.scr - Ok

C:\WINDOWS\system32\strmfilt.dll - Ok

C:\WINDOWS\system32\subrange.uce - Ok

C:\WINDOWS\system32\subst.exe - Ok

C:\WINDOWS\system32\svcpack.dll - Ok

C:\WINDOWS\system32\svchost.exe - Ok

C:\WINDOWS\system32\synceng.dll - Ok

C:\WINDOWS\system32\strmdll.dll - Ok

C:\WINDOWS\system32\swprv.dll - Ok

C:\WINDOWS\system32\syncui.dll - Ok

C:\WINDOWS\system32\sysedit.exe - Ok

C:\WINDOWS\system32\sxs.dll - Ok

C:\WINDOWS\system32\sysinv.dll - Ok

C:\WINDOWS\system32\syncapp.exe - Ok

C:\WINDOWS\system32\sysdm.cpl - Ok

C:\WINDOWS\system32\sysprint.sep - Ok

C:\WINDOWS\system32\sysprtj.sep - Ok

C:\WINDOWS\system32\syskey.exe - Ok

C:\WINDOWS\system32\system.drv - Ok

C:\WINDOWS\system32\sysmon.ocx - Ok

C:\WINDOWS\system32\sysocmgr.exe - Ok

C:\WINDOWS\system32\systray.exe - Ok

C:\WINDOWS\system32\tapi.dll - Ok

C:\WINDOWS\system32\tapiperf.dll - Ok

C:\WINDOWS\system32\t2embed.dll - Ok

C:\WINDOWS\system32\tapi32.dll - Ok

C:\WINDOWS\system32\tapiui.dll - Ok

C:\WINDOWS\system32\syssetup.dll - Ok

C:\WINDOWS\system32\tapisrv.dll - Ok

C:\WINDOWS\system32\taskman.exe - Ok

C:\WINDOWS\system32\tcpmib.dll - Ok

C:\WINDOWS\system32\tcpmon.dll - Ok

C:\WINDOWS\system32\tcmsetup.exe - Ok

C:\WINDOWS\system32\tcpmonui.dll - Ok

C:\WINDOWS\system32\tcpsvcs.exe - Ok

C:\WINDOWS\system32\tcpmon.ini - Ok

C:\WINDOWS\system32\taskmgr.exe - Ok

C:\WINDOWS\system32\telephon.cpl - Ok

C:\WINDOWS\system32\tdc.ocx - Ok

C:\WINDOWS\system32\tftp.exe - Ok

>C:\WINDOWS\system32\telnet.exe - packed by FLY-CODE

C:\WINDOWS\system32\termsrv.dll - Ok

C:\WINDOWS\system32\ticrf.rat - Ok

C:\WINDOWS\system32\telnet.exe - Ok

C:\WINDOWS\system32\themeui.dll - Ok

C:\WINDOWS\system32\timer.drv - Ok

C:\WINDOWS\system32\termmgr.dll - Ok

C:\WINDOWS\system32\toolhelp.dll - Ok

C:\WINDOWS\system32\tapi3.dll - Ok

C:\WINDOWS\system32\tracert.exe - Ok

C:\WINDOWS\system32\traffic.dll - Ok

C:\WINDOWS\system32\tracert6.exe - Ok

C:\WINDOWS\system32\timedate.cpl - Ok

C:\WINDOWS\system32\tree.com - Ok

C:\WINDOWS\system32\tsbyuv.dll - Ok

C:\WINDOWS\system32\tourstart.exe - Ok

C:\WINDOWS\system32\tscfgwmi.dll - Ok

C:\WINDOWS\system32\tscon.exe - Ok

C:\WINDOWS\system32\tsappcmp.dll - Ok

C:\WINDOWS\system32\trkwks.dll - Ok

C:\WINDOWS\system32\tsd32.dll - Ok

C:\WINDOWS\system32\tsddd.dll - Ok

C:\WINDOWS\system32\tslabels.h - Ok

C:\WINDOWS\system32\tsdiscon.exe - Ok

C:\WINDOWS\system32\tskill.exe - Ok

C:\WINDOWS\system32\tsgqec.dll - Ok

C:\WINDOWS\system32\tssoft32.acm - Ok

C:\WINDOWS\system32\tslabels.ini - Ok

C:\WINDOWS\system32\tsshutdn.exe - Ok

C:\WINDOWS\system32\TsWpfWrp.exe - Ok

C:\WINDOWS\system32\tspkg.dll - Ok

C:\WINDOWS\system32\twext.dll - Ok

C:\WINDOWS\system32\TZLog.log - Ok

C:\WINDOWS\system32\typelib.dll - Ok

C:\WINDOWS\system32\tscupgrd.exe - Ok

C:\WINDOWS\system32\tzchange.exe - Ok

C:\WINDOWS\system32\txflog.dll - Ok

C:\WINDOWS\system32\udhisapi.dll - Ok

C:\WINDOWS\system32\ufat.dll - Ok

C:\WINDOWS\system32\umdmxfrm.dll - Ok

C:\WINDOWS\system32\unicode.nls - Ok

C:\WINDOWS\system32\umandlg.dll - Ok

C:\WINDOWS\system32\ulib.dll - Ok

C:\WINDOWS\system32\umpnpmgr.dll - Ok

C:\WINDOWS\system32\unimdmat.dll - Ok

>C:\WINDOWS\system32\uniplat.dll - packed by FLY-CODE

C:\WINDOWS\system32\unimdm.tsp - Ok

C:\WINDOWS\system32\unlodctr.exe - Ok

C:\WINDOWS\system32\uniplat.dll - Ok

C:\WINDOWS\system32\unicows.dll - Ok

C:\WINDOWS\system32\uiautomationcore.dll - Ok

C:\WINDOWS\system32\upnp.dll - Ok

C:\WINDOWS\system32\ups.exe - Ok

C:\WINDOWS\system32\upnphost.dll - Ok

C:\WINDOWS\system32\ureg.dll - Ok

C:\WINDOWS\system32\upnpcont.exe - Ok

C:\WINDOWS\system32\untfs.dll - Ok

C:\WINDOWS\system32\url.dll - Ok

C:\WINDOWS\system32\user.exe - Ok

C:\WINDOWS\system32\usbmon.dll - Ok

C:\WINDOWS\system32\upnpui.dll - Ok

C:\WINDOWS\system32\usbui.dll - Ok

C:\WINDOWS\system32\userinit.exe - Ok

C:\WINDOWS\system32\urlmon.dll - Ok

C:\WINDOWS\system32\usp10.dll - Ok

C:\WINDOWS\system32\usrcntra.dll - Ok

C:\WINDOWS\system32\user32.dll - Ok

C:\WINDOWS\system32\usrdpa.dll - Ok

C:\WINDOWS\system32\usrcoina.dll - Ok

C:\WINDOWS\system32\userenv.dll - Ok

C:\WINDOWS\system32\usrlogon.cmd - Ok

C:\WINDOWS\system32\usrlbva.dll - Ok

C:\WINDOWS\system32\usrfaxa.dll - Ok

C:\WINDOWS\system32\usrrtosa.dll - Ok

C:\WINDOWS\system32\usrmlnka.exe - Ok

C:\WINDOWS\system32\usrprbda.exe - Ok

C:\WINDOWS\system32\usrdtea.dll - Ok

C:\WINDOWS\system32\usrsdpia.dll - Ok

>C:\WINDOWS\system32\usrv42a.dll - packed by FLY-CODE

C:\WINDOWS\system32\usrsvpia.dll - Ok

C:\WINDOWS\system32\usrshuta.exe - Ok

C:\WINDOWS\system32\usrvoica.dll - Ok

C:\WINDOWS\system32\usrv80a.dll - Ok

C:\WINDOWS\system32\utildll.dll - Ok

C:\WINDOWS\system32\usrvpa.dll - Ok

C:\WINDOWS\system32\v7vga.rom - Ok

C:\WINDOWS\system32\uxtheme.dll - Ok

C:\WINDOWS\system32\vbisurf.ax - Ok

C:\WINDOWS\system32\vcdex.dll - Ok

C:\WINDOWS\system32\usrv42a.dll - Ok

C:\WINDOWS\system32\vdmdbg.dll - Ok

C:\WINDOWS\system32\ver.dll - Ok

C:\WINDOWS\system32\vdmredir.dll - Ok

C:\WINDOWS\system32\verifier.dll - Ok

C:\WINDOWS\system32\vbscript.dll - Ok

C:\WINDOWS\system32\verclsid.exe - Ok

C:\WINDOWS\system32\version.dll - Ok

C:\WINDOWS\system32\vfpodbc.dll - Ok

C:\WINDOWS\system32\verifier.exe - Ok

C:\WINDOWS\system32\vga.dll - Ok

C:\WINDOWS\system32\vga.drv - Ok

C:\WINDOWS\system32\vga256.dll - Ok

C:\WINDOWS\system32\View Channels.scf - Ok

C:\WINDOWS\system32\vga64k.dll - Ok

C:\WINDOWS\system32\vidcap.ax - Ok

C:\WINDOWS\system32\vjoy.dll - Ok

C:\WINDOWS\system32\vssadmin.exe - Ok

C:\WINDOWS\system32\vss_ps.dll - Ok

C:\WINDOWS\system32\vssapi.dll - Ok

C:\WINDOWS\system32\utilman.exe - Ok

C:\WINDOWS\system32\vssvc.exe - Ok

C:\WINDOWS\system32\vbajet32.dll - Ok

C:\WINDOWS\system32\watchdog.sys - Ok

C:\WINDOWS\system32\w32time.dll - Ok

C:\WINDOWS\system32\w3ssl.dll - Ok

C:\WINDOWS\system32\w32tm.exe - Ok

C:\WINDOWS\system32\wbcache.deu - Ok

C:\WINDOWS\system32\w32topl.dll - Ok

C:\WINDOWS\system32\wbcache.enu - Ok

C:\WINDOWS\system32\wbcache.esn - Ok

C:\WINDOWS\system32\wbcache.fra - Ok

C:\WINDOWS\system32\wbcache.ita - Ok

C:\WINDOWS\system32\wbcache.nld - Ok

C:\WINDOWS\system32\wbcache.sve - Ok

C:\WINDOWS\system32\wbdbase.deu - Ok

C:\WINDOWS\system32\wbdbase.enu - Ok

C:\WINDOWS\system32\wbdbase.esn - Ok

C:\WINDOWS\system32\wbdbase.fra - Ok

C:\WINDOWS\system32\wdigest.dll - Ok

C:\WINDOWS\system32\wavemsp.dll - Ok

C:\WINDOWS\system32\wbdbase.ita - Ok

C:\WINDOWS\system32\wbdbase.nld - Ok

C:\WINDOWS\system32\wdl.trm - Ok

C:\WINDOWS\system32\wbdbase.sve - Ok

C:\WINDOWS\system32\wdmaud.drv - Ok

C:\WINDOWS\system32\webclnt.dll - Ok

C:\WINDOWS\system32\webhits.dll - Ok

C:\WINDOWS\system32\webcheck.dll - Ok

C:\WINDOWS\system32\wfwnet.drv - Ok

>C:\WINDOWS\system32\webfldrs.msi is OLE container

C:\WINDOWS\system32\webvw.dll - Ok

C:\WINDOWS\system32\wiadss.dll - Ok

C:\WINDOWS\system32\wextract.exe - Ok

C:\WINDOWS\system32\wiascr.dll - Ok

C:\WINDOWS\system32\wiadefui.dll - Ok

C:\WINDOWS\system32\wiaacmgr.exe - Ok

C:\WINDOWS\system32\wiasf.ax - Ok

C:\WINDOWS\system32\wiaservc.dll - Ok

C:\WINDOWS\system32\wifeman.dll - Ok

C:\WINDOWS\system32\wiavideo.dll - Ok

C:\WINDOWS\system32\wiashext.dll - Ok

>>C:\WINDOWS\system32\webfldrs.msi\stream001 is CAB archive

C:\WINDOWS\system32\webfldrs.msi\stream001 - Ok

C:\WINDOWS\system32\webfldrs.msi - Ok

C:\WINDOWS\system32\webfldrs.msi - container

C:\WINDOWS\system32\wiavusd.dll - Ok

C:\WINDOWS\system32\win87em.dll - Ok

C:\WINDOWS\system32\win32spl.dll - Ok

C:\WINDOWS\system32\win.com - Ok

C:\WINDOWS\system32\winbrand.dll - Ok

C:\WINDOWS\system32\WindowsLogon.manifest - Ok

C:\WINDOWS\system32\winfax.dll - Ok

C:\WINDOWS\system32\windowscodecsext.dll - Ok

C:\WINDOWS\system32\winhelp.hlp - Ok

C:\WINDOWS\system32\winchat.exe - Ok

C:\WINDOWS\system32\WinFXDocObj.exe - Ok

C:\WINDOWS\system32\win32k.sys - Ok

C:\WINDOWS\system32\winipsec.dll - Ok

C:\WINDOWS\system32\winhttp.dll - Ok

C:\WINDOWS\system32\windowscodecs.dll - Ok

C:\WINDOWS\system32\winhlp32.exe - Ok

C:\WINDOWS\system32\winmm.dll - Ok

C:\WINDOWS\system32\winlogon.exe - Ok

C:\WINDOWS\system32\winnls.dll - Ok

C:\WINDOWS\system32\wininet.dll - Ok

C:\WINDOWS\system32\winmine.exe - Ok

C:\WINDOWS\system32\winoldap.mod - Ok

>C:\WINDOWS\system32\winrnr.dll - packed by FLY-CODE

C:\WINDOWS\system32\winscard.dll - Ok

C:\WINDOWS\system32\winsock.dll - Ok

C:\WINDOWS\system32\winshfhc.dll - Ok

C:\WINDOWS\system32\winrnr.dll - Ok

C:\WINDOWS\system32\winspool.exe - Ok

C:\WINDOWS\system32\winmsd.exe - Ok

>C:\WINDOWS\system32\winsta.dll - packed by FLY-CODE

C:\WINDOWS\system32\winstrm.dll - Ok

C:\WINDOWS\system32\winspool.drv - Ok

C:\WINDOWS\system32\winver.exe - Ok

C:\WINDOWS\system32\winsta.dll - Ok

C:\WINDOWS\system32\winsrv.dll - Ok

C:\WINDOWS\system32\winntbbu.dll - Ok

C:\WINDOWS\system32\wintrust.dll - Ok

C:\WINDOWS\system32\wlnotify.dll - Ok

C:\WINDOWS\system32\wkssvc.dll - Ok

C:\WINDOWS\system32\wlanapi.dll - Ok

C:\WINDOWS\system32\wldap32.dll - Ok

C:\WINDOWS\system32\wmadmod.dll - Ok

C:\WINDOWS\system32\wmdmps.dll - Ok

C:\WINDOWS\system32\wmasf.dll - Ok

C:\WINDOWS\system32\wmerrenu.dll - Ok

C:\WINDOWS\system32\wmi.dll - Ok

C:\WINDOWS\system32\wmadmoe.dll - Ok

C:\WINDOWS\system32\wmimgmt.msc - Ok

C:\WINDOWS\system32\wmerror.dll - Ok

>C:\WINDOWS\system32\wmiprop.dll - packed by FLY-CODE

C:\WINDOWS\system32\wmidx.dll - Ok

C:\WINDOWS\system32\wmiprop.dll - Ok

C:\WINDOWS\system32\wmdmlog.dll - Ok

C:\WINDOWS\system32\wmp.ocx - Ok

C:\WINDOWS\system32\wmpcd.dll - Ok

C:\WINDOWS\system32\wmpasf.dll - Ok

C:\WINDOWS\system32\wmpcore.dll - Ok

C:\WINDOWS\system32\WMNetmgr.dll - Ok

C:\WINDOWS\system32\wmpdxm.dll - Ok

C:\WINDOWS\system32\wmpshell.dll - Ok

C:\WINDOWS\system32\wmphoto.dll - Ok

C:\WINDOWS\system32\wmpui.dll - Ok

C:\WINDOWS\system32\wmploc.dll - Ok

C:\WINDOWS\system32\wmsdmoe.dll - Ok

C:\WINDOWS\system32\wmsdmod.dll - Ok

C:\WINDOWS\system32\wmp.dll - Ok

C:\WINDOWS\system32\wmspdmod.dll - Ok

C:\WINDOWS\system32\wmspdmoe.dll - Ok

C:\WINDOWS\system32\wmsdmoe2.dll - Ok

C:\WINDOWS\system32\wmv8ds32.ax - Ok

C:\WINDOWS\system32\wmvdmod.dll - Ok

C:\WINDOWS\system32\WMVCore.dll - Ok

C:\WINDOWS\system32\wmstream.dll - Ok

C:\WINDOWS\system32\wowdeb.exe - Ok

C:\WINDOWS\system32\wowexec.exe - Ok

C:\WINDOWS\system32\wowfax.dll - Ok

C:\WINDOWS\system32\wow32.dll - Ok

C:\WINDOWS\system32\wpa.bak - Ok

C:\WINDOWS\system32\wowfaxui.dll - Ok

C:\WINDOWS\system32\wpa.dbl - Ok

C:\WINDOWS\system32\wmvds32.ax - Ok

C:\WINDOWS\system32\write.exe - Ok

C:\WINDOWS\system32\ws2help.dll - Ok

C:\WINDOWS\system32\wmvdmoe2.dll - Ok

C:\WINDOWS\system32\ws2_32.dll - Ok

C:\WINDOWS\system32\wpabaln.exe - Ok

C:\WINDOWS\system32\wscsvc.dll - Ok

C:\WINDOWS\system32\wshatm.dll - Ok

C:\WINDOWS\system32\wpnpinst.exe - Ok

C:\WINDOWS\system32\MRT.exe - container

C:\WINDOWS\system32\wscript.exe - Ok

C:\WINDOWS\system32\wscntfy.exe - Ok

C:\WINDOWS\system32\wship6.dll - Ok

C:\WINDOWS\system32\wshbth.dll - Ok

>C:\WINDOWS\system32\wscui.cpl is ZLIB container

C:\WINDOWS\system32\wshnetbs.dll - Ok

C:\WINDOWS\system32\wshisn.dll - Ok

C:\WINDOWS\system32\wshext.dll - Ok

C:\WINDOWS\system32\wshrm.dll - Ok

C:\WINDOWS\system32\wshtcpip.dll - Ok

C:\WINDOWS\system32\wscui.cpl - container

C:\WINDOWS\system32\wshom.ocx - Ok

C:\WINDOWS\system32\wsock32.dll - Ok

C:\WINDOWS\system32\wshcon.dll - Ok

C:\WINDOWS\system32\wuapi.dll.mui - Ok

C:\WINDOWS\system32\wtsapi32.dll - Ok

C:\WINDOWS\system32\wsnmp32.dll - Ok

C:\WINDOWS\system32\wuaucpl.cpl.manifest - Ok

>C:\WINDOWS\system32\wuaucpl.cpl - packed by FLY-CODE

C:\WINDOWS\system32\wuapi.dll - Ok

C:\WINDOWS\system32\wuaucpl.cpl.mui - Ok

C:\WINDOWS\system32\wuauclt.exe - Ok

C:\WINDOWS\system32\wuaueng.dll.mui - Ok

C:\WINDOWS\system32\wuauserv.dll - Ok

C:\WINDOWS\system32\wuaucpl.cpl - Ok

>C:\WINDOWS\system32\wuauclt1.exe is BINARYRES container

>>C:\WINDOWS\system32\wuauclt1.exe\data001 is JS-HTML container

C:\WINDOWS\system32\wucltui.dll.mui - Ok

C:\WINDOWS\system32\wuauclt1.exe - container

C:\WINDOWS\system32\wups.dll - Ok

C:\WINDOWS\system32\wuaueng1.dll - Ok

C:\WINDOWS\system32\wups2.dll - Ok

C:\WINDOWS\system32\wuaueng.dll - Ok

C:\WINDOWS\system32\wuweb.dll - Ok

C:\WINDOWS\system32\wucltui.dll - Ok

C:\WINDOWS\system32\wstdecod.dll - Ok

C:\WINDOWS\system32\wzcsapi.dll - Ok

>C:\WINDOWS\system32\xactsrv.dll - packed by FLY-CODE

C:\WINDOWS\system32\wupdmgr.exe - Ok

C:\WINDOWS\system32\XAPOFX1_1.dll - Ok

C:\WINDOWS\system32\wzcdlg.dll - Ok

C:\WINDOWS\system32\xcopy.exe - Ok

C:\WINDOWS\system32\wzcsvc.dll - Ok

C:\WINDOWS\system32\xactsrv.dll - Ok

C:\WINDOWS\system32\xmllite.dll - Ok

C:\WINDOWS\system32\xenroll.dll - Ok

C:\WINDOWS\system32\xmlprov.dll - Ok

C:\WINDOWS\system32\xmlprovi.dll - Ok

C:\WINDOWS\system32\XAudio2_2.dll - Ok

C:\WINDOWS\system32\xolehlp.dll - Ok

C:\WINDOWS\system32\xpsp1res.dll - Ok

C:\WINDOWS\system32\xpsp4res.dll - Ok

C:\WINDOWS\system32\xpob2res.dll - Ok

>C:\WINDOWS\system32\xpsp3res.dll is BINARYRES container

>>C:\WINDOWS\system32\xpsp3res.dll\data001 is JS-HTML container

>>C:\WINDOWS\system32\xpsp3res.dll\data002 is JS-HTML container

C:\WINDOWS\system32\1033\dwintl.dll - Ok

C:\WINDOWS\system32\zipfldr.dll - Ok

C:\WINDOWS\system32\CatRoot2\edb.chk - Ok

C:\WINDOWS\system32\CatRoot2\edb.log - read error

>>C:\WINDOWS\system32\xpsp3res.dll\data004 is JS-HTML container

C:\WINDOWS\system32\xpsp3res.dll - container

C:\WINDOWS\system32\xpsshhdr.dll - Ok

>C:\WINDOWS\system32\xpsp2res.dll is BINARYRES container

>>C:\WINDOWS\system32\xpsp2res.dll\data001 is JS-HTML container

>>C:\WINDOWS\system32\xpsp2res.dll\data002 is JS-HTML container

C:\WINDOWS\system32\CatRoot2\dberr.txt - Ok

C:\WINDOWS\system32\CatRoot2\tmp.edb - read error

>>C:\WINDOWS\system32\xpsp2res.dll\data003 is JS-HTML container

>>C:\WINDOWS\system32\xpsp2res.dll\data004 is JS-HTML container

C:\WINDOWS\system32\xpsp2res.dll - container

C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\TimeStamp - Ok

C:\WINDOWS\system32\CatRoot2\res1.log - Ok

C:\WINDOWS\system32\CatRoot2\res2.log - Ok

C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TimeStamp - Ok

C:\WINDOWS\system32\CatRoot\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\TimeStamp - Ok

C:\WINDOWS\system32\CatRoot2\edb0015F.log - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\HPCRDP.CAT - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\IASNT4.CAT - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\fp4.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ims.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ie8.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\1.CAT - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2296011.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2115168.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2345886.cat - Ok

C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2347290.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2360937.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2378111.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2387149.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2393802.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2419632.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2440591.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2229593.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2476490.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2478960.cat - Ok

C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2478971.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2483185.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2423089.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2506212.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2481109.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2508429.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2509553.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2510531-IE8.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2507938.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2485663.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2443105.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2536276-v2.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2479943.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2564958.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2566454.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2544521-IE8.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2585542.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2584146.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2598479.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2592799.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2570947.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2535512.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2620712.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2544893-v2.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2624667.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2631813.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2619339.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2646524.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2618451.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2653956.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2659262.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2655992.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2661254-v2.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2691442.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2603381.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2686509.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2705219-v2.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2712808.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2719985.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2676562.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2724197.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2661637.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2749655.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2753842-v2.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2758857.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2727528.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2761465-IE8.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2779030.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2723135-v2.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2698365.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2736233.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB888111WXPSP2.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2770660.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB2779562.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB892130.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB946648.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB893803v2_wxp.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB950974.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB951748.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB950762.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB952004.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB951978.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB951376-v2.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB952069.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB952954.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB954155.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB954550-v5.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB923561.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB955759.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956572.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB926139-v2.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956802.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB955069.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956744.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB952287.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB958869.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956803.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB958644.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB956844.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB960225.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB960859.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB967715.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB960803.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB961501.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB959426.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB970430.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB971029.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB969059.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB971657.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB971468.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB961118.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB968389.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973507.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973540.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB970238.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB971961-IE8.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973815.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973869.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB974318.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB972270.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB974392.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB974112.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975025.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975467.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975558.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973687.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB974571.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975713.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB973904.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975562.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB976662-IE8.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975561.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB977816.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB975560.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB977914.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978695.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978338.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978542.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979309.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978706.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978037.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB978601.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979402.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979482.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979559.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979683.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB980232.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB981322.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB979687.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB980195.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB982132.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB980218.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB982381-IE8.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB981997.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MAPIMIG.CAT - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msmsgs.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msn7.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB981793.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\mstsweb.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msxpsdrv.CAT - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB981332-IE8.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\MW770.CAT - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\NT5IIS.CAT - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5inf.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\msn9.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntprint.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem1.CAT - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem10.CAT - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem0.CAT - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem11.CAT - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\KB982665.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem7.CAT - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem8.CAT - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem6.CAT - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem2.CAT - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\OEMBIOS.CAT - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\SP2.CAT - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\sp3.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\startoc.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\TimeStamp - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\wmerrenu.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem5.CAT - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WIC.cat - Ok

C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\oem9.CAT - Ok

C:\WINDOWS\system32\Com\comrereg.exe - Ok

C:\WINDOWS\system32\Com\comrepl.exe - Ok

C:\WINDOWS\system32\Com\comempty.dat - Ok

C:\WINDOWS\system32\Com\comexp.msc - Ok

C:\WINDOWS\system32\Com\mtsadmin.tlb - Ok

C:\WINDOWS\system32\DRVSTORE\HECI_CC47D7DB081BDADC726A35DD31A48F0D70365DD6\HECI.cat - Ok

C:\WINDOWS\system32\DRVSTORE\HECI_CC47D7DB081BDADC726A35DD31A48F0D70365DD6\HECI.inf - Ok

C:\WINDOWS\system32\DRVSTORE\SNB2009_5775E781315762F8B8430ECCC7359C226A9DEEC8\SNB2009.cat - Ok

C:\WINDOWS\system32\DRVSTORE\SNB2009_5775E781315762F8B8430ECCC7359C226A9DEEC8\SNB2009.inf - Ok

C:\WINDOWS\system32\DRVSTORE\cougcore_E839670E2B8E421D8E43C07D82FEE77BCE5DE2FA\cougcore.cat - Ok

C:\WINDOWS\system32\DRVSTORE\HECI_CC47D7DB081BDADC726A35DD31A48F0D70365DD6\HECIx64.sys - Ok

C:\WINDOWS\system32\DRVSTORE\HECI_CC47D7DB081BDADC726A35DD31A48F0D70365DD6\HECI.sys - Ok

C:\WINDOWS\system32\DRVSTORE\cougcore_E839670E2B8E421D8E43C07D82FEE77BCE5DE2FA\cougcore.inf - Ok

C:\WINDOWS\system32\Com\comadmin.dll - Ok

C:\WINDOWS\system32\DRVSTORE\cougsmb_A898C5300C4E969896DCF896351CD84F4892311E\cougsmb.cat - Ok

C:\WINDOWS\system32\DRVSTORE\cougide_A12D2FCAF5A84FB3625271087279B8008B3DE27A\cougide.cat - Ok

C:\WINDOWS\system32\DRVSTORE\cougusb_9A94710AD738C3628C36025DA8EFD50E545CB0AA\cougusb.cat - Ok

C:\WINDOWS\system32\DRVSTORE\cougide_A12D2FCAF5A84FB3625271087279B8008B3DE27A\cougide.inf - Ok

C:\WINDOWS\system32\DirectX\Dinput\actc094.ini - Ok

C:\WINDOWS\system32\DRVSTORE\cougsmb_A898C5300C4E969896DCF896351CD84F4892311E\cougsmb.inf - Ok

C:\WINDOWS\system32\DRVSTORE\cougusb_9A94710AD738C3628C36025DA8EFD50E545CB0AA\cougusb.inf - Ok

C:\WINDOWS\system32\DirectX\Dinput\glmdiggp.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\glmda.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\act_rs.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\gr3001.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\glmdiggp.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\gr3001.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\glmda.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\gr4001.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\gr4001_g.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\gr3001_g.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\gr4005.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\gr4003.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\gr4001_g.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\gr4005.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\gr4001.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\gr4003.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\ia3002_1.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ia3002_2.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\hammer.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\lgc202.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\lgc202.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ia3002.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\lgc209.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\lgc207.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\lgc209.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\lgc291.ini - Ok

C:\WINDOWS\system32\xpssvcs.dll - Ok

C:\WINDOWS\system32\DirectX\Dinput\lgc291.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\lgc20a.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\lgc207.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms1b_03.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms1b_01.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms1b_05.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms1b_04.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms1b.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms1b_07.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms1b_06.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms1b_02.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms1b_09.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms1b_08.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms1b_10.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms26_01.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\lgc20a.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms26_02.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms26.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms26_03.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms26_06.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms26_05.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms26_08.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms26_07.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms26_04.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms1b.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms27.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms27_3.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms27_4.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms27_5.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms27_1.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms27_2.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms26.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms27.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms28_1.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms28_3.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms28_2.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms28_4.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms28.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms28_5.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms28_6.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms28_7.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms28_8.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms34_03.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms34_02.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms34_01.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms34.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms28.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms34_04.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms34_08.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms34_07.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms34_05.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms34_06.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms3b_1.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms34.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms3b_2.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms3b_4.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms3b_a.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms3b.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms3b_3.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms3b_t.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms3b_c.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms3b.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms56_10.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms3b_m.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms56.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms56_3.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms56_2.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms56_1.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms56_6.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms56_4.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms56_5.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms56_7.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms56_8.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms56_9.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms6_1.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms6_2.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms6_10.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms6_4.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms6_3.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms6_5.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms56.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms6.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms6_8.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms6_7.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms6_6.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms6_9.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms7_1.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms7_3.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms7_2.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms7.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms7_4.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms7.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms7_5.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms7_8.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms7_6.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms7_9.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms7_7.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms6.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms8_2.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms8_3.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms8_1.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms8_10.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms8.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms8_4.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms8_7.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms8_5.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms8_6.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms7_g.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms8_8.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms8_9.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\mse_1.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\mse.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms8.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\mse_2.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\mse_10.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\mse_3.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\mse_4.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\mse.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\mse_7.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\mse_5.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\mse_6.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\ms8_g.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\mse_8.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\msf1f_1.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\msf1f.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\mse_9.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\msf1f_2.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\msf1f_4.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\msf1f_3.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\msf1f_5.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\msf1f_7.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\msf1f_10.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\msf1f_8.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\msf1f_6.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\msf1f_9.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\msprw_1.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\msprw_2.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\msprw.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\msprw_3.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\msf1f.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\mse_g.ini - Ok

C:\WINDOWS\system32\DirectX\Dinput\msprw_4.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\msprw_5.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\msprw_6.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\msprw.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\msprw_7.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\msprw_8.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\SV-262e1.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\SV-262e3.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\sv2511.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\sv2512.png - Ok

C:\WINDOWS\system32\DirectX\Dinput\SV-262e4.png - Ok

C:\WINDOWS\system32\Macromed\Flash\FlashInstall.log - Ok

C:\WINDOWS\system32\Macromed\Flash\flashplayer.xpt - Ok

C:\WINDOWS\system32\DirectX\Dinput\raiderpd.ini - Ok

C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe - Ok

C:\WINDOWS\system32\Macromed\Flash\activex.vch - Ok

C:\WINDOWS\system32\Macromed\Flash\KB923789.inf - Ok

C:\WINDOWS\system32\Macromed\Flash\mms.cfg - Ok

C:\WINDOWS\system32\Macromed\Flash\genuinst.exe - Ok

C:\WINDOWS\system32\Macromed\Flash\plugin.vch - Ok

C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\80dbdd53-18cb-4d6d-abac-e5b3faf8c417 - Ok

C:\WINDOWS\system32\Microsoft\Protect\S-1-5-18\User\Preferred - Ok

C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.dll - Ok

C:\WINDOWS\system32\MsDtc\Trace\dtctrace.log - Ok

C:\WINDOWS\system32\MsDtc\MSDTC.LOG - Ok

C:\WINDOWS\system32\MsDtc\Trace\msdtcvtr.bat - Ok

C:\WINDOWS\system32\MsDtc\Trace\msdtctr.mof - Ok

C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\spcustom.dll.ref - Ok

C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\spmsg.dll.ref - Ok

C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\spupdsvc.exe.ref - Ok

C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_135_ActiveX.exe - Ok

C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\spuninst.exe.ref - Ok

C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_5_502_135_Plugin.exe - Ok

>C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll is BINARYRES container

>C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\updspapi.dll.ref - packed by BINARYRES

>>C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll\data001 - packed by BINARYRES

>>>C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll\data001 is WISE container

>>C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\updspapi.dll.ref - packed by MS COMPRESS

>>C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll\data002 is ZLIB container

C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll - container

C:\WINDOWS\system32\RTCOM\RTLCPAPI.dll - Ok

C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\updspapi.dll.ref - Ok

C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\machine.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\machine.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\machine.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\machine.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\pci.sys - Ok

C:\WINDOWS\system32\RTCOM\RTCOMDLL.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\machine.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\machine.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\machine.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\machine.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0002\DriverFiles\i386\pci.sys - Ok

C:\WINDOWS\system32\PreInstall\WinSE\wxp_x86_0409_v1\update.exe.ref - Ok

C:\WINDOWS\system32\ReinstallBackups\0003\DriverFiles\i386\pci.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\machine.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\pci.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\machine.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\machine.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\i386\pci.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\mshdc.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\machine.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0005\DriverFiles\machine.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\isapnp.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\mshdc.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\mshdc.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\pciidex.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\pciide.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\machine.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\mshdc.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\pciide.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\pciidex.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\usbport.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\usbport.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\hccoin.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\usbehci.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0008\DriverFiles\i386\atapi.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\usbport.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\usbport.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\usbhub.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\hccoin.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\usbehci.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\usbhub.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\usbui.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\cougME.cat - Ok

C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\cougme.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\cougme.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\cpu.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0009\DriverFiles\i386\usbport.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\cpu.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\usbui.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\cpu.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\cpu.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\cpu.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0012\DriverFiles\i386\intelppm.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\cpu.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0010\DriverFiles\i386\usbport.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0013\DriverFiles\i386\intelppm.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\cpu.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\cpu.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\hdaudbus.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\hdaudbus.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0014\DriverFiles\i386\intelppm.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0015\DriverFiles\i386\intelppm.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\machine.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\hdaudbus.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\hdaudbus.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0016\DriverFiles\machine.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\license.txt - Ok

C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nv4_disp.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nv4_disp.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0017\DriverFiles\hdaudbus.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0018\DriverFiles\hdaudbus.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\dbInstaller.exe - Ok

C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvapi.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nv4_mini.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nv4_disp.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvdata.bin - Ok

C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvcuvenc.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvdrsdb.bin - Ok

C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvcuda.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvinfo.pb - Ok

C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvdispco32.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvgenco32.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\OpenCL.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\nvhda.inf - Ok

>C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvcuvid.dll - packed by FLY-CODE

C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\nvhda.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\nvhda32.sys - Ok

>C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\nvhdap32.dll - packed by PESTUB

C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\nvgenco32.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\drmk.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\nvhdap32.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\ks.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\ksuser.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\ksproxy.ax - Ok

C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\stream.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\portcls.sys - Ok

>C:\WINDOWS\system32\Macromed\Flash\Flash32_11_5_502_135.ocx is BINARYRES container

>>C:\WINDOWS\system32\Macromed\Flash\Flash32_11_5_502_135.ocx\data001 - packed by BINARYRES

>>>C:\WINDOWS\system32\Macromed\Flash\Flash32_11_5_502_135.ocx\data001 is WISE container

C:\WINDOWS\system32\ReinstallBackups\0020\DriverFiles\i386\wdmaud.drv - Ok

>>C:\WINDOWS\system32\Macromed\Flash\Flash32_11_5_502_135.ocx\data002 is ZLIB container

C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvcompiler.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\nvhda.inf - Ok

C:\WINDOWS\system32\Macromed\Flash\Flash32_11_5_502_135.ocx - container

C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\nvhda.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\drmk.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\nvhda32.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\ks.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\ksuser.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\ksproxy.ax - Ok

C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\portcls.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\stream.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\i386\wdmaud.drv - Ok

C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\nvhda.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\nvhda.PNF - Ok

C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\nvgenco32.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\nvhda32.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvcuvid.dll - Ok

>C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\nvhdap32.dll - packed by PESTUB

C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\drmk.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\ks.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\ksuser.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\ksproxy.ax - Ok

C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\stream.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\wdmaud.drv - Ok

C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\i386\portcls.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\nvhda.inf - Ok

C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\nvhda.PNF - Ok

>C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\nvhdap32.dll - packed by PESTUB

C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\nvgenco32.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\nvhda32.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\drmk.sys - Ok

>C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\nvhdap32.dll - packed by PESTUB

C:\WINDOWS\system32\ReinstallBackups\0021\DriverFiles\nvhdap32.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\nvgenco32.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\ks.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\ksuser.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\ksproxy.ax - Ok

C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\stream.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\nvhdap32.dll - Ok

C:\WINDOWS\system32\Restore\MachineGuid.txt - Ok

C:\WINDOWS\system32\Restore\filelist.xml - Ok

C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\portcls.sys - Ok

C:\WINDOWS\system32\ReinstallBackups\0023\DriverFiles\i386\wdmaud.drv - Ok

C:\WINDOWS\system32\Restore\srframe.mmf - Ok

C:\WINDOWS\system32\Restore\srdiag.exe - Ok

C:\WINDOWS\system32\Setup\fp40ext.dll - Ok

C:\WINDOWS\system32\ReinstallBackups\0022\DriverFiles\nvhdap32.dll - Ok

C:\WINDOWS\system32\Setup\fsconins.dll - Ok

>C:\WINDOWS\system32\Restore\rstrui.exe is BINARYRES container

>>C:\WINDOWS\system32\Restore\rstrui.exe\data001 is JS-HTML container

>>C:\WINDOWS\system32\Restore\rstrui.exe\data002 is JS-HTML container

>>C:\WINDOWS\system32\Restore\rstrui.exe\data003 is JS-HTML container

>>C:\WINDOWS\system32\Restore\rstrui.exe\data005 is JS-HTML container

C:\WINDOWS\system32\Setup\imsinsnt.dll - Ok

C:\WINDOWS\system32\Setup\fxsocm.dll - Ok

>>C:\WINDOWS\system32\Restore\rstrui.exe\data006 is JS-HTML container

>C:\WINDOWS\system32\Setup\koc.dll - packed by FLY-CODE

C:\WINDOWS\system32\Setup\comsetup.dll - Ok

>>C:\WINDOWS\system32\Restore\rstrui.exe\data009 is JS-HTML container

>>C:\WINDOWS\system32\Restore\rstrui.exe\data010 is JS-HTML container

C:\WINDOWS\system32\Setup\koc.dll - Ok

>>C:\WINDOWS\system32\Restore\rstrui.exe\data011 is JS-HTML container

C:\WINDOWS\system32\Restore\rstrui.exe - container

C:\WINDOWS\system32\Setup\msgrocm.dll - Ok

C:\WINDOWS\system32\Setup\msdtcstp.dll - Ok

C:\WINDOWS\system32\Setup\ocgen.dll - Ok

C:\WINDOWS\system32\Setup\ntoc.dll - Ok

C:\WINDOWS\system32\Setup\netoc.dll - Ok

C:\WINDOWS\system32\Setup\iis.dll - Ok

C:\WINDOWS\system32\Setup\ocmsn.dll - Ok

C:\WINDOWS\system32\Setup\zoneoc.dll - Ok

C:\WINDOWS\system32\Setup\startoc.dll - Ok

C:\WINDOWS\system32\Setup\setupqry.dll - Ok

C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.4.7600.226\wups.dll - Ok

C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups2.dll\7.6.7600.256\wups2.dll - Ok

C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wups.dll\7.6.7600.256\wups.dll - Ok

C:\WINDOWS\system32\XPSViewer\en-US\XPSViewer.exe.mui - Ok

C:\WINDOWS\system32\XPSViewer\XPSViewerManifest.xml - Ok

>C:\WINDOWS\system32\cache\0025579d476751f2.fb is JS-HTML container

C:\WINDOWS\system32\Setup\tsoc.dll - Ok

C:\WINDOWS\system32\cache\0025579d476751f2.fb - container

C:\WINDOWS\system32\cache\287204568329e189.fb - Ok

C:\WINDOWS\system32\cache\272512937d9e61a4.fb - Ok

C:\WINDOWS\system32\cache\31a0997e9a5b5eb3.fb - Ok

C:\WINDOWS\system32\cache\28bc8f716fd76a47.fb - Ok

C:\WINDOWS\system32\cache\3917078cb68ec657.fb - Ok

C:\WINDOWS\system32\cache\32c84fe32bb74d60.fb - Ok

C:\WINDOWS\system32\cache\590ba23ce359fd0c.fb - Ok

C:\WINDOWS\system32\cache\610289e025a3ee9a.fb - Ok

C:\WINDOWS\system32\cache\6c59ac5e7e7a3ad0.fb - Ok

C:\WINDOWS\system32\cache\6d03dad1035885d3.fb - Ok

C:\WINDOWS\system32\cache\651c5d3cdbfb8bd1.fb - Ok

C:\WINDOWS\system32\cache\ad10a52aff5e038d.fb - Ok

C:\WINDOWS\system32\cache\c1fa887b03019701.fb - Ok

C:\WINDOWS\system32\cache\c4d28dca2e7648be.fb - Ok

C:\WINDOWS\system32\cache\a8556537add6dfc5.fb - Ok

C:\WINDOWS\system32\cache\d2e94710a5708128.fb - Ok

C:\WINDOWS\system32\cache\d79b9dfe81484ec4.fb - Ok

C:\WINDOWS\system32\cache\d201ef9910cd39de.fb - Ok

C:\WINDOWS\system32\XPSViewer\XPSViewer.exe - Ok

C:\WINDOWS\system32\config\default - read error

C:\WINDOWS\system32\config\default.LOG - read error

C:\WINDOWS\system32\config\AppEvent.Evt - Ok

C:\WINDOWS\system32\config\default.sav - Ok

C:\WINDOWS\system32\config\Doctor Web.evt - Ok

C:\WINDOWS\system32\config\SAM - read error

C:\WINDOWS\system32\config\SAM.LOG - read error

C:\WINDOWS\system32\cache\f998975c9cc711ee.fb - Ok

C:\WINDOWS\system32\config\SECURITY - read error

C:\WINDOWS\system32\config\SECURITY.LOG - read error

C:\WINDOWS\system32\config\software - read error

C:\WINDOWS\system32\config\software.LOG - read error

C:\WINDOWS\system32\config\Internet.evt - Ok

C:\WINDOWS\system32\config\SecEvent.Evt - Ok

C:\WINDOWS\system32\config\system - read error

C:\WINDOWS\system32\config\system.LOG - read error

C:\WINDOWS\system32\config\software.sav - Ok

C:\WINDOWS\system32\config\system.sav - Ok

C:\WINDOWS\system32\config\TempKey.LOG - Ok

C:\WINDOWS\system32\config\userdiff.LOG - Ok

C:\WINDOWS\system32\config\SysEvent.Evt - Ok

C:\WINDOWS\system32\config\WindowsPowerShell.evt - Ok

C:\WINDOWS\system32\config\userdiff - Ok

C:\WINDOWS\system32\config\systemprofile\Application Data\desktop.ini - Ok

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\2BF68F4714092295550497DD56F57004 - Ok

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\60E31627FDA0A46932B0E5948949F2A5 - Ok

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\62B5AF9BE9ADC1085C3C56EC07A82BF6 - Ok

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\74BFD122C0875EC75DBE5C6DB4C59019 - Ok

C:\WINDOWS\system32\SoftwareDistribution\Setup\ServiceStartup\wuapi.dll\7.4.7600.226\wuapi.dll - Ok

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\12236C41CDDF9E40BA5606CDF086B821 - Ok

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\8DFDF057024880D7A081AFBF6D26B92F - Ok

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\E04822AD18D472EA5B582E6E6F8C6B9A - Ok

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\7B2238AACCEDC3F1FFE8E7EB5F575EC9 - Ok

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\12236C41CDDF9E40BA5606CDF086B821 - Ok

>C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015 is CAB archive

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015 - Ok

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\2BF68F4714092295550497DD56F57004 - Ok

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015 - archive

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\60E31627FDA0A46932B0E5948949F2A5 - Ok

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\74BFD122C0875EC75DBE5C6DB4C59019 - Ok

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\62B5AF9BE9ADC1085C3C56EC07A82BF6 - Ok

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\7B2238AACCEDC3F1FFE8E7EB5F575EC9 - Ok

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\8DFDF057024880D7A081AFBF6D26B92F - Ok

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015 - Ok

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\CryptnetUrlCache\MetaData\E04822AD18D472EA5B582E6E6F8C6B9A - Ok

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.bak - Ok

C:\WINDOWS\system32\config\systemprofile\Application Data\Microsoft\Internet Explorer\brndlog.txt - Ok

C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat - Ok

C:\WINDOWS\system32\config\systemprofile\IETldCache\index.dat - Ok

C:\WINDOWS\system32\config\systemprofile\Local Settings\desktop.ini - Ok

C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.DTD - Ok

C:\WINDOWS\system32\config\systemprofile\Local Settings\History\desktop.ini - Ok

C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\desktop.ini - Ok

C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat - Ok

C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012012123020121231\index.dat - Ok

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\chrome_installer.log - Ok

C:\WINDOWS\system32\bits\qmgr.dll - Ok

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\desktop.ini - Ok

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini - Ok

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat - Ok

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\G1MFG5MJ\desktop.ini - Ok

C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Windows Media\9.0\WMSDKNS.XML - Ok

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\GPQVOLUV\desktop.ini - Ok

C:\WINDOWS\system32\config\systemprofile\SendTo\Compressed (zipped) Folder.ZFSendToTarget - Ok

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\SDQBS523\desktop.ini - Ok

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\S1ERC9YR\desktop.ini - Ok

C:\WINDOWS\system32\config\systemprofile\SendTo\Desktop (create shortcut).DeskLink - Ok

C:\WINDOWS\system32\config\systemprofile\SendTo\Mail Recipient.MAPIMail - Ok

C:\WINDOWS\system32\config\systemprofile\Start Menu\desktop.ini - Ok

C:\WINDOWS\system32\config\systemprofile\SendTo\desktop.ini - Ok

C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\desktop.ini - Ok

C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012012122920121230\index.dat - Ok

C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\desktop.ini - Ok

C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Windows Media Player.lnk - Ok

C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Program Compatibility Wizard.lnk - Ok

C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Remote Assistance.lnk - Ok

C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Command Prompt.lnk - Ok

C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Notepad.lnk - Ok

C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\desktop.ini - Ok

C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Windows Explorer.lnk - Ok

C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_59R.wmdb - Ok

C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Synchronize.lnk - Ok

C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Tour Windows XP.lnk - Ok

C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\Magnifier.lnk - Ok

C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\desktop.ini - Ok

C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini - Ok

C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk - Ok

C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk - Ok

C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Entertainment\Windows Media Player.lnk - Ok

C:\WINDOWS\system32\config\systemprofile\Templates\amipro.sam - Ok

C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Accessories\Accessibility\Utility Manager.lnk - Ok

C:\WINDOWS\system32\config\systemprofile\Templates\excel.xls - Ok

C:\WINDOWS\system32\config\systemprofile\Templates\presenta.shw - Ok

C:\WINDOWS\system32\config\systemprofile\Templates\sndrec.wav - Ok

C:\WINDOWS\system32\config\systemprofile\Templates\winword.doc - Ok

C:\WINDOWS\system32\config\systemprofile\Templates\quattro.wb2 - Ok

C:\WINDOWS\system32\config\systemprofile\Templates\excel4.xls - Ok

C:\WINDOWS\system32\config\systemprofile\Templates\lotus.wk4 - Ok

C:\WINDOWS\system32\config\systemprofile\Templates\winword2.doc - Ok

C:\WINDOWS\system32\config\systemprofile\Templates\powerpnt.ppt - Ok

C:\WINDOWS\system32\config\systemprofile\Templates\wordpfct.wpg - Ok

C:\WINDOWS\system32\config\systemprofile\Templates\wordpfct.wpd - Ok

C:\WINDOWS\system32\dllcache\12520850.cpx - Ok

C:\WINDOWS\system32\dllcache\1394vdbg.sys - Ok

C:\WINDOWS\system32\dllcache\12520437.cpx - Ok

C:\WINDOWS\system32\dllcache\1394bus.sys - Ok

C:\WINDOWS\system32\dllcache\4mmdat.sys - Ok

C:\WINDOWS\system32\dllcache\61883.sys - Ok

C:\WINDOWS\system32\dllcache\8514a.dll - Ok

C:\WINDOWS\system32\dllcache\6to4svc.dll - Ok

C:\WINDOWS\system32\dllcache\3dfxvsm.sys - Ok

C:\WINDOWS\system32\dllcache\aaaamon.dll - Ok

C:\WINDOWS\system32\dllcache\a3d.dll - Ok

C:\WINDOWS\system32\dllcache\abp480n5.sys - Ok

C:\WINDOWS\system32\dllcache\aaclient.dll - Ok

C:\WINDOWS\system32\dllcache\3dfxvs.dll - Ok

C:\WINDOWS\system32\dllcache\ac97ali.sys - Ok

C:\WINDOWS\system32\dllcache\ac97intc.sys - Ok

C:\WINDOWS\system32\dllcache\ac97via.sys - Ok

C:\WINDOWS\system32\dllcache\a3dapi.dll - Ok

C:\WINDOWS\system32\dllcache\acctres.dll - Ok

C:\WINDOWS\system32\dllcache\ac97sis.sys - Ok

C:\WINDOWS\system32\dllcache\3cwmcru.sys - Ok

C:\WINDOWS\system32\dllcache\access.cpl - Ok

C:\WINDOWS\system32\dllcache\acerscad.dll - Ok

C:\WINDOWS\system32\dllcache\accwiz.exe - Ok

C:\WINDOWS\system32\ReinstallBackups\0019\DriverFiles\nvoglnt.dll - Ok

C:\WINDOWS\system32\dllcache\acledit.dll - Ok

C:\WINDOWS\system32\dllcache\acpiec.sys - Ok

C:\WINDOWS\system32\dllcache\aclua.dll - Ok

C:\WINDOWS\system32\dllcache\acpi.sys - Ok

C:\WINDOWS\system32\dllcache\aclui.dll - Ok

C:\WINDOWS\system32\dllcache\actmovie.exe - Ok

C:\WINDOWS\system32\dllcache\activeds.tlb - Ok

C:\WINDOWS\system32\dllcache\activeds.dll - Ok

C:\WINDOWS\system32\dllcache\actxprxy.dll - Ok

C:\WINDOWS\system32\dllcache\adicvls.sys - Ok

C:\WINDOWS\system32\dllcache\adm8511.sys - Ok

C:\WINDOWS\system32\dllcache\aclayers.dll - Ok

C:\WINDOWS\system32\dllcache\acxtrnal.dll - Ok

C:\WINDOWS\system32\dllcache\acspecfc.dll - Ok

C:\WINDOWS\system32\dllcache\admin.dll - Ok

C:\WINDOWS\system32\dllcache\admin.exe - Ok

C:\WINDOWS\system32\dllcache\admjoy.sys - Ok

>C:\WINDOWS\system32\dllcache\admparse.dll - packed by FLY-CODE

C:\WINDOWS\system32\dllcache\adptif.dll - Ok

C:\WINDOWS\system32\dllcache\adm8820.sys - Ok

C:\WINDOWS\system32\dllcache\adm8810.sys - Ok

C:\WINDOWS\system32\dllcache\adptsf50.sys - Ok

C:\WINDOWS\system32\dllcache\admparse.dll - Ok

C:\WINDOWS\system32\dllcache\adpu160m.sys - Ok

C:\WINDOWS\system32\dllcache\adm8830.sys - Ok

C:\WINDOWS\system32\dllcache\adsmsext.dll - Ok

C:\WINDOWS\system32\dllcache\adv01nt5.dll - Ok

C:\WINDOWS\system32\dllcache\adv02nt5.dll - Ok

C:\WINDOWS\system32\dllcache\adsldpc.dll - Ok

C:\WINDOWS\system32\dllcache\adv07nt5.dll - Ok

C:\WINDOWS\system32\dllcache\adv05nt5.dll - Ok

C:\WINDOWS\system32\dllcache\adsldp.dll - Ok

C:\WINDOWS\system32\dllcache\adv09nt5.dll - Ok

C:\WINDOWS\system32\dllcache\adv11nt5.dll - Ok

C:\WINDOWS\system32\dllcache\adv08nt5.dll - Ok

C:\WINDOWS\system32\dllcache\adsnt.dll - Ok

C:\WINDOWS\system32\dllcache\aec.sys - Ok

C:\WINDOWS\system32\dllcache\advpack.dll - Ok

C:\WINDOWS\system32\dllcache\agcgauge.ax - Ok

C:\WINDOWS\system32\dllcache\acgenral.dll - Ok

C:\WINDOWS\system32\dllcache\afd.sys - Ok

C:\WINDOWS\system32\dllcache\agentanm.dll - Ok

C:\WINDOWS\system32\dllcache\agentdp2.dll - Ok

C:\WINDOWS\system32\dllcache\agentpsh.dll - Ok

C:\WINDOWS\system32\dllcache\agentmpx.dll - Ok

C:\WINDOWS\system32\dllcache\agentdpv.dll - Ok

C:\WINDOWS\system32\dllcache\agentctl.dll - Ok

C:\WINDOWS\system32\dllcache\advapi32.dll - Ok

C:\WINDOWS\system32\dllcache\agentsr.dll - Ok

C:\WINDOWS\system32\dllcache\agp440.sys - Ok

C:\WINDOWS\system32\dllcache\agpcpq.sys - Ok

C:\WINDOWS\system32\dllcache\agt0401.dll - Ok

C:\WINDOWS\system32\dllcache\agt0404.dll - Ok

C:\WINDOWS\system32\dllcache\agt0405.dll - Ok

C:\WINDOWS\system32\dllcache\agt0406.dll - Ok

C:\WINDOWS\system32\dllcache\agt0407.dll - Ok

C:\WINDOWS\system32\dllcache\agt0408.dll - Ok

C:\WINDOWS\system32\dllcache\agt0409.dll - Ok

C:\WINDOWS\system32\dllcache\agt040b.dll - Ok

C:\WINDOWS\system32\dllcache\agt040d.dll - Ok

C:\WINDOWS\system32\dllcache\agt040e.dll - Ok

C:\WINDOWS\system32\dllcache\agt0411.dll - Ok

C:\WINDOWS\system32\dllcache\agt0410.dll - Ok

C:\WINDOWS\system32\dllcache\agt040c.dll - Ok

C:\WINDOWS\system32\dllcache\agt0412.dll - Ok

C:\WINDOWS\system32\dllcache\agt0413.dll - Ok

C:\WINDOWS\system32\dllcache\agt0419.dll - Ok

C:\WINDOWS\system32\dllcache\agt0415.dll - Ok

C:\WINDOWS\system32\dllcache\agt0416.dll - Ok

C:\WINDOWS\system32\dllcache\agt0414.dll - Ok

C:\WINDOWS\system32\dllcache\agt041f.dll - Ok

C:\WINDOWS\system32\dllcache\agentsvr.exe - Ok

C:\WINDOWS\system32\dllcache\agt041d.dll - Ok

C:\WINDOWS\system32\dllcache\agt0816.dll - Ok

C:\WINDOWS\system32\dllcache\agt0c0a.dll - Ok

C:\WINDOWS\system32\dllcache\agtctl15.tlb - Ok

C:\WINDOWS\system32\dllcache\agt0804.dll - Ok

C:\WINDOWS\system32\dllcache\aha154x.sys - Ok

C:\WINDOWS\system32\dllcache\agtintl.dll - Ok

C:\WINDOWS\system32\dllcache\aic78u2.sys - Ok

C:\WINDOWS\system32\dllcache\aliide.sys - Ok

C:\WINDOWS\system32\dllcache\ali5261.sys - Ok

C:\WINDOWS\system32\dllcache\alifir.sys - Ok

C:\WINDOWS\system32\dllcache\aic78xx.sys - Ok

C:\WINDOWS\system32\dllcache\alrsvc.dll - Ok

C:\WINDOWS\system32\dllcache\amb8002.sys - Ok

C:\WINDOWS\system32\dllcache\alim1541.sys - Ok

C:\WINDOWS\system32\dllcache\alg.exe - Ok

C:\WINDOWS\system32\dllcache\amdagp.sys - Ok

C:\WINDOWS\system32\dllcache\ahui.exe - Ok

C:\WINDOWS\system32\dllcache\amsint.sys - Ok

C:\WINDOWS\system32\dllcache\amdk7.sys - Ok

C:\WINDOWS\system32\dllcache\amdk6.sys - Ok

C:\WINDOWS\system32\dllcache\an983.sys - Ok

C:\WINDOWS\system32\dllcache\ansi.sys - Ok

C:\WINDOWS\system32\dllcache\apmbatt.sys - Ok

C:\WINDOWS\system32\dllcache\append.exe - Ok

C:\WINDOWS\system32\dllcache\amstream.dll - Ok

>C:\WINDOWS\system32\dllcache\apps.chm is CHM container

C:\WINDOWS\system32\dllcache\apph_sp.sdb - Ok

C:\WINDOWS\system32\dllcache\apphelp.sdb - Ok

C:\WINDOWS\system32\dllcache\apcups.dll - Ok

C:\WINDOWS\system32\dllcache\apphelp.dll - Ok

C:\WINDOWS\system32\dllcache\archvapp.inf - Ok

C:\WINDOWS\system32\dllcache\arp.exe - Ok

C:\WINDOWS\system32\dllcache\arp1394.sys - Ok

C:\WINDOWS\system32\dllcache\asc.sys - Ok

C:\WINDOWS\system32\dllcache\asc3350p.sys - Ok

C:\WINDOWS\system32\dllcache\asferror.dll - Ok

C:\WINDOWS\system32\dllcache\asc3550.sys - Ok

C:\WINDOWS\system32\dllcache\aspndis3.sys - Ok

C:\WINDOWS\system32\dllcache\asycfilt.dll - Ok

C:\WINDOWS\system32\dllcache\asctrls.ocx - Ok

C:\WINDOWS\system32\dllcache\asyncmac.sys - Ok

C:\WINDOWS\system32\dllcache\aqueue.dll - Ok

C:\WINDOWS\system32\dllcache\at.exe - Ok

C:\WINDOWS\system32\dllcache\atapi.sys - Ok

C:\WINDOWS\system32\dllcache\ati1mdxx.sys - Ok

C:\WINDOWS\system32\dllcache\ati1btxx.sys - Ok

C:\WINDOWS\system32\dllcache\ati.dll - Ok

C:\WINDOWS\system32\dllcache\ati.sys - Ok

>C:\WINDOWS\system32\dllcache\appwiz.cpl is BINARYRES container

>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data001 is JS-HTML container

C:\WINDOWS\system32\dllcache\ati1pdxx.sys - Ok

C:\WINDOWS\system32\dllcache\ati1snxx.sys - Ok

C:\WINDOWS\system32\dllcache\ati1raxx.sys - Ok

>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data003 is JS-HTML container

C:\WINDOWS\system32\dllcache\ati1rvxx.sys - Ok

>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data004 is JS-HTML container

C:\WINDOWS\system32\dllcache\ati1ttxx.sys - Ok

>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data006 is JS-HTML container

>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data008 is JS-HTML container

C:\WINDOWS\system32\dllcache\ati1xsxx.sys - Ok

C:\WINDOWS\system32\dllcache\ati1xbxx.sys - Ok

C:\WINDOWS\system32\dllcache\ati1tuxx.sys - Ok

>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data009 is JS-HTML container

>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data011 is JS-HTML container

>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data012 is JS-HTML container

>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data014 is JS-HTML container

C:\WINDOWS\system32\dllcache\ati2cqag.dll - Ok

>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data015 is JS-HTML container

>>C:\WINDOWS\system32\dllcache\appwiz.cpl\data016 is JS-HTML container

C:\WINDOWS\system32\dllcache\appwiz.cpl - container

C:\WINDOWS\system32\dllcache\ati2dvag.dll - Ok

C:\WINDOWS\system32\dllcache\ati2dvaa.dll - Ok

C:\WINDOWS\system32\dllcache\atibt829.sys - Ok

C:\WINDOWS\system32\dllcache\ati2mtaa.sys - Ok

C:\WINDOWS\system32\dllcache\atidrae.dll - Ok

C:\WINDOWS\system32\dllcache\atidrab.dll - Ok

C:\WINDOWS\system32\dllcache\atidvai.dll - Ok

C:\WINDOWS\system32\dllcache\ati2mtag.sys - Ok

C:\WINDOWS\system32\dllcache\ati3d1ag.dll - Ok

C:\WINDOWS\system32\dllcache\atimpae.sys - Ok

C:\WINDOWS\system32\dllcache\atinbtxx.sys - Ok

C:\WINDOWS\system32\dllcache\atimpab.sys - Ok

C:\WINDOWS\system32\dllcache\atievxx.exe - Ok

C:\WINDOWS\system32\dllcache\atimtai.sys - Ok

C:\WINDOWS\system32\dllcache\atinmdxx.sys - Ok

C:\WINDOWS\system32\dllcache\atinpdxx.sys - Ok

C:\WINDOWS\system32\dllcache\atinraxx.sys - Ok

C:\WINDOWS\system32\dllcache\atinttxx.sys - Ok

C:\WINDOWS\system32\dllcache\atinsnxx.sys - Ok

C:\WINDOWS\system32\dllcache\atintuxx.sys - Ok

C:\WINDOWS\system32\dllcache\atinrvxx.sys - Ok

C:\WINDOWS\system32\dllcache\atinxbxx.sys - Ok

C:\WINDOWS\system32\dllcache\atipcxxx.sys - Ok

C:\WINDOWS\system32\dllcache\atiraged.dll - Ok

C:\WINDOWS\system32\dllcache\atinxsxx.sys - Ok

C:\WINDOWS\system32\dllcache\ati3duag.dll - Ok

C:\WINDOWS\system32\dllcache\atirtsnd.sys - Ok

C:\WINDOWS\system32\dllcache\atirtcap.sys - Ok

C:\WINDOWS\system32\dllcache\atiragem.sys - Ok

C:\WINDOWS\system32\dllcache\atitunep.sys - Ok

C:\WINDOWS\system32\dllcache\atitvsnd.sys - Ok

C:\WINDOWS\system32\dllcache\ativmvxx.ax - Ok

C:\WINDOWS\system32\dllcache\ativmdcd.sys - Ok

C:\WINDOWS\system32\dllcache\ativdaxx.ax - Ok

C:\WINDOWS\system32\dllcache\ativttxx.sys - Ok

C:\WINDOWS\system32\dllcache\ativtmxx.dll - Ok

C:\WINDOWS\system32\dllcache\atixbar.sys - Ok

C:\WINDOWS\system32\dllcache\ativxbar.sys - Ok

C:\WINDOWS\system32\dllcache\atkctrs.dll - Ok

C:\WINDOWS\system32\dllcache\atmadm.exe - Ok

C:\WINDOWS\system32\dllcache\atl.dll - Ok

C:\WINDOWS\system32\dllcache\atmepvc.sys - Ok

C:\WINDOWS\system32\dllcache\atmarpc.sys - Ok

C:\WINDOWS\system32\dllcache\atmlane.sys - Ok

C:\WINDOWS\system32\dllcache\atmpvcno.dll - Ok

C:\WINDOWS\system32\dllcache\atmlib.dll - Ok

C:\WINDOWS\system32\dllcache\atrace.dll - Ok

C:\WINDOWS\system32\dllcache\attrib.exe - Ok

C:\WINDOWS\system32\dllcache\atmfd.dll - Ok

C:\WINDOWS\system32\dllcache\atv01nt5.dll - Ok

C:\WINDOWS\system32\dllcache\ativvaxx.dll - Ok

C:\WINDOWS\system32\dllcache\atv02nt5.dll - Ok

C:\WINDOWS\system32\dllcache\atv04nt5.dll - Ok

C:\WINDOWS\system32\dllcache\atv06nt5.dll - Ok

C:\WINDOWS\system32\dllcache\atv10nt5.dll - Ok

C:\WINDOWS\system32\dllcache\auditusr.exe - Ok

C:\WINDOWS\system32\dllcache\atmuni.sys - Ok

C:\WINDOWS\system32\dllcache\audstub.sys - Ok

C:\WINDOWS\system32\dllcache\author.dll - Ok

C:\WINDOWS\system32\dllcache\audiosrv.dll - Ok

C:\WINDOWS\system32\dllcache\author.exe - Ok

C:\WINDOWS\system32\dllcache\authz.dll - Ok

C:\WINDOWS\system32\dllcache\autodisc.dll - Ok

>C:\WINDOWS\system32\dllcache\autolfn.exe - packed by FLY-CODE

C:\WINDOWS\system32\dllcache\avc.sys - Ok

C:\WINDOWS\system32\dllcache\avcaudio.sys - Ok

C:\WINDOWS\system32\dllcache\avcstrm.sys - Ok

C:\WINDOWS\system32\dllcache\autofmt.exe - Ok

C:\WINDOWS\system32\dllcache\avicap.dll - Ok

C:\WINDOWS\system32\dllcache\autochk.exe - Ok

C:\WINDOWS\system32\dllcache\avifile.dll - Ok

C:\WINDOWS\system32\dllcache\autoconv.exe - Ok

C:\WINDOWS\system32\dllcache\avifil32.dll - Ok

C:\WINDOWS\system32\dllcache\avicap32.dll - Ok

C:\WINDOWS\system32\dllcache\avmeter.dll - Ok

C:\WINDOWS\system32\dllcache\avmwan.sys - Ok

C:\WINDOWS\system32\dllcache\avmcoxp.dll - Ok

C:\WINDOWS\system32\dllcache\avwav.dll - Ok

C:\WINDOWS\system32\dllcache\avmenum.dll - Ok

C:\WINDOWS\system32\dllcache\aztw2320.sys - Ok

C:\WINDOWS\system32\dllcache\azroles.dll - Ok

C:\WINDOWS\system32\dllcache\avtapi.dll - Ok

C:\WINDOWS\system32\dllcache\b57xp32.sys - Ok

C:\WINDOWS\system32\dllcache\b1cbase.sys - Ok

C:\WINDOWS\system32\dllcache\banshee.sys - Ok

C:\WINDOWS\system32\dllcache\basesrv.dll - Ok

C:\WINDOWS\system32\dllcache\battc.sys - Ok

C:\WINDOWS\system32\dllcache\batt.dll - Ok

C:\WINDOWS\system32\dllcache\autolfn.exe - Ok

C:\WINDOWS\system32\dllcache\banshee.dll - Ok

C:\WINDOWS\system32\dllcache\batmeter.dll - Ok

C:\WINDOWS\system32\dllcache\bckg.dll - Ok

C:\WINDOWS\system32\dllcache\bcm42u.sys - Ok

C:\WINDOWS\system32\dllcache\bcm42xx5.sys - Ok

C:\WINDOWS\system32\dllcache\bcm4e5.sys - Ok

C:\WINDOWS\system32\dllcache\bckgzm.exe - Ok

C:\WINDOWS\system32\dllcache\bdasup.sys - Ok

C:\WINDOWS\system32\dllcache\beep.sys - Ok

C:\WINDOWS\system32\dllcache\bdaplgin.ax - Ok

C:\WINDOWS\system32\dllcache\big5.nls - Ok

C:\WINDOWS\system32\dllcache\apps.chm - container

C:\WINDOWS\system32\dllcache\bidispl.dll - Ok

C:\WINDOWS\system32\dllcache\bitsprx4.dll - Ok

C:\WINDOWS\system32\dllcache\bitsprx3.dll - Ok

C:\WINDOWS\system32\dllcache\bitsprx2.dll - Ok

C:\WINDOWS\system32\dllcache\bktrh.gif - Ok

C:\WINDOWS\system32\dllcache\binlsvc.dll - Ok

C:\WINDOWS\system32\dllcache\blastcln.exe - Ok

C:\WINDOWS\system32\dllcache\blue_ss.dll - Ok

C:\WINDOWS\system32\dllcache\bootok.exe - Ok

C:\WINDOWS\system32\dllcache\bootvid.dll - Ok

C:\WINDOWS\system32\dllcache\bnts.dll - Ok

C:\WINDOWS\system32\dllcache\bootvrfy.exe - Ok

C:\WINDOWS\system32\dllcache\blackbox.dll - Ok

C:\WINDOWS\system32\dllcache\bopomofo.nls - Ok

C:\WINDOWS\system32\dllcache\brbidiif.dll - Ok

C:\WINDOWS\system32\dllcache\brcoinst.dll - Ok

C:\WINDOWS\system32\dllcache\brfilt.sys - Ok

C:\WINDOWS\system32\dllcache\brevif.dll - Ok

C:\WINDOWS\system32\dllcache\brfiltup.sys - Ok

C:\WINDOWS\system32\dllcache\brfiltlo.sys - Ok

C:\WINDOWS\system32\dllcache\brmfbidi.dll - Ok

C:\WINDOWS\system32\dllcache\bridge.sys - Ok

C:\WINDOWS\system32\dllcache\brmflpt.dll - Ok

C:\WINDOWS\system32\dllcache\brmfcwia.dll - Ok

>C:\WINDOWS\system32\dllcache\browselc.dll is BINARYRES container

C:\WINDOWS\system32\dllcache\brmfusb.dll - Ok

>>C:\WINDOWS\system32\dllcache\browselc.dll\data004 is JS-HTML container

>>C:\WINDOWS\system32\dllcache\browselc.dll\data008 is JS-HTML container

>>C:\WINDOWS\system32\dllcache\browselc.dll\data012 is JS-HTML container

>>C:\WINDOWS\system32\dllcache\browselc.dll\data013 is ZLIB container

C:\WINDOWS\system32\dllcache\browselc.dll - container

>C:\WINDOWS\system32\dllcache\bcmdm.sys - packed by FLY-CODE

C:\WINDOWS\system32\dllcache\browser.dll - Ok

C:\WINDOWS\system32\dllcache\brmfrsmg.exe - Ok

C:\WINDOWS\system32\dllcache\brparimg.sys - Ok

C:\WINDOWS\system32\dllcache\browsewm.dll - Ok

C:\WINDOWS\system32\dllcache\brpinfo.dll - Ok

C:\WINDOWS\system32\dllcache\brparwdm.sys - Ok

C:\WINDOWS\system32\dllcache\brscnrsm.dll - Ok

C:\WINDOWS\system32\dllcache\bckgres.dll - Ok

>C:\WINDOWS\system32\dllcache\brserif.dll - packed by FLY-CODE

C:\WINDOWS\system32\dllcache\brusbmdm.sys - Ok

C:\WINDOWS\system32\dllcache\brserwdm.sys - Ok

C:\WINDOWS\system32\dllcache\brusbscn.sys - Ok

C:\WINDOWS\system32\dllcache\brserif.dll - Ok

C:\WINDOWS\system32\dllcache\brzwlan.sys - Ok

C:\WINDOWS\system32\dllcache\bthci.dll - Ok

C:\WINDOWS\system32\dllcache\bthenum.sys - Ok

C:\WINDOWS\system32\dllcache\bthmodem.sys - Ok

C:\WINDOWS\system32\dllcache\bthprint.sys - Ok

C:\WINDOWS\system32\dllcache\bthpan.sys - Ok

C:\WINDOWS\system32\dllcache\bthserv.dll - Ok

C:\WINDOWS\system32\dllcache\bthusb.sys - Ok

C:\WINDOWS\system32\dllcache\bthprops.cpl - Ok

C:\WINDOWS\system32\dllcache\bcmdm.sys - Ok

C:\WINDOWS\system32\dllcache\bulltlp3.sys - Ok

C:\WINDOWS\system32\dllcache\bthport.sys - Ok

C:\WINDOWS\system32\dllcache\browseui.dll - Ok

C:\WINDOWS\system32\dllcache\cabinet.dll - Ok

C:\WINDOWS\system32\dllcache\cacls.exe - Ok

C:\WINDOWS\system32\dllcache\cabview.dll - Ok

C:\WINDOWS\system32\dllcache\btpanui.dll - Ok

C:\WINDOWS\system32\dllcache\camexo20.ax - Ok

C:\WINDOWS\system32\dllcache\camdro21.sys - Ok

C:\WINDOWS\system32\dllcache\camdrv21.sys - Ok

C:\WINDOWS\system32\dllcache\camdrv30.sys - Ok

C:\WINDOWS\system32\dllcache\calc.exe - Ok

C:\WINDOWS\system32\dllcache\camexo20.dll - Ok

C:\WINDOWS\system32\dllcache\callcont.dll - Ok

C:\WINDOWS\system32\dllcache\camext30.ax - Ok

C:\WINDOWS\system32\dllcache\camext30.dll - Ok

C:\WINDOWS\system32\dllcache\camocx.dll - Ok

C:\WINDOWS\system32\dllcache\camext20.ax - Ok

C:\WINDOWS\system32\dllcache\cap7146.sys - Ok

C:\WINDOWS\system32\dllcache\camext20.dll - Ok

C:\WINDOWS\system32\dllcache\cb102.sys - Ok

C:\WINDOWS\system32\dllcache\catsrvps.dll - Ok

C:\WINDOWS\system32\dllcache\capesnpn.dll - Ok

>C:\WINDOWS\system32\dllcache\cb32.exe - packed by FLY-CODE

C:\WINDOWS\system32\dllcache\cb325.sys - Ok

C:\WINDOWS\system32\dllcache\cb32.exe - Ok

C:\WINDOWS\system32\dllcache\cben5.sys - Ok

C:\WINDOWS\system32\dllcache\cbidf2k.sys - Ok

C:\WINDOWS\system32\dllcache\catsrv.dll - Ok

C:\WINDOWS\system32\dllcache\ccdecode.sys - Ok

C:\WINDOWS\system32\dllcache\cd20xrnt.sys - Ok

C:\WINDOWS\system32\dllcache\cdaudio.sys - Ok

C:\WINDOWS\system32\dllcache\cards.dll - Ok

C:\WINDOWS\system32\dllcache\ccfgnt.dll - Ok

C:\WINDOWS\system32\dllcache\cdfs.sys - Ok

>C:\WINDOWS\system32\dllcache\cdmodem.dll - packed by FLY-CODE

>C:\WINDOWS\system32\dllcache\cdm.dll - packed by FLY-CODE

C:\WINDOWS\system32\dllcache\cdmodem.dll - Ok

>C:\WINDOWS\system32\dllcache\cdfview.dll is BINARYRES container

>>C:\WINDOWS\system32\dllcache\cdfview.dll\data001 is JS-HTML container

C:\WINDOWS\system32\dllcache\cdrom.sys - Ok

C:\WINDOWS\system32\dllcache\catsrvut.dll - Ok

C:\WINDOWS\system32\dllcache\ce2n5.sys - Ok

>>C:\WINDOWS\system32\dllcache\cdfview.dll\data002 is JS-HTML container

C:\WINDOWS\system32\dllcache\ce3n5.sys - Ok

C:\WINDOWS\system32\dllcache\cdm.dll - Ok

C:\WINDOWS\system32\dllcache\cem33n5.sys - Ok

C:\WINDOWS\system32\dllcache\cem28n5.sys - Ok

C:\WINDOWS\system32\dllcache\cdfview.dll - container

C:\WINDOWS\system32\dllcache\cem56n5.sys - Ok

C:\WINDOWS\system32\dllcache\cbmdmkxx.sys - Ok

C:\WINDOWS\system32\dllcache\cfgbkend.dll - Ok

C:\WINDOWS\system32\dllcache\certcli.dll - Ok

C:\WINDOWS\system32\dllcache\cfgmgr32.dll - Ok

C:\WINDOWS\system32\dllcache\ch7xxnt5.dll - Ok

>C:\WINDOWS\system32\dllcache\change.exe - packed by FLY-CODE

C:\WINDOWS\system32\dllcache\cewmdm.dll - Ok

C:\WINDOWS\system32\dllcache\chajei.ime - Ok

C:\WINDOWS\system32\dllcache\changer.sys - Ok

C:\WINDOWS\system32\dllcache\change.exe - Ok

C:\WINDOWS\system32\dllcache\chglogon.exe - Ok

C:\WINDOWS\system32\dllcache\chgport.exe - Ok

C:\WINDOWS\system32\dllcache\cfgwiz.exe - Ok

C:\WINDOWS\system32\dllcache\chgusr.exe - Ok

C:\WINDOWS\system32\dllcache\chkntfs.exe - Ok

C:\WINDOWS\system32\dllcache\certmgr.dll - Ok

C:\WINDOWS\system32\dllcache\charmap.exe - Ok

C:\WINDOWS\system32\dllcache\chkdsk.exe - Ok

C:\WINDOWS\system32\dllcache\chkr.dll - Ok

C:\WINDOWS\system32\dllcache\chtmbx.dll - Ok

C:\WINDOWS\system32\dllcache\chkrzm.exe - Ok

C:\WINDOWS\system32\dllcache\chtskf.dll - Ok

>C:\WINDOWS\system32\dllcache\chtskdic.dll - packed by FLY-CODE

C:\WINDOWS\system32\dllcache\chkrres.dll - Ok

C:\WINDOWS\system32\dllcache\chtskdic.dll - Ok

C:\WINDOWS\system32\dllcache\chtbrkr.dll - Ok

C:\WINDOWS\system32\dllcache\ciadmin.dll - Ok

C:\WINDOWS\system32\dllcache\cidaemon.exe - Ok

C:\WINDOWS\system32\dllcache\cic.dll - Ok

C:\WINDOWS\system32\dllcache\cinemclc.sys - Ok

C:\WINDOWS\system32\dllcache\cinemst2.sys - Ok

>C:\WINDOWS\system32\dllcache\chsbrkr.dll - packed by FLY-CODE

>C:\WINDOWS\system32\dllcache\cdosys.dll is BINARYRES container

Link to post
Share on other sites